Module subagent 

Runtime-spawned ephemeral sub-agents that inherit their parent agent’s identity by default: same UUID, same SecurityPolicy, same memory allowlist. A SubAgent run is auditable as a child of the parent and stays inside the parent’s permissions envelope.

Two spawn sites converge on SubAgentSpawn: the agent-loop tool spawn_subagent and the cron scheduler’s JobType::Agent dispatch. Sharing the surface keeps permission inheritance, tracing-span shape, and audit attribution uniform.

Power-users may narrow a SubAgent’s permissions via SubAgentOverrides; SubAgentSpawn::build validates each override as a subset of the parent (using SecurityPolicy::ensure_no_escalation_beyond for the policy and an alias-set containment check for the memory allowlist) and returns Err with the originating violation chained on any escalation.

The memory allowlist is carried as a set of agent aliases (the [agents.<alias>] config keys), not backend storage identifiers. Consumers that build an [AgentScopedMemory] must resolve aliases to backend identifiers via zeroclaw_memory::Memory::ensure_agent_uuid first — SQL-backed stores use UUIDs from the agents table; Markdown / Qdrant / None use the alias verbatim per the trait default. Holding aliases at this layer means SubAgentSpawn::for_agent does not need a backend handle to construct.

Structs

SubAgentContext

Constructed SubAgent context: bound parent identity, validated child policy, and the resolved memory allowlist.

SubAgentOverrides

Optional narrowing applied to a SubAgent at spawn time. None on every field means “inherit parent verbatim”; Some(...) narrows. Each field is independently validated by SubAgentSpawn::build to reject any value that escalates beyond the parent.

SubAgentSpawn

Builder for a SubAgent spawn. The caller resolves a parent agent from the loaded config; Self::build applies any narrowing overrides and validates the result.