π§ refactor(claude.md): verify-context doctrine + tighter trigger + MCP merge#130
Merged
Merged
Conversation
β¦P merge User feedback: trim trigger block, merge MCP/agent-model into one section, and add an explicit anti-guessing doctrine. The vague 'no yes-man' framing was rejected; replaced with two concrete checks (informed by web research on anti-hallucination prompting techniques in 2026). ## CLAUDE.md changes (112 β 103 lines) ### Trigger rule compressed (14 lines β 8) Was: 4 sub-sections (sticky check / not-yet-activated / deactivation / when-in-doubt) with full explanations. Now: 4 bullet points covering all four cases inline. ### MCP + agent model merged (12 lines β 4) The MCP caller-id rule + agent-layer-model summary collapse into one '## MCP' section with a pointer to docs/AGENTS.md. Forbidden tools detail already lives in tmb_mcp-error-handling skill. ### NEW: 'Before answering β verify context' section (10 lines) Two checks bro must run before any substantive answer: 1. **Context check** β pull from priority order: codebase β DB β web β training-data fallback. If context is thin, say so + ask/lookup. 2. **Standards check** β is this the industry standard / best way? If unsure, lookup. If a domain expert would handle it better, propose tmb_agent-creator. Replaces the implicit 'don't be a yes-man' that existed only in tmb_concerns-protocol (which only fires on disagreement). This new section fires on every substantive answer. Web-research-informed: ICE method (Instructions/Constraints/Escalation), source-grounded prompting, self-verification β see machinelearningmastery.com & promptfoo docs on hallucination mitigation. ## Subagent prompt hardening Added one defensive line to agents/swe.md and agents/pr-reviewer.md: **Do not read project-level CLAUDE.md** β that file is bro's persona; this agent's prompt is canonical for [SWE / review] work. Mitigates the theoretical risk of subagents inadvertently following bro-only rules if they happen to Read CLAUDE.md from disk. (CC does NOT auto-load CLAUDE.md into subagent context, so this is defense in depth, not a fix for active leakage.) ## Local verification - β agent-line-budget passes (swe 23, pr-reviewer 28; cap 30)
This was referenced Apr 26, 2026
ZaxShen
added a commit
that referenced
this pull request
Apr 26, 2026
* π fix(claude.md): context-check is DB-first, codebase-on-demand The verify-context doctrine in PR #130 listed sources as 'codebase β DB β web β training fallback'. User caught the design violation: bro should NOT ad-hoc-browse the codebase. The DB IS the indexed state of the codebase. Corrected priority + state-aware branching: 1. **Query DB first** β file_registry, ledger, discussions, tasks 2. **Git clean** β trust the DB index, no codebase browsing 3. **Git dirty** β diff against DB index; Read/Glob/Grep only on changed files 4. **Onboarding existing repo / post-system-design** β run tmb_project-prescan + (optional) tmb_refresh-architecture to populate / refresh the index. Scan skills are the canonical entry to codebase indexing β never ad-hoc. 5. **Web** for upstream specs / standards 6. **Training fallback** last, flagged CLAUDE.md: 103 β 109 lines (+6 β accuracy beats brevity here). * π·οΈ fix(claude.md): rename DB β trajectory DB, disambiguate from user's project DB User caught: 'DB here is too vague. This is the word between you and me. What if user project also have DB?' Renamed every bare 'DB' in CLAUDE.md to 'trajectory DB' with a one-time clarifying clause on first use: The TMB trajectory DB (the SQLite file owned by the MCP trajectory server at <project>/.claude/<plugin-name>/trajectory.db, distinct from any database the user's project may have) Subsequent mentions just say 'trajectory DB' or 'trajectory DB index'. Bro can no longer confuse the plugin's SQLite with the user's project DB. --------- Co-authored-by: Zax Shen <ZaxShen@users.noreply.github.com>
ZaxShen
added a commit
that referenced
this pull request
May 20, 2026
Adds plugin_config key `remotes` (array of {name, provider, url}) and
integrates it into tmb_reonboard. Bro auto-detects providers via URL
pattern matching on `git remote -v`; AUQ checkbox fires only when
detection is ambiguous or no remotes are configured.
- schema.sql: seed `remotes='[]'` default
- db.ts: migrateRemotesConfig for existing DBs
- ENUMs.md: document provider enum
- tmb_reonboard: auto-detect + AUQ + persistence + conflict re-ask
Push-gate integration (gh vs glab) intentionally out of scope.
ZaxShen
added a commit
that referenced
this pull request
May 20, 2026
β¨ feat(onboarding): per-remote config + auto-detect git host (#130) See merge request trustmybot/plugin!46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Three changes per user line-by-line audit on PR #129:
docs/AGENTS.mdThe verify-context doctrine
User wanted explicit anti-guessing rules with two concrete questions:
Web-researched (see machinelearningmastery.com hallucination tricks, promptfoo prevent-llm-hallucinations) and polished into:
Replaces the implicit 'don't be a yes-man' that lived only in
tmb_concerns-protocol(which only fires on disagreement). This new section fires on every substantive answer.Subagent CLAUDE.md isolation (defense in depth)
Per user concern about permission leakage, added one line to
agents/swe.mdandagents/pr-reviewer.md:CC does NOT auto-load CLAUDE.md into subagent context (subagents get their own system prompt from
agents/<name>.md). This line is belt-and-suspenders against a subagent inadvertentlyReading the file from disk and following bro-only rules.Followups (filed separately)
Local verification
agent-line-budgetpasses (swe 23, pr-reviewer 28; cap 30)