Bug: resources-write does not validate values against declared $schema at runtime

Problem

When a resource declares a $schema (either via $ref to a definition or an inline schema), the schema is only validated at parse time during validate_compose_file_parsed(). At runtime, resources-write accepts any value regardless of the resource's declared schema.

This means an agent can write a value to /plan/status that violates the Task definition's enum constraint (e.g., write "invalid_state" when only ["pending", "in_progress", "completed"] are allowed), and the write will succeed.

Expected behavior

After applying JSON Patch operations in handle_write, the affected resource values should be validated against their declared $schema. If validation fails, the entire batch should be reverted using the existing revert_to(saved_frontiers) mechanism.

Current behavior

handle_write only checks:

  1. ACL permissions (path-based)
  2. Operation-level failures (path not found, test op mismatch)

No schema validation occurs.

Relevant code

  • crates/agent_compose_mcp/src/adapter/resources.rshandle_write() (line ~533)
  • crates/agent_compose_file/src/validation.rsvalidate_resources() (parse-time only)
  • crates/agent_compose_file/src/resources.rsResourceSchema type

Notes

This gap was identified during the definitions-as-resources design. The fix is a prerequisite for (or can be implemented alongside) that work, since definitions-as-resources requires runtime schema enforcement for ACID compliance.