T3 · engineering —for_each+agent:is the swarm pattern. Every changed file gets its own mini-agent with read-only tools (default-deny means exactly that), a turn budget and a token budget. jq flattens the typed findings; one model writes the summary.
The job
Big PRs get shallow reviews because attention doesn’t scale. Here it does: each changed file is reviewed in isolation by an agent that can READ and nothing else, in parallel, four at a time. A deterministicnika:grep sweep counts the TODO debt beside the LLM pass — and the
final REVIEW.md ends with a verdict.
The shape
The file
t3-pr-review-fanout.nika.yaml
How it works
exec output becomes a collection
git diff --name-only is a string; the jq split("\n") turns it
into the array the fan-out iterates. Workflows turn ANY tool output
into a collection this way.Each agent is least-privilege
tools: ["nika:read", "nika:done"] — the reviewer can read source
and end its loop. It cannot write, fetch, or wander. Budgets
(max_turns: 6, max_tokens_total: 30000) bound the worst case.Constructs you just used
| Construct | Where | Reference |
|---|---|---|
for_each + agent: | reviews | The 4 verbs |
default-deny tools: | reviews.agent.tools | The 4 verbs |
agent.schema: | reviews | The 4 verbs |
nika:grep sweep | todo_sweep | Builtins |
Make it yours
- Specialize the swarm: route
*.rsfiles to a Rust-prompted agent and*.sqlto a migrations-prompted one with two filtered fan-outs. - Add
mcp:git/*to the tools to let reviewers read blame and history — still no write. - Fail CI on blockers: end with
nika:assertonsize()of the blocker slice.
Level up · T4 epic
Final tier: multi-stage pipelines — plan, budgeted agent, thinking
synthesis, self-reporting runs.