π fix(bro): tighten activation routine + Direct Mode protocol; fix TaskβAgent scorer mismatch#139
Merged
Merged
Conversation
β¦skβAgent scorer mismatch
Three bugs surfaced by L6 dogfood on rc.3 (run #24969960425):
## Bug 1 β Bro skips first-action chain on greetings
`@bro hi` produced no `identity_get` / `issue_resume` MCP calls in
the trajectory, contradicting the documented routine. CLAUDE.md said
'every triggered message, no shortcuts' but the imperative was in the
section header β bro skimmed the body.
Fix: rewrote the section as **MANDATORY on every triggered message**,
moved the no-shortcuts rule into the body, called out greetings
explicitly (`@bro hi`, `@bro yo`, `@bro thanks`, `@bro cool`),
quantified the cost (~50ms total), and made the consequence concrete
('silently breaks the audit trail and the welcome-banner contract').
## Bug 2 β Direct Mode never wrote direct_mode_used ledger event
D-direct-mode trajectory showed Edit + Bash (correct) but no
ledger_log call. The `tmb_direct-mode` skill listed all three steps
but bro stopped after step 2.
Fix: rewrote 'Protocol' as 'ALL THREE STEPS ARE MANDATORY' with the
audit-trail rationale up-front and explicit 'NEVER SKIP THIS' on
step 3. Added a closing reminder that the ledger_log is non-negotiable.
## Bug 3 β Task vs Agent naming mismatch in trajectory scorers
The CC tool call `Task(subagent_type=...)` is captured by the
PostToolUse hook as 'Agent', not 'Task'. Two scorer configs had
the wrong expectation:
- `02-simple-task/tools-required.json`: 'Task' β 'Agent' (false positive)
- `D-direct-mode/tools-forbidden.json`: 'Task' β 'Agent' (false negative β would let bro spawn SWE inside Direct Mode without flagging it)
## Why these are doctrine-compliance bugs, not framework bugs
Bro is the LLM. CLAUDE.md and skill prompts are the only enforcement.
Bug 1 + 2 are stronger imperative rewrites; bug 3 is the test catching
real reality. The L6 `trajectory_required` scorer is the regression
guard if any of these slip back.
This was referenced Apr 27, 2026
ZaxShen
added a commit
that referenced
this pull request
May 20, 2026
All three ratified items from #139's roundtable on potential users: - 'Who is TMB for?' section near top of README. Solo / small-team senior engineers running CC on real production code. No anti-persona block (per Human resolution: gate-friction filters wrong-fit users). - GitHub Sponsors plumbing: .github/FUNDING.yml + 'Support TMB' block near bottom of README linking to github.com/sponsors/trustmybot. - Defer-enterprise policy line: enterprise features (SSO, RBAC, SOC2, audit export) deferred until β₯3 unsolicited paying inquiries. Stops feature-creep toward enterprise polish before maintainer is funded for it. Closes #140.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Three bugs surfaced by L6 dogfood on rc.3 (run #24969960425):
Bug 1 β Bro skips first-action chain on greetings
@bro hiproduced noidentity_get/issue_resumeMCP calls in the trajectory, contradicting the documented routine. CLAUDE.md said 'every triggered message, no shortcuts' but the imperative was in the section header β bro skimmed the body.Fix: rewrote the section as MANDATORY on every triggered message, moved the no-shortcuts rule into the body, called out greetings explicitly (
@bro hi,@bro yo,@bro thanks,@bro cool), quantified the cost (~50ms total), and made the consequence concrete ('silently breaks the audit trail and the welcome-banner contract').Bug 2 β Direct Mode never wrote direct_mode_used ledger event
D-direct-mode trajectory showed Edit + Bash (correct) but no
ledger_logcall. Thetmb_direct-modeskill listed all three steps but bro stopped after step 2.Fix: rewrote 'Protocol' as ALL THREE STEPS ARE MANDATORY with the audit-trail rationale up-front and explicit 'NEVER SKIP THIS' on step 3. Added a closing reminder that the ledger_log is non-negotiable.
Bug 3 β Task vs Agent naming mismatch
CC's tool call
Task(subagent_type=...)is captured by the PostToolUse hook as 'Agent', not 'Task'. Two scorer configs had the wrong expectation:02-simple-task/tools-required.json: 'Task' β 'Agent' (was false positive)D-direct-mode/tools-forbidden.json: 'Task' β 'Agent' (was false negative β would have let bro spawn SWE inside Direct Mode without flagging it)Why these are doctrine-compliance bugs
Bro is the LLM. CLAUDE.md and skill prompts are the only enforcement. Bugs 1 + 2 are stronger imperative rewrites; bug 3 is fixing the test to match reality. The L6
trajectory_requiredscorer is the regression guard if any of these slip back.Next
After merge β PR B (rename L6 β L5) β cut rc.4 β re-run Release canary + L5 dogfood.