hermes/cto
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0ca5ffc8ed
cto/manifest.yaml
Svrnty 0ca5ffc8ed Allowlist deep-research MCP for CTO
2026-05-25 10:01:53 -04:00

302 lines
13 KiB
YAML
Raw Blame History

# CTO profile distribution manifest — machine-readable identity + install contract.
# Read by install.sh. Convention shared by all Hermes profile distributions
# (see ../sot/03-PROTOCOLS/PROFILE-DISTRIBUTION-PROTOCOL.md — the canonical protocol).
profile: cto-planb # Hermes profile name (org-scoped); see also distribution.yaml → name
kind: profile-distribution # family marker; CTO = third C-suite profile (after CMO + CEO)
role: cto # function; same skill bundle could deploy as cto-<other-org>
org: planb # org scope — this profile serves Plan B
version: 1.0.0 # MVP — executable cto-agent skill + cto-worker.sh helper + 2 toolkit skills
identity: AGENT.md # WHO (role, mission, boundaries)
contract: CONTRACT.md # behavior contract — tier T1 (this file wins)
# Governance — org / owner / vision / rules linked to SOT (PROFILE-DISTRIBUTION-PROTOCOL §2.2).
governance:
org: planb
owner: jp
approval_authority: jp
vision_refs:
- ../sot/01-ROADMAP/CORTEX-OS-ROADMAP.md
- ../sot/02-FRAMEWORK/CORTEX-OS-FRAMEWORK.md
governing_protocols:
- ../sot/03-PROTOCOLS/PROFILE-DISTRIBUTION-PROTOCOL.md
standards:
- ../sot/04-STANDARDS/FRONTMATTER-SPEC.md
- ../sot/04-STANDARDS/SOT-ENFORCEMENT.md
brand_master_ref: ../sot/07-BRAND/PLANB-BRAND-SYNTHESIS.md
north_star: "reliable, evolving tech — sandcastle-orchestrated code work, JP-approved deploys, never bypass isolation"
skills: # exposed to Hermes via skills.external_dirs (→ <repo>/skills)
- skills/cto-agent # orchestrator (loop operator)
- skills/cto-python-toolkit # Python stack patterns (closes Python gap — inline until cortex/ lib extracted)
- skills/cto-angular-toolkit # Angular stack patterns (closes Angular gap — anchored to adwright-console)
# Role tools = scripts at repo root (the "lib"), reached through credbridge.
lib:
- credbridge.sh # credctl → env → CLI (secrets never logged)
# External read-only siblings + cortex/ tooling consumed by this profile.
# Stacks: typescript (sandcastle), dotnet (CQRS), dart (Flutter/gRPC), go (libs+QA), rust (runtime), multi (gates/bash/cortex).
# Python + Angular have no specific cortex/ tooling yet — CTO handles them via sandcastle generic Claude Code path.
external_tool_deps:
# Agent orchestration (external — Matt Pocock, MIT)
- repo: sandcastle
path: ../sandcastle
stack: typescript
pin: v0.5.11
role: sandboxed agent orchestrator for code-modifying work (Docker/Podman/Vercel)
registry: ../sot/06-REGISTRY/EXTERNAL-REFS/SANDCASTLE.md
# .NET / C# (Plan B's primary backend stack)
- repo: L6-svrnty.lib-dotnet-cqrs
path: ../../cortex/L6-svrnty.lib-dotnet-cqrs
stack: dotnet
role: CQRS framework (.NET 10, 21 projects, gRPC source-gen, FluentValidation, Minimal API)
- repo: L5-svrnty.tool-cqrs-plugin
path: ../../cortex/L5-svrnty.tool-cqrs-plugin
stack: dotnet
role: Claude Code plugin for CQRS/gRPC scaffolding + validation patterns
- repo: pi-bte-plugin
path: ../../cortex/pi-bte-plugin
stack: dotnet+design
role: Pi plugin — DTCG validation, voice schema lint, DESIGN.md export, contrast check, .NET 10 build verification
# Dart / Flutter (mobile + desktop client stack)
- repo: L6-svrnty.lib-cqrs-datasource
path: ../../cortex/L6-svrnty.lib-cqrs-datasource
stack: dart
pin: v1.0.1
role: gRPC client bridging Flutter apps to .NET CQRS backends (auto proto gen)
# Go (sovereign core stack — runtime, creds, memory, QA)
- repo: L6-svrnty.lib-llm
path: ../../cortex/L6-svrnty.lib-llm
stack: go
role: multi-provider LLM interface (Ollama/Claude/OpenAI/Gemini) + A/B harness
- repo: L6-svrnty.core-credentials
path: ../../cortex/L6-svrnty.core-credentials
stack: go
role: encrypted credential store (AES-256-GCM) — credctl backend
- repo: L6-svrnty.core-memory
path: ../../cortex/L6-svrnty.core-memory
stack: go
role: long-term memory + semantic search (ONNX embeddings) for agent fleet
- repo: PG-svrnty.tool-qa
path: ../../cortex/PG-svrnty.tool-qa
stack: go
role: QA orchestrator — YAML-defined test scenarios for zeroclaw/voice/gRPC services
# Rust (zero-overhead runtime layer)
- repo: L6-svrnty.core-runtime
path: ../../cortex/L6-svrnty.core-runtime
stack: rust
pin: v0.1.7
role: agent runtime (5MB RAM target, Rust/Tokio) — zeroclaw CLI
# Multi-stack utility
- repo: PG-svrnty.lib-quality-gates
path: ../../cortex/PG-svrnty.lib-quality-gates
stack: multi
role: 48 portable quality gates across Go/Rust/Dart/Python/C#/Docker/Proto (Bash 4+)
- repo: L5-svrnty.lib-skills-engineering
path: ../../cortex/L5-svrnty.lib-skills-engineering
stack: multi
role: 28 engineering patterns — CQRS, gRPC, Flutter design, saga, events, error handling
- repo: L5-svrnty.tool-bash-plugin
path: ../../cortex/L5-svrnty.tool-bash-plugin
stack: bash
role: Bash script engineering plugin (9 categories — init/gate/hook/cron/probe/seal/deploy/test/orchestrate)
# PC-svrnty.tool-cortex-plugin REMOVED 2026-05-24 (Wave-4 orphan cleanup) — never cited in any cto skill body
# See sot/06-REGISTRY/audits/RECOMMENDATIONS-cto-2026-05-24.md §0.2 + §4 C13
# Stacks NOT yet covered by dedicated cortex/ tooling:
# - Python: handled via sandcastle generic Claude Code path; no Python framework lib
# - Angular: handled via sandcastle generic Claude Code path; no Angular framework lib
# CTO declares these gaps in CONTRACT.md §6 (Tech stacks supported).
requires_tools: [terminal, memory_tool]
db:
file: cto.db # runtime state; created from schema.sql; never committed
schema: schema.sql
cron: [] # no cron at launch — CTO runs on-demand or on kanban tick
config: # portable per-install settings
- key: github_org
prompt: GitHub org for code work (e.g., svrnty)
default: "svrnty"
- key: default_sandcastle_provider
prompt: Default sandcastle sandbox provider (docker|podman|vercel|noSandbox)
default: "docker"
credentials: # provisioned via `credctl set <name>` — never shipped
required: [] # v1 has no required creds (no deploy/cloud yet)
optional: [github-pat] # for opening PRs via gh CLI when CTO ships v2
# Disclosure block (Wave-4 — per sot/04-STANDARDS/DISCLOSURE-SCHEMA.md schema_version 1).
# Authoritative runtime-truth contract; pre-push hook check 6 verifies declared == live.
# Derived from Wave-3 recommendations: sot/06-REGISTRY/audits/RECOMMENDATIONS-cto-2026-05-24.md
disclosure:
scope: org
schema_version: 2 # bumped Wave-7 D2 (2026-05-25) — adds external_orchestrators surface per DISCLOSURE-SCHEMA §4.6
delegates_to: [] # cto consumes sandcastle as a tool, not a sub-agent (CONTRACT.md §1, §9)
inherit_builtins: false # deny-by-default; cto has zero builtins enabled
inherit_mcp_toolsets: false # deny-by-default; closes the bte-MCP-leak risk seen on ceo/steev
sovereign_only: false # INTENTIONAL — cto uses claudeCode('claude-opus-4-7') INSIDE sandcastle
# isolation (CONTRACT.md §5). cto-agent itself runs sovereign qwen3.6.
inherit_dirs: [] # no external_dirs
skills:
- id: cto-agent
source: local
path: skills/cto-agent
role: orchestrator
- id: cto-python-toolkit
source: local
path: skills/cto-python-toolkit
role: toolkit
justification: "Python stack patterns — closes CONTRACT.md §6 'Python = skill-only' gap; anchored to bte-mcp, svrnty-hermes-webui-plugin, curator/sweep.py, scripts/sot-precommit.py"
- id: cto-angular-toolkit
source: local
path: skills/cto-angular-toolkit
role: toolkit
justification: "Angular stack patterns — closes CONTRACT.md §6 'Angular = skill-only' gap; anchored to adwright/adwright-console"
mcp_servers:
- name: deep-research
transport: http
endpoint: "http://127.0.0.1:3010/mcp"
tools:
- id: mcp_deep_research_deep_research
mode: read
justification: "Full source-grounded research artifact for architecture, standards, vendor behavior, dependency choices, and PRD work."
- id: mcp_deep_research_web_search
mode: read
justification: "Granular current-source search for CTO investigations when a full artifact is too heavy."
- id: mcp_deep_research_fetch_page
mode: read
justification: "Fetch source pages selected during CTO research; browsing/fetch capability disclosed explicitly."
- id: mcp_deep_research_extract_pdf
mode: read
justification: "Extract standards papers, vendor PDFs, and architecture docs during CTO research."
hosted_api: "conditional: hosted only when deep-research INFERENCE_URL routes through llm-gateway"
data_boundary: "Tailnet HTTP MCP; search/fetch reaches public web sources; LLM route disclosed by deep-research inference mode."
approval_required: false
sovereign_apis:
- name: bte-rest
endpoint: "http://localhost:5000"
transport: http
mode: read-write
called_by:
- skills/cto-agent/SKILL.md
- skills/cto-angular-toolkit/SKILL.md
justification: "BTE REST endpoint /api/export-design-md — cited as the DESIGN.md emit path for UI tasks; not auto-invoked at v1.0 (documented pattern only)"
cortex_tools:
- id: L6-svrnty.lib-dotnet-cqrs
stack: dotnet
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
justification: ".NET CQRS routing target — sandcastle sub-agent reads patterns when mounted"
- id: L5-svrnty.tool-cqrs-plugin
stack: dotnet
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
justification: ".NET scaffolding plugin — routing target"
- id: pi-bte-plugin
stack: dotnet
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
- skills/cto-angular-toolkit/SKILL.md
justification: "DTCG validation + voice schema lint + DESIGN.md export — routing target + DESIGN.md emit path"
- id: L6-svrnty.lib-cqrs-datasource
stack: dart
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
- skills/cto-angular-toolkit/SKILL.md
justification: "Flutter gRPC client + Angular gRPC-web reference — routing target"
- id: L6-svrnty.lib-llm
stack: go
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
justification: "Go multi-provider LLM interface — routing target for Go tasks"
- id: L6-svrnty.core-credentials
stack: go
invoked_at_runtime: true
mode: read+exec
referenced_in:
- credbridge.sh
justification: "Runtime-invoked via credctl CLI from credbridge.sh — every cmd_open_pr resolves github-pat through this lib"
- id: L6-svrnty.core-memory
stack: go
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
justification: "Go memory lib — routing target; requires_tools memory_tool is Hermes-side, not direct call"
- id: PG-svrnty.tool-qa
stack: go
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
justification: "QA orchestrator — routing target for Go QA work"
- id: L6-svrnty.core-runtime
stack: rust
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
justification: "zeroclaw runtime — routing target for Rust tasks"
- id: PG-svrnty.lib-quality-gates
stack: multi
invoked_at_runtime: true
mode: read+exec
referenced_in:
- skills/cto-python-toolkit/SKILL.md
- skills/cto-angular-toolkit/SKILL.md
justification: "Runtime-invoked post-sandcastle via $QG/bin/run-gates --stack python|typescript --repo X --branch Y"
- id: L5-svrnty.lib-skills-engineering
stack: multi
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
justification: "28-pattern engineering reference — routing target"
- id: L5-svrnty.tool-bash-plugin
stack: bash
invoked_at_runtime: false
mode: read
referenced_in:
- skills/cto-agent/SKILL.md
justification: "Bash scripting plugin — routing target for Bash tasks"
credentials: [] # github-pat declaration parked under Pending JP review in DISCLOSURE.md §12
# (cred-adjacent PAUSE per Wave-3 recommendations §5 K1)
# External orchestrators (schema v2+ — Wave-7 D2). Sandcastle is cto's primary
# execution mechanism (CONTRACT.md §5). sandboxed=true + sovereign_only=false
# = the 4-layer safety stack (sandbox isolation + git branch + PR + JP approval).
external_orchestrators:
- id: sandcastle
transport: cli
mode: exec
called_by:
- lib/cto-worker.sh
version_pin: v0.5.11
sandboxed: true
sovereign_required: false
hosted_api: anthropic
justification: "isolated claudeCode exec per CONTRACT.md §5 (escape valve under sovereign_only=false)"
Reference in New Issue View Git Blame Copy Permalink