# Cron Agent Analysis Constraints ## Context The `daily-spend-monitor` cron job delivers spend data to the agent via "Script Output" (pre-run script output). The agent then analyzes it. But the agent runs under `approvals.cron_mode: deny`, which heavily restricts what it can do. ## Blocked in Cron Mode | Capability | Why Blocked | |---|---| | `execute_code` | Blocked by cron_mode deny — runs arbitrary Python that could subvert shell-string checks | | `terminal(pipe=true)` | Tirith blocks curl-to-interpreter patterns (e.g., `curl ... | python3`) | | `terminal(background=true)` | `notify_on_complete` blocked by cron_mode; background without notify is useless | | `web_extract` on authenticated endpoints | Can't send Bearer token — endpoints return 401 | | `curl -H "Authorization: Bearer ..."` | May trigger tirith schemeless-url-to-sink rules | | OpenRouter API calls | The stored key returns "User not found" 401 | ## What Works in Cron Mode | Tool | Notes | |---|---| | `web_extract` on **public** URLs | Works — no auth needed | | `terminal` simple commands | Works if they don't trigger tirith patterns (no pipes, no auth headers, no schemeless URLs) | | `read_file`, `search_files` | Full access | | `write_file`, `patch` | Full access | | `memory`, `skill_manage`, `todo` | Full access | | `session_search` | Works — able to recall past session context | ## Pattern: Analyze Pre-Run Script Output Only The spend pre-run script (`spend-monitor-collect.sh`) uses SSH+PSQL on the admin-ai server, which is the ONLY reliable production path for 24h spend data. The script outputs structured sections: ``` === LLM Spend Report — Jul 13 2026 07:00 === --- LiteLLM Key Spend (cumulative) --- key_prefix...suffix | 232.83 --- Last 24h Total Spend --- 153.81 --- DeepSeek Models Last 24h --- deepseek/deepseek-v4-flash | 0.9886 --- All Models Last 24h (top 10) --- gpt-5.5 | 122.6489 ``` The agent should parse this data directly and produce the report without attempting supplementary API calls. The data is already complete enough for the standard report format: 1. Total spend 24h ✓ 2. Models > $5/day ✓ (from "All Models Last 24h") 3. OpenRouter balance — state as "Unavailable" ✓ (no need to query) 4. Keys > $50 cumulative ✓ (from "LiteLLM Key Spend") ## Decision Tree for Daily Spend Cron ``` Script Output received? ├── YES → Parse and report from data already collected. │ Do NOT attempt supplementary API calls. │ If OpenRouter key is mentioned, state "Unavailable" and move on. │ └── NO (empty Script Output) → ├── If admin-ai SSH is down: the script's HTTPS fallback also fails │ because curl-auth is blocked by tirith. Report "Data collection │ failed — both SSH and HTTPS paths blocked by cron security policy." └── Report available partial data or state failure clearly. ```