--- description: Boot TricorderKit session — charge le…

Community ralph loop for testing, sourced from github. Verified exit condition, evaluator-gated.

prompt
→ Claude
--- description: Boot TricorderKit session — charge le contexte, HOT CACHE, patterns d'erreurs, état du projet. Séquence tier 1/2/3. allowed-tools: Read, Bash, mcp obsidian-claude-vault read note, mcp obsidian-claude-vault patch note --- Exécute la séquence de démarrage TricorderKit v0.9. ## Séquence obligatoire ### TIER 1 — Toujours (~500 tokens) 1. Lire BOOT SUMMARY.md — résumé exécutif : version, commit, tests, Docker, prochaines tâches 2. Lire tasks/lessons.md — règles préventives actives (LESSON-001 à NNN) Si TIER 1 + lessons.md suffisent pour la demande → aller directement à l'action. ### TIER 2 — Si TIER 1 insuffisant (~2 500 tokens) 3. Lire .planning/STATE.md — état détaillé du projet 4. Lire .planning/TASKS.md — pending/in progress uniquement (exclure ✅) 5. Lire .planning/DECISIONS.md — 5 dernières entrées uniquement ### TIER 3 — À la demande (~10 000 tokens) 6. docs/00 WHAT IS TRICORDERKIT.md 7. docs/01 HOW IT WORKS.md 8. docs/02 WHAT IS IN PLACE.md 9. docs/03 WHAT TO DO NEXT.md 10. docs/04 LLM OPERATING GUIDE.md 11. docs/06 workflow standard.md ## HOT CACHE Obsidian (si MCP disponible) - Lire 00 SYSTEM/05 Hot Cache/HOT CACHE.md dans le
claude-code

Source: GeekFamilyCorp

More testing loops

# Latest session summary Previous: 2026-07-10 (code-scanning triage…

/ralphnew

Community ralph loop for testing, sourced from github. Verified exit condition, evaluator-gated.

prompt
→ Claude
# Latest session summary Previous: 2026-07-10 (code-scanning triage — SSRF hardening + CI permissions + dependency bumps) Date: 2026-07-10 (code-scanning triage — SSRF hardening + CI permissions + dependency bumps) Topic: All open GitHub security alerts triaged and fixed on branch fix/code-scanning-alerts → PR [#59](https://github.com/Lentach/Fireplace/pull/59) (base master , NOT merged — awaiting owner OK; CodeQL+Dependabot re-run on the PR is the proof). Actual scope was 3 CodeQL alerts + 30 Dependabot alerts (all npm/backend). CodeQL 3/3 fixed at root cause, zero suppressions: js/request-forgery critical in link-preview.service.ts ( 2a26bd3 ) replaced the regex host blocklist with two enforced layers — byte-parsed isPrivateIp for the URL-literal (kills decimal/hex/octal IPv4, mapped/NAT64 IPv6, 0.0.0.0, CGNAT, ULA, link-local) + an undici Agent.connect.lookup resolve-and-pin that refuses any hostname resolving to a private address, closing the DNS-rebinding residual the code previously documented as open; manual per-hop redirect validation retained. Two actions/missing-workflow-permissions fixed by top-level permissions: contents: read ( f
testinghigh risk

--- allowed-tools: Bash(git ), Bash(./format.sh ), Bash(go build…

/ralphnew

Community ralph loop for testing, sourced from github. Verified exit condition, evaluator-gated.

prompt
→ Claude
--- allowed-tools: Bash(git ), Bash(./format.sh ), Bash(go build ), Bash(./test.sh ), Bash(./badcode.sh ) description: Pull remote changes and rebase local commits on top --- ## Steps ### Step 1: Pre-flight checks Run these commands: - git status — if there are uncommitted changes, STOP and tell the user to commit or stash first. - git branch --show-current — record the current branch name. ### Step 2: Fetch remote Run git fetch origin . Check if the remote tracking branch exists: - git rev-parse --verify origin/<branch> — if this fails, STOP and tell the user there is no remote branch to pull from. ### Step 3: Check relationship git rev-list --left-right --count origin/<branch>...HEAD - Behind = 0 : Local is already up to date. STOP and tell the user there is nothing to pull. - Behind > 0, Ahead = 0 : Local is behind with no local commits. Do a fast-forward: git merge --ff-only origin/<branch> . Skip to Step 5. - Behind > 0, Ahead > 0 : Remote has new commits and there are local commits to rebase. Continue to Step 4. ### Step 4: Rebase local commits onto remote git rebase origin/<branch> If rebase succeeds with no conflicts: con
testinghigh risk

# AGENTS.md - Codex Ralph Vault Loop ##…

/ralphnew

Community ralph loop for testing, sourced from github. Verified exit condition, evaluator-gated.

prompt
→ Claude
# AGENTS.md - Codex Ralph Vault Loop ## Mission codex-ralph-vault-loop is a Codex App/CLI native orchestration overlay for multi-agent engineering work. It keeps Codex main as the decision maker, uses external models only through MCP tools, verifies work through gates, and stores durable memory in the vault layer. ## Core Rules - Codex main decides. The primary Codex session owns final decisions, edits, synthesis, safety, and verification. - External models advise. Z.ai, MiniMax, and other non-OpenAI systems provide analysis or worker output only through MCP tools. - Gates verify. Tests, lint, security checks, scorecards, and migration checkpoints decide whether a phase can pass. - Vault remembers. Durable memory belongs in the approved Ralph/Codex memory paths, not in ad hoc repo files. - Do not bypass critical hooks. If prettier , gitleaks , semgrep , or pre-commit are missing from PATH , use the local machine binaries when present, install only with approval, or stop and report the blocker; do not use --no-verify to skip security or formatting gates unless the user explicitly orders that exact bypass. - Do not merge or close a PR until review feedback and automated
testinghigh risk