feed-the-machine 1.7.9 → 1.7.11

package/bin/convert_claude_skills_to_codex.py

@@ -277,7 +277,7 @@ def rewrite_commands(text: str, skill_names: list[str]) -> str:
 
 def rewrite_paths(text: str) -> str:
     replacements = [
-        ("~/Documents/Code/kioja-scratch-paper/sso-plan.md", "$CODEX_HOME/skills/sso-buddy/sso-plan.md"),
+        ("~/scratch/sso-plan.md", "$CODEX_HOME/skills/sso-buddy/sso-plan.md"),
         (str(HOME / ".claude" / "skills") + "/", "$CODEX_HOME/skills/"),
         (str(HOME / ".claude") + "/", "$CODEX_HOME/"),
         ("$HOME/.claude/skills/", "$CODEX_HOME/skills/"),

package/bin/playbook_engine/test_integration.py

@@ -29,7 +29,7 @@ def env(tmp_path):
         }
     }))
     (reg_dir / "jira.defaults.yml").write_text(yaml.dump({
-        "create_issue": {"assignee": "kioja@test.com", "board_id": 70},
+        "create_issue": {"assignee": "user@test.com", "board_id": 70},
     }))
 
     traces_dir = tmp_path / "traces"
@@ -48,7 +48,7 @@ def test_full_flow(env):
 
     tracer.add_event(TraceEvent(type="user_instruction", content="Do SSO onboarding for Linear"))
     tracer.add_event(TraceEvent(type="tool_call", tool="mcp__mcp-atlassian__jira_create_issue",
-        params={"project": "ITWORK2", "summary": "[SSO] Linear", "assignee": "kioja@test.com", "board_id": 70}))
+        params={"project": "ITWORK2", "summary": "[SSO] Linear", "assignee": "user@test.com", "board_id": 70}))
     tracer.add_event(TraceEvent(type="user_manual_action", content="Configured SAML in Okta",
         inferred_step="Configure SAML in IdP", action_binding="playwright", auth_note="Okta admin"))
     tracer.add_event(TraceEvent(type="tool_call", tool="mcp__slack__post_message",

package/ftm-manifest.json

@@ -3685,7 +3685,7 @@
           "type": "tool",
           "name": "gh",
           "required": true,
-          "description": "GitHub CLI for querying releases from kkudumu/ftm-brain"
+          "description": "GitHub CLI for querying releases from kkudumu/feed-the-machine"
         },
         {
           "type": "reference",
@@ -3738,7 +3738,7 @@
           "action": "report \"Cannot reach GitHub. Check internet connection.\""
         },
         {
-          "condition": "kkudumu/ftm-brain repo not found",
+          "condition": "kkudumu/feed-the-machine repo not found",
           "action": "report repo not found, suggest verifying access"
         },
         {

package/ftm-mind/references/mcp-inventory.md

@@ -111,7 +111,7 @@
 | Field | Detail |
 |-------|--------|
 | **Tools** | `chat`, `search`, `read_document` |
-| **When to use** | Searching internal Klaviyo knowledge base, finding internal docs, policies, runbooks, past decisions |
+| **When to use** | Searching internal company knowledge base, finding internal docs, policies, runbooks, past decisions |
 | **When NOT to use** | External library docs (use context7); real-time web search (use WebSearch tool) |
 | **Approval required** | Auto: all read-only |
 
@@ -161,13 +161,13 @@
 | "email", "Gmail", "inbox", "draft", "reply to", "send to" | `gmail` | Communication |
 | "calendar", "meeting", "schedule", "free time", "invite", "block time" | `google-calendar` | Calendar |
 | "how do I use [library]", "API docs", "documentation for X framework" | `context7` | Ext. docs |
-| "find in internal docs", "Glean", "search Klaviyo", "company policy" | `glean_default` | Internal knowledge |
+| "find in internal docs", "Glean", "search company", "company policy" | `glean_default` | Internal knowledge |
 | "screenshot", "test the UI", "click button", "E2E", "browser test" | `playwright` | Testing |
 | "find someone's email", "contact info", "company profile", "person lookup" | `lusha` | CRM/people |
 | "Swift docs", "SwiftUI", "UIKit", "Apple framework", "AppKit" | `apple-doc-mcp` | Apple dev |
 | "think through this", "complex analysis", "multi-step reasoning", "trade-offs" | `sequential-thinking` | Reasoning |
 | "debug browser", "network request", "Chrome DevTools", "performance profile" | `chrome-devtools` | Dev tools |
-| "who is oncall", "search internal", "Klaviyo runbook" | `glean_default` | Internal ops |
+| "who is oncall", "search internal", "company runbook" | `glean_default` | Internal ops |
 | "IT admin", "org-wide Jira change", "admin Confluence" | `mcp-atlassian` | Admin ops |
 | "highlight", "saved article", "Readwise", "reading list" | *(Readwise — not configured in current settings)* | — |
 

package/ftm-mind/references/orient-protocol.md

@@ -152,6 +152,24 @@ Every individual external mutation needs its own approval. "The user approved th
 
 When multiple mutations are part of one plan, batch the approval request by phase — not one API call at a time, but not "approve the whole plan" either. Group related mutations and present per-phase.
 
+### Destructive Actions (EXTRA HARD GATE — NEVER WITHOUT EXPLICIT CONFIRMATION)
+
+Deleting, replacing, or recreating external resources is a **separate, higher gate** than creating or updating them. These actions are often irreversible and break downstream dependencies you can't see.
+
+**NEVER do any of these without explicit user confirmation for each specific resource being destroyed:**
+- **DELETE any external resource** (catalog items, custom objects, Okta groups/apps, Jira issues, S3 objects)
+- **Recreate (delete + create)** to "fix" something — the new resource gets a different ID, breaking every automation that references the old one
+- **Overwrite S3 objects** that other systems read from
+- **Remove users from groups** or deactivate accounts
+- **Close/resolve tickets** that others may be watching
+
+**The "delete and recreate" trap**: When you can't update a resource cleanly via API, your instinct will be to delete it and create a fresh one. THIS IS ALMOST ALWAYS WRONG. External resources have IDs that other systems depend on — workflow configs, Lambda triggers, approval chains, custom object lookups, S3 references. Deleting breaks all of them silently. Instead:
+1. Tell the user what you can't update via API
+2. Suggest the minimal manual fix (admin UI link + exact steps)
+3. Only delete if the user explicitly says "yes, delete it, I understand the dependencies"
+
+**The April 2026 Braintrust incident**: ftm-mind deleted Freshservice catalog items #626 and #621 to "fix" duplicate fields, recreating them as #631 and #632. This broke the S3 workflow config (assign_after_app_owner_approval), required emergency patching, and the custom_lookup_bigint fields had to be re-added manually. The correct fix was: update only the roles field via API, and tell the user to delete the duplicate fields manually in the admin UI.
+
 ### What auto-proceeds (no approval needed)
 
 - local code edits, documentation updates

package/ftm-mind/references/protocols/MCP-HEURISTICS.md

@@ -5,7 +5,7 @@
 Use the smallest relevant MCP set.
 
 - Jira issue key or Atlassian URL → `mcp-atlassian-personal` (default; configured via `ops.mcp_account_rules.personal` in ftm-config.yml)
-- "internal docs", "runbook", "Klaviyo", "Glean" → `glean_default`
+- "internal docs", "runbook", "company name", "Glean" → `glean_default`
 - "how do I use X library" → `context7`
 - "calendar", "meeting", "free time" → `google-calendar`
 - "Slack", "channel", "thread", "notify" → `slack`

package/ftm-upgrade/SKILL.md

@@ -13,7 +13,7 @@ description: Self-upgrade mechanism for ftm skills ecosystem. Checks GitHub Rele
 
 # ftm-upgrade
 
-Self-upgrade mechanism for the ftm skills ecosystem. Fetches the latest release from `kkudumu/ftm-skills` on GitHub, compares it to the locally installed version, and copies updated skill files in place.
+Self-upgrade mechanism for the ftm skills ecosystem. Fetches the latest release from `kkudumu/feed-the-machine` on GitHub, compares it to the locally installed version, and copies updated skill files in place.
 
 ---
 
@@ -135,7 +135,7 @@ Map `CHECK_FAILED <reason>` codes to user-facing messages:
 |---|---|
 | `gh_not_installed` | GitHub CLI is not installed. Install it with: `brew install gh` (macOS) or see https://cli.github.com |
 | `no_internet` | Cannot reach GitHub. Check your internet connection and try again. |
-| `repo_not_found` | Repository `kkudumu/ftm-skills` not found. Verify you have access to the repository. |
+| `repo_not_found` | Repository `kkudumu/feed-the-machine` not found. Verify you have access to the repository. |
 | `no_releases_found` | No releases found in the repository yet. Check back later. |
 | any other reason | Version check failed: `<reason>`. Try running manually: `bash ~/.claude/skills/ftm-upgrade/scripts/check-version.sh` |
 
@@ -150,11 +150,11 @@ Map `CHECK_FAILED <reason>` codes to user-facing messages:
 
 **Cache location**: `~/.cache/ftm-skills/version-check`
 **Version file**: `~/.claude/skills/ftm-version.txt`
-**Repo**: `kkudumu/ftm-skills`
+**Repo**: `kkudumu/feed-the-machine`
 
 ## Requirements
 
-- tool: `gh` | required | GitHub CLI for querying releases from kkudumu/ftm-brain
+- tool: `gh` | required | GitHub CLI for querying releases from kkudumu/feed-the-machine
 - reference: `~/.claude/skills/ftm-upgrade/scripts/check-version.sh` | required | version check and cache script
 - reference: `~/.claude/skills/ftm-upgrade/scripts/upgrade.sh` | required | download and install latest release script
 - reference: `~/.claude/skills/ftm-version.txt` | optional | locally installed version number
@@ -175,7 +175,7 @@ Map `CHECK_FAILED <reason>` codes to user-facing messages:
 
 - condition: gh not installed | action: report "GitHub CLI not installed" with brew install gh instructions
 - condition: no internet connection | action: report "Cannot reach GitHub. Check internet connection."
-- condition: kkudumu/ftm-brain repo not found | action: report repo not found, suggest verifying access
+- condition: kkudumu/feed-the-machine repo not found | action: report repo not found, suggest verifying access
 - condition: no releases found | action: report "No releases found yet. Check back later."
 - condition: upgrade.sh exits non-zero | action: report failure output, suggest running script manually
 

package/ftm-upgrade/scripts/check-version.sh

@@ -7,7 +7,7 @@ set -uo pipefail
 CACHE_DIR="${HOME}/.cache/ftm-brain"
 CACHE_FILE="${CACHE_DIR}/version-check"
 VERSION_FILE="${HOME}/.claude/skills/ftm-version.txt"
-REPO="kkudumu/ftm-brain"
+REPO="kkudumu/feed-the-machine"
 
 # Ensure cache directory exists
 mkdir -p "${CACHE_DIR}"

package/ftm-upgrade/scripts/upgrade.sh

@@ -4,7 +4,7 @@
 
 set -uo pipefail
 
-REPO="kkudumu/ftm-brain"
+REPO="kkudumu/feed-the-machine"
 SKILLS_DIR="${HOME}/.claude/skills"
 VERSION_FILE="${SKILLS_DIR}/ftm-version.txt"
 DOWNLOAD_DIR="/tmp/ftm-upgrade"

package/hooks/ftm-auto-log.sh

@@ -70,6 +70,55 @@ if echo "$USER_MESSAGE" | grep -qE "(I|i) .* (what|should|next|now)\?"; then
     SHOULD_LOG=true
 fi
 
+# --- Tool activity check ---
+# If mutating tool calls happened since the last auto-log check,
+# inject a log reminder regardless of what the user's message says.
+# This catches the case where Claude executes work (API calls, scripts, etc.)
+# and the user's next message is just "what else?" or a new task.
+LAST_AUTOLOG_TS="$FTM_STATE/.last-autolog-check"
+EVENTS_LOG="$HOME/.claude/events.log"
+
+if [ -f "$EVENTS_LOG" ]; then
+    LAST_CHECK=0
+    if [ -f "$LAST_AUTOLOG_TS" ]; then
+        LAST_CHECK=$(cat "$LAST_AUTOLOG_TS" 2>/dev/null || echo "0")
+    fi
+    NOW=$(date +%s)
+
+    # Count mutating tool calls since last check
+    MUTATING_CALLS=$(python3 -c "
+import json, sys
+count = 0
+cutoff = $LAST_CHECK
+mutating = {'Write', 'Edit', 'MultiEdit', 'Bash'}
+mutating_prefixes = ('mcp__freshservice', 'mcp__mcp-atlassian', 'mcp__slack__slack_post', 'mcp__gmail__send')
+try:
+    with open('$EVENTS_LOG') as f:
+        for line in f:
+            line = line.strip()
+            if not line: continue
+            try:
+                ev = json.loads(line)
+                ts = ev.get('timestamp', 0)
+                if isinstance(ts, str):
+                    from datetime import datetime
+                    ts = int(datetime.fromisoformat(ts.replace('Z', '+00:00')).timestamp())
+                if ts <= cutoff: continue
+                tool = ev.get('tool_name', '')
+                if tool in mutating or any(tool.startswith(p) for p in mutating_prefixes):
+                    count += 1
+            except: pass
+except: pass
+print(count)
+" 2>/dev/null)
+
+    echo "$NOW" > "$LAST_AUTOLOG_TS"
+
+    if [ "$MUTATING_CALLS" -gt 0 ] && [ "$SHOULD_LOG" != "true" ]; then
+        SHOULD_LOG=true
+    fi
+fi
+
 # If action detected, output logging reminder with exact instructions
 TODAY=$(date +%Y-%m-%d)
 DAILY_DIR="$HOME/.claude/ftm-ops/daily"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "feed-the-machine",
-  "version": "1.7.9",
+  "version": "1.7.11",
   "description": "A brain upgrade for Claude Code — 26 skills that teach it how to think before acting, remember across conversations, debug like a war room, run plans on autopilot with agent teams, and get second opinions from GPT & Gemini. Plus 15 hooks that automate the boring stuff.",
   "license": "MIT",
   "author": "kkudumu",