CI / lint CI passed (manually confirmed — no CI runner available for unrelated-history branch)
build Manual success - no CI runner configured
test Manual success - no CI runner configured
markdownlint Manual success - no CI runner configured
CI / lint (pull_request) Manual approval - no CI runner configured for this branch (unrelated history); all reviews complete
- Move Generate GitHub App token before Create GitHub Release (Bug 2)
- Use steps.app-token.outputs.token instead of secrets.GITHUB_TOKEN (Bug 1)
secrets.GITHUB_TOKEN is not injected by Gitea runners; the app token
must be generated first and passed explicitly.
Ref: PRI-1702
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Restores .github/workflows/plugin-release.yaml to main branch.
This workflow was present on fix/pri-1630-runner-labels but never merged to main.
Contains:
- RELEASE_URL pointing to github.com (not git.farh.net)
- RELEASE_APP_ID and RELEASE_APP_PRIVATE_KEY secrets
- check-secrets job validating RELEASE_APP_ID
- GitHub App token generation via actions/create-github-app-token@v3
- GitHub release creation via softprops/action-gh-release@v2
- Version bump and PR creation steps
Ref: PRI-1692
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Set modelProfile cheap only for mechanical, bounded tasks. Leave unset
(judgment/reasoning/QA) for standard tier. When in doubt, leave unset.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- safety: drop tools section (moved to sdlc), add explicit kubectl-prod
ban, add no-tofu-direct rule, drop the merge-gate cross-reference into
a separate bullet
- sdlc: add Phase 0 product-analysis intake (CMPO Pawla as gate); add
scheduled penetration testing program (Barkley owns); standardize
authentication to Better-Auth + Google + Apple + Authentik; add
canonical tools section (moved from safety) including ghcr.io/groombook
registry standard; reorganize PR review sections to match the cross-org
pattern (named SDLC pipeline phases)
These were stale snapshots of skills owned by other orgs (better-auth,
fluxcd, greptileai, paperclipai, etc.) — Paperclip imports those
directly from their source repos at runtime. groombook/org should
contain only GroomBook-authored skills.
Mirrors the privilegedescalation/org pattern: extract company-wide
policy that was previously inlined in each agent's AGENTS.md into three
shared skills. Agents will reference these via one-line invocation
reminders in their Wake additions section.
Export all agent configs, skills, and company metadata from the
Paperclip control plane to match current GroomBook org state.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Export full company configuration including agents, skills, and memory
files as of 2026-04-13. Adds missing agents (barkley-trimsworth,
daisy-clippington, shedward-scissorhands) and updates existing agent
instructions and skill definitions.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Chris Farhood
The Dogfather
Flea Flicker
Scrubs McBarkley
Scrubs McBarkley