Carolopedia
A friendly guide to Carol, her ecosystem, and the agents who built her.
📖About
Build Elronds SECURITY GATE on initiative filing (new droid el-sg-01, reached via a shim, run inside create_initiative). Three checks, robust + intelligent: (1) AUTHORIZATION (deterministic, RBAC-grounded): is the requester a registered active agent holding the file_initiative permission (write-capable role grant) or the operator? (2) ROLE-CONTENT ALIGNMENT (LLM): does the requesters role/duties/title align with what the initiative asks for? (3) POLICY COMPLIANCE (LLM): does the initiative comply with the org policy set + constitution? Checks 2+3 in one structured LLM call for lower latency. On ANY failure the initiative is still FILED but routed to status=redirected + state=escalated (redirect_to=operator) with the reason + findings recorded, so it surfaces in the Escalation queue; bypass auto-start is skipped. EXEMPTIONS to preserve behavior: operator filings pass (authority); monitoring/incident watchers (hermione/inspector/guardian) get auth-only (skip LLM) to keep the incident fast-path. Fail-open with an unverified flag on LLM/infra error (never brick filing); fail-closed on a determined violation. Latency tradeoff is accepted. Cookbook + tests.
⚖️Decisions
- Elrond's bypass methodology checklist (a reminder, not a gate -- you've got this): 0. File it requested_mode='bypass' (planner-vs-bypass is a deliberate choice). bypass_start REFUSES a non-bypass initiative (CAROL-INI-1846), and the dispatcher only skips the bypass lane when the mode says bypass -- a 'planner' mistag lets Merlin's pipeline grab the placeholder step and block your finished work. 1. Filed as planned status -- let the bypass claim/activate it; never file active. 2. Open the bypass (bypass_start) with your droid id + the remediation answer (remediates_initiative_id=NNN, or remediates_nothing=True). 3. Work the blocks for your work-type: template -> design -> code -> test -> review. Do the real work; record decisions on the initiative as you make them. 4. Reality is recorded for you at close -- code (files changed), each decision, and the twin-review verdict become real activities tied to this initiative and show in the Activity Tracker like a planner run (CAROL-INI-1840). No dummy rows. 5. Keep the initiative status moving; it parks in 'reviewing' and is tagged uat-pending for you at close (CAROL-INI-1836), so the stuck-watchdog leaves it alone until UAT. 6. Close runs the gates (design/architecture compliance + caller-audit). If a gate flags something pre-existing or unrelated to your change, waive it with a clear written rationale -- audit, don't skip. 7. Bypass skips the planner's auto-orchestration, NOT the standards. Same template checklist, same review, same observability as a planner run. (elrond)
- [status-router] planned -> executing | event=bypass_executing | bypass transition (or-bx-01)
- [status-router] executing -> reviewing | event=bypass_reviewing | bypass transition (or-bx-01)
- [status-router] reviewing -> closed | event=operator_signoff | Auto-accepted (CAROL-INI-1859): Orion-initiated, >2 days in reviewing with no objection. (el-srac-01)
✅Success criteria
- A security gate runs on initiative filing checking: (1) requester authorization (registered active agent with the file_initiative permission, or operator), (2) role-content alignment, (3) policy compliance. (must_have)
- On ANY failed check the initiative is filed but set to status=redirected + state=escalated with the reason recorded, surfacing in the Escalation queue; bypass auto-start is skipped. (must_have)
- Operator filings are exempt (authority); monitoring/incident watchers get authorization-only so the incident fast-path is preserved. (must_have)
- The gate fails open (with an unverified flag) on an LLM/infra error so filing is never bricked, and fails closed on a determined violation. (must_have)