Aureliolo
diff --git a/‎CLAUDE.md‎
Lines changed: 2 additions & 1 deletion b/‎CLAUDE.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎DESIGN_SPEC.md‎
Lines changed: 40 additions & 4 deletions b/‎DESIGN_SPEC.md‎
Lines changed: 40 additions & 4 deletions
diff --git a/‎README.md‎
Lines changed: 5 additions & 3 deletions b/‎README.md‎
Lines changed: 5 additions & 3 deletions
diff --git a/‎src/ai_company/communication/enums.py‎
Lines changed: 1 addition & 0 deletions b/‎src/ai_company/communication/enums.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/ai_company/core/enums.py‎
Lines changed: 1 addition & 0 deletions b/‎src/ai_company/core/enums.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/ai_company/hr/__init__.py‎
Lines changed: 1 addition & 0 deletions b/‎src/ai_company/hr/__init__.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/ai_company/hr/archival_protocol.py‎
Lines changed: 77 additions & 0 deletions b/‎src/ai_company/hr/archival_protocol.py‎
Lines changed: 77 additions & 0 deletions
diff --git a/‎src/ai_company/hr/enums.py‎
Lines changed: 48 additions & 0 deletions b/‎src/ai_company/hr/enums.py‎
Lines changed: 48 additions & 0 deletions
@@ -50,6 +50,7 @@ src/ai_company/
   config/         # YAML company config loading and validation
   core/           # Shared domain models and base classes
   engine/         # Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, task lifecycle, recovery, shutdown, workspace isolation, and coordination error classification
+  hr/             # HR engine: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection)
   memory/         # Persistent agent memory (Mem0 initial, custom stack future — ADR-001), retrieval pipeline (ranking, injection, context formatting), shared org memory (org/), consolidation/archival (consolidation/)
   persistence/    # Operational data persistence — pluggable PersistenceBackend protocol, SQLite initial (§7.6)
   observability/  # Structured logging, correlation tracking, log sinks
@@ -83,7 +84,7 @@ src/ai_company/
 - **Every module** with business logic MUST have: `from ai_company.observability import get_logger` then `logger = get_logger(__name__)`
 - **Never** use `import logging` / `logging.getLogger()` / `print()` in application code
 - **Variable name**: always `logger` (not `_logger`, not `log`)
-- **Event names**: always use constants from the domain-specific module under `ai_company.observability.events` (e.g. `PROVIDER_CALL_START` from `events.provider`, `BUDGET_RECORD_ADDED` from `events.budget`, `CFO_ANOMALY_DETECTED` from `events.cfo`, `CONFLICT_DETECTED` from `events.conflict`, `MEETING_STARTED` from `events.meeting`, `CLASSIFICATION_START` from `events.classification`, `CONSOLIDATION_START` from `events.consolidation`, `ORG_MEMORY_QUERY_START` from `events.org_memory`, `API_REQUEST_STARTED` from `events.api`, `CODE_RUNNER_EXECUTE_START` from `events.code_runner`, `DOCKER_EXECUTE_START` from `events.docker`, `MCP_INVOKE_START` from `events.mcp`). Import directly: `from ai_company.observability.events.<domain> import EVENT_CONSTANT`
+- **Event names**: always use constants from the domain-specific module under `ai_company.observability.events` (e.g. `PROVIDER_CALL_START` from `events.provider`, `BUDGET_RECORD_ADDED` from `events.budget`, `CFO_ANOMALY_DETECTED` from `events.cfo`, `CONFLICT_DETECTED` from `events.conflict`, `MEETING_STARTED` from `events.meeting`, `CLASSIFICATION_START` from `events.classification`, `CONSOLIDATION_START` from `events.consolidation`, `ORG_MEMORY_QUERY_START` from `events.org_memory`, `API_REQUEST_STARTED` from `events.api`, `CODE_RUNNER_EXECUTE_START` from `events.code_runner`, `DOCKER_EXECUTE_START` from `events.docker`, `MCP_INVOKE_START` from `events.mcp`, `SECURITY_EVALUATE_START` from `events.security`, `HR_HIRING_REQUEST_CREATED` from `events.hr`, `PERF_METRIC_RECORDED` from `events.performance`). Import directly: `from ai_company.observability.events.<domain> import EVENT_CONSTANT`
 - **Structured kwargs**: always `logger.info(EVENT, key=value)` — never `logger.info("msg %s", val)`
 - **All error paths** must log at WARNING or ERROR with context before raising
 - **All state transitions** must log at INFO
 
@@ -79,9 +79,9 @@ The MVP validates the core hypothesis: **a single agent can complete a real task
 
 > **How to read this spec:** Sections describe the full vision. Each section with deferred features includes an **MVP** callout box indicating what ships in M3 and what is deferred. The full design is documented upfront to inform architecture decisions — protocol interfaces are designed even for features that won't be built until later milestones.
 
-> **Implementation snapshot (2026-03-09):**
-> - **Done:** M0–M6 (tooling, config/core, providers, single-agent engine, multi-agent orchestration, API/CLI surface). Memory layer backend selected ([ADR-001](docs/decisions/ADR-001-memory-layer.md)). Persistence backend (§7.6) completed. Memory retrieval pipeline (#41: ranking, token-budget formatting, context injection) complete. Budget enforcement complete (BudgetEnforcer + configurable cost tiers + quota/subscription tracking). CFO cost optimization complete (CostOptimizer: anomaly detection, efficiency analysis, downgrade recommendations, routing optimization, approval decisions; ReportGenerator: multi-dimensional spending reports). Shared org memory (#125: HybridPromptRetrievalBackend, OrgFactStore, access control, factory) complete. Memory consolidation/archival (#48: ConsolidationService, SimpleConsolidationStrategy, RetentionEnforcer, ArchivalStore protocol) complete.
-> - **In progress:** M7 — Docker sandbox (#50), MCP bridge (#53), code runner implemented. Security + approval system not started.
+> **Implementation snapshot (2026-03-10):**
+> - **Done:** M0–M6 (tooling, config/core, providers, single-agent engine, multi-agent orchestration, API/CLI surface) + Docker sandbox (#50), MCP bridge (#53), code runner + HR engine (hiring/firing/onboarding/offboarding/registry) + performance tracking (task metrics, quality scoring, collaboration scoring, trend detection, rolling windows). Memory layer backend selected ([ADR-001](docs/decisions/ADR-001-memory-layer.md)). Persistence backend (§7.6) completed. Memory retrieval pipeline (#41: ranking, token-budget formatting, context injection) complete. Budget enforcement complete (BudgetEnforcer + configurable cost tiers + quota/subscription tracking). CFO cost optimization complete (CostOptimizer: anomaly detection, efficiency analysis, downgrade recommendations, routing optimization, approval decisions; ReportGenerator: multi-dimensional spending reports). Shared org memory (#125: HybridPromptRetrievalBackend, OrgFactStore, access control, factory) complete. Memory consolidation/archival (#48: ConsolidationService, SimpleConsolidationStrategy, RetentionEnforcer, ArchivalStore protocol) complete.
+> - **Remaining:** M7 security + approval system (SecOps agent, progressive trust, JWT/OAuth auth).
 
 ### 1.5 Configuration Philosophy
 
@@ -1652,6 +1652,13 @@ Strategy selection via config: `memory.retrieval.strategy: context | tool_based
 
 > **MVP: Not in M3–M4.** HR features (hiring, firing, performance tracking, promotions) are M5–M7. Agent workforce is configured manually via YAML in early milestones.
 
+> **Implementation note (M7):** Hiring pipeline (`HiringService`), offboarding pipeline
+> (`OffboardingService`), onboarding checklists (`OnboardingService`), and agent registry
+> (`AgentRegistryService`) are now implemented. Performance tracking subsystem
+> (`hr/performance/`) complete with pluggable quality scoring, collaboration scoring,
+> trend detection, and multi-window aggregation. Promotions/demotions (section 8.4)
+> remain unimplemented.
+
 ### 8.1 Hiring Process
 
 The HR system manages the agent workforce dynamically:
@@ -2823,7 +2830,33 @@ ai-company/
 │       │   │   ├── scorer.py      # AgentTaskScorer (skill/role/seniority matching)
 │       │   │   ├── service.py     # TaskRoutingService (routes subtasks to agents)
 │       │   │   └── topology_selector.py # TopologySelector (auto coordination topology)
-│       │   └── hr_engine.py        # Hiring, firing, performance (M7)
+│       ├── hr/                      # HR engine: hiring, firing, onboarding, offboarding, agent registry, performance tracking
+│       │   ├── __init__.py         # Package exports
+│       │   ├── enums.py            # HR enumerations (HiringRequestStatus, FiringReason, OnboardingStep, LifecycleEventType, TrendDirection)
+│       │   ├── errors.py           # HR error hierarchy
+│       │   ├── models.py           # CandidateCard, HiringRequest, FiringRequest, OnboardingChecklist, OffboardingRecord, AgentLifecycleEvent
+│       │   ├── registry.py         # AgentRegistryService (agent lifecycle registry)
+│       │   ├── hiring_service.py   # HiringService (request → generate candidate → approval → instantiate)
+│       │   ├── onboarding_service.py # OnboardingService (checklist management)
+│       │   ├── offboarding_service.py # OffboardingService (reassign → archive → notify → terminate)
+│       │   ├── archival_protocol.py  # MemoryArchivalStrategy protocol
+│       │   ├── full_snapshot_strategy.py # FullSnapshotArchivalStrategy
+│       │   ├── reassignment_protocol.py # TaskReassignmentStrategy protocol
+│       │   ├── queue_return_strategy.py # QueueReturnReassignmentStrategy
+│       │   ├── persistence_protocol.py # HR-specific repository protocols
+│       │   └── performance/         # Performance tracking subsystem
+│       │       ├── __init__.py     # Package exports
+│       │       ├── models.py       # TaskMetricRecord, CollaborationMetricRecord, WindowMetrics, TrendResult, etc.
+│       │       ├── config.py       # PerformanceConfig
+│       │       ├── tracker.py      # PerformanceTracker service
+│       │       ├── quality_protocol.py # QualityScorer protocol
+│       │       ├── ci_quality_strategy.py # CiQualityScorer (CI-based quality scoring)
+│       │       ├── collaboration_protocol.py # CollaborationScorer protocol
+│       │       ├── behavioral_collaboration_strategy.py # BehavioralCollaborationScorer
+│       │       ├── trend_protocol.py # TrendDetector protocol
+│       │       ├── theil_sen_strategy.py # TheilSenTrendDetector (robust trend detection)
+│       │       ├── window_protocol.py # WindowAggregator protocol
+│       │       └── multi_window_strategy.py # MultiWindowAggregator (multi-window rolling metrics)
 │       ├── communication/           # Inter-agent communication
 │       │   ├── bus_memory.py       # InMemoryMessageBus implementation
 │       │   ├── bus_protocol.py     # MessageBus protocol interface
@@ -2921,6 +2954,7 @@ ai-company/
 │       │       ├── __init__.py    # Package exports
 │       │       ├── backend.py     # SQLitePersistenceBackend
 │       │       ├── repositories.py # SQLite repository implementations
+│       │       ├── hr_repositories.py # SQLite HR repositories (LifecycleEvent, TaskMetricRecord, CollaborationMetricRecord)
 │       │       └── migrations.py  # Schema migrations (user_version pragma)
 │       ├── observability/           # Structured logging & correlation
 │       │   ├── __init__.py         # get_logger() entry point
@@ -2944,10 +2978,12 @@ ai-company/
 │       │   │   ├── decomposition.py # DECOMPOSITION_* constants
 │       │   │   ├── execution.py   # EXECUTION_* constants
 │       │   │   ├── git.py         # GIT_* constants
+│       │   │   ├── hr.py         # HR_* constants
 │       │   │   ├── meeting.py    # MEETING_* constants
 │       │   │   ├── memory.py     # MEMORY_* constants
 │       │   │   ├── org_memory.py # ORG_MEMORY_* constants
 │       │   │   ├── parallel.py    # PARALLEL_* constants
+│       │   │   ├── performance.py # PERF_* constants
 │       │   │   ├── persistence.py # PERSISTENCE_* constants
 │       │   │   ├── personality.py # PERSONALITY_* constants
 │       │   │   ├── prompt.py      # PROMPT_* constants
 
@@ -10,7 +10,7 @@ AI Company lets you spin up a virtual organization staffed entirely by AI agents
 
 ## Current Capability Snapshot
 
-### Implemented (M0–M6 complete)
+### Implemented (M0–M6 complete, M7 HR partial)
 
 - **Company Config + Core Models** - Strong Pydantic validation, immutable config models, runtime state models
 - **Provider Layer** - LiteLLM-based provider abstraction with routing, retry, and rate limiting
@@ -28,17 +28,19 @@ AI Company lets you spin up a virtual organization staffed entirely by AI agents
 - **Human Approval Queue (M6)** - Approval submission, approve/reject with reason, list/filter by status, WebSocket notifications for approval events
 - **WebSocket Real-Time Feed (M6)** - Channel-based subscriptions (tasks, agents, budget, messages, system, approvals), per-channel payload filters, message-bus bridge
 - **Route Guards (M6)** - Role-based read/write access control (stub auth for M6; real JWT/OAuth planned for M7)
+- **HR Engine (M7)** - Hiring pipeline (request → generate candidate → approval → instantiate), onboarding checklists, offboarding pipeline (reassign → archive → notify → terminate), agent registry
+- **Performance Tracking (M7)** - Task metrics, CI-based quality scoring, behavioral collaboration scoring, Theil-Sen robust trend detection, multi-window rolling metric aggregation
 
 ### Not implemented yet (planned milestones)
 
 - **Memory Backend Adapter (M5)** - Memory protocols, retrieval pipeline, org memory, and consolidation are complete; initial Mem0 adapter backend ([ADR-001](docs/decisions/ADR-001-memory-layer.md)) pending; research backends (GraphRAG, Temporal KG) planned
 - **CLI Surface** - `cli/` package is placeholder-only
 - **Security/Approval System (M7)** - SecOps agent with rule engine (soft-allow/hard-deny, fail-closed), audit log, output scanner, risk classifier, and ToolInvoker integration are implemented; real authentication (JWT/OAuth), progressive trust, and approval workflow gates are planned
-- **Advanced Product Surface** - web dashboard, HR workflows, and external integrations
+- **Advanced Product Surface** - web dashboard, external integrations
 
 ## Status
 
-**M7: Security & HR** in progress (M0–M6 all done). See [DESIGN_SPEC.md](DESIGN_SPEC.md) for the full high-level specification.
+**M7: Security & Approval** partially complete — Docker sandbox, MCP bridge, code runner, SecOps agent, HR engine + performance tracking done; authentication/approval remain. See [DESIGN_SPEC.md](DESIGN_SPEC.md) for the full high-level specification.
 
 ## Tech Stack
 
 
@@ -18,6 +18,7 @@ class MessageType(StrEnum):
     STATUS_REPORT = "status_report"
     ESCALATION = "escalation"
     MEETING_CONTRIBUTION = "meeting_contribution"
+    HR_NOTIFICATION = "hr_notification"
 
 
 class MessagePriority(StrEnum):
 
@@ -68,6 +68,7 @@ class AgentStatus(StrEnum):
     """Lifecycle status of an agent."""
 
     ACTIVE = "active"
+    ONBOARDING = "onboarding"
     ON_LEAVE = "on_leave"
     TERMINATED = "terminated"
 
 
@@ -0,0 +1 @@
+"""HR engine — agent lifecycle management and performance tracking."""
@@ -0,0 +1,77 @@
+"""Memory archival strategy protocol.
+
+Defines the interface for pluggable strategies that handle
+agent memory archival during offboarding (D10).
+"""
+
+from typing import Protocol, runtime_checkable
+
+from pydantic import BaseModel, ConfigDict, Field
+
+from ai_company.core.enums import SeniorityLevel  # noqa: TC001
+from ai_company.core.types import NotBlankStr  # noqa: TC001
+from ai_company.memory.consolidation.archival import ArchivalStore  # noqa: TC001
+from ai_company.memory.org.protocol import OrgMemoryBackend  # noqa: TC001
+from ai_company.memory.protocol import MemoryBackend  # noqa: TC001
+
+
+class ArchivalResult(BaseModel):
+    """Result of a memory archival operation.
+
+    Attributes:
+        agent_id: Agent whose memories were archived.
+        total_archived: Number of memories archived.
+        promoted_to_org: Number promoted to org memory.
+        hot_store_cleaned: Whether the hot store was cleaned.
+        strategy_name: Name of the archival strategy used.
+    """
+
+    model_config = ConfigDict(frozen=True, allow_inf_nan=False)
+
+    agent_id: NotBlankStr = Field(description="Agent whose memories were archived")
+    total_archived: int = Field(ge=0, description="Memories archived")
+    promoted_to_org: int = Field(ge=0, description="Promoted to org memory")
+    hot_store_cleaned: bool = Field(description="Hot store cleaned")
+    strategy_name: NotBlankStr = Field(description="Archival strategy used")
+
+
+@runtime_checkable
+class MemoryArchivalStrategy(Protocol):
+    """Strategy for archiving agent memories during offboarding.
+
+    Implementations handle the complete memory archival pipeline:
+    retrieving from hot store, archiving to cold store, optionally
+    promoting to org memory, and cleaning up the hot store.
+    """
+
+    @property
+    def name(self) -> str:
+        """Human-readable strategy name."""
+        ...
+
+    async def archive(
+        self,
+        *,
+        agent_id: NotBlankStr,
+        memory_backend: MemoryBackend,
+        archival_store: ArchivalStore,
+        org_memory_backend: OrgMemoryBackend | None = None,
+        agent_seniority: SeniorityLevel | None = None,
+    ) -> ArchivalResult:
+        """Archive all memories for a departing agent.
+
+        Args:
+            agent_id: Agent whose memories to archive.
+            memory_backend: Hot memory store.
+            archival_store: Cold archival storage.
+            org_memory_backend: Optional org memory for promotion.
+            agent_seniority: Seniority level of the departing agent.
+                Required for org memory promotion (skipped if None).
+
+        Returns:
+            Result of the archival operation.
+
+        Raises:
+            MemoryArchivalError: If retrieval from hot store fails.
+        """
+        ...
@@ -0,0 +1,48 @@
+"""HR domain enumerations."""
+
+from enum import StrEnum
+
+
+class HiringRequestStatus(StrEnum):
+    """Status of a hiring request through the approval pipeline."""
+
+    PENDING = "pending"
+    APPROVED = "approved"
+    REJECTED = "rejected"
+    INSTANTIATED = "instantiated"
+
+
+class FiringReason(StrEnum):
+    """Reason for agent termination."""
+
+    MANUAL = "manual"
+    PERFORMANCE = "performance"
+    BUDGET = "budget"
+    PROJECT_COMPLETION = "project_completion"
+
+
+class OnboardingStep(StrEnum):
+    """Steps in the agent onboarding checklist."""
+
+    COMPANY_CONTEXT = "company_context"
+    PROJECT_BRIEFING = "project_briefing"
+    TEAM_INTRODUCTIONS = "team_introductions"
+
+
+class LifecycleEventType(StrEnum):
+    """Type of agent lifecycle event."""
+
+    HIRED = "hired"
+    ONBOARDED = "onboarded"
+    FIRED = "fired"
+    OFFBOARDED = "offboarded"
+    STATUS_CHANGED = "status_changed"
+
+
+class TrendDirection(StrEnum):
+    """Direction of a performance metric trend."""
+
+    IMPROVING = "improving"
+    STABLE = "stable"
+    DECLINING = "declining"
+    INSUFFICIENT_DATA = "insufficient_data"
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+"""HR engine — agent lifecycle management and performance tracking."""`