Home A - Z
Page Index

An Otter Wiki

Commit 27d89a

2026-03-20 19:17:08 Claude (MCP): [mcp] Reorganized memory: behavioral rules inline, operational rules scoped, informational knowledge in wiki only
Dev/Claude_Code_Memory_Backup.md ..
@@ 1,17 1,80 @@
---
category: reference
tags: [claude-code, memory, process, backup]
- last_updated: 2026-03-18
+ last_updated: 2026-03-20
confidence: high
---
# Claude Code Project Memory Backup
- Backup of Claude Code's persistent memory for the otterwiki/robot.wtf project. These memories guide how Claude Code operates across sessions.
+ Reorganized 2026-03-20. Memory is now tiered for progressive disclosure:
- ## Architecture
+ - **MEMORY.md** — always loaded. Behavioral rules inline, operational rule index with scopes.
+ - **Operational rule files** — loaded by scope when task matches. Tracked with `last_used` frontmatter.
+ - **archive.md** — cold operational rules, consulted on demand.
+ - **Wiki** — all informational/project knowledge. No local copies.
- ### Repos and Tools
+ ---
+
+ ## MEMORY.md (Operational Briefing)
+
+ ### Project
+ - robot.wtf — multi-tenant wiki platform (app server, auth, MCP, management API).
+ - Repos under `/Users/sderle/code/otterwiki/`. Parent dir is NOT a git repo.
+
+ ### User
+ - Concise, no sycophancy, no fake enthusiasm.
+ - Bias toward minimal solutions. Don't over-engineer.
+ - Uses plan mode for non-trivial changes.
+
+ ### Behavioral rules
+ - Opus orchestrates, Sonnet implements. Always.
+ - All subagents run in background, no exceptions.
+ - Worktrees must target a specific repo (e.g. `robot.wtf/`), never the parent directory.
+ - TDD by default. Discuss before skipping.
+ - Rule of Two: dispatch a second agent to independently verify any subagent finding before accepting it.
+ - Plan review before implementation. Insert explicit Loop Check tasks in the pipeline where the orchestrator decides whether to revise or proceed.
+ - Verify branch state with git log before any merge.
+ - Dispatch verification agent before merging subagent work.
+ - Fix known issues now. Don't carry debt.
+ - Don't ask questions you can answer by reading code, wiki, or docs.
+ - Question the premise before optimizing. Ask "should this exist?" before "how to make it faster?"
+ - Never ignore pre-existing test failures. Fix or flag.
+ - On session start, scan operational rules below. Load any that match the task.
+ - Follow Design/Implementation_Workflow in wiki for full pipeline.
+
+ ### Memory management
+ - Behavioral rules: inline in MEMORY.md, no separate files.
+ - Operational rules: individual files with scope and last_used in frontmatter.
+ - Informational/project knowledge: write to dev wiki, not local files.
+ - Cold operational rules: move index entry to archive.md.
+ - Session end: update last_used on any operational rule that was applied.
+ - Review when: last_used > 2 weeks OR MEMORY.md exceeds 150 lines.
+
+ ### Wiki knowledge base (query on demand via dev-wiki MCP)
+ - Design/ — feature specs, architecture decisions
+ - Dev/ — implementation summaries, benchmarks, retrospectives
+ - Tasks/ — task breakdowns (To-Do page is authoritative tracker)
+ - Security/ — OWASP audit
+ - Dev/Claude_Code_Memory_Backup — canonical memory snapshot
+ - Use semantic_search when the page location isn't obvious from the index.
+
+ ### Operational rules (load by scope)
+ - repos-and-tools.md — scope: git
+ - vps-access.md — scope: deploy
+ - feedback_reproducible_vps.md — scope: deploy
+ - feedback_otterwiki_config_override.md — scope: db
+ - reference_db_locations.md — scope: db
+ - mcp-servers.md — scope: mcp
+ - mcp-auth.md — scope: mcp
+ - feedback_preflight_checklist.md — scope: workflow
+ - feedback_explicit_loop_checks.md — scope: workflow
+
+ ---
+
+ ## Operational Rule Files (full content)
+
+ ### repos-and-tools.md (scope: git)
All repos live under `/Users/sderle/code/otterwiki/`. The parent directory is NOT a git repo.
@@ 29,21 92,7 @@
**Deploy flow (robot.wtf):** `ansible-playbook ansible/deploy.yml -i ansible/inventory.yml` from robot.wtf repo.
- ### MCP Servers (DO NOT CONFUSE)
-
- - **dev-wiki** (`mcp__dev-wiki__*`) = dev.robot.wtf — platform dev instance
- - **thirdgulfwar** (`mcp__thirdgulfwar__*`) = 3gw.robot.wtf — research wiki (LXC/Caddy)
- - **claude_ai_Third_Gulf_War_research_wiki** — same as thirdgulfwar, via Claude.ai connector
-
- ### MCP Authentication
-
- - `MultiAuth` composes `InMemoryOAuthProvider` (OAuth 2.1 for Claude.ai) + `StaticTokenVerifier` (bearer token for Claude Code)
- - OAuth is the transport layer — Caddy basic auth on `/authorize*` is the actual gate
- - Tokens are in-memory; server restart forces re-auth
- - Claude.ai URL: `https://mcp.3gw.robot.wtf/mcp` (must include `/mcp`!)
- - Claude.ai does NOT support bearer token auth — only OAuth
-
- ### VPS Infrastructure
+ ### vps-access.md (scope: deploy)
**wiki-1 (app server):** `ssh sderle@192.168.77.107`
- Services: otterwiki (8000), MCP sidecar (8001), API (8002), auth (8003)
@@ 51,75 100,65 @@
- Ansible: `/Users/sderle/code/otterwiki/robot.wtf/ansible/`
**proxy-1 (Caddy):** `ssh sderle@robot.wtf`
- - Manages TLS for robot.wtf, *.robot.wtf
- Read-only only. Managed by separate Ansible repo.
- **3GW (local network):** LXC container at `3gw.lan`, zmx session `3gw`
-
- ## Process Rules
-
- ### Agent Delegation Model
-
- - **Opus orchestrates, Sonnet implements.** No Opus manager layer.
- - **ALL subagents run in background** (`run_in_background: true`), no exceptions.
- - **Worktree isolation required** for code changes. Parent dir is NOT a git repo — must scope to specific repo.
-
- ### Implementation Workflow
-
- See [[Design/Implementation_Workflow]] for full process. Pipeline: Plan (Opus) → Plan Review (Sonnet) → Implement (Sonnet, worktree) → Chico review → Zeppo review → Fix → Re-review → Verify.
+ **3GW (local network):** LXC container at `3gw.lan`, zmx session `3gw`.
- ### Feedback Rules (Hard-Won Lessons)
+ ### feedback_reproducible_vps.md (scope: deploy)
- **Rule of Two:** Never accept a subagent finding without independent verification. A test agent once reported a 404 bug using the wrong URL — it was accepted and written into the wiki before anyone checked.
+ **NEVER run SSH commands that mutate the VPS.** Allowed: read-only diagnostics (`journalctl`, `systemctl status`, `curl`, `cat`, `ls`, `sqlite3 SELECT`). NOT allowed: `pip install`, `sed -i`, `systemctl restart`, `rm`, `mkdir`, or any state-changing command.
- **Fix, don't defer:** Never suggest carrying known debt when the fix is bounded and small. Default is always: fix it now.
+ Correct workflow: Edit Ansible role → commit → `ansible-playbook deploy.yml` → verify via read-only SSH.
- **Self-sufficient:** Don't ask questions you can answer by reading code, wiki, or design docs. Only escalate when genuinely blocked or when a decision requires user judgment.
+ Corrected five times. The 45-second deploy cycle is the cost of reproducibility and it is always worth paying. Subagents must also follow this rule.
- **Reproducible VPS:** NEVER mutate the VPS via SSH. All changes through Ansible. This has been corrected five times. Allowed via SSH: read-only diagnostics only (`journalctl`, `systemctl status`, `curl`, `cat`, `ls`, `sqlite3 SELECT`).
+ ### feedback_otterwiki_config_override.md (scope: db)
- **Pre-merge verification:** Always dispatch a verification agent before merging any subagent's branch. Read the diff, confirm changes match spec, run tests.
+ Otterwiki's `update_app_config()` loads preferences from the active DB and overwrites Flask config. Load order: defaults → settings.cfg → env vars → DB (DB wins). The startup default DB creates empty-string rows that overwrite settings.cfg.
- **TDD by default:** Red/green TDD whenever possible. Write failing test first, then implementation. Discuss with user before skipping.
+ Always seed config values in per-wiki preferences table via `_init_wiki_db()`. Do NOT rely on settings.cfg for user-modifiable config.
- **No ignored failures:** If a test is failing before your changes, fix it or flag it. Don't normalize broken tests.
+ ### reference_db_locations.md (scope: db)
- **Plan Review:** Always dispatch a Plan Review agent after Plan, before implementation. Include deployment context (gunicorn timeout, etc.).
+ **Platform DB** (`/srv/data/robot.db`): Schema in `ansible/roles/database/files/schema.sql`. Tables: `users`, `wikis`, `oauth_*`, `mcp_tokens`. Code: `app/db.py`, `app/models/`.
- **Opus never implements:** Always dispatch a subagent, even for trivial tasks. Opus holds the steering wheel, not the wrench.
+ **Per-wiki DBs** (`/srv/data/wikis/{slug}/wiki.db`): Otterwiki's own SQLAlchemy schema. Tables: `preferences`, `user`, drafts. Code: `app/resolver.py` (`_init_wiki_db`). Initialized on first access (idempotent).
- **Question the premise:** When a finding says X is slow, ask whether X should exist at all before optimizing. The bcrypt linear scan fix was "add a prefix column" when the answer was "don't use bcrypt for API tokens."
+ These are NOT the same schema. Code that writes to one does not affect the other.
- **Pre-flight checklist:** Before dispatching worktree agents: (1) verify CWD is inside target git repo, (2) confirm plan-review loop complete, (3) confirm task dependencies wired.
+ ### mcp-servers.md (scope: mcp)
- **Otterwiki config override:** `update_app_config()` loads DB preferences and overwrites Flask config. DB wins over settings.cfg. Always seed values via `_init_wiki_db()`.
+ Three MCP connections. Do NOT confuse them.
- **Read memories first:** Read MEMORY.md and Implementation_Workflow wiki page before dispatching any agents. Create full task list before launching first agent.
-
- ## Project Context
-
- ### Per-Wiki SQLite DB (COMPLETED)
-
- Each wiki gets `/srv/data/wikis/{slug}/wiki.db`. Resolver swaps DB per-request. `_init_wiki_db()` seeds SITE_NAME, access levels, AUTH_METHOD, schema version.
+ - **dev-wiki** (`mcp__dev-wiki__*`) = dev.robot.wtf — platform dev instance
+ - **thirdgulfwar** (`mcp__thirdgulfwar__*`) = 3gw.robot.wtf — research wiki (LXC/Caddy)
+ - **claude_ai_Third_Gulf_War_research_wiki** — same as thirdgulfwar, via Claude.ai connector
- ### Cold Start / Performance
+ ### mcp-auth.md (scope: mcp)
- Lambda cold starts: ~4.5s mean (512MB, Python 3.12). .pyc files make it WORSE (+700ms from extra decompression). CDN caching is the path forward, not Lambda optimization.
+ `MultiAuth` composes `InMemoryOAuthProvider` (OAuth 2.1 for Claude.ai) + `StaticTokenVerifier` (bearer token for Claude Code). OAuth is the transport layer — Caddy basic auth on `/authorize*` is the actual gate. Tokens are in-memory; server restart forces re-auth.
- ### Shared Worktree Trial
+ Key gotchas: Claude.ai does NOT support bearer tokens. DCR disabled by default. Claude.ai URL must include `/mcp` path. `StaticTokenVerifier` (not `DebugTokenVerifier`) for bearer fallback.
- Trial file-level parallelism: multiple agents writing different files in a shared worktree. Use `EnterWorktree` to create shared worktree, dispatch agents to same path with assigned files.
+ ### feedback_preflight_checklist.md (scope: workflow)
- ## User Preferences
+ Before dispatching ANY worktree-isolated agent:
+ 1. Verify CWD is inside the target git repo
+ 2. Confirm plan-review loop is complete (no FAIL or CONDITIONS outstanding)
+ 3. Confirm task list dependencies are wired up
- - Concise, no sycophancy, no fake enthusiasm
- - Bias toward minimal solutions
- - Uses plan mode for non-trivial changes
- - Time is the most precious resource
- - `git add -A` is forbidden
+ ### feedback_explicit_loop_checks.md (scope: workflow)
- ## Reference Pointers
+ Pipeline template:
+ ```
+ - [ ] Plan
+ - [ ] Plan Review (blocked by Plan)
+ - [ ] Plan Loop Check (blocked by Plan Review) ← orchestrator evaluates
+ - [ ] Implement (blocked by Plan Loop Check)
+ - [ ] Chico review (blocked by Implement)
+ - [ ] Zeppo review (blocked by Implement)
+ - [ ] Review Loop Check (blocked by Chico + Zeppo) ← orchestrator evaluates
+ - [ ] Verify (blocked by Review Loop Check)
+ ```
- - **To-Do page** in dev wiki is the authoritative task tracker (supersedes Tasks/ pages)
- - **Implementation Workflow** at [[Design/Implementation_Workflow]]
- - **OWASP Audit** at [[Security/OWASP_2025_Audit]]
+ No standing "Fix" task. Fix tasks created only if Loop Check determines they're needed. Loop Check tasks completed by the orchestrator, not a subagent.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9