Playbooks

Copyable patterns for real operator workflows.

GitHub least-privilege shipping

  • Use repo-scoped SSH deploy keys for git push.
  • Use fine-grained PATs for PR operations only.
  • Load repo-specific GH_TOKEN with direnv.
  • Prefer PR-first with branch protections enabled.

Cron reminders that actually deliver

  • Treat execution and delivery as separate checks.
  • Use announce delivery for user-facing reminders.
  • Include context in reminder text (what/why/next action).
  • Alert on silent-success conditions.

Browser relay vs API fallback

  • Use browser relay for UI-only actions.
  • Keep API scripts as deterministic fallback for critical ops.
  • Run preflight checks before retries.
  • Log outcomes and error classes for fast diagnosis.

From signup to follow-up

  • Capture intent at the edge, not business logic.
  • Keep entry-point hooks thin and explicit.
  • Centralize subscription and follow-up logic in the API.
  • Test the handoff boundaries, not just the happy path.

Operator checklist

  • Define success signal before automating.
  • Set permission boundaries first.
  • Validate outputs immediately after each run.
  • Document fixes in memory to prevent regressions.