Svrnty
|
4ed306928a
|
Upgrade CTO webui coding profile
|
2026-05-25 12:57:33 -04:00 |
|
Svrnty
|
0ca5ffc8ed
|
Allowlist deep-research MCP for CTO
|
2026-05-25 10:01:53 -04:00 |
|
Svrnty
|
27cf5e3153
|
audit(cto): Wave 8 PAUSE-walk — §12 rows resolved
§12.1: SUPERSEDED by Wave 7 D2/Q2 (sandcastle promoted to schema v2 §4.6); confirmed Wave 8
§12.2: KEEP github-pat declared, DEFER vault provision until v2 PR-open lands (Wave 8 Q2)
§12.3: L6-svrnty.core-credentials runtime mode CONFIRMED as-is (Wave 8 Q3)
All 3 rows now resolved; PAUSE queue empty.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
2026-05-24 18:16:43 -04:00 |
|
Svrnty
|
aaa1dbf3d0
|
feat(disclosure): Wave 7 D2 — cto schema v2 + sandcastle external_orchestrator — sprint 2026-05-25
Schema v2 bump (per sot/04-STANDARDS/DISCLOSURE-SCHEMA.md §4.6) adds the
external_orchestrators surface. Sandcastle was previously parked in
DISCLOSURE.md §12.1 "Pending JP review"; Wave-7 Q2 resolved the open
question in favor of (b) schema §4.6's dedicated external_orchestrators
taxonomy (cleaner separation from HTTP/gRPC sovereign_apis).
Changes:
- manifest.yaml: disclosure.schema_version 1 → 2; add external_orchestrators
with sandcastle entry (transport=cli, mode=exec, version_pin=v0.5.11,
sandboxed=true, hosted_api=anthropic, called_by lib/cto-worker.sh).
- DISCLOSURE.md: new canonical §6.5 External orchestrators (sandcastle row +
governance/pin/check-6.e notes); §5 footer note updated (no longer pending);
§9 drift table adds external_orchestrators row; §12.1 marked RESOLVED with
audit-trail stub; last_reviewed bumped to 2026-05-25.
Pin v0.5.11 matches external_tool_deps[0].pin and the workspace CLAUDE.md
hard rule (sandcastle read-only; bumps human-only). sot-precommit clean.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
2026-05-24 16:54:14 -04:00 |
|
Svrnty
|
b50e32ae74
|
feat(disclosure): Wave 4 — cto-planb disclosure: block (3 skills + cortex_tools narrow) — sprint 2026-05-24
Wave-4C apply of Wave-3 recommendations for cto-planb. cto is the cleanest
profile in the 5-profile fleet — minimal deltas by design (Karpathy Rules 2+3).
Active disclosure block:
- 3 skills (cto-agent orchestrator + cto-python-toolkit + cto-angular-toolkit)
- 0 MCP (deny-by-default; closes bte-MCP-leak risk seen on ceo/steev)
- 1 sovereign_api (bte-rest /api/export-design-md — documented pattern)
- 12 cortex_tools (13 minus PC-svrnty.tool-cortex-plugin orphan; 2 invoked
at runtime: L6-svrnty.core-credentials + PG-svrnty.lib-quality-gates)
- 0 active credentials
- inherit_builtins: false, inherit_mcp_toolsets: false
- sovereign_only: false (INTENTIONAL — claudeCode lives INSIDE sandcastle
isolation per CONTRACT.md §5; cto-agent itself runs sovereign qwen3.6)
Orphan removal: PC-svrnty.tool-cortex-plugin removed from external_tool_deps
(never cited in any cto skill body or lib — per RECOMMENDATIONS §4 C13).
Pending JP review (DISCLOSURE.md §12 — paused per Wave-3 hard rule):
- §12.1 ADD sandcastle as sovereign_api (governance-critical, may need
DISCLOSURE-SCHEMA §4.6 amendment for external_orchestrators surface)
- §12.2 KEEP github-pat cred declaration (vault-absent; v2 PR-open needs it)
- §12.3 NOTE L6-svrnty.core-credentials runtime mode (cred-adjacent confirm)
Refs:
- sot/04-STANDARDS/DISCLOSURE-SCHEMA.md (schema_version 1)
- sot/04-STANDARDS/DISCLOSURE-TEMPLATE.md
- sot/06-REGISTRY/audits/RECOMMENDATIONS-cto-2026-05-24.md
- sot/06-REGISTRY/audits/AUDIT-cto-2026-05-24.md
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
2026-05-24 15:59:55 -04:00 |
|