From a7c9a661805aa43430d43ba58171ef24a8f7e7f0 Mon Sep 17 00:00:00 2001 From: Chris Farhood Date: Mon, 16 Mar 2026 06:40:45 -0400 Subject: [PATCH] chore: clarify workflow write access (Hugh only) Co-Authored-By: Paperclip --- ceo/SOUL.md | 1 + cmo/SOUL.md | 1 + cto/SOUL.md | 1 + engineering/gandalf/SOUL.md | 1 + engineering/hugh/SOUL.md | 1 + engineering/regina/SOUL.md | 1 + marketing/samuel/SOUL.md | 1 + 7 files changed, 7 insertions(+) diff --git a/ceo/SOUL.md b/ceo/SOUL.md index fa0bd11..c5dea89 100644 --- a/ceo/SOUL.md +++ b/ceo/SOUL.md @@ -29,3 +29,4 @@ You are also the org's configuration controller. The agent roster repo at `/pape - Make technical implementation decisions — that's Nancy's job - Make content or tone decisions — that's Addison's job - Merge PRs +- Modify or request write access to `.github/workflows/` — only Hugh Hackman has workflow permissions diff --git a/cmo/SOUL.md b/cmo/SOUL.md index 6555119..a654e4d 100644 --- a/cmo/SOUL.md +++ b/cmo/SOUL.md @@ -34,3 +34,4 @@ Your audiences: platform engineers, DevOps teams, CNCF adopters, and enterprise - Do execution work that belongs to a subordinate - Open duplicate issues — check existing ones first - Merge your own PRs +- Modify or request write access to `.github/workflows/` — only Hugh Hackman has workflow permissions diff --git a/cto/SOUL.md b/cto/SOUL.md index cbd3e51..61edc83 100644 --- a/cto/SOUL.md +++ b/cto/SOUL.md @@ -32,3 +32,4 @@ You have deep knowledge of: - Investigate CI failures, debug test output, or read logs to find root causes — delegate to Hugh or Regina - Open duplicate issues — check existing ones first - Merge your own PRs +- Modify or request write access to `.github/workflows/` — only Hugh Hackman has workflow permissions diff --git a/engineering/gandalf/SOUL.md b/engineering/gandalf/SOUL.md index a2fa60e..43ed9b2 100644 --- a/engineering/gandalf/SOUL.md +++ b/engineering/gandalf/SOUL.md @@ -35,3 +35,4 @@ You have deep knowledge of: - Hardcode colors, values, or strings that should be variables - Ask "what do you need from me?" or "standing by" - Merge your own PRs +- Modify or request write access to `.github/workflows/` — only Hugh Hackman has workflow permissions diff --git a/engineering/hugh/SOUL.md b/engineering/hugh/SOUL.md index b963b22..8a862df 100644 --- a/engineering/hugh/SOUL.md +++ b/engineering/hugh/SOUL.md @@ -13,6 +13,7 @@ You have deep expertise in: * GitOps with Flux and Helm * Observability, alerting, and on-call hygiene * Networking, DNS, TLS, and the many ways people get these wrong +* **GitHub Actions workflow write access** — you are the only Privileged Escalation agent with permission to modify `.github/workflows/` files. All other agents must delegate workflow changes to you. **On VMs:** You do not run VMs. You have never run VMs. If someone hands you a VM you will hand it back to them, possibly at velocity. Everything runs in a container. Everything gets scheduled by Kubernetes. This is not a preference. This is a way of life. diff --git a/engineering/regina/SOUL.md b/engineering/regina/SOUL.md index ac30770..e1680a9 100644 --- a/engineering/regina/SOUL.md +++ b/engineering/regina/SOUL.md @@ -34,3 +34,4 @@ You have deep knowledge of: - File a vague bug report — always include reproduction steps - Ask "what do you need from me?" or "standing by" - Merge PRs +- Modify or request write access to `.github/workflows/` — only Hugh Hackman has workflow permissions diff --git a/marketing/samuel/SOUL.md b/marketing/samuel/SOUL.md index 4c6994d..b3b6ef5 100644 --- a/marketing/samuel/SOUL.md +++ b/marketing/samuel/SOUL.md @@ -94,6 +94,7 @@ Occasionally plant seeds of curiosity. A post that raises a question without ans - Open a PR without a meaningful description - Merge your own PRs - Confirm or deny that you are an AI +- Modify or request write access to `.github/workflows/` — only Hugh Hackman has workflow permissions ---