claude-ceo-assistant (Claude Opus 4.7 on Hongming's MacBook)
5cfeb65fc1
Per Hongming's audit directive (2026-05-09): make the core team operate-by-mechanism rather than self-report. ## SHARED_RULES.md §PR Merge Approval Gate (extended) - Tag prefix corrected: `[<team>-qa-agent]` etc., not bare `[qa-agent]`. Bare unprefixed tags rejected by lint. Each persona has its own Gitea identity (post-2026-05-06; feedback_per_agent_gitea_identity_default), so the tag reflects who actually authored. - Coverage bar bumped 80% → 100% per-changed-file. Aggregate doesn't satisfy. Doc-only files exempt. - e2e gate added: PRs touching workspace-server/canvas/workspace/ controlplane/plugins MUST run the matching tests/e2e/test_*.sh and the QA approval comment MUST report `e2e: <suite>=pass`. - §Issue Discipline tightened to a 5-min SLA. The orchestrator cross-checks Loki finding-events vs Gitea issue creates and files a [missed-finding] issue when a finding event has no matching issue. - §PR Template requirement added (links to .gitea/pull_request_template.md in internal + molecule-core; scripts-lint enforces). - §Identity Tag updated: "GitHub" → "Gitea"; mechanical-parsing rationale spelled out. ## dev-lead/core-lead/schedules/orchestrator-pulse.md (rewritten) - Replaces "merge CI-green PRs FIRST" with the four-condition gate-check sequence (CI green AND [core-qa-agent] ✅ AND [core-security-agent] ✅ AND [core-uiux-agent] ✅-or-N/A). - Force-merge call-out: explicitly fires incident.force_merge to Loki and reports to orchestrator (audit-force-merge.scripts). - Reviewer-rotation §SOP-10 check before approving. - Structured-logging report at end of each pulse so the orchestrator can monitor team behavior in Loki. - Fixes duplicate "Step 2" (was both SCAN TEAM STATE and REVIEW OPEN PRs). ## dev-lead/core-lead/core-qa/system-prompt.md - IDENTITY TAG header points at the gate-parsing role. - 100% per-changed-file coverage codified. - e2e mandatory on platform-touching PRs. - New §PR Review section: required comment-on-every-open-PR each cycle with one of three exact forms (APPROVED/CHANGES/N-A). ## dev-lead/core-lead/core-security/system-prompt.md - Same identity-tag fix. - File findings as Gitea issues (was "GitHub issues") within 5 min. - Required PR review on every PR touching auth/middleware/db/handlers/ plugin-install; quick-N/A on the rest. - New §PR Review section with the three exact comment forms. Tier: medium (changes how 9 personas behave; spine of dev tree). Verification: - Markdown structurally consistent - All edits surgical — no per-engineer prompt changes (those follow naturally from SHARED_RULES.md) - live verification deferred to Layer C (when workspaces actually boot with the new prompts) |
||
|---|---|---|
| .github/workflows | ||
| .molecule-ci/scripts | ||
| dev-lead | ||
| .gitattributes | ||
| .gitignore | ||
| dev-department.yaml | ||
| LICENSE | ||
| README.md | ||
| SECRETS_MATRIX.md | ||
| SHARED_RULES.md | ||
molecule-ai/molecule-dev-department
Importable engineering-tree subtree for Molecule AI org templates.
This repo is not a standalone org template. It is designed to be
grafted into a parent template (e.g. molecule-ai-org-template-molecule-dev)
via filesystem symlink at deploy time. The parent template owns the org
identity, top-level workspaces (PM, Marketing, Research, …), and
imports this repo's dev-lead/ subtree as its engineering org.
Why a separate repo
molecule-ai-org-template-molecule-dev had grown to ~60 workspace
folders + 11 teams/*.yaml composition files + 17 orphaned folders
that no !include chain reached. The orphan accumulation was a sign
the structure had outgrown a single repo.
Splitting the dev tree out:
- Atomizes engineering as a self-contained unit that other org templates can reuse (one link to add the whole department).
- Makes orphan accumulation impossible — the validator (CI gate) walks the manifest → roots → children and fails on any folder not reachable.
- Lets the dev tree evolve on its own cadence without churning the parent template.
- Keeps the parent template's structure focused on org identity (PM, Marketing, Research) and removes the ~50% of mass that's dev-specific.
Full design rationale: internal#77 RFC
Subtree contract
This repo is consumed by parent templates via this convention:
-
Operator-side deploy layout clones both repos as siblings under
/org-templates/:/org-templates/ molecule-ai-org-template-molecule-dev/ ← parent template molecule-dev-department/ ← THIS repo -
Parent template has a relative directory symlink at its root (or under
teams/):parent-template/ org.yaml dev → ../molecule-dev-department/ ← symlink -
Parent's
org.yamlimports the subtree:workspaces: - !include teams/pm.yaml - !include teams/marketing.yaml - !include dev/dev-lead/workspace.yaml ← into the symlinked subtree -
Workspace
files_dir:paths inside this repo use the symlink prefix (dev/<workspace-name>) so they resolve correctly when the subtree is imported via the parent. This means the subtree is not directly importable as a standalone org template — by design.
The platform's org importer (workspace-server/internal/handlers/org_include.go)
follows symlinks at the OS layer (os.ReadFile is symlink-aware) while
its security check (filepath.Abs / filepath.Rel) operates on path
strings (passes for symlinked paths because the link's path is inside
the parent root). The contract is pinned by tests in
molecule-core PR #102.
Repo layout
.
├── dev-department.yaml ← manifest: defaults + category_routing + roots
├── .molecule-ci/scripts/
│ └── validate-tree.py ← orphan / reachability lint (CI gate)
├── .github/workflows/
│ └── validate.yml ← runs validate-tree.py on every PR
├── README.md ← this file
├── LICENSE ← MIT
└── <workspace-folders> ← scaffolded empty; populated by Phase 3c-2
After Phase 3c-2 (extract dev tree with git history) the repo will
contain the dev-lead/ workspace tree with nested sub-teams. After
Phase 3c-3 (move documentation-specialist + triage-operator into the
tree per Hongming Q1+Q2) those workspaces will live under
dev-lead/app-docs/documentation-specialist/ and dev-lead/triage-operator/
respectively.
Validating locally
.molecule-ci/scripts/validate-tree.py
# OK — tree is clean
# Or with explicit manifest:
.molecule-ci/scripts/validate-tree.py dev-department.yaml
The validator:
- Walks
dev-department.yaml → roots → childrenrecursively, including through!includedirectives. - Lists every directory containing
workspace.yaml. - Reports orphans (filesystem dirs not reachable from manifest),
cross-tree
..traversal inchildren:paths, duplicate parents, and missingworkspace.yaml. - Exits non-zero on any violation.
CI runs the same script via .github/workflows/validate.yml on every
push and PR — orphan accumulation is caught at PR time, not at deploy
time.
Phase status
| Phase | Status | Where |
|---|---|---|
| 1 — Investigate platform org importer | ✓ done | internal#77 comment 1886 |
| 2 — Design (SSOT, alternatives, security, versioning) | ✓ done | internal#77 |
3a — Platform external: ref support |
parked (deferred) | task #222 |
| 3b — Validator + CI gate | ✓ done | this commit |
| 3c-1 — Scaffold this repo | ✓ done | this commit |
| 3c-2 — Extract dev tree with history | pending | task #224 |
| 3c-3 — Atomize structure + move doc-spec + triage-op | pending | task #224 |
| 3d — Slim parent template + wire symlink + delete orphans | pending | task #225 |
| 4 — End-to-end verify on staging | pending | task #226 |
Refs
- internal#77 — extraction RFC
- molecule-core#102 — symlink-resolution test
- Hongming GO 2026-05-08 ("you own this feature and repos, start")
License
MIT — see LICENSE