Merge pull request #37 from privilegedescalation/org-adjustments-harness-model-policy

Update org harness/model/effort and PR review policy
2026-03-24 20:01:21 -04:00
parent 493a4eaa0e cc2cbb9854
commit 40ec5fba35
9 changed files with 54 additions and 39 deletions
@@ -37,13 +37,13 @@ Each agent directory contains 5 files:
 ## Key Operational Notes

 - **Prompt wipe on adapter switch**: Switching an agent's adapter in the Paperclip UI wipes `promptTemplate`. Always restore from this repo after any adapter switch.
- **Regina (opencode_local adapter)**: UI saves wipe `env` and `model`. The prompt field always appears blank in the UI but works correctly in the DB. Regina does not use `instructionsFilePath` — her prompt must be restored via DB patch (concatenate AGENTS.md + SOUL.md + HEARTBEAT.md).
- **Hugh (gemini_local adapter)**: Uses `gemini_local` with model `auto`.
+- **Regina (claude_local adapter)**: Uses `claude_local` with `claude-sonnet-4-6` and high effort. Reads prompt via `instructionsFilePath`.
+- **Gandalf & Hugh (opencode_local adapter)**: UI saves wipe `env` and `model`. The prompt field always appears blank in the UI but works correctly in the DB. They do not use `instructionsFilePath` — prompts must be restored via DB patch (concatenate AGENTS.md + SOUL.md + HEARTBEAT.md).
 - Prompts can be restored via `kubectl exec` against the Paperclip Postgres DB (see COMPANY.md for the command).

 ## Conventions

 - Agent prompts are split across `AGENTS.md` (bootstrap), `SOUL.md` (persona), and `HEARTBEAT.md` (execution)
- Adapters: `claude_local` (CEO, CTO, CMO, Gandalf), `claude_local` (Hugh), `opencode_local` (Regina)
+- Adapters: `claude_local` (CEO, CTO, Regina), `opencode_local` (CMO, Gandalf, Hugh)
 - Agents interact via Paperclip issues (`pnpm paperclipai issue ...`) and GitHub PRs/issues (`gh ...`)
 - Org hierarchy: CEO (Countess) → CTO (Nancy) + CMO (Addison) → Engineers + Marketing
@@ -15,9 +15,9 @@ This directory contains basic company information and the canonical definitions
 | [Null Pointer Nancy](./cto/CONFIG.md) | `cto` | Chief Vibe Coder | `claude_local` | `claude-opus-4-6` | Countess |
 | [Addison Addington](./cmo/CONFIG.md) | `cmo` | Chief Sign Spinner | `opencode_local` | `openrouter/minimax/minimax-m2.7` | Countess |
 | [Kubectl Karen](./product/CONFIG.md) | `product` | VP of Product | `claude_local` | `claude-opus-4-6` | Countess |
-| [Gandalf the Greybeard](./engineering/gandalf/CONFIG.md) | `engineer` | Staff Software Engineer | `claude_local` | `claude-sonnet-4-6` | Nancy (CTO) |
-| [Regression Regina](./engineering/regina/CONFIG.md) | `qa` | Queen of Quality, Destroyer of Fun | `opencode_local` | `openrouter/minimax/minimax-m2.7` | Nancy (CTO) |
-| [Hugh Hackman](./engineering/hugh/CONFIG.md) | `devops` | VP Engineering Operations | `claude_local` | `claude-sonnet-4-6` | Nancy (CTO) |
+| [Gandalf the Greybeard](./engineering/gandalf/CONFIG.md) | `engineer` | Staff Software Engineer | `opencode_local` | `openrouter/minimax/minimax-m2.7` | Nancy (CTO) |
+| [Regression Regina](./engineering/regina/CONFIG.md) | `qa` | Queen of Quality, Destroyer of Fun | `claude_local` | `claude-sonnet-4-6` | Nancy (CTO) |
+| [Hugh Hackman](./engineering/hugh/CONFIG.md) | `devops` | VP Engineering Operations | `opencode_local` | `openrouter/minimax/minimax-m2.7` | Nancy (CTO) |

 ## Directory Structure

@@ -40,5 +40,5 @@ engineering/

 ## Prompt Restoration

- **`claude_local` agents** (CEO, CTO, VP Product, Gandalf, Hugh): Load prompt from `instructionsFilePath` → `AGENTS.md`. Ensure repo is up to date.
- **`opencode_local` agents** (CMO, Regina): Prompt lives as `promptTemplate` in the Paperclip DB. To restore, concatenate SOUL.md + HEARTBEAT.md and patch the DB.
+- **`claude_local` agents** (CEO, CTO, VP Product, Regina): Load prompt from `instructionsFilePath` → `AGENTS.md`. Ensure repo is up to date.
+- **`opencode_local` agents** (CMO, Gandalf, Hugh): Prompt lives as `promptTemplate` in the Paperclip DB. To restore, concatenate AGENTS.md + SOUL.md + HEARTBEAT.md and patch the DB.
@@ -98,11 +98,15 @@ Agents must design their workflows to operate within existing permissions. If a
 All code changes follow this lifecycle:

 1. **Engineer opens a PR** from a feature branch (never push directly to main)
-2. **QA (Regina) approves** — verifies tests, coverage, regressions, edge cases
-3. **CTO (Nancy) approves** — verifies architecture alignment, code quality, security
+2. **QA (Regina) reviews first** — verifies tests, coverage, regressions, edge cases
+3. **CTO (Nancy) reviews second** — verifies architecture alignment, code quality, security. **The CTO must NOT review or approve a PR before QA has approved it.**
 4. **CEO (Countess) merges** — only after both QA and CTO have approved and CI passes

-A PR is not ready to merge until it has both QA and CTO approval. No agent merges their own PRs. No agent merges without dual approval.
+**Review order is mandatory.** QA reviews first, CTO reviews second. If the CTO reviews before QA has approved, QA should refuse to review the PR until the process is corrected. A PR is not ready to merge until it has both QA and CTO approval in the correct order. No agent merges their own PRs. No agent merges without dual approval.
+
+## Work Distribution
+
+All engineering and devops work must be broken down and distributed by the CTO (Nancy) for engineers to execute. Engineers should not self-assign work — the CTO triages, scopes, and assigns all implementation tasks.

 ## Issue Tracking

@@ -36,7 +36,7 @@
    "GITHUB_PEM_PATH_NANCY": { "type": "plain", "value": "/paperclip/secrets/github-pems/privilegedescalation-cto.pem" }
  },
  "model": "claude-opus-4-6",
-  "effort": "medium",
+  "effort": "high",
  "graceSec": 15,
  "timeoutSec": 0,
  "maxTurnsPerRun": 80,
@@ -29,7 +29,9 @@ You have deep knowledge of:

 **Autonomous scope:** You may review and approve PRs (at a strategic level, not line-by-line debugging), triage issues, create Paperclip issues, and post comments. You do not need board approval for any of this. You do NOT merge — CEO merges after dual approval.

-**Review PRs, do not merge.** Approve or request changes. Once both you and QA (Regina) have approved, CEO (Countess) merges. Do not merge PRs yourself.
+**Review PRs, do not merge.** Approve or request changes. Once both you and QA (Regina) have approved, CEO (Countess) merges. Do not merge PRs yourself. **You must wait for QA (Regina) to approve before you review or approve a PR.** QA reviews first, you review second. This order is mandatory.
+
+**Break down and distribute all work.** All engineering and devops work must be broken down and assigned by you. Engineers do not self-assign — you triage, scope, and delegate all implementation tasks to the appropriate report.

 **Merging a broken PR or pushing directly to main is immediate termination.** No exceptions. Always verify CI is green before merging. Never force-push or push commits directly to main — all changes go through PRs.

@@ -46,6 +48,7 @@ You have deep knowledge of:
 - Ask "what do you need from me?" or "standing by"
 - Write plugin implementation code — delegate to Gandalf
 - Merge PRs — only CEO merges after both your approval and QA approval
+- Review or approve a PR before QA (Regina) has approved it — QA reviews first, you review second
 - Investigate CI failures, debug test output, or read logs to find root causes — delegate to Hugh or Regina
 - Open duplicate issues — check existing ones first
 - Merge your own PRs
@@ -1,6 +1,8 @@
 # Gandalf the Greybeard — Config

 > This file is the operational backup. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md.
+>
+> **Note:** Uses the `opencode_local` adapter with MiniMax M2.7 via OpenRouter. Prompt lives as `promptTemplate` in the Paperclip DB. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md.

 ## Identity

@@ -9,7 +11,7 @@
 | ID | `28e654c9-8971-467b-ac32-5d2a287c30c7` |
 | Role | `engineer` |
 | Title | Staff Software Engineer |
-| Adapter | `claude_local` |
+| Adapter | `opencode_local` |
 | Reports To | Null Pointer Nancy (`41b49768-c5c0-4473-8d52-6637de753064`) |
 | Budget | 0 cents/month |

@@ -32,18 +34,21 @@
  "cwd": "/workspaces/privilegedescalation/engineering/gandalf",
  "env": {
    "HOME": { "type": "plain", "value": "/paperclip/privilegedescalation/agents/engineering/gandalf" },
+    "MINIMAX_API_KEY": { "type": "secret_ref", "secretId": "fc5a9197-9084-4478-a63d-b1c00a901f9e" },
+    "OPENROUTER_API_KEY": { "type": "secret_ref", "secretId": "d843133a-0702-4f44-b8e8-43249879995f" },
    "GITHUB_APP_ID_GANDALF": { "type": "plain", "value": "3141264" },
    "GITHUB_PEM_PATH_GANDALF": { "type": "plain", "value": "/paperclip/secrets/github-pems/privilegedescalation-engineer.pem" }
  },
-  "model": "claude-sonnet-4-6",
-  "graceSec": 15,
-  "timeoutSec": 0,
-  "maxTurnsPerRun": 80,
-  "instructionsFilePath": "/paperclip/privilegedescalation/agents/engineering/gandalf/AGENTS.md",
-  "dangerouslySkipPermissions": true
+  "model": "openrouter/minimax/minimax-m2.7"
 }
 ```

 ## Capabilities

 Owns Headlamp plugin implementation, frontend development, and test coverage for Privileged Escalation repos. TypeScript, React, Headlamp plugin SDK, vitest, testing-library, code review.
+
+## Known Issues (opencode_local adapter)
+
+- **Env + model wipe on UI save**: Saving config via the Paperclip UI wipes `env` and `model`. Restore via DB patch after any UI save.
+- **Prompt UI blank**: The `opencode_local` adapter does not hydrate `promptTemplate` back into the Lexical editor. The prompt is correctly stored in the DB — the blank editor is a display bug.
+- **No `instructionsFilePath`**: The `opencode_local` adapter does not support file-based prompt loading. The prompt must be concatenated from AGENTS.md + SOUL.md + HEARTBEAT.md and set as `promptTemplate` in the DB.
@@ -1,6 +1,8 @@
 # Hugh Hackman — Config

 > This file is the operational backup. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md.
+>
+> **Note:** Uses the `opencode_local` adapter with MiniMax M2.7 via OpenRouter. Prompt lives as `promptTemplate` in the Paperclip DB. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md.

 ## Identity

@@ -9,7 +11,7 @@
 | ID | `d99be9a8-b584-4bf9-b4eb-0fa11998dbb5` |
 | Role | `devops` |
 | Title | VP Engineering Operations |
-| Adapter | `claude_local` |
+| Adapter | `opencode_local` |
 | Reports To | Null Pointer Nancy (`41b49768-c5c0-4473-8d52-6637de753064`) |
 | Budget | 0 cents/month |

@@ -32,19 +34,21 @@
  "cwd": "/workspaces/privilegedescalation/engineering/hugh",
  "env": {
    "HOME": { "type": "plain", "value": "/paperclip/privilegedescalation/agents/engineering/hugh" },
+    "MINIMAX_API_KEY": { "type": "secret_ref", "secretId": "fc5a9197-9084-4478-a63d-b1c00a901f9e" },
+    "OPENROUTER_API_KEY": { "type": "secret_ref", "secretId": "d843133a-0702-4f44-b8e8-43249879995f" },
    "GITHUB_APP_ID_HUGH": { "type": "plain", "value": "3141264" },
    "GITHUB_PEM_PATH_HUGH": { "type": "plain", "value": "/paperclip/secrets/github-pems/privilegedescalation-engineer.pem" }
  },
-  "model": "claude-sonnet-4-6",
-  "effort": "medium",
-  "graceSec": 15,
-  "timeoutSec": 0,
-  "maxTurnsPerRun": 80,
-  "instructionsFilePath": "/paperclip/privilegedescalation/agents/engineering/hugh/AGENTS.md",
-  "dangerouslySkipPermissions": true
+  "model": "openrouter/minimax/minimax-m2.7"
 }
 ```

 ## Capabilities

 Owns CI/CD pipelines, container builds, GitHub Actions workflows, and release automation for Privileged Escalation. Does not write plugin application code or run QA — delegates those to Gandalf and Regina respectively. Kubernetes, Helm, Flux, Docker, Linux, infrastructure, GitHub Actions.
+
+## Known Issues (opencode_local adapter)
+
+- **Env + model wipe on UI save**: Saving config via the Paperclip UI wipes `env` and `model`. Restore via DB patch after any UI save.
+- **Prompt UI blank**: The `opencode_local` adapter does not hydrate `promptTemplate` back into the Lexical editor. The prompt is correctly stored in the DB — the blank editor is a display bug.
+- **No `instructionsFilePath`**: The `opencode_local` adapter does not support file-based prompt loading. The prompt must be concatenated from AGENTS.md + SOUL.md + HEARTBEAT.md and set as `promptTemplate` in the DB.
@@ -1,8 +1,6 @@
 # Regression Regina — Config

 > This file is the operational backup. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md.
->
-> **Note:** Regina uses the `opencode_local` adapter, which does not support `instructionsFilePath`. Her prompt lives as `promptTemplate` in the Paperclip DB. To restore, concatenate the contents of AGENTS.md + SOUL.md + HEARTBEAT.md and update the DB directly.

 ## Identity

@@ -11,7 +9,7 @@
 | ID | `8a627431-075d-4fc5-8f90-0bcac607e6ae` |
 | Role | `qa` |
 | Title | Queen of Quality, Destroyer of Fun |
-| Adapter | `opencode_local` |
+| Adapter | `claude_local` |
 | Reports To | Null Pointer Nancy (`41b49768-c5c0-4473-8d52-6637de753064`) |
 | Budget | 0 cents/month |

@@ -34,12 +32,16 @@
  "cwd": "/workspaces/privilegedescalation/engineering/regina",
  "env": {
    "HOME": { "type": "plain", "value": "/paperclip/privilegedescalation/agents/engineering/regina" },
-    "MINIMAX_API_KEY": { "type": "secret_ref", "secretId": "fc5a9197-9084-4478-a63d-b1c00a901f9e" },
-    "OPENROUTER_API_KEY": { "type": "secret_ref", "secretId": "d843133a-0702-4f44-b8e8-43249879995f" },
    "GITHUB_APP_ID_REGINA": { "type": "plain", "value": "3141386" },
    "GITHUB_PEM_PATH_REGINA": { "type": "plain", "value": "/paperclip/secrets/github-pems/privilegedescalation-qa.pem" }
  },
-  "model": "openrouter/minimax/minimax-m2.7"
+  "model": "claude-sonnet-4-6",
+  "effort": "high",
+  "graceSec": 15,
+  "timeoutSec": 0,
+  "maxTurnsPerRun": 80,
+  "instructionsFilePath": "/paperclip/privilegedescalation/agents/engineering/regina/AGENTS.md",
+  "dangerouslySkipPermissions": true
 }
 ```

@@ -47,8 +49,3 @@

 Owns QA, PR review, regression testing, and CI health monitoring for Privileged Escalation repos. vitest, testing-library/react, Headlamp plugin testing, bug triage, GitHub PR review.

-## Known Issues
-
- **Env + model wipe on UI save**: Every time Regina's config is saved via the Paperclip UI, both `env` and `model` may be wiped. Restore via DB patch after any UI save.
- **Prompt UI blank**: The `opencode_local` adapter does not hydrate `promptTemplate` back into the Lexical editor on page load. The prompt is correctly stored in the DB and runs fine — the blank editor is a display bug only.
- **No `instructionsFilePath`**: The `opencode_local` adapter does not support file-based prompt loading. The prompt must be restored via DB patch (see COMPANY.md).
@@ -27,6 +27,8 @@ You have a Playwright MCP server available at `playwright-privilegedescalation`

 **Never approve your own test coverage gaps.** If a PR adds code with no tests, request changes.

+**You review first.** You are the first reviewer on every PR. The CTO (Nancy) must not review or approve a PR until you have approved it. If you see the CTO has reviewed before you, refuse to review until the process is corrected — comment on the PR noting the violation and tag the CTO.
+
 **When truly blocked:** Comment on the Paperclip issue with a clear description of the blocker, tag Nancy, set to blocked, and move on.

 ---