# CTO profile distribution manifest — machine-readable identity + install contract. # Read by install.sh. Convention shared by all Hermes profile distributions # (see ../sot/03-PROTOCOLS/PROFILE-DISTRIBUTION-PROTOCOL.md — the canonical protocol). profile: cto-planb # Hermes profile name (org-scoped); see also distribution.yaml → name kind: profile-distribution # family marker; CTO = third C-suite profile (after CMO + CEO) role: cto # function; same skill bundle could deploy as cto- org: planb # org scope — this profile serves Plan B version: 2.0.0 # CTO WebUI direct coder target + Sandcastle background job path identity: AGENT.md # WHO (role, mission, boundaries) contract: CONTRACT.md # behavior contract — tier T1 (this file wins) # Governance — org / owner / vision / rules linked to SOT (PROFILE-DISTRIBUTION-PROTOCOL §2.2). governance: org: planb owner: jp approval_authority: jp vision_refs: - ../sot/01-ROADMAP/CORTEX-OS-ROADMAP.md - ../sot/02-FRAMEWORK/CORTEX-OS-FRAMEWORK.md governing_protocols: - ../sot/03-PROTOCOLS/PROFILE-DISTRIBUTION-PROTOCOL.md standards: - ../sot/04-STANDARDS/FRONTMATTER-SPEC.md - ../sot/04-STANDARDS/SOT-ENFORCEMENT.md brand_master_ref: ../sot/07-BRAND/PLANB-BRAND-SYNTHESIS.md north_star: "reliable WebUI coding agent — direct scoped patches, verified commands, JP-gated risk, Sandcastle for background isolation" skills: # exposed to Hermes via skills.external_dirs (→ /skills) - skills/cto-agent # supervisor and profile-level protocol - skills/cto-direct-coder # primary inspect-plan-patch-test-report loop - skills/cto-repo-contract # workspace ownership, protected paths, canonical checks - skills/cto-python-toolkit # Python stack patterns (closes Python gap — inline until cortex/ lib extracted) - skills/cto-angular-toolkit # Angular stack patterns (closes Angular gap — anchored to adwright-console) - skills/cto-dotnet-toolkit # .NET/CQRS stack patterns anchored to cortex dotnet tooling - skills/cto-frontend-visual-qa - skills/cto-sandbox-job - skills/cto-reviewer - skills/cto-evals - skills/cto-capsule-writer # Role tools = scripts at repo root (the "lib"), reached through credbridge. lib: - credbridge.sh # credctl → env → CLI (secrets never logged) # External read-only siblings + cortex/ tooling consumed by this profile. # Stacks: typescript (sandcastle), dotnet (CQRS), dart (Flutter/gRPC), go (libs+QA), rust (runtime), multi (gates/bash/cortex). # Python + Angular have inline toolkit coverage; direct WebUI coding is primary for scoped work. external_tool_deps: # Agent orchestration (external — Matt Pocock, MIT) - repo: sandcastle path: ../sandcastle stack: typescript pin: v0.5.11 role: sandboxed agent orchestrator for code-modifying work (Docker/Podman/Vercel) registry: ../sot/06-REGISTRY/EXTERNAL-REFS/SANDCASTLE.md # .NET / C# (Plan B's primary backend stack) - repo: L6-svrnty.lib-dotnet-cqrs path: ../../cortex/L6-svrnty.lib-dotnet-cqrs stack: dotnet role: CQRS framework (.NET 10, 21 projects, gRPC source-gen, FluentValidation, Minimal API) - repo: L5-svrnty.tool-cqrs-plugin path: ../../cortex/L5-svrnty.tool-cqrs-plugin stack: dotnet role: Claude Code plugin for CQRS/gRPC scaffolding + validation patterns - repo: pi-bte-plugin path: ../../cortex/pi-bte-plugin stack: dotnet+design role: Pi plugin — DTCG validation, voice schema lint, DESIGN.md export, contrast check, .NET 10 build verification # Dart / Flutter (mobile + desktop client stack) - repo: L6-svrnty.lib-cqrs-datasource path: ../../cortex/L6-svrnty.lib-cqrs-datasource stack: dart pin: v1.0.1 role: gRPC client bridging Flutter apps to .NET CQRS backends (auto proto gen) # Go (sovereign core stack — runtime, creds, memory, QA) - repo: L6-svrnty.lib-llm path: ../../cortex/L6-svrnty.lib-llm stack: go role: multi-provider LLM interface (Ollama/Claude/OpenAI/Gemini) + A/B harness - repo: L6-svrnty.core-credentials path: ../../cortex/L6-svrnty.core-credentials stack: go role: encrypted credential store (AES-256-GCM) — credctl backend - repo: L6-svrnty.core-memory path: ../../cortex/L6-svrnty.core-memory stack: go role: long-term memory + semantic search (ONNX embeddings) for agent fleet - repo: PG-svrnty.tool-qa path: ../../cortex/PG-svrnty.tool-qa stack: go role: QA orchestrator — YAML-defined test scenarios for zeroclaw/voice/gRPC services # Rust (zero-overhead runtime layer) - repo: L6-svrnty.core-runtime path: ../../cortex/L6-svrnty.core-runtime stack: rust pin: v0.1.7 role: agent runtime (5MB RAM target, Rust/Tokio) — zeroclaw CLI # Multi-stack utility - repo: PG-svrnty.lib-quality-gates path: ../../cortex/PG-svrnty.lib-quality-gates stack: multi role: 48 portable quality gates across Go/Rust/Dart/Python/C#/Docker/Proto (Bash 4+) - repo: L5-svrnty.lib-skills-engineering path: ../../cortex/L5-svrnty.lib-skills-engineering stack: multi role: 28 engineering patterns — CQRS, gRPC, Flutter design, saga, events, error handling - repo: L5-svrnty.tool-bash-plugin path: ../../cortex/L5-svrnty.tool-bash-plugin stack: bash role: Bash script engineering plugin (9 categories — init/gate/hook/cron/probe/seal/deploy/test/orchestrate) # PC-svrnty.tool-cortex-plugin REMOVED 2026-05-24 (Wave-4 orphan cleanup) — never cited in any cto skill body # See sot/06-REGISTRY/audits/RECOMMENDATIONS-cto-2026-05-24.md §0.2 + §4 C13 # Stacks NOT yet covered by dedicated cortex/ tooling: # - Python: handled via direct coder + cto-python-toolkit until a cortex/ Python framework lib exists # - Angular: handled via direct coder + cto-angular-toolkit until a cortex/ Angular framework lib exists # CTO declares these gaps in CONTRACT.md §6 (Tech stacks supported). requires_tools: [terminal, memory_tool, read_file, write_file, patch, search_files, delegate_task] db: file: cto.db # runtime state; created from schema.sql; never committed schema: schema.sql cron: [] # no cron at launch — CTO runs on-demand or on kanban tick config: # portable per-install settings - key: github_org prompt: GitHub org for code work (e.g., svrnty) default: "svrnty" - key: default_sandcastle_provider prompt: Default sandcastle sandbox provider (docker|podman|vercel|noSandbox) default: "docker" credentials: # provisioned via `credctl set ` — never shipped required: [] # v1 has no required creds (no deploy/cloud yet) optional: [github-pat] # for opening PRs via gh CLI when CTO ships v2 # Disclosure block (Wave-4 — per sot/04-STANDARDS/DISCLOSURE-SCHEMA.md schema_version 1). # Authoritative runtime-truth contract; pre-push hook check 6 verifies declared == live. # Derived from Wave-3 recommendations: sot/06-REGISTRY/audits/RECOMMENDATIONS-cto-2026-05-24.md disclosure: scope: org schema_version: 2 # bumped Wave-7 D2 (2026-05-25) — adds external_orchestrators surface per DISCLOSURE-SCHEMA §4.6 delegates_to: [] # Hermes-native delegate_task handles subagents at runtime; Sandcastle remains an external orchestrator. inherit_builtins: false # deny-by-default; cto has zero builtins enabled inherit_mcp_toolsets: false # deny-by-default; closes the bte-MCP-leak risk seen on ceo/steev sovereign_only: false # Provider-optional per PRD; hosted lanes and Sandcastle agent providers must be logged/disclosed. inherit_dirs: [] # no external_dirs skills: - id: cto-agent source: local path: skills/cto-agent role: supervisor justification: "Profile-level boundaries, delegation, risk gates, and direct-coder operating protocol." - id: cto-direct-coder source: local path: skills/cto-direct-coder role: direct-coder justification: "Primary inspect-plan-patch-test-report loop for WebUI coding." - id: cto-repo-contract source: local path: skills/cto-repo-contract role: contract justification: "Workspace/repo ownership map, protected paths, and canonical verification commands." - id: cto-python-toolkit source: local path: skills/cto-python-toolkit role: toolkit justification: "Python stack patterns — closes CONTRACT.md §6 'Python = skill-only' gap; anchored to bte-mcp, svrnty-hermes-webui-plugin, curator/sweep.py, scripts/sot-precommit.py" - id: cto-angular-toolkit source: local path: skills/cto-angular-toolkit role: toolkit justification: "Angular stack patterns — closes CONTRACT.md §6 'Angular = skill-only' gap; anchored to adwright/adwright-console" - id: cto-dotnet-toolkit source: local path: skills/cto-dotnet-toolkit role: toolkit justification: ".NET/CQRS stack patterns anchored to L6-svrnty.lib-dotnet-cqrs, L5-svrnty.tool-cqrs-plugin, and pi-bte-plugin." - id: cto-frontend-visual-qa source: local path: skills/cto-frontend-visual-qa role: verification justification: "Browser, Playwright, screenshot, console, network, and responsive verification for UI work." - id: cto-sandbox-job source: local path: skills/cto-sandbox-job role: sandbox-backend justification: "Sandcastle background job creation, branch strategy, event projection, and result ingestion." - id: cto-reviewer source: local path: skills/cto-reviewer role: reviewer justification: "Diff review, test adequacy, security/risk assessment, and completion readiness." - id: cto-evals source: local path: skills/cto-evals role: evals justification: "Promotion, regression, and Codex-comparative eval protocol." - id: cto-capsule-writer source: local path: skills/cto-capsule-writer role: memory justification: "Converts meaningful failures and reusable workflows into capsule candidates." mcp_servers: - name: deep-research transport: http endpoint: "http://127.0.0.1:3010/mcp" tools: - id: mcp_deep_research_deep_research mode: read justification: "Full source-grounded research artifact for architecture, standards, vendor behavior, dependency choices, and PRD work." - id: mcp_deep_research_web_search mode: read justification: "Granular current-source search for CTO investigations when a full artifact is too heavy." - id: mcp_deep_research_fetch_page mode: read justification: "Fetch source pages selected during CTO research; browsing/fetch capability disclosed explicitly." - id: mcp_deep_research_extract_pdf mode: read justification: "Extract standards papers, vendor PDFs, and architecture docs during CTO research." hosted_api: "conditional: hosted only when deep-research INFERENCE_URL routes through llm-gateway" data_boundary: "Tailnet HTTP MCP; search/fetch reaches public web sources; LLM route disclosed by deep-research inference mode." approval_required: false sovereign_apis: - name: bte-rest endpoint: "http://localhost:5000" transport: http mode: read-write called_by: - skills/cto-agent/SKILL.md - skills/cto-angular-toolkit/SKILL.md justification: "BTE REST endpoint /api/export-design-md — cited as the DESIGN.md emit path for UI tasks; not auto-invoked at v1.0 (documented pattern only)" cortex_tools: - id: L6-svrnty.lib-dotnet-cqrs stack: dotnet invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md - skills/cto-dotnet-toolkit/SKILL.md justification: ".NET CQRS routing target — sandcastle sub-agent reads patterns when mounted" - id: L5-svrnty.tool-cqrs-plugin stack: dotnet invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md - skills/cto-dotnet-toolkit/SKILL.md justification: ".NET scaffolding plugin — routing target" - id: pi-bte-plugin stack: dotnet invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md - skills/cto-angular-toolkit/SKILL.md - skills/cto-dotnet-toolkit/SKILL.md justification: "DTCG validation + voice schema lint + DESIGN.md export — routing target + DESIGN.md emit path" - id: L6-svrnty.lib-cqrs-datasource stack: dart invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md - skills/cto-angular-toolkit/SKILL.md justification: "Flutter gRPC client + Angular gRPC-web reference — routing target" - id: L6-svrnty.lib-llm stack: go invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md justification: "Go multi-provider LLM interface — routing target for Go tasks" - id: L6-svrnty.core-credentials stack: go invoked_at_runtime: true mode: read+exec referenced_in: - credbridge.sh justification: "Runtime-invoked via credctl CLI from credbridge.sh — every cmd_open_pr resolves github-pat through this lib" - id: L6-svrnty.core-memory stack: go invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md justification: "Go memory lib — routing target; requires_tools memory_tool is Hermes-side, not direct call" - id: PG-svrnty.tool-qa stack: go invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md justification: "QA orchestrator — routing target for Go QA work" - id: L6-svrnty.core-runtime stack: rust invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md justification: "zeroclaw runtime — routing target for Rust tasks" - id: PG-svrnty.lib-quality-gates stack: multi invoked_at_runtime: true mode: read+exec referenced_in: - skills/cto-python-toolkit/SKILL.md - skills/cto-angular-toolkit/SKILL.md justification: "Runtime-invoked post-sandcastle via $QG/bin/run-gates --stack python|typescript --repo X --branch Y" - id: L5-svrnty.lib-skills-engineering stack: multi invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md justification: "28-pattern engineering reference — routing target" - id: L5-svrnty.tool-bash-plugin stack: bash invoked_at_runtime: false mode: read referenced_in: - skills/cto-agent/SKILL.md justification: "Bash scripting plugin — routing target for Bash tasks" credentials: [] # github-pat declaration parked under Pending JP review in DISCLOSURE.md §12 # (cred-adjacent PAUSE per Wave-3 recommendations §5 K1) # External orchestrators (schema v2+ — Wave-7 D2). Sandcastle is cto's primary # execution mechanism (CONTRACT.md §5). sandboxed=true + sovereign_only=false # = the 4-layer safety stack (sandbox isolation + git branch + PR + JP approval). external_orchestrators: - id: sandcastle transport: cli mode: exec called_by: - lib/cto-worker.sh version_pin: v0.5.11 sandboxed: true sovereign_required: false hosted_api: anthropic justification: "isolated claudeCode exec per CONTRACT.md §5 (escape valve under sovereign_only=false)"