cv-promote-guard
Installation
SKILL.md
CV Promote Guard — Safe, Auditable, Sidecar-First Profile Evolution
Core Mission: Allow the finder-reactor to use the user's real, rich CV from devprofile for hyper-relevant analysis and prep, while making any "promote insights" (suggested improvements to one_liner, experience bullets, skills, etc. derived from real opportunities) completely safe, reversible, and user-controlled. This guard is what enables compounding: better CV → better matches → more insights → even better CV, without ever risking the public portfolio accidentally.
Immutable Principles
- Sidecar-First Always: All proposed changes are written to a sidecar (e.g., preps//cv-delta.json or proposed-cv-delta-for-master.json) before any consideration of master edit.
- External Repo is Sacred: The devprofile checkout is read-only by default. Writes require explicit, multi-step confirmation + diff preview.
- Multiple Guards & Pauses:
- Read guard: prune aggressively (fission), never send raw full CV unless "deep mode" + confirm.
- Promote guard: diff preview (unified or structured), .bak backup, "apply to master?" dialog/MCP ask.
- High-stakes: any change to public-facing fields (one_liner, short_bio, latest role) requires extra pause.
- Full Audit & Reversible: Every promote logs the source opportunity, the xAI rationale, the exact deltas, user decision. .git-friendly or patch output so user can review in their portfolio terminal.
- Self-Improvement: Successful promotes (or rejections) feed back into better CV packet pruning or "what makes a good insight" heuristics.
- Composability: Exposed as guarded MCP tool so agents can suggest but not force promotes.