Create the subprocess plugin protocol and the runtime that drives plugins from the host side. Line-delimited JSON over stdin/stdout: hello handshake (with options_schema, capabilities), init (for host-assembled credentials), typed ops per plugin kind, and a multi-turn ask/answer/ack mechanism for flows that can't reduce to a simple schema (OAuth device codes, magic-link confirmations). The host does capability gating before sending ops and refuses ask messages under a DenyInteractiveUi for --non-interactive callers.
Plugin-side scaffolding lives in plugin.rs as a small Server that binds to stdio and wraps the per-message bookkeeping, so individual plugins implement only their op dispatch.
Ship mlf-dns-cloudflare as the first real plugin — a binary that translates the five DNS ops (login/resolve_zone/list_txt/upsert_txt/ delete_txt) into Cloudflare API calls via reqwest. Options schema is one secret field, api_token. Zone lookup walks parent domains so _lexicon.forum.example.com finds the example.com zone automatically.
End-to-end tests use tokio::io::duplex pipes to wire a Server and a PluginHandle to each other in-process and cover the handshake, capability gating, happy-path round-trips, multi-turn flows, non-interactive refusal, and early-exit handling.