Agentic board · read-only
Work, in the open
A live reading of the OKF task atoms that are the backlog — held under
lease by agents, gated by humans at review, with full provenance. The git
board is the source of truth; this surface only reads it.
60 atoms 3 awaiting review 1 stale lease 2 blocked git · 60 files
3 tasks await your disposition
The agentic loop carries work to review and stops — a human disposes
(the gate, Inv 3). Disposition is a governed CLI action; this surface is read-only
(DEC-0064) — copy the command and run it where the tenant repo lives.
- Review Deny-by-default egress sandbox around the extraction agent — break the lethal trifecta so a hijacked agent structurally cannot exfiltrate (the single load-bearing build finding) task-extraction-deny-by-default-egress-sandbox
Dispose via the governed CLI
dossier-runtime approve --root <root> --client <client> --task task-extraction-deny-by-default-egress-sandboxdossier-runtime reject --root <root> --client <client> --task task-extraction-deny-by-default-egress-sandbox --reason "<why>" - Review Spec the v0 agency dashboard surface (Phase 0 dogfood — Dossier's own .claude/agents team on Dossier's own OKF; daily-standup / approve-ship loop) task-agency-dashboard-v0-spec
Dispose via the governed CLI
dossier-runtime approve --root <root> --client <client> --task task-agency-dashboard-v0-specdossier-runtime reject --root <root> --client <client> --task task-agency-dashboard-v0-spec --reason "<why>" - Review Tighten reconcile diffs against timestamp churn on live re-crawls task-reconcile-timestamp-churn
Dispose via the governed CLI
dossier-runtime approve --root <root> --client <client> --task task-reconcile-timestamp-churndossier-runtime reject --root <root> --client <client> --task task-reconcile-timestamp-churn --reason "<why>"
No tasks match the current filters. .
- task-shareability-crawlability-hygiene p0Shareability + crawlability hygiene pass — one atomic <SiteHead> (OG/Twitter + canonical + JSON-LD), robots.txt, sitemap
The second P0 "Now" move of the visibility floor (DEC-0073): the cheap, build-once table-stakes that are currently ABSENT on every surface (verified audit — OG/Twitter cards absent everywhere, canonical absent on all SvelteKit routes, robots/sitemap/JSON-LD absent). Build ONE atomic <SiteHead> component (OG + Twitter cards + canonical + Organization/SoftwareApplication JSON-LD) fed from the landing brand.meta* SSOT, applied across /, /board, /graph; push the same OG + JSON-LD into the docs Head.astro override; add a checked-in robots.txt + an app sitemap at the apex (packages/app/static/) with an AI-crawler allow-list; run `pnpm add @astrojs/sitemap` in @dossier/docs (GROUND-TRUTH CORRECTION: it is NOT currently a declared dep — the audit's "already in the lockfile" was a transitive ghost; package.json declares Starlight/Vercel/design/okf/okf-view/fonts/astro only) and wire it for /knowledge/*; ship one brand-true OG image. SSOT discipline: hygiene metadata is fed from existing SSOTs (brand.meta* / Starlight frontmatter), NOT hand-authored per page; sitemap is a DERIVED view. Analytics stays Vercel-only (DEC-0027) — no third-party trackers.
unclaimed · open to any agent conf inferredtasks/task-shareability-crawlability-hygiene.md 2026-06-21 - task-codebase-why-mining-spike p1De-risk spike (GO/NO-GO) — mine the git "why" through the existing faithfulness judge, report two numbers
The go/no-go gate that MUST run BEFORE any code-ingestion substrate infrastructure is built (DEC-0040). The "why"-mining value thesis is testable INDEPENDENTLY of the tree-sitter substrate, so this de-risks the entire bet cheaply on existing machinery (the @dossier/extraction pipeline + the DEC-0009 LLM-as-judge faithfulness judge). Mine git-history rationale (git log -L → filter trivial commits → linked PRs/issues → LLM-explained rationale → OKF decision atoms, confidence: inferred, provenance = commit/PR SHA) from TWO repos and report TWO numbers: (a) decision-RECALL vs. this repo's ~38 hand-authored gold `decision` records (D:\github\dossier as a built-in gold eval set), and (b) faithfulness-PASS-RATE (through the existing judge) + raw decision-YIELD on ONE messy real client repo. That number IS the value thesis. A NO-GO (numbers below the bar) is an equally valid, recordable outcome — the spike de-risks both directions.
unclaimed · open to any agent conf inferredtasks/task-codebase-why-mining-spike.md 2026-06-16 - task-comprehension-funnel-cta p1Comprehension funnel — route the landing/docs surfaces into a clear primary CTA toward the on-ramp
A "Next" move of the visibility floor (DEC-0073): once the product-docs register exists (task-stand-up-product-docs-register), wire the comprehension funnel so a first-time visitor on / (and the docs home) has a clear primary path INTO the on-ramp — the "Run your first loop in 15 minutes" tutorial + the plugin install how-to — rather than bouncing off an ADR log or an unexplained landing. Activation over awareness: the CTA points at the asset that converts (the runnable loop / the plugin), feeding the existing privacy-friendly demand signal (DEC-0027 Vercel analytics + the Buttondown early-access list, DEC-0022). No new trackers. Depends on the product-docs register landing first.
depends on Stand up the product-docs register — REPURPOSE the @dossier/docs Starlight surface to official product docs at /docs/* (new-tab "Docs")unclaimed · open to any agent conf inferredtasks/task-comprehension-funnel-cta.md 2026-06-21 - task-docs-home-synthesize-overview-when-no-root-index p1Docs home must resolve for every served KB (synthesize an overview when there is no root index)
Guarantee that `/knowledge/` resolves to a 200 with a faithful overview for ANY served client KB, including one with no root `index.md` — the DEFAULT output of the ingest→extract pipeline (and the client-new / generate-landing flows). DEC-0058 found that when no root `index.md` exists, `@dossier/okf-view` `routes.ts` `hasRootIndex()` returns false ⇒ `generateSidebar()` omits the Overview link AND no `/knowledge/` page is generated ⇒ `GET /knowledge/` is a 404, while the shared `SiteHeader`/`SiteFooter` hardcode the Docs link to `/knowledge/`. DEC-0058 records the INVARIANT and the SEAM but deliberately does NOT pick the implementation, framing two candidates for the owner to decide.
unclaimed · open to any agent conf inferredtasks/task-docs-home-synthesize-overview-when-no-root-index.md 2026-06-19 - task-ingestion-detector-ensemble-measured-recall p1Detector ensemble at the ingestion boundary with a MEASURED F2/recall target (Presidio recall-tuned + custom "P2" recognizers + cloud DLP) — measure detection, don't trust it
Build Layer-2 of the DEC-0059 untrusted-by-default boundary: an ingestion-boundary detect-and-drop ensemble that runs BEFORE persistence/embedding/extraction. Combine Presidio (RECALL-tuned, β=2 — a missed PII false-negative that lands is worse than over-dropping) + custom Presidio recognizers encoding the client's "P2"-tier patterns (ad-hoc recognizers / EDM-style custom SITs) + a cloud DLP (e.g. Google SDP) as a second probabilistic opinion. CRITICAL: vanilla Presidio is ~0.35-0.38 F1; configuration boosts F-score ~30% — so do NOT deploy unconfigured, and do NOT trust the detector — MEASURE it with a validation harness (Microsoft presidio-research evaluates at system/NER/recognizer level) and report a measured F2/recall number against a labelled corpus before it is "good enough". This is a LAYER, never the guarantee (every detector has irreducible false negatives — the architecture, not this detector, carries the guarantee — see DEC-0059). Gate happens at the chokepoint before embed/index/extract, because the GraphRAG vector index is in-scope sensitive data (embeddings do not anonymize PII). Optionally front it via LiteLLM standalone apply_guardrail (runs Presidio with NO LLM call) OR call Presidio directly (LiteLLM is a thin client over Presidio); if LiteLLM is used pin the Docker image (PyPI litellm 1.82.7/1.82.8 were compromised) — but compliance must NOT depend on LiteLLM. Detail + citations: research/2026-06-18-sensitive-data-and-injection-defense.md §5, §10.
unclaimed · open to any agent conf inferredtasks/task-ingestion-detector-ensemble-measured-recall.md 2026-06-19 - task-per-tenant-runtime-isolation-boundary p1Per-tenant runtime isolation — make the tenant a process/network/key boundary (not a directory), with a per-tenant vector namespace + server-side tenant binding, so a poisoned/sensitive atom is contained to ONE tenant
DEC-0059's blast-radius-containment leg at the runtime substrate: a siloed git repo contains the DATA but NOT the INJECTION — containment depends on the runtime substrate, so make the tenant a PROCESS / NETWORK / KEY boundary, not just a directory. Four leak channels and the control that guarantees isolation on each (from the research): (1) VECTOR INDEX — poisoned embedding retrievable cross-tenant if pooled by a client-supplied filter → per-tenant namespace/index + inject the tenant filter SERVER-SIDE from a SIGNED claim (never client-supplied); (2) MCP SERVER PROCESS — in-flight data / session-hijack across tenants → ONE server instance per tenant (own process + network namespace), session bound server-side to <tenant_id>:<session_id>, never authenticate by session alone, token passthrough FORBIDDEN (use RFC 8693 token exchange, per-tenant scoped creds, minimal scopes); (3) EXTRACTION-AGENT CONTEXT — injection in tenant A's content steers tenant B's run → one tenant per run, fresh context, no shared memory (subagents share the parent process/sandbox, so a fresh process per tenant); (4) MODEL/PROMPT CACHE — UNVERIFIED in docs, treat low-likelihood → per-tenant cache scope until confirmed. Per-tenant key enables crypto-shred on offboarding (the vector index is in-scope PII, DEC-0059 (a)). This INTERSECTS DEC-0053 (one-server-one-tenant fleet topology) and DEC-0054 topology and EXTENDS DEC-0011 (one-server-one-tenant at the file boundary) down to the runtime/process/index level, and builds on DEC-0020 (git-per-tenant). Detail + citations: research/2026-06-18-sensitive-data-and-injection-defense.md §9f (multi-tenant blast-radius table), §2.
unclaimed · open to any agent conf inferredtasks/task-per-tenant-runtime-isolation-boundary.md 2026-06-19 - task-unstructured-fail-closed-quarantine p1Fail-closed quarantine wrapper for the Unstructured file path (zero-element / encrypted-by-header / unknown-MIME → quarantine-by-default) — because Unstructured fails EMPTY, not CLOSED
The single most important file-path takeaway of the DEC-0059 synthesis: Unstructured fails OPEN/EMPTY, not closed. Encrypted / copy-protected files return ZERO elements with only a logged warning — a silent empty result reads downstream as "clean", so a regulated document Dossier could not parse would sail through as if it had no sensitive content. Dossier MUST add its OWN fail-closed quarantine wrapper around the Unstructured connector that treats zero-element / encrypted-by-header / unknown-MIME files as QUARANTINE-BY-DEFAULT (deny, route to human review, never pass through as clean). Also note: Unstructured's default scan is text-only and misses PII in images/scanned PDFs (Presidio Image Redactor + OCR is beta) — so an unreadable/zero-element file is exactly the case that must NOT be trusted. This is the fail-closed leg of DEC-0059's "every detector is probabilistic, so fail closed" principle, applied to the file path specifically. Detail + citations: research/2026-06-18-sensitive-data-and-injection-defense.md §7b.
unclaimed · open to any agent conf inferredtasks/task-unstructured-fail-closed-quarantine.md 2026-06-19 - task-verify-plugin-install-distribution p1Finish DEC-0014 plugin distribution — verify the Claude Code plugin installs as a real product from the marketplace
A "Next" GTM move of the visibility floor (DEC-0073): the DEC-0014 Claude Code plugin + marketplace is the highest-leverage UNDERUSED distribution channel — the plugin is built and `claude plugin validate --strict`-clean, but it is NOT yet verified as an installable PRODUCT (a user installing it from the marketplace and running their first loop). Close the gap: verify the end-to-end install path (marketplace → install → first loop), fix whatever blocks it, and make the "Install the Claude Code plugin" how-to (task-stand-up-product-docs-register) match the verified reality. This is the product-led + agency-channel proof motion (DEC-0023/DEC-0052), NOT a pricing page or paid ads.
unclaimed · open to any agent conf inferredtasks/task-verify-plugin-install-distribution.md 2026-06-21 - task-board-claim-guard-dumb-fast p2Give board-claim-guard the dumb-fast treatment before it goes standing (no per-write node cold-start)
DEC-0041 removed the ~120 ms per-call node cold-start from PostToolUse capture (dumb-fast .cmd + narrowed matcher + off-hot-path distiller). The PreToolUse board-claim-guard.mjs (DEC-0024 §5, currently opt-in / not wired) is a Node script — wiring it standing as-is would RE-INTRODUCE the exact ~120 ms cold-start DEC-0041 just removed, on every mutating call, on top of capture. Before it goes standing: give it the same dumb-fast treatment (a .cmd/shell front that fast-paths the common no-opinion cases with ~0 interpreter boot, OR fold the claim check into the runtime worker) rather than a per-write node boot. The README already flags this; this task makes the follow-up durable and owned.
depends on Build the PreToolUse claim/lease governance hookunclaimed · open to any agent conf inferredtasks/task-board-claim-guard-dumb-fast.md 2026-06-16 - task-checked-in-contrast-utility p2Extract a checked-in WCAG contrast-check utility (scripts/check-contrast.mjs) so token-palette changes are auditable and repeatable
During the DEC-0018 brand recalibration, WCAG 2.1 relative-luminance + contrast-ratio arithmetic was written ad hoc to /tmp at least four-to-five distinct times (clay ramp, on-accent, distinct-hue spread) and re-derived rather than reused — DEC-0041's Review names this verbatim as a surfaced improvement. There is no canonical contrast checker in the repo today (confirmed: no scripts/check-contrast.mjs). Extract a small, dependency-free, checked-in utility that takes the @dossier/design token tree (or explicit fg/bg pairs) and reports contrast ratios against the AA floor DEC-0018 adopted, so the next palette change is validated by `node scripts/check-contrast.mjs` (ideally also surfaced as a drift-style test like css.test.ts) instead of throwaway /tmp scripts. This makes the WCAG floor a repeatable, auditable gate rather than tacit arithmetic.
unclaimed · open to any agent conf inferredtasks/task-checked-in-contrast-utility.md 2026-06-16 - task-codebase-language-pack-backlog p2Language-pack backlog — author per-language tree-sitter tag-query + schema packs beyond TS/Python (CONTINGENT on the v1 build proceeding)
CONTINGENT on the code-ingestion v1 build proceeding (DEC-0040), and DOWNSTREAM of the de-risk "why" spike (task-codebase-why-mining-spike): author per-language tree-sitter tag-query (.scm) + schema-data packs for languages beyond the v1 TS/Python cut (Go, Java/C#, etc.). A language pack is the UNIT OF INCREMENTAL LANGUAGE COVERAGE — substrate-internal DATA that emits into the CLOSED structural edge kinds (contains/imports/calls/references), NOT a fork of the universal substrate. Prioritize by DXA-client stack clustering (which client codebases actually show up). Each pack is INDEPENDENTLY shippable. BLOCKED-ON / downstream of the spike: do not start until the spike returns a GO and substrate v1 exists to emit into.
depends on De-risk spike (GO/NO-GO) — mine the git "why" through the existing faithfulness judge, report two numbersunclaimed · open to any agent conf inferredtasks/task-codebase-language-pack-backlog.md 2026-06-16 - task-document-both-dev-servers p2Document that local dev needs BOTH servers running (app + @dossier/docs on :4321) — root dev-script note or README
After DEC-0048 (dev-aware docs-origin linking, no dev proxy), the app links into the @dossier/docs reading surface (/knowledge/* + the KB atom routes) via its OWN dev origin (default http://localhost:4321), because two Vite-based dev servers cannot share one origin (the rejected dev proxy). Consequence: the docs links only resolve in dev if the docs dev server is ALSO running. Today this is implicit — root `pnpm dev` is `pnpm -r --parallel dev`, which does start both, but nothing tells a contributor that the app alone is insufficient, or that they can run just the docs with `pnpm --filter @dossier/docs dev` (Astro on 4321), or that VITE_DOCS_ORIGIN overrides the port. Make the requirement explicit so a contributor who runs only the app does not hit dead docs links and assume a bug. Document it where a dev will see it: a note on the root `dev` script intent (and/or the @dossier/app package — no packages/app/README.md exists yet) covering: (1) local dev needs both the app AND @dossier/docs (astro on :4321); (2) `pnpm dev` at the root runs both in parallel, OR run `pnpm --filter @dossier/docs dev` alongside the app; (3) the docs origin is configurable via VITE_DOCS_ORIGIN ($lib/docs); (4) if the docs server is down the docs links fail to load against :4321 (expected — the surface is not running — not an app bug). Keep it SSOT: point at $lib/docs / vite.config.ts NOTE rather than re-explaining the two-dev-servers-one-origin rationale (that lives in DEC-0048 + the vite.config.ts comment).
unclaimed · open to any agent conf inferredtasks/task-document-both-dev-servers.md 2026-06-17 - task-extraction-emit-time-vertical-type-discipline p2Improve extraction EMIT-time type discipline for DXA vertical types (so future runs don't need post-hoc curation)
The RBA Firecrawl tenant needed TWO post-hoc curation passes for the same root cause: the extraction EMIT path assigns vertical/concept types weakly. A single-client SOW instance (a named delivery RBA ran for one client) emits as a generic `workflow` instead of the DXA `engagement` type (closed by the one-time curation pass [[task-rba-engagement-retype-client-workflows]] — 6 atoms re-typed `workflow`→`engagement`, tenant commit `975cc83`); and deliverables / process phases emit as `system` instead of `artifact`/`process` (closed by [[task-extraction-system-type-discipline-rba]] — 23 atoms re-typed, tenant commit `8229530`). Both were field-fixed by deterministic data surgery on the RBA tenant, but the surgery is a STOPGAP — the durable lesson (noted, never filed) is that the EMIT path should make these type calls at extraction time. Build an emit-time type-discipline heuristic: e.g. a client-name + single-client-SOW signal → DXA `engagement` (not `workflow`); a deliverable/output signal → `artifact`; a phase/activity signal → `process` (not `system`, which is reserved to actual tools/software/platforms per the knowledge-model). Faithfulness over coverage — when no signal grounds a stronger type, fall back conservatively, never fabricate. Validate against the existing [[0009-extraction-eval-methodology]] judge so a heuristic that over-fires is caught. This closes the loop: future client extractions emit type-disciplined OKF without a manual re-type pass.
unclaimed · open to any agent conf inferredtasks/task-extraction-emit-time-vertical-type-discipline.md 2026-06-19 - task-extraction-segment-retry-repair p2Add a retry/repair path for extraction segments that fail on malformed model JSON
In the first live FirecrawlConnector RBA run (DEC-0055), 1 of 203 extract calls failed: segment #82 returned malformed model JSON, so its `ok=false` / `atoms=0` and its atoms were SILENTLY LOST — no retry, no repair, no surfaced error beyond the failure count. Across a 75-page crawl one lost segment is small, but the failure mode is systemic: a single transient/malformed model response drops a whole segment of a client's knowledge with no recovery. Add a bounded retry/repair path in the extraction (or subscription-client) layer: on a parse/validation failure, retry the segment (optionally with a JSON-repair or re-prompt step) before giving up, and surface an unrecoverable segment loudly rather than only as a count. Must preserve DEC-0009 faithfulness discipline (a repaired segment still passes the same validation/judge floor) and the offline-test seam (DEC-0008).
unclaimed · open to any agent conf inferredtasks/task-extraction-segment-retry-repair.md 2026-06-18 - task-firecrawl-web-crawl-hardening p2Web-crawl hardening for the live Firecrawl path — pin >=2.0.1, network-layer internal/link-local egress blocklist, never carry client session credentials
Security hardening of the live Firecrawl web path proven in DEC-0055 (the first live FirecrawlConnector run against rbaconsulting.com), per DEC-0059's untrusted-by-default boundary applied to the web source. Three architectural closures from the research: (1) PIN self-hosted Firecrawl >= 2.0.1 AND block internal/link-local egress at the NETWORK layer — two SSRF CVEs (CVE-2024-56800 fixed 1.1.1; CVE-2025-57818 fixed 2.0.1), and the playwright-service SSRF was deemed UN-patchable in code, so the network-layer blocklist is the real control, not the version pin alone. (2) NEVER inject client session credentials into a public crawl — scrapeOptions.headers can carry cookies/auth; a public crawl must never carry the client's session. (3) Keep safe-by-default scoping ON (allowExternalLinks/allowSubdomains/crawlEntireDomain all default false; limit default 10000) and pair Firecrawl's includePaths/excludePaths (crawl-frontier filters, NOT a security boundary — excludePaths has confirmed silent-fail bugs) with a Dossier-owned pre-ingest allowlist + post-crawl host validation. robots.txt is honored by default but is advisory, NOT a PII control (a public-but-disallowed page still has PII). This is the web-source realization of DEC-0059's containment + untrusted-content principles, directly extending DEC-0055 and DEC-0021 (the wired Firecrawl path). Detail + citations: research/2026-06-18-sensitive-data-and-injection-defense.md §7a.
unclaimed · open to any agent conf inferredtasks/task-firecrawl-web-crawl-hardening.md 2026-06-19 - task-harden-okf-view-client-safe-entry p2Split @dossier/okf-view into a client-safe entry (view-model + types) vs a server-only entry (the fs readers) + guard against node:fs leaking into the client
@dossier/okf-view exposes a SINGLE barrel that re-exports the fs-based route/kb readers (knowledgeDir / getRouteMap / readKbAtoms / generateSidebar) ALONGSIDE the pure client-safe view-model helpers + types. Any client value-import of that barrel therefore drags node:fs into the browser bundle — the exact bug class that broke the DEC-0072 Track-1 hydration (OkfMeta.svelte value-importing conceptBadgeClass pulled node:fs into the client and threw on hydrate; SSR HTML looked fine, only a real browser exposed it). In Vite dev there is no tree-shaking so it ALWAYS leaks; prod tree-shaking removes it but is fragile (one stray value-import re-introduces it). Fix: expose a client-safe subpath/entry (view-model + types only) DISTINCT from a server-only entry (the fs readers), so client code can only reach the safe surface; and add an ESLint/CI guard that fails on value-importing the fs readers (or node:fs) into client code. Note: @dossier/okf-view is a shared LEAF consumed by BOTH @dossier/app and @dossier/docs — the split must keep both consumers green.
unclaimed · open to any agent conf inferredtasks/task-harden-okf-view-client-safe-entry.md 2026-06-22 - task-icon-geometry-token-family p2Abstract the hard-coded hamburger-bar / icon-stroke geometry into a --ds-* token family (border-width / icon-stroke)
DEC-0046 added an accessible mobile-disclosure hamburger to the shared SiteHeader, whose two→X glyph is drawn with HARD-CODED geometry — `height: 2px` on the bars and `±6px` vertical offsets (packages/app/src/lib/components/SiteHeader.svelte, .site-menu-toggle__glyph rules). Every other value in that component is an existing --ds-* token (spacing/color/radius/motion/shadow/z-index/weight/text), so the bare 2px / 6px are the only token-discipline bypass left after DEC-0046. @dossier/design has NO --ds-border-width-* or --ds-icon-* token family today (confirmed: grep of packages/design finds neither). Add a small icon/stroke-geometry token family to @dossier/design (e.g. --ds-border-width-thin / --ds-icon-stroke, and an icon-glyph size if warranted), regenerate styles/dossier.css via renderCss() (the ONLY tokens→CSS path, drift-tested per DEC-0010), and replace the hard-coded 2px (and the derived offsets, ideally calc()-expressed off the token) in SiteHeader. The FDE flagged this as deliberately OUT OF SCOPE for the DEC-0046 polish pass — the component ships correct today; this closes the token-discipline gap so the glyph geometry is tunable + auditable like everything else.
unclaimed · open to any agent conf inferredtasks/task-icon-geometry-token-family.md 2026-06-17 - task-payload-free-tamper-evident-audit-log p2Payload-free, tamper-evident audit/drop-log design — record the DECISION (per-item verdict + label snapshot + drop reason), NEVER the sensitive payload (the "audit paradox")
DEC-0059's Layer-3 compensating control: because detection has irreducible false negatives, the boundary must keep a tamper-evident audit trail that PROVES nothing sensitive landed — but the trail must record DECISIONS (per-item verdict + sensitivity-label snapshot + drop reason), NEVER the sensitive payload, or the audit log itself becomes the breach. This is the "audit paradox". The discipline: scrub BEFORE anything reaches a logged layer, so a logging regression physically CANNOT capture raw PII. Same payload-free principle DEC-0041 applied to the trace tier (capture the decision/metadata, not the sensitive content), now applied to the sensitive-data drop log. Tamper-evidence (append-only / hash-chained) so the proof-of-non-landing is trustworthy. Watch the known LiteLLM nuance: if LiteLLM is in the model path, turn_off_message_logging — but it has a documented history of leaking messages into the Postgres proxy_server_request field anyway, which is exactly why scrubbing must happen at ingestion before any logged layer. Detail + citations: research/2026-06-18-sensitive-data-and-injection-defense.md §6, §10.
unclaimed · open to any agent conf inferredtasks/task-payload-free-tamper-evident-audit-log.md 2026-06-19 - task-preview-inline-client-board p2Render the client's REAL board inline on the dev-only preview (the board sibling of DEC-0047's inline graph)
DEC-0047 made the dev-only client landing preview (/preview/<slug>) render the CLIENT's REAL OKF knowledge graph inline beneath the landing — over a SHARED buildGraphView + GraphExplorer, reading the client's served OKF directly via the new readKbAtoms(dir) param, WITHOUT perturbing the process-wide DOSSIER_KB or the prerendered /graph. The /board half is still un-tailored: the preview's "live surfaces" showcase card for /board links to Dossier's OWN board in the monorepo dev server (DOSSIER_KB unset → /board reads knowledgeDir() = Dossier's own task atoms), contradicting the tailored page's "both surfaces read YOUR OKF" claim — the same gap DEC-0047 just closed for the graph, still open for the board. This task is the board sibling: extract the board's payload recipe into a shared board view-model (the analog of buildGraphView) and render the client's OWN task atoms inline beneath the landing via readKbAtoms(clientDir).filter(type === 'task'), in the SAME dev-only preview wrapper, leaving the shared LandingPage template untouched (DEC-0037 invariant #1). Same invariants as DEC-0047: READ-ONLY + KB-agnostic (read the client dir directly, never mutate DOSSIER_KB; the prerendered /board stays untouched); host route map → null deep-links for client ids with no reading surface (honest, never a crash); crash-safe empty state on a missing/empty dir; DEV-ONLY by construction (the preview route 404s in prod and the registry imports only inside the import.meta.env.DEV gate, so no client copy ships). NOTE: the board's current onMount interactivity is being Svelte-ified separately (task-svelteify-board-interactions); coordinate so the shared view-model lands cleanly against whichever board shape is current, but this task is the inline-on-preview rendering, NOT the JS rewrite.
depends on Svelte-ify the board's ~270 lines of vanilla-JS interactivity (the DEC-0043 / Phase-7 fast-follow)unclaimed · open to any agent conf inferredtasks/task-preview-inline-client-board.md 2026-06-17 - task-prune-unused-heroloop-component p2Delete or formally park the now-unused HeroLoop.svelte (its only import was removed when the loop diagram merged into the hero)
The 2026-06-17 landing length/rhythm pass ([[0037-landing-as-tailorable-template]], second polish round) merged the labelled 5-stage loop diagram UP into the hero and deleted the standalone "how it works" section, replacing the abstract `HeroLoop` animation with the labelled diagram driven by the hero's existing IntersectionObserver. That removed `HeroLoop.svelte`'s ONLY import from `LandingPage.svelte`, so `packages/app/src/lib/components/HeroLoop.svelte` (~12.4KB, the high-craft animated learning-loop signature, ported pixel-faithfully from HeroLoop.astro in DEC-0043 Phase 4) is now DEAD CODE — present but unreferenced. It was deliberately NOT deleted in the polish turn because (a) it is high-craft and (b) four `src/styles/landing.css` comments (lines 503, 769, 976, 993) cite it as the canonical motion-convention reference ("Matches HeroLoop's conventions exactly", "GATING (mirrors HeroLoop)", "Same inline-index convention HeroLoop uses", "in the spirit of HeroLoop"). Resolve the dead-code: either DELETE the component and reword those four comment references to stand on their own (the conventions they describe now live in the hero `.loop__diagram` CSS itself), OR formally PARK it (a header note + a single canonical "motion convention reference, not wired" comment) so a future reader knows it is intentionally retained as a pattern source, not an active surface. Confirm grep first: the only live "HeroLoop" textual references are this file, the four landing.css comments, and the `bindHeroLoopObserver` function name in LandingPage.svelte (a function name, not an import of the component) — no other surface imports it.
unclaimed · open to any agent conf inferredtasks/task-prune-unused-heroloop-component.md 2026-06-17 - task-purview-sensitivity-label-ingest-gate p2Read Microsoft Purview/MIP sensitivity labels at M365 ingest + a client-side DLP egress gate (Layer 1 — honor the client's existing classification)
Layer-1 of the DEC-0059 boundary: honor the client's EXISTING classification at the M365 source, gating egress before bytes leave their environment. Read Purview/MIP sensitivity labels at ingest via Microsoft Graph extractSensitivityLabels (GA; POST /drives/{id}/items/{id}/extractSensitivityLabels — needs only Files.Read.All; returns sensitivityLabelId/assignmentMethod/tenantId); discover the client's label taxonomy via GET /security/dataSecurityAndGovernance/sensitivityLabels + extractLabel/extractContentLabel. Detect labels WITHOUT the MIP SDK where possible: labels persist as clear-text MSIP_Label_{GUID}_* metadata (MSIP_Label_GUID_Enabled = true is the canonical "is-classified" signal) — but this holds ONLY for unencrypted, non-co-authored files; RMS/IRM-encrypted files need the MIP SDK. Use Graph delta query for incremental/resumable sync (deltaLink/nextLink; 7-day token expiry, 410→full resync). Pair with a client-side Purview DLP egress block (a sensitivity label as a CONDITION can ENFORCE block, not just warn). LOAD-BEARING CAVEAT (Microsoft's own words): "DLP's ability to detect sensitivity labels in SharePoint and OneDrive is limited" (pre-enablement labels, DKE/password-protected, >12MB encrypted Office, images, zip contents) — so L1 CANNOT stand alone, it REQUIRES the L2 detector backstop (task-ingestion-detector-ensemble-measured-recall). Detail + citations: research/2026-06-18-sensitive-data-and-injection-defense.md §4.
unclaimed · open to any agent conf inferredtasks/task-purview-sensitivity-label-ingest-gate.md 2026-06-19 - task-report-only-agents-finding-loop p2Decide whether the report-only agents (qa-reviewer, principal-architect) should close the finding loop like the log-auditor now does
DEC-0036 gave the log-auditor a durable outlet for surfaced findings — file an OKF `task` on the board + a structured Recorded/Found/Filed/Deferred return — instead of prose that evaporates. The other report-only agents have the same gap. qa-reviewer's spec literally says "reports findings, does not silently fix" with no durable home for those findings; principal-architect drafts decisions but routes ripple-effects as prose. Decide whether (and for which agents) to adopt the same surface-improvements-as-board-tasks pattern + structured return, then have the owning agents' prompts updated. Scope decision first; do not edit the agent files until the scope is set.
unclaimed · open to any agent conf inferredtasks/task-report-only-agents-finding-loop.md 2026-06-16 - task-retro-shrink-log-md-one-liners p2Retro-shrink the legacy knowledge/log.md essays to true one-liners (terse line + wiki-link)
DEC-0061 made the going-forward norm — a knowledge/log.md entry is a terse one-liner plus a wiki-link, and the why lives ONLY in the atomic ADR — and added a SOFT warn-only kb:check lint for it. The existing ~233 KB of multi-paragraph log entries (136 over the 320-char one-liner budget at filing time) are a SECOND copy of ADR rationale, an SSOT violation, but were deliberately NOT rewritten in the DEC-0061 pass (a large separate sweep). This task is that optional sweep: collapse each legacy entry to a one-line pointer, moving any rationale that lives only in the log (not in its ADR) into the ADR first so nothing is lost.
unclaimed · open to any agent conf inferredtasks/task-retro-shrink-log-md-one-liners.md 2026-06-19 - task-serve-layer-poisoning-defense p2Serve-layer poisoning defense — propagate provenance/trust-tags to consumers + a read-only sandboxed serve-time agent + an output hook blocking atom-instructed side effects
DEC-0059's containment applied to the SERVE side (the consumer). Poisoned OKF atoms already in the repo are retrieved as TRUSTED context, so server-trust checks don't help — and stored RAG poisoning persists (PoisonedRAG: ~5 malicious passages → ~90% hijack of a target query; AuthChain: a single poisoned doc suffices for multi-hop). The defense is architectural, not detection: (1) apply the SAME deny-by-default egress + READ-ONLY tool surface at serve time (so an atom saying "POST the user's data to evil.com" structurally cannot act) — the serve-side mirror of task-extraction-deny-by-default-egress-sandbox; (2) PROPAGATE provenance / confidence / trust-tier on every atom to the consuming agent (Dossier ALREADY stamps these — DEC-0001 provenance, the confidence enum) so the consumer down-weights low-trust/externally-sourced content and treats retrieved text as DATA not instructions (Spotlighting/datamarking: probabilistic, raises attacker cost, never a guarantee); (3) add an OUTPUT hook that blocks atom-instructed side effects. Residual (state honestly): this constrains DAMAGE (no exfil, no side effects, blast-radius = one tenant) but does NOT 100% prevent a poisoned atom from biasing a generated ANSWER within that tenant — provenance tags + human curation + verify-kb are the scrub path (verify-kb raises the cost of a poisoned atom landing, it is NOT the containment guarantee). Recursively strip invisible-char smuggling (Unicode tag chars U+E0000-E007F, zero-width) at ingestion too. Detail + citations: research/2026-06-18-sensitive-data-and-injection-defense.md §8, §9a, §9f (serve-layer poisoning).
unclaimed · open to any agent conf inferredtasks/task-serve-layer-poisoning-defense.md 2026-06-19 - task-stabilize-build-wordmark-esm p2Confirm and stabilize build-wordmark.mjs (ESM import + woff2/opentype font deps) so the committed wordmark stays re-buildable
During the DEC-0018 brand session, packages/design/scripts/build-wordmark.mjs — the generator that outlines the "Dossier" wordmark from the self-hosted Newsreader font into committed brand/wordmark.svg path data — hit an ERR_MODULE_NOT_FOUND mid-session (around its node:url createRequire/fileURLToPath import), and several npm-view probes for font tooling returned E404 (@fontsource-variable/ibm-plex-mono, fonteditor-woff2). The script settled on wawoff2 (resolves at 2.0.1) + opentype.js, the brand work landed (DEC-0018) and the full build/test suite was green — so the committed wordmark.svg is correct and shipping. What is NOT confirmed is that the GENERATOR re-runs cleanly from a fresh checkout. Confirm whether build-wordmark.mjs currently runs end-to-end (node scripts/build-wordmark.mjs from packages/design) on a clean install; if it does not, fix the ESM import and pin the font/woff2 deps so the wordmark stays re-buildable. This is a generator for a committed asset (not on the CI hot path), so priority is p2 — but a silently-broken generator means the wordmark can never be regenerated when the face/shape changes.
unclaimed · open to any agent conf inferredtasks/task-stabilize-build-wordmark-esm.md 2026-06-16 - task-subscription-client-shell-spawn-dep0190 p2Harden the RBA harness subscription-client spawn — drop shell:true (Node DEP0190)
Minor hardening surfaced by the first live FirecrawlConnector RBA run (DEC-0055): the harness `clients/rba/harness/subscription-client.mjs` spawns `claude` with `shell:true`, which emits a Node DEP0190 deprecation warning (passing args with shell:true is deprecated). Replace the shell-spawn with a direct `spawn(cmd, args)` (no shell) — which is also safer (no shell-injection / quoting surface) and quieter. NOTE: the harness lives under `clients/` which is gitignored (a local sandbox, not committed to the Dossier repo per DEC-0020), so this is sandbox-harness hygiene rather than shipped-product code — low severity, easy fix.
unclaimed · open to any agent conf inferredtasks/task-subscription-client-shell-spawn-dep0190.md 2026-06-18 - task-svelteify-board-interactions p2Svelte-ify the board's ~270 lines of vanilla-JS interactivity (the DEC-0043 / Phase-7 fast-follow)
The /board surface in @dossier/app carries ~270 lines of vanilla JS — filter, sort, the quick-look dialog, and the Refine popover — lifted VERBATIM from the old Astro board.astro into the Svelte page's onMount during the DEC-0043 migration (Phase 3). DEC-0043 explicitly deferred Svelte-ifying this, not dropping it: the migration kept the working JS to land the framework move without also rewriting the interactivity in the same pass (separate-the-changes discipline). This task is the deferred Phase-7 rewrite: replace the imperative onMount DOM-wiring with idiomatic Svelte 5 — reactive $state for the filter/sort criteria, derived task lists, {#each}/{#if} for the rendered groups, a <dialog> bound for quick-look, and the Refine popover as a component — so the board is maintainable Svelte rather than a string of querySelector/addEventListener calls. Behavior must stay byte-identical to what shipped (filter/sort/dialog/popover all proven in-browser at migration time); board.css moves unchanged; the read-only / KB-agnostic / no-mutation invariants (the site only READS task atoms, never git add/commit) are preserved. svelte-check stays 0/0 and the suite stays green.
depends on Execute the SvelteKit app migration (DEC-0043) — phased, no big-bang, apex domain moved only at final cutoverunclaimed · open to any agent conf inferredtasks/task-svelteify-board-interactions.md 2026-06-17
- task-extraction-deny-by-default-egress-sandbox p0Deny-by-default egress sandbox around the extraction agent — break the lethal trifecta so a hijacked agent structurally cannot exfiltrate (the single load-bearing build finding)
THE single load-bearing build finding of the DEC-0059 synthesis. Dossier's ingest→extract→serve pipeline is a textbook "lethal trifecta" (private data + untrusted content + exfiltration ability); the durable defense is to remove the exfiltration leg ARCHITECTURALLY, assuming injection succeeds — NOT to detect every payload. Run extraction (and serve, separately) with DENY-BY-DEFAULT EGRESS: in the Claude Agent SDK use permissionMode:"dontAsk" + an explicit allowedTools allow-list + a PreToolUse deny-hook (inspecting tool_name/tool_input; deny wins even over mode), and enforce the REAL egress guarantee at the OS level — --network none + a domain-allowlisting proxy — NOT at the model layer. NEVER use bypassPermissions: it IGNORES allowedTools AND is INHERITED by every subagent, and Dossier uses subagents — a live footgun. Caveats to respect (from official docs): the built-in proxy does NOT TLS-terminate (domain-fronting can bypass the allowlist → use a TLS-terminating proxy); sandboxes share the host kernel (use gVisor/Firecracker for kernel isolation); default read policy still allows ~/.ssh and ~/.aws/credentials → add them to denyRead. Add deterministic impact-blocking on extraction OUTPUT too (strip/deny outbound links + image-render exfil channels). Residual: exfil can still leak via rendered output — containment, not 100% prevention. Detail + citations: research/2026-06-18-sensitive-data-and-injection-defense.md §9d, §9f.
→ awaiting your merge conf assertedtasks/task-extraction-deny-by-default-egress-sandbox.md 2026-06-20 - task-agency-dashboard-v0-spec p1Spec the v0 agency dashboard surface (Phase 0 dogfood — Dossier's own .claude/agents team on Dossier's own OKF; daily-standup / approve-ship loop)
DEC-0052 sequenced the agentic agency DOGFOOD-FIRST: Phase 0 = run Dossier's OWN .claude/agents team on Dossier's OWN OKF, through a daily-standup / approve-ship loop, before any client rollout — and that Phase 0 dogfood is the named REVIEW GATE that would promote DEC-0052 from asserted to verified. This task is the product-owner v0 spec for the AGENCY DASHBOARD SURFACE that makes Phase 0 real: the dashboard where the org (here: Dossier itself) sees its agentic teams' work and runs the human approve/ship loop. v0 scope — what/for-whom/why/when, acceptance, success metrics — for: the daily "what it did, and what it wants to do next" report (the Ploy/Factory daily-report + approve/ship/watch UX, governed by a human), reading the live board (DEC-0024) for dispatched/in-flight/review work and surfacing each unit's diff for approval; the approve / ship / watch affordances (the per-team/per-action autonomy dial from deterministic toward self-guided); and the compounding return made visible (approved work → reconcile() → a git diff in the org's own history, per DEC-0028). v0 is a SPEC, not the build — it defines the surface, success metrics, and the Phase-0 done-definition so the dogfood can be stood up and DEC-0052's review gate met. Read-only-then-governed: the dashboard reads the board/OKF and gates writes through human approval, never an un-approved autonomous write.
depends on Author the agentic-agency runtime topology DEC + spec (OKF→persona/runbook/team; coordinator/dispatch; per-tenant fleet isolation; Atrium+board+reconcile+MCP composition)→ awaiting your merge conf assertedtasks/task-agency-dashboard-v0-spec.md 2026-06-18 - task-reconcile-timestamp-churn p2Tighten reconcile diffs against timestamp churn on live re-crawls
DEC-0028 routed a follow-up to extraction-engineer — `timestamp` derives from provenance.retrievedAt, so a per-fetch-stamping connector (HttpConnector) bumps every atom's timestamp on re-crawl, producing noisy `updated` diffs even when content is unchanged. Compare modulo volatile provenance (or keep the prior timestamp when content is unchanged) so the compounding merge stays a tight diff.
→ awaiting your merge conf assertedtasks/task-reconcile-timestamp-churn.md 2026-06-16
- task-compounding-reconcile-merge p0Make the learning loop compound (reconcile merge by id + confidence)
Build the compounding merge so the per-tenant loop accumulates by id + confidence instead of overwriting — a pure @dossier/okf reconcile(), an opt-in reconcile path in @dossier/extraction run() that reads the existing KB and emits only the add/update diff, and a runtime --reconcile flag. Human curation is never clobbered by a lower-confidence machine write; vanished atoms are flagged, not deleted. DONE + verified green (DEC-0028).
unclaimed · open to any agent conf verifiedtasks/task-compounding-reconcile-merge.md 2026-06-16 - task-design-task-concept-type p0Design the OKF `task` concept type + seed the board
Design the `task` concept (frontmatter spine + claim/lease semantics) into the knowledge model, add it to the @dossier/okf schema-as-code, and seed knowledge/tasks/ with Dossier's own backlog — the DEC-0024 hand-off to the knowledge-architect.
unclaimed · open to any agent conf verifiedtasks/task-design-task-concept-type.md 2026-06-17 - task-render-dogfood-kb-native-in-app p0Render the dogfood OKF KB app-native in @dossier/app near /graph (the prerequisite that frees Starlight for product docs)
The PREREQUISITE move of the DEC-0072 two-renderer refinement (founder direction, 2026-06-22) and the DEC-0073 visibility floor: render Dossier's sovereign dogfood OKF KB NATIVELY in @dossier/app, anchored near /graph, via @dossier/okf-view (readKbAtoms + the route map / sidebar / view-model — the SAME reader the Astro docs use, DEC-0044) + @dossier/design — presented as first-class app site content with the app's full design language + motion, NOT the stock Starlight docs reader, and "much better than the old docs" (the founder's bar). The /graph explorer (DEC-0047) stays UNCHANGED as the entry; clicking a graph node lands on an app-native styled atom page (in-app nav under the persistent (app) chrome route group, DEC-0045). Routing/topology: flip the packages/app/vercel.json catch-all rewrite so /knowledge + the atom routes (/decisions/*, /tasks/*, /roles/*, /model/*, /references/*, /log, /mission) are served by the APP, while the docs origin (currently dak-dossier-docs.vercel.app) serves product docs; add redirects for ALL existing /knowledge/* + atom-route URLs into the new app pages (no broken links); update the docsUrl() seam (packages/app/src/lib/docs.ts) accordingly. This FREES the Astro/Starlight surface to be repurposed to product docs (task-stand-up-product-docs-register depends on this). Feasibility is grounded, not speculative: @dossier/okf-view already exposes readKbAtoms + the route map/sidebar (DEC-0044), and the app already renders the real OKF graph inline (DEC-0047) and reads KB atoms — mostly authoring + routing, not new machinery. INVARIANT held: the KB stays the sovereign OKF system of record; ZERO marketing prose enters knowledge/**.
unclaimed · open to any agent conf inferredtasks/task-render-dogfood-kb-native-in-app.md 2026-06-22 - task-stand-up-product-docs-register p0Stand up the product-docs register — REPURPOSE the @dossier/docs Starlight surface to official product docs at /docs/* (new-tab "Docs")
The FIRST MOVE of the visibility floor (DEC-0073), executing the register topology locked in DEC-0072 (REFINED 2026-06-22 — two renderers). REPURPOSE the existing Astro/Starlight @dossier/docs deploy — which currently renders the dogfood KB — into the official, polished product-docs surface at /docs/* (official product docs ABOUT Dossier, MDX/Markdown; NOT OKF atoms, NOT a second DOSSIER_KB KB). This is NOT "a second authored collection alongside the dogfood KB on the same renderer": the dogfood KB moves OFF Starlight to app-native rendering FIRST (see task-render-dogfood-kb-native-in-app), freeing this surface for product docs. Ship a Diátaxis skeleton plus FOUR real, non-stub pages and a /docs index: (1) TUTORIAL "Run your first loop in 15 minutes"; (2) HOW-TO "Install the Claude Code plugin"; (3) REFERENCE "dossier-runtime verb set" — verified against the actual --help output, not invented; (4) EXPLANATION "What is Dossier". Wire the app header's "Docs" link to open this product-docs surface in a NEW TAB (via the docsUrl() seam, packages/app/src/lib/docs.ts, retargeted from /knowledge/ to the product-docs root). ZERO marketing prose or docs pages written into knowledge/**; README stays the canonical repo TL;DR, these docs are the canonical long-form (link-don't-duplicate). PREREQUISITE: depends on the dogfood KB having moved into the app first (task-render-dogfood-kb-native-in-app), which frees the Starlight surface. Depends on DEC-0072 being locked (it is, this session; refined 2026-06-22).
depends on Render the dogfood OKF KB app-native in @dossier/app near /graph (the prerequisite that frees Starlight for product docs)unclaimed · open to any agent conf inferredtasks/task-stand-up-product-docs-register.md 2026-06-22 - task-agency-runtime-topology-spec p1Author the agentic-agency runtime topology DEC + spec (OKF→persona/runbook/team; coordinator/dispatch; per-tenant fleet isolation; Atrium+board+reconcile+MCP composition)
DEC-0052 committed the north-star direction (an agentic Digital Experience Agency "in a box" grounded in the org's own OKF), but deliberately framed the architecture mapping as PROPOSED — to be RATIFIED in a follow-on topology DEC. This task is that follow-on. Author the decision record + spec for the agentic-agency RUNTIME TOPOLOGY: (1) the OKF→agent mapping ratified (role → subagent persona; process/workflow → agent runbook/skill; capability → a team; GraphRAG via MCP → shared context); (2) the COORDINATOR/DISPATCH model (a coordinator agent — the Factory pattern — decomposes goals and dispatches to role-bounded teams; each agent is briefed from the org's own memory and writes back into it); (3) PER-TENANT FLEET ISOLATION (how each org's agent fleet stays tenant-scoped — the MCP one-server-one-tenant boundary from DEC-0011 extended to a fleet); (4) how Atrium + the agentic board (DEC-0024) + reconcile() (DEC-0028) + MCP (DEC-0011) COMPOSE into one governed loop; (5) the governance dial — autonomy as a per-team/per-action setting sliding from deterministic (Alex L11) toward self-guided (Alex L14), gated by the human approve/ship loop. Builds on the existing primitives (Agent SDK runtime per DEC-0004/DEC-0012, board per DEC-0024, reconcile per DEC-0028, MCP per DEC-0011) — assemble + specify, do not re-invent. This is the architecture-ratifying sibling of the Atrium DEC (task-atrium-live-layer-over-git).
depends on Author the "Atrium" DEC — the live-layer-over-git co-working room (Yjs + self-hosted Y-Sweet; snapshot bridge → reconcile)unclaimed · open to any agent conf inferredtasks/task-agency-runtime-topology-spec.md 2026-06-18 - task-atrium-live-layer-over-git p1Author the "Atrium" DEC — the live-layer-over-git co-working room (Yjs + self-hosted Y-Sweet; snapshot bridge → reconcile)
DEC-0052 names "Atrium" — the planned live-layer-over-git collaboration surface — as the agentic agency's CO-WORKING ROOM (the place humans and the agent teams act on the live shared source of truth, under the approve/ship loop), and lists it as an expected follow-on DEC. This task is that DEC. Atrium is the LIVE collaboration layer that sits OVER the git-resident OKF (the durable source of truth per DEC-0001 sovereignty): a real-time co-presence surface where humans + agents see and edit a shared working state, that periodically/triggered SNAPSHOTS down into git via reconcile() (DEC-0028) — so the live room is ephemeral/collaborative and git stays the owned, portable, auditable record. Proposed mechanism (to be specified/ratified in the DEC): Yjs CRDTs for the live shared document, a SELF-HOSTED Y-Sweet (or equivalent) sync server for sovereignty (no third-party holding the org's live state), and a SNAPSHOT BRIDGE that materializes the live state into OKF atoms and runs it through reconcile() — so live edits compound into git-owned memory under the curation guard (confidence ladder, orphan-flag-not-delete) exactly like an extraction pass. The DEC must keep the SSOT invariant: git is the source of truth, Atrium is a derived/replaceable live cache (the same OKF-philosophy stance the design system and the served site take). Sibling of the runtime topology DEC (task-agency-runtime-topology-spec), which COMPOSES Atrium with the board + reconcile + MCP.
unclaimed · open to any agent conf inferredtasks/task-atrium-live-layer-over-git.md 2026-06-18 - task-l2-adoption-readout-generator p1Build the L2 "adoption readout" generator skill (sibling of generate-landing — MCP-retrieval harness + KNOWLEDGE-BRIEF; a 4-axis scorer over process/workflow atoms → sequenced roadmap → OKF artifact in the client repo)
DEC-0052's third face — the LADDER — is the L1→L14 adoption onramp / diagnostic READOUT computed from the org's OKF Company Brain; it is the WEDGE, and a seed already exists as the per-client KNOWLEDGE-BRIEF.md. This task builds the shippable L2 readout generator: a SKILL that is the sibling of generate-landing — same MCP-retrieval harness (read the client's served OKF via @dossier/mcp / readKbAtoms) + the KNOWLEDGE-BRIEF.md seed — that produces Alex Lieberman's L2 post-diagnostic readout: a transformation roadmap sequenced by initiative, prioritized by ROI / risk / cultural support. Mechanism: a 4-AXIS SCORER over the org's process/workflow atoms (the four axes operationalize the L2 prioritization — e.g. ROI, risk, cultural support, readiness — to be pinned in the spec) → a SEQUENCED ROADMAP → emitted as an OKF ARTIFACT in the CLIENT repo (sovereign, owned, re-derivable; honors DEC-0001 — the readout lives in the client's own git, not a Dossier-held report). Like generate-landing, it reads the client's OWN OKF and writes a tailored artifact into the client's repo, never perturbing Dossier's own KB. The readout is the diagnostic that lands the wedge ("we'll take you to where we already are") and feeds the land-and-expand into the Agency.
unclaimed · open to any agent conf verifiedtasks/task-l2-adoption-readout-generator.md 2026-06-18 - task-loop-reconcile-dedup-at-scale p1Make the learning loop dedup/reconcile at scale (collapse same-type duplicate clusters; default-on compounding)
The 33-page RBA Firecrawl run (DEC-0055) produced 26 same-type duplicate clusters / ~59 redundant atoms (~6.7% of 494) with 0 supersedes/superseded_by edges — unmanaged duplicates, not version chains. Examples: capability "Digital Strategy" ×4 (two citing the same URL), process "OCM" ×5, and a SYSTEMIC `rba-`-prefix-vs-bare-id pattern (`agentic-ai` / `rba-agentic-ai`, etc.). Only surfaced because the run went 3→33 pages. ROOT CAUSE (verified against source, NOT as the QA brief literally framed it — see body): the in-pass dedup `resolve()` (packages/extraction/src/pipeline/resolve.ts) keys on `id:<id>` else `tt:<type>|<normalized-title>`, so two atoms with DIFFERENT ids (`agentic-ai` vs `rba-agentic-ai`) or near-but-not-identical titles survive as separate atoms; AND the compounding `reconcile()` (packages/okf/src/reconcile.ts) keys STRICTLY by id and is OPT-IN (`options.reconcile === true`, default false — packages/extraction/src/index.ts:127,192), so it neither ran by default on this loop nor would collapse different-id clusters if it had. Fix has two parts: (1) a one-shot reconcile/dedup post-pass over the current RBA KB to collapse the existing clusters (with supersedes edges where a real version chain exists); (2) strengthen the loop so this does not recur — id canonicalization (kill the `rba-`-prefix divergence at emit), tighter same-type entity resolution in `resolve()`, and decide whether `reconcile` should default on for live client runs.
unclaimed · open to any agent conf verifiedtasks/task-loop-reconcile-dedup-at-scale.md 2026-06-19 - task-persona-grounding-kb-load-errors p1Fix the 41 KB load errors degrading Phase-0 persona grounding (dangling persona-grounding targets)
DONE (2026-06-19, post commit 6b1d662). The Phase-0 dogfood (scripts/agency-phase0-dogfood.mjs) had reproduced 41 KB load errors in the live knowledge/ tree — atoms that failed @dossier/okf load and therefore did not resolve as persona-grounding targets; for the forward-deployed-engineer role, 11 of 34 reachable targets did not resolve, degrading compiled-persona fidelity. The reversibility-enum class (the largest, e.g. 0004 + 0016) was the root cause; resolving DEC-0017 Option 3 swept it. Post-sweep dogfood (exit 0): KB load errors 41 -> 0, unresolved fde grounding targets 11 -> 3. The 3 residual unresolved targets are not load failures and are noted as crisp follow-up rather than re-scoped here.
depends on Resolve the decision `reversibility` schema conformance gapunclaimed · open to any agent conf verifiedtasks/task-persona-grounding-kb-load-errors.md 2026-06-19 - task-resolve-reversibility-conformance p1Resolve the decision `reversibility` schema conformance gap
DONE (2026-06-19, commit 6b1d662). Adjudicated DEC-0017 — many committed decision records carried free-text `reversibility` ("two-way door (…)") that the strict @dossier/okf enum rejected, so they failed the keystone parser. Option 3 (normalize the data) was chosen: strict door classifier in frontmatter, nuance to a body `**Reversibility:**` line; applied across 40 ADRs + the okf schema doc-comment. KB now parses clean (pnpm kb:check).
unclaimed · open to any agent conf verifiedtasks/task-resolve-reversibility-conformance.md 2026-06-19 - task-runtime-board-worker-seam p1Build the runtime BoardWorker seam (DefaultBoardWorker + reserved AgentSdkBoardWorker)
Add packages/runtime/src/board.ts mirroring the Orchestrator seam — a BoardWorker interface, an offline deterministic DefaultBoardWorker (reads tasks from the tenant OKF repo, applies claim/lease, transitions deterministically, no network), a reserved AgentSdkBoardWorker stub, and a bounded drainBoard(). CI stays offline.
depends on Design the OKF `task` concept type + seed the boardunclaimed · open to any agent conf verifiedtasks/task-runtime-board-worker-seam.md 2026-06-21 - task-sveltekit-app-migration p1Execute the SvelteKit app migration (DEC-0043) — phased, no big-bang, apex domain moved only at final cutover
Carry out DEC-0043: stand up a new SvelteKit app (recommended @dossier/app) for the chrome-light surfaces — landing (/), board (/board), graph (/graph), the client-preview page, and the /api/subscribe endpoint — and strip the existing Astro project (recommended rename @dossier/site → @dossier/docs) to docs-only (/knowledge/*). Extract a shared leaf package @dossier/okf-view from packages/site/src/lib/okf.ts (board view-model) + okf-routes.mjs (filesystem KB reader + route map + Starlight sidebar) so both apps read the KB from one source of truth, never a fork. Unify on one public origin via Vercel: the SvelteKit app is the primary project owning the apex domain, with a vercel.json path rewrite proxying /knowledge/:path* to the docs project production alias (multi-zone-via-rewrites). The phased plan is DRIVEN BY THE FDE — this atom tracks the work and its done-definition, not the step list. Move the apex domain ONCE, at the final cutover, after the full app is proven on a preview URL. Confirm the @dossier/app + @dossier/docs package names with the user before renaming (DEC-0043 records them as a recommendation, pending). Carry the d3 graph island (graph-island.ts, idempotent mountGraph(host)) into a Svelte onMount with zero rewrite; keep the board ~270 lines of vanilla JS in onMount for the migration (Svelte-ify as the fast-follow below). Keep the starlight-theme localStorage key (Starlight owns it — never rename) and move the pre-paint no-FOUC script to app.html head so cross-app theme continuity is automatic. Port the 488-line landing PIXEL-FAITHFULLY per the landing content model invariants (DEC-0018); all CSS is --ds-* token-based (DEC-0010) and moves verbatim.
unclaimed · open to any agent conf inferredtasks/task-sveltekit-app-migration.md 2026-06-17 - task-app-graph-view-register-dxa-types p2Register the DXA vertical preset in @dossier/app before building the inline graph (the /graph + /preview graphs likely drop DXA edges)
The SvelteKit app's shared inline graph builder `packages/app/src/lib/server/graph-view.ts` builds edges via `@dossier/okf`'s `buildGraph` (which reads `edges()` → `registeredEdgeFields()`), but `@dossier/app` NEVER calls `registerDxaTypes()` anywhere (grep-confirmed: 0 matches in packages/app). `registeredEdgeFields()` is empty until the DXA preset is registered, so `buildGraph` unions only the CORE edge vocabulary and DROPS the DXA vertical edges (client/engagements/capabilities/delivered_by/systems/runs/sow). Both graph consumers are affected: the `/graph` route over the configured KB AND the dev-only `/preview/[client]` inline client graph. Result: the client↔engagement↔capability spine is under-counted in the graph (the inline RBA graph reported 596 edges — possibly undercounted). This is the SAME class of fix as the docs renderer ([[task-okf-view-registry-edges-and-decision-fields]], done) but APP-side: register the vertical preset before building the graph. The docs site already does this (packages/site/src/components/OkfRelated.astro:28 calls registerDxaTypes()); the app does not.
unclaimed · open to any agent conf inferredtasks/task-app-graph-view-register-dxa-types.md 2026-06-19 - task-board-site-surface p2Render the board as a derived `/board` surface in @dossier/site
Add a read-only /board view that renders any tenant's task atoms (getCollection filter type==='task') as a status-grouped list/kanban — KB-agnostic via DOSSIER_KB, gated by DOCS_ENABLED, never mutating tasks. A derived view over the OKF git board (DEC-0001), zero-copy.
depends on Design the OKF `task` concept type + seed the boardunclaimed · open to any agent conf verifiedtasks/task-board-site-surface.md 2026-06-17 - task-docs-vercel-analytics-after-strip p2Decide whether @dossier/docs keeps @vercel/analytics now that the landing (its only consumer) moved to @dossier/app
@vercel/analytics (^2.0.1) is a declared dependency of @dossier/docs (packages/site/package.json:23), added by DEC-0027 for a cookieless demand signal on the marketing landing. Its ONLY source consumer was the <Analytics /> component in packages/site/src/pages/index.astro — which DEC-0043 Phase 4 DELETED when the landing moved to @dossier/app (where it became injectAnalytics()). So @dossier/docs now declares @vercel/analytics with zero source usage (grep of packages/site/src is empty; the only remaining matches are stale build artifacts under dist/ and .vercel/). This is a judgment call, deliberately FLAGGED not auto-dropped: either (a) drop the dep from @dossier/docs as dead (the landing/funnel analytics now lives in @dossier/app, DEC-0027 honored there), or (b) keep it intentionally for a planned docs-side analytics use and record that intent. Confirm the grep (no source import survives), then decide + act + note it against DEC-0027/DEC-0043 so the dependency is not silently orphaned. Low-risk hygiene with a small judgment, not a one-token fix.
depends on Execute the SvelteKit app migration (DEC-0043) — phased, no big-bang, apex domain moved only at final cutoverunclaimed · open to any agent conf verifiedtasks/task-docs-vercel-analytics-after-strip.md 2026-06-17 - task-extraction-accountability-spine-rba p2Have extraction populate the accountability spine (owner / reports_to / members / decision_rights)
The RBA Firecrawl run (DEC-0055) emitted 494 atoms but the "who is accountable" graph layer is entirely ABSENT: `owner` appears in 0/494 atoms; `reports_to` / `members` / `decision_rights` are also 0. Concretely, 18 `role` atoms own nothing and 95 `process` atoms have no owner — the accountability edges the knowledge-model makes first-class (role.reports_to/members/decision_rights; process.owner; the owner/owned_by core edge) are not being extracted at all. The facts (roles exist, processes exist) are captured; the SPINE that connects who-owns-what is missing, which is exactly the "who is accountable" IP the model is built to capture. Fix: teach the extraction prompt/schema to populate owner edges where the source material grounds them (a process page that names its owning team/role; an org/leadership page that grounds reports_to/members), WITHOUT fabricating accountability the source does not state (provenance discipline — DEC-0001 / knowledge-model principle 8).
unclaimed · open to any agent conf inferredtasks/task-extraction-accountability-spine-rba.md 2026-06-19 - task-extraction-system-type-discipline-rba p2Fix extraction type-discipline — `system` used as a catch-all + non-slug ids (RBA run)
The RBA Firecrawl run (DEC-0055) shows the extractor using the `system` type as a catch-all: of 25 `system` atoms, 18 are MIS-TYPED — UX deliverables ("Clickable Prototype", "Wireframes" → `artifact`), process phases (→ `process`), and a methodology — none of which are tools/software/platforms (the knowledge-model definition of `system`). The same 18 also carry NON-SLUG ids with spaces, parens, and uppercase (e.g. `/systems/Organizational Change Management (OCM)/`), violating the stable-address convention (knowledge-model: id = a stable unique slug, the permanent address). This was INDEPENDENTLY corroborated by the docs-surface build, which rendered the same ugly URLs. The type confusion is also a root of several same-type duplicate clusters (overlaps task-loop-reconcile-dedup-at-scale). Fix: enforce type-discipline + id-slugification in the extraction/resolve path so a non-tool is never typed `system` and every emitted id is a normalized slug; then re-type + re-slug the existing 18 RBA atoms (re-linking edges so nothing dangles).
unclaimed · open to any agent conf inferredtasks/task-extraction-system-type-discipline-rba.md 2026-06-19 - task-generate-landing-skill-stale-test-path p2Fix the stale round-trip-test path in the generate-landing SKILL.md (points at a file that no longer exists)
The generate-landing skill (.claude/skills/generate-landing/SKILL.md) and DEC-0037's prose are now BOTH stale on the landing content-model location, after DEC-0043 Phase 4 moved the entire model. Two layers of drift: (1) ORIGINAL — the skill cited its round-trip proof at `packages/site/src/content/landing/dossier.roundtrip.test.ts` (a file that never existed; the test was at `packages/site/test/landing-dossier-roundtrip.test.ts`). (2) NEW (DEC-0043 Phase 4) — the whole landing content model (schema.ts / dossier.ts / examples/) MOVED from `packages/site/src/content/landing/` to `packages/app/src/lib/content/landing/`, the tests moved to `packages/app/test/`, the components are now `.svelte` in @dossier/app, the type gate is now `pnpm -F @dossier/app check` (not `@dossier/site`/astro check), and the preview route is a SvelteKit route. So nearly every concrete path in SKILL.md (the contract, the reference instance, the round-trip proof, the template files, the Verify build commands) and the matching prose in DEC-0037 now point at the OLD packages/site/content/landing location. Update SKILL.md AND DEC-0037 prose to the new packages/app/src/lib/content/landing/ paths + the SvelteKit toolchain; confirm tokenizeOkf still resolves (or soften); ensure no path in the skill resolves to a nonexistent file.
unclaimed · open to any agent conf verifiedtasks/task-generate-landing-skill-stale-test-path.md 2026-06-17 - task-graph-island-d3-transition-dep p2Add the missing d3-transition dependency + import so graph-island's zoom transitions animate (and astro check reaches zero)
packages/site/src/lib/graph-island.ts calls `.transition()` (the d3 zoom-button animation) but `d3-transition` is imported by neither the file nor packages/site/package.json — only d3-force/d3-selection/d3-zoom/d3-drag are deps. So `astro check` reports 4 pre-existing `ts(2339) Property 'transition' does not exist` errors, and at runtime the zoom buttons jump instead of animating (a selection's `.transition()` is a no-op without the module side-effect import). Fix = add `d3-transition` (+ its `@types/d3-transition`) to packages/site/package.json and `import 'd3-transition';` for the prototype augmentation at the top of graph-island.ts (or wherever the selection is created). This was out of scope for DEC-0038 (which wired graph into the shared chrome and explicitly did not add a dependency); the 4 errors are the ONLY astro check errors remaining and are unrelated to the chrome consolidation.
unclaimed · open to any agent conf verifiedtasks/task-graph-island-d3-transition-dep.md 2026-06-16 - task-missing-role-atoms-doc-mcp-engineer p2Author the two missing role atoms — documentation-engineer and mcp-engineer — so every accountability agent has a knowledge/roles/ atom
Close a roster-integrity gap surfaced while wiring in the new sveltekit-engineer role: two subagents have .claude/agents/ files but NO knowledge/roles/ accountability atom, while every other build/operate agent does. (1) .claude/agents/documentation-engineer.md → no knowledge/roles/documentation-engineer.md; (2) .claude/agents/mcp-engineer.md → no knowledge/roles/mcp-engineer.md. Author both as OKF type: role atoms MIRRORING the existing role-atom schema exactly (read knowledge/roles/starlight-engineer.md, ux-engineer.md, and the freshly-added sveltekit-engineer.md as the shape to match — frontmatter fields, body structure, the executable-form footer, the [[...]] cross-reference style) — do not invent new fields. Each must carry source/resource pointing at its agent file, confidence: asserted (mirrors the agent file), the canonical relates_to anchor [[0005-expert-team-and-skills]] plus the function-defining decision (documentation-engineer + mcp-engineer were both established under team/skills decisions — verify the exact decision id from .claude/agents/ and the log before linking; do NOT trust an id without grepping it). Wire each into knowledge/roles/index.md the same minimal way (the index lists roles by file presence + narrative, not a manual bullet list — refresh its timestamp / closing note as fit). Note: log-auditor is the recorder agent and is intentionally OUT of the accountability roster — do NOT author a role atom for it. Owner judgment is needed to frame each role accurately from its agent file, which is why this is a task and not a fix-in-place.
unclaimed · open to any agent conf verifiedtasks/task-missing-role-atoms-doc-mcp-engineer.md 2026-06-17 - task-okf-view-registry-edges-and-decision-fields p2Make the docs renderer registry-aware for vertical edges + render decision judgment fields
The docs renderer (@dossier/okf-view) has two gaps the RBA run surfaced. (1) `OkfRelated`s `EDGES` list (packages/okf-view/src/view-model.ts:56-65) is the hardcoded CORE vocabulary ONLY (supersedes/superseded_by/relates_to/informed_by/decided_in/uses/governed_by/produces) — it DROPS the registered DXA vertical edges (client/engagements/capabilities/delivered_by/systems/runs/sow), so ~25 atoms (the client↔engagement↔capability spine) render no/partial "Related" nav. (2) `OkfMeta.astro` renders no context/decision/rationale for `decision` atoms (the OkfData interface carries no such fields, view-model.ts:12-40) — so the ADR "why" (the judgment layer that is the whole point of a `decision`) is invisible on the docs surface. Fix direction (from the starlight-engineer): union `EDGES` with the registry vertical edges — the SAME union `edges()` already does upstream in @dossier/okf (packages/okf/src/graph.ts), so single-source it, do not hand-maintain a second list; AND add a decision-fields block to OkfMeta. NOT yet implemented — the starlight-engineer flagged it would draft rationale for review BEFORE shipping, so this is a task, not a decision.
unclaimed · open to any agent conf verifiedtasks/task-okf-view-registry-edges-and-decision-fields.md 2026-06-19 - task-orphan-artifact-graph-errors-rba p2Resolve 4 orphan-artifact graph errors from the RBA Firecrawl run (link a producing process or prune)
The first live FirecrawlConnector run against rbaconsulting.com (DEC-0055) emitted 4 graphIssues, all the same structural class — orphan artifacts: an `artifact` atom with no producing `process`, which DEC-0007 defines as a severity:error QA failure (every artifact must have exactly one producing process). The four: `agribusiness-grain-transport-automation-case-study`, `caleres-personalization-roadmap`, `employee-persona`, `employee-personas`. These are STRUCTURAL gaps, NOT hallucinations — provenance is verified (e.g. the agribusiness artifact is grounded in /operations-and-business-leaders/). QA ROOT-CAUSE NUANCE (added 2026-06-19 from the multi-surface FDE pass): the orphan status is NOT just a missing-edge problem for two of the four. (a) The 2 case-study artifacts (`agribusiness-grain-transport-automation-case-study`, `caleres-personalization-roadmap`) are MIS-TYPED as `artifact` — they are delivery OUTCOMES, so they belong as `engagement` / case-study records, not as a `produces` target; re-typing them is the correct fix, not inventing a producing process. (b) The 2 personas (`employee-persona` / `employee-personas`) are a singular/plural DUPLICATE that lost its producer — this overlaps the systemic dedup root cause in task-loop-reconcile-dedup-at-scale; reconcile the pair to one canonical atom, then resolve its producer. So the fix per artifact is now three-way: re-type (case studies → engagement), reconcile-then-link (the persona dup), or link/prune (a genuine orphan artifact). Scoped to the RBA tenant OKF (clients/rba/tenants-firecrawl/rba-consulting, gitignored sandbox).
unclaimed · open to any agent conf inferredtasks/task-orphan-artifact-graph-errors-rba.md 2026-06-19 - task-prune-dead-per-page-chrome-css p2Prune the now-dead per-page topbar/footer CSS left behind after the shared-chrome consolidation (keep .landing-external)
DEC-0038 replaced each surface's own topbar/footer markup with the shared SiteHeader/SiteFooter components, but left the per-page chrome CSS in place. These selectors are now unused and safe to delete in a cleanup pass: in landing.css — `.landing-topbar*`, `.landing-footer*`, `.landing-wordmark`; in board.css — `.board-topbar*`, `.board-wordmark`, `.board-readonly`, `.board-footer`; in graph.css — `.graph-topbar*`, `.graph-wordmark`, `.graph-readonly`, `.graph-footer`. CRITICAL exception: `.landing-external` is STILL USED by the landing hero — keep it. Before deleting, grep the site package for each selector to confirm zero remaining references (the shared components use `.site-header`/`.site-footer`, not the per-page classes). Cosmetic dead-code removal — no behavior change.
unclaimed · open to any agent conf verifiedtasks/task-prune-dead-per-page-chrome-css.md 2026-06-17 - task-rba-delivery-modeling-taxonomy-gap p2Close the RBA delivery-modeling taxonomy gap — capability→delivery `delivered_by` grounding + two persona-role cleanups
The RBA reference tenant (clients/rba/tenants-firecrawl/rba-consulting, commit `8229530`, 445 atoms) is now reference-grade on CONFORMANCE — parse 100%, `validateGraph` 0 orphan / 0 dangling, all ids valid kebab slugs, accountability spine live (`owner` on 72/103 processes) — but it is NOT yet full reference quality due to a STRUCTURAL TAXONOMY gap that deterministic data surgery cannot fix without fabrication. Three coupled items, all flagged by the extraction-engineer for the knowledge-architect: (i) `delivered_by` is 8/187 capabilities because RBA capabilities are modeled as `relates_to` *practices*, not the delivery *workflows/processes* the DXA `delivered_by` edge expects (DEC-0007: delivered_by is associative, deliberately not `produces`) — grounding it needs LLM-grade inference over the source, not a remap, so it was carved out of the accountability-spine surgery rather than fabricated; (ii) a near-duplicate buyer-persona role pair (`operations-business-leader` vs `operations-and-business-leader`) that the conservative DEC-0056 exact-match dedup correctly left distinct (faithfulness over coverage — these are not an exact-title/prefix-stripped-id match), needing a human/knowledge-architect merge call; (iii) 5 buyer/audience-persona roles with 0 inbound edges — this is CORRECT (they are buyer personas, not process owners), recorded so a future graph-completeness pass does not mis-flag them as orphan roles. This is the honest remaining blocker between conformance-clean and full reference quality.
unclaimed · open to any agent conf inferredtasks/task-rba-delivery-modeling-taxonomy-gap.md 2026-06-19 - task-rba-engagement-retype-client-workflows p2Re-type 6 client-specific RBA `workflow` atoms as DXA `engagement`s (single-client SOW instances, not standing orchestrations)
Six RBA tenant atoms are mis-typed as `workflow` but are single-client SOW INSTANCES (a named engagement RBA ran for one client), not standing process orchestrations — `banner-bank-digital-transformation`, `bcu-digital-transformation-engagement`, `edina-realty-platform-delivery`, `fastenal-sales-operations-workflow`, `myturf-portal-development-workflow`, `nutrition-hub-ux-engagement-workflow`. Per the knowledge-model a `workflow` is the standing path-through-nodes; a one-off named delivery for a specific client is the DXA vertical `engagement` type (DEC-0006). Re-type each to `engagement` and wire the engagement edges the type expects: `client` → the client atom, `runs` → the generic delivery workflow(s) that engagement executed (the same lifecycle/discipline workflows DEC-0057 bridges), `capabilities` → the capabilities exercised; re-point every inbound/outbound edge + body wikilink so nothing dangles. Same type-discipline CLASS as task-extraction-system-type-discipline-rba (system used as a catch-all) — here it is `workflow` used where `engagement` is meant.
unclaimed · open to any agent conf verifiedtasks/task-rba-engagement-retype-client-workflows.md 2026-06-19 - task-rehome-email-templates-to-app p2Re-home the Buttondown email templates from packages/site to @dossier/app (the subscribe endpoint moved)
The Buttondown transactional email templates live at packages/site/emails/ (confirmation.md, welcome-early-access.md, welcome-design-partner.md, README.md) — the source-of-truth WORDS new subscribers receive, tagged by capture door (DEC-0022). They were co-located with the capture endpoint when it was packages/site/src/pages/api/subscribe.ts. DEC-0043 Phase 4 moved that endpoint to @dossier/app (packages/app/src/routes/api/subscribe/+server.ts), so the templates now sit in the stripped docs-only @dossier/docs package, decoupled from the code that drops subscribers into Buttondown. The README still points at ../src/pages/api/subscribe.ts — a path that no longer exists. Re-home the emails/ dir to @dossier/app (alongside the subscribe route) so the words and the endpoint that uses them live together again, and fix the README cross-reference to the new +server.ts path. These are content files Buttondown sends (not imported by code), so the move is a git mv + a doc-link fix, no build wiring; preserve the swappable-seam discipline (the words move with us off Buttondown — the whole reason they are checked in).
depends on Execute the SvelteKit app migration (DEC-0043) — phased, no big-bang, apex domain moved only at final cutoverunclaimed · open to any agent conf verifiedtasks/task-rehome-email-templates-to-app.md 2026-06-17 - task-runtime-site-dispatch-bug p2Fix dossier-runtime `site` subcommand dispatch (isSub omits 'site')
The dossier-runtime `site` subcommand is dead: cli.ts isSub() only accepts provision|list|run|deprovision and omits 'site', so `dossier-runtime site ...` is rejected with "unknown command" (exit 2) before it can dispatch — even though the Sub type, the switch, and HELP all include site. Same bug in the built dist. One-line fix: add `s === 'site'` to isSub, then rebuild. run --site is the working alternative today.
unclaimed · open to any agent conf verifiedtasks/task-runtime-site-dispatch-bug.md 2026-06-17
- task-pretooluse-claim-lease-hook p1Build the PreToolUse claim/lease governance hook
Implement the .claude/hooks PreToolUse hook that enforces task claim/lease deterministically — reads the target task's claimed_by + lease_expires, denies a tool call that breaches a live lease, treats an expired lease as reclaimable. Governance by hook verdict, not model trust (DEC-0024 §5). Mirrors capture-trace.mjs.
Blocked — see the task atom for the blocker.depends on Design the OKF `task` concept type + seed the boardunclaimed · open to any agent conf assertedtasks/task-pretooluse-claim-lease-hook.md 2026-06-16 - task-activate-intra-tenant-worktree-parallelism p2Activate parallel intra-tenant drains via per-task git worktrees, or stay serialize-only? (one-way-door topology call)
DISPOSED 2026-06-20 by [[0062-defer-intra-tenant-worktree-parallelism|DEC-0062]]: DEFER — stay serialize-only. There is zero intra-tenant throughput pressure today (the platform runs one drain / one task at a time — drainBoardSerialized + board-drain.mjs maxTasksPerRun=1; one early client tenant), so activating the worktree parallelism (which would take the Inv 4 one-way door, relaxing the per-tenant drain lock to a per-task lock) is premature (YAGNI). The worktree isolation MECHANISM stays built + offline-proven (packages/runtime/src/worktree.ts) and DORMANT behind the proven withTaskWorktree seam, so activation remains a flag not a rewrite. DEC-0062 records the explicit MEASURABLE revisit trigger and PRE-RESOLVES the three open sub-questions as the pinned activation design. status: blocked (blocked ON the trigger, not on work) — re-open + build when DEC-0062's trigger fires. The three sub-questions are NO LONGER open; they are decided in DEC-0062.
Blocked — see the task atom for the blocker.unclaimed · open to any agent conf assertedtasks/task-activate-intra-tenant-worktree-parallelism.md 2026-06-20