pdurlej/platform
1
1
Fork 0
Code Issues 44 Pull requests 1 Projects Releases Packages Wiki Activity Actions

deslop(decisions): catalog-wire / v2-schema / roadmap-consolidate — 3 operator calls #733

New issue
Open
opened 2026-06-05 14:45:48 +02:00 by claude · 2 comments
claude commented 2026-06-05 14:45:48 +02:00
Collaborator
Copy link

From the 2026-06-05 deslop audit — 3 aspirational-vs-real decisions only the operator can make. Each becomes a grind once decided.

A. Capability catalog → autonomy router: wire or demote?

policies/agent-capabilities.yaml (#566) is loaded by NO code; the autonomy router's production path (cli.py:366) uses DEFAULT_POLICY with an always-empty allowlist; agent_access/_types.py is imported nowhere (dead model code, self-labeled "Not yet wired to runtime"). The autonomy design doc claims (present-tense) it IS the live Tier-0 allowlist — false.

  • (a) Wire it — load allowlisted_capabilities from the YAML into AutonomyPolicy; implement cousin/host/TTL/audit gating. = the #687 impl work (real new design).
  • (b) Demote it — declare documentation-only, stub/delete _types.py.
    → Decision: is the multi-agent governance gate being built NOW (#687) or shelved? (The doc-soften is queued in the doc-reconcile issue regardless.)

B. v2 "ADHD-counters" schema: wire or shelve?

schema/module.schema.v2.json marks 5 fields (serves_areas, user_value_test, acceptance_criteria, alternatives_considered, open_loops) "MANDATORY for active" — but has zero enforcement (no if/then/dependentRequired) and 0/88 adoption (the Phase-02 backfill never ran).

  • (a) Do it — execute the backfill (active → active_pending_v2 migration, fill all 88) + add real if/then/dependentRequired enforcement.
  • (b) Shelve — demote "MANDATORY" → "optional/planned", update the RFC.

C. Roadmap consolidation: pick ONE canonical

5 docs claim authority over the same milestone train (current-platform-roadmap.md, platform-maturity-roadmap-2026-06-01.md, m10-closure-plan, work-division, STATUS_NOW) — exactly the status-file proliferation ADR-0006 was written to prevent, re-emerging at the roadmap layer.

  • Recommendation: STATUS_NOW (Owner Action Board) + platform-maturity-roadmap = canonical; demote the rest to "superseded" banners.
    → Confirm or adjust; Codex then applies the banners + repoints refs.

Acceptance

  • A / B / C each have a recorded operator decision.
  • The chosen path's mechanical follow-up is split into a codex-ready task.

Decisions = operator; analysis + mechanical follow-up = claude/Codex.

From the 2026-06-05 deslop audit — 3 aspirational-vs-real decisions only the operator can make. Each becomes a grind once decided. ## A. Capability catalog → autonomy router: wire or demote? `policies/agent-capabilities.yaml` (#566) is loaded by **NO code**; the autonomy router's production path (`cli.py:366`) uses DEFAULT_POLICY with an **always-empty allowlist**; `agent_access/_types.py` is imported nowhere (dead model code, self-labeled "Not yet wired to runtime"). The autonomy design doc claims (present-tense) it IS the live Tier-0 allowlist — false. - **(a) Wire it** — load `allowlisted_capabilities` from the YAML into `AutonomyPolicy`; implement cousin/host/TTL/audit gating. = the #687 impl work (real new design). - **(b) Demote it** — declare documentation-only, stub/delete `_types.py`. → Decision: is the multi-agent governance gate being built NOW (#687) or shelved? *(The doc-soften is queued in the doc-reconcile issue regardless.)* ## B. v2 "ADHD-counters" schema: wire or shelve? `schema/module.schema.v2.json` marks 5 fields (serves_areas, user_value_test, acceptance_criteria, alternatives_considered, open_loops) "MANDATORY for active" — but has **zero enforcement** (no if/then/dependentRequired) and **0/88 adoption** (the Phase-02 backfill never ran). - **(a) Do it** — execute the backfill (active → active_pending_v2 migration, fill all 88) + add real `if/then`/`dependentRequired` enforcement. - **(b) Shelve** — demote "MANDATORY" → "optional/planned", update the RFC. ## C. Roadmap consolidation: pick ONE canonical 5 docs claim authority over the same milestone train (current-platform-roadmap.md, platform-maturity-roadmap-2026-06-01.md, m10-closure-plan, work-division, STATUS_NOW) — exactly the status-file proliferation ADR-0006 was written to prevent, re-emerging at the roadmap layer. - **Recommendation:** STATUS_NOW (Owner Action Board) + platform-maturity-roadmap = canonical; demote the rest to "superseded" banners. → Confirm or adjust; Codex then applies the banners + repoints refs. ## Acceptance - [ ] A / B / C each have a recorded operator decision. - [ ] The chosen path's mechanical follow-up is split into a codex-ready task. *Decisions = operator; analysis + mechanical follow-up = claude/Codex.*
claude commented 2026-06-08 22:35:08 +02:00
Author
Collaborator
Copy link

Role: advisor · Intent: research packet dla decyzji A (catalog-wire) — decyzja NIE podjęta

🫖 Pan Herbatka — doprecyzowuję A (katalog→router) świeżym dowodem z main. Deslopowy framing „czy budować bramę #687?" jest nieaktualny — brama zbudowana. Pytanie zwęża się do mostu.

Stan na żywo (zweryfikowany, main 2026-06-08)

  • Router gotowy i podpięty do CLI: autonomy.py ma pełną kaskadę hard-stop → allowlist → sandbox → classifier (route_action:264-292); platformctl autonomy ask (cli.py cmd_autonomy_ask) woła classify_action. Plus fail-closed classifier + decision receipts (ADR-0025).
  • Most katalog→policy NIE istnieje: cmd_autonomy_ask woła classify_action(...) bez policy=DEFAULT_POLICY z pustym allowlisted_capabilities (autonomy.py:157,174) → żadne capability nigdy nie matchuje (:283) → wszystko spada do sandbox/classifier/ask. Bezpieczne (fail-safe), ale katalog ignorowany.
  • agent_access/__init__.py + _types.py jawnie: „Not yet wired to runtime — see #76".

⚠️ Semantyczna luka, którą most MUSI rozwiązać

Katalog jest per-cousin (cousin_allowed: [...]), a AutonomyPolicy.allowlisted_capabilities to globalny frozenset[str] (płaska lista id, bez wymiaru aktora). Most = projekcja katalogu na konkretnego aktora.

Scope „wire" (codex-ready, jeśli A = wire)

  1. Loader agent_access/catalog.py: policies/agent-capabilities.yamllist[Capability] (model już jest w _types.py), walidacja przeciw schema/agent-capability.schema.json.
  2. Builder per-actor: build_policy_for_actor(actor, catalog) -> AutonomyPolicy = AutonomyPolicy(allowlisted_capabilities={c.id for c in catalog if c.allows_cousin(actor)}).
  3. Wstrzyknięcie w CLI: gdy --actor podany → buduj policy z katalogu i przekaż policy= do classify_action. Bez aktora → fallback DEFAULT_POLICY (wstecznie kompatybilne).
  4. Inwariant bezpieczeństwa: allowlist jest PO hard-stop w route_action (:278 przed :283) → allowlisted capability NIE omija hard-stopu. Test MUSI to potwierdzić (allowlisted capability + hard-stop tag → wciąż OPERATOR_GATE).
  5. MVP vs rozszerzenie: MVP = tylko id → allowlist. TTL / allowed_hosts / audit.level gating = rozszerzenie (#76 roadmap), osobny krok.
  6. Testy: catalog-load, per-actor policy, hard-stop-wins-nad-allowlistem, nieznany aktor → pusty allowlist.

Klasa pracy

class/security-sensitive (autonomy gate + capability delivery) → full canary 3+3 + operator merge. Rozmiar: 1 nowy plik (~80-120 lin) + ~15 lin w cli.py + testy.

Rekomendacja (decyzja Piotra)

A = wire, ale jako osobny security-sensitive grind (#76 / #687-followup), NIE część deslop-doc-reconcile. Teraz, gdy router stoi, most jest tani i tnie kliki operatora dla wcześniej-zaaprobowanych capabilities („deterministyczne na twarde"). Alternatywa demote: oznacz katalog docs-only + stub _types.py — tańsze, ale autonomy zostaje „zawsze pyta".

(B: v2-schema 0/88 adopcji — bez zmian, rekom shelve. C: 5+ roadmap-docs — bez zmian, rekom STATUS_NOW + platform-maturity = kanon.)

— zweryfikowane na main 2026-06-08 (Pan Herbatka, advisor)

**Role:** advisor · **Intent:** research packet dla decyzji A (catalog-wire) — decyzja NIE podjęta 🫖 Pan Herbatka — doprecyzowuję **A (katalog→router)** świeżym dowodem z `main`. **Deslopowy framing „czy budować bramę #687?" jest nieaktualny — brama zbudowana.** Pytanie zwęża się do mostu. ## Stan na żywo (zweryfikowany, `main` 2026-06-08) - ✅ **Router gotowy i podpięty do CLI:** `autonomy.py` ma pełną kaskadę `hard-stop → allowlist → sandbox → classifier` (`route_action:264-292`); `platformctl autonomy ask` (`cli.py cmd_autonomy_ask`) woła `classify_action`. Plus fail-closed classifier + decision receipts (ADR-0025). - ❌ **Most katalog→policy NIE istnieje:** `cmd_autonomy_ask` woła `classify_action(...)` **bez `policy=`** → `DEFAULT_POLICY` z **pustym `allowlisted_capabilities`** (`autonomy.py:157,174`) → żadne capability nigdy nie matchuje (`:283`) → wszystko spada do sandbox/classifier/ask. Bezpieczne (fail-safe), ale katalog ignorowany. - `agent_access/__init__.py` + `_types.py` jawnie: „Not yet wired to runtime — see #76". ## ⚠️ Semantyczna luka, którą most MUSI rozwiązać Katalog jest **per-cousin** (`cousin_allowed: [...]`), a `AutonomyPolicy.allowlisted_capabilities` to **globalny `frozenset[str]`** (płaska lista id, bez wymiaru aktora). Most = projekcja katalogu na konkretnego aktora. ## Scope „wire" (codex-ready, jeśli A = wire) 1. **Loader** `agent_access/catalog.py`: `policies/agent-capabilities.yaml` → `list[Capability]` (model już jest w `_types.py`), walidacja przeciw `schema/agent-capability.schema.json`. 2. **Builder per-actor**: `build_policy_for_actor(actor, catalog) -> AutonomyPolicy` = `AutonomyPolicy(allowlisted_capabilities={c.id for c in catalog if c.allows_cousin(actor)})`. 3. **Wstrzyknięcie w CLI**: gdy `--actor` podany → buduj policy z katalogu i przekaż `policy=` do `classify_action`. Bez aktora → fallback `DEFAULT_POLICY` (wstecznie kompatybilne). 4. **Inwariant bezpieczeństwa**: allowlist jest PO hard-stop w `route_action` (`:278` przed `:283`) → allowlisted capability NIE omija hard-stopu. Test MUSI to potwierdzić (allowlisted capability + hard-stop tag → wciąż `OPERATOR_GATE`). 5. **MVP vs rozszerzenie**: MVP = tylko `id → allowlist`. TTL / `allowed_hosts` / `audit.level` gating = rozszerzenie (#76 roadmap), osobny krok. 6. **Testy**: catalog-load, per-actor policy, hard-stop-wins-nad-allowlistem, nieznany aktor → pusty allowlist. ## Klasa pracy `class/security-sensitive` (autonomy gate + capability delivery) → **full canary 3+3 + operator merge**. Rozmiar: 1 nowy plik (~80-120 lin) + ~15 lin w `cli.py` + testy. ## Rekomendacja (decyzja Piotra) **A = wire**, ale jako osobny security-sensitive grind (#76 / #687-followup), NIE część deslop-doc-reconcile. Teraz, gdy router stoi, most jest tani i tnie kliki operatora dla wcześniej-zaaprobowanych capabilities („deterministyczne na twarde"). Alternatywa **demote**: oznacz katalog docs-only + stub `_types.py` — tańsze, ale autonomy zostaje „zawsze pyta". *(B: v2-schema 0/88 adopcji — bez zmian, rekom shelve. C: 5+ roadmap-docs — bez zmian, rekom STATUS_NOW + platform-maturity = kanon.)* — zweryfikowane na `main` 2026-06-08 (Pan Herbatka, advisor)
Iskra commented 2026-06-13 03:03:17 +02:00
Collaborator
Copy link

Iskra judgment

Field Value
Target pdurlej/platform#issue#733
Priority p2
Action operator_needed
Scores reach 4 / impact 4 / confidence 5
Piotr fit high
Effort medium
Labels judge/p2, judge/operator-needed
Judge iskra via openclaw

Rationale: This is P2 operator-needed governance shaping because wiring or demoting capability, schema, and roadmap concepts changes platform direction and future work queues.

Caveat: Do not start implementation until the operator decides which concepts are live product direction and which are documentation-only or shelved.

Structured openclaw.judge.v0 payload 
<!-- openclaw.judge.v0 -->
{
  "confidence": 5,
  "effort_hint": "medium",
  "escalation": {
    "kind": "operator",
    "reason": "The issue asks for three product/governance direction calls that determine whether to wire, demote, or consolidate existing platform concepts."
  },
  "evidence_refs": [
    {
      "note": "Issue frames three aspirational-versus-real platform decisions requiring operator choice before implementation grind.",
      "type": "forgejo",
      "value": "issue-title-body-labels-and-target-snapshot"
    },
    {
      "note": "Body says the capability catalog is not loaded by runtime despite docs implying it is a live governance gate.",
      "type": "forgejo",
      "value": "issue-body-capability-catalog-decision"
    },
    {
      "note": "Current labels already mark the target as owner-attention with priority p2.",
      "type": "snapshot",
      "value": "target-snapshot-labels"
    }
  ],
  "impact": 4,
  "judge_actor": {
    "name": "iskra",
    "runtime": "openclaw"
  },
  "judged_at": "2026-06-13T01:02:00Z",
  "labels_to_apply": [
    "judge/p2",
    "judge/operator-needed"
  ],
  "piotr_fit": "high",
  "priority": "p2",
  "rationale_summary": "This is P2 operator-needed governance shaping because wiring or demoting capability, schema, and roadmap concepts changes platform direction and future work queues.",
  "reach": 4,
  "recommended_next_action": "operator_needed",
  "rerun_reason": "no_prior_judgment",
  "schema": "openclaw.judge.v0",
  "target": {
    "kind": "issue",
    "number": 733,
    "repo": "pdurlej/platform"
  },
  "target_snapshot": {
    "body_hash": "sha256:f8394dfcc28f9273380e17eb80ef5a4d18925e05ad5b1a8ac8e00da7585262d4",
    "commit_count": null,
    "evidence_hash": "sha256:db20fce89a271abfdbfab85a98d39d439605ac48aca0c12e60069fc7e260da0a",
    "head_sha": null,
    "labels": [
      "owner-attention",
      "priority:p2"
    ],
    "labels_hash": "sha256:6921b3ec69a55701e803a28dfb03419c25ec4ed93fb5a22efff07e59c601780b",
    "state": "open",
    "title_hash": "sha256:d13aaf7b2697e96f2b7fb4d822f154d6068f49006219e4182a2906733ad6bf85",
    "updated_at": "2026-06-10T23:21:58+02:00"
  },
  "top_caveat": "Do not start implementation until the operator decides which concepts are live product direction and which are documentation-only or shelved."
}
<!-- /openclaw.judge.v0 -->
### Iskra judgment | Field | Value | | --- | --- | | Target | `pdurlej/platform#issue#733` | | Priority | p2 | | Action | operator_needed | | Scores | reach 4 / impact 4 / confidence 5 | | Piotr fit | high | | Effort | medium | | Labels | `judge/p2`, `judge/operator-needed` | | Judge | `iskra` via `openclaw` | **Rationale:** This is P2 operator-needed governance shaping because wiring or demoting capability, schema, and roadmap concepts changes platform direction and future work queues. **Caveat:** Do not start implementation until the operator decides which concepts are live product direction and which are documentation-only or shelved. <details> <summary>Structured openclaw.judge.v0 payload</summary> ```json <!-- openclaw.judge.v0 --> { "confidence": 5, "effort_hint": "medium", "escalation": { "kind": "operator", "reason": "The issue asks for three product/governance direction calls that determine whether to wire, demote, or consolidate existing platform concepts." }, "evidence_refs": [ { "note": "Issue frames three aspirational-versus-real platform decisions requiring operator choice before implementation grind.", "type": "forgejo", "value": "issue-title-body-labels-and-target-snapshot" }, { "note": "Body says the capability catalog is not loaded by runtime despite docs implying it is a live governance gate.", "type": "forgejo", "value": "issue-body-capability-catalog-decision" }, { "note": "Current labels already mark the target as owner-attention with priority p2.", "type": "snapshot", "value": "target-snapshot-labels" } ], "impact": 4, "judge_actor": { "name": "iskra", "runtime": "openclaw" }, "judged_at": "2026-06-13T01:02:00Z", "labels_to_apply": [ "judge/p2", "judge/operator-needed" ], "piotr_fit": "high", "priority": "p2", "rationale_summary": "This is P2 operator-needed governance shaping because wiring or demoting capability, schema, and roadmap concepts changes platform direction and future work queues.", "reach": 4, "recommended_next_action": "operator_needed", "rerun_reason": "no_prior_judgment", "schema": "openclaw.judge.v0", "target": { "kind": "issue", "number": 733, "repo": "pdurlej/platform" }, "target_snapshot": { "body_hash": "sha256:f8394dfcc28f9273380e17eb80ef5a4d18925e05ad5b1a8ac8e00da7585262d4", "commit_count": null, "evidence_hash": "sha256:db20fce89a271abfdbfab85a98d39d439605ac48aca0c12e60069fc7e260da0a", "head_sha": null, "labels": [ "owner-attention", "priority:p2" ], "labels_hash": "sha256:6921b3ec69a55701e803a28dfb03419c25ec4ed93fb5a22efff07e59c601780b", "state": "open", "title_hash": "sha256:d13aaf7b2697e96f2b7fb4d822f154d6068f49006219e4182a2906733ad6bf85", "updated_at": "2026-06-10T23:21:58+02:00" }, "top_caveat": "Do not start implementation until the operator decides which concepts are live product direction and which are documentation-only or shelved." } <!-- /openclaw.judge.v0 --> ``` </details>
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
claude/sacred-paths-canonical-manifest
codex/795-unique-knowledge-retention
codex/810-contract-expectations
codex/808-pytest-docker-mock
claude/issues/memory-sacred-path-consistency
codex/patchwarden-review-actor
codex/matrix-discovery-hotfix
codex/issue-823-automerge-selfmerge-smoke
codex/use-patchwarden-pr-sanity-renderer
codex/patchwarden-pr-sanity-clawsweeper-comment
codex/automerge-actor-token-blocked-state
codex/orders/patchwarden-contract-live-smoke-20260617
codex/issues/stale-adr-reference-cleanup
codex/patchwarden-label-retrigger
codex/orders/rs2000-runtime-followups
codex/orders/rs2000-runtime-health-closeout
codex/status/platform-situation-reset-20260611
codex/issues/prompt-adr-reference-cleanup
codex/orders/patchwarden-contract-live-smoke-20260611
codex/issues/openclaw-mail-gateway-index-host
codex/issues/767-cross-ref-lint
codex/issues/770-runbook-template
codex/honcho-host-ops-env-cleanup-record
deepseek/audit-2026-06-08
codex/gmail-radar-runtime-docs
codex/agaria-parked-health-hygiene
codex/issues/724-kan-image-guard
codex/issues/711-forgejo-token-recovery-notes
codex/687-decision-receipts
codex/687-classifier-policy
codex/687-apply-sandbox
codex/688-runner-proxy-exec
codex/688-runner-hardening
claude/wip-honcho-qwen-fix-2026-06-02
codex/m06-provenance-adversarial-tests
codex/m06-plan-payload-hash
codex/m06-anchor-plan-git-root
codex/m06-scrub-apply-status-artifacts
codex/m06-extend-apply-redaction
codex/m06-redact-remote-command
codex/m08-openclaw-scheduler-spec
codex/m06-legacy-non-backup-inventory
codex/m04-vault-quarantine-evidence
codex/m02-post-m04-dr-refresh
codex/m04-vault-inventory-blocker
codex/patchwarden-client-dry-run-resilience
codex/m04-safe-session-vault-dependency-cleanup
codex/patchwarden-unique-artifacts
codex/m04-safe-session-ca-dual-trust-bootstrap
codex/m04-vault-quarantine-readiness
codex/m04-safe-session-cutover-runbook
codex/m04-safe-session-local-signer
codex/m04-vault-accelerated-sunset-plan
codex/w6d-patchwarden-actor-token-precedence
codex/w6d-patchwarden-comment-token-fallback
codex/forgejo-baseline-audit-20260528
ollama/dziadek-4th-replica-pcloud
ollama/dziadek-openclaw-scheduler-spec
ollama/dziadek-wake-bus-spec
ollama/dziadek-job-bundle-foundation
claude/smoke-test-524-post-merge
claude/fix-dry-run-merge-base-export
codex/w8-uptime-kuma-runtime-dispatch-fix
No results found.
Labels
Clear labels   
W6d-automerge-calibration

   
agent/claude-code
Vistula actor: Claude Code.

  
agent/codex
Vistula actor: Codex.

  
agent/hermes
Vistula actor: Hermes Upstream.

  
agent/iskra
Vistula actor: Iskra.

  
agent/ollama
Vistula actor: Ollama or compatible model.

  
agent/patchwarden
Vistula actor: Patchwarden.

  
automerge-candidate
Candidate for narrow W6d autonomous merge readiness pilot

  
class/security-sensitive
Security-sensitive class of service: smallest coherent PRs and full canary

  
cutover-gate
blocks production declare / final RS2000 replacement

  
dependency/blocked
Vistula dependency state: blocked.

  
dependency/blocks-others
Vistula dependency state: blocks other work.

  
dependency/cross-repo
Vistula dependency scope: cross-repository.

  
dependency/needs-confirmation
Vistula dependency state: needs confirmation.

  
domain:agents
Agent identity, delegation, subagents, routing, or workflows.

  
domain:ci
CI, checks, Actions, runners, or release automation.

  
domain:docs
Documentation, packets, practices, or source-of-truth text.

  
domain:forgejo
Forgejo issues, PRs, labels, repo settings, or identity.

  
domain:infra
Infrastructure, storage, backup, DNS, network, or host substrate.

  
domain:memory
Memory, recall, write gates, salience, or Honcho-adjacent behavior.

  
domain:runtime
Runtime services, deploys, daemons, timers, or live behavior.

  
domain:signal
Signal UX, delivery, context, or outbound behavior.

  
domain:ux
Product UX, operator experience, or conversation ergonomics.

  
flow/architecture
Vistula lifecycle: architecture phase in progress.

  
flow/blocked
Vistula lifecycle: blocked on dependency or decision.

  
flow/deployed
Vistula lifecycle: deployed to runtime where applicable.

  
flow/done
Vistula lifecycle: work merged or otherwise done.

  
flow/implementation
Vistula lifecycle: implementation phase in progress.

  
flow/intake
Vistula lifecycle: incoming signal not refined yet.

  
flow/maintained
Vistula lifecycle: maintained/steady state.

  
flow/observed
Vistula lifecycle: observed after delivery.

  
flow/ready
Vistula lifecycle: ready for architecture or implementation.

  
flow/refining
Vistula lifecycle: Hermes/spec refinement in progress.

  
flow/retired
Vistula lifecycle: retired or intentionally closed.

  
flow/review
Vistula lifecycle: review phase in progress.

  
iterating
Orchestrator/Codex actively amending in response to review — operator can ignore until resolved

  
judge/codex-candidate
Candidate for Codex implementation.

  
judge/hermes-candidate
Candidate for Hermes discovery/research.

  
judge/low-confidence
Judgment confidence is low.

  
judge/needs-refinement
Needs clearer evidence or scope.

  
judge/operator-needed
Needs Piotr decision or input.

  
judge/p0
Urgent, operator attention or unblock now.

  
judge/p1
High value, schedule soon.

  
judge/p2
Useful, normal queue.

  
judge/p3
Low priority, keep but do not chase.

  
judge/park
Parked from current attention.

  
judge/patchwarden-candidate
Needs Patchwarden merge-safety attention.

  
judge/stale-priority
Existing priority judgment appears stale.

  
kind/adr
Vistula work kind: architecture decision record.

  
kind/bug
Vistula work kind: bug fix.

  
kind/chore
Vistula work kind: chore.

  
kind/feature
Vistula work kind: feature.

  
kind/infra
Vistula work kind: infrastructure.

  
kind/ops
Vistula work kind: operations.

  
kind/refactor
Vistula work kind: refactor.

  
kind/research
Vistula work kind: research/discovery.

  
large-impact
Per charter §3 review-by-impact: large impact (≥300 LOC OR new module OR identity/secret change OR architectural pivot) — Oracle pre-review recommended

  
merge/auto
Vistula merge mode: automated merge.

  
merge/manual
Vistula merge mode: manual merge.

  
merge/manual-dependency-conflict
Manual merge reason: dependency conflict.

  
merge/manual-failing-tests
Manual merge reason: failing tests.

  
merge/manual-merge-conflict
Manual merge reason: merge conflict.

  
merge/manual-missing-review
Manual merge reason: missing review.

  
merge/manual-operator-preference
Manual merge reason: operator preference.

  
merge/manual-red-zone
Manual merge reason: red-zone risk.

  
merge/manual-security-sensitive
Manual merge reason: security-sensitive work.

  
merge/manual-unclear-scope
Manual merge reason: unclear scope.

  
merge/manual-unknown
Manual merge reason: unknown.

  
meta
meta-decomposition issue; first agent decomposes into atomic children

  
mode:operator-only
Apply step requires explicit operator approval.

  
mode:patchwarden-iskra-approved
Work eligible for Patchwarden/Iskra approval inside repo policy.

  
mode:safe-auto
Low-risk work eligible for lightweight autonomous handling.

  
needs-operator-decision
PR is blocked on operator yes/no decision — fresh-Claude/Codex won't make this call alone

  
needs-triage
decomposing agent has open questions / unknowns

  
not-ready
reviewed but blocked on a precondition

  
observed/erroring
Vistula observation: erroring.

  
observed/needs-followup
Vistula observation: needs follow-up.

  
observed/pending
Vistula observation: pending.

  
observed/retire-candidate
Vistula observation: retire candidate.

  
observed/unused
Vistula observation: unused.

  
observed/used
Vistula observation: used.

  
operator-emotional
operator-emotional importance (Iskra memory etc.)

  
owner-attention
owner must decide; blocks default path

  
phase/02
Phase 02 cataloging

  
phase/03
Phase 03 control plane (platformctl)

  
priority:p0
Immediate safety, uptime, data, or operator-blocking issue.

  
priority:p1
Important active work; should be pulled soon.

  
priority:p2
Useful normal-priority work.

  
priority:p3
Opportunistic cleanup, research, or backlog work.

  
proposed
auto-generated by meta-decomposition; awaiting human review

  
ready-for-agent
reviewed and pickable; agents may claim per cookbook

  
ready-for-operator
PR is ready for operator review/merge — orchestrator finished its part

  
recovery
disaster recovery / restore semantics relevant

  
review:claude-reviewed
Reviewed by Claude-family agent.

  
review:codex-reviewed
Reviewed by Codex-family agent.

  
review:dziadek-reviewed
Reviewed by Dziadek pinch-point reviewer.

  
review:needs-human
Needs human review before merge or apply.

  
risk/exposure
incorrectly public/private/tailnet/auth/routed

  
risk/process
workflow/review/orchestration may produce bad outcomes

  
risk/product
work may have lost owner/user value

  
risk/runtime
platform may not run, recover, validate, behave reproducibly

  
safety:external-write
May write to external systems, users, rooms, repos, or services.

  
safety:no-prod-mutation
Must not mutate production or live external state.

  
safety:prod-impact
May affect production/runtime behavior.

  
safety:secret-touch
Touches secrets, credentials, auth, or secret-adjacent config.

  
size/large
Vistula size: large.

  
size/medium
Vistula size: medium.

  
size/small
Vistula size: small.

  
size/tiny
Vistula size: tiny.

  
size/unknown
Vistula size: not classified yet.

  
source/adr
Vistula source: ADR.

  
source/agent-generated
Vistula source: agent generated.

  
source/manual
Vistula source: manual entry.

  
source/operator-chat
Vistula source: operator chat.

  
source/voice-note
Vistula source: voice note.

  
status:blocked
Blocked by missing dependency, evidence, access, or operator decision.

  
status:codex-ready
Ready for a Codex implementation pass.

  
status:merged:pending-evidence
Merged but waiting for live or artifact evidence before closure.

  
status:needs-evidence
Needs proof, logs, tests, or operator-visible evidence.

  
status:operator-needed
Requires explicit operator input before safe progress.

  
status:parked
Intentionally deferred; not active campaign work.

  
tier/full
Full review tier per ADR-0007

  
tier/lite
Lite review tier per ADR-0007

  
tier/stacked
Stacked PR (base != main) escape hatch per ADR-0017. Requires consolidator-PR plan in PR body.

  
tier:0-platform-substrate
Data, secrets, backup, storage, or critical platform substrate.

  
tier:1-iskra-value-layer
Iskra/OpenClaw behavior, memory, runtime, or value-layer work.

  
tier:2-tools-products-modules
Tools, products, modules, experiments, and lower-blast-radius work.

  
type:bug
Incorrect behavior or regression.

  
type:chore
Maintenance, cleanup, metadata, or operational task.

  
type:docs
Documentation-only work.

  
type:feat
New capability or product behavior.

  
type:policy
Governance, protocol, boundary, or decision-contract change.

  
type:research
Investigation, spike, or evidence-gathering task.

No labels
W6d-automerge-calibration
agent/claude-code
agent/codex
agent/hermes
agent/iskra
agent/ollama
agent/patchwarden
automerge-candidate
class/security-sensitive
cutover-gate
dependency/blocked
dependency/blocks-others
dependency/cross-repo
dependency/needs-confirmation
domain:agents
domain:ci
domain:docs
domain:forgejo
domain:infra
domain:memory
domain:runtime
domain:signal
domain:ux
flow/architecture
flow/blocked
flow/deployed
flow/done
flow/implementation
flow/intake
flow/maintained
flow/observed
flow/ready
flow/refining
flow/retired
flow/review
iterating
judge/codex-candidate
judge/hermes-candidate
judge/low-confidence
judge/needs-refinement
judge/operator-needed
judge/p0
judge/p1
judge/p2
judge/p3
judge/park
judge/patchwarden-candidate
judge/stale-priority
kind/adr
kind/bug
kind/chore
kind/feature
kind/infra
kind/ops
kind/refactor
kind/research
large-impact
merge/auto
merge/manual
merge/manual-dependency-conflict
merge/manual-failing-tests
merge/manual-merge-conflict
merge/manual-missing-review
merge/manual-operator-preference
merge/manual-red-zone
merge/manual-security-sensitive
merge/manual-unclear-scope
merge/manual-unknown
meta
mode:operator-only
mode:patchwarden-iskra-approved
mode:safe-auto
needs-operator-decision
needs-triage
not-ready
observed/erroring
observed/needs-followup
observed/pending
observed/retire-candidate
observed/unused
observed/used
operator-emotional
owner-attention
phase/02
phase/03
priority:p0
priority:p1
priority:p2
priority:p3
proposed
ready-for-agent
ready-for-operator
recovery
review:claude-reviewed
review:codex-reviewed
review:dziadek-reviewed
review:needs-human
risk/exposure
risk/process
risk/product
risk/runtime
safety:external-write
safety:no-prod-mutation
safety:prod-impact
safety:secret-touch
size/large
size/medium
size/small
size/tiny
size/unknown
source/adr
source/agent-generated
source/manual
source/operator-chat
source/voice-note
status:blocked
status:codex-ready
status:merged:pending-evidence
status:needs-evidence
status:operator-needed
status:parked
tier/full
tier/lite
tier/stacked
tier:0-platform-substrate
tier:1-iskra-value-layer
tier:2-tools-products-modules
type:bug
type:chore
type:docs
type:feat
type:policy
type:research
Milestone
Clear milestone
No items
No milestone
10 - Improvements
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
pdurlej/platform#733
No description provided.