lize the workspace. The setup wizard generates two distinct files: one for behavioral configuration and one for secrets.
cargo install garudust
garudust init
This creates:
~/.agent-profiles/publishing.yaml β model selection, provider routing, context limits
~/.agent-profiles/.secrets.env β API keys, platform tokens, service credentials
Step 2: Provider Configuration
Separate non-secret routing from authentication. This allows configuration files to be version-controlled without exposing credentials.
# ~/.agent-profiles/publishing.yaml
execution:
model: Qwen/Qwen3-14B-AWQ
provider: vllm
endpoint: http://127.0.0.1:8000/v1
context_window: 32768
context_management:
compression_enabled: true
trigger_threshold: 0.65
output_budget_fraction: 0.125
retry_budget_fractions: [0.0625, 0.03125]
routing:
fallback_providers:
- openrouter
- anthropic
Secrets are isolated in the environment file:
# ~/.agent-profiles/.secrets.env
VLLM_AUTH_TOKEN=sk-vllm-xxxxxxxxxxxx
HF_INFERENCE_TOKEN=hf_xxxxxxxxxxxx
FACEBOOK_PAGE_TOKEN=EAAxxxxxxxxxxxxxxxx
Architecture Rationale: Splitting configuration from secrets enables safe CI/CD integration. The context_management block defines automatic compression behavior. When conversation history reaches 65% of the defined window, the agent summarizes prior turns. The output_budget_fraction reserves 12.5% of the context for model output, preventing truncation. If the first attempt still exceeds limits, the system retries with progressively smaller budgets (1/8 β 1/16 β 1/32).
Facebook Graph API requires explicit permissions and long-lived tokens. Short-lived user tokens expire in hours and cannot publish to Pages.
- Navigate to the Facebook Developer Portal and create a new application.
- Enable the Facebook Login product and configure OAuth redirect URIs.
- Open the Graph API Explorer, select your application, and request these scopes:
pages_manage_posts
pages_read_engagement
- Exchange the short-lived token for a long-lived Page Access Token (valid 60 days).
- Store the token in
.secrets.env as shown above.
Locate your Page ID in the Page Settings β About section, or extract it from the Page URL.
Step 4: Workflow Deployment
Install the publishing skill and verify tool availability. Skills are Markdown-based orchestration files that define step sequences and tool routing.
garudust skill install social-publish-pipeline
garudust tool verify
Expected output:
β social-publish-pipeline v3.2.1
β web_research
β content_fetch
β asset_render
β platform_publish
The skill file (~/.agent-profiles/skills/social-publish-pipeline/SKILL.md) enforces explicit tool routing:
## Workflow: Social Publish Pipeline
### Phase 1: Research
- Execute: web_research(query="latest developments in {topic}")
- Execute: content_fetch(url=top_result)
### Phase 2: Asset Generation
- Execute: asset_render(resolution="1024x576", overlay=true, prompt="summarized key point")
### Phase 3: Content Drafting
- Synthesize research + asset metadata
- Format: hook, context, core facts, case study, trend analysis, call-to-action
- Language: {target_language}
- Minimum length: 200 words
### Phase 4: Publishing
- Execute: platform_publish(page_id="{page_id}", message="{draft}", image_path="{asset_path}")
- Return: post_id or error payload
Why this structure works: Explicit phase definitions prevent weak models from defaulting to conversational output. Each phase declares the exact tool to invoke, eliminating ambiguity. The format template ensures consistent editorial structure across runs.
Step 5: Execution & Monitoring
Run the pipeline with a structured command. The agent resolves variables, executes phases sequentially, and streams tool output.
garudust run \
--profile publishing \
--skill social-publish-pipeline \
--query "latest breakthroughs in generative AI models" \
--target-page-id 831735183365530 \
--language en
Console output demonstrates deterministic execution:
[web_research] querying: latest breakthroughs in generative AI models
[content_fetch] retrieving: https://techjournal.example.com/ai-2025
[asset_render] generating: /tmp/agent_assets/social_post_01.png
[platform_publish] posting to page 831735183365530...
Published β ID: 831735183365530_122126910027165465
[5 phases | 24657in 689out @ Qwen3-14B-AWQ]
The pipeline completes without manual intervention. Context compression triggers automatically if research summaries exceed the threshold. Token budgeting ensures the final draft never truncates.
Pitfall Guide
1. Short-Lived Authentication Tokens
Explanation: Facebook user tokens expire in 1β2 hours. Using them in automated pipelines causes immediate 401 errors after the first run.
Fix: Always exchange for a long-lived Page Access Token via the Graph API Explorer or OAuth flow. Store only the long-lived variant in .secrets.env.
2. Context Window Exhaustion
Explanation: Multi-step research and drafting accumulate tokens rapidly. Without compression, the API returns 400 Bad Request or silently truncates output.
Fix: Enable compression_enabled: true and set trigger_threshold: 0.65. Reserve output budget via output_budget_fraction. Monitor token usage in logs to adjust thresholds.
Explanation: Models under 14B parameters often ignore tool schemas and respond with plain text, breaking workflow chains.
Fix: Use explicit phase definitions in the skill file. Each phase must declare the tool name and required parameters. If failures persist, route to a stronger provider via fallback_providers.
4. Missing Graph API Scopes
Explanation: Publishing fails with OAuthException if the token lacks pages_manage_posts or pages_read_engagement.
Fix: Regenerate the token in the Graph API Explorer with both scopes explicitly selected. Verify scope presence in the token debugger before deployment.
5. Cron Environment Variable Gaps
Explanation: Scheduled jobs run in isolated environments. .secrets.env is not automatically loaded, causing FACEBOOK_PAGE_TOKEN not set errors.
Fix: Source the environment file explicitly in the cron script, or use a process manager like systemd with EnvironmentFile=. Never hardcode tokens in shell scripts.
6. Silent Asset Generation Failures
Explanation: Image generation tools may fail due to quota limits, invalid prompts, or missing HF_INFERENCE_TOKEN. The pipeline continues without the asset, publishing text-only posts.
Fix: Add a validation step in the skill file that checks asset file existence before publishing. Log generation errors explicitly and halt execution on failure.
Explanation: Overly rigid word counts or structural requirements cause hallucination or repetitive phrasing, especially with smaller models.
Fix: Define structural guidelines rather than exact word counts. Use flexible templates with placeholders. Test drafts with multiple models and adjust thresholds based on output quality.
Production Bundle
Action Checklist
Decision Matrix
| Scenario | Recommended Approach | Why | Cost Impact |
|---|
| High-volume daily publishing | Cloud provider (OpenRouter/Anthropic) | Lower latency, built-in rate limiting, no GPU maintenance | Medium-High (API per-token pricing) |
| Budget-constrained or air-gapped | Local provider (vLLM/Ollama) | Zero API costs, full data control, predictable compute | Low (hardware + electricity) |
| Strict editorial control | Manual skill template tuning + human review queue | Prevents brand voice drift, catches factual errors | Low (labor hours) |
| Fully autonomous operation | Structured skill + fallback routing + context compression | Zero-touch execution, handles model failures gracefully | Medium (API + monitoring) |
| Multi-page cross-posting | Loop over page IDs with token validation | Ensures consistent publishing across properties | Low (incremental API calls) |
Configuration Template
# ~/.agent-profiles/publishing.yaml
execution:
model: Qwen/Qwen3-14B-AWQ
provider: vllm
endpoint: http://127.0.0.1:8000/v1
context_window: 32768
context_management:
compression_enabled: true
trigger_threshold: 0.65
output_budget_fraction: 0.125
retry_budget_fractions: [0.0625, 0.03125]
routing:
fallback_providers:
- openrouter
- anthropic
logging:
level: info
output: ~/.agent-profiles/logs/publishing.log
rotate: daily
# ~/.agent-profiles/.secrets.env
VLLM_AUTH_TOKEN=sk-vllm-xxxxxxxxxxxx
HF_INFERENCE_TOKEN=hf_xxxxxxxxxxxx
FACEBOOK_PAGE_TOKEN=EAAxxxxxxxxxxxxxxxx
OPENROUTER_API_KEY=sk-or-xxxxxxxxxxxx
ANTHROPIC_API_KEY=sk-ant-xxxxxxxxxxxx
Quick Start Guide
- Install & Initialize: Run
cargo install garudust && garudust init to generate workspace files.
- Configure Provider: Edit
~/.agent-profiles/publishing.yaml with your LLM endpoint, model, and context limits. Add API keys to .secrets.env.
- Authenticate Facebook: Generate a long-lived Page Access Token with
pages_manage_posts and pages_read_engagement. Store it in .secrets.env.
- Deploy Skill: Execute
garudust skill install social-publish-pipeline and verify tools with garudust tool verify.
- Publish: Run
garudust run --profile publishing --skill social-publish-pipeline --query "your topic" --target-page-id YOUR_ID --language en. Monitor logs for execution phases and token usage.
The pipeline is now operational. Context compression handles overflow automatically, fallback routing ensures tool execution, and credential isolation maintains security. Schedule the command via cron or systemd for continuous, zero-touch publishing.