hermes/cto
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3a3503aa2e
cto/README.md
Svrnty 375417a29b feat(cto): initial scaffold v0.1.0 
C-suite instance #3 — CTO profile distribution. Thin orchestrator over
sandcastle for code-modifying work across .NET / Dart / Go / Rust /
Python / Angular / Bash stacks.

v0.1 = scaffold only. Orchestrator skill is a stub; v1.0 wires
executable sandcastle.run() invocation.

Scaffold contents (12 files):
- AGENT.md, CONTRACT.md (T1, 12 sections), CLAUDE.md, README.md
- manifest.yaml (14 external_tool_deps across 9 stacks)
- distribution.yaml (Hermes native install contract)
- install.sh (idempotent, --dry-run support), credbridge.sh (gh CLI)
- schema.sql (work_queue + invocations + agent_runtime)
- skills/cto-agent/SKILL.md (stub w/ per-stack routing table)
- .gitignore, .env.example

External tool catalog covers:
- typescript: sandcastle (mattpocock, MIT, v0.5.11)
- dotnet: lib-dotnet-cqrs, tool-cqrs-plugin, pi-bte-plugin
- dart: lib-cqrs-datasource (gRPC client to .NET CQRS)
- go: lib-llm, core-credentials, core-memory, tool-qa
- rust: core-runtime (zeroclaw)
- bash: tool-bash-plugin
- multi: lib-quality-gates (48 gates), lib-skills-engineering (28 patterns)
- cortex-os: tool-cortex-plugin

DESIGN.md (Google Labs spec) compliance documented — CTO ensures UI
work conforms when Stitch / other DESIGN.md consumers are downstream.

Companion changes in workspace:
- hermes/CLAUDE.md workspace map + .gitignore
- sdo/org.yaml: ceo.delegates_to=[cmo, cto], cto agent block
- sot/06-REGISTRY/EXTERNAL-REFS/SANDCASTLE.md (T2, active)
- sot/06-REGISTRY/CORTEX-TOOLING.md (T2, active)
- sot/README.md links updated

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-24 11:35:57 -04:00

59 lines
3.2 KiB
Markdown
Raw Blame History

# cto (repo) · cto-planb (Hermes profile)
A **Chief Technology Officer** agent for [Hermes](https://git.openharbor.io/hermes/hermes), built for Plan B (Québec fresh prepared-meals). **Thin orchestrator:** decomposes JP/CEO tech goals, invokes [`sandcastle`](../sandcastle/) to run code-modifying agents in isolated Docker/Podman/Vercel sandboxes, judges resulting diffs, opens PRs for human review, and requests JP approval for any deploy. Never deploys directly.
**Instance #3 of the C-suite profile distribution family** (CMO = #1, CEO = #2, CTO = #3). This repo is `cto/`; the deployed Hermes profile is `cto-planb`. Built to the canonical protocol at [`../sot/03-PROTOCOLS/PROFILE-DISTRIBUTION-PROTOCOL.md`](../sot/03-PROTOCOLS/PROFILE-DISTRIBUTION-PROTOCOL.md).
> **Status:** v0.1 — **scaffold only**. Orchestrator skill stub exists; sandcastle integration not yet wired. v1.0 milestone = ship executable `cto-agent` skill that drives `sandcastle.run()` per task.
- **Identity:** [`AGENT.md`](AGENT.md) — role, mission, boundaries
- **Behavior contract:** [`CONTRACT.md`](CONTRACT.md) — what CTO does, does NOT do, edge cases (tier T1)
- **Protocol:** [`../sot/03-PROTOCOLS/PROFILE-DISTRIBUTION-PROTOCOL.md`](../sot/03-PROTOCOLS/PROFILE-DISTRIBUTION-PROTOCOL.md)
- **Primary tool:** [`../sandcastle/`](../sandcastle/) — Matt Pocock's sandboxed agent orchestrator (MIT, pinned v0.5.11; read-only)
## Layout
```
cto/
├── AGENT.md CONTRACT.md CLAUDE.md README.md
├── manifest.yaml distribution.yaml install.sh credbridge.sh
├── skills/cto-agent/SKILL.md # orchestrator stub (v1.0 implements)
└── schema.sql # cto.db built from this; never committed
```
## Install (v0.1 — scaffold only)
```bash
git clone https://git.openharbor.io/hermes/cto && cd cto
./install.sh # symlinks repo → ~/.hermes/cto-planb (idempotent)
hermes -p cto-planb skills list | grep cto-agent
```
Default install **symlinks** `~/.hermes/cto-planb` → this repo (repo is canonical, edits land live).
## Key invariants (v1)
- CTO orchestrates via sandcastle, never edits host code directly
- No deploy without JP approval (merge-to-main = deploy gate)
- No infrastructure changes without JP approval (DNS, certs, secrets, cron, cloud)
- No edits to `../sandcastle/` (read-only mirror)
- Thin orchestrator (1 skill: `cto-agent`), NOT a 40-skill library
## v0.1 scope vs v1.0 milestone
| Component | v0.1 | v1.0 (next) | v2 (deferred) |
|---|---|---|---|
| Scaffold files | ✅ | — | — |
| `cto-agent/SKILL.md` body | stub | executable orchestrator | — |
| Sandcastle invocation | — | wired | provider-swap (docker → vercel for parallel) |
| Approval gate enforcement | — | wired (merge gate) | deploy gate (CI/CD) |
| Sub-agent profiles | — | — | coder, reviewer, deployer |
| Observability MCPs | — | — | Grafana, Prometheus |
| IaC | — | — | Terraform/Pulumi |
## Related
- [`../sandcastle/CONTEXT.md`](../sandcastle/CONTEXT.md) — sandcastle terminology (read before writing any invocation)
- [`../cmo/`](../cmo/) — C-suite reference impl #1 (thick capability pattern)
- [`../ceo/`](../ceo/) — C-suite reference impl #2 (thin orchestrator pattern — CTO follows this)
Reference in New Issue View Git Blame Copy Permalink