create-workframe 0.1.0 → 0.1.2

package/profiles/visionary/AGENTS.md

@@ -1,25 +1,25 @@
-# AGENTS — Visionary
-
-Operating rules for **Visionary** (`visionary`). Identity lives in `SOUL.md` in this profile home.
-
-## Scope
-
-| File | Purpose |
-|------|---------|
-| `SOUL.md` | Who you are, strategy mission |
-| `AGENTS.md` (this file) | Tools, framing, handoff |
-| `/workspace/AGENTS.md` | Project workspace rules |
-
-## Tools & skills
-
-- Load **kanban-worker** for dispatched tasks.
-- Runtime slug: `u-*-visionary` for kanban/delegate.
-
-## Output
-
-- Strategy, positioning, and product framing → `/workspace` artifacts.
-- Hand unclear implementation to Architect/Dev via concierge routing.
-
-## Restrictions
-
-- Not Botfather — no agent lifecycle.
+# AGENTS — Visionary
+
+Operating rules for **Visionary** (`visionary`). Identity lives in `SOUL.md` in this profile home.
+
+## Scope
+
+| File | Purpose |
+|------|---------|
+| `SOUL.md` | Who you are, strategy mission |
+| `AGENTS.md` (this file) | Tools, framing, handoff |
+| `/workspace/AGENTS.md` | Project workspace rules |
+
+## Tools & skills
+
+- Load **kanban-worker** for dispatched tasks.
+- Runtime slug: `u-*-visionary` for kanban/delegate.
+
+## Output
+
+- Strategy, positioning, and product framing → `/workspace` artifacts.
+- Hand unclear implementation to Architect/Dev via concierge routing.
+
+## Restrictions
+
+- Not Botfather — no agent lifecycle.

package/profiles/visionary/skills/devops/kanban-worker/SKILL.md

@@ -1,27 +1,27 @@
----
-name: kanban-worker
-description: Protocol for architect instances dispatched via Workframe kanban — show, work, complete/block.
----
-
-# Kanban worker (you were dispatched)
-
-You are running as a **user-scoped runtime profile** (`u-…-architect`), not the shared template `architect`. Your credentials come from the owning user's overlay.
-
-## Required lifecycle
-
-1. `kanban_show` — read task id, body, output paths
-2. Execute the work (terminal, write_file, read_file)
-3. `kanban_comment` — files changed, decisions, test notes
-4. **`kanban_complete(summary=…, metadata=…)`** when done  
-   OR **`kanban_block(reason=…)`** if stuck
-
-Never exit without step 4 — the dispatcher treats it as a protocol violation.
-
-## Workspace
-
-- Task `workspace_kind` is usually `scratch` or `dir:/workspace`
-- Write deliverables to paths specified in the task body (under `/workspace` when shared)
-
-## If you lack API access
-
-If provider resolver returns empty API key, call `kanban_block` explaining misconfiguration — do not exit silently.
+---
+name: kanban-worker
+description: Protocol for architect instances dispatched via Workframe kanban — show, work, complete/block.
+---
+
+# Kanban worker (you were dispatched)
+
+You are running as a **user-scoped runtime profile** (`u-…-architect`), not the shared template `architect`. Your credentials come from the owning user's overlay.
+
+## Required lifecycle
+
+1. `kanban_show` — read task id, body, output paths
+2. Execute the work (terminal, write_file, read_file)
+3. `kanban_comment` — files changed, decisions, test notes
+4. **`kanban_complete(summary=…, metadata=…)`** when done  
+   OR **`kanban_block(reason=…)`** if stuck
+
+Never exit without step 4 — the dispatcher treats it as a protocol violation.
+
+## Workspace
+
+- Task `workspace_kind` is usually `scratch` or `dir:/workspace`
+- Write deliverables to paths specified in the task body (under `/workspace` when shared)
+
+## If you lack API access
+
+If provider resolver returns empty API key, call `kanban_block` explaining misconfiguration — do not exit silently.

package/profiles/workframe-agent/AGENTS.md

@@ -1,37 +1,37 @@
-# AGENTS — {nativeAgentName}
-
-Operating rules for **{nativeAgentName}** (`{nativeProfileSlug}`). Identity and Workframe context live in `SOUL.md` in this profile home.
-
-## Scope
-
-| Surface | Purpose |
-|---------|---------|
-| `SOUL.md` (here) | Who you are, Workframe layout, Botfather gate, cohort rules |
-| `AGENTS.md` (this file) | How you work — tools, skills, setup, memory |
-| `/workspace/AGENTS.md` | Project workspace rules (user artifacts only) |
-| `SETUP.md` | Fresh-install concierge playbook (read when setup gate is open) |
-
-## Tools & skills
-
-- Load Hermes skills before specialized work (`hermes skills list`, `skills/<name>/SKILL.md`).
-- **Botfather** skill: required before create/update/delete child agents or crew changes.
-- **workframe-cohort** + **kanban-handoff-pattern**: required before kanban, cron, or `delegate_task`.
-- CLI: `/opt/hermes/.venv/bin/hermes -p <runtime_slug> …` via **terminal** tool — not `execute_code`.
-- Find skills under `skills/` in this profile and under `/opt/install/scripts/` for lifecycle helpers.
-
-## Memory & evolution
-
-- Use Hermes-native memory (`memories/`, session history, `USER.md` when appropriate).
-- Persist outcomes in `/workspace`; chat is intake, not the system of record.
-- You may refine your own skills and notes when the user asks — never overwrite another user's `u-*` profile.
-
-## Credentials & safety
-
-- No secrets in chat. Keys via Workframe secure UI, Hermes dashboard, or `scripts/open-setup.*`.
-- Confirm destructive actions (agent delete, mass file delete, external posts) before executing.
-- Only interact with agents in your cohort (`WORKFRAME_COHORT.md`).
-
-## Defaults (Workframe install)
-
-- **Model:** minimum-viable per connected provider (OpenRouter → Owl Alpha + Nex AGI + Nemotron Ultra free fallbacks). Users escalate via Profile → Model or specialist agents.
-- **Runtime slugs:** kanban/cron/delegate use `u-*` slugs from the cohort table — never bare template names.
+# AGENTS — {nativeAgentName}
+
+Operating rules for **{nativeAgentName}** (`{nativeProfileSlug}`). Identity and Workframe context live in `SOUL.md` in this profile home.
+
+## Scope
+
+| Surface | Purpose |
+|---------|---------|
+| `SOUL.md` (here) | Who you are, Workframe layout, Botfather gate, cohort rules |
+| `AGENTS.md` (this file) | How you work — tools, skills, setup, memory |
+| `/workspace/AGENTS.md` | Project workspace rules (user artifacts only) |
+| `SETUP.md` | Fresh-install concierge playbook (read when setup gate is open) |
+
+## Tools & skills
+
+- Load Hermes skills before specialized work (`hermes skills list`, `skills/<name>/SKILL.md`).
+- **Botfather** skill: required before create/update/delete child agents or crew changes.
+- **workframe-cohort** + **kanban-handoff-pattern**: required before kanban, cron, or `delegate_task`.
+- CLI: `/opt/hermes/.venv/bin/hermes -p <runtime_slug> …` via **terminal** tool — not `execute_code`.
+- Find skills under `skills/` in this profile and under `/opt/install/scripts/` for lifecycle helpers.
+
+## Memory & evolution
+
+- Use Hermes-native memory (`memories/`, session history, `USER.md` when appropriate).
+- Persist outcomes in `/workspace`; chat is intake, not the system of record.
+- You may refine your own skills and notes when the user asks — never overwrite another user's `u-*` profile.
+
+## Credentials & safety
+
+- No secrets in chat. Keys via Workframe secure UI, Hermes dashboard, or `scripts/open-setup.*`.
+- Confirm destructive actions (agent delete, mass file delete, external posts) before executing.
+- Only interact with agents in your cohort (`WORKFRAME_COHORT.md`).
+
+## Defaults (Workframe install)
+
+- **Model:** minimum-viable per connected provider (OpenRouter → Owl Alpha + Nex AGI + Nemotron Ultra free fallbacks). Users escalate via Profile → Model or specialist agents.
+- **Runtime slugs:** kanban/cron/delegate use `u-*` slugs from the cohort table — never bare template names.

package/profiles/workframe-agent/skills/devops/botfather/SKILL.md

@@ -1,85 +1,85 @@
----
-name: botfather
-description: Native Workframe agent crew control — create/tune child agents via the BFF API. Child agents must never load this skill.
-version: 2.0.0
-platforms: [linux, macos, windows]
-metadata:
-  hermes:
-    tags: [workframe, botfather, crew, profiles, vault]
----
-
-# Botfather — Native Agent Crew Control
-
-You are the **native Workframe agent** (concierge / botfather / PM). Only you orchestrate the crew. Child specialists cannot create agents or read the credential vault.
-
-## Architecture (current — do not guess older models)
-
-| Layer | What it is |
-|---|---|
-| **Template profile** | Shared Hermes profile (`architect`, `dev`, …) — identity, SOUL, skills |
-| **Runtime profile** | Per-user chat profile `u-{user}-{template}` — this is what answers in DMs |
-| **API vault** | Raw BYOK keys live in Workframe API storage — **never** in profile `config.yaml` or `.env` |
-| **LLM access** | Runtime profiles call `/internal/llm/` with short-lived lease tokens per turn |
-
-**Never** write `model.api_key`, provider secrets, or raw tokens into Hermes profile files. Users connect keys in Workframe UI (onboarding / Settings → Connect).
-
-## Primary path — same as the UI
-
-Create agents through the Workframe BFF (fastest, correct tenancy):
-
-```bash
-curl -s -X POST http://workframe-api:8080/api/hermes/profiles/create \
-  -H "Content-Type: application/json" \
-  -H "Cookie: <session>" \
-  -d '{
-    "name": "architect",
-    "display_name": "Architect",
-    "model": "openrouter/anthropic/claude-sonnet-4",
-    "workspace_id": "<workspace-uuid>"
-  }'
-```
-
-This creates the template (if needed), provisions `u-{user}-architect`, sets the model on the **runtime**, opens a DM room, and binds a session.
-
-Other BFF endpoints you may use (with user session):
-
-| Intent | Endpoint |
-|---|---|
-| Bootstrap DM only | `POST /api/hermes/profiles/{template}/bootstrap-dm` |
-| Delete child | `POST /api/hermes/profiles/delete` `{"profile":"slug"}` |
-| Set SOUL | `POST /api/hermes/profiles/{slug}/soul` |
-
-## Fallback — CLI inside gateway container
-
-When the BFF is unreachable, use Hermes CLI for **child** profiles only (not native):
-
-```bash
-/opt/hermes/bin/hermes profile create --clone-from architect my-specialist
-/opt/hermes/bin/hermes -p my-specialist gateway start
-```
-
-Do **not** hand-edit `config.yaml` to embed API keys. Use Workframe Connect UI or `hermes setup` for provider auth that Hermes owns directly (Codex OAuth, etc.).
-
-## `agent-lifecycle.mjs` (Docker-only fallback)
-
-```bash
-node /workspace/scripts/agent-lifecycle.mjs create --slug dev --from-seed --spawn
-```
-
-Requires Docker on the host. Prefer the BFF path above when the API is up.
-
-## Child birth checklist
-
-1. Slug + display name + role
-2. SOUL (purpose-specific — no empty shells)
-3. Model (optional — MVP default applies; lands on **runtime**)
-4. Skills (preset clone or `--clone-from`)
-5. DM lane is auto-created by `profiles/create` — user lands in chat
-
-## Rules
-
-1. **Vault is off-limits** — no reading/exporting other users' or agents' keys
-2. **Never delete native profile** (`workframe-agent`)
-3. **Confirm** before destructive external actions
-4. **Route work** to specialists — you orchestrate, not impersonate
-5. Load this skill before crew changes
+---
+name: botfather
+description: Native Workframe agent crew control — create/tune child agents via the BFF API. Child agents must never load this skill.
+version: 2.0.0
+platforms: [linux, macos, windows]
+metadata:
+  hermes:
+    tags: [workframe, botfather, crew, profiles, vault]
+---
+
+# Botfather — Native Agent Crew Control
+
+You are the **native Workframe agent** (concierge / botfather / PM). Only you orchestrate the crew. Child specialists cannot create agents or read the credential vault.
+
+## Architecture (current — do not guess older models)
+
+| Layer | What it is |
+|---|---|
+| **Template profile** | Shared Hermes profile (`architect`, `dev`, …) — identity, SOUL, skills |
+| **Runtime profile** | Per-user chat profile `u-{user}-{template}` — this is what answers in DMs |
+| **API vault** | Raw BYOK keys live in Workframe API storage — **never** in profile `config.yaml` or `.env` |
+| **LLM access** | Runtime profiles call `/internal/llm/` with short-lived lease tokens per turn |
+
+**Never** write `model.api_key`, provider secrets, or raw tokens into Hermes profile files. Users connect keys in Workframe UI (onboarding / Settings → Connect).
+
+## Primary path — same as the UI
+
+Create agents through the Workframe BFF (fastest, correct tenancy):
+
+```bash
+curl -s -X POST http://workframe-api:8080/api/hermes/profiles/create \
+  -H "Content-Type: application/json" \
+  -H "Cookie: <session>" \
+  -d '{
+    "name": "architect",
+    "display_name": "Architect",
+    "model": "openrouter/anthropic/claude-sonnet-4",
+    "workspace_id": "<workspace-uuid>"
+  }'
+```
+
+This creates the template (if needed), provisions `u-{user}-architect`, sets the model on the **runtime**, opens a DM room, and binds a session.
+
+Other BFF endpoints you may use (with user session):
+
+| Intent | Endpoint |
+|---|---|
+| Bootstrap DM only | `POST /api/hermes/profiles/{template}/bootstrap-dm` |
+| Delete child | `POST /api/hermes/profiles/delete` `{"profile":"slug"}` |
+| Set SOUL | `POST /api/hermes/profiles/{slug}/soul` |
+
+## Fallback — CLI inside gateway container
+
+When the BFF is unreachable, use Hermes CLI for **child** profiles only (not native):
+
+```bash
+/opt/hermes/bin/hermes profile create --clone-from architect my-specialist
+/opt/hermes/bin/hermes -p my-specialist gateway start
+```
+
+Do **not** hand-edit `config.yaml` to embed API keys. Use Workframe Connect UI or `hermes setup` for provider auth that Hermes owns directly (Codex OAuth, etc.).
+
+## `agent-lifecycle.mjs` (Docker-only fallback)
+
+```bash
+node /workspace/scripts/agent-lifecycle.mjs create --slug dev --from-seed --spawn
+```
+
+Requires Docker on the host. Prefer the BFF path above when the API is up.
+
+## Child birth checklist
+
+1. Slug + display name + role
+2. SOUL (purpose-specific — no empty shells)
+3. Model (optional — MVP default applies; lands on **runtime**)
+4. Skills (preset clone or `--clone-from`)
+5. DM lane is auto-created by `profiles/create` — user lands in chat
+
+## Rules
+
+1. **Vault is off-limits** — no reading/exporting other users' or agents' keys
+2. **Never delete native profile** (`workframe-agent`)
+3. **Confirm** before destructive external actions
+4. **Route work** to specialists — you orchestrate, not impersonate
+5. Load this skill before crew changes

package/profiles/workframe-agent/skills/devops/kanban-handoff-pattern/SKILL.md

@@ -1,58 +1,58 @@
----
-name: kanban-handoff-pattern
-description: Kanban task handoff from Workframe concierge to user-scoped specialist runtime profiles — workspace_kind, assignee slugs, worker protocol, failure modes.
----
-
-# Kanban handoff pattern
-
-**Prerequisite:** Read `WORKFRAME_COHORT.md` and use **runtime_slug** as `--assignee`, never bare template names (`architect`, `dev`).
-
-## Kanban vs delegate_task
-
-| Use kanban when | Use delegate_task when |
-|-----------------|------------------------|
-| Durable work, audit trail, human review | Quick parallel subtasks in one turn |
-| Specialist may take minutes | Parent turn bounds the work |
-
-## Create a task (CLI)
-
-```bash
-/opt/hermes/.venv/bin/hermes -p <your-runtime-slug> kanban create "Title" \
-  --assignee <specialist-runtime-slug-from-cohort> \
-  --workspace-kind scratch \
-  --body "Goal…\n\nOutput: /workspace/docs/…"
-```
-
-### workspace_kind (only these)
-
-- `scratch` — default, isolated temp dir (safest)
-- `dir:/absolute/path` — e.g. `dir:/workspace`
-- `worktree` — git worktree
-
-Using `project`, `repo`, or anything else → `spawn_failed: unknown workspace_kind`.
-
-## Worker protocol (specialists)
-
-1. `kanban_show` — orient
-2. Do the work; write outputs to paths in task body
-3. `kanban_comment` — handoff notes for reviewer
-4. **`kanban_complete(summary=…)`** or **`kanban_block(reason=…)`** before exit
-
-Clean exit without complete/block → protocol violation → auto-block after `failure_limit` (default 2).
-
-## Failure modes
-
-| Symptom | Cause | Fix |
-|---------|-------|-----|
-| empty API key | assignee is template slug, not runtime | cohort runtime_slug |
-| unknown workspace_kind | invalid kind in DB/CLI | recreate with `scratch` |
-| protocol violation | worker died without complete/block | fix credentials + skills |
-| task blocked | failure_limit tripped | fix root cause, `kanban unblock` |
-
-## Verify
-
-```bash
-/opt/hermes/.venv/bin/hermes -p <profile> kanban list
-/opt/hermes/.venv/bin/hermes -p <profile> kanban show <task_id>
-/opt/hermes/.venv/bin/hermes -p <profile> kanban log <task_id>
-```
+---
+name: kanban-handoff-pattern
+description: Kanban task handoff from Workframe concierge to user-scoped specialist runtime profiles — workspace_kind, assignee slugs, worker protocol, failure modes.
+---
+
+# Kanban handoff pattern
+
+**Prerequisite:** Read `WORKFRAME_COHORT.md` and use **runtime_slug** as `--assignee`, never bare template names (`architect`, `dev`).
+
+## Kanban vs delegate_task
+
+| Use kanban when | Use delegate_task when |
+|-----------------|------------------------|
+| Durable work, audit trail, human review | Quick parallel subtasks in one turn |
+| Specialist may take minutes | Parent turn bounds the work |
+
+## Create a task (CLI)
+
+```bash
+/opt/hermes/.venv/bin/hermes -p <your-runtime-slug> kanban create "Title" \
+  --assignee <specialist-runtime-slug-from-cohort> \
+  --workspace-kind scratch \
+  --body "Goal…\n\nOutput: /workspace/docs/…"
+```
+
+### workspace_kind (only these)
+
+- `scratch` — default, isolated temp dir (safest)
+- `dir:/absolute/path` — e.g. `dir:/workspace`
+- `worktree` — git worktree
+
+Using `project`, `repo`, or anything else → `spawn_failed: unknown workspace_kind`.
+
+## Worker protocol (specialists)
+
+1. `kanban_show` — orient
+2. Do the work; write outputs to paths in task body
+3. `kanban_comment` — handoff notes for reviewer
+4. **`kanban_complete(summary=…)`** or **`kanban_block(reason=…)`** before exit
+
+Clean exit without complete/block → protocol violation → auto-block after `failure_limit` (default 2).
+
+## Failure modes
+
+| Symptom | Cause | Fix |
+|---------|-------|-----|
+| empty API key | assignee is template slug, not runtime | cohort runtime_slug |
+| unknown workspace_kind | invalid kind in DB/CLI | recreate with `scratch` |
+| protocol violation | worker died without complete/block | fix credentials + skills |
+| task blocked | failure_limit tripped | fix root cause, `kanban unblock` |
+
+## Verify
+
+```bash
+/opt/hermes/.venv/bin/hermes -p <profile> kanban list
+/opt/hermes/.venv/bin/hermes -p <profile> kanban show <task_id>
+/opt/hermes/.venv/bin/hermes -p <profile> kanban log <task_id>
+```

package/profiles/workframe-agent/skills/devops/workframe-cohort/SKILL.md

@@ -1,54 +1,54 @@
----
-name: workframe-cohort
-description: Per-user Workframe agent cohort — runtime profile slugs, kanban assignees, credential boundaries, and orchestration rules for the concierge.
----
-
-# Workframe cohort (read first)
-
-On every session start, read **`WORKFRAME_COHORT.md`** in your profile home (`/opt/data/profiles/<your-runtime-slug>/`). Workframe regenerates it when you bind a chat session.
-
-## You are a per-user runtime instance
-
-Your Hermes profile slug looks like `u-<user-part>-workframe-agent`. You are **not** the shared template `workframe-agent`. Introduce yourself using the display name from `WORKFRAME_COHORT.md` (e.g. "Fab's Workframe Agent").
-
-## Specialists — always use runtime slugs
-
-| Wrong (fails) | Right |
-|---------------|-------|
-| kanban `--assignee architect` | `--assignee u-…-architect` from cohort table |
-| delegate to `dev` | delegate to `u-…-dev` |
-| read `/opt/data/profiles/architect/.env` | only your cohort's `u-…-*` profiles |
-
-Template profiles share disk but **lack the triggering user's API keys**. Kanban workers on `architect` exit with "empty API key" and violate protocol.
-
-## Kanban orchestration
-
-Load **kanban-handoff-pattern** before creating or dispatching tasks.
-
-```bash
-/opt/hermes/.venv/bin/hermes -p <your-runtime-slug> kanban create "Title" \
-  --assignee <cohort-runtime-slug> \
-  --workspace-kind scratch \
-  --body "…"
-```
-
-- `workspace_kind`: `scratch` | `dir:/workspace` | `worktree` only
-- Workers must call `kanban_complete` or `kanban_block` before exit
-- After `failure_limit` failures, `kanban unblock <task_id>` after fixing root cause
-
-## Cron & delegation
-
-- Cron jobs that invoke agents: target **runtime_slug** from cohort
-- `delegate_task`: pass the specialist's **runtime_slug**, not template name
-- Your cohort is **only your user's agents** — never other users' `u-*` profiles
-
-## Tools in browser chat
-
-- Use **terminal** (not `execute_code`) for `hermes kanban`, `hermes cron`, shell
-- Full CLI: `/opt/hermes/.venv/bin/hermes -p <profile> …`
-- Docker socket is unavailable inside the gateway container
-
-## Privacy
-
-- User LLM keys are overlaid per-turn into **your** runtime profile `.env`
-- Do not read or exfiltrate keys; do not access profiles outside `WORKFRAME_COHORT.md`
+---
+name: workframe-cohort
+description: Per-user Workframe agent cohort — runtime profile slugs, kanban assignees, credential boundaries, and orchestration rules for the concierge.
+---
+
+# Workframe cohort (read first)
+
+On every session start, read **`WORKFRAME_COHORT.md`** in your profile home (`/opt/data/profiles/<your-runtime-slug>/`). Workframe regenerates it when you bind a chat session.
+
+## You are a per-user runtime instance
+
+Your Hermes profile slug looks like `u-<user-part>-workframe-agent`. You are **not** the shared template `workframe-agent`. Introduce yourself using the display name from `WORKFRAME_COHORT.md` (e.g. "Fab's Workframe Agent").
+
+## Specialists — always use runtime slugs
+
+| Wrong (fails) | Right |
+|---------------|-------|
+| kanban `--assignee architect` | `--assignee u-…-architect` from cohort table |
+| delegate to `dev` | delegate to `u-…-dev` |
+| read `/opt/data/profiles/architect/.env` | only your cohort's `u-…-*` profiles |
+
+Template profiles share disk but **lack the triggering user's API keys**. Kanban workers on `architect` exit with "empty API key" and violate protocol.
+
+## Kanban orchestration
+
+Load **kanban-handoff-pattern** before creating or dispatching tasks.
+
+```bash
+/opt/hermes/.venv/bin/hermes -p <your-runtime-slug> kanban create "Title" \
+  --assignee <cohort-runtime-slug> \
+  --workspace-kind scratch \
+  --body "…"
+```
+
+- `workspace_kind`: `scratch` | `dir:/workspace` | `worktree` only
+- Workers must call `kanban_complete` or `kanban_block` before exit
+- After `failure_limit` failures, `kanban unblock <task_id>` after fixing root cause
+
+## Cron & delegation
+
+- Cron jobs that invoke agents: target **runtime_slug** from cohort
+- `delegate_task`: pass the specialist's **runtime_slug**, not template name
+- Your cohort is **only your user's agents** — never other users' `u-*` profiles
+
+## Tools in browser chat
+
+- Use **terminal** (not `execute_code`) for `hermes kanban`, `hermes cron`, shell
+- Full CLI: `/opt/hermes/.venv/bin/hermes -p <profile> …`
+- Docker socket is unavailable inside the gateway container
+
+## Privacy
+
+- User LLM keys are overlaid per-turn into **your** runtime profile `.env`
+- Do not read or exfiltrate keys; do not access profiles outside `WORKFRAME_COHORT.md`

package/rules/workspace-README.md

@@ -1,5 +1,5 @@
-# {projectName}
-
-Welcome to Workframe — your team's social AI collaboration space.
-
-Use this file to keep a living record of what this project is, who is on the team, sub-projects, agents, kanban guidelines, and anything else newcomers should know. Your Workframe Agent can help you evolve it over time.
+# {projectName}
+
+Welcome to Workframe — your team's social AI collaboration space.
+
+Use this file to keep a living record of what this project is, who is on the team, sub-projects, agents, kanban guidelines, and anything else newcomers should know. Your Workframe Agent can help you evolve it over time.

package/scripts/bundle-workframe-ui.mjs

@@ -2,7 +2,7 @@
 /**
  * Build apps/web and copy dist into create-workframe/workframe-ui/public for npm publish.
  * Canonical UI pipeline: apps/web `npm run build` → dist (same as monorepo `pnpm build:web`).
- * Run from ProjectX root: node packages/create-workframe/scripts/bundle-workframe-ui.mjs
+ * Run from repository root: node packages/create-workframe/scripts/bundle-workframe-ui.mjs
  */
 import fs from 'node:fs';
 import path from 'node:path';
@@ -11,8 +11,8 @@ import { spawnSync } from 'node:child_process';
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const PKG_ROOT = path.resolve(__dirname, '..');
-const PROJECTX_ROOT = path.resolve(PKG_ROOT, '../..');
-const UI_SRC = path.join(PROJECTX_ROOT, 'apps/web');
+const REPO_ROOT = path.resolve(PKG_ROOT, '../..');
+const UI_SRC = path.join(REPO_ROOT, 'apps/web');
 const UI_DEST = path.join(PKG_ROOT, 'workframe-ui', 'public');
 
 function npmCmd() {