From 3bd729989473aa4c7f751630ad6280f2eecf934d Mon Sep 17 00:00:00 2001 From: Alexander Whitestone Date: Sat, 4 Apr 2026 14:39:10 -0400 Subject: [PATCH 1/3] Teach workflow skills in specialist playbooks --- cron/jobs.json | 36 ++++++++++++++++++++---------- playbooks/bug-fixer.yaml | 22 +++++++++++------- playbooks/refactor-specialist.yaml | 15 ++++++++----- playbooks/security-auditor.yaml | 8 ++++++- playbooks/test-writer.yaml | 11 +++++---- 5 files changed, 62 insertions(+), 30 deletions(-) diff --git a/cron/jobs.json b/cron/jobs.json index 9dc15ea9..ba0e2152 100644 --- a/cron/jobs.json +++ b/cron/jobs.json @@ -3,7 +3,7 @@ { "id": "9e0624269ba7", "name": "Triage Heartbeat", - "prompt": "Scan all Timmy_Foundation/* repos for unassigned issues, auto-assign to appropriate agents based on labels/complexity", + "prompt": "Scan Timmy_Foundation/the-nexus, timmy-home, timmy-config, and hermes-agent for unassigned issues. Route them using the audited lane map, avoid duplicate backlog churn, and escalate governing or cross-boundary work to Timmy or Allegro instead of assigning blindly.", "schedule": { "kind": "interval", "minutes": 15, @@ -25,13 +25,17 @@ "state": "paused", "paused_at": "2026-03-24T16:23:01.614552-04:00", "paused_reason": "Dashboard repo frozen - loops redirected to the-nexus", - "skills": [], - "skill": null + "skills": [ + "triage", + "deduplication", + "dispatch" + ], + "skill": "issue-triager" }, { "id": "e29eda4a8548", "name": "PR Review Sweep", - "prompt": "Check all Timmy_Foundation/* repos for open PRs, review diffs, merge passing ones, comment on problems", + "prompt": "Review open PRs in Timmy_Foundation/the-nexus, timmy-home, timmy-config, and hermes-agent. Post severity-ordered findings, protect sensitive control surfaces, and auto-merge only low-risk PRs that are fully verified and non-governing.", "schedule": { "kind": "interval", "minutes": 30, @@ -53,13 +57,17 @@ "state": "paused", "paused_at": "2026-03-24T16:23:02.731437-04:00", "paused_reason": "Dashboard repo frozen - loops redirected to the-nexus", - "skills": [], - "skill": null + "skills": [ + "review", + "governance", + "merge-safety" + ], + "skill": "pr-reviewer" }, { "id": "a77a87392582", "name": "Health Monitor", - "prompt": "Check Ollama is responding, disk space, memory, GPU utilization, process count", + "prompt": "Check Hermes gateway health, local inference surface, pipeline freshness, disk space, memory, and active process count. Prefer the live Hermes sidecar reality over any stale Ollama-era assumptions.", "model": "hermes3:latest", "provider": "ollama", "base_url": "http://localhost:11434/v1", @@ -86,7 +94,7 @@ { "id": "5e9d952871bc", "name": "Agent Status Check", - "prompt": "Check which tmux panes are idle vs working, report utilization", + "prompt": "Check workflow utilization instead of tmux panes: unassigned issues, review queue pressure, overloaded assignees, and stale PRs across the core Timmy Foundation repos.", "schedule": { "kind": "interval", "minutes": 10, @@ -108,13 +116,17 @@ "state": "paused", "paused_at": "2026-03-24T16:23:03.869047-04:00", "paused_reason": "Dashboard repo frozen - loops redirected to the-nexus", - "skills": [], - "skill": null + "skills": [ + "queue-hygiene", + "review-pressure", + "dispatch" + ], + "skill": "ops-workflow-status" }, { "id": "36fb2f630a17", "name": "Hermes Philosophy Loop", - "prompt": "Hermes Philosophy Loop: File issues to Timmy_Foundation/hermes-agent", + "prompt": "Review Hermes-agent against the current doctrine from the-nexus issue #542. Only file narrowly scoped issues that materially improve Heartbeat, Harness, or Portal Interface, and collapse duplicates instead of generating philosophy drift.", "schedule": { "kind": "interval", "minutes": 1440, @@ -136,4 +148,4 @@ } ], "updated_at": "2026-03-24T16:23:03.869797-04:00" -} \ No newline at end of file +} diff --git a/playbooks/bug-fixer.yaml b/playbooks/bug-fixer.yaml index b633b975..53bffc37 100644 --- a/playbooks/bug-fixer.yaml +++ b/playbooks/bug-fixer.yaml @@ -21,6 +21,8 @@ trigger: repos: - Timmy_Foundation/the-nexus + - Timmy_Foundation/timmy-home + - Timmy_Foundation/timmy-config - Timmy_Foundation/hermes-agent steps: @@ -40,16 +42,20 @@ system_prompt: | YOUR ISSUE: #{{issue_number}} — {{issue_title}} - APPROACH (test-first): + APPROACH (prove-first): 1. Read the bug report. Understand the expected vs actual behavior. - 2. Write a test that REPRODUCES the bug (it should fail). - 3. Fix the code so the test passes. - 4. Run tox -e unit — ALL tests must pass, not just yours. - 5. Commit: fix: Fixes #{{issue_number}} - 6. Push, create PR. + 2. Reproduce the failure with the repo's existing test or verification tooling whenever possible. + 3. Add a focused regression test if the repo has a meaningful test surface for the bug. + 4. Fix the code so the reproduced failure disappears. + 5. Run the strongest repo-native verification you can justify — all relevant tests, not just the new one. + 6. Commit: fix: Fixes #{{issue_number}} + 7. Push, create PR, and summarize verification plus any residual risk. RULES: - - Never fix a bug without a test that proves it was broken. + - Never claim a fix without proving the broken behavior and the repaired behavior. + - Prefer repo-native commands over assuming tox exists. + - If the issue touches config, deploy, routing, memories, playbooks, or other control surfaces, flag it for Timmy review in the PR. - Never use --no-verify. - - If you can't reproduce the bug, comment on the issue with what you tried. + - If you can't reproduce the bug, comment on the issue with what you tried and what evidence is still missing. - If the fix requires >50 lines changed, decompose into sub-issues. + - Do not widen the issue into a refactor. diff --git a/playbooks/refactor-specialist.yaml b/playbooks/refactor-specialist.yaml index 20727ceb..0bafd2f7 100644 --- a/playbooks/refactor-specialist.yaml +++ b/playbooks/refactor-specialist.yaml @@ -21,6 +21,8 @@ trigger: repos: - Timmy_Foundation/the-nexus + - Timmy_Foundation/timmy-home + - Timmy_Foundation/timmy-config - Timmy_Foundation/hermes-agent steps: @@ -43,15 +45,18 @@ system_prompt: | RULES: - Lines of code is a liability. Delete as much as you create. - All changes go through PRs. No direct pushes to main. - - Run tox -e format before committing. Run tox -e unit after. + - Use the repo's own format, lint, and test commands rather than assuming tox. + - Every refactor must preserve behavior and explain how that was verified. + - If the change crosses repo boundaries, model-routing, deployment, or identity surfaces, stop and ask for narrower scope. - Never use --no-verify on git commands. - Conventional commits: refactor: (#{{issue_number}}) - If tests fail after 2 attempts, STOP and comment on the issue. + - Refactors exist to simplify the system, not to create a new design detour. WORKFLOW: 1. Read the issue body for specific file paths and instructions 2. Understand the current code structure - 3. Make the refactoring changes - 4. Format: tox -e format - 5. Test: tox -e unit - 6. Commit, push, create PR + 3. Name the simplification goal before changing code + 4. Make the refactoring changes + 5. Run formatting and verification with repo-native commands + 6. Commit, push, create PR with before/after risk summary diff --git a/playbooks/security-auditor.yaml b/playbooks/security-auditor.yaml index cd032415..4124ef63 100644 --- a/playbooks/security-auditor.yaml +++ b/playbooks/security-auditor.yaml @@ -21,6 +21,8 @@ trigger: repos: - Timmy_Foundation/the-nexus + - Timmy_Foundation/timmy-home + - Timmy_Foundation/timmy-config - Timmy_Foundation/hermes-agent steps: @@ -46,12 +48,16 @@ system_prompt: | 6. Dependencies with known CVEs (check requirements.txt/package.json) 7. Missing input validation 8. Overly permissive file permissions + 9. Privilege drift in deploy, orchestration, memory, cron, and playbook surfaces + 10. Places where private data or local-only artifacts could leak into tracked repos OUTPUT FORMAT: For each finding, file a Gitea issue with: Title: [security] : - Body: file + line, description, recommended fix + Body: file + line, description, why it matters, recommended fix Label: security SEVERITY: critical / high / medium / low Only file issues for real findings. No false positives. + Do not open duplicate issues for already-known findings; link the existing issue instead. + If a finding affects sovereignty boundaries or private-data handling, flag it clearly as such. diff --git a/playbooks/test-writer.yaml b/playbooks/test-writer.yaml index c13753ca..3ae3c542 100644 --- a/playbooks/test-writer.yaml +++ b/playbooks/test-writer.yaml @@ -21,6 +21,8 @@ trigger: repos: - Timmy_Foundation/the-nexus + - Timmy_Foundation/timmy-home + - Timmy_Foundation/timmy-config - Timmy_Foundation/hermes-agent steps: @@ -42,14 +44,15 @@ system_prompt: | RULES: - Write tests that test behavior, not implementation details. - - Use tox -e unit to run tests. Never run pytest directly. + - Use the repo's own test entrypoints; do not assume tox exists. - Tests must be deterministic. No flaky tests. - Conventional commits: test: (#{{issue_number}}) - - If the module is hard to test, file an issue explaining why. + - If the module is hard to test, explain the design obstacle and propose the smallest next step. + - Prefer tests that protect public behavior, migration boundaries, and review-critical workflows. WORKFLOW: 1. Read the issue for target module paths 2. Read the existing code to understand behavior 3. Write focused unit tests - 4. Run tox -e unit — all tests must pass - 5. Commit, push, create PR + 4. Run the relevant verification commands — all related tests must pass + 5. Commit, push, create PR with verification summary and coverage rationale -- 2.43.0 From 9ae39362b332b42ebf79d253715b63f1b831f12c Mon Sep 17 00:00:00 2001 From: Alexander Whitestone Date: Sat, 4 Apr 2026 17:48:58 -0400 Subject: [PATCH 2/3] Refresh branch tip for mergeability recalculation -- 2.43.0 From d1f252b2cabe1576a90c389a46ecbf1fe1341e2a Mon Sep 17 00:00:00 2001 From: Alexander Whitestone Date: Sat, 4 Apr 2026 18:25:29 -0400 Subject: [PATCH 3/3] Drop dormant cron rewiring from playbook PR --- cron/jobs.json | 36 ++++++++++++------------------------ 1 file changed, 12 insertions(+), 24 deletions(-) diff --git a/cron/jobs.json b/cron/jobs.json index ba0e2152..9dc15ea9 100644 --- a/cron/jobs.json +++ b/cron/jobs.json @@ -3,7 +3,7 @@ { "id": "9e0624269ba7", "name": "Triage Heartbeat", - "prompt": "Scan Timmy_Foundation/the-nexus, timmy-home, timmy-config, and hermes-agent for unassigned issues. Route them using the audited lane map, avoid duplicate backlog churn, and escalate governing or cross-boundary work to Timmy or Allegro instead of assigning blindly.", + "prompt": "Scan all Timmy_Foundation/* repos for unassigned issues, auto-assign to appropriate agents based on labels/complexity", "schedule": { "kind": "interval", "minutes": 15, @@ -25,17 +25,13 @@ "state": "paused", "paused_at": "2026-03-24T16:23:01.614552-04:00", "paused_reason": "Dashboard repo frozen - loops redirected to the-nexus", - "skills": [ - "triage", - "deduplication", - "dispatch" - ], - "skill": "issue-triager" + "skills": [], + "skill": null }, { "id": "e29eda4a8548", "name": "PR Review Sweep", - "prompt": "Review open PRs in Timmy_Foundation/the-nexus, timmy-home, timmy-config, and hermes-agent. Post severity-ordered findings, protect sensitive control surfaces, and auto-merge only low-risk PRs that are fully verified and non-governing.", + "prompt": "Check all Timmy_Foundation/* repos for open PRs, review diffs, merge passing ones, comment on problems", "schedule": { "kind": "interval", "minutes": 30, @@ -57,17 +53,13 @@ "state": "paused", "paused_at": "2026-03-24T16:23:02.731437-04:00", "paused_reason": "Dashboard repo frozen - loops redirected to the-nexus", - "skills": [ - "review", - "governance", - "merge-safety" - ], - "skill": "pr-reviewer" + "skills": [], + "skill": null }, { "id": "a77a87392582", "name": "Health Monitor", - "prompt": "Check Hermes gateway health, local inference surface, pipeline freshness, disk space, memory, and active process count. Prefer the live Hermes sidecar reality over any stale Ollama-era assumptions.", + "prompt": "Check Ollama is responding, disk space, memory, GPU utilization, process count", "model": "hermes3:latest", "provider": "ollama", "base_url": "http://localhost:11434/v1", @@ -94,7 +86,7 @@ { "id": "5e9d952871bc", "name": "Agent Status Check", - "prompt": "Check workflow utilization instead of tmux panes: unassigned issues, review queue pressure, overloaded assignees, and stale PRs across the core Timmy Foundation repos.", + "prompt": "Check which tmux panes are idle vs working, report utilization", "schedule": { "kind": "interval", "minutes": 10, @@ -116,17 +108,13 @@ "state": "paused", "paused_at": "2026-03-24T16:23:03.869047-04:00", "paused_reason": "Dashboard repo frozen - loops redirected to the-nexus", - "skills": [ - "queue-hygiene", - "review-pressure", - "dispatch" - ], - "skill": "ops-workflow-status" + "skills": [], + "skill": null }, { "id": "36fb2f630a17", "name": "Hermes Philosophy Loop", - "prompt": "Review Hermes-agent against the current doctrine from the-nexus issue #542. Only file narrowly scoped issues that materially improve Heartbeat, Harness, or Portal Interface, and collapse duplicates instead of generating philosophy drift.", + "prompt": "Hermes Philosophy Loop: File issues to Timmy_Foundation/hermes-agent", "schedule": { "kind": "interval", "minutes": 1440, @@ -148,4 +136,4 @@ } ], "updated_at": "2026-03-24T16:23:03.869797-04:00" -} +} \ No newline at end of file -- 2.43.0