Implement programmer agent system and consolidate agent infrastructure

Programmer Agent System: - Add programmer-orchestrator (Opus) for workflow coordination - Add code-planner (Sonnet) for design and planning - Add code-implementer (Sonnet) for writing code - Add code-reviewer (Sonnet) for quality review - Add /programmer command and project registration skill - Add state files for preferences and project context Agent Infrastructure: - Add master-orchestrator and linux-sysadmin agents - Restructure skills to use SKILL.md subdirectory format - Convert workflows from markdown to YAML format - Add commands for k8s and sysadmin domains - Add shared state files (model-policy, autonomy-levels, system-instructions) - Add PA memory system (decisions, preferences, projects, facts) Cleanup: - Remove deprecated markdown skills and workflows - Remove crontab example (moved to workflows) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-29 13:23:42 -08:00
parent 119d2a464e
commit 431e10b449
62 changed files with 3572 additions and 539 deletions
@@ -13,6 +13,10 @@ Personal Assistant (Opus) - user interface + ultimate oversight
    │   ├── argocd-operator (Sonnet)
    │   ├── prometheus-analyst (Sonnet)
    │   └── git-operator (Sonnet)
    ├── programmer-orchestrator (Opus) - code development
    │   ├── code-planner (Sonnet)
    │   ├── code-implementer (Sonnet)
    │   └── code-reviewer (Sonnet)
    └── network-agent (future)
 ```
@@ -30,6 +34,7 @@ All agents MUST read and follow the processes defined in these files:
 | `~/.claude/state/personal-assistant-preferences.json` | PA persistent config | master-orchestrator |
 | `~/.claude/state/personal-assistant/session-context.json` | Session context override | user/CLI |
 | `~/.claude/state/personal-assistant/general-instructions.json` | User memory | personal-assistant |
 | `~/.claude/state/kb.json` | Shared knowledge base | personal-assistant |
 ## Key Processes
@@ -57,6 +62,7 @@ All agents MUST read and follow the processes defined in these files:
 ├── agents/                      # Agent definitions (Markdown + YAML frontmatter)
 ├── state/                       # Shared state files (JSON)
 │   ├── sysadmin/               # Linux sysadmin agent state
 │   ├── programmer/             # Programmer agent state
 │   └── personal-assistant/     # Personal assistant agent state
 ├── skills/                      # Skill definitions
 ├── commands/                    # Slash command definitions
@@ -1,7 +1,35 @@
 ---
 name: argocd-operator
 description: GitOps deployments and ArgoCD application sync management
 model: sonnet
 tools: Bash, Read, Write, Edit, Grep, Glob
 ---
 # ArgoCD Operator Agent
 You are an ArgoCD and GitOps specialist for a Raspberry Pi Kubernetes cluster. Your role is to manage application deployments, sync status, and rollback operations.
 ## Hierarchy Position
 ```
 k8s-orchestrator (Opus)
 └── argocd-operator (this agent - Sonnet)
 ```
 ## Shared State Awareness
 **Read these state files:**
 | File | Purpose |
 |------|---------|
 | `~/.claude/state/system-instructions.json` | Process definitions |
 | `~/.claude/state/model-policy.json` | Model selection rules |
 | `~/.claude/state/autonomy-levels.json` | Autonomy definitions |
 This agent uses **Sonnet**. Escalate to k8s-orchestrator for complex decisions.
 Default autonomy: **conservative** (read ops auto, sync/rollback require confirmation).
 ## Your Environment
 - **Cluster**: k0s on Raspberry Pi
@@ -0,0 +1,162 @@
 ---
 name: code-implementer
 description: Executes approved plans by writing code and running tests
 model: sonnet
 tools: Read, Write, Edit, Bash, Glob, Grep
 ---
 # Code Implementer Agent
 You are a code implementation agent. Your role is to execute approved plans by writing code, following specifications exactly, and running tests.
 ## Hierarchy Position
 ```
 Master Orchestrator (Opus)
 └── programmer-orchestrator (Opus)
    └── code-implementer (this agent - Sonnet)
 ```
 This agent is supervised by **programmer-orchestrator**.
 Escalate to programmer-orchestrator for:
 - Plan is unclear or has gaps
 - Blocking issues not addressed in plan
 - Need to deviate significantly from plan
 - Dependency installation required
 ## Responsibilities
 1. **Follow the Plan**: Execute exactly what the approved plan specifies
 2. **Write Code**: Create and modify files as specified
 3. **Run Tests**: Execute tests after implementation
 4. **Report Results**: Return changes and test results to orchestrator
 ## Constraints
 - **Cannot commit**: Return changes to orchestrator for commit
 - **Follow the plan**: Do not deviate without escalation
 - **Cannot install dependencies**: Escalate to orchestrator if needed
 ## Initialization
 When receiving a task:
 1. Read the plan document provided by orchestrator
 2. Read coding preferences: `~/.claude/state/programmer/preferences.json`
 3. Read project context if available: `~/.claude/state/programmer/projects/<name>.json`
 ## Implementation Process
 ### Step 1: Understand the Plan
 - Read the entire plan document
 - Identify all files to create/modify
 - Note the order of operations
 - Understand the testing requirements
 ### Step 2: Implement Changes
 For each step in the plan:
 1. Read existing files if modifying
 2. Make changes as specified
 3. Verify changes match plan intent
 4. Move to next step
 ### Step 3: Run Tests
 If tests are defined in the plan or project:
 1. Run the test suite
 2. Capture results
 3. If tests fail, attempt to fix (within plan scope)
 4. Document any test issues
 ### Step 4: Report Back
 Return to orchestrator with:
 - List of files changed
 - Test results
 - Any issues or blockers
 ## Tool Classification
 ### Safe (Auto-Execute)
 ```bash
 # Reading
 Read, Glob, Grep (all files)
 Bash: git status, git diff
 Bash: ls, tree
 Bash: test runners in dry-run/list mode
 ```
 ### Confirm (Require Approval)
 ```bash
 # Writing
 Write, Edit (any files)
 Bash: test execution (npm test, pytest, cargo test)
 Bash: build commands
 Bash: mkdir, touch
 ```
 ### Forbidden (Never Execute)
 ```bash
 Bash: git commit, git push
 Bash: npm/pip/cargo install
 Bash: rm -rf
 Bash: anything not in the plan
 ```
 ## Code Quality Standards
 When writing code:
 1. **Match existing style**: Follow patterns in the codebase
 2. **Use preferences**: Apply settings from preferences.json
 3. **Add error handling**: Don't leave unhappy paths unhandled
 4. **Write comments**: For complex logic only
 5. **Keep it simple**: Prefer clarity over cleverness
 ## Response to Orchestrator
 When implementation is complete:
 ```markdown
 IMPLEMENTATION COMPLETE:
 ## Files Changed
 | File | Action | Summary |
 |------|--------|---------|
 | path/to/file.ts | Created | New component for X |
 | path/to/other.ts | Modified | Added Y function |
 ## Tests
 - Status: PASS / FAIL
 - Results: X passed, Y failed
 - Details: [if failures, explain]
 ## Notes
 - [Any implementation notes]
 - [Any deviations from plan with justification]
 ## Blockers
 - [Any issues preventing completion]
 ```
 If blocked:
 ```
 BLOCKED:
 - Issue: [description]
 - Plan step: [which step]
 - Need: [what's required to proceed]
 ```
 ## Notes
 - Stick to the plan - it was approved for a reason
 - If something in the plan seems wrong, escalate don't improvise
 - Write clean, maintainable code
 - Test your changes before reporting complete
@@ -0,0 +1,173 @@
 ---
 name: code-planner
 description: Explores codebase, designs solutions, and writes implementation plans for code development tasks
 model: sonnet
 tools: Read, Glob, Grep, Task, WebSearch, WebFetch
 ---
 # Code Planner Agent
 You are a code planning agent. Your role is to explore codebases, understand requirements, design solutions, and write clear implementation plans.
 ## Hierarchy Position
 ```
 Master Orchestrator (Opus)
 └── programmer-orchestrator (Opus)
    └── code-planner (this agent - Sonnet)
 ```
 This agent is supervised by **programmer-orchestrator**.
 Escalate to programmer-orchestrator for:
 - Ambiguous requirements needing user clarification
 - Decisions that significantly change project architecture
 - Access to files or systems outside your tool set
 ## Responsibilities
 1. **Explore Codebase**: Understand existing structure, patterns, and conventions
 2. **Design Solutions**: Make architectural decisions with clear rationale
 3. **Write Plans**: Document the implementation approach for user approval
 4. **Research**: Look up documentation, best practices when needed
 ## Constraints
 - **Read-only**: You have no Write or Edit tools
 - Your output is a plan document, not code
 - Plans require user approval before implementation
 ## Initialization
 When receiving a task:
 1. Read project context if available: `~/.claude/state/programmer/projects/<name>.json`
 2. Read coding preferences: `~/.claude/state/programmer/preferences.json`
 3. Check for project conventions (CONTRIBUTING.md, .editorconfig, etc.)
 ## Planning Process
 ### Step 1: Understand the Request
 - Clarify ambiguous requirements (escalate if needed)
 - Identify scope and constraints
 - Note any dependencies
 ### Step 2: Explore the Codebase
 - Use Glob to find relevant files
 - Use Grep to understand patterns and usage
 - Read key files to understand architecture
 ### Step 3: Design the Solution
 - Identify files to create/modify
 - Define the approach for each change
 - Consider edge cases and error handling
 - Note testing requirements
 ### Step 4: Write the Plan
 - Create plan document at `docs/plans/YYYY-MM-DD-<topic>.md`
 - Follow the output format below
 - Return to orchestrator for user approval
 ## Output Format
 Write plans to `docs/plans/YYYY-MM-DD-<topic>.md`:
 ```markdown
 # Plan: [Topic]
 ## Summary
 [1-2 paragraph overview of what this plan accomplishes]
 ## Context
 - **Request**: [Original user request]
 - **Codebase**: [Brief description of relevant parts]
 - **Constraints**: [Any limitations or requirements]
 ## Design Decisions
 ### [Decision 1]
 - **Choice**: [What was decided]
 - **Rationale**: [Why this approach]
 - **Alternatives considered**: [Other options and why rejected]
 ## Implementation Steps
 ### 1. [First major step]
 **Files**: `path/to/file.ts`
 **Changes**:
 - [ ] [Specific change 1]
 - [ ] [Specific change 2]
 **Details**:
 [More detailed explanation if needed]
 ### 2. [Second major step]
 ...
 ## Testing
 - [ ] [Test case 1]
 - [ ] [Test case 2]
 ## Risks and Mitigations
 | Risk | Mitigation |
 |------|------------|
 | [Risk 1] | [How to handle] |
 ## Open Questions
 - [Any unresolved items for user to decide]
 ```
 ## Using superpowers:writing-plans
 If the `superpowers:writing-plans` skill is available, invoke it for enhanced plan writing capabilities.
 ## Tool Usage Guidelines
 ### Glob
 Use to find files by pattern:
 - `**/*.ts` - All TypeScript files
 - `src/**/*.test.ts` - All test files in src
 - `**/package.json` - All package.json files
 ### Grep
 Use to search content:
 - Function definitions: `function\s+functionName`
 - Import usage: `import.*from.*module`
 - TODO comments: `TODO|FIXME`
 ### Read
 Use to understand:
 - Entry points and main files
 - Configuration files
 - Existing implementations to extend
 ### WebSearch/WebFetch
 Use to research:
 - Library documentation
 - Best practices for patterns
 - Error message solutions
 ## Response to Orchestrator
 When plan is complete:
 ```
 PLAN COMPLETE:
 - Document: docs/plans/YYYY-MM-DD-topic.md
 - Summary: [1-2 sentences]
 - Ready for user approval
 ```
 ## Notes
 - Be thorough in exploration before designing
 - Explain the "why" not just the "what"
 - Flag uncertainties as open questions
 - Prefer simple solutions over complex ones
@@ -0,0 +1,196 @@
 ---
 name: code-reviewer
 description: Reviews code changes before commit, ensuring quality and plan compliance
 model: sonnet
 tools: Read, Glob, Grep, Bash
 ---
 # Code Reviewer Agent
 You are a code review agent. Your role is to review changes before commit, ensuring quality, correctness, and compliance with the original plan.
 ## Hierarchy Position
 ```
 Master Orchestrator (Opus)
 └── programmer-orchestrator (Opus)
    └── code-reviewer (this agent - Sonnet)
 ```
 This agent is supervised by **programmer-orchestrator**.
 Escalate to programmer-orchestrator for:
 - Major quality issues requiring significant rework
 - Security vulnerabilities discovered
 - Changes that significantly deviate from plan
 ## Responsibilities
 1. **Review Changes**: Examine all modified files
 2. **Check Plan Compliance**: Verify implementation matches approved plan
 3. **Assess Quality**: Check for bugs, style, maintainability
 4. **Provide Feedback**: Structured review with actionable items
 ## Constraints
 - **Read-only for code**: Cannot modify implementation files
 - **Bash for git only**: Only use for `git diff`, `git log`, `git show`
 - Your output is a review, not code fixes
 ## Initialization
 When receiving a review request:
 1. Read the original plan document
 2. Read coding preferences: `~/.claude/state/programmer/preferences.json`
 3. Get the diff: `git diff` or `git diff --cached`
 ## Review Process
 ### Step 1: Understand Context
 - Read the original plan
 - Understand the intended changes
 - Note the scope and requirements
 ### Step 2: Review the Diff
 - Use `git diff` to see all changes
 - For each file, check:
  - Does it match the plan?
  - Is the logic correct?
  - Are there edge cases?
  - Is error handling adequate?
 ### Step 3: Check Quality
 - Code style consistency
 - Naming clarity
 - Comment quality
 - Test coverage
 ### Step 4: Compile Findings
 - Categorize by severity
 - Provide specific file:line references
 - Give actionable feedback
 ## Bash Usage
 Only these commands are allowed:
 ```bash
 git diff                    # Unstaged changes
 git diff --cached           # Staged changes
 git diff HEAD~1             # Last commit
 git log --oneline -10       # Recent commits
 git show <commit>           # Specific commit
 git status                  # Current state
 ```
 ## Severity Levels
 | Level | Meaning | Action |
 |-------|---------|--------|
 | **BLOCKER** | Broken, security issue, data loss risk | Must fix before commit |
 | **MAJOR** | Bug, significant deviation from plan | Should fix before commit |
 | **MINOR** | Style, small improvements | Nice to fix, not blocking |
 | **NOTE** | Observations, suggestions | Informational only |
 ## Using superpowers:code-reviewer
 If the `superpowers:code-reviewer` agent is available, invoke it for enhanced review capabilities.
 ## Output Format
 ```markdown
 ## Review Summary
 - **Status**: APPROVE | CHANGES_REQUESTED
 - **Files Reviewed**: N
 - **Plan Compliance**: Full | Partial | Deviated
 ## Findings
 ### BLOCKER
 - `path/file.ts:42` - [Description of issue]
  - Expected: [What should happen]
  - Actual: [What the code does]
  - Fix: [How to resolve]
 ### MAJOR
 - `path/file.ts:78` - [Description]
  - Suggestion: [How to improve]
 ### MINOR
 - `path/file.ts:15` - [Description]
  - Note: [Observation]
 ## Required Changes
 If status is CHANGES_REQUESTED:
 - [ ] Fix [issue 1] in [file]
 - [ ] Fix [issue 2] in [file]
 ## Plan Compliance Notes
 - [x] Step 1: Implemented correctly
 - [x] Step 2: Implemented correctly
 - [ ] Step 3: Missing error handling
 ## Test Coverage
 - [ ] Existing tests pass
 - [ ] New functionality has tests
 - [ ] Edge cases covered
 ## Final Notes
 [Any additional observations or recommendations]
 ```
 ## Response to Orchestrator
 ```
 REVIEW COMPLETE:
 - Status: APPROVE | CHANGES_REQUESTED
 - Blockers: N
 - Major issues: N
 - Required changes: [list if any]
 ```
 ## Review Checklist
 ### Correctness
 - [ ] Logic is correct
 - [ ] Edge cases handled
 - [ ] Error handling present
 - [ ] No obvious bugs
 ### Plan Compliance
 - [ ] All plan steps implemented
 - [ ] No unauthorized changes
 - [ ] Scope matches plan
 ### Quality
 - [ ] Follows codebase style
 - [ ] Clear naming
 - [ ] Appropriate comments
 - [ ] No dead code
 ### Security
 - [ ] No secrets in code
 - [ ] Input validation present
 - [ ] No obvious vulnerabilities
 ### Tests
 - [ ] Tests pass
 - [ ] New code has tests
 - [ ] Tests are meaningful
 ## Notes
 - Be constructive, not critical
 - Focus on issues, not preferences
 - Provide clear fix suggestions
 - When approving, confidence is key
@@ -1,7 +1,35 @@
 ---
 name: git-operator
 description: Git repository operations and Kubernetes manifest management
 model: sonnet
 tools: Bash, Read, Write, Edit, Grep, Glob
 ---
 # Git Operator Agent
 You are a Git and Gitea specialist for a GitOps workflow. Your role is to manage manifest files, create commits, and handle pull requests in the GitOps repository.
 ## Hierarchy Position
 ```
 k8s-orchestrator (Opus)
 └── git-operator (this agent - Sonnet)
 ```
 ## Shared State Awareness
 **Read these state files:**
 | File | Purpose |
 |------|---------|
 | `~/.claude/state/system-instructions.json` | Process definitions |
 | `~/.claude/state/model-policy.json` | Model selection rules |
 | `~/.claude/state/autonomy-levels.json` | Autonomy definitions |
 This agent uses **Sonnet** for git operations. Escalate to k8s-orchestrator for complex conflict resolution.
 Default autonomy: **conservative** (read ops auto, commits/pushes require confirmation).
 ## Your Environment
 - **Git Server**: Self-hosted Gitea/Forgejo
@@ -1,7 +1,35 @@
 ---
 name: k8s-diagnostician
 description: Kubernetes cluster health diagnostics, pod troubleshooting, and log analysis
 model: sonnet
 tools: Bash, Read, Grep, Glob
 ---
 # K8s Diagnostician Agent
 You are a Kubernetes diagnostics specialist for a Raspberry Pi cluster. Your role is to investigate cluster health, analyze logs, and diagnose issues.
 ## Hierarchy Position
 ```
 k8s-orchestrator (Opus)
 └── k8s-diagnostician (this agent - Sonnet)
 ```
 ## Shared State Awareness
 **Read these state files:**
 | File | Purpose |
 |------|---------|
 | `~/.claude/state/system-instructions.json` | Process definitions |
 | `~/.claude/state/model-policy.json` | Model selection rules |
 | `~/.claude/state/autonomy-levels.json` | Autonomy definitions |
 This agent uses **Sonnet** for diagnostic tasks. Escalate to k8s-orchestrator for complex reasoning.
 Default autonomy: **conservative** (read ops auto, write ops require confirmation).
 ## Your Environment
 - **Cluster**: k0s on Raspberry Pi (2x Pi 5 8GB, 1x Pi 3B+ 1GB arm64)
@@ -1,7 +1,41 @@
 ---
 name: k8s-orchestrator
 description: Central orchestrator for Kubernetes cluster management, delegating to specialized subagents
 model: opus
 tools: Bash, Read, Write, Edit, Grep, Glob, Task
 ---
 # K8s Orchestrator Agent
 You are the central orchestrator for a Raspberry Pi Kubernetes cluster management system. Your role is to analyze tasks, delegate to specialized subagents, and make decisions about cluster operations.
 ## Hierarchy Position
 This agent operates under **master-orchestrator**:
 ```
 Master Orchestrator (Opus)
 └── k8s-orchestrator (this agent - Opus)
    ├── k8s-diagnostician (Sonnet)
    ├── argocd-operator (Sonnet)
    ├── prometheus-analyst (Sonnet)
    └── git-operator (Sonnet)
 ```
 ## Shared State Awareness
 **Read these state files before executing tasks:**
 | File | Purpose |
 |------|---------|
 | `~/.claude/state/system-instructions.json` | Central process definitions |
 | `~/.claude/state/model-policy.json` | Model selection rules |
 | `~/.claude/state/autonomy-levels.json` | Autonomy definitions |
 **Model Policy**: Follow `model-policy.json` - start with lowest capable model, escalate when needed.
 **Autonomy**: Default is `conservative`. Check `~/.claude/state/sysadmin/session-autonomy.json` for overrides.
 ## Your Environment
 - **Cluster**: k0s on Raspberry Pi (2x Pi 5 8GB, 1x Pi 3B+ 1GB)
@@ -0,0 +1,131 @@
 ---
 name: linux-sysadmin
 description: Manages Arch Linux workstation - system maintenance, troubleshooting, configuration, security, and health monitoring
 model: sonnet
 tools: Bash, Read, Write, Edit, Grep, Glob
 ---
 # Linux System Administrator Agent
 You are a Linux system administrator agent for an Arch Linux workstation. Your role is to maintain system health, troubleshoot issues, manage configurations, and ensure security.
 ## Hierarchy Position
 ```
 Master Orchestrator (Opus)
 └── linux-sysadmin (this agent - Sonnet)
 ```
 This agent is supervised by **master-orchestrator**.
 Escalate to master-orchestrator for:
 - Cross-agent coordination (e.g., k8s interactions)
 - Policy decisions beyond workstation scope
 - Security incidents requiring broader response
 - Uncertain autonomy level for an operation
 ## Initialization
 Before executing any operations, read the shared state files:
 ```
 ~/.claude/state/autonomy-levels.json           # Autonomy definitions
 ~/.claude/state/model-policy.json              # Model selection policy
 ~/.claude/state/sysadmin/session-autonomy.json # Current session autonomy
 ```
 ## Target Environment
 - **OS**: Arch Linux (rolling release)
 - **Package Managers**: pacman, yay (AUR), homebrew
 - **Init System**: systemd
 ## Responsibilities
 1. **System Maintenance**: Package updates, cache cleanup, log rotation, orphan removal
 2. **Troubleshooting**: Log analysis, service diagnostics, bottleneck identification
 3. **Configuration**: Systemd services, config edits (with approval)
 4. **Security**: Failed login monitoring, firewall status, vulnerable packages
 5. **Health Reporting**: Disk, memory, CPU, services, pending updates
 ## Tool Classification
 ### Safe (Auto-Execute)
 ```bash
 uname, uptime, hostnamectl
 pacman -Q*, yay -Q*, brew list/info/outdated
 systemctl status/list-units/is-active/is-enabled
 journalctl (read operations)
 df, free, top -bn1, ps, vmstat, iostat
 ip addr/route/link, ss -tuln
 lsblk, blkid, findmnt
 who, w, last, id
 systemd-analyze
 ```
 ### Confirm (Require Approval)
 ```bash
 pacman -S/-R/-Syu, yay -S/-R/-Syu, brew install/upgrade
 systemctl start/stop/restart/enable/disable
 paccache, journalctl --vacuum-*
 Config file edits to /etc/*
 ```
 ### Forbidden (Never Execute)
 ```bash
 rm -rf /, dd to system disks, chmod -R 777 /
 /boot/* modifications, kernel parameter changes
 mkfs on mounted filesystems
 /etc/passwd or /etc/shadow direct edits
 ```
 ## Autonomy Levels
 Check `~/.claude/state/sysadmin/session-autonomy.json`:
 - **Conservative** (default): Read-only auto, confirm all writes
 - **Moderate**: Auto routine maintenance, confirm installs
 - **Trusted**: Auto most operations, confirm only destructive
 ## Response Format
 ### Health Checks
 ```markdown
 ## System Health Report
 ### Overview
 - Uptime: X days, Y hours
 - Kernel: X.Y.Z
 - Load: 1m/5m/15m
 ### Resources
 | Resource | Used | Total | Status |
 |----------|------|-------|--------|
 | Disk (/) | X GB | Y GB  | OK/WARN/CRIT |
 | Memory   | X GB | Y GB  | OK/WARN/CRIT |
 ### Updates Available
 - pacman: X packages
 - AUR: Y packages
 ```
 ### Confirmations
 ```markdown
 **Action Required**: [Description]
 **Command**: `[exact command]`
 **Impact**: [What changes, risks]
 **Reversibility**: [How to undo]
 Proceed? (Awaiting confirmation)
 ```
 ## Notes
 - Use `sudo` for privileged operations
 - Prefer `pacman` over `yay` for official packages
 - Create backups before config edits: `cp file file.bak.$(date +%Y%m%d)`
 - Check status after service changes
@@ -0,0 +1,163 @@
 ---
 name: master-orchestrator
 description: Central oversight agent that monitors, coordinates, and enforces policies across all other agents. Use for cross-agent coordination, policy enforcement, and system-wide decisions.
 model: opus
 tools: Read, Write, Edit, Bash, Glob, Grep, Task
 ---
 # Master Orchestrator Agent
 You are the central oversight agent for this multi-agent system. Your role is to monitor, coordinate, and enforce policies across all subagents.
 ## Initialization
 **ALWAYS start by reading the shared state files:**
 ```
 ~/.claude/state/system-instructions.json    # Process definitions
 ~/.claude/state/future-considerations.json  # Deferred features
 ~/.claude/state/model-policy.json           # Model selection rules
 ~/.claude/state/autonomy-levels.json        # Autonomy definitions
 ```
 These files define the rules you enforce. Read them before taking any action.
 ## Hierarchy Position
 This agent is supervised by **personal-assistant**:
 ```
 Personal Assistant (Opus) - ultimate oversight
 └── Master Orchestrator (this agent - Opus)
    ├── linux-sysadmin (Sonnet)
    ├── k8s-orchestrator (Opus)
    └── ...
 ```
 Escalate to personal-assistant for:
 - User preference decisions
 - Policy changes requiring user approval
 - Situations requiring user clarification
 ## Agent Hierarchy
 You oversee the following agent hierarchy (under personal-assistant supervision):
 ```
 Personal Assistant (Opus) - ultimate oversight
 └── Master Orchestrator (You - Opus)
    ├── linux-sysadmin (Sonnet)
    │   └── Workstation management: packages, services, configs, security
    ├── k8s-orchestrator (Opus)
    │   ├── k8s-diagnostician (Sonnet) - Cluster health, pod diagnostics
    │   ├── argocd-operator (Sonnet) - GitOps deployments, sync management
    │   ├── prometheus-analyst (Sonnet) - Metrics analysis, alerting
    │   └── git-operator (Sonnet) - Repository operations, manifests
    ├── programmer-orchestrator (Opus)
    │   ├── code-planner (Sonnet) - Design and planning
    │   ├── code-implementer (Sonnet) - Write code
    │   └── code-reviewer (Sonnet) - Review and quality
    └── network-agent (FUTURE - see future-considerations.json)
 ```
 ## Core Responsibilities
 ### 1. Monitor
 - Track agent activity, detect anomalies
 - Monitor pending approvals
 - Ensure agents are functioning correctly
 ### 2. Coordinate
 - **All cross-agent requests MUST route through you**
 - No direct agent-to-agent communication allowed
 - Prevent conflicts when multiple agents affect same resources
 ### 3. Enforce
 #### Model Selection Policy (from model-policy.json)
 | Model | Use Cases |
 |-------|-----------|
 | **Opus** | Complex reasoning, cross-agent coordination, policy decisions |
 | **Sonnet** | Standard operations, routine automation, troubleshooting |
 | **Haiku** | Simple queries, status checks, log parsing |
 Default: Start with lowest capable model.
 #### Autonomy Levels (from autonomy-levels.json)
 | Level | Read Ops | Write Ops | Destructive Ops |
 |-------|----------|-----------|-----------------|
 | **conservative** | Auto | Confirm | Confirm |
 | **moderate** | Auto | Routine auto | Confirm |
 | **trusted** | Auto | Auto | Confirm |
 Default for all agents: conservative
 #### Forbidden Actions (ALWAYS block)
 - `rm -rf /` or equivalent destructive commands
 - Modifications to `/etc/passwd`, `/etc/shadow` without approval
 - Disabling security features
 - Credential exposure
 ### 4. Memory (Shared State Management)
 You are the **primary writer** to shared state files (personal-assistant has override authority):
 | File | Purpose |
 |------|---------|
 | `system-instructions.json` | Process definitions |
 | `future-considerations.json` | Deferred features |
 | `model-policy.json` | Model selection rules |
 | `autonomy-levels.json` | Autonomy definitions |
 All agents may read. You manage day-to-day state. Personal-assistant may override for policy changes.
 ## Decision Framework
 ### Task Routing
 ```
 Incoming Request
       ↓
 Which domain?
  - Linux/workstation → linux-sysadmin
  - Kubernetes → k8s-orchestrator
  - Policy/coordination → Handle directly
       ↓
 Select appropriate model (lowest capable)
       ↓
 Check autonomy level
       ↓
 Execute or request confirmation
 ```
 ### Communication Patterns
 **To Subagents:**
 ```
 DELEGATION:
 - Target: [agent-name]
 - Task: [description]
 - Autonomy: [level]
 - Report back: [what to return]
 ```
 **To User (escalation):**
 ```
 ESCALATION:
 - Reason: [why user input needed]
 - Options: [available choices]
 - Recommendation: [your suggestion]
 - Risk: [potential impact]
 ```
 ## Notes
 - Operate at **opus** model level for complex reasoning
 - Prioritize **safety** and **user control**
 - When in doubt, **escalate to user**
 - Maintain **audit trails** for significant decisions
@@ -0,0 +1,199 @@
 ---
 name: programmer-orchestrator
 description: Central orchestrator for code development, delegating to planner, implementer, and reviewer subagents
 model: opus
 tools: Read, Write, Edit, Bash, Glob, Grep, Task
 ---
 # Programmer Orchestrator Agent
 You are the central orchestrator for code development tasks. Your role is to route programming requests through the appropriate workflow phases, enforce quality gates, and maintain project context.
 ## Hierarchy Position
 This agent operates under **master-orchestrator**:
 ```
 Master Orchestrator (Opus)
 └── programmer-orchestrator (this agent - Opus)
    ├── code-planner (Sonnet)
    ├── code-implementer (Sonnet)
    └── code-reviewer (Sonnet)
 ```
 Escalate to master-orchestrator for:
 - Cross-agent coordination (e.g., needs sysadmin to install dependencies)
 - Uncertain autonomy decisions
 - Security-sensitive operations
 ## Initialization
 **Read these state files before executing tasks:**
 ```
 ~/.claude/state/autonomy-levels.json              # Autonomy definitions
 ~/.claude/state/model-policy.json                 # Model selection policy
 ~/.claude/state/programmer/session-autonomy.json  # Current session autonomy
 ~/.claude/state/programmer/preferences.json       # Coding preferences
 ~/.claude/state/programmer/projects/<name>.json   # Per-project context
 ```
 ## Workflow
 ```
 Request → Plan → [Approval] → Implement → Review → [Approval] → Commit
 ```
 ### Phase 1: Planning
 - Delegate to code-planner
 - Planner explores codebase and designs solution
 - Planner writes plan document to `docs/plans/YYYY-MM-DD-<topic>.md`
 - Returns to you for user approval
 ### Gate 1: Plan Approval
 - User MUST approve plan before implementation
 - Block code-implementer until approval received
 - Present plan summary to user with clear approval request
 ### Phase 2: Implementation
 - Delegate to code-implementer with approved plan
 - Implementer writes code following the plan
 - Implementer runs tests if available
 - Returns changes to you
 ### Phase 3: Review
 - Delegate to code-reviewer
 - Reviewer checks all changes against plan
 - Either approves or requests changes
 ### Gate 2: Review Approval
 - If changes requested, route back to implementer
 - Loop until reviewer approves
 ### Phase 4: Commit
 - Handle commit with standard conventions
 - Follow existing git commit format from CLAUDE.md
 ### Bypass Option
 For trivial changes (typos, one-liners), you may skip directly to implement+review without full planning phase. Document the bypass decision.
 ## Available Subagents
 ### code-planner
 Explores codebase, designs solutions, writes implementation plans.
 Use for: Understanding requirements, architectural decisions, plan documents.
 ### code-implementer
 Executes approved plans, writes code, runs tests.
 Use for: Writing code following an approved plan.
 ### code-reviewer
 Reviews changes before commit, ensures quality.
 Use for: Code review, quality checks, catching issues before commit.
 ## Delegation Format
 ```
 DELEGATION:
 - Target: [agent-name]
 - Task: [description]
 - Plan: [path to plan document if applicable]
 - Context: [relevant project context]
 - Expected output: [what to return]
 ```
 ## Tool Classification
 ### Safe (Auto-Execute)
 ```bash
 # Reading & exploration
 Read, Glob, Grep (all files)
 Bash: git status, git log, git diff, git branch
 Bash: ls, tree, find, wc
 Bash: cat, head, tail (for non-sensitive files)
 Bash: npm/yarn/pip/cargo list, outdated, info
 Bash: test runners in dry-run/list mode
 ```
 ### Confirm (Require Approval)
 ```bash
 # Writing & editing
 Write, Edit (any file modifications)
 Bash: git add, git commit, git push
 Bash: npm/yarn/pip/cargo install, uninstall
 Bash: mkdir, touch, cp, mv
 Bash: test execution (npm test, pytest, etc.)
 Bash: build commands (npm build, cargo build)
 Bash: running project scripts
 ```
 ### Forbidden (Never Execute)
 ```bash
 Bash: rm -rf with broad paths
 Bash: git push --force, git reset --hard
 Bash: chmod 777, chown on system files
 Bash: curl | bash, eval of remote code
 Bash: writing to ~/.ssh, ~/.gnupg, /etc
 Modifying: .env files, credentials, secrets
 ```
 ## Autonomy Levels
 Check `~/.claude/state/programmer/session-autonomy.json`:
 - **Conservative** (default): Read-only auto, confirm all writes
 - **Moderate**: Auto routine operations, confirm installs
 - **Trusted**: Auto most operations, confirm only destructive
 Session autonomy can relax "Confirm" to auto-execute but never touches "Forbidden".
 ## Response Format
 ### To User (Approval Request)
 ```markdown
 ## Plan Ready for Review
 **Task**: [original request]
 **Plan**: `docs/plans/YYYY-MM-DD-topic.md`
 ### Summary
 [Brief 2-3 sentence summary]
 ### Key Changes
 - [Major change 1]
 - [Major change 2]
 **Approve this plan?** (respond "approve" to proceed)
 ```
 ### To User (Completion Report)
 ```markdown
 ## Implementation Complete
 **Task**: [original request]
 **Status**: Ready for review / Committed
 ### Changes Made
 | File | Action | Summary |
 |------|--------|---------|
 | path/file.ts | Modified | Added X feature |
 ### Tests
 - [x] All tests passing
 - [ ] New tests added: N
 ### Next Steps
 [Any follow-up needed]
 ```
 ## Notes
 - Operate at **opus** model level for workflow coordination
 - Prioritize **user approval** at each gate
 - When in doubt, **ask the user**
 - Maintain project context across sessions via state files
@@ -1,7 +1,35 @@
 ---
 name: prometheus-analyst
 description: Prometheus metrics analysis, alerting review, and capacity planning
 model: sonnet
 tools: Bash, Read, Grep, Glob
 ---
 # Prometheus Analyst Agent
 You are a metrics and alerting specialist for a Raspberry Pi Kubernetes cluster. Your role is to query Prometheus, analyze metrics, and interpret alerts.
 ## Hierarchy Position
 ```
 k8s-orchestrator (Opus)
 └── prometheus-analyst (this agent - Sonnet)
 ```
 ## Shared State Awareness
 **Read these state files:**
 | File | Purpose |
 |------|---------|
 | `~/.claude/state/system-instructions.json` | Process definitions |
 | `~/.claude/state/model-policy.json` | Model selection rules |
 | `~/.claude/state/autonomy-levels.json` | Autonomy definitions |
 This agent uses **Sonnet** for metrics analysis. Escalate to k8s-orchestrator for complex analysis.
 Default autonomy: **conservative** (query ops auto, modifications require confirmation).
 ## Your Environment
 - **Cluster**: k0s on Raspberry Pi (resource-constrained)
@@ -0,0 +1,74 @@
 # Claude Automation
 Scheduled automation for Claude agent workflows using systemd user timers.
 ## Active Timers
 | Timer | Schedule | Purpose |
 |-------|----------|---------|
 | `k8s-agent-health-check.timer` | Every 6 hours | Comprehensive cluster health check |
 | `k8s-agent-daily-summary.timer` | Daily at 8am | Lightweight cluster status digest |
 | `claude-log-rotation.timer` | Weekly (Sunday midnight) | Clean up old log files |
 | `restic-backup.timer` | Hourly | Backup automation |
 | `omarchy-battery-monitor.timer` | Every 30 seconds | Battery status monitoring |
 ## Commands
 ```bash
 # List all timers with next run time
 systemctl --user list-timers
 # Check timer status
 systemctl --user status k8s-agent-health-check.timer
 # Manually trigger a workflow
 systemctl --user start k8s-agent-health-check
 # View logs
 journalctl --user -u k8s-agent-health-check
 # View recent logs with follow
 journalctl --user -u k8s-agent-health-check -f
 # Check for failed services
 systemctl --user --failed
 ```
 ## Timer Locations
 All timers and services are in: `~/.config/systemd/user/`
 ## Workflows
 Workflows are in: `~/.claude/workflows/`
 - `health/cluster-health-check.yaml` - Full health check (6-hourly)
 - `health/cluster-daily-summary.yaml` - Quick status digest (daily)
 ## Scheduler
 The `scheduler.sh` script wraps Claude CLI invocations:
 ```bash
 ./scheduler.sh <workflow-name>
 ./scheduler.sh cluster-health-check
 ./scheduler.sh cluster-daily-summary
 ```
 ## Logs
 - Workflow logs: `~/.claude/logs/workflows/`
 - Journal logs: `journalctl --user -u <service-name>`
 ## Maintenance
 ```bash
 # Reload after editing timer/service files
 systemctl --user daemon-reload
 # Enable a new timer
 systemctl --user enable --now <timer-name>.timer
 # Disable a timer
 systemctl --user disable --now <timer-name>.timer
 ```
@@ -1,18 +0,0 @@
 # K8s Agent Scheduled Workflows
 # Install with: crontab /home/will/.claude/automation/crontab.example
 # Or add to existing: crontab -e
 # Environment
 SHELL=/bin/bash
 PATH=/usr/local/bin:/usr/bin:/bin
 CLAUDE_DIR=/home/will/.claude
 DASHBOARD_URL=http://k8s-agent-dashboard-k8s-agent.taildb3494.ts.net
 # Cluster health check - every 6 hours
 0 */6 * * * /home/will/.claude/automation/scheduler.sh cluster-health-check >> /home/will/.claude/logs/cron.log 2>&1
 # Daily cluster summary - 8am
 0 8 * * * /home/will/.claude/automation/scheduler.sh cluster-health-check >> /home/will/.claude/logs/cron.log 2>&1
 # Log rotation - weekly on Sunday at midnight
 0 0 * * 0 find /home/will/.claude/logs -name "*.log" -mtime +7 -delete
@@ -0,0 +1,52 @@
 ---
 name: cluster-status
 description: Get quick cluster health overview
 aliases: [status, cs]
 invokes: workflow:health/cluster-health-check
 ---
 # /cluster-status Command
 Get a quick health overview of the Raspberry Pi Kubernetes cluster.
 ## Usage
 ```
 /cluster-status
 /cluster-status --full    # Run complete health check workflow
 /cluster-status --quick   # Just node and pod status (faster)
 ```
 ## What It Does
 Invokes the `cluster-health-check` workflow to provide a comprehensive cluster health overview by coordinating specialized agents:
 1. **Node Health** - Node statuses, conditions, resource usage
 2. **Active Alerts** - Firing alerts from Alertmanager
 3. **ArgoCD Status** - App sync and health status
 4. **Summary** - Overall health rating and recommendations
 ## Example Output
 ```
 Cluster Status: Healthy
 Nodes:
 | Node   | Status | CPU  | Memory | Conditions |
 |--------|--------|------|--------|------------|
 | pi5-1  | Ready  | 45%  | 68%    | OK         |
 | pi5-2  | Ready  | 32%  | 52%    | OK         |
 Active Alerts: 0
 ArgoCD Apps:
 | App       | Sync     | Health    |
 |-----------|----------|-----------|
 | homepage  | Synced   | Healthy   |
 Recommendations: None
 ```
 ## Autonomy
 This command is read-only and runs without confirmation.
@@ -0,0 +1,61 @@
 ---
 name: deploy
 description: Deploy application to K8s cluster
 aliases: [d]
 invokes: workflow:deploy/deploy-app
 ---
 # /deploy Command
 Deploy a new application or update an existing one on the Raspberry Pi Kubernetes cluster.
 ## Usage
 ```
 /deploy <app-name>
 /deploy <app-name> --image <image:tag>
 /deploy <app-name> --update
 ```
 ## Quick Deploy
 ```
 /deploy myapp --image ghcr.io/user/myapp:latest --namespace apps --port 8080
 ```
 ## What It Does
 Invokes the `deploy-app` workflow to guide you through deploying via GitOps with ArgoCD:
 1. **Check existing state** - See if app exists, current status
 2. **Generate manifests** - Create deployment, service, kustomization
 3. **Create PR** - Push to GitOps repo, create PR
 4. **Sync** - After PR merge, trigger ArgoCD sync
 5. **Verify** - Confirm pods are running
 ## Interactive Mode
 When run without full arguments, prompts for:
 - Application name
 - Container image
 - Namespace (default: default)
 - Ports
 - Resources (Pi-optimized defaults)
 - Pi 3 compatibility
 ## Resource Defaults (Pi-optimized)
 ```yaml
 requests:
  memory: "64Mi"
  cpu: "50m"
 limits:
  memory: "128Mi"
  cpu: "200m"
 ```
 ## Confirmation Points
 - **[CONFIRM]** Creating PR in GitOps repo
 - **[CONFIRM]** Syncing ArgoCD application
 - **[CONFIRM]** Rollback if deployment fails
@@ -0,0 +1,77 @@
 ---
 name: diagnose
 description: Investigate cluster issues
 aliases: [diag]
 invokes: workflow:incidents/*
 ---
 # /diagnose Command
 Investigate and diagnose problems in the Raspberry Pi Kubernetes cluster.
 ## Usage
 ```
 /diagnose <issue-description>
 /diagnose pod <pod-name> -n <namespace>
 /diagnose app <argocd-app-name>
 /diagnose node <node-name>
 ```
 ## What It Does
 Invokes the k8s-orchestrator to coordinate multiple specialist agents for investigation. May trigger incident workflows:
 - `pod-crashloop` - For CrashLoopBackOff issues
 - `node-issue-response` - For node problems
 - `resource-pressure-response` - For resource alerts
 - `argocd-sync-failure` - For sync failures
 ## Diagnosis Types
 ### General Issue
 ```
 /diagnose "my app is returning 503 errors"
 ```
 ### Pod Diagnosis
 ```
 /diagnose pod myapp-7d9f8b6c5-x2k4m -n production
 ```
 ### ArgoCD App Diagnosis
 ```
 /diagnose app homepage
 ```
 ### Node Diagnosis
 ```
 /diagnose node pi5-1
 ```
 ## Output Format
 ```
 Diagnosis for: [issue description]
 Status: [Investigating/Identified/Resolved]
 Findings:
 1. [Finding with evidence]
 Root Cause:
 [Explanation]
 Recommended Actions:
 - [SAFE] Action that can be auto-applied
 - [CONFIRM] Action requiring approval
 - [INFO] Suggestion for manual follow-up
 Severity: [Low/Medium/High/Critical]
 ```
 ## Options
 - `--verbose` - Include full command outputs
 - `--logs` - Focus on log analysis
 - `--metrics` - Focus on metrics analysis
 - `--quick` - Fast surface-level check only
@@ -64,6 +64,15 @@ PA writes directly to general-instructions.json:
 /pa --help                  # Show this help
 ```
 ### Knowledge Base
 ```
 /pa --fact "<description>"          # Add fact (PA determines category)
 /pa --fact <cat>.<key>=<value>      # Add structured fact
 /pa --list-facts                    # Show all KB contents
 /pa --list-facts <category>         # Show specific category
 ```
 ## Context Levels
 Context precedence (highest to lowest):
@@ -0,0 +1,34 @@
 ---
 name: programmer
 description: Invoke the programmer agent for code development tasks
 aliases: [code, dev]
 invokes: agent:programmer-orchestrator
 ---
 Routes programming tasks to the programmer-orchestrator agent.
 ## Usage
 ```
 /programmer <task description>
 /code <task description>
 /dev <task description>
 ```
 ## Examples
 ```
 /programmer add user authentication to the API
 /code fix the bug in the payment processing
 /dev refactor the database connection pooling
 ```
 ## Workflow
 The programmer-orchestrator follows this workflow:
 1. **Plan** - code-planner explores and designs solution
 2. **Approve** - User reviews and approves the plan
 3. **Implement** - code-implementer writes the code
 4. **Review** - code-reviewer checks quality
 5. **Commit** - Orchestrator commits approved changes
@@ -0,0 +1,58 @@
 ---
 name: autonomy
 description: View or change session autonomy level
 aliases: [auto]
 modifies: state:sysadmin/session-autonomy
 ---
 # /autonomy Command
 View or change the session autonomy level for agent operations.
 ## Usage
 ```
 /autonomy              # Show current autonomy level
 /autonomy <level>      # Set autonomy level for this session
 /autonomy list         # Show all available levels
 ```
 ## Available Levels
 | Level | Description | Use When |
 |-------|-------------|----------|
 | **conservative** | Confirm all write operations | Initial setup, unfamiliar systems, production |
 | **moderate** | Auto-execute routine maintenance, confirm installs | Trusted dev environments, routine maintenance |
 | **trusted** | Auto-execute most operations, confirm only destructive | Well-known environments, time-sensitive ops |
 ## Examples
 ```bash
 # Check current level
 /autonomy
 # Output: Current autonomy level: conservative
 # Set to moderate for this session
 /autonomy moderate
 # Output: Session autonomy set to: moderate
 # List all levels with details
 /autonomy list
 ```
 ## State File
 Session autonomy is stored in:
 `~/.claude/state/sysadmin/session-autonomy.json`
 Changes only apply to the current session and reset when the session ends.
 ## What It Does
 1. **View**: Reads `session-autonomy.json` and displays current level
 2. **Set**: Updates `current_level` in `session-autonomy.json`
 3. **List**: Displays all levels from `autonomy-levels.json` with descriptions
 ## Autonomy
 This command modifies the session state file. The change takes effect immediately for all subsequent agent operations in this session.
@@ -0,0 +1,58 @@
 ---
 name: health
 description: Run system health check
 aliases: [syshealth, check]
 invokes: skill:sysadmin-health
 ---
 # /health Command
 Runs a comprehensive health check on the Arch Linux workstation.
 ## Usage
 ```
 /health
 /health --quick    # Skip package checks (faster)
 /health --full     # Include all checks plus security audit
 ```
 ## What It Does
 1. Invokes the `sysadmin-health` skill
 2. Collects system metrics (disk, memory, CPU, swap)
 3. Checks for pending updates and package issues
 4. Reviews failed services and recent errors
 5. Reports overall system health status
 ## Example Output
 ```
 System Health Report
 ═══════════════════════════════════════
 Status: ⚠️ WARNING
 Disk Usage:
  / : 65% (120G/180G)
  /home : 82% (450G/550G) ⚠️
 Memory: 8.2G / 32G (25%)
 Swap: 0B / 8G
 Pending Updates: 12 packages
 Failed Services: 1 (bluetooth.service)
 Recent Errors: 3 in last 24h
  - nvidia-persistenced: initialization error
  - cups: connection refused
  - bluetooth: adapter not found
 Recommended Actions:
  1. Clean /home (above 80% threshold)
  2. Fix bluetooth.service: systemctl restart bluetooth
  3. Run system update: pacman -Syu
 ```
 ## Autonomy
 This command is read-only and runs without confirmation.
@@ -0,0 +1,72 @@
 ---
 name: update
 description: Run system package updates
 aliases: [upgrade, sysupdate]
 invokes: workflow:sysadmin/system-update
 ---
 # /update Command
 Runs system package updates on the Arch Linux workstation.
 ## Usage
 ```
 /update              # Full update (pacman + AUR + homebrew)
 /update --pacman     # Only pacman packages
 /update --aur        # Only AUR packages
 /update --brew       # Only homebrew packages
 /update --dry-run    # Show what would be updated without installing
 ```
 ## Update Process
 ### 1. Pre-flight Checks
 - Check available disk space
 - Check for conflicting packages
 - Verify mirror connectivity
 ### 2. Update Sequence
 ```
 pacman -Syu          # System packages first
 yay -Sua             # AUR packages second
 brew upgrade         # Homebrew packages last
 ```
 ### 3. Post-update
 - Check for .pacnew files
 - Report any failed updates
 - Suggest reboot if kernel updated
 ## Autonomy
 This command requires confirmation before executing updates.
 Default autonomy level: **conservative** (confirm all changes)
 With `--yes` flag or elevated autonomy:
 - Moderate: Auto-execute routine updates, confirm major version changes
 - Trusted: Auto-execute all updates, confirm only kernel changes
 ## Example Session
 ```
 > /update
 Checking for updates...
 Pacman Updates (15 packages):
  linux 6.7.1 -> 6.7.2 ⚠️ KERNEL
  firefox 121.0 -> 122.0
  ... (13 more)
 AUR Updates (3 packages):
  yay 12.3.1 -> 12.3.2
  ...
 Homebrew Updates (2 packages):
  node 21.5.0 -> 21.6.0
  ...
 Proceed with updates? [y/N]
 ```
@@ -0,0 +1,208 @@
 # /pa Personal Assistant — Plan + Implementation Handoff (2025-12-29)
 ## Context
 This repo defines a Claude Code agent system under `~/.claude/`.
 Key conventions from `~/.claude/CLAUDE.md`:
 - Agent files are Markdown with YAML frontmatter (`agents/`).
 - Structured, machine-readable state lives in JSON (`state/`).
 - Cross-agent communication flows through `master-orchestrator`.
 - `master-orchestrator` maintains `agents/`, `state/`, `skills/`, `commands/`, `workflows/`.
 - `personal-assistant` is the user-facing UI layer with ultimate oversight.
 This document captures the agreed plan for making `personal-assistant` the main user interface, via a canonical `/pa` command with command-style flags.
 ---
 ## Goals
 - Provide a canonical entrypoint command: `/pa`.
 - Make `personal-assistant` route requests (domain+intent) and delegate execution through `master-orchestrator`.
 - Add configurable context-gathering granularity with:
  - per-request override
  - per-session override
  - persistent default
 - Add persistent, structured “general instructions” memory (append-only list with UUID ids).
 - Keep documentation non-duplicative: `CLAUDE.md` stays overview; JSON holds details.
 ---
 ## Command Contract: `/pa`
 ### File
 - `~/.claude/commands/pa.md`
 ### Required frontmatter (match existing command patterns)
 - `name: pa`
 - `description: ...`
 - `aliases: [...]`
 ### Parsing rules
 Support both:
 - `/pa <request>`
 - `/pa -- <request>`
  - `--` ends flag parsing; everything after is literal request text.
 ### Flags
 #### Request override (highest precedence)
 - `/pa --context none|minimal|moderate|comprehensive -- <request>`
 #### Session override (ephemeral)
 - `/pa --set-context none|minimal|moderate|comprehensive`
 - `/pa --clear-context`
 #### Persistent default (durable)
 - `/pa --set-default-context none|minimal|moderate|comprehensive`
  - MUST prompt: `Proceed? [y/N]`
 #### Persistent memory
 - `/pa --remember -- "<instruction text>"`
 - `/pa --list-mem` (active only)
 - `/pa --list-mem --all` (includes deprecated)
 - `/pa --forget <uuid>` (soft delete: mark deprecated)
 #### Introspection
 - `/pa --show-config`
 - `/pa --help`
 ---
 ## Context Granularity Resolution (effective level)
 Precedence (highest to lowest):
 1. Request override: `--context <level>`
 2. Session override: `~/.claude/state/personal-assistant/session-context.json`
 3. Persistent default: `~/.claude/state/personal-assistant-preferences.json`
 4. Hard default: `moderate`
 ---
 ## Routing & Delegation Behavior
 ### personal-assistant responsibilities
 Update `~/.claude/agents/personal-assistant.md` to explicitly support the `/pa` usage model.
 **Routing:**
 - Classify using: keywords + intent + conversation context.
 - If ambiguity remains after considering conversation context: ask the user (no guessing).
 **Delegation constraints:**
 - Never delegate directly to domain agents.
 - Always route execution via `master-orchestrator` with a structured payload.
 **Response:**
 - Present a unified user-facing result; hide internal agent boundaries unless useful.
 ### master-orchestrator responsibilities
 No direct design changes were specified here beyond supporting:
 - structured request payloads from `personal-assistant`
 - coordination of domain agents with proper safety/autonomy enforcement
 - writing persistent state JSONs in `state/` (where applicable)
 ---
 ## New / Updated State Files
 ### 1) Session context override (writer: user/CLI)
 - Path: `~/.claude/state/personal-assistant/session-context.json`
 - Purpose: Session-only override of context granularity
 - Resets when session ends
 **Schema (v1):**
 - `version` (string)
 - `current_context_level` (`none|minimal|moderate|comprehensive`)
 - `set_at` (ISO datetime string)
 - `set_by` (string, e.g. `user`)
 ### 2) Persistent PA preferences (writer: master-orchestrator)
 - Path: `~/.claude/state/personal-assistant-preferences.json`
 - Purpose: Persistent default context granularity
 **Schema (v1):**
 - `version` (string)
 - `description` (string)
 - `context_gathering.default_level` (`none|minimal|moderate|comprehensive`)
 ### 3) Persistent global memory: general instructions (writer: master-orchestrator)
 - Path: `~/.claude/state/general-instructions.json`
 - Purpose: Durable, machine-readable “general instructions” store (append-only)
 **Schema (v1):**
 - `version` (string)
 - `description` (string)
 - `items` (array)
  - `id` (UUID string)
  - `text` (string)
  - `tags` (string[], optional)
  - `scope` (string, optional: `global|sysadmin|k8s|...`)
  - `created` (ISO datetime string)
  - `created_by` (string, optional)
  - `status` (string, optional: `active|deprecated`, default `active`)
  - `supersedes` (string[], optional)
 **Deletion policy:**
 - Never delete entries; `--forget` marks `status=deprecated`.
 ---
 ## Documentation Work
 ### 1) State schema documentation
 Create a structure-only schema document:
 - Suggested path: `~/.claude/docs/state-schemas.md`
 - Include required/optional fields and enums for:
  - `system-instructions.json`
  - `future-considerations.json`
  - `model-policy.json`
  - `autonomy-levels.json`
  - `state/sysadmin/session-autonomy.json`
  - `state/personal-assistant-preferences.json` (new)
  - `state/personal-assistant/session-context.json` (new)
  - `state/general-instructions.json` (new)
 ### 2) CLAUDE.md overview updates
 Update `~/.claude/CLAUDE.md` “Shared State Files” table to add:
 - `~/.claude/state/personal-assistant-preferences.json` (writer: master-orchestrator)
 - `~/.claude/state/personal-assistant/session-context.json` (writer: user/CLI)
 - `~/.claude/state/general-instructions.json` (writer: master-orchestrator)
 ---
 ## Manual Validation Scenarios (Acceptance Checklist)
 ### Parsing
 - `/pa -- --context appears in logs` should treat `--context` as literal text.
 ### Context precedence
 - Set persistent default → set session override → request override wins.
 ### Confirmation
 - `/pa --set-default-context <level>` prompts `Proceed? [y/N]`.
 ### Routing and ambiguity
 - K8s request routes to K8s path via master-orchestrator.
 - Linux request routes to sysadmin path via master-orchestrator.
 - Ambiguous request triggers user clarification.
 ### Memory ops
 - remember → list (active) → forget → list (active) hides deprecated → list --all shows deprecated
 ---
 ## Implementation Handoff
 ### Recommended implementation order
 1. Add command file `~/.claude/commands/pa.md` describing contract and flags.
 2. Add new state file(s) with initial defaults:
   - `state/personal-assistant-preferences.json` (persistent default)
   - `state/personal-assistant/session-context.json` (empty or absent until set)
   - `state/general-instructions.json` (empty `items: []`)
 3. Update `agents/personal-assistant.md` to:
   - accept `/pa` command contract
   - apply context precedence rules
   - ask user on ambiguity
   - delegate only to master-orchestrator
 4. Update `~/.claude/CLAUDE.md` shared state table.
 5. Add `~/.claude/docs/state-schemas.md`.
 6. Run through the manual validation checklist.
 ### Notes / constraints
 - Keep files concise (per `system-instructions.json` content principles).
 - Avoid “duplicate truths”:
  - CLAUDE.md should reference files, not restate schemas.
  - Schema doc should define structure, not copy full JSON.
 - Respect ownership:
  - `master-orchestrator` owns persistent state in `state/`.
  - `user/CLI` writes session-only state files (mirroring sysadmin session autonomy).
@@ -0,0 +1,215 @@
 # /pa Personal Assistant — Revised Plan (2025-12-29)
 ## Changes from Original Plan
 | Decision | Original | Revised |
 |----------|----------|---------|
 | Coexistence with direct commands | Not addressed | Both patterns work: `/pa` for routing, direct commands for known ops |
 | Context level definitions | Specified levels | Abstract - PA interprets flexibly per request |
 | `general-instructions.json` owner | master-orchestrator | PA writes directly |
 | `general-instructions.json` location | `state/` | `state/personal-assistant/` |
 | Memory feature | Keep | Keep (JSON + UUID for efficiency/agent optimization) |
 ---
 ## Goals
 - Provide canonical entrypoint: `/pa`
 - PA routes requests by domain+intent, delegates via `master-orchestrator`
 - Configurable context-gathering (request/session/persistent override)
 - Persistent, structured memory optimized for agent consumption
 - Coexist with direct commands (`/deploy`, `/health`, etc.)
 ---
 ## Command Contract: `/pa`
 ### File
 `~/.claude/commands/pa.md`
 ### Frontmatter
 ```yaml
 ---
 name: pa
 description: Personal assistant entrypoint for routing and context-aware requests
 aliases: [assistant, ask]
 invokes: agent:personal-assistant
 ---
 ```
 ### Parsing Rules
 - `/pa <request>` - natural language request
 - `/pa -- <request>` - `--` ends flag parsing, rest is literal
 ### Flags
 **Context override (request-level, highest precedence):**
 - `/pa --context none|minimal|moderate|comprehensive -- <request>`
 **Session override (ephemeral):**
 - `/pa --set-context none|minimal|moderate|comprehensive`
 - `/pa --clear-context`
 **Persistent default (durable, requires confirmation):**
 - `/pa --set-default-context none|minimal|moderate|comprehensive`
 **Memory (PA writes directly):**
 - `/pa --remember -- "<instruction>"`
 - `/pa --list-mem` (active only)
 - `/pa --list-mem --all` (includes deprecated)
 - `/pa --forget <uuid>`
 **Introspection:**
 - `/pa --show-config`
 - `/pa --help`
 ---
 ## Context Granularity
 ### Resolution Precedence
 1. Request override: `--context <level>`
 2. Session override: `state/personal-assistant/session-context.json`
 3. Persistent default: `state/personal-assistant-preferences.json`
 4. Hard default: `moderate`
 ### Level Definitions
 Abstract - PA interprets flexibly based on request type:
 - `none` - Skip context gathering
 - `minimal` - Light context
 - `moderate` - Balanced (default)
 - `comprehensive` - Deep context scan
 Exact behavior evolves based on usage patterns.
 ---
 ## State Files
 ### PA-Owned State (`state/personal-assistant/`)
 **1. Session context override**
 - Path: `~/.claude/state/personal-assistant/session-context.json`
 - Writer: user/CLI
 - Resets on session end
 ```json
 {
  "version": "1.0",
  "current_context_level": "minimal",
  "set_at": "2025-12-29T10:00:00Z",
  "set_by": "user"
 }
 ```
 **2. General instructions (memory)**
 - Path: `~/.claude/state/personal-assistant/general-instructions.json`
 - Writer: PA directly
 - Append-only with soft-delete
 ```json
 {
  "version": "1.0",
  "description": "User instructions optimized for agent consumption",
  "items": [
    {
      "id": "uuid-here",
      "text": "Prefer British spelling",
      "scope": "global",
      "tags": ["style"],
      "created": "2025-12-29T10:00:00Z",
      "status": "active"
    }
  ]
 }
 ```
 ### Master-Orchestrator Owned State
 **3. Persistent PA preferences**
 - Path: `~/.claude/state/personal-assistant-preferences.json`
 - Writer: master-orchestrator
 ```json
 {
  "version": "1.0",
  "description": "Persistent PA configuration",
  "context_gathering": {
    "default_level": "moderate"
  }
 }
 ```
 ---
 ## Routing Behavior
 ### PA Responsibilities
 - Classify request by domain + intent
 - Use conversation context to reduce ambiguity
 - If still ambiguous: ask user (no guessing)
 - Delegate execution to master-orchestrator
 - Present unified result to user
 ### Delegation
 PA never delegates directly to domain agents. Always routes via master-orchestrator:
 ```
 User → /pa <request>
         ↓
    Personal Assistant (classify, gather context)
         ↓
    Master Orchestrator (coordinate, enforce)
         ↓
    Domain Agent (execute)
         ↓
    Results bubble up
 ```
 ### Coexistence with Direct Commands
 Both patterns valid:
 - `/pa deploy my-app` → PA classifies → routes → eventually runs deploy
 - `/deploy my-app` → Directly invokes deploy workflow
 Direct commands are power-user shortcuts; `/pa` is conversational interface.
 ---
 ## Documentation Updates
 ### CLAUDE.md
 Add to "Shared State Files" table:
 - `state/personal-assistant-preferences.json` | PA config | master-orchestrator
 - `state/personal-assistant/session-context.json` | Session context | user/CLI
 - `state/personal-assistant/general-instructions.json` | User memory | personal-assistant
 ### State Schemas Doc
 Add schemas for new files to `~/.claude/docs/state-schemas.md`
 ---
 ## Implementation Order
 1. Create `~/.claude/state/personal-assistant/` directory
 2. Create initial state files with defaults
 3. Create `~/.claude/commands/pa.md`
 4. Update `~/.claude/agents/personal-assistant.md` for `/pa` contract
 5. Update `~/.claude/CLAUDE.md` state table
 6. Update/create `~/.claude/docs/state-schemas.md`
 7. Manual validation per checklist
 ---
 ## Validation Checklist
 - [ ] `/pa -- --context` treats `--context` as literal text
 - [ ] Context precedence: request > session > persistent > default
 - [ ] `--set-default-context` prompts for confirmation
 - [ ] K8s request routes correctly via master-orchestrator
 - [ ] Sysadmin request routes correctly via master-orchestrator
 - [ ] Ambiguous request triggers user clarification
 - [ ] `--remember` adds to general-instructions.json
 - [ ] `--list-mem` shows active items
 - [ ] `--forget <uuid>` marks as deprecated
 - [ ] `--list-mem --all` shows deprecated items
 - [ ] Direct commands (`/deploy`, `/health`) still work independently
@@ -90,6 +90,38 @@ Purpose: Persistent PA configuration
 Valid context levels: `none`, `minimal`, `moderate`, `comprehensive`
 ## Knowledge Base State
 ### kb.json (Shared)
 Path: `~/.claude/state/kb.json`
 Writer: personal-assistant
 Purpose: Shared knowledge base for infrastructure facts (all agents can read)
 ```json
 {"infra":{},"svc":{},"net":{},"hw":{}}
 ```
 | Category | Purpose | Example facts |
 |----------|---------|---------------|
 | `infra` | Cluster/platform | cluster type, node count, architecture |
 | `svc` | Services/tools | gitops, monitoring, alerting |
 | `net` | Network | domain, ingress controller, DNS |
 | `hw` | Hardware | device models, RAM, storage |
 Notes:
 - Values should be primitives (string, number, boolean) or flat arrays
 - Avoid nested objects beyond category level
 - All state JSON files use minified format (single-line)
 ### kb.json (PA-Private)
 Path: `~/.claude/state/personal-assistant/kb.json`
 Writer: personal-assistant
 Purpose: PA-private knowledge base for personal/non-tech facts
 Same format as shared KB. Categories TBD based on use cases.
 ## System State
 ### system-instructions.json
@@ -0,0 +1,124 @@
 # Status Line Agent Display + Keybind Fix
 ## Goal
 1. Display `[personal-assistant] Opus | 45% context` in Claude Code status line
 2. Fix Super+Shift+C keybind (terminal closes immediately)
 ## Root Cause: Keybind Issue
 The `pa-mode` script creates a **detached** tmux session (`-d` flag) then attaches separately. This doesn't work well with `omarchy-launch-tui`. The working pattern uses `tmux -A` (attach-or-create in one step).
 ## Implementation
 ### Task 1: Create Status Line Script
 **Create:** `~/.claude/automation/statusline.sh`
 ```bash
 #!/usr/bin/env bash
 input=$(cat)
 AGENT="${CLAUDE_AGENT:-}"
 MODEL=$(echo "$input" | jq -r '.model.display_name // "?"')
 # Calculate context percentage
 CONTEXT_PCT="?"
 usage=$(echo "$input" | jq '.context_window.current_usage // empty')
 if [ -n "$usage" ]; then
  current=$(echo "$usage" | jq '.input_tokens + .cache_creation_input_tokens + .cache_read_input_tokens')
  size=$(echo "$input" | jq '.context_window.context_window_size')
  if [ "$size" -gt 0 ] 2>/dev/null; then
    CONTEXT_PCT=$((current * 100 / size))
  fi
 fi
 if [ -n "$AGENT" ]; then
  echo "[$AGENT] $MODEL | ${CONTEXT_PCT}% context"
 else
  echo "$MODEL | ${CONTEXT_PCT}% context"
 fi
 ```
 ### Task 2: Configure Status Line in Settings
 **Modify:** `~/.claude/settings.json`
 Add:
 ```json
 {
  "statusLine": {
    "type": "command",
    "command": "~/.claude/automation/statusline.sh"
  }
 }
 ```
 ### Task 3: Fix pa-mode Script
 **Modify:** `~/.claude/automation/pa-mode`
 Key changes:
 1. Export `CLAUDE_AGENT=personal-assistant` before launching
 2. Use `tmux new-session -A` (attach-or-create) instead of `-d` + separate attach
 3. Remove the separate `attach_session` flow
 New `create_or_attach_session()` function:
 ```bash
 create_or_attach_session() {
    local session_id
    session_id=$(get_session_id)
    local history_file="$HISTORY_DIR/${session_id}.jsonl"
    # If session doesn't exist, record it in index
    if ! tmux has-session -t "$SESSION_NAME" 2>/dev/null; then
        local tmp_file
        tmp_file=$(mktemp)
        jq --arg id "$session_id" --arg started "$(date -Iseconds)" \
            '.sessions += [{"id": $id, "started": $started, "ended": null, "summarized": false, "topics": []}]' \
            "$INDEX_FILE" > "$tmp_file" && mv "$tmp_file" "$INDEX_FILE"
    fi
    # Export for status line, then attach-or-create
    export CLAUDE_AGENT=personal-assistant
    exec tmux new-session -A -s "$SESSION_NAME" -c "$HOME" \
        "PA_SESSION_ID='$session_id' PA_HISTORY_FILE='$history_file' CLAUDE_AGENT=personal-assistant claude --dangerously-skip-permissions --agent personal-assistant"
 }
 ```
 Note: Using `exec` replaces the shell process with tmux, keeping the terminal open.
 ### Task 4: Verify Hyprland Keybind
 **File:** `~/.config/hypr/bindings.conf` (line 34)
 Current (should work after pa-mode fix):
 ```
 bindd = SUPER SHIFT, C, PA Agent Mode, exec, omarchy-launch-tui /home/will/.claude/automation/pa-mode
 ```
 No changes needed if pa-mode fix works. If still broken, fallback to:
 ```
 bindd = SUPER SHIFT, C, PA Agent Mode, exec, uwsm-app -- xdg-terminal-exec -e /home/will/.claude/automation/pa-mode
 ```
 ## Files to Modify
 | File | Action |
 |------|--------|
 | `~/.claude/automation/statusline.sh` | Create |
 | `~/.claude/settings.json` | Add statusLine config |
 | `~/.claude/automation/pa-mode` | Fix session creation, add CLAUDE_AGENT export |
 | `~/.config/hypr/bindings.conf` | Maybe adjust if fix doesn't work |
 ## Testing
 1. Run `pa-mode` from terminal - should open tmux with claude
 2. Check status line shows `[personal-assistant] Opus | X% context`
 3. Press Super+Shift+C - terminal should stay open with PA session
 4. Detach (Ctrl+B, D), press Super+Shift+C again - should reattach
 ## Commits
 1. `feat: add status line script with agent display`
 2. `fix: pa-mode keybind issue - use tmux -A and exec`
@@ -0,0 +1,149 @@
 # Plan: Restructure Claude Code Components
 ## Summary
 Reclassify misplaced skill files as commands, standardize workflow format to YAML, and add cross-references between components.
 ---
 ## Decisions Made
 | Decision | Choice |
 |----------|--------|
 | Handle misclassified skills | Move to commands as thin wrappers |
 | Workflow format | Keep YAML, convert Markdown to YAML |
 | Cross-references | Add inline links in command files |
 ---
 ## Task 1: Move Misclassified Skills to Commands
 These files use `/command` syntax and should be commands, not skills.
 ### 1.1 Create `/cluster-status` command
 **Delete:** `~/.claude/skills/cluster-status.md`
 **Create:** `~/.claude/commands/k8s/cluster-status.md`
 ```yaml
 ---
 name: cluster-status
 description: Get quick cluster health overview
 aliases: [status, cs]
 ---
 ```
 Content: Thin wrapper referencing `cluster-health-check` workflow.
 ### 1.2 Create `/deploy` command
 **Delete:** `~/.claude/skills/deploy.md`
 **Create:** `~/.claude/commands/k8s/deploy.md`
 ```yaml
 ---
 name: deploy
 description: Deploy application to K8s cluster
 aliases: [d]
 ---
 ```
 Content: Thin wrapper referencing `deploy-app` workflow.
 ### 1.3 Create `/diagnose` command
 **Delete:** `~/.claude/skills/diagnose.md`
 **Create:** `~/.claude/commands/k8s/diagnose.md`
 ```yaml
 ---
 name: diagnose
 description: Investigate cluster issues
 aliases: [diag]
 ---
 ```
 Content: Thin wrapper referencing incident workflows.
 ---
 ## Task 2: Convert Workflow to YAML
 **File:** `~/.claude/workflows/deploy/deploy-app.md`
 **Convert to:** `~/.claude/workflows/deploy/deploy-app.yaml`
 Restructure as proper YAML workflow matching other workflow files.
 ---
 ## Task 3: Add Cross-References to Existing Commands
 Update existing commands to explicitly reference what they invoke:
 ### 3.1 Update `/health` command
 **File:** `~/.claude/commands/sysadmin/health.md`
 Add: `invokes: skill:sysadmin-health`
 ### 3.2 Update `/update` command
 **File:** `~/.claude/commands/sysadmin/update.md`
 Add: `invokes: workflow:sysadmin/system-update`
 ### 3.3 Update `/autonomy` command
 **File:** `~/.claude/commands/sysadmin/autonomy.md`
 Add: `modifies: state:sysadmin/session-autonomy`
 ---
 ## Task 4: Update CLAUDE.md with Component Conventions
 **File:** `~/.claude/CLAUDE.md`
 Add section documenting:
 - Format conventions (when to use JSON vs YAML vs Markdown)
 - Component relationships (commands → skills → workflows)
 - Naming patterns
 ---
 ## Files to Create
 | File | Purpose |
 |------|---------|
 | `~/.claude/commands/k8s/cluster-status.md` | Cluster status command |
 | `~/.claude/commands/k8s/deploy.md` | Deploy command |
 | `~/.claude/commands/k8s/diagnose.md` | Diagnose command |
 | `~/.claude/workflows/deploy/deploy-app.yaml` | Converted workflow |
 ## Files to Delete
 | File | Reason |
 |------|--------|
 | `~/.claude/skills/cluster-status.md` | Moved to commands |
 | `~/.claude/skills/deploy.md` | Moved to commands |
 | `~/.claude/skills/diagnose.md` | Moved to commands |
 | `~/.claude/workflows/deploy/deploy-app.md` | Converted to YAML |
 ## Files to Modify
 | File | Change |
 |------|--------|
 | `~/.claude/commands/sysadmin/health.md` | Add invokes reference |
 | `~/.claude/commands/sysadmin/update.md` | Add invokes reference |
 | `~/.claude/commands/sysadmin/autonomy.md` | Add modifies reference |
 | `~/.claude/CLAUDE.md` | Add component conventions |
 ---
 ## Execution Order
 1. Create `~/.claude/commands/k8s/` directory
 2. Create 3 new command files
 3. Delete 3 misclassified skill files
 4. Convert deploy-app.md to deploy-app.yaml
 5. Update existing command files with cross-references
 6. Update CLAUDE.md with conventions
@@ -0,0 +1,52 @@
 # Handoff: Linux Sysadmin Agent Implementation
 ## Context
 Brainstorming session completed for building a Linux sysadmin AI agent.
 ## Plan Location
 `/home/will/.claude/plans/shimmering-discovering-bonbon.md`
 ## What Was Decided
 ### Architecture
 - Multi-agent system with **master-orchestrator** (Opus) overseeing all agents
 - New **linux-sysadmin** agent (Sonnet) for Arch Linux workstation
 - Existing K8s agents become managed by master-orchestrator
 - Shared state files in `~/.claude/state/` for cross-agent awareness
 ### Linux Sysadmin Agent
 - **Target**: Arch Linux with pacman/yay/homebrew
 - **Scope**: Full sysadmin (maintenance, troubleshooting, config, security)
 - **Autonomy**: Conservative by default (confirm all changes), session-configurable
 - **Interaction**: CLI + scheduled, alerting deferred
 ### Key Design Decisions
 - Claude Code compatible (Markdown + YAML frontmatter for agents)
 - JSON files for state/data (not agent definitions)
 - Model selection policy for cost efficiency (haiku → sonnet → opus)
 - Agents can delegate to multiple subagents (parallel/sequential)
 - `system-instructions.json` captures all processes
 - `future-considerations.json` tracks deferred items (all agents aware)
 ### Settings.json Cleanup Required
 - Remove non-standard `agents` field with `promptFile` entries
 - Keep only standard Claude Code settings
 ## Implementation Order (20 steps, 7 phases)
 1. Foundation (state files, CLAUDE.md)
 2. Master orchestrator agent
 3. Linux sysadmin agent
 4. Update existing K8s agents
 5. Clean settings.json
 6. Skills & slash commands
 7. Workflows
 ## Future Considerations to Track
 - Prometheus/Alertmanager for workstation alerting
 - Network admin agent
 - Personal assistant agent
 - External LLM integration
 - Slash commands redesign
 ## Next Action
 Read the full plan and begin Phase 1: Foundation
@@ -0,0 +1,228 @@
 # Linux Sysadmin Agent - Implementation Plan
 ## Overview
 Create a Linux sysadmin agent for Arch Linux workstation management, integrated into a multi-agent system with a master orchestrator overseeing all agents.
 ## Architecture
 ```
 ~/.claude/
 ├── CLAUDE.md                          # Shared memory: conventions, state file locations
 ├── agents/
 │   ├── master-orchestrator.md         # NEW: oversight layer (Opus)
 │   ├── linux-sysadmin.md              # NEW: workstation agent (Sonnet)
 │   ├── k8s-orchestrator.md            # UPDATE: add shared state awareness
 │   ├── k8s-diagnostician.md           # UPDATE: add shared state awareness
 │   ├── argocd-operator.md             # UPDATE: add shared state awareness
 │   ├── prometheus-analyst.md          # UPDATE: add shared state awareness
 │   └── git-operator.md                # UPDATE: add shared state awareness
 ├── state/
 │   ├── system-instructions.json       # NEW: central process definitions
 │   ├── future-considerations.json     # NEW: deferred features/decisions
 │   ├── model-policy.json              # NEW: cost-efficient model selection rules
 │   ├── autonomy-levels.json           # NEW: shared autonomy definitions
 │   └── sysadmin/
 │       └── session-autonomy.json      # NEW: per-session overrides
 ├── skills/
 │   └── sysadmin-health/
 │       └── SKILL.md                   # NEW: health check skill
 ├── commands/
 │   └── sysadmin/
 │       ├── health.md                  # NEW: /health slash command
 │       └── update.md                  # NEW: /update slash command
 ├── workflows/
 │   └── sysadmin/
 │       ├── health-check.yaml          # NEW: scheduled workflow
 │       └── system-update.yaml         # NEW: manual workflow
 ├── automation/
 │   └── sysadmin/
 │       └── scripts/                   # NEW: managed scripts directory
 └── settings.json                      # UPDATE: remove non-standard agent fields
 ```
 ## Agent Hierarchy
 ```
 Master Orchestrator (Opus) - monitor, coordinate, enforce
 ├── linux-sysadmin (Sonnet) - workstation management
 ├── k8s-orchestrator (Opus) - cluster management
 │   ├── k8s-diagnostician (Sonnet)
 │   ├── argocd-operator (Sonnet)
 │   ├── prometheus-analyst (Sonnet)
 │   └── git-operator (Sonnet)
 ├── network-agent (future)
 └── personal-assistant (future)
 ```
 ## Linux Sysadmin Agent Specification
 ### Target Environment
 - **OS**: Arch Linux (rolling release)
 - **Package managers**: pacman, yay (AUR), homebrew
 - **Init system**: systemd
 ### Responsibilities
 - **System maintenance**: Package updates, cache cleanup, log rotation, orphan removal
 - **Troubleshooting**: Analyze journalctl logs, diagnose failed services, identify bottlenecks
 - **Configuration**: Manage systemd services, edit configs (with approval), dotfile awareness
 - **Security**: Monitor failed logins, check firewall, identify vulnerable packages
 - **Health reporting**: Disk, memory, CPU, swap, service status, pending updates
 ### Tools
 **Safe (auto-execute):**
 - `journalctl`, `systemctl status`, `pacman -Q*`, `yay -Q*`, `brew list`
 - `df`, `free`, `top`, `ps`, `ip`, `ss`, `uname`, `lsblk`, `findmnt`
 - `uptime`, `last`, `who`
 **Confirm (require approval):**
 - `pacman -S/R/Syu`, `yay -S/R`, `brew install/upgrade`
 - `systemctl start/stop/restart/enable/disable`
 - Config file edits, `ansible-playbook`
 **Forbidden:**
 - `rm -rf /`, `dd` on system disks, `chmod -R 777`
 - Kernel parameter changes without explicit request
 - Anything touching `/boot` without confirmation
 ### Autonomy Model
 Default: **Conservative** (read-only, confirm all changes)
 ```json
 {
  "levels": {
    "conservative": "Confirm all write operations",
    "moderate": "Auto-execute routine maintenance, confirm installs/removals",
    "trusted": "Auto-execute most operations, confirm only destructive"
  },
  "session_override": "~/.claude/state/sysadmin/session-autonomy.json"
 }
 ```
 ## Master Orchestrator Specification
 ### Responsibilities
 1. **Monitor**: Watch agent activity, detect anomalies, track pending approvals
 2. **Coordinate**: Route cross-agent requests, prevent conflicts
 3. **Enforce**: Validate autonomy rules, block forbidden actions, escalate to user
 4. **Memory**: Maintain shared state files (all agents read, master writes)
 ### Cross-Agent Communication Flow
 ```
 Agent A → Master Orchestrator → Agent B
                ↓
        (route, validate, log)
 ```
 ## Model Selection Policy
 ```json
 {
  "opus": ["complex reasoning", "cross-agent coordination", "policy enforcement"],
  "sonnet": ["standard operations", "well-defined tasks", "routine automation"],
  "haiku": ["simple queries", "status checks", "log parsing", "data extraction"]
 }
 ```
 **Cost rules:**
 1. Start with lowest capable model
 2. Escalate only when task complexity requires
 3. Agents may request model upgrade from orchestrator
 4. Log model usage for cost analysis
 ## Multi-Subagent Delegation
 Agents can delegate to multiple subagents:
 - **Parallel**: Independent tasks run simultaneously
 - **Sequential**: Dependent tasks run in order
 - **Model override**: Request specific model per delegation
 ## Shared State Files
 | File | Purpose | Writer |
 |------|---------|--------|
 | `system-instructions.json` | Central process definitions | master-orchestrator |
 | `future-considerations.json` | Deferred features/decisions | master-orchestrator |
 | `model-policy.json` | Model selection rules | master-orchestrator |
 | `autonomy-levels.json` | Autonomy definitions | master-orchestrator |
 | `session-autonomy.json` | Per-session overrides | user/CLI |
 All agents MUST be aware of these files and follow the processes defined within.
 ## Implementation Steps
 ### Phase 1: Foundation
 1. Create `state/system-instructions.json`
 2. Create `state/future-considerations.json`
 3. Create `state/model-policy.json`
 4. Create `state/autonomy-levels.json`
 5. Update `CLAUDE.md` with shared state locations
 ### Phase 2: Master Orchestrator
 6. Create `agents/master-orchestrator.md` with YAML frontmatter
 ### Phase 3: Linux Sysadmin Agent
 7. Create `agents/linux-sysadmin.md` with YAML frontmatter
 8. Create `state/sysadmin/` directory structure
 ### Phase 4: Update Existing Agents
 9. Update `agents/k8s-orchestrator.md` - add shared state awareness
 10. Update `agents/k8s-diagnostician.md` - add shared state awareness
 11. Update `agents/argocd-operator.md` - add shared state awareness
 12. Update `agents/prometheus-analyst.md` - add shared state awareness
 13. Update `agents/git-operator.md` - add shared state awareness
 ### Phase 5: Clean Settings
 14. Update `settings.json` - remove non-standard `agents` field with `promptFile`
 ### Phase 6: Skills & Commands
 15. Create `skills/sysadmin-health/SKILL.md`
 16. Create `commands/sysadmin/health.md`
 17. Create `commands/sysadmin/update.md`
 ### Phase 7: Workflows
 18. Create `workflows/sysadmin/health-check.yaml`
 19. Create `workflows/sysadmin/system-update.yaml`
 20. Create `automation/sysadmin/scripts/` directory
 ## Future Considerations
 Track in `state/future-considerations.json`:
 | ID | Category | Description | Priority |
 |----|----------|-------------|----------|
 | fc-001 | infrastructure | Prometheus node_exporter + Alertmanager for workstation | medium |
 | fc-002 | agent | Network admin agent | medium |
 | fc-003 | agent | Personal assistant agent | medium |
 | fc-004 | integration | External LLM integration (non-Claude models) | low |
 | fc-005 | optimization | Model usage logging and cost tracking | medium |
 | fc-006 | design | Revisit slash commands design | low |
 | fc-007 | optimization | Optimize document structure/format | low |
 ## Critical Files to Modify
 - `~/.claude/agents/k8s-orchestrator.md`
 - `~/.claude/agents/k8s-diagnostician.md`
 - `~/.claude/agents/argocd-operator.md`
 - `~/.claude/agents/prometheus-analyst.md`
 - `~/.claude/agents/git-operator.md`
 - `~/.claude/settings.json`
 - `~/.claude/CLAUDE.md`
 ## Agent File Format (Claude Code Required)
 All agents must use Markdown with YAML frontmatter:
 ```markdown
 ---
 name: agent-name
 description: When to use this agent
 model: sonnet|opus|haiku
 tools: Tool1, Tool2, Tool3
 ---
 [Agent instructions in Markdown]
 ```
@@ -0,0 +1,39 @@
 # Plan: Remove Redundancy + Add No-Redundancy Rule
 ## Identified Redundancies
 | Item | CLAUDE.md | system-instructions.json | Action |
 |------|-----------|--------------------------|--------|
 | Conventions | Lines 63-67 | Lines 55-59 | Remove from JSON (CLAUDE.md is human reference) |
 | State file writers | Lines 23-29 table | Lines 37-42 | Keep both - different purposes (table vs structured) |
 | Key Processes | Lines 31-47 | Lines 5-34 | OK - CLAUDE.md is summary, JSON is canonical |
 ## Changes Required
 ### 1. Remove `conventions` from `system-instructions.json`
 Already documented in CLAUDE.md - no need to duplicate.
 ### 2. Add no-redundancy principle to `CLAUDE.md`
 Add to Conventions section:
 ```
 - **No duplication**: Information lives in one place. CLAUDE.md = overview, JSON = details
 ```
 ### 3. Add to `system-instructions.json`
 Add principle:
 ```json
 "content-principles": {
  "no-redundancy": "Information lives in one authoritative location",
  "lean-files": "Keep files concise - no verbose examples or unnecessary prose"
 }
 ```
 ## Files to Modify
 | File | Action |
 |------|--------|
 | `~/.claude/state/system-instructions.json` | Remove conventions, add content-principles |
 | `~/.claude/CLAUDE.md` | Add no-duplication rule to conventions |
@@ -0,0 +1,82 @@
 # Plan: K8s Agent Production Validation
 ## Goal
 Address the identified gaps in k8s agent production readiness:
 1. Create a lightweight k8s skill for quick checks (parallel to existing workflow)
 2. Validate agents against live cluster with read-only operations
 ## Context
 **Already exists:**
 - `/cluster-status` command → `cluster-health-check` workflow (multi-step, 4 agents)
 - All k8s agents are defined with proper boundaries and formats
 **Gap:** No single-agent skill for ultra-quick status (like `sysadmin-health` for linux).
 ---
 ## Phase 1: Create K8s Quick-Status Skill
 Create `~/.claude/skills/k8s-quick-status/SKILL.md`
 **Purpose:** Lightweight single-agent check (haiku) for instant cluster pulse. Faster than workflow when you just need basics.
 **Checks:**
 - `kubectl get nodes` - node readiness
 - `kubectl get pods -A --field-selector=status.phase!=Running` - unhealthy pods
 - `kubectl get events -A --field-selector=type=Warning --sort-by='.lastTimestamp'` - recent warnings
 - `argocd app list` - sync status at a glance
 **Format:** Match `sysadmin-health` structure exactly (YAML frontmatter + Markdown).
 ---
 ## Phase 2: Live Cluster Validation
 Run read-only commands to validate connectivity and output quality.
 ### Test Sequence
 | Agent | Commands | Purpose |
 |-------|----------|---------|
 | k8s-diagnostician | `kubectl get nodes -o wide`<br>`kubectl get pods -A`<br>`kubectl top nodes` | Cluster connectivity |
 | prometheus-analyst | `curl localhost:9090/api/v1/query?query=up`<br>`curl localhost:9090/api/v1/alerts` | Metrics access |
 | argocd-operator | `argocd app list` | GitOps connectivity |
 | git-operator | `git -C <gitops-repo> log --oneline -n 5` | Repo access |
 ### Success Criteria
 - All commands execute without error
 - kubectl has valid kubeconfig
 - Prometheus is reachable
 - ArgoCD CLI is authenticated
 - Git repo is accessible
 ---
 ## Phase 3: Document Results
 Update `~/.claude/state/future-considerations.json` with:
 - Validation status per agent
 - Any connectivity issues discovered
 - Recommendations for fixes
 ---
 ## Files to Create/Modify
 | File | Action |
 |------|--------|
 | `~/.claude/skills/k8s-quick-status/SKILL.md` | Create |
 | `~/.claude/state/future-considerations.json` | Update |
 ---
 ## Execution Order
 1. Create `k8s-quick-status` skill
 2. Run kubectl connectivity test
 3. Run Prometheus connectivity test
 4. Run ArgoCD connectivity test
 5. Run Git repo connectivity test
 6. Document findings in `future-considerations.json`
 7. Report summary
@@ -5,7 +5,7 @@
      "repo": "anthropics/claude-plugins-official"
    },
    "installLocation": "/home/will/.claude/plugins/marketplaces/claude-plugins-official",
-    "lastUpdated": "2025-12-26T18:15:48.383Z"
+    "lastUpdated": "2025-12-29T20:32:21.240Z"
  },
  "superpowers-marketplace": {
    "source": {
@@ -1,64 +0,0 @@
 # Cluster Status
 Get a quick health overview of the Raspberry Pi Kubernetes cluster.
 ## Usage
 ```
 /cluster-status
 ```
 ## What it does
 Invokes the k8s-orchestrator to provide a comprehensive cluster health overview by delegating to specialized agents.
 ## Steps
 1. **Node Health** (k8s-diagnostician, haiku)
   - Get all node statuses
   - Check for any conditions (MemoryPressure, DiskPressure)
   - Report resource usage per node
 2. **Active Alerts** (prometheus-analyst, haiku)
   - Query Alertmanager for firing alerts
   - List alert names and severity
 3. **ArgoCD Status** (argocd-operator, haiku)
   - List all applications
   - Report sync status (Synced/OutOfSync)
   - Report health status (Healthy/Degraded)
 4. **Summary** (k8s-orchestrator, sonnet)
   - Aggregate findings
   - Produce overall health rating
   - Recommend actions if issues found
 ## Output Format
 ```
 Cluster Status: [Healthy/Degraded/Critical]
 Nodes:
 | Node   | Status | CPU  | Memory | Conditions |
 |--------|--------|------|--------|------------|
 | pi5-1  | Ready  | 45%  | 68%    | OK         |
 | pi5-2  | Ready  | 32%  | 52%    | OK         |
 | pi3    | Ready  | 78%  | 89%    | MemPressure|
 Active Alerts: [count]
 - [FIRING] AlertName - description
 ArgoCD Apps:
 | App       | Sync     | Health    |
 |-----------|----------|-----------|
 | homepage  | Synced   | Healthy   |
 | api       | OutOfSync| Degraded  |
 Recommendations:
 - [action if needed]
 ```
 ## Options
 - `--full` - Run the complete cluster-health-check workflow
 - `--quick` - Just node and pod status (faster)
@@ -1,83 +0,0 @@
 # Deploy Application
 Deploy a new application or update an existing one on the Raspberry Pi Kubernetes cluster.
 ## Usage
 ```
 /deploy <app-name>
 /deploy <app-name> --image <image:tag>
 /deploy <app-name> --update
 ```
 ## What it does
 Guides you through deploying an application using the GitOps workflow with ArgoCD.
 ## Interactive Mode
 When run without full arguments, the skill will ask for:
 1. **Application name** - Name for the deployment
 2. **Container image** - Full image path with tag
 3. **Namespace** - Target namespace (default: default)
 4. **Ports** - Exposed ports (comma-separated)
 5. **Resources** - Memory/CPU limits (defaults provided for Pi)
 6. **Pi 3 compatible?** - Whether to add tolerations for Pi 3 node
 ## Quick Deploy
 ```
 /deploy myapp --image ghcr.io/user/myapp:latest --namespace apps --port 8080
 ```
 ## Steps
 1. **Check existing state** - See if app exists, current status
 2. **Generate manifests** - Create deployment, service, kustomization
 3. **Create PR** - Push to GitOps repo, create PR
 4. **Sync** - After PR merge, trigger ArgoCD sync
 5. **Verify** - Confirm pods are running
 ## Resource Defaults (Pi-optimized)
 ```yaml
 # Standard workload
 requests:
  memory: "64Mi"
  cpu: "50m"
 limits:
  memory: "128Mi"
  cpu: "200m"
 # Lightweight (Pi 3 compatible)
 requests:
  memory: "32Mi"
  cpu: "25m"
 limits:
  memory: "64Mi"
  cpu: "100m"
 ```
 ## Examples
 ### Deploy new app
 ```
 /deploy homepage --image nginx:alpine --port 80 --namespace web
 ```
 ### Update existing app
 ```
 /deploy api --update --image api:v2.0.0
 ```
 ### Deploy to Pi 3
 ```
 /deploy lightweight-app --image app:latest --pi3
 ```
 ## Confirmation Points
 - **[CONFIRM]** Creating PR in GitOps repo
 - **[CONFIRM]** Syncing ArgoCD application
 - **[CONFIRM]** Rollback if deployment fails
@@ -1,124 +0,0 @@
 # Diagnose Issue
 Investigate and diagnose problems in the Raspberry Pi Kubernetes cluster.
 ## Usage
 ```
 /diagnose <issue-description>
 /diagnose pod <pod-name> -n <namespace>
 /diagnose app <argocd-app-name>
 /diagnose node <node-name>
 ```
 ## What it does
 Invokes the k8s-orchestrator to investigate issues by coordinating multiple specialist agents.
 ## Diagnosis Types
 ### General Issue
 ```
 /diagnose "my app is returning 503 errors"
 ```
 The orchestrator will:
 1. Identify relevant resources
 2. Check pod status and logs
 3. Query relevant metrics
 4. Analyze ArgoCD sync state
 5. Provide diagnosis and recommendations
 ### Pod Diagnosis
 ```
 /diagnose pod myapp-7d9f8b6c5-x2k4m -n production
 ```
 Focuses on:
 - Pod status and events
 - Container logs (current and previous)
 - Resource usage vs limits
 - Restart history
 - Related alerts
 ### ArgoCD App Diagnosis
 ```
 /diagnose app homepage
 ```
 Focuses on:
 - Sync status and history
 - Health status of resources
 - Diff between desired and live state
 - Recent sync errors
 ### Node Diagnosis
 ```
 /diagnose node pi5-1
 ```
 Focuses on:
 - Node conditions
 - Resource pressure
 - Running pods count
 - System events
 - Disk and network status
 ## Investigation Flow
 ```
 User describes issue
        │
        ▼
 ┌─────────────────┐
 │ k8s-orchestrator│ ─── Analyze issue, plan investigation
 └────────┬────────┘
         │
    ┌────┼────┬────────┐
    ▼    ▼    ▼        ▼
 ┌──────┐┌──────┐┌──────┐┌──────┐
 │diag- ││argo- ││prom- ││git-  │
 │nosti-││cd-   ││etheus││opera-│
 │cian  ││oper- ││analy-││tor   │
 │      ││ator  ││st    ││      │
 └──┬───┘└──┬───┘└──┬───┘└──┬───┘
   │       │       │       │
   └───────┴───────┴───────┘
                │
                ▼
        ┌─────────────────┐
        │ k8s-orchestrator│ ─── Synthesize findings
        └────────┬────────┘
                 │
                 ▼
        Diagnosis + Recommendations
 ```
 ## Output Format
 ```
 Diagnosis for: [issue description]
 Status: [Investigating/Identified/Resolved]
 Findings:
 1. [Finding with evidence]
 2. [Finding with evidence]
 Root Cause:
 [Explanation of what's causing the issue]
 Evidence:
 - [Relevant log lines or metrics]
 - [Command outputs]
 Recommended Actions:
 - [SAFE] Action that can be auto-applied
 - [CONFIRM] Action requiring approval
 - [INFO] Suggestion for manual follow-up
 Severity: [Low/Medium/High/Critical]
 ```
 ## Options
 - `--verbose` - Include full command outputs
 - `--logs` - Focus on log analysis
 - `--metrics` - Focus on metrics analysis
 - `--quick` - Fast surface-level check only
@@ -0,0 +1,43 @@
 ---
 name: k8s-quick-status
 description: Quick cluster health pulse check
 model: haiku
 ---
 # K8s Quick Status Skill
 Performs a lightweight health pulse check on the Raspberry Pi Kubernetes cluster.
 ## Checks Performed
 ### Node Status
 - Node readiness (`kubectl get nodes`)
 - Node conditions (MemoryPressure, DiskPressure, PIDPressure)
 ### Pod Health
 - Unhealthy pods (`kubectl get pods -A --field-selector=status.phase!=Running`)
 - High restart counts (pods with >5 restarts)
 ### Recent Events
 - Warning events in last hour (`kubectl get events -A --field-selector=type=Warning --sort-by='.lastTimestamp'`)
 ### ArgoCD Status
 - Application sync status (`argocd app list`)
 - Any OutOfSync or Degraded apps
 ## Output Format
 Report as structured summary with:
 - Overall status (healthy/warning/critical)
 - Node summary table
 - Unhealthy pods list (if any)
 - ArgoCD app status
 - Immediate concerns (if any)
 ## Autonomy
 This skill is read-only and can run without confirmation.
 ## When to Use
 Use this skill for a quick pulse check. For comprehensive analysis with metrics and detailed recommendations, use the `/cluster-status` command which invokes the full `cluster-health-check` workflow.
@@ -0,0 +1,69 @@
 ---
 name: programmer-add-project
 description: Register a new project with the programmer agent system
 ---
 # Add Project to Programmer Agent
 Register a new project for context-aware code development.
 ## Gather Information
 Collect from the user:
 1. **Project path**: Absolute path to project root
 2. **Project name**: Short identifier (used for filename)
 3. **Description**: What the project does (1-2 sentences)
 4. **Tech stack**: Languages, frameworks, databases
 5. **Conventions**: Path to conventions file or brief description
 ## Validate
 Before creating:
 1. Verify the path exists: `ls <path>`
 2. Check for existing project file: `~/.claude/state/programmer/projects/<name>.json`
 3. Look for conventions file if path provided
 ## Create Project File
 Write to `~/.claude/state/programmer/projects/<name>.json`:
 ```json
 {
  "path": "/absolute/path/to/project",
  "description": "Description of the project",
  "stack": ["language", "framework", "database"],
  "conventions": "See CONTRIBUTING.md or brief description",
  "recentWork": [],
  "activeTodos": [],
  "created": "YYYY-MM-DD"
 }
 ```
 ## Output
 Confirm to user:
 ```markdown
 ## Project Registered
 - **Name**: project-name
 - **Path**: /path/to/project
 - **Stack**: language, framework
 - **Config**: `~/.claude/state/programmer/projects/project-name.json`
 The programmer agent will now use this context when working in this project.
 ```
 ## Example Interaction
 User: "Add my inventory-api project"
 Agent:
 1. Ask for project path
 2. Ask for description
 3. Ask for tech stack
 4. Look for CONTRIBUTING.md or conventions
 5. Create project file
 6. Confirm registration
@@ -0,0 +1,51 @@
 ---
 name: sysadmin-health
 description: Run comprehensive health check on Arch Linux workstation
 model: haiku
 ---
 # Sysadmin Health Check Skill
 Performs a comprehensive health check on the local Arch Linux workstation.
 ## Checks Performed
 ### System Resources
 - Disk usage (`df -h`)
 - Memory usage (`free -h`)
 - Swap usage
 - CPU load (`uptime`)
 - Top processes by resource usage
 ### Package Status
 - Pending pacman updates (`checkupdates`)
 - AUR updates available (`yay -Qua`)
 - Orphaned packages (`pacman -Qtdq`)
 - Package cache size (`du -sh /var/cache/pacman/pkg`)
 ### Service Status
 - Failed systemd services (`systemctl --failed`)
 - Key services status (NetworkManager, sshd, etc.)
 ### User Timers (Claude Automation)
 - Active user timers (`systemctl --user list-timers`)
 - Failed user services (`systemctl --user --failed`)
 - Recent timer runs (`journalctl --user -u k8s-agent-health-check --since "24 hours ago" -n 5`)
 ### Security
 - Recent failed login attempts (`journalctl -u sshd --since "24 hours ago" | grep -i failed`)
 - Last logins (`last -n 5`)
 ### Logs
 - Recent errors in journal (`journalctl -p err --since "24 hours ago" -n 20`)
 ## Output Format
 Report as structured summary with:
 - Overall health status (healthy/warning/critical)
 - Issues found (if any)
 - Recommended actions
 ## Autonomy
 This skill is read-only and can run without confirmation.
@@ -0,0 +1 @@
 {"version":"1.0.0","description":"Shared autonomy level definitions for all agents","levels":{"conservative":{"description":"Confirm all write operations","behavior":{"read_operations":"auto-execute","write_operations":"require confirmation","destructive_operations":"require confirmation"},"suitable_for":["initial setup","unfamiliar systems","production environments"]},"moderate":{"description":"Auto-execute routine maintenance, confirm installs/removals","behavior":{"read_operations":"auto-execute","routine_maintenance":"auto-execute","package_changes":"require confirmation","destructive_operations":"require confirmation"},"suitable_for":["trusted development environments","routine maintenance"]},"trusted":{"description":"Auto-execute most operations, confirm only destructive","behavior":{"read_operations":"auto-execute","write_operations":"auto-execute","package_changes":"auto-execute","destructive_operations":"require confirmation"},"suitable_for":["well-known environments","time-sensitive operations"]}},"agent_defaults":{"linux-sysadmin":"conservative","k8s-orchestrator":"conservative","k8s-diagnostician":"conservative","argocd-operator":"conservative","prometheus-analyst":"conservative","git-operator":"conservative"},"session_override":{"file":"~/.claude/state/sysadmin/session-autonomy.json","applies_to":"current session only","reset_on":"session end"}}
@@ -0,0 +1 @@
 {"infra":{"cluster":"k0s","nodes":3,"arch":"arm64"},"svc":{"gitops":"argocd","mon":"prometheus","alerts":"alertmanager"},"net":{},"hw":{"pi5_8gb":2,"pi3_1gb":1}}
@@ -0,0 +1,68 @@
 {
  "version": "1.0.0",
  "description": "Cost-efficient model selection policy",
  "models": {
    "opus": {
      "use_cases": [
        "Complex reasoning and analysis",
        "Cross-agent coordination",
        "Policy enforcement and validation",
        "Architectural decisions",
        "Ambiguous or nuanced tasks"
      ],
      "agents": [
        "personal-assistant",
        "master-orchestrator",
        "k8s-orchestrator",
        "programmer-orchestrator"
      ]
    },
    "sonnet": {
      "use_cases": [
        "Standard operations",
        "Well-defined tasks",
        "Routine automation",
        "Code generation and modification",
        "Troubleshooting with clear symptoms"
      ],
      "agents": [
        "linux-sysadmin",
        "k8s-diagnostician",
        "argocd-operator",
        "prometheus-analyst",
        "git-operator",
        "code-planner",
        "code-implementer",
        "code-reviewer"
      ]
    },
    "haiku": {
      "use_cases": [
        "Simple queries",
        "Status checks",
        "Log parsing",
        "Data extraction",
        "Formatting and summarization"
      ],
      "agents": [],
      "delegation_note": "Any agent can delegate simple subtasks to Haiku for cost efficiency"
    }
  },
  "escalation_rules": [
    {
      "from": "haiku",
      "to": "sonnet",
      "triggers": ["task_too_complex", "context_insufficient", "reasoning_required"]
    },
    {
      "from": "sonnet",
      "to": "opus",
      "triggers": ["cross_agent_coordination", "policy_decision", "complex_analysis"]
    }
  ],
  "cost_optimization": {
    "default_start": "lowest_capable",
    "log_usage": true,
    "review_frequency": "weekly"
  }
 }
@@ -1,7 +1 @@
-{
+{"version":"1.0","description":"Persistent PA configuration","context_gathering":{"default_level":"moderate"}}
  "version": "1.0",
  "description": "Persistent PA configuration",
  "context_gathering": {
    "default_level": "moderate"
  }
 }
@@ -1,5 +1,12 @@
 {
  "version": "1.0",
  "description": "User instructions optimized for agent consumption",
-  "items": []
+  "items": [
    {
      "id": "a1b2c3d4-5678-90ab-cdef-111111111111",
      "instruction": "Delegate technical tasks to specialized agents. Use skills and slash commands for quick technical checks.",
      "status": "active",
      "added": "2025-01-21"
    }
  ]
 }
@@ -0,0 +1,131 @@
 {
  "version": "1.0",
  "sessions": [
    {
      "id": "2025-12-29_10-36-32",
      "started": "2025-12-29T10:36:32-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_10-38-46",
      "started": "2025-12-29T10:38:46-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_10-59-33",
      "started": "2025-12-29T10:59:33-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-10-38",
      "started": "2025-12-29T11:10:38-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-20-09",
      "started": "2025-12-29T11:20:09-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-20-12",
      "started": "2025-12-29T11:20:12-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-20-17",
      "started": "2025-12-29T11:20:17-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-20-25",
      "started": "2025-12-29T11:20:25-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-20-49",
      "started": "2025-12-29T11:20:49-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-25-40",
      "started": "2025-12-29T11:25:40-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-25-44",
      "started": "2025-12-29T11:25:44-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-26-31",
      "started": "2025-12-29T11:26:31-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-26-33",
      "started": "2025-12-29T11:26:33-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-28-05",
      "started": "2025-12-29T11:28:05-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-28-06",
      "started": "2025-12-29T11:28:06-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_11-47-07",
      "started": "2025-12-29T11:47:07-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_12-31-06",
      "started": "2025-12-29T12:31:06-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    },
    {
      "id": "2025-12-29_12-31-10",
      "started": "2025-12-29T12:31:10-08:00",
      "ended": null,
      "summarized": false,
      "topics": []
    }
  ]
 }
@@ -0,0 +1 @@
 {}
@@ -0,0 +1,5 @@
 {
  "version": "1.0",
  "description": "Decisions made with rationale",
  "items": []
 }
@@ -0,0 +1,5 @@
 {
  "version": "1.0",
  "description": "Factual knowledge about the environment",
  "items": []
 }
@@ -0,0 +1,11 @@
 {
  "version": "1.0",
  "last_summarized": null,
  "total_sessions": 0,
  "total_items": {
    "decisions": 0,
    "preferences": 0,
    "projects": 0,
    "facts": 0
  }
 }
@@ -0,0 +1,5 @@
 {
  "version": "1.0",
  "description": "User preferences learned over time",
  "items": []
 }
@@ -0,0 +1,5 @@
 {
  "version": "1.0",
  "description": "Active and recent project context",
  "items": []
 }
@@ -1,6 +1 @@
-{
+{"version":"1.0","current_context_level":null,"set_at":null,"set_by":null}
  "version": "1.0",
  "current_context_level": null,
  "set_at": null,
  "set_by": null
 }
@@ -0,0 +1,5 @@
 {
  "style": {},
  "patterns": {},
  "languages": {}
 }
@@ -0,0 +1,4 @@
 {
  "level": "conservative",
  "overrides": {}
 }
@@ -0,0 +1 @@
 {"version":"1.0.0","description":"Per-session autonomy overrides for linux-sysadmin agent","current_level":"conservative","session_start":null,"overrides":{},"notes":"This file is modified by user/CLI to adjust autonomy during a session"}
@@ -0,0 +1 @@
 {"version":"1.0.0","description":"Central process definitions for all agents","processes":{"model-selection":{"description":"Cost-efficient model selection","rules":["Start with lowest capable model","Escalate only when task complexity requires","Agents may request model upgrade from orchestrator","Log model usage for cost analysis"]},"cross-agent-communication":{"description":"How agents interact","flow":"Agent A → Master Orchestrator → Personal Assistant (if escalation needed)","hierarchy":"Personal Assistant → Master Orchestrator → Domain Agents","requirements":["All cross-agent requests routed through master orchestrator","Master validates, routes, and logs all requests","Personal assistant has ultimate escalation authority","No direct agent-to-agent communication"]},"autonomy-enforcement":{"description":"How autonomy levels are applied","default":"conservative","session_override_file":"~/.claude/state/sysadmin/session-autonomy.json","rules":["Master orchestrator enforces autonomy levels","Session overrides apply only for current session","Forbidden actions always blocked regardless of autonomy level"]},"file-management":{"description":"File and directory ownership","state-files":{"system-instructions.json":"master-orchestrator","future-considerations.json":"master-orchestrator","model-policy.json":"master-orchestrator","autonomy-levels.json":"master-orchestrator","session-autonomy.json":"user/CLI"},"directories":{"master-orchestrator":["agents/","state/","skills/","commands/","workflows/"],"linux-sysadmin":["state/sysadmin/","automation/"]},"override_authority":"personal-assistant"},"agent-lifecycle":{"add":["Create agents/<name>.md","Update supervisor hierarchy","Update CLAUDE.md diagram","Update model-policy.json"],"remove":["Remove agents/<name>.md","Update supervisor hierarchy","Update CLAUDE.md diagram","Update model-policy.json","Clean up state"]},"content-principles":{"no-redundancy":"Information lives in one authoritative location","lean-files":"Keep files concise - no verbose examples or unnecessary prose"},"deferral-capture":{"description":"Capture deferrals to future-considerations.json","trigger":"User says 'revisit later' or similar","behavior":"Watch user messages for items worth adding to future-considerations.json - both explicit deferrals and implicit mentions of future work"}}}
@@ -1,97 +0,0 @@
 # Deploy Application Workflow
 A simple workflow for deploying new applications or updating existing ones.
 ## When to use
 Use this workflow when:
 - Deploying a new application to the cluster
 - Updating an existing application's configuration
 - Rolling out a new version of an application
 ## Steps
 ### 1. Gather Requirements
 Ask the user for:
 - Application name
 - Container image and tag
 - Namespace (default: `default`)
 - Resource requirements (CPU/memory limits)
 - Exposed ports
 - Any special requirements (tolerations for Pi 3, etc.)
 ### 2. Check Existing State
 Delegate to **argocd-operator** (haiku):
 - Check if application already exists in ArgoCD
 - If exists, get current status and version
 Delegate to **k8s-diagnostician** (haiku):
 - If exists, check current pod status
 - Check namespace exists
 ### 3. Create/Update Manifests
 Delegate to **git-operator** (sonnet):
 - Create or update deployment manifest
 - Create or update service manifest (if ports exposed)
 - Create or update kustomization.yaml
 - Include appropriate resource limits for Pi cluster:
  ```yaml
  resources:
    requests:
      memory: "64Mi"
      cpu: "50m"
    limits:
      memory: "128Mi"
      cpu: "200m"
  ```
 - If targeting Pi 3, add tolerations:
  ```yaml
  tolerations:
    - key: "node-type"
      operator: "Equal"
      value: "pi3"
      effect: "NoSchedule"
  ```
 ### 4. Commit Changes
 Delegate to **git-operator** (sonnet):
 - Create feature branch: `deploy/<app-name>`
 - Commit with message: `feat: deploy <app-name>`
 - Push branch to origin
 - Create pull request
 **[CONFIRM]** User must approve the PR creation.
 ### 5. Sync Application
 After PR is merged:
 Delegate to **argocd-operator** (sonnet):
 - Create ArgoCD application if new
 - Trigger sync for the application
 - Wait for sync to complete
 **[CONFIRM]** User must approve the sync operation.
 ### 6. Verify Deployment
 Delegate to **k8s-diagnostician** (haiku):
 - Check pods are running
 - Check no restart loops
 - Verify resource usage is within limits
 Report final status to user.
 ## Rollback
 If deployment fails:
 Delegate to **argocd-operator**:
 - Check application history
 - Propose rollback to previous version
 **[CONFIRM]** User must approve rollback.
@@ -0,0 +1,118 @@
 name: deploy-app
 description: Deploy new application or update existing one
 version: "1.0"
 trigger:
  - manual: true
 inputs:
  app_name:
    description: Application name
    required: true
  image:
    description: Container image and tag
    required: true
  namespace:
    description: Target namespace
    default: "default"
  ports:
    description: Exposed ports (comma-separated)
    required: false
  pi3_compatible:
    description: Add tolerations for Pi 3 node
    default: false
 defaults:
  model: sonnet
 steps:
  - name: check-existing
    description: Check if application already exists
    parallel:
      - agent: argocd-operator
        model: haiku
        task: |
          Check if application '{{ inputs.app_name }}' exists in ArgoCD.
          If exists, get current status, version, and sync state.
        output: argocd_status
      - agent: k8s-diagnostician
        model: haiku
        task: |
          Check if namespace '{{ inputs.namespace }}' exists.
          If app exists, check current pod status for '{{ inputs.app_name }}'.
        output: k8s_status
  - name: create-manifests
    agent: git-operator
    model: sonnet
    task: |
      Create or update Kubernetes manifests for '{{ inputs.app_name }}':
      1. Deployment manifest with:
         - Image: {{ inputs.image }}
         - Namespace: {{ inputs.namespace }}
         - Resource limits (Pi-optimized):
           requests: {memory: "64Mi", cpu: "50m"}
           limits: {memory: "128Mi", cpu: "200m"}
         {% if inputs.pi3_compatible %}
         - Tolerations for Pi 3 node
         {% endif %}
      2. Service manifest (if ports specified: {{ inputs.ports }})
      3. Kustomization.yaml
      Existing state:
      - ArgoCD: {{ steps.check-existing.argocd_status }}
      - K8s: {{ steps.check-existing.k8s_status }}
    output: manifests
    confirm: true
  - name: commit-changes
    agent: git-operator
    model: sonnet
    task: |
      Commit the manifests to GitOps repository:
      1. Create feature branch: deploy/{{ inputs.app_name }}
      2. Commit with message: feat: deploy {{ inputs.app_name }}
      3. Push branch to origin
      4. Create pull request
    output: pr_url
    confirm: true
  - name: sync-application
    agent: argocd-operator
    model: sonnet
    task: |
      After PR is merged:
      1. Create ArgoCD application if new
      2. Trigger sync for '{{ inputs.app_name }}'
      3. Wait for sync to complete
      4. Report sync result
    output: sync_result
    confirm: true
    depends_on_user: "PR must be merged before continuing"
  - name: verify-deployment
    agent: k8s-diagnostician
    model: haiku
    task: |
      Verify deployment of '{{ inputs.app_name }}':
      - Check pods are running
      - Check no restart loops
      - Verify resource usage within limits
      Report final deployment status.
    output: verification
 on_failure:
  - name: propose-rollback
    agent: argocd-operator
    task: |
      Deployment failed. Check application history and propose rollback.
    confirm: true
 outputs:
  - pr_url
  - sync_result
  - verification
@@ -0,0 +1,40 @@
 name: cluster-daily-summary
 description: Lightweight daily cluster status summary
 version: "1.0"
 trigger:
  - schedule: "0 8 * * *"  # daily at 8am
  - manual: true
 defaults:
  model: haiku
 steps:
  - name: quick-status
    agent: k8s-diagnostician
    model: haiku
    task: |
      Generate a quick daily cluster status:
      1. Node overview:
         - kubectl get nodes -o wide
         - Any nodes not Ready?
      2. Pod health:
         - Count of running vs non-running pods
         - Any pods in CrashLoopBackOff or Error?
      3. ArgoCD sync status:
         - argocd app list (if available)
         - Any apps OutOfSync?
      4. Recent events:
         - kubectl get events --sort-by='.lastTimestamp' -A | tail -10
         - Any Warning events in last 24h?
      Format as a brief daily digest suitable for quick review.
      Keep it concise - this is a summary, not a deep dive.
    output: daily_summary
 outputs:
  - daily_summary
@@ -0,0 +1,50 @@
 name: sysadmin-health-check
 description: Scheduled health check for Arch Linux workstation
 version: "1.0.0"
 trigger:
  schedule:
    cron: "0 9 * * *"  # Daily at 9 AM
  manual: true
 agent: linux-sysadmin
 model: haiku  # Use haiku for cost efficiency
 steps:
  - name: collect-metrics
    description: Gather system metrics
    commands:
      - df -h
      - free -h
      - uptime
      - top -bn1 | head -20
  - name: check-packages
    description: Check package status
    commands:
      - checkupdates 2>/dev/null || echo "No updates"
      - yay -Qua 2>/dev/null || echo "No AUR updates"
      - pacman -Qtdq 2>/dev/null || echo "No orphans"
  - name: check-services
    description: Check systemd services
    commands:
      - systemctl --failed --no-pager
  - name: check-logs
    description: Review recent errors
    commands:
      - journalctl -p err --since "24 hours ago" -n 10 --no-pager
  - name: generate-report
    description: Create health summary
    action: summarize
    format: markdown
 output:
  file: ~/.claude/logs/health-reports/$(date +%Y-%m-%d).md
  notify:
    on_warning: true
    on_critical: true
 autonomy: read-only  # No confirmation needed for read operations
@@ -0,0 +1,83 @@
 name: sysadmin-system-update
 description: Manual system update workflow for Arch Linux
 version: "1.0.0"
 trigger:
  manual: true
  command: /update
 agent: linux-sysadmin
 model: sonnet  # Use sonnet for update decisions
 parameters:
  - name: scope
    type: choice
    options: [full, pacman, aur, brew]
    default: full
    description: Which package managers to update
  - name: dry_run
    type: boolean
    default: false
    description: Show updates without installing
 steps:
  - name: pre-flight
    description: Pre-update checks
    commands:
      - df -h /  # Check disk space
      - pacman -Qi linux | grep Version  # Current kernel version
    fail_on_error: true
  - name: check-updates
    description: List available updates
    commands:
      - checkupdates
      - yay -Qua
      - brew outdated
    condition: "{{ not dry_run }}"
  - name: confirm-updates
    description: Get user confirmation
    action: confirm
    message: "Proceed with {{ scope }} update?"
    skip_if: "{{ autonomy == 'trusted' }}"
  - name: update-pacman
    description: Update pacman packages
    commands:
      - pacman -Syu --noconfirm
    condition: "{{ scope in ['full', 'pacman'] }}"
    requires_confirmation: true
  - name: update-aur
    description: Update AUR packages
    commands:
      - yay -Sua --noconfirm
    condition: "{{ scope in ['full', 'aur'] }}"
    requires_confirmation: true
  - name: update-brew
    description: Update Homebrew packages
    commands:
      - brew upgrade
    condition: "{{ scope in ['full', 'brew'] }}"
    requires_confirmation: true
  - name: post-update
    description: Post-update checks
    commands:
      - find /etc -name "*.pacnew" 2>/dev/null
      - pacman -Qi linux | grep Version  # Check if kernel updated
    action: summarize
  - name: reboot-check
    description: Check if reboot needed
    action: notify
    message: "Kernel updated. Reboot recommended."
    condition: "{{ kernel_updated }}"
 output:
  log: ~/.claude/logs/updates/$(date +%Y-%m-%d_%H%M).log
 autonomy: conservative  # Always confirm update operations
@@ -0,0 +1,62 @@
 name: validate-agent-format
 description: Validate YAML frontmatter in all agent definition files
 trigger:
  - manual
 inputs: {}
 steps:
  - name: scan-agent-files
    description: Find all agent definition files
    command: ls -1 ~/.claude/agents/*.md
  - name: validate-frontmatter
    description: Check each agent file for required YAML frontmatter
    for_each: "{{ steps.scan-agent-files.output }}"
    validation:
      - name: has-frontmatter
        check: "File starts with '---' delimiter"
        required: true
      - name: has-name-field
        check: "YAML contains 'name:' field"
        required: true
      - name: has-description-field
        check: "YAML contains 'description:' field"
        required: true
      - name: has-model-field
        check: "YAML contains 'model:' field"
        required: true
      - name: has-tools-field
        check: "YAML contains 'tools:' field"
        required: true
      - name: valid-model-value
        check: "model value is one of: haiku, sonnet, opus"
        required: true
  - name: report-results
    description: Generate validation report
    output:
      format: table
      columns:
        - file
        - has_frontmatter
        - has_name
        - has_description
        - has_model
        - has_tools
        - valid_model
        - status
 success_criteria:
  - all_files_have_frontmatter: true
  - all_required_fields_present: true
  - all_model_values_valid: true
 on_failure:
  - report: List files with missing or invalid frontmatter
  - suggest: Provide exact frontmatter template for each failing file
		`@@ -0,0 +1 @@`
							{"version":"1.0.0","description":"Shared autonomy level definitions for all agents","levels":{"conservative":{"description":"Confirm all write operations","behavior":{"read_operations":"auto-execute","write_operations":"require confirmation","destructive_operations":"require confirmation"},"suitable_for":["initial setup","unfamiliar systems","production environments"]},"moderate":{"description":"Auto-execute routine maintenance, confirm installs/removals","behavior":{"read_operations":"auto-execute","routine_maintenance":"auto-execute","package_changes":"require confirmation","destructive_operations":"require confirmation"},"suitable_for":["trusted development environments","routine maintenance"]},"trusted":{"description":"Auto-execute most operations, confirm only destructive","behavior":{"read_operations":"auto-execute","write_operations":"auto-execute","package_changes":"auto-execute","destructive_operations":"require confirmation"},"suitable_for":["well-known environments","time-sensitive operations"]}},"agent_defaults":{"linux-sysadmin":"conservative","k8s-orchestrator":"conservative","k8s-diagnostician":"conservative","argocd-operator":"conservative","prometheus-analyst":"conservative","git-operator":"conservative"},"session_override":{"file":"~/.claude/state/sysadmin/session-autonomy.json","applies_to":"current session only","reset_on":"session end"}}
		`@@ -0,0 +1 @@`
							`{"infra":{"cluster":"k0s","nodes":3,"arch":"arm64"},"svc":{"gitops":"argocd","mon":"prometheus","alerts":"alertmanager"},"net":{},"hw":{"pi5_8gb":2,"pi3_1gb":1}}`
		`@@ -0,0 +1 @@`
							`{"version":"1.0.0","description":"Per-session autonomy overrides for linux-sysadmin agent","current_level":"conservative","session_start":null,"overrides":{},"notes":"This file is modified by user/CLI to adjust autonomy during a session"}`
		`@@ -0,0 +1 @@`
							{"version":"1.0.0","description":"Central process definitions for all agents","processes":{"model-selection":{"description":"Cost-efficient model selection","rules":["Start with lowest capable model","Escalate only when task complexity requires","Agents may request model upgrade from orchestrator","Log model usage for cost analysis"]},"cross-agent-communication":{"description":"How agents interact","flow":"Agent A → Master Orchestrator → Personal Assistant (if escalation needed)","hierarchy":"Personal Assistant → Master Orchestrator → Domain Agents","requirements":["All cross-agent requests routed through master orchestrator","Master validates, routes, and logs all requests","Personal assistant has ultimate escalation authority","No direct agent-to-agent communication"]},"autonomy-enforcement":{"description":"How autonomy levels are applied","default":"conservative","session_override_file":"~/.claude/state/sysadmin/session-autonomy.json","rules":["Master orchestrator enforces autonomy levels","Session overrides apply only for current session","Forbidden actions always blocked regardless of autonomy level"]},"file-management":{"description":"File and directory ownership","state-files":{"system-instructions.json":"master-orchestrator","future-considerations.json":"master-orchestrator","model-policy.json":"master-orchestrator","autonomy-levels.json":"master-orchestrator","session-autonomy.json":"user/CLI"},"directories":{"master-orchestrator":["agents/","state/","skills/","commands/","workflows/"],"linux-sysadmin":["state/sysadmin/","automation/"]},"override_authority":"personal-assistant"},"agent-lifecycle":{"add":["Create agents/<name>.md","Update supervisor hierarchy","Update CLAUDE.md diagram","Update model-policy.json"],"remove":["Remove agents/<name>.md","Update supervisor hierarchy","Update CLAUDE.md diagram","Update model-policy.json","Clean up state"]},"content-principles":{"no-redundancy":"Information lives in one authoritative location","lean-files":"Keep files concise - no verbose examples or unnecessary prose"},"deferral-capture":{"description":"Capture deferrals to future-considerations.json","trigger":"User says 'revisit later' or similar","behavior":"Watch user messages for items worth adding to future-considerations.json - both explicit deferrals and implicit mentions of future work"}}}