feat(persona): add autonomous-actor persona for delegated cutover-class work

[khaliqgant]

What

Adds the autonomous-actor persona under .agentworkforce/workforce/ — an orchestrator persona for delegated, multi-PR, multi-day, cutover-class infra and feature deliveries. The orchestrator operates under an explicit written contract that grants (each requires explicit operator acknowledgement):

• auto-merge authority under a defined per-PR bar,
• flip-the-switch authority when all pre-flip gates read GREEN,
• swarm-blockers authority to spawn codex-impl + claude-review pairs to self-unblock from repo ground truth,
• pre-authorized rollback authority on named mechanical triggers.

It holds standing constraints (no manual prod deploy; no direct prod SQL; instrument-don't-guess after two failed fixes; battle-tested means concurrent+sustained, never works-once; serialize merges through green main) and has explicit escalate-to-human conditions. It refuses to flip while any gate is AMBER.

Where it came from

This persona encodes the lessons-learned from the WS-OPTION-B run in the cloud repo (the in-flight Nango ingestion cutover from SQS to a Cloudflare Queue, dark-launched, single-switch flip). Concretely it bakes in:

• The CI-snapshot-staleness lesson (PRs #757+#758, #769+#779, #785+#782 broke composition because per-PR CI does not catch cross-PR interactions).
• The half-merged-conflict-resolution lesson (force-reset over fix-forward).
• The dormant-by-default + single-switch cutover pattern proven on the Worker migration.
• The instrument-don't-guess discipline triggered by the persona-kit and Hyperdrive incidents.
• The codex-lead-with-codex-impl anti-pattern.
• The file-based reporting convention required by 150-char channel truncation.
• The tiered-acceptance pattern needed for the 44-model x 10-provider parity matrix.

The six bundled skills

Skill	Covers
autonomous-run-contract	The binding contract every run starts with: run identity, grants requested, per-PR auto-merge bar, numbered pre-flip gates with acceptance + evidence pointers, the one-switch flip mechanism, mechanical rollback triggers, standing constraints, named escalate-to-human conditions. Re-read before every irreversible action.
auto-merge-and-composition-safety	The per-PR bar (CI verified LIVE at merge, substantive review by area, stale-vs-actionable bot triage with PR-replied audit, worktree hygiene, never-merge-on-red) and the cross-PR composition discipline (serialize through green main, force-reset over half-merged commits).
dormant-flip-and-rollback	The dark-launch + single-switch cutover pattern; flipping while any gate is AMBER is refused; rollback is mechanical and pre-authorized (no wait-and-see). Includes the pre-flip statement, the flip procedure, the post-flip monitoring cadence, and the post-rollback discipline.
instrument-dont-guess	After two consecutive failed fixes for the same symptom, the third action is a temporary diagnostic — a /_diag endpoint or enriched structured log that captures literal runtime values. Read literally, form the next fix from the data, revert in the same cycle.
swarm-blockers-and-gate-scoreboard	Dispatches supporting codex-impl + claude-review pairs (never codex-lead-with-codex-impl) under written sub-contracts; prefers structural proofs over runtime tests for invariants. Maintains the live RED/AMBER/GREEN gate scoreboard in /tmp/<run-name>-scoreboard.md plus the file-based reporting convention.
tiered-acceptance	When a single gate would require deep proof across a large set (44 models x 10 providers; 60+ resources), splits acceptance into tier-1 (deep proof on the top-volume slice) and tier-2 (smoke proof on the tail), with the trade-off explicitly operator-acknowledged in the contract; variant lists generated, not hand-maintained (drift = CI failure).

Modeled after

The shape (thin persona prompt + bundled SKILL.md files loaded together at startup, with the skills as the live ledger that gets updated as new failure modes appear) follows relayfile's integration-verifier persona pattern.

Files

• .agentworkforce/workforce/personas/autonomous-actor.json
• .agentworkforce/workforce/skills/autonomous-run-contract/SKILL.md
• .agentworkforce/workforce/skills/auto-merge-and-composition-safety/SKILL.md
• .agentworkforce/workforce/skills/dormant-flip-and-rollback/SKILL.md
• .agentworkforce/workforce/skills/instrument-dont-guess/SKILL.md
• .agentworkforce/workforce/skills/swarm-blockers-and-gate-scoreboard/SKILL.md
• .agentworkforce/workforce/skills/tiered-acceptance/SKILL.md

🤖 Generated with Claude Code

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces a complete autonomous actor persona and six foundational operational skills for contract-first, delegated multi-PR cutover delivery. A new JSON persona configuration wires together bound operator contracts, per-PR auto-merge gates, dormant production switching with pre-authorized rollback, concurrent work orchestration via gate scoreboard, diagnostic discipline for failure handling, and tiered acceptance strategies for variant coverage.

Changes

Autonomous Delivery System Framework

Layer / File(s)	Summary
Persona Definition and Orchestration Entry Point .agentworkforce/workforce/personas/autonomous-actor.json	The autonomous-actor persona JSON serves as the orchestration contract and entry point, defining system intent, referencing all six operational skills, bootstrapping the operator with a TASK_DESCRIPTION input prompt, and configuring Claude Opus-4-7 harness execution with high reasoning and 3600-second timeout.
Operator Run Contract and Authority Framework .agentworkforce/workforce/skills/autonomous-run-contract/SKILL.md	Binding contract specification operators must author before delegated work begins, defining run identity, explicit authority grants (auto-merge, flip, swarm-blockers, rollback), per-PR auto-merge bar (CI + review + bot triage + hygiene + no-red merges), numbered pre-flip gates with GREEN/AMBER/RED semantics, flip command(s), rollback triggers with metrics, standing constraints, escalation conditions, operator authoring workflow, and references to skills handling other responsibilities.
Per-PR Auto-Merge Safety Bar and Composition Discipline .agentworkforce/workforce/skills/auto-merge-and-composition-safety/SKILL.md	Per-PR auto-merge checklist requiring live CI verification, substantive area-based review evidence, bot-finding triage (stale/resolved/superseded/actionable), worktree hygiene, and inherited-failure handling. Cross-PR composition safeguards: serialize through green main with rebase and re-CI between merges, dormant-path audits (compile/parity checks, repo-wide symbol grep, guard preservation), and force-reset/re-run for half-merged conflicts. Includes file-based reporting conventions, anti-patterns, and scope exclusions.
Production Cutover: Dormant Behavior, Single Flip, Pre-Authorized Rollback .agentworkforce/workforce/skills/dormant-flip-and-rollback/SKILL.md	Standardized cutover procedure with three safety guarantees: new behavior dormant by default, single contracted flip command (refusing flip when any gate is AMBER), and pre-authorized rollback executing without operator consultation when contract-defined triggers fire. Specifies pre-flip checklist (gate re-verification, contract confirmation, operator statement), flip execution and monitoring cadence, rollback report template, post-rollback constraints (no re-flip without re-gating, post-mortem note with trigger/observations, new gate to catch missed gap), anti-patterns (enabling-on-merge, coupled flip+ship, non-preauth rollback, AMBER flips, implicit rollback), and exclusions (contract/composition/diagnostics).
Concurrent Work Orchestration and Gate Scoreboard .agentworkforce/workforce/skills/swarm-blockers-and-gate-scoreboard/SKILL.md	Swarm-blockers procedure for dispatching concurrent codex-impl + claude-review agent pairs on hard blockers with strict pairing/role constraints, per-workstream sub-contracts (status file paths, acceptance gates, escalation), and orchestrator aggregation from /tmp/ws-<name>-status.md into /tmp/<run-name>-rollup.md. Run-lifetime gate scoreboard (/tmp/<run-name>-scoreboard.md) with one-row-per-gate, RED/AMBER/GREEN semantics (AMBER blocks flip), hygiene rules (updates on state change, evidence pointers, stale-gate re-verification, all-GREEN before flip), file-based reporting rationale, anti-patterns, and scope exclusions.
Diagnostic Discipline: Instrument After Two Failed Fixes .agentworkforce/workforce/skills/instrument-dont-guess/SKILL.md	Rule to ship temporary diagnostic instead of guessing after two consecutive failed fix attempts for same symptom. Diagnostic content: runtime ground truth (variable values, code paths, upstream results, resource bindings); prohibitions (masking symptom, mutating data, cleartext secrets, persisting beyond root-cause). Step-by-step procedure (define → build → ship via CI → read → use), exception handling (different symptoms), anti-patterns, real-world examples, and scope exclusions.
Tiered Acceptance for Variant Coverage Scaling .agentworkforce/workforce/skills/tiered-acceptance/SKILL.md	Tiered acceptance strategy for prohibitive variant scope (large variant × provider × resource × region × tier combinations). Tier-1 full proof: high-volume/criticality slice with deep parity and sustained-load coverage. Tier-2 smoke proof: representative sample end-to-end without deep parity. Dormant-by-default safety via per-item enable/rollback. Required contract documentation (pre-flip gates, rollback triggers, escalation/promotions), strict variant enumeration from generated source of truth with CI drift checks, promotion criteria reopening gate status until deep proof lands, anti-patterns, and scope exclusions.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

A rabbit hops through six new skills so bright,
Contracts and gates and flips done right,
Dormant by default, then a single switch—
With pre-auth rollback for the final pitch.
No guessing twice, scoreboards keep the way,
Autonomous delivery, hip-hop-hooray! 🐰✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly and specifically describes the main change: adding a new autonomous-actor persona for delegated cutover-class work, which matches the primary content of this PR.
Description check	✅ Passed	The description comprehensively explains what the autonomous-actor persona is, where it came from, the lessons it encodes, and details all six bundled skills with clear coverage areas, all directly related to the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/autonomous-actor-persona

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 3 additional findings.

[coderabbitai]

🧹 Nitpick comments (3)

.agentworkforce/workforce/skills/swarm-blockers-and-gate-scoreboard/SKILL.md (1)

43-54: 💤 Low value

Optional: Consider adding language identifiers to fenced code blocks.

The code blocks at lines 43-54 (sub-contract template) and lines 85-93 (scoreboard table) could specify a language identifier for better tooling support and syntax highlighting.

♻️ Optional formatting improvement

For the template at line 43:

-```
+```text
 WS-<name> sub-contract

For the table example at line 85:

-```
+```markdown
 | # | Gate | State | Evidence | Last verified | Owner |

Also applies to: 85-93

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.agentworkforce/workforce/skills/swarm-blockers-and-gate-scoreboard/SKILL.md
around lines 43 - 54, The fenced code blocks in the SKILL.md template (notably
the "WS-<name> sub-contract" block and the scoreboard table block around the
scoreboard example) lack language identifiers which hurts syntax highlighting
and tooling; update those fenced blocks to include explicit language tags such
as "text" for the sub-contract template (the block that begins with "WS-<name>
sub-contract" and references "Status file: /tmp/ws-<name>-status.md") and
"markdown" for the scoreboard table block (the block that contains the table
header "| # | Gate | State | Evidence | Last verified | Owner |") so editors and
linters can apply appropriate highlighting and rendering.

.agentworkforce/workforce/skills/dormant-flip-and-rollback/SKILL.md (1)

65-72: 💤 Low value

Optional: Consider adding language identifiers to template code blocks.

The template blocks at lines 65-72 (pre-flip statement) and lines 81-89 (rollback report) could specify a language identifier for better tooling support.

♻️ Optional formatting improvement

For the pre-flip statement at line 65:

-   ```
+   ```text
    Pre-flip statement, <run-name>, <ISO-utc>

For the rollback report at line 81:

-```
+```text
 Rollback executed, <run-name>, <ISO-utc>

Also applies to: 81-89

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.agentworkforce/workforce/skills/dormant-flip-and-rollback/SKILL.md around
lines 65 - 72, Update the two template code fences in SKILL.md so they include a
language identifier for tooling (e.g., change the triple-backtick fences around
the "Pre-flip statement, <run-name>, <ISO-utc>" block and the "Rollback
executed, <run-name>, <ISO-utc>" / "Rollback report" block to use ```text);
locate the blocks by the literal phrases "Pre-flip statement" and "Rollback
executed" (or "Rollback report") and add the language tag immediately after the
opening ``` for each fence.

.agentworkforce/workforce/personas/autonomous-actor.json (1)

57-57: ⚡ Quick win

Consider externalizing the long instruction content.

The claudeMdContent field contains ~2700 characters of embedded content. While valid, this makes maintenance more difficult (reviewing diffs, editing without JSON escaping issues, version control).

♻️ Suggested refactor to improve maintainability

Create a separate instruction file:

• .agentworkforce/workforce/personas/autonomous-actor.md

Then reference it in the JSON:

-  "claudeMdContent": "# Autonomous Actor\n\nYou are the autonomous orchestrator...",
+  "claudeMdContentPath": ".agentworkforce/workforce/personas/autonomous-actor.md",

This assumes the harness supports a path-based field (verify schema). If not available, the current approach is acceptable but consider feature request.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.agentworkforce/workforce/personas/autonomous-actor.json at line 57, The
claudeMdContent field in autonomous-actor.json is embedding a very large
instruction body; extract its text into a standalone markdown file (e.g.,
.agentworkforce/workforce/personas/autonomous-actor.md) and replace the
claudeMdContent value with a path or lightweight reference according to the
persona schema; update any loader/consumer that reads claudeMdContent (persona
loader or harness) to resolve and load the external file when a path-reference
is present, and verify the schema supports path-based references or add a small
adapter to map the new field into the existing in-memory persona text.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In @.agentworkforce/workforce/personas/autonomous-actor.json:
- Line 57: The claudeMdContent field in autonomous-actor.json is embedding a
very large instruction body; extract its text into a standalone markdown file
(e.g., .agentworkforce/workforce/personas/autonomous-actor.md) and replace the
claudeMdContent value with a path or lightweight reference according to the
persona schema; update any loader/consumer that reads claudeMdContent (persona
loader or harness) to resolve and load the external file when a path-reference
is present, and verify the schema supports path-based references or add a small
adapter to map the new field into the existing in-memory persona text.

In @.agentworkforce/workforce/skills/dormant-flip-and-rollback/SKILL.md:
- Around line 65-72: Update the two template code fences in SKILL.md so they
include a language identifier for tooling (e.g., change the triple-backtick
fences around the "Pre-flip statement, <run-name>, <ISO-utc>" block and the
"Rollback executed, <run-name>, <ISO-utc>" / "Rollback report" block to use
```text); locate the blocks by the literal phrases "Pre-flip statement" and
"Rollback executed" (or "Rollback report") and add the language tag immediately
after the opening ``` for each fence.

In
@.agentworkforce/workforce/skills/swarm-blockers-and-gate-scoreboard/SKILL.md:
- Around line 43-54: The fenced code blocks in the SKILL.md template (notably
the "WS-<name> sub-contract" block and the scoreboard table block around the
scoreboard example) lack language identifiers which hurts syntax highlighting
and tooling; update those fenced blocks to include explicit language tags such
as "text" for the sub-contract template (the block that begins with "WS-<name>
sub-contract" and references "Status file: /tmp/ws-<name>-status.md") and
"markdown" for the scoreboard table block (the block that contains the table
header "| # | Gate | State | Evidence | Last verified | Owner |") so editors and
linters can apply appropriate highlighting and rendering.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 53bb288a-5f4d-41a8-ba4a-8d2c4441cfa9

📥 Commits

Reviewing files that changed from the base of the PR and between 7478698 and a7b0adc.

📒 Files selected for processing (7)

• .agentworkforce/workforce/personas/autonomous-actor.json
• .agentworkforce/workforce/skills/auto-merge-and-composition-safety/SKILL.md
• .agentworkforce/workforce/skills/autonomous-run-contract/SKILL.md
• .agentworkforce/workforce/skills/dormant-flip-and-rollback/SKILL.md
• .agentworkforce/workforce/skills/instrument-dont-guess/SKILL.md
• .agentworkforce/workforce/skills/swarm-blockers-and-gate-scoreboard/SKILL.md
• .agentworkforce/workforce/skills/tiered-acceptance/SKILL.md