Skip to content

Add Iskra as the workflow, release, and dependency automation agent #76

Description

@z0r4n-bot

Problem / context

The repository currently has clear roles for product shaping, orchestration, implementation, and QA, but it does not yet have a dedicated worker for GitHub workflows, release automation, and dependency maintenance work.

Those tasks are important enough, and security-sensitive enough, that they should have an explicitly defined specialist instead of being treated as ad hoc implementation work.

Desired outcome

Add a new specialized implementation agent named Iskra for workflow, release, and dependency automation work, with clear scope boundaries, bot identity, and operating constraints.

Iskra should be a specialized implementation worker under Jelena's orchestration, not a separate coordinator.

Scope

In scope

  • add a new agent definition for Iskra
  • define Iskra as the specialist for:
    • GitHub Actions workflows
    • reusable/composite actions
    • CI/CD automation
    • package/release automation
    • dependency maintenance for npm packages and GitHub Actions
  • add bot identity and auth mapping:
    • caller: Iskra
    • bot key: iskra
    • GitHub App slug: 15KR4-BOT
  • add the matching GitHub MCP endpoint convention for Iskra
  • update repository docs/config/examples where needed so the team model and auth mapping include Iskra
  • document security expectations for workflow and release changes
  • define Iskra explicitly as a specialized worker under Jelena rather than a roaming infra owner

Out of scope

  • implementing a specific workflow or release feature
  • changing repository workflow ownership rules beyond adding the new specialized worker
  • redesigning the underlying auth model
  • creating new release/versioning policy beyond what is necessary to define Iskra's operating boundaries

Acceptance criteria

  • Iskra has a dedicated agent definition file
  • the agent definition clearly establishes Iskra as a specialized implementation worker, not a coordinator
  • the GitHub bot identity 15KR4-BOT is documented for Iskra
  • AGENTS.md is updated so repo role mapping and team model include Iskra
  • docs/config/examples are updated where needed to include the new caller/bot mapping
  • Iskra's instructions explicitly cover workflow security, permissions, secrets, release automation, and escalation concerns
  • Iskra follows the same issue-driven workflow, bot-auth rules, and one-issue-one-branch-one-worktree rules as other workers

Docs impact

  • Docs impact: update existing docs
  • Details: update AGENTS.md and any relevant team/auth/config reference docs to include Iskra

ADR needed?

  • ADR needed: no
  • Details: this adds a new team role and operating contract, but does not change the core runtime architecture

Dependencies / sequencing notes

  • should align with the ongoing terminology work for caller/bot naming
  • should happen before assigning workflow/release automation work to the new agent

Risks / open questions / non-goals

  • Workflow and release automation changes are security-sensitive, so Iskra's permission and escalation boundaries should be explicit from the start.
  • The issue should make clear that Iskra is a specialized worker under Jelena, not a roaming cross-cutting owner.
  • The repository bot-auth procedure must be working for the new bot identity before the role is operational.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    Todo

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions