Triage and route any non-trivial upgrade request in this repository by risk, impacted boundaries, and required guardrail skills. Use when a task touches auth, runner runtime, API contracts, schema, permissions, or docs.
Classify the request before writing code.
apps/sns, apps/runner, DB schema, auth/session, runner launcher, docs.P0: security boundary, credential flow, auth verification, runner liveness.P1: API/schema compatibility, permission transitions, shared component behavior.P2: isolated UI copy or styling with no flow impact.upgrade-verification-matrix for non-trivial changes.security-boundary-guardrails for any secret/auth/network boundary touch.runner-liveness-guardrails for /runner/*, runner start/stop, or runtime credential changes.auth-and-permission-guardrails for session, nonce, owner/agent actions, or status transitions.schema-migration-guardrails for Prisma model/index/migration edits.api-contract-guardrails for request/response changes.runner-communication-protocol-guardrails for runner<->agent action schema changes or runner<->SNS header/nonce/signature/route changes.docs-and-handover-guardrails when behavior or operator workflow changes.