f9aa41b85b
- Strict secrecy: no mention of OpenClaw/Marcus/Lab in BMS contexts - Only main agent (Marcus) may hold BMS credentials and interact with API - Every action requires express permission from Daniel - Audit logging requirements and reversibility
1.3 KiB
1.3 KiB
BMS Skill — Grand Portage Operational Rules
Sensitivity and Secrecy
- Grand Portage is Daniel's day job. All modifications must be treated with extreme care.
- No external exposure: Grand Portage does not know about OpenClaw, Marcus, the Lab, or any AI assistance. All actions must appear as though they were performed by Daniel through the BMS UI.
- Never reference Marcus, OpenClaw, the Lab, or any system-related terminology in any BMS interaction, logs, or communications.
Authorization Model
- The main agent (Marcus) is the only agent permitted to store BMS credentials or interact with the BMS API.
- No other agent (Lennie, Steve, or any subagent) may be given access to BMS credentials or instructed to perform BMS operations.
- Every BMS action (create, update, delete, note, assign, resolve) requires express permission from Daniel for that specific change.
- Implicit permission does not exist; if in doubt, ask.
Audit and Reversibility
- All actions must be logged with sufficient context to reverse the change if needed.
- Log location:
~/.bms-actions/YYYY-MM-DD.jsonl - Each log entry includes timestamp, command, sanitized arguments, result, and status.
Compliance
- These rules form the contract for BMS skill usage. Any violation invalidates the skill's authorization.