jbaruch/nanoclaw-host
Skills and rules for the NanoClaw host agent (Claude Code on Mac). Tile promotion, container management, staging checks, repo chain safety, and public sync.
77
Quality
97%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Securityby
Advisory
Suggest reviewing before use
jbaruch/nanoclaw-host
Skills and rules for the NanoClaw host agent (Claude Code on Mac). Tile promotion, container management, staging checks, repo-chain enforcement.
Installation
tessl install jbaruch/nanoclaw-hostRules
| Rule | Summary |
|---|---|
| boyscout-host | Host agent owns the full stack (source, tile repos, scripts, deploy, NAS, containers) — fix any problem you find, except owner's-domain content (SOUL.md, personal skills, group memory). |
| copilot-nudge-after-10min | When you summon a Copilot review via the GraphQL requestReviews mutation (see the ship-code and promote skills for the full lifecycle and the exact GraphQL call) and the review hasn't started within 10 minutes, post a follow-up PR comment that tags @copilot to re-activate it. |
| cross-tier-skill-state | Cross-trust-tier skills must persist state under /workspace/state/<skill-name>/ (RW in every container). Tier-pinned skills may use /workspace/group/. |
| dual-agent-coexistence | Two agents (AyeAye and host) update this system asynchronously. Never assume the latest version; never assume the other agent's work is stale or inferior without reading it. |
| host-conventions | Deployment mechanics: always use ./scripts/deploy.sh, registry is the delivery artifact, scripts source scripts/common.sh. |
| no-deferral | Every session is the only session — fix problems now, not "later". Forbidden-pattern bullets enumerated. |
| no-error-suppression | Never use || true, 2>/dev/null, empty catch {}, or any form of silent error swallowing in scripts. If something fails, it must fail visibly. |
| nuke-semantics | Nuke a group = kill the running container only. Never delete registrations or group folders. |
| orchestrator-dep-refresh | When an npm-from-GitHub dep in Dockerfile.orchestrator ships a new version, the default ./scripts/deploy.sh does NOT pick it up because BuildKit caches RUN npm install -g <GitHub-repo> by Dockerfile string, not by GitHub state. Use ./scripts/deploy.sh --no-cache and verify the resulting dep version against the running container. |
| overlay-tile-authoring | Authoring contract for per-chat overlay tiles under containerConfig.additionalTiles: cadence frontmatter mandatory, one cadence per SKILL.md, reader-without-writer is a release blocker, live-runtime verification before shipped, cross-skill subprocess composition. |
| post-merge-publish-watch | After every tile-repo PR merge, watch the post-merge Review & Publish Tile workflow until the registry actually has the new version. A merge that doesn't reach the registry is incomplete. |
| repo-chain | Updates flow DOWN the chain: |
| staging-diff-protocol | Before judging staging content: diff, read, reason, merge improvements, then decide. Stale = empty diff only. |
| tessl-version-floating | tessl-workspace/tessl.json MUST use "version": "latest" for every tile (approved exception to coding-policy: dependency-management). deploy.sh verifies on each deploy that no literal pins have crept in. |
| tile-content-pipeline | Tile content updates flow through staging → promote (forbids live-NAS edits). Feature-branch PRs against a tile repo are OK — same review surface. |
Skills
| Skill | Description |
|---|---|
| check-staging | List pending skills and rules on the NAS staging area. Shows what the agent has created or updated that hasn't been promoted to tiles yet. Use before running promote, or when the user asks what's on staging. |
| extract-to-overlay | Sequential workflow for migrating an admin-tile skill, rule, or script set into a per-chat overlay tile. Audits cadence frontmatter, state-plane couplings, and cross-skill imports; moves files across two tile repos; updates per-group additionalTiles config; ships each side through publish-tile; verifies live materialisation. Use when extracting an admin skill to an overlay, refactoring admin content into per-chat tiles, splitting capabilities out of nanoclaw-admin, or wiring additionalTiles for a freshly extracted overlay. |
| nuke | Kill a running agent container on the NAS by Telegram group JID. The orchestrator respawns a fresh container on the next message. Does NOT delete registration or group folder. Use when a container is stuck, stale, or needs a fresh start. |
| promote | Promote agent-created skills and rules from NAS staging to tile GitHub repos via a full PR lifecycle — opens a PR, summons Copilot, iterates fixups until the review is clean, then merges so GHA publishes. Use when there are new items on staging, after check-staging shows pending items, or when asked to deploy skills, push to production, or publish rules to a tile repo. |
| reconcile | Verify that all tessl tiles are in sync between git source, tessl registry, and the NAS orchestrator. Reports drift, unpublished content, untracked files, and version mismatches. Use when tile state seems wrong, container behavior looks stale, you suspect out-of-sync tiles, or need to check tile health before a release. Run after promoting skills or after any manual tile edits. |
| ship-code | PR-based lifecycle for shipping a code change through the NanoClaw fork chain. Covers the full path on private (jbaruch/nanoclaw) — create PR, summon Copilot, wait for review, fix CI + reasonable feedback, merge, clean up branches — then cherry-picks what qualifies to public (jbaruch/nanoclaw-public) and repeats the same lifecycle there. Enforces the scrub rules from repo-chain.md. Use when a code change is committed and needs to go out, when asked to ship a fix, open a PR, push to production, merge changes, or propagate a fix from private to public. |
| sync-to-public | Sync private NanoClaw improvements to the public fork. Runs the scrubbed export script, creates a PR for review, and optionally merges. Use when private has accumulated fixes that should go public, after a batch of improvements, when explicitly asked to sync or export to public, or when asked to push changes or update the public repo with the latest private work. |
| update-from-public | Pull upstream updates into private NanoClaw. The chain is qwibitai → public → private. This skill handles both pulling qwibitai changes into public and then merging public into private. Use when upstream has new features, when the user asks to update, or when /update-nanoclaw is invoked. |
See CHANGELOG.md for version history.
- Workspace
- jbaruch
- Visibility
- Public
- Created
- Last updated
- Repository
- https://github.com/jbaruch/nanoclaw-host
- Publish Source
- GitHub
- Badge