Driver
During a 2026-05-27 session, the agent committed changes directly to branches without tickets or PRs:
- Palette change in apexyard-admin committed without a ticket (the handover bootstrap exemption was incorrectly treated as a blanket pass for the entire session)
- Admin repo created and pushed to GitHub with a direct commit to main (no PR, no review)
- Handover assessment committed to the portfolio repo branch without a separate PR for the handover output
Root cause: the /handover skill's bootstrap exemption for require-active-ticket.sh was mentally extended to cover ALL work in the session, including unrelated requests (palette change). The agent also conflated "repo doesn't exist yet" with "no process needed."
Scope
Two fixes:
-
Clarify bootstrap exemption scope in the skill doc — Add explicit language to /handover SKILL.md that the bootstrap exemption covers ONLY the handover writes (registry, assessment, architecture stub, topology). Any other user request during the session (palette changes, feature work, etc.) must go through the normal SDLC flow: ticket → branch → PR → review.
-
Advisory hook: warn-bootstrap-scope.sh — When active-bootstrap marker is set AND a commit message doesn't reference the bootstrap skill's expected outputs, emit a warning: "Bootstrap exemption is active but this commit doesn't look like bootstrap output. Did you mean to /start-ticket first?" Advisory, not blocking.
Acceptance Criteria
Incident: 2026-05-27 session — palette change + admin repo push without tickets/PRs.
Driver
During a 2026-05-27 session, the agent committed changes directly to branches without tickets or PRs:
Root cause: the
/handoverskill's bootstrap exemption forrequire-active-ticket.shwas mentally extended to cover ALL work in the session, including unrelated requests (palette change). The agent also conflated "repo doesn't exist yet" with "no process needed."Scope
Two fixes:
Clarify bootstrap exemption scope in the skill doc — Add explicit language to
/handoverSKILL.md that the bootstrap exemption covers ONLY the handover writes (registry, assessment, architecture stub, topology). Any other user request during the session (palette changes, feature work, etc.) must go through the normal SDLC flow: ticket → branch → PR → review.Advisory hook:
warn-bootstrap-scope.sh— Whenactive-bootstrapmarker is set AND a commit message doesn't reference the bootstrap skill's expected outputs, emit a warning: "Bootstrap exemption is active but this commit doesn't look like bootstrap output. Did you mean to /start-ticket first?" Advisory, not blocking.Acceptance Criteria
/handoverSKILL.md has explicit "bootstrap scope" section listing exactly which writes are exemptIncident: 2026-05-27 session — palette change + admin repo push without tickets/PRs.