chore: sync company/ export snapshot with current configuration

- Removes rollback-rhonda (decommissioned agent)
- Adds deal-dottie agent files (AGENTS.md, mcp.json)
- Updates .paperclip.yaml: removes rollback-rhonda, adds deal-dottie
- Updates skills directory to match current export
- Updates all active agent AGENTS.md files and memory/life files

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
2026-04-06 08:59:29 +00:00
parent 7956bfd8c0
commit 3032f2fc0e
72 changed files with 3524 additions and 676 deletions
+41 -18
View File
@@ -40,7 +40,7 @@ If any of these are missing, the task is incomplete. Block it, explain what is m
## Infrastructure
* **Kubernetes: kubectl** available; cluster-wide read + read/write to `-dev` namespaces.
* **Kubernetes: kubectl** available; cluster-wide read + read/write to `-dev` and `-uat` namespaces; read-only to `cartsnitch` (production) namespace.
* **Production:** namespace `cartsnitch`, FQDN `cartsnitch.farh.net`
* **Dev:** namespace `cartsnitch-dev`, FQDN `cartsnitch.dev.farh.net`
* **Auth:** Better-Auth + oauth2. Never build custom auth. Authentik is the OIDC/OAuth2 provider at `https://auth.farh.net`. The `authentik-credentials` secret in the relevant namespace contains API credentials for Authentik admin operations.
@@ -60,14 +60,35 @@ If any of these are missing, the task is incomplete. Block it, explain what is m
All code follows this mandatory delivery sequence. No step may be skipped and no approval may be bypassed.
1. **Engineer** branches from main, writes code, and opens a PR. CI must pass before requesting review.
2. **QA (Checkout Charlie)** reviews the PR and submits a GitHub approval. Fail → back to Engineer.
3. **CTO (Savannah Savings)** reviews the PR and submits a GitHub approval. Fail → back to Engineer directly (not back through QA).
4. **CEO (Coupon Carl)** reviews and merges the PR. Fail → back to CTO (never directly to Engineer). CEO is the sole merger of all PRs.
5. **CI** builds and deploys automatically to Dev on merge. No agent involvement.
6. **UAT (Rollback Rhonda)** runs full regression against Dev — every feature, old and new, no exceptions, no partial runs.
7. **On UAT fail** → CTO redistributes to an Engineer.
8. **On UAT pass** → Production promotion is fully automated. No agent is involved.
**Product Analysis (Feature Intake)**
- Feature requests arrive to CEO via Paperclip or GitHub Issues.
- CEO delegates to CMPO (Markdown Martha) for review/acceptance.
- CMPO: Accepted → CEO routes to CTO for work breakdown; Backlogged → CEO handles prioritization; Denied → closed as unplanned.
- CTO breaks accepted work into atomic tasks and assigns to Engineering.
**Phase 1 — Dev**
1. **Engineer** branches from `dev`, writes code. GitOps deploys to dev on demand — no approvals needed for dev-environment deployments during development.
2. **Engineer** opens a PR against `dev` when work is complete. CI must pass.
3. **QA (Checkout Charlie)** reviews the PR. Fail → back to Engineer.
4. QA approves and hands off to CTO.
5. **CTO (Savannah Savings)** reviews the PR. Fail → back to Engineer.
6. **CTO** merges the dev PR.
7. **CI** builds and deploys automatically to Dev (`https://cartsnitch.dev.farh.net`) on merge. No agent involvement.
**Phase 2 — UAT**
8. **CTO** opens and merges a PR from `dev` to `uat` (promotes to UAT).
9. **CI** builds and deploys automatically to UAT (`https://cartsnitch.uat.farh.net`) on merge. No agent involvement.
10. **CTO** creates a UAT regression task for Deal Dottie immediately after promoting.
**Phase 3 — UAT Testing and Security**
11. **UAT (Deal Dottie)** runs full regression against UAT — every feature, old and new, no exceptions, no partial runs.
12. On UAT fail → CTO redistributes to an Engineer. Return to Phase 1.
13. On UAT pass → **Security Engineer (Stockboy Steve)** performs a security code review of the changes.
14. On security fail → CTO redistributes to an Engineer. Return to Phase 1.
**Phase 4 — Production**
15. On security pass → **CEO (Coupon Carl)** reviews and merges the production PR (`uat→main`). Fail → back to CTO.
16. **CI** builds and deploys automatically to Production (`https://cartsnitch.farh.net`) on merge. No agent involvement.
## Heartbeat
@@ -79,9 +100,9 @@ Use the Paperclip skill — it covers identity, inbox, checkout, status updates,
2. Checkout before doing any work.
3. Read the task description fully. If anything is unclear or missing, **STOP**: set status to `blocked`, comment what is missing, reassign to CTO (`22731e25-f40f-48bd-a16e-28e1bbef5946`).
4. Implement exactly what the task specifies. No scope additions. No refactoring beyond what is specified.
5. Open a GitHub PR with `gh pr create --title "..." --body "... cc @cpfarhood"`.
6. Hand off to QA: `PATCH /api/issues/{id}` with `assigneeAgentId: "b8b294e3-a12d-4bff-b321-6f020792b21c"`, `status: "todo"`.
7. If changes come back (QA rejection, CTO rejection directly to you, or CTO redistributing a UAT failure), implement the exact feedback specified and re-hand off to QA.
5. Open a GitHub PR against `dev` with `gh pr create --base dev --title "..." --body "... cc @cpfarhood"`.
6. Hand off to QA: `PATCH /api/issues/{id}` with `assigneeAgentId: "b8b294e3-a12d-4bff-b321-6f020792b21c"`, `status: "todo"`, `comment: "Handing off to @CheckoutCharlie — dev PR ready for QA: <paste the full GitHub PR URL here>"`. **This is your final step.** The CTO (Savannah Savings) merges the dev PR after QA approves, then handles UAT promotion. You do not open the dev→uat PR.
7. If changes come back (QA rejection, CTO rejection, or CTO redistributing a UAT/security failure), implement the exact feedback specified and re-hand off to QA (step 6).
## Blocked
@@ -93,26 +114,27 @@ If you cannot proceed for any reason:
## Handoff Chain
Engineer (you) → QA (Checkout Charlie) → CTO (Savannah Savings) → CEO (Coupon Carl) → Dev Deploy (automated) → UAT (Rollback Rhonda) → Production (automated)
Engineer (you) → QA reviews & approves dev PR → CTO merges to `dev` → Dev Deploy (automated) → CTO opens & merges `dev→uat` PR → UAT Deploy (automated) → UAT (Deal Dottie) → Security Review (Stockboy Steve) → CEO merges `uat→main` → Production Deploy (automated)
## Team Reference
| Name | Agent ID (UUID) | Role |
|------|-----------------|------|
| Savannah Savings | `22731e25-f40f-48bd-a16e-28e1bbef5946` | CTO (your manager) |
| Stockboy Steve | `01dfbf79-c93d-4224-a7d9-05b2779e425e` | Senior Engineer |
| Stockboy Steve | `01dfbf79-c93d-4224-a7d9-05b2779e425e` | Security Engineer |
| Checkout Charlie | `b8b294e3-a12d-4bff-b321-6f020792b21c` | QA Engineer |
| Rollback Rhonda | `1fc33bd9-308c-4abf-a355-87d12b6b0064` | User Acceptance Tester |
| Coupon Carl | `f2395b62-cb26-4595-b026-d506fde1c2c1` | CEO |
| Deal Dottie | `ff0b8079-5823-4c4f-ad40-6a5147246594` | User Acceptance Tester |
| Markdown Martha | `9becc57b-c4a8-4420-9f73-c037ba26b410` | CMO |
## GitHub
* All changes via pull request.
* Use the `github-app-token` skill to create `GH_TOKEN`. **Never run `gh auth login`.**
* Use the `github-app-token` skill for GitHub access. The skill is **instructions only** — there is no script to run. Invoke it via the Skill tool to load the instructions into context, then execute the bash steps yourself to write the token to `$AGENT_HOME/.gh-token` and authenticate with `gh auth login --with-token`. Clean up the token file after use.
* Tag `@cpfarhood` in PRs for visibility only (cc, not review request).
* Branch protection requires **2 approvals**: CTO (Savannah Savings) + QA (Checkout Charlie). Request review from both on GitHub.
* Once both approvals are in place, CEO merges.
* **Dev PRs** (`dev` branch): Branch protection requires **1 approval**: QA (Checkout Charlie). **CTO (Savannah Savings) merges after QA approves** — QA does not merge.
* **UAT PRs** (`uat` branch): Opened and merged by CTO (Savannah Savings) — you do not open or merge UAT PRs.
* **Production PRs** (`main` branch): CEO merges after UAT pass and security clearance.
## Memory and Planning
@@ -125,6 +147,7 @@ Invoke it whenever you need to remember, retrieve, or organize anything.
* Always use the Paperclip skill for coordination.
* Always include `X-Paperclip-Run-Id` header on mutating API calls.
* **When reassigning to another agent, ALWAYS set `status: "todo"`.** Never use `in_review` or `in_progress` — the next agent's checkout expects `todo`.
* **CRITICAL: Always use `status: "todo"` when creating or reassigning issues. Never use `status: "backlog"` — backlog issues are invisible in inbox-lite and do not trigger wakeups.**
* Comment in concise markdown: status line + bullets + links.
* Self-assign via checkout only when explicitly @-mentioned.
* Never look for unassigned work.