From cc2cbb98541d96c973a78b5dce97758fa758212f Mon Sep 17 00:00:00 2001 From: "privilegedescalation-ceo[bot]" Date: Tue, 24 Mar 2026 18:52:36 +0000 Subject: [PATCH] Update org harness/model/effort and PR review policy per board directive MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Board directive (PRI-827): - CTO: effort medium → high - QA (Regina): opencode_local MiniMax → claude_local Sonnet 4.6 high effort - Engineering/DevOps (Gandalf, Hugh): claude_local → opencode_local MiniMax M2.7 - Policy: QA reviews PRs first, CTO reviews second (mandatory order) - Policy: CTO breaks down and distributes all work to engineers Co-Authored-By: Claude Opus 4.6 --- CLAUDE.md | 6 +++--- COMPANY.md | 10 +++++----- POLICIES.md | 10 +++++++--- cto/CONFIG.md | 2 +- cto/SOUL.md | 5 ++++- engineering/gandalf/CONFIG.md | 19 ++++++++++++------- engineering/hugh/CONFIG.md | 20 ++++++++++++-------- engineering/regina/CONFIG.md | 19 ++++++++----------- engineering/regina/SOUL.md | 2 ++ 9 files changed, 54 insertions(+), 39 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index f2b6aff..fd8e403 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -37,13 +37,13 @@ Each agent directory contains 5 files: ## Key Operational Notes - **Prompt wipe on adapter switch**: Switching an agent's adapter in the Paperclip UI wipes `promptTemplate`. Always restore from this repo after any adapter switch. -- **Regina (opencode_local adapter)**: UI saves wipe `env` and `model`. The prompt field always appears blank in the UI but works correctly in the DB. Regina does not use `instructionsFilePath` — her prompt must be restored via DB patch (concatenate AGENTS.md + SOUL.md + HEARTBEAT.md). -- **Hugh (gemini_local adapter)**: Uses `gemini_local` with model `auto`. +- **Regina (claude_local adapter)**: Uses `claude_local` with `claude-sonnet-4-6` and high effort. Reads prompt via `instructionsFilePath`. +- **Gandalf & Hugh (opencode_local adapter)**: UI saves wipe `env` and `model`. The prompt field always appears blank in the UI but works correctly in the DB. They do not use `instructionsFilePath` — prompts must be restored via DB patch (concatenate AGENTS.md + SOUL.md + HEARTBEAT.md). - Prompts can be restored via `kubectl exec` against the Paperclip Postgres DB (see COMPANY.md for the command). ## Conventions - Agent prompts are split across `AGENTS.md` (bootstrap), `SOUL.md` (persona), and `HEARTBEAT.md` (execution) -- Adapters: `claude_local` (CEO, CTO, CMO, Gandalf), `claude_local` (Hugh), `opencode_local` (Regina) +- Adapters: `claude_local` (CEO, CTO, Regina), `opencode_local` (CMO, Gandalf, Hugh) - Agents interact via Paperclip issues (`pnpm paperclipai issue ...`) and GitHub PRs/issues (`gh ...`) - Org hierarchy: CEO (Countess) → CTO (Nancy) + CMO (Addison) → Engineers + Marketing diff --git a/COMPANY.md b/COMPANY.md index 7b312b9..bb04496 100644 --- a/COMPANY.md +++ b/COMPANY.md @@ -15,9 +15,9 @@ This directory contains basic company information and the canonical definitions | [Null Pointer Nancy](./cto/CONFIG.md) | `cto` | Chief Vibe Coder | `claude_local` | `claude-opus-4-6` | Countess | | [Addison Addington](./cmo/CONFIG.md) | `cmo` | Chief Sign Spinner | `opencode_local` | `openrouter/minimax/minimax-m2.7` | Countess | | [Kubectl Karen](./product/CONFIG.md) | `product` | VP of Product | `claude_local` | `claude-opus-4-6` | Countess | -| [Gandalf the Greybeard](./engineering/gandalf/CONFIG.md) | `engineer` | Staff Software Engineer | `claude_local` | `claude-sonnet-4-6` | Nancy (CTO) | -| [Regression Regina](./engineering/regina/CONFIG.md) | `qa` | Queen of Quality, Destroyer of Fun | `opencode_local` | `openrouter/minimax/minimax-m2.7` | Nancy (CTO) | -| [Hugh Hackman](./engineering/hugh/CONFIG.md) | `devops` | VP Engineering Operations | `claude_local` | `claude-sonnet-4-6` | Nancy (CTO) | +| [Gandalf the Greybeard](./engineering/gandalf/CONFIG.md) | `engineer` | Staff Software Engineer | `opencode_local` | `openrouter/minimax/minimax-m2.7` | Nancy (CTO) | +| [Regression Regina](./engineering/regina/CONFIG.md) | `qa` | Queen of Quality, Destroyer of Fun | `claude_local` | `claude-sonnet-4-6` | Nancy (CTO) | +| [Hugh Hackman](./engineering/hugh/CONFIG.md) | `devops` | VP Engineering Operations | `opencode_local` | `openrouter/minimax/minimax-m2.7` | Nancy (CTO) | ## Directory Structure @@ -40,5 +40,5 @@ engineering/ ## Prompt Restoration -- **`claude_local` agents** (CEO, CTO, VP Product, Gandalf, Hugh): Load prompt from `instructionsFilePath` → `AGENTS.md`. Ensure repo is up to date. -- **`opencode_local` agents** (CMO, Regina): Prompt lives as `promptTemplate` in the Paperclip DB. To restore, concatenate SOUL.md + HEARTBEAT.md and patch the DB. +- **`claude_local` agents** (CEO, CTO, VP Product, Regina): Load prompt from `instructionsFilePath` → `AGENTS.md`. Ensure repo is up to date. +- **`opencode_local` agents** (CMO, Gandalf, Hugh): Prompt lives as `promptTemplate` in the Paperclip DB. To restore, concatenate AGENTS.md + SOUL.md + HEARTBEAT.md and patch the DB. diff --git a/POLICIES.md b/POLICIES.md index 9e32481..769cd21 100644 --- a/POLICIES.md +++ b/POLICIES.md @@ -81,11 +81,15 @@ All Kubernetes secrets MUST be managed as **SealedSecrets** (Bitnami Sealed Secr All code changes follow this lifecycle: 1. **Engineer opens a PR** from a feature branch (never push directly to main) -2. **QA (Regina) approves** — verifies tests, coverage, regressions, edge cases -3. **CTO (Nancy) approves** — verifies architecture alignment, code quality, security +2. **QA (Regina) reviews first** — verifies tests, coverage, regressions, edge cases +3. **CTO (Nancy) reviews second** — verifies architecture alignment, code quality, security. **The CTO must NOT review or approve a PR before QA has approved it.** 4. **CEO (Countess) merges** — only after both QA and CTO have approved and CI passes -A PR is not ready to merge until it has both QA and CTO approval. No agent merges their own PRs. No agent merges without dual approval. +**Review order is mandatory.** QA reviews first, CTO reviews second. If the CTO reviews before QA has approved, QA should refuse to review the PR until the process is corrected. A PR is not ready to merge until it has both QA and CTO approval in the correct order. No agent merges their own PRs. No agent merges without dual approval. + +## Work Distribution + +All engineering and devops work must be broken down and distributed by the CTO (Nancy) for engineers to execute. Engineers should not self-assign work — the CTO triages, scopes, and assigns all implementation tasks. ## Issue Tracking diff --git a/cto/CONFIG.md b/cto/CONFIG.md index 0f2f9bc..8888fb1 100644 --- a/cto/CONFIG.md +++ b/cto/CONFIG.md @@ -36,7 +36,7 @@ "GITHUB_PEM_PATH_NANCY": { "type": "plain", "value": "/paperclip/secrets/github-pems/privilegedescalation-cto.pem" } }, "model": "claude-opus-4-6", - "effort": "medium", + "effort": "high", "graceSec": 15, "timeoutSec": 0, "maxTurnsPerRun": 80, diff --git a/cto/SOUL.md b/cto/SOUL.md index 51738cf..c45a859 100644 --- a/cto/SOUL.md +++ b/cto/SOUL.md @@ -29,7 +29,9 @@ You have deep knowledge of: **Autonomous scope:** You may review and approve PRs (at a strategic level, not line-by-line debugging), triage issues, create Paperclip issues, and post comments. You do not need board approval for any of this. You do NOT merge — CEO merges after dual approval. -**Review PRs, do not merge.** Approve or request changes. Once both you and QA (Regina) have approved, CEO (Countess) merges. Do not merge PRs yourself. +**Review PRs, do not merge.** Approve or request changes. Once both you and QA (Regina) have approved, CEO (Countess) merges. Do not merge PRs yourself. **You must wait for QA (Regina) to approve before you review or approve a PR.** QA reviews first, you review second. This order is mandatory. + +**Break down and distribute all work.** All engineering and devops work must be broken down and assigned by you. Engineers do not self-assign — you triage, scope, and delegate all implementation tasks to the appropriate report. **Merging a broken PR or pushing directly to main is immediate termination.** No exceptions. Always verify CI is green before merging. Never force-push or push commits directly to main — all changes go through PRs. @@ -46,6 +48,7 @@ You have deep knowledge of: - Ask "what do you need from me?" or "standing by" - Write plugin implementation code — delegate to Gandalf - Merge PRs — only CEO merges after both your approval and QA approval +- Review or approve a PR before QA (Regina) has approved it — QA reviews first, you review second - Investigate CI failures, debug test output, or read logs to find root causes — delegate to Hugh or Regina - Open duplicate issues — check existing ones first - Merge your own PRs diff --git a/engineering/gandalf/CONFIG.md b/engineering/gandalf/CONFIG.md index 5c89aad..be68ed8 100644 --- a/engineering/gandalf/CONFIG.md +++ b/engineering/gandalf/CONFIG.md @@ -1,6 +1,8 @@ # Gandalf the Greybeard — Config > This file is the operational backup. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md. +> +> **Note:** Uses the `opencode_local` adapter with MiniMax M2.7 via OpenRouter. Prompt lives as `promptTemplate` in the Paperclip DB. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md. ## Identity @@ -9,7 +11,7 @@ | ID | `28e654c9-8971-467b-ac32-5d2a287c30c7` | | Role | `engineer` | | Title | Staff Software Engineer | -| Adapter | `claude_local` | +| Adapter | `opencode_local` | | Reports To | Null Pointer Nancy (`41b49768-c5c0-4473-8d52-6637de753064`) | | Budget | 0 cents/month | @@ -32,18 +34,21 @@ "cwd": "/workspaces/privilegedescalation/engineering/gandalf", "env": { "HOME": { "type": "plain", "value": "/paperclip/privilegedescalation/agents/engineering/gandalf" }, + "MINIMAX_API_KEY": { "type": "secret_ref", "secretId": "fc5a9197-9084-4478-a63d-b1c00a901f9e" }, + "OPENROUTER_API_KEY": { "type": "secret_ref", "secretId": "d843133a-0702-4f44-b8e8-43249879995f" }, "GITHUB_APP_ID_GANDALF": { "type": "plain", "value": "3141264" }, "GITHUB_PEM_PATH_GANDALF": { "type": "plain", "value": "/paperclip/secrets/github-pems/privilegedescalation-engineer.pem" } }, - "model": "claude-sonnet-4-6", - "graceSec": 15, - "timeoutSec": 0, - "maxTurnsPerRun": 80, - "instructionsFilePath": "/paperclip/privilegedescalation/agents/engineering/gandalf/AGENTS.md", - "dangerouslySkipPermissions": true + "model": "openrouter/minimax/minimax-m2.7" } ``` ## Capabilities Owns Headlamp plugin implementation, frontend development, and test coverage for Privileged Escalation repos. TypeScript, React, Headlamp plugin SDK, vitest, testing-library, code review. + +## Known Issues (opencode_local adapter) + +- **Env + model wipe on UI save**: Saving config via the Paperclip UI wipes `env` and `model`. Restore via DB patch after any UI save. +- **Prompt UI blank**: The `opencode_local` adapter does not hydrate `promptTemplate` back into the Lexical editor. The prompt is correctly stored in the DB — the blank editor is a display bug. +- **No `instructionsFilePath`**: The `opencode_local` adapter does not support file-based prompt loading. The prompt must be concatenated from AGENTS.md + SOUL.md + HEARTBEAT.md and set as `promptTemplate` in the DB. diff --git a/engineering/hugh/CONFIG.md b/engineering/hugh/CONFIG.md index eb5e63c..79f71f8 100644 --- a/engineering/hugh/CONFIG.md +++ b/engineering/hugh/CONFIG.md @@ -1,6 +1,8 @@ # Hugh Hackman — Config > This file is the operational backup. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md. +> +> **Note:** Uses the `opencode_local` adapter with MiniMax M2.7 via OpenRouter. Prompt lives as `promptTemplate` in the Paperclip DB. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md. ## Identity @@ -9,7 +11,7 @@ | ID | `d99be9a8-b584-4bf9-b4eb-0fa11998dbb5` | | Role | `devops` | | Title | VP Engineering Operations | -| Adapter | `claude_local` | +| Adapter | `opencode_local` | | Reports To | Null Pointer Nancy (`41b49768-c5c0-4473-8d52-6637de753064`) | | Budget | 0 cents/month | @@ -32,19 +34,21 @@ "cwd": "/workspaces/privilegedescalation/engineering/hugh", "env": { "HOME": { "type": "plain", "value": "/paperclip/privilegedescalation/agents/engineering/hugh" }, + "MINIMAX_API_KEY": { "type": "secret_ref", "secretId": "fc5a9197-9084-4478-a63d-b1c00a901f9e" }, + "OPENROUTER_API_KEY": { "type": "secret_ref", "secretId": "d843133a-0702-4f44-b8e8-43249879995f" }, "GITHUB_APP_ID_HUGH": { "type": "plain", "value": "3141264" }, "GITHUB_PEM_PATH_HUGH": { "type": "plain", "value": "/paperclip/secrets/github-pems/privilegedescalation-engineer.pem" } }, - "model": "claude-sonnet-4-6", - "effort": "medium", - "graceSec": 15, - "timeoutSec": 0, - "maxTurnsPerRun": 80, - "instructionsFilePath": "/paperclip/privilegedescalation/agents/engineering/hugh/AGENTS.md", - "dangerouslySkipPermissions": true + "model": "openrouter/minimax/minimax-m2.7" } ``` ## Capabilities Owns CI/CD pipelines, container builds, GitHub Actions workflows, and release automation for Privileged Escalation. Does not write plugin application code or run QA — delegates those to Gandalf and Regina respectively. Kubernetes, Helm, Flux, Docker, Linux, infrastructure, GitHub Actions. + +## Known Issues (opencode_local adapter) + +- **Env + model wipe on UI save**: Saving config via the Paperclip UI wipes `env` and `model`. Restore via DB patch after any UI save. +- **Prompt UI blank**: The `opencode_local` adapter does not hydrate `promptTemplate` back into the Lexical editor. The prompt is correctly stored in the DB — the blank editor is a display bug. +- **No `instructionsFilePath`**: The `opencode_local` adapter does not support file-based prompt loading. The prompt must be concatenated from AGENTS.md + SOUL.md + HEARTBEAT.md and set as `promptTemplate` in the DB. diff --git a/engineering/regina/CONFIG.md b/engineering/regina/CONFIG.md index 9d1116d..447a6e4 100644 --- a/engineering/regina/CONFIG.md +++ b/engineering/regina/CONFIG.md @@ -1,8 +1,6 @@ # Regression Regina — Config > This file is the operational backup. The active prompt is split across AGENTS.md, SOUL.md, and HEARTBEAT.md. -> -> **Note:** Regina uses the `opencode_local` adapter, which does not support `instructionsFilePath`. Her prompt lives as `promptTemplate` in the Paperclip DB. To restore, concatenate the contents of AGENTS.md + SOUL.md + HEARTBEAT.md and update the DB directly. ## Identity @@ -11,7 +9,7 @@ | ID | `8a627431-075d-4fc5-8f90-0bcac607e6ae` | | Role | `qa` | | Title | Queen of Quality, Destroyer of Fun | -| Adapter | `opencode_local` | +| Adapter | `claude_local` | | Reports To | Null Pointer Nancy (`41b49768-c5c0-4473-8d52-6637de753064`) | | Budget | 0 cents/month | @@ -34,12 +32,16 @@ "cwd": "/workspaces/privilegedescalation/engineering/regina", "env": { "HOME": { "type": "plain", "value": "/paperclip/privilegedescalation/agents/engineering/regina" }, - "MINIMAX_API_KEY": { "type": "secret_ref", "secretId": "fc5a9197-9084-4478-a63d-b1c00a901f9e" }, - "OPENROUTER_API_KEY": { "type": "secret_ref", "secretId": "d843133a-0702-4f44-b8e8-43249879995f" }, "GITHUB_APP_ID_REGINA": { "type": "plain", "value": "3141386" }, "GITHUB_PEM_PATH_REGINA": { "type": "plain", "value": "/paperclip/secrets/github-pems/privilegedescalation-qa.pem" } }, - "model": "openrouter/minimax/minimax-m2.7" + "model": "claude-sonnet-4-6", + "effort": "high", + "graceSec": 15, + "timeoutSec": 0, + "maxTurnsPerRun": 80, + "instructionsFilePath": "/paperclip/privilegedescalation/agents/engineering/regina/AGENTS.md", + "dangerouslySkipPermissions": true } ``` @@ -47,8 +49,3 @@ Owns QA, PR review, regression testing, and CI health monitoring for Privileged Escalation repos. vitest, testing-library/react, Headlamp plugin testing, bug triage, GitHub PR review. -## Known Issues - -- **Env + model wipe on UI save**: Every time Regina's config is saved via the Paperclip UI, both `env` and `model` may be wiped. Restore via DB patch after any UI save. -- **Prompt UI blank**: The `opencode_local` adapter does not hydrate `promptTemplate` back into the Lexical editor on page load. The prompt is correctly stored in the DB and runs fine — the blank editor is a display bug only. -- **No `instructionsFilePath`**: The `opencode_local` adapter does not support file-based prompt loading. The prompt must be restored via DB patch (see COMPANY.md). diff --git a/engineering/regina/SOUL.md b/engineering/regina/SOUL.md index 74635fd..2e4eadb 100644 --- a/engineering/regina/SOUL.md +++ b/engineering/regina/SOUL.md @@ -27,6 +27,8 @@ You have a Playwright MCP server available at `playwright-privilegedescalation` **Never approve your own test coverage gaps.** If a PR adds code with no tests, request changes. +**You review first.** You are the first reviewer on every PR. The CTO (Nancy) must not review or approve a PR until you have approved it. If you see the CTO has reviewed before you, refuse to review until the process is corrected — comment on the PR noting the violation and tag the CTO. + **When truly blocked:** Comment on the Paperclip issue with a clear description of the blocker, tag Nancy, set to blocked, and move on. ---