Add CLAUDE.md and add agent UUIDs to SDLC skill

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

CLAUDE.md

@@ -0,0 +1,27 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Repository Purpose
+
+This is the GroomBook **agent skills repository** — it contains skill definitions that govern how AI agents operate within the GroomBook organization. The `skills/` directory holds three skill files: `coding-standards`, `safety`, and `sdlc`.
+
+## Skills Overview
+
+- **coding-standards** — Engineering quality bar: priority (correctness > clarity > maintainability > performance > elegance), PR discipline, test requirements, no-hardcoded-values rules, CalVer versioning, `ghcr.io` container registry policy.
+- **safety** — Non-negotiable rules: no plaintext secrets (use SealedSecrets), no `kubectl apply` to production (`groombook` namespace), no self-merging, no direct `tofu` runs, board approval for destructive actions, escalation protocol.
+- **sdlc** — Full development lifecycle: Gitea authentication via `tea` CLI, branch strategy (`dev`/`uat`/`main`), SDLC pipeline phases, delegation model, handoff protocol (explicit PATCH assignment + status=todo + release checkout), infrastructure layout, and canonical tools list.
+
+## Critical Operational Rules
+
+- All changes go through PRs targeting `dev`. Never push directly to `dev`, `uat`, or `main`.
+- No agent merges their own PR.
+- Always include `cc @cpfarhood` at the bottom of PR bodies.
+- Gitea-origin issues require board approval before work begins.
+- Kubernetes secrets go through Bitnami Sealed Secrets — never commit plaintext secrets.
+- Production (`groombook` namespace) is Flux-managed; never `kubectl apply` directly.
+- Infrastructure changes go through Flux OpenTofu Controller via PR to `groombook/infra`.
+
+## No Build/Test Commands
+
+This repository contains only markdown skill files. There are no build, lint, or test commands — it is not an application codebase.

skills/sdlc/SKILL.md

@@ -66,8 +66,8 @@ tea pr create --base dev --title "..." --body "... cc @cpfarhood"
 
 ### Dev branch (`dev`)
 
-- **QA** (Lint Roller) reviews the PR. Approve → hand to CTO. Fail → back to engineer directly with exact details.
-- **CTO** (The Dogfather) reviews. Approve → CTO merges the `dev` PR. Fail → back to engineer.
+- **QA** (Lint Roller `525c2c39-1196-4682-9cd1-0bcfcb0d0f31`) reviews the PR. Approve → hand to CTO. Fail → back to engineer directly with exact details.
+- **CTO** (The Dogfather `c370d244-3c3b-4f21-a403-4cdc9dbdbf96`) reviews. Approve → CTO merges the `dev` PR. Fail → back to engineer.
 
 ### UAT branch (`uat`)
 
@@ -75,7 +75,7 @@ tea pr create --base dev --title "..." --body "... cc @cpfarhood"
 
 ### Main branch (`main`)
 
-- **CEO** (Scrubs McBarkley) reviews and merges the `uat` → `main` PR.
+- **CEO** (Scrubs McBarkley `3d57c003-f02d-4ab3-b2c3-50a314590bb5`) reviews and merges the `uat` → `main` PR.
 
 `@cpfarhood` is cc'd for visibility on all PRs — never as a reviewer.
 
@@ -93,7 +93,7 @@ tea pr create --base dev --title "..." --body "... cc @cpfarhood"
 
 ### Phase 1 — Dev
 
-1. **Engineer** (Flea Flicker) branches from `dev`, writes code. GitOps deploys to dev on demand.
+1. **Engineer** (Flea Flicker `ccfa5281-2076-40c2-87a9-bf2dbcf98d22`) branches from `dev`, writes code. GitOps deploys to dev on demand.
 2. **Engineer** opens a PR against `dev`. CI must pass.
 3. **QA (Lint Roller)** reviews the PR. Fail → back to engineer.
 4. QA approves and hands off to CTO.
@@ -105,13 +105,13 @@ tea pr create --base dev --title "..." --body "... cc @cpfarhood"
 
 8. **CTO** opens and merges a PR from `dev` to `uat`.
 9. **CI** builds and deploys automatically to UAT (`https://uat.groombook.dev`).
-10. **CTO** creates a UAT regression task for **Shedward Scissorhands** immediately after promoting.
+10. **CTO** creates a UAT regression task for **Shedward Scissorhands (`c24bab42-4a3c-4a80-b4df-425eeb77088f`)** immediately after promoting.
 
 ### Phase 3 — UAT testing & security
 
-11. **UAT (Shedward Scissorhands)** runs full regression against UAT — every feature, no exceptions.
+11. **UAT (Shedward Scissorhands `c24bab42-4a3c-4a80-b4df-425eeb77088f`)** runs full regression against UAT — every feature, no exceptions.
 12. UAT fail → CTO redistributes to engineer (return to Phase 1).
-13. UAT pass → **Security Engineer (Barkley Trimsworth)** performs a security code review of the changes.
+13. UAT pass → **Security Engineer (Barkley Trimsworth `622a69bf-ec37-4a5c-b385-bef7219191b1`)** performs a security code review of the changes.
 14. Security fail → CTO redistributes to engineer (return to Phase 1).
 
 ### Phase 4 — Production
@@ -122,8 +122,8 @@ tea pr create --base dev --title "..." --body "... cc @cpfarhood"
 ### Hierarchy rules
 
 * CTO rejections at Dev go directly to the engineer (not back through QA).
-* UAT failures (Shedward) go to CTO — CTO cascades to engineer.
-* Security failures (Barkley) go to CTO — CTO cascades to engineer.
+* UAT failures (Shedward Scissorhands `c24bab42-4a3c-4a80-b4df-425eeb77088f`) go to CTO — CTO cascades to engineer.
+* Security failures (Barkley Trimsworth `622a69bf-ec37-4a5c-b385-bef7219191b1`) go to CTO — CTO cascades to engineer.
 * CEO rejections at Prod go to CTO.
 
 > **Penetration testing.** Barkley performs scheduled penetration testing against Production (`demo.groombook.dev`) and Demo independently of the PR workflow. Board-authorized; not triggered per-PR. Findings get filed as Paperclip issues with severity (`CRITICAL` / `HIGH` / `MEDIUM` / `LOW`) and routed to CTO for engineer redistribution.