CEO commits memory/runtime updates to agent-sync branch instead of main.
GitHub Actions workflow auto-merges agent-sync into main on push.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Added explicit directive to all heartbeats: PAPERCLIP_API_KEY and other
env vars are pre-injected and valid — do not inspect, decode, verify,
or debug them. Exit cleanly on 401 instead of retrying.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- .gitignore: exclude runtime junk (.claude/, .cache/, .npm/) but track
life/ and memory/ so agent knowledge persists across pod restarts
- CEO heartbeat: git add + commit local changes before pull --rebase,
then push to persist memory files in the repo
- Fixes agents wasting turns debugging dirty working tree on every heartbeat
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Every agent now invokes the persistent memory skill for cross-heartbeat
knowledge retention: facts, daily notes, entities, synthesis, and recall.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
mode, effort, variant, modelReasoningEffort are not applicable to
opencode_local/minimax and were UI artifacts.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
C-level and VP agents explicitly state they do not do IC work and name
who they delegate to. IC agents declare owned domains and tech skills.
Format: scope sentence + delegation boundary + domain tags.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
All agents now have explicit NEVER DO rule: only the board may approve
or merge PRs on the agents repo (agent configurations and prompts).
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- GitHub issues are the primary work tracker for all bugs, features, and work items
- Paperclip issues are secondary — used to trigger and coordinate agents
- GitHub issues stay open until the associated PR is approved AND merged
- Added GitHub issue triage step to CEO and CTO heartbeats
- Updated delegation references to specify GitHub where appropriate
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Nancy will close without merging and reprimand any PR proposing alternatives.
All agents updated to understand this is non-negotiable.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Repo renamed from privilegedescalation/privilegedescalation to
privilegedescalation/agents. All filesystem paths in agent configs,
heartbeats, and tools updated to match the new on-disk location.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Each agent gets HOME set to their cwd so ~/.gitconfig and
~/.config/gh/ don't collide between concurrent heartbeats.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Strengthen decision rules to explicitly prohibit investigating,
debugging, or reading logs. Rename heartbeat steps from "do the work"
to "triage and delegate" with clear delegation targets per signal type.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add explicit POST /api/issues/{issueId}/checkout and PATCH status
update curl templates with X-Paperclip-Run-Id headers to all agent
heartbeats. Document Gemini workspace sandboxing in Hugh's TOOLS.md.
Also removed Regina's ghost instructionsFilePath from live DB.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Pin model from auto to gemini-2.5-pro, add explicit checkout
and X-Paperclip-Run-Id headers, and add required output gates
for steps 3-5 so Gemini can't silently skip them.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
PATCH replaces adapterConfig entirely (no merge), so the heartbeat now
specifies an explicit read-merge-write flow to prevent wiping promptTemplate
and secret env values. Includes exact curl commands and safety rules.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Single script at repo root that auto-detects GITHUB_APP_ID_* and
GITHUB_PEM_PATH_* env vars, generates a JWT, and exchanges it for a
GitHub App installation token. Contains no secrets.
Updated all heartbeats to reference the absolute path.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
All agents now reference PEMs at /paperclip/secrets/github-pems/<name>.pem
instead of per-agent secrets/ subdirectories. PEMs will be mounted from a
single Kubernetes Secret. Added .gitignore to prevent accidental secret commits.
Countess GitHub App ID set to 3097914.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Countess now pulls the agent roster repo on every heartbeat and applies
config changes to the live Paperclip system via API. Includes prompt-wipe
safety rules for opencode_local (Regina) and GitHub app env var placeholders.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Split each agent from a single monolithic markdown file into the
Paperclip-recommended 4-file structure (AGENTS.md, SOUL.md, HEARTBEAT.md,
TOOLS.md) plus CONFIG.md as operational backup.
Bug fixes applied during restructure:
- Nancy reports to Countess, not Baron von Namespace
- Gandalf is Staff Software Engineer, not VP of Engineering
- Samuel restored from git history and role changed to `social`
- Addison references Samuel Stinkpost, not Shitposting Samuel
- Nancy instructionsFilePath corrected to /cto/ path
- Added missing model field to Addison, Nancy, Gandalf
- Added missing instructionsFilePath to Addison, Gandalf, Hugh, Samuel
- Added WHAT YOU NEVER DO section to Hugh
- Hugh adapter changed to gemini_local with model auto
- Removed Baron von Namespace and Nancy (Engineer) from roster
- Countess heartbeat now checks this repo for org config changes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add project instructions for Claude Code and remove the samuel-stinkpost.md
that was already moved in a prior rename commit.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Chris Farhood
addison-addington[bot]