docs: address external review feedback with MVP scope and new protocols

[Aureliolo]

Summary

Addresses feedback from 3 external reviews of the design spec. All reviewers flagged scope communication, missing protocols, and over-engineering concerns.

Changes

• §1.4 MVP Definition — explicit M3 scope (what's built vs deferred), "how to read this spec" guide
• §1.5 Configuration Philosophy — progressive disclosure, minimal config example, pluggability note
• §6.7 Graceful Shutdown Protocol — new ShutdownStrategy protocol with 4 strategies (cooperative+timeout default), INTERRUPTED status, Windows compatibility notes, in-flight LLM cost handling
• §6.8 Concurrent Workspace Isolation — new WorkspaceIsolationStrategy protocol with 3 strategies (planner+worktrees default), state coordination table distinguishing framework state vs code/files
• §7.4 Memory backends 2-3 relabeled as "Research Directions (M5+)" — not planned implementations
• §11.3 Progressive Trust — "Disabled" marked as default, security invariant (human gate for elevated access) made prominent
• 12 inline MVP markers across §5.6, §5.7, §6.5, §6.6, §6.7, §6.8, §8, §10.3, §10.5, §11.1.2, §11.3, §12.4
• Minimal config examples in §10.4, §12.2
• §15.5 Engineering Conventions — 3 new rows: state coordination, workspace isolation, graceful shutdown
• Table of Contents updated with new sections

Design Decisions (from external review analysis)

Concern	Decision
Scope communication	§1.4 section + inline MVP markers
Concurrent state coordination	Centralized single-writer (TaskEngine)
Graceful shutdown	Cooperative + 30s timeout (pluggable ShutdownStrategy)
Concurrent file edits	Planner + git worktrees (pluggable WorkspaceIsolationStrategy)
Memory backend labeling	GraphRAG/TKG → "Research Directions"
Progressive trust default	Disabled (static access) for M3-M6
Config complexity	Progressive disclosure philosophy + minimal examples

Test plan

• Verify all markdown renders correctly on GitHub
• Verify Table of Contents links work
• Verify inline MVP markers are visible in each section
• Verify §6.7 and §6.8 section numbering is consistent
• Verify §15.5 table rows render correctly

🤖 Generated with Claude Code

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refines the design specification based on external review feedback, primarily by clarifying the Minimum Viable Product (MVP) scope, introducing new essential protocols for system robustness and multi-agent coordination, and addressing concerns about over-engineering. The changes aim to provide a clearer roadmap for implementation, ensure a more robust system architecture, and improve the overall readability and understanding of the framework's design.

Highlights

• MVP Definition and Configuration Philosophy: New sections were added to explicitly define the M3 MVP scope, detailing what features are built versus deferred, and outlining the progressive disclosure philosophy for configuration with minimal examples.
• Graceful Shutdown Protocol: A new ShutdownStrategy protocol was introduced, including four strategies (cooperative with timeout as default), a new INTERRUPTED task status, Windows compatibility notes, and handling for in-flight LLM call costs during shutdown.
• Concurrent Workspace Isolation: A new WorkspaceIsolationStrategy protocol was defined, offering three strategies (planner + git worktrees as default) for managing concurrent file edits by multiple agents, along with a table clarifying state coordination mechanisms.
• Memory Backend Reclassification: Memory backends previously labeled as 'Future' (GraphRAG and Temporal Knowledge Graph) were reclassified as 'Research Directions (M5+)' to clarify they are not planned implementations for earlier milestones.
• Progressive Trust Clarification: The 'Progressive Trust' section was updated to mark 'Disabled' as the default for M3-M6 and to prominently state the security invariant that human approval is always required for elevated access.
• Inline MVP Markers and Examples: Twelve inline MVP markers were added across various sections to clearly indicate M3 scope, and minimal configuration examples were provided for cost controls and autonomy levels.
• Engineering Conventions Update: The Engineering Conventions table was updated with new rows for state coordination, workspace isolation, and graceful shutdown, reflecting the newly introduced protocols and strategies.
• Table of Contents Enhancement: The Table of Contents was updated to include new sections and sub-sections, providing a more detailed overview of the document's structure.

Changelog

• DESIGN_SPEC.md
  • Updated the Table of Contents to reflect new sections and sub-sections.
  • Added a dedicated 'MVP Definition' section to clearly outline M3 scope and deferred features.
  • Introduced a 'Configuration Philosophy' section detailing progressive disclosure and pluggability.
  • Added MVP notes to sections on Conflict Resolution, Meeting Protocols, Execution Loops, and Crash Recovery to specify M3 scope.
  • Introduced a comprehensive 'Graceful Shutdown Protocol' section, defining strategies and handling for process termination.
  • Added a 'Concurrent Workspace Isolation' section, outlining strategies for multi-agent file access and state coordination.
  • Renamed 'Backend 2' and 'Backend 3' in Memory & Persistence to 'Research Directions (M5+)' and 'Research' respectively.
  • Added MVP notes to sections on HR & Workforce Management, CFO Agent Responsibilities, LLM Call Analytics, Sandbox Backends, and Approval Timeout.
  • Included minimal configuration examples for Cost Controls and Autonomy Levels.
  • Updated the 'Engineering Conventions' table with new entries for State Coordination, Workspace Isolation, and Graceful Shutdown.
  • Clarified the default strategy and security invariant for 'Progressive Trust'.

Activity

• No human activity has occurred on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

Release Notes

• Documentation
  • Updated design specification clarifying which features are included in the MVP release versus future milestones
  • Reorganized documentation with explicit milestone definitions (M3–M7+) for planned features
  • Added detailed MVP scope across architecture, execution strategies, trust models, and persistence approaches

Walkthrough

DESIGN_SPEC.md undergoes restructuring with renumbered table of contents, introduces formal MVP definitions and scope (sections 1.4–1.5), and adds MVP annotations throughout multiple sections (conflict resolution, execution loop, crash recovery, sandbox backends, trust mechanisms) alongside a new INTERRUPTED terminal task state.

Changes

Cohort / File(s)

Summary

Design Specification Document DESIGN_SPEC.md

Table of contents restructured with sequence renumbering; MVP definitions introduced (sections 1.4–1.5) outlining core goals and deferred milestones (M4–M7+). MVP annotations inserted across conflict resolution (5.6), meeting protocol (5.7), execution loop (6.5), crash recovery (6.6), graceful shutdown (6.7), workspace isolation (6.8), memory/persistence (7.x), workforce management (8.x), sandbox backends (11.1.2), progressive trust (11.3), and approval timeout (12.4). New INTERRUPTED terminal task state introduced for shutdown scenarios. Multiple features marked as deferred to post-MVP milestones.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• Add design specification, license, and project setup #2 — Directly modifies DESIGN_SPEC.md by introducing the same MVP scope restructuring and annotations across multiple sections.
• docs: add crash recovery, sandboxing, analytics, and testing decisions #127 — Updates DESIGN_SPEC.md with overlapping MVP changes to crash recovery strategies, sandbox backend tiers, and terminal task states.
• docs: expand design spec with pluggable strategy protocols #121 — Modifies DESIGN_SPEC.md to configure pluggable protocol design and memory layer components with concurrent MVP scope annotations.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change: addressing external review feedback by adding MVP scope definition and new protocols to the design spec.
Description check	✅ Passed	The description is well-related to the changeset, providing a summary of changes, specific sections modified, design decisions, and a test plan aligned with the actual changes to DESIGN_SPEC.md.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch docs/spec-mvp-scope

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request significantly improves the design specification by clarifying the MVP scope, adding new protocols for graceful shutdown and workspace isolation, and introducing a configuration philosophy of progressive disclosure. The changes are well-structured and address the feedback from external reviews effectively. I have one minor suggestion to improve the consistency of the 'State Coordination vs Workspace Isolation' table.

_{Note: Security Review has been skipped due to the limited scope of the PR.}

[gemini-code-assist]

In the 'State Coordination vs Workspace Isolation' table, the 'Mechanism' for 'Org memory' seems to describe a policy rather than an implementation mechanism, which makes it inconsistent with other rows. For clarity and consistency, consider describing the technical mechanism, similar to how it's done for 'Framework state'.

Suggested change

	| Org memory (shared knowledge) | Single-writer (`OrgMemoryBackend`) | Write-access controlled by role level |
	| Org memory (shared knowledge) | Single-writer (`OrgMemoryBackend`) | `OrgMemoryBackend` protocol with role-based access control |

[greptile-apps]

Greptile Summary

This PR addresses three rounds of external review feedback by clarifying MVP scope and adding two new protocol sections to the design spec. It introduces §1.4 (explicit M3 MVP definition with deferred-feature list), §1.5 (progressive-disclosure config philosophy), §6.7 (pluggable ShutdownStrategy with cooperative + 30 s timeout as the M3 default), and §6.8 (pluggable WorkspaceIsolationStrategy with planner + git worktrees as the M4+ default). Twelve inline MVP callout boxes are scattered across §5–§12 and three new rows are appended to the §15.5 Engineering Conventions table.

Key changes and observations:

• The FAILED terminal/non-terminal contradiction flagged by a previous reviewer is correctly resolved — §6.6 now reads "New non-terminal state" and explicitly contrasts FAILED (reassignable) with CANCELLED (terminal).
• §1.4 "approval workflows (M7)" contradicts §12.4's MVP marker — basic wait-and-resume approval plumbing is tagged as M3 in §12.4, while §1.4 defers all "approval workflows" to M7; needs clarification (see inline comment).
• §7.4 heading hierarchy — the new #### Research Directions (M5+) header sits at the same level as Backend 2 and Backend 3, making them document siblings rather than children; promoting it to ### would correctly nest the backends beneath it.

Confidence Score: 4/5

• Safe to merge — documentation-only changes with no code impact; two minor inconsistencies are easy to address.
• All changes are confined to DESIGN_SPEC.md with no code or configuration side-effects. The FAILED state contradiction from prior review is correctly resolved. Two remaining issues (§1.4 milestone label for approval workflows contradicting §12.4's MVP callout, and §7.4 heading level) are low-severity documentation clarity problems that won't block implementation but should be fixed to prevent implementor confusion about M3 scope.
• DESIGN_SPEC.md — specifically line 78 (approval workflows milestone) and line 1125 (Research Directions heading level).

Important Files Changed

Filename

Overview

DESIGN_SPEC.md

Comprehensive documentation update adding §1.4 MVP Definition, §1.5 Config Philosophy, §6.7 Graceful Shutdown, §6.8 Workspace Isolation, 12 inline MVP markers, and §15.5 Engineering Convention rows. Two issues found: §1.4 defers "approval workflows" to M7 while §12.4's new MVP marker puts basic approval-waiting in M3 (contradiction); §7.4 "Research Directions" header sits at the same #### level as the backend entries it introduces, breaking the intended hierarchy.

Sequence Diagram

sequenceDiagram
    participant OS as OS Signal
    participant Engine as TaskEngine
    participant Agent as In-flight Agent(s)
    participant Storage as Storage / Connections

    OS->>Engine: SIGTERM / SIGINT
    Engine->>Engine: Set shutdown_event (asyncio.Event)
    Engine->>Engine: Close drain gate — stop accepting new tasks
    Note over Agent: Checks shutdown_event at turn boundaries
    Agent-->>Engine: Exit cooperatively (within grace_seconds)

    alt All agents exit within grace_seconds (30s)
        Agent->>Engine: Cooperative exit
    else grace_seconds exceeded
        Engine->>Agent: task.cancel()
        Agent-->>Engine: Task → INTERRUPTED
    end

    Engine->>Storage: Persist cost records
    Engine->>Storage: Close provider connections
    Engine->>Storage: Flush logs
    Note over Engine,Storage: cleanup_seconds (5s) then process exits

Loading

_{Last reviewed commit: 072a6f2}

[coderabbitai]

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@DESIGN_SPEC.md`:
- Around line 971-974: Remove the blank line between the two consecutive
blockquote lines so they remain a single blockquote; locate the paragraph
containing the `INTERRUPTED` TaskStatus note and the Windows compatibility note
referencing `loop.add_signal_handler()` and `signal.signal()` and merge them
into one continuous blockquote (or convert both to normal paragraphs) so MD028
is not triggered.
- Around line 1369-1375: The fenced YAML examples in the "Minimal config"
blockquote are flush with surrounding text and must be padded with blank quoted
lines: insert a standalone quoted blank line (a line containing just ">")
immediately before the opening ```yaml fence and another immediately after the
closing ``` fence in the "Minimal config" callout (the block containing the
"budget: total_monthly: 100.00" example), and do the same for the second
occurrence mentioned (the callout around lines 1712-1718) so both fenced blocks
have a blank `>` line above and below them.
- Around line 1125-1129: The current "Research Directions (M5+)" and "Backend 2:
GraphRAG Knowledge Graph (Research)" headings conflict with the later
extensibility note by calling Backends 2–3 “not planned implementations”; update
the wording under the "Research Directions (M5+)" section (and any Backend 2/3
subheadings) to match the later phrase "planned extensions" (or otherwise
normalize to the approved terminology used in the extensibility note) so the
intent for OrgMemoryBackend (the protocol) and future backend work is consistent
across the document.
- Around line 946-976: The Task lifecycle docs must reflect the new INTERRUPTED
state: add INTERRUPTED as a first-class recoverable TaskStatus in the canonical
status list/enum (TaskStatus) and update all references/diagrams in the
lifecycle/state model (sections §6.1 and §6.6) to include INTERRUPTED on the
non-happy path (distinct from FAILED and CANCELLED), adjust the state
transitions to show that shutdown leads to INTERRUPTED (and that INTERRUPTED is
eligible for reassignment on restart), and either remove the “defer
enum/lifecycle updates” note or mark those sections explicitly as
“proposed-only” so there is a single source of truth for M3 task-state
semantics.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 709fdccc-cee0-483d-94b9-86e72a121c62

📥 Commits

Reviewing files that changed from the base of the PR and between 5c11595 and e0b50d8.

📒 Files selected for processing (1)

• DESIGN_SPEC.md

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Agent
• GitHub Check: Greptile Review

🧰 Additional context used

🧠 Learnings (4)

📓 Common learnings

Learnt from: CR
Repo: Aureliolo/ai-company PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-06T11:57:38.189Z
Learning: Use `/aurelio-review-pr` to handle external reviewer feedback on created PRs

Learnt from: CR
Repo: Aureliolo/ai-company PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-06T11:57:38.189Z
Learning: Update DESIGN_SPEC.md to reflect approved deviations from the original specification

Learnt from: CR
Repo: Aureliolo/ai-company PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-06T11:57:38.189Z
Learning: Always read DESIGN_SPEC.md before implementing any feature or planning any issue — it is the mandatory starting point for architecture, data models, and behavior

📚 Learning: 2026-03-06T11:57:38.189Z

Learnt from: CR
Repo: Aureliolo/ai-company PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-06T11:57:38.189Z
Learning: Update DESIGN_SPEC.md to reflect approved deviations from the original specification

Applied to files:

• DESIGN_SPEC.md

📚 Learning: 2026-03-06T11:57:38.189Z

Learnt from: CR
Repo: Aureliolo/ai-company PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-06T11:57:38.189Z
Learning: Always read DESIGN_SPEC.md before implementing any feature or planning any issue — it is the mandatory starting point for architecture, data models, and behavior

Applied to files:

• DESIGN_SPEC.md

📚 Learning: 2026-01-26T08:59:32.818Z

Learnt from: CR
Repo: Aureliolo/story-factory PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2026-01-26T08:59:32.818Z
Learning: Applies to README.md : Update README.md for significant feature changes

Applied to files:

• DESIGN_SPEC.md

🪛 markdownlint-cli2 (0.21.0)

DESIGN_SPEC.md

[warning] 972-972: Blank line inside blockquote

(MD028, no-blanks-blockquote)

---

[warning] 974-974: Blank line inside blockquote

(MD028, no-blanks-blockquote)

---

[warning] 1370-1370: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

[warning] 1373-1373: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

[warning] 1713-1713: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

[warning] 1716-1716: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Reflect INTERRUPTED in the canonical task lifecycle/state model.

§6.7 makes INTERRUPTED a first-class recoverable status, but §6.1 still shows only BLOCKED / CANCELLED on the non-happy path and §6.6 still defers enum/lifecycle updates to “when implemented.” That leaves two sources of truth for M3 task-state semantics. Please update the lifecycle/status definitions now, or explicitly mark this section as proposed-only.

Based on learnings: Update DESIGN_SPEC.md to reflect approved deviations from the original specification.

🧰 Tools

🪛 markdownlint-cli2 (0.21.0)

[warning] 972-972: Blank line inside blockquote

(MD028, no-blanks-blockquote)

---

[warning] 974-974: Blank line inside blockquote

(MD028, no-blanks-blockquote)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@DESIGN_SPEC.md` around lines 946 - 976, The Task lifecycle docs must reflect
the new INTERRUPTED state: add INTERRUPTED as a first-class recoverable
TaskStatus in the canonical status list/enum (TaskStatus) and update all
references/diagrams in the lifecycle/state model (sections §6.1 and §6.6) to
include INTERRUPTED on the non-happy path (distinct from FAILED and CANCELLED),
adjust the state transitions to show that shutdown leads to INTERRUPTED (and
that INTERRUPTED is eligible for reassignment on restart), and either remove the
“defer enum/lifecycle updates” note or mark those sections explicitly as
“proposed-only” so there is a single source of truth for M3 task-state
semantics.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Remove the blank lines inside this blockquote callout.

Lines 972 and 974 trigger MD028, and several renderers will split these notes into separate quote blocks. Keep the consecutive notes in one blockquote or convert them into normal paragraphs.

🧰 Tools

🪛 markdownlint-cli2 (0.21.0)

[warning] 972-972: Blank line inside blockquote

(MD028, no-blanks-blockquote)

---

[warning] 974-974: Blank line inside blockquote

(MD028, no-blanks-blockquote)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@DESIGN_SPEC.md` around lines 971 - 974, Remove the blank line between the two
consecutive blockquote lines so they remain a single blockquote; locate the
paragraph containing the `INTERRUPTED` TaskStatus note and the Windows
compatibility note referencing `loop.add_signal_handler()` and `signal.signal()`
and merge them into one continuous blockquote (or convert both to normal
paragraphs) so MD028 is not triggered.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Align the “research directions” wording with the later backend note.

This new heading says Backends 2–3 are “not planned implementations,” but the later extensibility note in the same section still describes them as “planned extensions.” That changes the roadmap meaning materially, so the terminology should be normalized here.

Based on learnings: Update DESIGN_SPEC.md to reflect approved deviations from the original specification.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@DESIGN_SPEC.md` around lines 1125 - 1129, The current "Research Directions
(M5+)" and "Backend 2: GraphRAG Knowledge Graph (Research)" headings conflict
with the later extensibility note by calling Backends 2–3 “not planned
implementations”; update the wording under the "Research Directions (M5+)"
section (and any Backend 2/3 subheadings) to match the later phrase "planned
extensions" (or otherwise normalize to the approved terminology used in the
extensibility note) so the intent for OrgMemoryBackend (the protocol) and future
backend work is consistent across the document.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Add blank quoted lines around these fenced YAML examples.

Both minimal-config callouts trip MD031 because the fenced blocks are flush with the surrounding blockquote text. Please pad each fence with blank > lines so they render consistently across markdown viewers.

Also applies to: 1712-1718

🧰 Tools

🪛 markdownlint-cli2 (0.21.0)

[warning] 1370-1370: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

[warning] 1373-1373: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@DESIGN_SPEC.md` around lines 1369 - 1375, The fenced YAML examples in the
"Minimal config" blockquote are flush with surrounding text and must be padded
with blank quoted lines: insert a standalone quoted blank line (a line
containing just ">") immediately before the opening ```yaml fence and another
immediately after the closing ``` fence in the "Minimal config" callout (the
block containing the "budget: total_monthly: 100.00" example), and do the same
for the second occurrence mentioned (the callout around lines 1712-1718) so both
fenced blocks have a blank `>` line above and below them.

[Copilot]

Pull request overview

Updates DESIGN_SPEC.md to incorporate external review feedback by clarifying MVP (M3) scope, introducing new protocol-based designs (graceful shutdown + workspace isolation), and tightening several “future vs now” boundaries across the spec.

Changes:

• Adds explicit M3 MVP definition and configuration philosophy (incl. minimal config examples).
• Introduces new protocol sections for graceful shutdown (ShutdownStrategy) and concurrent workspace isolation (WorkspaceIsolationStrategy), with MVP callouts.
• Reframes org-memory backends 2–3 as “research directions” and expands engineering conventions to include new coordination/isolation/shutdown rows.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

INTERRUPTED is described as a new TaskStatus variant, but the current TaskStatus enum in code (src/ai_company/core/enums.py) only includes CREATED/ASSIGNED/IN_PROGRESS/IN_REVIEW/COMPLETED/BLOCKED/CANCELLED (and the spec already calls out that FAILED will be added later). To keep the spec consistent with the repo’s current state, consider adding the same kind of “will be added when implemented” note here (and/or referencing the transition map that will need updating) rather than stating it as an already-existing variant.

Suggested change

	> **New non-terminal status:** `INTERRUPTED` is a new `TaskStatus` variant. Unlike `FAILED` (eligible for automatic reassignment) or `CANCELLED` (terminal), `INTERRUPTED` indicates the task was stopped due to process shutdown and is eligible for manual or automatic reassignment on restart.
	> **Planned non-terminal status:** `INTERRUPTED` will be introduced as a new `TaskStatus` variant once implemented in code (and the task status transition map is updated). Unlike `FAILED` (eligible for automatic reassignment) or `CANCELLED` (terminal), `INTERRUPTED` will indicate the task was stopped due to process shutdown and is eligible for manual or automatic reassignment on restart.

[Copilot]

This introduces an unnumbered level-3 heading (### Research Directions (M5+)) inside the numbered §7.4 area, which breaks the otherwise consistent “### 7.x …” structure and also makes the Table of Contents note (“7.4 … (Research Directions)”) a bit misleading since Research Directions is now a sibling section rather than clearly part of 7.4. Consider making this a #### subsection under 7.4, or renumbering it to ### 7.5 … if it’s meant to be a peer section.

Suggested change

	### Research Directions (M5+)
	#### Research Directions (M5+)

[Copilot]

This section says Backends 2–3 are “not planned implementations”, but later in the same §7.4 area the spec describes them as “planned extensions.” Please align the wording so it’s unambiguous whether GraphRAG/Temporal KG are only research ideas or actual roadmap items.

[Copilot]

The “Minimal config” callout suggests users can configure autonomy.level: "semi", but the current validated YAML schema uses config.autonomy as a float (0.0–1.0) in RootConfig/CompanyConfig (see src/ai_company/config/schema.py + src/ai_company/core/company.py) and does not define an autonomy: object with presets. Either mark this autonomy-preset structure as future/planned (separate from today’s config), or update the minimal example to match the current config shape.

Suggested change

	> **Minimal config:**
	> ```yaml
	> autonomy:
	> level: "semi"
	> ```
	> All presets below are built-in. Most users only set the level.
	> **Planned minimal config (future, not yet implemented):**
	> ```yaml
	> autonomy:
	> level: "semi"
	> ```
	> This `autonomy.level` + presets structure is a design target for a future config schema.
	>
	> **Current implementation (v0.x) uses a numeric flag:**
	> ```yaml
	> config:
	> autonomy: 0.5 # float between 0.0 (no autonomy) and 1.0 (full autonomy)
	> ```

[Copilot]

The “Minimal custom company” YAML snippet doesn’t match any current config shape in the repo: built-in templates are defined under a top-level template: key (with template.company.type, template.company.budget_monthly, etc.), while validated runtime config uses company_name/company_type plus config.budget_monthly (see src/ai_company/config/schema.py). Please either (a) update the snippet to a real, loadable template/config example consistent with the existing schemas, or (b) explicitly label it as a conceptual/future higher-level config format so readers don’t try to use it as-is.

Suggested change

	**Minimal custom company** (all other settings use defaults):
	```yaml
	company:
	name: "Acme Corp"
	template: "startup"
	**Minimal custom company (runtime config example)** (all other settings use defaults):
	```yaml
	company_name: "Acme Corp"
	company_type: "startup"
	config:

[greptile-apps]

§1.4 "approval workflows (M7)" contradicts §12.4 MVP marker

Line 78 places "approval workflows" in the M7 deferred bucket, but §12.4 (line 1766) adds:

MVP: Wait Forever only (Policy 1). Other timeout policies are M5+.

This means the human-approval waiting mechanism (parking a task, receiving approval, resuming) is explicitly planned for M3 — not M7. A reader parsing §1.4 will conclude that no approval integration exists until M7, then reach §12.4 and find a contradicting MVP callout. This is especially likely to confuse implementors scoping M3 work.

The §1.4 entry most likely intends to defer the Security ops agent and the full approval workflow UI / escalation policies, while the basic "wait for human, resume on approval" plumbing ships in M3. Splitting the entry or adjusting the milestone annotation would remove the ambiguity:

Suggested change

	- Security ops agent, approval workflows (M7)
	- Security ops agent (M7)
	- Approval workflows: full timeout/escalation policies (M5+); basic wait-and-resume ships in M3 (§12.4 Policy 1)

Prompt To Fix With AI

This is a comment left during a code review.
Path: DESIGN_SPEC.md
Line: 78

Comment:
**§1.4 "approval workflows (M7)" contradicts §12.4 MVP marker**

Line 78 places "approval workflows" in the M7 deferred bucket, but §12.4 (line 1766) adds:

> **MVP: Wait Forever only (Policy 1).** Other timeout policies are M5+.

This means the human-approval waiting mechanism (parking a task, receiving approval, resuming) is explicitly planned for M3 — not M7. A reader parsing §1.4 will conclude that no approval integration exists until M7, then reach §12.4 and find a contradicting MVP callout. This is especially likely to confuse implementors scoping M3 work.

The §1.4 entry most likely intends to defer the **Security ops agent** and the full **approval workflow UI / escalation policies**, while the basic "wait for human, resume on approval" plumbing ships in M3. Splitting the entry or adjusting the milestone annotation would remove the ambiguity:

```suggestion
- Security ops agent (M7)
- Approval workflows: full timeout/escalation policies (M5+); basic wait-and-resume ships in M3 (§12.4 Policy 1)
```

How can I resolve this? If you propose a fix, please make it concise.

[greptile-apps]

Heading hierarchy makes "Research Directions" a sibling of the backends it introduces

#### Research Directions (M5+) is at the same #### level as #### Backend 2: and #### Backend 3:. In Markdown's heading hierarchy these are document siblings, not a parent containing the two backends. A reader navigating via rendered headings or a document outline sees all three at equal depth, which undermines the intent of "Research Directions" as a label/container for the subsequent entries.

Consider promoting the container to ### so that Backends 2 and 3 sit under it as #### children:

Suggested change

	#### Research Directions (M5+)
	The following backends illustrate why `OrgMemoryBackend` is a protocol — the architecture supports future upgrades without modifying existing code. These are **not planned implementations**; they are research directions that may inform future work if/when organizational memory needs outgrow the Hybrid Prompt + Retrieval approach.
	#### Backend 2: GraphRAG Knowledge Graph (Research)
	### Research Directions (M5+)
	The following backends illustrate why `OrgMemoryBackend` is a protocol — the architecture supports future upgrades without modifying existing code. These are **not planned implementations**; they are research directions that may inform future work if/when organizational memory needs outgrow the Hybrid Prompt + Retrieval approach.
	#### Backend 2: GraphRAG Knowledge Graph (Research)

Prompt To Fix With AI

This is a comment left during a code review.
Path: DESIGN_SPEC.md
Line: 1125-1129

Comment:
**Heading hierarchy makes "Research Directions" a sibling of the backends it introduces**

`#### Research Directions (M5+)` is at the same `####` level as `#### Backend 2:` and `#### Backend 3:`. In Markdown's heading hierarchy these are document *siblings*, not a parent containing the two backends. A reader navigating via rendered headings or a document outline sees all three at equal depth, which undermines the intent of "Research Directions" as a label/container for the subsequent entries.

Consider promoting the container to `###` so that Backends 2 and 3 sit under it as `####` children:

```suggestion
### Research Directions (M5+)

The following backends illustrate why `OrgMemoryBackend` is a protocol — the architecture supports future upgrades without modifying existing code. These are **not planned implementations**; they are research directions that may inform future work if/when organizational memory needs outgrow the Hybrid Prompt + Retrieval approach.

#### Backend 2: GraphRAG Knowledge Graph (Research)
```

How can I resolve this? If you propose a fix, please make it concise.