vijay_admin/sentryagent-idp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
861d9312d8578c2e91b081d3c7e4cba3339ee915
sentryagent-idp/scripts/start-validator.sh
SentryAgent.ai Developer d216096dfb feat(governance): add V&V Architect (LeadValidator) — independent audit agent 
Fixes a critical bug where VALIDATOR.md contained a copy of start-validator.sh
(making the validator unlaunchable). Introduces a fully independent V&V Architect
agent that audits the codebase against the PRD and OpenSpec outside the CTO's
chain of command.

Changes:
- VALIDATOR.md: rewritten as proper system prompt (8-phase audit methodology,
  issue format, severity model, communication protocol)
- scripts/start-validator.sh: isolated workspace setup, sanity check, auto-init
  ledger, validator-specific CLAUDE.md (no CEO context contamination)
- openspec/vv_audit/LEDGER.md: shared audit ledger index (CEO release gate view)
- openspec/changes/archive/2026-04-07-vv-architect-setup/: full OpenSpec artifacts
  (proposal.md, design.md, tasks.md — 28 tasks, all complete)

Note: .cto-workspace/CLAUDE.md updated (gitignored — persists on disk only).
#vv-findings hub channel created for real-time validator notifications.

CEO approved 2026-04-07.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-07 02:56:36 +00:00

119 lines
4.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# =============================================================================
# SentryAgent.ai — Start V&V Architect (Lead Validator)
# =============================================================================
# Launches an independent Claude Code instance as the Lead Validator.
# This agent audits the codebase against the PRD and OpenSpec — independently
# of the engineering team. It reports findings directly to the CEO.
#
# Usage:
# ./scripts/start-validator.sh
# =============================================================================
set -e
PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
VALIDATOR_WORKSPACE="$PROJECT_ROOT/.validator-workspace"
VALIDATOR_SYSTEM_PROMPT="$PROJECT_ROOT/VALIDATOR.md"
SHARED_LEDGER="$PROJECT_ROOT/openspec/vv_audit"
echo "=============================================="
echo " SentryAgent.ai — Starting V&V Architect"
echo " (Lead Validator — Independent Audit Agent)"
echo "=============================================="
echo ""
echo " Project root: $PROJECT_ROOT"
echo " Workspace: $VALIDATOR_WORKSPACE"
echo " System prompt: $VALIDATOR_SYSTEM_PROMPT"
echo " Shared ledger: $SHARED_LEDGER"
echo ""
echo " The V&V Architect will:"
echo " 1. Read README.md (PRD) in full"
echo " 2. Register on hub as LeadValidator"
echo " 3. Audit code against OpenSpec & PRD"
echo " 4. Enforce DRY, SOLID, TypeScript standards"
echo " 5. Log findings to openspec/vv_audit/"
echo " 6. Notify CEO of any BLOCKERs"
echo ""
echo "=============================================="
echo ""
# Verify system prompt exists and has correct content (not a shell script)
if [ ! -f "$VALIDATOR_SYSTEM_PROMPT" ]; then
echo "ERROR: VALIDATOR.md not found at $VALIDATOR_SYSTEM_PROMPT"
exit 1
fi
# Quick sanity check — VALIDATOR.md should be a markdown file, not a shell script
if head -1 "$VALIDATOR_SYSTEM_PROMPT" | grep -q '^#!/bin/bash'; then
echo "ERROR: VALIDATOR.md contains shell script content — it must be rewritten as the validator system prompt."
echo "See VALIDATOR.md header for the correct format."
exit 1
fi
# Create validator workspace (isolated from main project session)
mkdir -p "$VALIDATOR_WORKSPACE"
# Create the shared V&V audit ledger directory (written by validator, read by CTO)
mkdir -p "$SHARED_LEDGER"
# Initialize ledger index if it doesn't exist
if [ ! -f "$SHARED_LEDGER/LEDGER.md" ]; then
cat > "$SHARED_LEDGER/LEDGER.md" <<'EOF'
# V&V Audit Ledger
**Project:** SentryAgent.ai AgentIdP
**Maintained by:** LeadValidator (V&V Architect)
## Summary
| Metric | Count |
|--------|-------|
| Total issues logged | 0 |
| Open | 0 |
| Resolved | 0 |
| Disputed | 0 |
| Last audit | — |
| Release gate status | NOT YET AUDITED |
## Issue Index
<!-- Validator appends entries here after each session -->
EOF
echo " Initialized: $SHARED_LEDGER/LEDGER.md"
fi
# Write a minimal CLAUDE.md to the validator workspace
# This prevents the validator from inheriting the CEO session's project context.
# The validator's full identity comes from --system-prompt-file (VALIDATOR.md).
cat > "$VALIDATOR_WORKSPACE/CLAUDE.md" <<EOF
# SentryAgent.ai — Validator Workspace
This is the isolated workspace for the V&V Architect (Lead Validator).
Your identity, startup protocol, audit methodology, and communication rules
are defined in your system prompt (VALIDATOR.md).
## Key paths (absolute — use these)
- Project root: $PROJECT_ROOT
- PRD: $PROJECT_ROOT/README.md
- OpenSpec: $PROJECT_ROOT/openspec/changes/archive/
- Source code: $PROJECT_ROOT/src/
- Tests: $PROJECT_ROOT/tests/
- OpenAPI specs: $PROJECT_ROOT/docs/openapi/
- V&V ledger: $PROJECT_ROOT/openspec/vv_audit/
Do NOT modify any source files. You are an auditor, not a developer.
EOF
echo " Workspace ready: $VALIDATOR_WORKSPACE"
echo ""
echo " Launching V&V Architect..."
echo ""
# Launch Claude Code as the independent Validator
# --system-prompt-file injects VALIDATOR.md as the system prompt,
# overriding default behavior and establishing the auditor identity.
cd "$VALIDATOR_WORKSPACE"
exec claude --system-prompt-file "$VALIDATOR_SYSTEM_PROMPT"
Reference in New Issue View Git Blame Copy Permalink