canon: rename audit-gate constraint vendor-neutral + add substrate options method#184
Merged
Conversation
…tions method - Renames klappy://canon/constraints/audit-gates-are-managed-agents to klappy://canon/constraints/audit-gates-are-spawned-agent-sessions. Body updated to abstract over substrate (Managed Agents, CF Sandboxes with Claude Code or OpenCode harness, future entrants). Vendor name no longer appears in URI or core framing. - Adds klappy://canon/methods/spawned-agent-session-substrate-options cataloguing current substrate options with cost shapes, billing dimensions, vendor lock surfaces, and the mixing-tools strategy (Anthropic model + Claude Code harness on CF Sandbox + Max-plan auth). Rename treated as delayed review (in-place), not supersession with old URI preserved. Cross-references in writings/journal/ledger left as historical record per scope discipline. Authority: operator-approved canon edit, 2026-05-09.
Canon Quality —
|
Inserts a new third-party bundled substrate section between Self-Hosted and Things That Do Not Vary by Substrate, citing Cursor Bugbot as commercial precedent for the spawned-agent-session-for-PR-review pattern. Frames Bugbot as prior art for the substrate primitive but explicitly not for Vodka-Architecture governance, because canon-at-runtime is broken: review rules live in Cursor's dashboard rather than a versioned external knowledge base the operator owns. Documents the May 2026 cost shape: - Bugbot Pro: $40/mo, 200 PRs cap, draws Pro plan included usage, spillover to pay-per-token frontier API rates - Bugbot Teams: historically $40/user/mo, transitioning to usage-based billing per Cursor's late-April 2026 announcement - Per-run estimate $1.00-$1.50 (Cursor's own figure) - Model selection opaque: 'frontier and in-house models' per docs; frontier spans Anthropic Opus 4.6/4.7, GPT-5, Gemini Notes the absent subscription-passthrough lever vs. Claude Code on CF Sandboxes: even when Bugbot routes through an Anthropic model, the inference call cannot be billed against the operator's own Anthropic Pro/Max subscription. Adds a 'pattern portability' close that situates Bugbot alongside Copilot Code Review, Greptile, CodeRabbit, and Anthropic's Code Review for Claude Code as competing implementations of the same primitive -- demonstrating the constraint at audit-gates-are-spawned-agent-sessions names a productized commercial category, not a hypothetical one. See Also gets a Cursor Bugbot reference link.
This was referenced May 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Two canon edits, both pre-approved by the operator on 2026-05-09:
Rename
klappy://canon/constraints/audit-gates-are-managed-agents→klappy://canon/constraints/audit-gates-are-spawned-agent-sessions. The Tier-1 constraint stays intact in spirit; the vendor name is removed from the URI and the body is rewritten to abstract over substrate (Anthropic Managed Agents, CF Sandboxes with Claude Code or OpenCode harness, future entrants). The original framing leaked vendor naming through during distracted review; this corrects that.Add
klappy://canon/methods/spawned-agent-session-substrate-options— a new Tier-1 method doc cataloguing current substrate options with cost shapes, billing dimensions, vendor-lock surfaces, and the mixing-tools strategy. Specifically documents that subscription billing (Pro/Max/Team via Claude Code withclaude setup-tokenfor headless CI) inverts the cost composition: under subscription, inference is sunk and substrate runtime becomes the dominant per-audit variable. At meaningful volume, mixing Anthropic-model + Claude-Code-harness + CF-Sandbox-substrate is ~70% cheaper than Anthropic-bundled.Mechanics
writings/,journal/,ledger/left as historical record per scope discipline.skills/managed-agents/SKILL.mdleft as-is — that is the literal Anthropic product name.Sequencing
The companion AMS PR (renaming
ams://canon/constraints/canon-code-sync-via-managed-agent→…via-spawned-agent-session) references the new klappy.dev URI in itsderives_from. Land this PR first, then the AMS PR.Authority
Operator-approved canon edit, 2026-05-09. Drafts produced by Claude under
models-do-not-mutate-canon; this PR is the operator commit.Note
Low Risk
Low risk: this PR only updates canon documentation/URIs and adds a new method doc; no runtime code or enforcement logic changes.
Overview
Reframes the Tier-1 audit-gate constraint from vendor-specific “Managed Agents” to the vendor-neutral concept of a “spawned agent session”, updating its URI/title/tags and tightening language around substrate-agnostic requirements (fresh session per audit, clean context, agentic loop, structured findings) while explicitly forbidding canon from mandating a specific vendor product.
Adds a new Tier-1 method,
klappy://canon/methods/spawned-agent-session-substrate-options, that catalogs current substrate choices (e.g., Anthropic Managed Agents vs Cloudflare Sandboxes vs self-hosted) and compares their cost/billing dimensions, portability/lock-in surfaces, and a mixed-vendor strategy (including subscription-vs-API inference billing) for running these sessions.Reviewed by Cursor Bugbot for commit b1f280a. Bugbot is set up for automated code reviews on this repo. Configure here.