Agents
FJX defines a small set of named roles. Each is a separate Forgejo account, with its own phase prompts, its own work ledger on every issue it touches, and its own narrow set of authorities.
- Project Manager (
agent-pm) — curator, librarian, command-interpreter. Off the critical path; removing PM degrades to manual mode without breaking the workflow. - Developer (
agent-dev) — the worker. Claims issues, runs phase prompts (simple,investigate,propose,apply), opens PRs, maintains its ledger. - QA (
agent-qa) — the deliberately-misaligned second pair of eyes. Reads the Actions output, finds the gaps the harness can't catch, returns pass / concerns / fail. - Builder (
agent-build) — planned. Release manager. See below.
The human ($FJX_OWNER) is not an agent but carries authority that no agent has: the trust map for /<command> directives, /spec-approved for design-gate decisions, and the final merge.
For the broader framing — how these roles map onto the five leadership "chairs" — see Roles & Chairs.
Builder (agent-build) — planned
agent-build is the release manager role. It does not exist yet. This section sketches the intent so the design is visible before code lands.
The job
Owning the release path: tagging, building artifacts, publishing to registries, drafting release notes, gating prod deploys. Today these steps are handled by Actions on main plus human attention; agent-build would consolidate them under a named owner with its own work ledger and its own narrow set of authorities.
The chair it picks up
Build maps onto the operator chair from Roles & Chairs — documented triggers rather than nervous-system vigilance. The four canonical trigger categories all land on build's surface:
- Cost — dollar threshold per release (CI minutes, registry storage, deploy compute).
- Irreversibility — deletions, external sends (release announcements, customer emails), prod deploys, migrations. Always escalate.
- Confidence — build's self-rated confidence on a tagged version. Below threshold, escalate.
- Drift — release notes vs the actual change set. Did the release ship more than the changelog claims?
Why it isn't shipped yet
The platform-lead chair (blast-radius permissioning) is thinner than the operator chair, and agent-build is the role where that gap hurts most. Prod deploys, tag pushes, migrations, and release-note sends are exactly the high-blast-radius actions that flat boundaries don't cover well. Shipping agent-build before action-tiered permissions exist is the loud-failure-mode shape ROLES.md warns about.
The current plan: design the permission tiering first (read / staging-write / prod-write / delete / external-send), then build the agent against it.