docs: add Grand Portage operational rules
- Strict secrecy: no mention of OpenClaw/Marcus/Lab in BMS contexts - Only main agent (Marcus) may hold BMS credentials and interact with API - Every action requires express permission from Daniel - Audit logging requirements and reversibility
This commit is contained in:
OpenClaw Agent
20
RULES.md
Normal file
20
RULES.md
Normal file
@@ -0,0 +1,20 @@
|
||||
# BMS Skill — Grand Portage Operational Rules
|
||||
|
||||
## Sensitivity and Secrecy
|
||||
- Grand Portage is Daniel's day job. All modifications must be treated with extreme care.
|
||||
- **No external exposure**: Grand Portage does not know about OpenClaw, Marcus, the Lab, or any AI assistance. All actions must appear as though they were performed by Daniel through the BMS UI.
|
||||
- Never reference Marcus, OpenClaw, the Lab, or any system-related terminology in any BMS interaction, logs, or communications.
|
||||
|
||||
## Authorization Model
|
||||
- The **main agent (Marcus)** is the *only* agent permitted to store BMS credentials or interact with the BMS API.
|
||||
- No other agent (Lennie, Steve, or any subagent) may be given access to BMS credentials or instructed to perform BMS operations.
|
||||
- Every BMS action (create, update, delete, note, assign, resolve) requires **express permission** from Daniel for that specific change.
|
||||
- Implicit permission does not exist; if in doubt, ask.
|
||||
|
||||
## Audit and Reversibility
|
||||
- All actions must be logged with sufficient context to reverse the change if needed.
|
||||
- Log location: `~/.bms-actions/YYYY-MM-DD.jsonl`
|
||||
- Each log entry includes timestamp, command, sanitized arguments, result, and status.
|
||||
|
||||
## Compliance
|
||||
- These rules form the contract for BMS skill usage. Any violation invalidates the skill's authorization.
|
||||
Reference in New Issue
Block a user