Per Hongming's audit directive (2026-05-09): make the core team
operate-by-mechanism rather than self-report.
## SHARED_RULES.md §PR Merge Approval Gate (extended)
- Tag prefix corrected: `[<team>-qa-agent]` etc., not bare `[qa-agent]`.
Bare unprefixed tags rejected by lint. Each persona has its own
Gitea identity (post-2026-05-06; feedback_per_agent_gitea_identity_default),
so the tag reflects who actually authored.
- Coverage bar bumped 80% → 100% per-changed-file. Aggregate
doesn't satisfy. Doc-only files exempt.
- e2e gate added: PRs touching workspace-server/canvas/workspace/
controlplane/plugins MUST run the matching tests/e2e/test_*.sh
and the QA approval comment MUST report `e2e: <suite>=pass`.
- §Issue Discipline tightened to a 5-min SLA. The orchestrator
cross-checks Loki finding-events vs Gitea issue creates and files
a [missed-finding] issue when a finding event has no matching
issue.
- §PR Template requirement added (links to .gitea/pull_request_template.md
in internal + molecule-core; scripts-lint enforces).
- §Identity Tag updated: "GitHub" → "Gitea"; mechanical-parsing
rationale spelled out.
## dev-lead/core-lead/schedules/orchestrator-pulse.md (rewritten)
- Replaces "merge CI-green PRs FIRST" with the four-condition
gate-check sequence (CI green AND [core-qa-agent] ✅ AND
[core-security-agent] ✅ AND [core-uiux-agent] ✅-or-N/A).
- Force-merge call-out: explicitly fires incident.force_merge to
Loki and reports to orchestrator (audit-force-merge.scripts).
- Reviewer-rotation §SOP-10 check before approving.
- Structured-logging report at end of each pulse so the
orchestrator can monitor team behavior in Loki.
- Fixes duplicate "Step 2" (was both SCAN TEAM STATE and REVIEW
OPEN PRs).
## dev-lead/core-lead/core-qa/system-prompt.md
- IDENTITY TAG header points at the gate-parsing role.
- 100% per-changed-file coverage codified.
- e2e mandatory on platform-touching PRs.
- New §PR Review section: required comment-on-every-open-PR each
cycle with one of three exact forms (APPROVED/CHANGES/N-A).
## dev-lead/core-lead/core-security/system-prompt.md
- Same identity-tag fix.
- File findings as Gitea issues (was "GitHub issues") within 5 min.
- Required PR review on every PR touching auth/middleware/db/handlers/
plugin-install; quick-N/A on the rest.
- New §PR Review section with the three exact comment forms.
Tier: medium (changes how 9 personas behave; spine of dev tree).
Verification:
- Markdown structurally consistent
- All edits surgical — no per-engineer prompt changes (those
follow naturally from SHARED_RULES.md)
- live verification deferred to Layer C (when workspaces actually
boot with the new prompts)
Follow-up to molecule-ai-org-template-molecule-dev PR #6 (PR-D in the
internal#77 phasing) which removed the dev-lead symlink from the parent
template. Without this update, running the setup script errored out
because it required a symlink that the parent no longer ships.
Changes:
- Default mode: clone parent template only. No sibling clone, no
symlink. The canonical local-e2e test (TestLocalE2E_ExternalDevDepartment)
uses the !external resolver to fetch the dev tree at test runtime —
no filesystem fixture needed.
- --with-symlink flag: keeps the legacy sibling-clone + symlink layout
for the symlink-based regression tests
(TestLocalE2E_DevDepartmentExtraction + TestLocalE2E_FilesDirConsumption).
Script INJECTS the symlink (since parent no longer ships it post-PR #6).
- Updated 'Run tests' guidance: !external test is the canonical e2e;
symlink tests are opt-in regression coverage for the path the resolver
still supports but no production template uses.
VERIFIED LOCALLY 2026-05-08:
- Default mode: clone parent only, layout correct.
- --with-symlink mode: parent + dev-department + injected symlink, layout correct.
- Full TestLocalE2E_* test suite passes against --with-symlink fixture (1.7s).
Refs:
internal#77 — extraction RFC
molecule-ai/molecule-ai-org-template-molecule-dev#6 — PR-D (symlink removal)
task #235 follow-up — finishes the cleanup the PR-D description mentioned
Two follow-ups discovered while pre-flighting local platform spin-up
(internal#77 dev-department extraction):
VALIDATOR (closes task #231)
Previous validate-tree.py used Path.resolve() everywhere — Python's
realpath equivalent that follows symlinks. Caused false positives on
parent template's cross-repo symlink (dev-lead → sibling repo):
validator reported 'resolves outside repo root' even though the
platform's resolveYAMLIncludes (workspace-server/internal/handlers/
org_include.go) accepts the path because filepath.Abs/Rel operate on
path STRINGS, not on the realpath.
Fix: introduce _abs_no_symlink_resolve() helper using os.path.abspath
(string-only) and _is_inside_root() that mirrors Go's filepath.Rel +
HasPrefix idiom. All places where the validator emulates the platform
security check now use these helpers; Path.resolve() is reserved for
cases that need realpath semantics (none currently).
Verified: validator now passes on parent template's dev-lead symlink
(was previously a hard error), still rejects truly-out-of-root
references (e.g. ../../../etc/passwd-style escapes).
LOCAL E2E SETUP SCRIPT (DX win)
New .molecule-ci/scripts/local-e2e-setup.sh — bootstraps the
/tmp/local-e2e-deploy/ sibling-clone fixture used by
workspace-server's TestLocalE2E_* tests. Idempotent (pulls latest)
with --fresh to wipe and re-clone. Exits non-zero with diagnostics
if the parent template's dev-lead symlink is missing or broken
(catches stale parent-template clones from before PR #5).
Refs:
internal#77 — extraction RFC
task #231 — validator-vs-platform symlink semantics
Hongming GO 2026-05-08 ('go' on the 3 pre-spin-up optimizations)
Phase 3c-2 of internal#77 (dev-department extraction).
What this commit lands:
- 27 dev-tree workspace folders + teams/{core-platform,controlplane,
app-docs,infra,sdk,documentation-specialist,triage-operator,dev}.yaml
composition layer (extracted via git filter-repo).
- 6 commits of git history preserved for the dev paths (subset of
parent's 11 — only commits that touched dev paths kept).
- 17 orphaned folders from parent template DROPPED at extract time
(backend-engineer{,-2,-3}, frontend-engineer{,-2,-3}, qa-engineer{,-2,-3},
security-auditor{,-2}, platform-engineer, devops-engineer, sre-engineer,
offensive-security-engineer, devrel-engineer, triage-operator-2,
uiux-designer). These were not reachable from any teams/*.yaml
!include chain in the parent.
- dev-department.yaml roots populated to point at teams/dev.yaml.
- teams/dev.yaml gains triage-operator as a direct child (Q2). Q1
doc-spec is already transitively under dev-lead via app-docs sub-team
(teams/app-docs.yaml children include documentation-specialist.yaml),
so no additional include needed there.
- Validator improvements (Phase 3b refinements):
* Registers files_dir-declared workspace folders from !include'd
team yamls (was missing — *-lead workspaces previously orphaned).
* Deduplicates inline files_dir registration after !include path
has already registered the same folder.
* Filesystem scan now treats system-prompt.md / initial-prompt.md
as workspace markers (workspace.yaml is optional in transitional
shape).
* --strict flag (or MOLECULE_VALIDATE_TREE_STRICT=1) makes
cross-tree '..' refs hard-fail instead of warn. Phase 3c-3 will
flip the CI gate to --strict once atomization removes them.
Validator state on this commit (default mode):
filesystem workspace folders : 28
reachable from manifest : 28
orphans : 0
cross-tree '..' refs : 20 [WARN]
duplicate-parent claims : 0
OK — tree is clean
The 20 cross-tree '..' refs are the transitional teams/<sub-team>.yaml
shape pre-atomization (Phase 3c-3 lifts each *-lead workspace into a
folder containing its sub-team children, dissolving teams/ entirely).
Refs:
internal#77 — extraction RFC
Hongming GO 2026-05-08 + 'approved keep going' 2026-05-08
SOP Phase 3c-2 — task #228
Combines:
- HEAD (this branch): dev tree extracted from molecule-ai-org-template-molecule-dev
via git filter-repo, preserving 6 of 11 parent commits that touched dev paths.
- dev-dept main (a21212d): initial scaffold — validator, dev-department.yaml,
CI gate, README explaining subtree contract.
Phase 3c-2 of internal#77 (dev-department extraction).
Approved by Hongming 2026-05-08.
# Conflicts:
# .gitattributes
Initial scaffold for the dev-department subtree repo. No workspace
content yet — that lands in Phase 3c-2 (extract dev tree with git
history from molecule-ai-org-template-molecule-dev).
Files:
- dev-department.yaml manifest with defaults + category_routing,
empty roots: [] (gets populated by extract).
- .molecule-ci/scripts/validate-tree.py
orphan / reachability lint. Walks manifest
→ roots → recursive children + !include,
compares against filesystem, reports
orphans + cross-tree '..' refs + duplicate
parents + missing workspace.yaml. Exits
non-zero on any violation. Stdlib only +
PyYAML.
- .github/workflows/validate.yml
CI gate runs the validator on every PR +
push to main/staging. Pinned action SHAs
per saved memory feedback_pin_third_party_actions.
- README.md explains subtree contract: parent template
must symlink the dev-department under a
short name (e.g. `dev`), workspace
files_dir paths inside this repo use the
symlink prefix, this repo is NOT directly
importable as a standalone org template.
- .gitignore ignore .env (per-workspace secrets are
populated by platform import, never
committed).
- .gitattributes force LF on shell/Python/YAML.
Verified locally:
- empty tree → "OK — tree is clean", exit 0.
- cross-tree `..` fixture → exit 1, FAIL with reported violation.
- orphan fixture → exit 1, FAIL with reported orphan folder.
Refs:
- internal#77 (extraction RFC, Phase 1+2 done as comment 1886)
- molecule-core#102 (symlink-resolution contract pinned by tests)
- Hongming GO 2026-05-08 ("you own this feature and repos, start")
- SOP Phase 3b — task #223
Every persona's initial-prompt.md starts with `git clone https://github.com/Molecule-AI/<repo>.git`
which now hard-fails because the GitHub org was suspended on 2026-05-06. This
blocks every fresh agent at boot.
Changes:
- All 49 persona initial-prompt.md files: rewrite clone URLs to
https://git.moleculesai.app/molecule-ai/<repo>.git, and switch the
in-URL token from \${GITHUB_TOKEN} to \${GITEA_TOKEN} (matches the
env-var contract documented in SHARED_RULES.md after the gh→tea migration).
- 4 schedule files (landingpage-check, landingpage-seo-check,
daily-changelog) — same rewrite.
- org.yaml defaults block (3 refs + the 'if [ -n "\$GITHUB_TOKEN" ]'
guard renamed to GITEA_TOKEN to match the new var).
- SHARED_RULES.md DOCUMENTATION_POLICY full-policy URL.
- documentation-specialist/system-prompt.md: reframed the org-profile
table row (was 'renders on github.com/Molecule-AI', now noted as
the now-suspended org page kept for reference).
Scope per Task #168: non-Go-module URL refs only. No go.mod / go.sum
in this repo, so this PR is complete coverage for this repo.
After this lands every persona will boot with a working clone again.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Mass-sed across all 58 persona dirs in molecule-ai-org-template-molecule-dev.
Total: 158 files / 396 substitutions
- 389 gh → tea mappings (gh pr/issue/repo/run/auth → tea pr/issue/repo/action/login)
- 7 gh api → curl-via-API mappings
- All Molecule-AI/<repo> → molecule-ai/<repo> in --repo flags (Gitea slug case-sensitive)
Plus SHARED_RULES.md migration callout block + tea install snippet:
- Tea v0.9.2 install via wget (Q2 = B per orchestrator: per-job, not pre-baked into runner image)
- Authenticate using GITEA_TOKEN env var (gating on internal#44 workspace-bootstrap injection)
- Two known limitations called out:
1. GITEA_TOKEN required for tea/curl auth (internal#44 pending)
2. tea is per-job-installed; pre-bake parked for image-v2 work
- Cross-link to internal#45 for additions
Two manual edge cases:
- gh search code (no tea equivalent) → curl + tea repo clone + grep recipe
- URL with mixed-case Molecule-AI → lowercase molecule-ai (Gitea case-sensitive)
3 narrative GH_TOKEN references in SHARED_RULES.md intentionally preserved
(describe an env var name, not commands).
Q1=A (mega-PR) per orchestrator dispatch 2026-05-07T09:50:08.
Refs: molecule-ai/internal#45, molecule-ai/internal#44 (GITEA_TOKEN dep)
