The agents repo is not the agent's cwd — opencode.json and .mcp.json
must exist in the cwd at runtime for permissions and MCP access.
CEO now copies these files from the repo to each agent's cwd during
the sync step.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Restore full heartbeat (was truncated at 41 lines)
- Add placeholder detection + agent creation via Paperclip API
- New hires get PRed back for board approval, not self-merged
- Update merge step to require triple approval (UAT + QA + CTO)
- Update SOUL.md merge rule to include Patty (UAT)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Repo sync must complete before any other heartbeat work. If sync fails,
the heartbeat must exit with an error state immediately. No
parallelization, no skipping.
Also fixes escaped backslash-bang in cat-file check.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
If the repo was force-pushed or shallow-cloned, the saved SHA may no
longer exist. Detect this and fall back to a full resync instead of
failing silently.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
CEOs were missing issues in repos not explicitly listed (e.g.,
groombook/infra, PRI plugin repos). Now uses gh repo list to
discover all repos in the org at triage time.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Replaced hardcoded "Check for assigned work from <manager>" and
pnpm paperclipai CLI with consistent inbox-lite API call.
Agents work on whatever is assigned regardless of who assigned it.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
The previous directive told agents to exit on 401, causing them to bail
on the first failed curl. PAPERCLIP_API_URL is injected by the adapter
but may not expand in all shell contexts. Fall back to localhost:3100.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Agent memory files can contain secrets (API keys, credentials, infra
details). These must not be committed to git. Memory persists on the
pod's persistent volume. Git is for board-authored config only.
- Added life/ and memory/ back to .gitignore
- Removed git add/commit/push from CEO heartbeat sync (pull-only now)
- Removed auto-merge workflow (no longer needed)
Co-Authored-By: Paperclip <noreply@paperclip.ing>
CEO commits memory/runtime updates to agent-sync branch instead of main.
GitHub Actions workflow auto-merges agent-sync into main on push.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Added explicit directive to all heartbeats: PAPERCLIP_API_KEY and other
env vars are pre-injected and valid — do not inspect, decode, verify,
or debug them. Exit cleanly on 401 instead of retrying.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- .gitignore: exclude runtime junk (.claude/, .cache/, .npm/) but track
life/ and memory/ so agent knowledge persists across pod restarts
- CEO heartbeat: git add + commit local changes before pull --rebase,
then push to persist memory files in the repo
- Fixes agents wasting turns debugging dirty working tree on every heartbeat
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- GitHub issues are the primary work tracker for all bugs, features, and work items
- Paperclip issues are secondary — used to trigger and coordinate agents
- GitHub issues stay open until the associated PR is approved AND merged
- Added GitHub issue triage step to CEO and CTO heartbeats
- Updated delegation references to specify GitHub where appropriate
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Repo renamed from privilegedescalation/privilegedescalation to
privilegedescalation/agents. All filesystem paths in agent configs,
heartbeats, and tools updated to match the new on-disk location.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add explicit POST /api/issues/{issueId}/checkout and PATCH status
update curl templates with X-Paperclip-Run-Id headers to all agent
heartbeats. Document Gemini workspace sandboxing in Hugh's TOOLS.md.
Also removed Regina's ghost instructionsFilePath from live DB.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
PATCH replaces adapterConfig entirely (no merge), so the heartbeat now
specifies an explicit read-merge-write flow to prevent wiping promptTemplate
and secret env values. Includes exact curl commands and safety rules.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Single script at repo root that auto-detects GITHUB_APP_ID_* and
GITHUB_PEM_PATH_* env vars, generates a JWT, and exchanges it for a
GitHub App installation token. Contains no secrets.
Updated all heartbeats to reference the absolute path.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Countess now pulls the agent roster repo on every heartbeat and applies
config changes to the live Paperclip system via API. Includes prompt-wipe
safety rules for opencode_local (Regina) and GitHub app env var placeholders.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Split each agent from a single monolithic markdown file into the
Paperclip-recommended 4-file structure (AGENTS.md, SOUL.md, HEARTBEAT.md,
TOOLS.md) plus CONFIG.md as operational backup.
Bug fixes applied during restructure:
- Nancy reports to Countess, not Baron von Namespace
- Gandalf is Staff Software Engineer, not VP of Engineering
- Samuel restored from git history and role changed to `social`
- Addison references Samuel Stinkpost, not Shitposting Samuel
- Nancy instructionsFilePath corrected to /cto/ path
- Added missing model field to Addison, Nancy, Gandalf
- Added missing instructionsFilePath to Addison, Gandalf, Hugh, Samuel
- Added WHAT YOU NEVER DO section to Hugh
- Hugh adapter changed to gemini_local with model auto
- Removed Baron von Namespace and Nancy (Engineer) from roster
- Countess heartbeat now checks this repo for org config changes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Chris Farhood
Countess von Containerheim