PrimeCore Operator Runbook (EN/ES)

English

1) What PrimeCore War Room is

PrimeCore War Room is an iPad-first PWA (static Cloudflare Pages) that acts as the control plane for a 100% digital, 100% automated business system where Founder approvals are required for privileged or high-risk actions.

Policy Router decides: ALLOW / REQUIRE_APPROVAL / DENY
Model Gateway executes (currently safe stub: mock output only)
Receipts Store records decisions + outcomes (localStorage for now)
Service Worker caches assets (HTML is network-first to avoid stale deploys)

2) Daily operator workflow

Daily start

Open War Room
Verify build stamp updates (proves app.js executed)
Run daily_brief in shadow mode first
Review the “WHY” decision details

Execution discipline

shadow: simulate only, no side-effects
canary: limited side-effects (future: tiny canary writes)
prod: full execution (future: approvals + safety checks)

3) Troubleshooting (the stuff that actually breaks)

Icons failing in manifest: /icons/icon-192.png and /icons/icon-512.png must return image/png, not HTML.
Service Worker poisoning: if an icon ever returns HTML, unregister SW + Clear Site Data, then hard reload.
Redirects: SPA fallback must be last; protect /icons/*, /policy/*, /docs/* above it.
Extension noise: test in InPrivate with extensions off for clean console output.

4) New Chat handoff (copy/paste)

We are building PrimeCore War Room (Cloudflare Pages PWA).
Repo: Storm7070/primecore-war-room
Static (no build step). Core files: /index.html, /styles.css, /app.js, /sw.js, /manifest.webmanifest, /docs/*
Policy files: /policy/policy/policy-router.js, /policy/policy-packs.json, /policy/gateway/model-gateway.js, /policy/receipts/receipts-store.js
Rules: Policy Router first, receipts for every decision/outcome, Founder approvals only for privileged actions.
Redirects: protect /icons/* /policy/* /docs/* from SPA fallback; SPA fallback must be last.

Español

1) Qué es PrimeCore War Room

PrimeCore War Room es una PWA (Cloudflare Pages, estática) orientada a iPad que funciona como plano de control para un sistema 100% digital y 100% automatizado donde las acciones de riesgo requieren aprobación del Founder.

2) Troubleshooting rápido

Íconos: /icons/icon-192.png y /icons/icon-512.png deben ser image/png, no HTML.
Service Worker: si un ícono devuelve HTML, desregistrar SW + “Clear site data” + hard reload.
Redirects: el fallback SPA va al final; proteger /icons/*, /policy/*, /docs/* arriba.

3) Handoff para un chat nuevo (copiar/pegar)

Estamos construyendo PrimeCore War Room (Cloudflare Pages PWA).
Repo: Storm7070/primecore-war-room
Estático (sin build). Archivos: /index.html, /styles.css, /app.js, /sw.js, /manifest.webmanifest, /docs/*
Policy: /policy/policy/policy-router.js, /policy/policy-packs.json, /policy/gateway/model-gateway.js, /policy/receipts/receipts-store.js
Reglas: siempre Policy Router antes de ejecutar, receipts para todo, aprobaciones del Founder para acciones privilegiadas.
Redirects: proteger /icons/* /policy/* /docs/* del fallback SPA; el fallback debe ir al final.