1 · Plans agents can execute
Work is delegated as numbered epics with checkboxes, not chat prompts. The agent gets a whole phase — "implement E34.1–E34.7" — and the plan file is updated in the same commit that ships the code. Any session, human or agent, can reconstruct system state from the plans alone.
2 · Guarded autonomy
Agents run long and autonomously, but inside boundaries: git worktrees isolate their changes, staging is always explicit (never git add .), permission classifiers block unauthorised actions, and scope violations get flagged rather than absorbed.
3 · Verification is part of done
A green build is not the finish line. On a recent access-control rollout the agent applied the production migration, then proved the fix by recovering a one-time password and completing a live sign-in. Deploys are smoke-checked on the live domain, every time.
4 · System memory for agents
Every session starts informed, not blank: project rules, platform standards, plans and fleet health are aggregated into a live layer the agents query over MCP. We built SourceAtlas because we needed exactly this — then made it a product.