BOSSTORQUE — Claude Desktop Performance Standards & Techniques

1

Context Continuity System

Architecture

The biggest performance killer in Claude Desktop is the cold start problem — every session begins with zero memory of prior work. The context continuity system eliminates this by maintaining auto-updated CONTEXT.md files for every active project, read at session open before any work begins.

Core Design

_COWORK_HUB — Centralized Session Memory

A dedicated Google Drive folder (_COWORK_HUB/) acts as Claude's persistent working memory across sessions. It contains one subfolder per active project, each with a CONTEXT.md file automatically updated every 2 hours via Zapier and readable on demand. At the start of every Cowork session, the first action is reading the relevant CONTEXT.md to restore full project state — no re-briefing required.

Scheduled

Zap 1 — Every 2 Hours

Automated Context Update

Schedule by Zapier → finds files modified in source folders → sends to Claude API (Sonnet, max 600 tokens) → structured context summary written → appended to that project's CONTEXT.md. Runs silently across all active projects in parallel via Looping by Zapier.

On-Demand

Zap 2 — Webhook

Manual Context Sync

Identical to Zap 1 but triggered by a webhook URL. Saved as a browser bookmark titled "Update Cowork Context" and optionally as an Apple Shortcut. Fire before any session to force an immediate sync — critical before starting work after a gap.

Automatic

Zap 3 — New Projects

New Client Auto-Setup

Watches 1_Clients/ for new folders. On detection, auto-creates a matching hub subfolder and seeds a blank CONTEXT.md. New clients are integrated into the continuity system the moment their folder is created — zero manual steps.

Hub Folder Structure

_COWORK_HUB/
├── README.md                  ← Global Cowork instructions
├── SPECS/
│   └── CONTEXT_BUILD_SPEC.md  ← Zapier build spec
├── BOSSTORQUE/
│   └── CONTEXT.md
├── Sperry/
│   └── CONTEXT.md
├── TelTek/
│   └── CONTEXT.md
└── Nowhaus/
    └── CONTEXT.md

CONTEXT.md Format — Locked 4-Field Structure, Under 300 Words

## 2026-03-09 10:00 Context Update

**Active workstreams:** Tree Care Club email sequence, re-engagement batch 3
**Recent changes:** Updated Kit sequence step 4 subject line, added 3 new contact segments
**Open items:** Confirm Jobber webhook is live, review open rate on batch 2
**Next actions:** Deploy batch 3, schedule Club onboarding sequence review

Session opening prompt: "Read _COWORK_HUB/Sperry/CONTEXT.md and give me a one-sentence status on where we left off before we start." Single prompt. Zero re-briefing. Productive output within seconds.

Claude API Prompt — Context Generation (Zap Step 6)

// System prompt sent to claude-sonnet-4-6, max_tokens: 600
"You are a project context manager for BOSSTORQUE. Read recently modified
project files and produce a concise, structured context update to be
appended to a CONTEXT.md file. This file is read by Claude at the start
of every Cowork session to restore project state without re-explanation.

Format EXACTLY:
## [YYYY-MM-DD HH:MM] Context Update
**Active workstreams:** [bullet list]
**Recent changes:** [what changed in the files you read]
**Open items:** [anything unresolved or flagged]
**Next actions:** [bullet list]

Keep under 300 words. If no files modified:
output '## [timestamp] No changes detected.'"

2

Operating Rules — Live Rule File

Configuration

All Claude Desktop operating rules are maintained in a single Cloudflare Worker — the live source of truth. Every session fetches it silently at startup, keeping all Cowork instances, Claude mobile, and Claude browser synchronized without manual updates.

Live Rule URL: https://bosstorque-rules.jason-8ce.workers.dev — fetched silently at every session start. Remote rules override any local CLAUDE.md on conflict. One file to update, all Claude interfaces stay in sync.

Core Behavioral Rules

Parallel Execution Always: Any tool calls that don't depend on each other's output must be issued simultaneously in one message. Sequential execution of parallelizable work is a performance failure — treat it as a bug.
No Pre-Action Narration: Don't describe what you're about to do before doing it. Execute first, report results after. "I'll now do X, then Y, then Z" before any action is wasted time and context window.
No Confirmation Gates on Low-Risk Actions: The dividing line is reversibility. Reads, drafts, sandbox code, calendar events — proceed immediately. Sends, deletes, deploys, external record modifications — always confirm first.
Assume and Proceed: When intent is reasonably clear, make the most reasonable assumption, state it in one sentence, and execute. Only stop when ambiguity would materially change the output and can't be resolved from context.
Fail Forward: If a tool call fails, immediately try the next best alternative. Don't stop to report failure — exhaust all paths first, then surface the gap.
Verify Before Delivering: Math: compute programmatically. Dates/times: always run through bash — never reason from memory (Jason is Pacific Time, Oregon). Lookups: fetch from source. If it can be verified in 10 seconds, verify it.
Response Compression: No preamble. No post-task summaries. Match depth to what was asked. A one-line question gets a direct answer, not a structured report.
Tool Discovery First: Before asking Jason for anything, audit available MCP tools, check skills, attempt autonomously, search for missing connectors. Ask only when all options are exhausted.

Proceed Without Asking

Reading, searching, or fetching any data
Creating files, drafts, or documents (not yet sent)
Running code or calculations in sandbox
Writing to outputs folder
Creating calendar events or internal Slack drafts

Always Confirm First

Sending anything externally (email, SMS, Slack to client)
Deleting files or data
Deploying or publishing anything live
Posting to social media or public channels
Modifying records in CRM, billing, or external database

Subagent Model Routing

Model	Use For	Default?
Haiku	Web research, data fetching, summarization, file reads, formatting, narrow-scope lookups	Fast/cheap, low judgment tasks
Sonnet	Drafting, analysis, multi-step reasoning, client-facing content, nuance or accuracy required	Yes — default
Opus	Architecture decisions, complex multi-constraint problems, high-stakes strategy	Reserve only

Dispatch — Unattended Communication Protocol

What it is: Messages in active Cowork sessions route automatically to Jason's Claude mobile app as push notifications. The primary and only channel for blockers, approvals, and task summaries during unattended operation. Do NOT use iMessages MCP — confirmed broken self-routing loop at 541-514-2521.

Phone-readable format:
⚠️ [Task] — [issue in one line]
[1–2 sentences context]
Options: a) [option] b) [option]
Reply "a" or "b".

3

CLAUDE.md File Architecture

Folder Structure

Every major Google Drive folder contains a CLAUDE.md file that defines how Claude behaves in that workspace — folder purpose, key frameworks, confidentiality level, and auto-loading instructions. This is the primary mechanism for folder-scoped behavior injection.

Layer 1 — Global

Cowork Settings (Personal Profile)

Saved in Cowork Settings → Profile. ~1,500 characters. Defines business identity, communication style (direct, no preamble, no jargon), methodology (Theory of Constraints, diagnose before prescribing), tech stack, brand colors, and legal entity. Injected into every session regardless of folder.

Layer 2 — Live Override

Cloudflare Rule Worker

Single source of truth for all behavioral rules. Fetched silently at session start. Overrides any local CLAUDE.md on conflict. Edit once, all Claude interfaces (Desktop, mobile, browser) sync automatically — no per-device updates.

Layer 3 — Folder

Per-Folder CLAUDE.md

Every major folder gets one. Declares: what the folder is for, subfolder index, frameworks that apply, confidentiality level, auto-loading steps to run on session open. Sets behavior for that workspace. Not a project journal — that's CONTEXT.md.

Layer 4 — Hub

_COWORK_HUB / claude.md

Documents the Cloudflare Workers delivery workflow, worker naming convention, deploy command, and token env var location. This is where delivery standards live — separate from behavioral rules.

Key principle: CLAUDE.md sets behavior. CONTEXT.md carries state. Never conflate them. A folder's CLAUDE.md should declare what the folder is for, what frameworks apply, what's confidential, and what auto-loading steps to run. It is not a project journal.

Session Auto-Loading Sequence (Every Session Open)

Session Opens

→

Fetch rules worker

→

Read _COWORK_HUB/claude.md

→

Read CONTEXT.md files

→

Pull Gmail (3 days)

→

Pull Calendar (7 days)

→

Ready

4

HTML-First Deliverable System

Core Standard

Everything Claude builds — internal and external, reports and docs, audits and analyses — is built in HTML first. HTML is faster to generate, easier to iterate, renderable instantly in any browser, deployable as a live URL, and trivially convertible to any other format. Word and PDF are downstream of HTML, never the starting point.

Why HTML First

Speed & Iteration Advantage

Claude generates clean HTML in one pass with no round-trips or file format overhead. Edits are a single string replacement. Changes are visible instantly in a browser. No conversion artifacts, no format lock-in, no attachment friction. It's the fastest path from prompt to polished output.

Why Not Word/PDF First

Format Lock Kills Velocity

Word and PDF require additional tools, libraries, and conversion passes. They're slow to iterate, hard to brand consistently, and create attachment friction for clients. Word is appropriate when a client specifically needs an editable .docx. PDF is appropriate when a client needs a signed or print-ready document. Neither is the default.

Delivery Path

Internal vs. External Destinations

Internal deliverables (notes, briefs, plans, analyses) go to Google Drive as HTML files or Markdown. They're viewable directly in Drive and editable in any text editor. External deliverables (client reports, audits, roadmaps, campaign summaries) are built in HTML, wrapped in a Cloudflare Worker script, deployed as a live URL, and delivered via that URL in the email body — no attachment ever.

HTML → Cloudflare Worker Publish Flow

Claude builds HTML

→

Brand-compliant, mobile-first

→

Wrap in Worker script

→

wrangler deploy --no-bundle

→

Live workers.dev URL

→

URL in email body

What Goes Where

Deliverable Type	Format	Destination	How Delivered
Client reports, audits, roadmaps	HTML	Cloudflare Worker (live URL)	URL in email body — no attachment
Campaign performance reports	HTML	Cloudflare Worker	URL in email body
Internal analyses, plans, briefs	HTML or Markdown	Google Drive	Shared Drive link
Memory, config, rules, context	Markdown (.md)	Google Drive / GitHub	Version controlled
Data, tables, lists	CSV or XLSX	Google Drive or Gmail attachment	Attachment (data files only)
Presentations (when requested)	PPTX or HTML slides	Google Drive	Shared Drive link
PDFs (when explicitly requested)	HTML → PDF via skill	Google Drive	Attachment or Drive link
Code, scripts, automations	Language file, sandbox-verified	GitHub (private repo)	Repo link or file

Version updates are free: When a client report needs a correction or update, redeploy the Worker with the updated HTML. Same URL, updated content. The client's bookmarked link always shows the latest version — no "see attachment v2" confusion.

5

Cloudflare Workers — Setup & Usage Guide

Infrastructure

Cloudflare Workers is the infrastructure layer that turns HTML files into live, instantly-accessible URLs. It's a serverless edge platform — your code runs on Cloudflare's global network, not on a server you manage. For BOSSTORQUE, it serves one primary purpose: deploying client deliverables as live URLs that require no hosting infrastructure and cost essentially nothing.

What It Is

Serverless Edge Platform

Cloudflare Workers runs JavaScript (or Wasm) at the edge — in 300+ data centers worldwide. You deploy a script, get a URL, and that URL instantly serves your content from the nearest location to whoever requests it. No servers, no containers, no DevOps.

What We Use It For

Live Report URLs

Each client deliverable becomes a Worker: a tiny script that returns the HTML report when fetched. Client gets a URL instead of an attachment. No email size limits. Viewable on any device. Updatable by redeploying. Professional, clean, fast.

How to Sign Up

Step 1 — Create account: Go to dash.cloudflare.com → Sign up with email. No credit card required for the free tier. Account is ready immediately.
Step 2 — Note your subdomain: Cloudflare assigns a *.workers.dev subdomain (e.g., jason-8ce.workers.dev). All Workers deploy under this subdomain by default. Custom domains can be attached later.
Step 3 — Install Wrangler CLI: npm install -g wrangler — this is the command-line tool for deploying Workers. Requires Node.js.
Step 4 — Generate an API token: Cloudflare Dashboard → My Profile → API Tokens → Create Token → "Edit Cloudflare Workers" template. Save the token to _COWORK_HUB/.env as CLOUDFLARE_API_TOKEN. Never hardcode it.
Step 5 — Test a deploy: Create a minimal Worker script (see below), run wrangler deploy --no-bundle, and confirm the URL returns your content. Takes under 60 seconds end-to-end.

Pricing (April 2026)

Free Tier

$0

Generous limits. More than enough for internal use and light client delivery.

100,000 requests/day
10ms CPU time per invocation
Unlimited Worker scripts
workers.dev subdomain
1 GB KV storage
200,000 log events/day (3-day retention)

Our Plan

Workers Standard (Paid)

$5/month

10M requests/month included. Enough to serve thousands of reports daily with room to spare.

10M requests/month included
+$0.30 per additional million
30M CPU ms/month included
+$0.02 per additional million ms
Custom domain support
7-day log retention
Max 5 min CPU/invocation

KV Storage (Add-On)

Usage based

If you store data in Workers KV (key/value store). Optional — not required for HTML delivery.

10M reads/month included
+$0.50 per additional million reads
1M writes/month included
+$5.00 per additional million writes
1 GB storage included
+$0.50 per GB-month after

Bottom line on cost: For BOSSTORQUE's use case — deploying HTML reports as live URLs — the free tier is sufficient for most months. At $5/month, the paid plan covers 10 million requests, which is roughly 300,000 report views per day. This is effectively free infrastructure for professional client delivery.

Minimal Worker Script — HTML Report

// worker.js — wraps an HTML string and serves it on fetch
export default {
  async fetch(request, env, ctx) {
    const html = `<!DOCTYPE html>
<html>
  <head><title>Report Title</title></head>
  <body>
    <!-- Your full HTML report content goes here -->
  </body>
</html>`;

    return new Response(html, {
      headers: { 'Content-Type': 'text/html;charset=UTF-8' },
    });
  },
};

Deploy Commands

# One-time setup: install Wrangler
npm install -g wrangler

# Deploy a Worker (token read from env — never hardcoded)
cd /tmp/{worker-dir}
CLOUDFLARE_API_TOKEN=<token> wrangler deploy --no-bundle

# Token storage (run once in terminal — never type token in chat)
python3 -c "import getpass,pathlib; \
  p=pathlib.Path('_COWORK_HUB/.env'); \
  t=getpass.getpass('Token: '); \
  open(p,'a').write(f'CLOUDFLARE_API_TOKEN={t}\n'); \
  print('saved')"

# Update an existing Worker (same command — redeploys in place)
CLOUDFLARE_API_TOKEN=<token> wrangler deploy --no-bundle

Naming Convention

# Pattern: {client-slug}-{report-type}-{mon}{year}

sperry-campaign-report-apr2026    → sperry-campaign-report-apr2026.jason-8ce.workers.dev
sperry-audit-report-mar2026        → sperry-audit-report-mar2026.jason-8ce.workers.dev
bosstorque-design-audit-mar2026    → bosstorque-design-audit-mar2026.jason-8ce.workers.dev
bosstorque-rules                   → bosstorque-rules.jason-8ce.workers.dev  (live rule file)

# Account subdomain: jason-8ce.workers.dev
# Token env var: CLOUDFLARE_API_TOKEN in _COWORK_HUB/.env

What Cloudflare Workers Can Do (Beyond Report Delivery)

Use Case	How	Relevance to BOSSTORQUE
HTML report delivery	Worker returns HTML on fetch → live URL	Active — primary use
Live rule file	Worker serves CLAUDE.md rules as text → fetched by every session	Active
API proxying	Worker forwards requests to third-party APIs, adds auth headers	Useful for hiding API keys from client-side code
Redirect management	Worker maps old URLs to new ones at the edge	Site migration and link management
A/B testing	Worker splits traffic between two response variants	Landing page split tests without a testing platform
Webhook endpoints	Worker receives POST requests → triggers logic or forwards to Zapier	Automation triggers without a dedicated backend
Scheduled tasks (Cron Triggers)	Worker runs on a cron schedule	Lightweight automation without Zapier for simple recurring jobs
Custom domain routing	Attach any domain you own → Worker serves it	White-labeled client portals under bosstorque.ai subdomains
KV data storage	Workers KV provides persistent key/value storage at the edge	Storing report metadata, client preferences, or session state

6

Skill System — Encoded Workflows

Automation

Skills are structured folders that encode complete, repeatable workflows — locked report structures, connector sequences, QA checklists, math correction logs, and delivery protocols. They eliminate reinvention across sessions and preserve lessons learned from prior builds so mistakes aren't repeated.

Skill Folder Anatomy (Sperry Campaign Report — Production Example)

File	Purpose	Key Contents
SKILL.md	Master reference — locked after deployment	Report structure (11 sections), revenue model, segment definitions, brand style, cost structure, delivery instructions
references/template.html	Full HTML/CSS with {{PLACEHOLDER}} markers	Every data point has a named placeholder; locked brand CSS baked in; 900px layout
references/process.md	9-step workflow with specific tool calls	Data collection → compute → build → QA → Gmail draft, step by step
references/corrections-log.md	13 documented math traps — most critical file	Median vs. average, profit-based ROI, baseline calc method, Kit/Jobber reconciliation, rounding rules
references/data-sources.md	Every metric mapped to its source system	Kit, Jobber, ZeroBounce, Stripe — specific views, exports, transformations, collection cadence

Sunday Automation Workflow (Fully Unattended)

8PM Trigger

→

Paginate Kit API

→

Scrape Kit dashboard

→

Scrape Jobber tags

→

Compute all metrics

→

Build HTML from template

→

Run QA checklist

→

Build XLSX addendum

→

Create Gmail draft

→

Dispatch alert

Pre-authorization pattern: Run any new scheduled task manually once ("Run now") to pre-approve all connector permissions — Kit, Chrome, Gmail, Slack. After that, every scheduled run skips all permission prompts. Standard procedure before the first scheduled execution of any new automation.

7

QA & Friction Log Methodology

Quality Assurance

Two complementary quality processes: Friction Logs capture obstacles during automation builds so they're never repeated. Design/QA Audits systematically prescribe fixes for output quality issues using a severity-based framework.

During Build

Friction Log

Automation Friction Logging

Obstacles encountered during any automation build are systematically recorded, categorized, and resolved — then stored as an HTML artifact (e.g., Report Automation Friction Log — Mar 16 2026.html). Future builds reference the log to skip known roadblocks. Filed by project and date.

Post-Build

Design/QA Audit

Issue-ID Audit with Prescribed Fixes

Every audit uses an Issue ID system (HM-01, HM-02…) with severity rating (Critical/High/Medium/Low). Each finding has both the problem statement AND a specific prescribed fix — identification alone is insufficient. BOSSTORQUE site audit found 28 issues across 5 pages.

QA Severity Framework

Level	Category	Production Examples	Response
🔴 Critical	Brand / trust killers	Emoji checkmarks in pricing cards, no social proof on site, emoji icons in feature cards	Fix before any delivery
🟠 High	Design / UX failures	All-white page with no section separation, generic hero image, missing founder headshot	Fix in current sprint
🟡 Medium	Polish gaps	Missing logo in header/footer, stale copyright year (©2025)	Next scheduled pass
🟢 Low	Minor improvements	Navigation gaps, minor copy inconsistencies, URL corrections	Backlog / opportunistic

Math Corrections Log — Standard Trap List (13 Documented)

Median vs. average: Never use average when median is correct for skewed distributions (customer LTV, revenue per job, service ticket value).
Baseline calculation: Use actual annualized sum from source system — never average × count. Only equivalent when distribution is uniform.
ROI must be profit-based: (Gain × gross margin) ÷ campaign cost. Revenue-based ROI overstates returns and loses credibility with owners who know their margins.
Rounding rules: Document the specific convention (floor/ceil/round) per metric. Never leave to judgment — inconsistency creates reconciliation gaps between report sections.
Denominator mismatches: Verify numerator and denominator are from the same population. Kit subscriber counts and Jobber client counts are different populations — never mix them in a single rate calculation.
No-data segment exclusion: Exclude no-data segments from conservative scenario projections (Scenario A). Include with proxy value in moderate/optimistic (B/C) — clearly labeled as estimated.

8

Security Scans & Containment Audits

Security

After any significant automation build, a structured security scan identifies leaks, over-permissioning, and hidden dependencies before they become production problems. Two formats: an interactive audit tool for system design review, and a post-build scan for live automation stacks.

5 Audit Dimensions — System Containment Framework

Dimension	What It Checks	Red Flags
Access Control	Role-based access, no shared logins, minimum-permission scopes	Everyone is admin; shared credentials; write permissions where read would do
Automation Map	Clear documented flows, no hidden chains or loops	Zapier connected to everything; unknown triggers; undocumented zaps running
Boundary Integrity	Clear system roles, minimal cross-system dependency	Multiple sources of truth for same data; circular dependencies
Input Hygiene	Validated inputs, no blind ingestion into core systems	Unvalidated form fields feeding automation pipelines directly
Observability	Clear logs, traceable actions, visible failures	Automations that fail silently; no alerting on errors; unknown execution history

Every scheduled task that hits a confirm-required action must Dispatch first, every time, without exception — even when previously authorized, even on a known schedule. Silence or timeout = abort and log. Never proceed on no response.
Unexpected Dispatch pings are a security signal. If Jason receives a notification he didn't initiate, treat it as a potential unauthorized execution — not just a notification. Investigate before proceeding.
Never accept API keys or tokens in chat. Store using the secure stdin pattern. Read at runtime from _COWORK_HUB/.env or .claude/secrets/. Never echo or log them.

9

Connectors & MCPs — Full Inventory

Integration Stack

Complete list of all MCP tools and connectors active in Claude Desktop as of April 2026. Organized by category. Permission levels follow the default rule: reads almost always auto-approved, writes almost always gated — exceptions documented.

Core Communication & Productivity

Connector	Status	Read	Write	Key Capabilities
Gmail	Active	Allow	Needs Approval	Search messages, read threads, create drafts, list labels — sends always confirm
Google Calendar	Active	Allow	Needs Approval	List events, find free time, find meeting times, get event details — create/delete confirm
Google Drive	Active	Allow	N/A	Search, fetch, read files — primary storage for all deliverables and context files
Slack	Active	Allow	Needs Approval (external sends)	Read channels, read threads, search messages, search users, send/schedule messages, manage canvases

Business Operations & Finance

Connector	Status	Read	Write	Key Capabilities
Jobber	Active	Allow	Needs Approval	Find clients, create clients/jobs/quotes/requests, add notes, manage tags — primary field service CRM for Sperry
ConvertKit (Kit)	Active	Allow	Needs Approval	List subscribers, view single subscribers, add subscribers to forms, add tags — email marketing for Sperry
Stripe	Active	Allow	Write (Charges, Payment Links)	Balance, customers, invoices, payment intents, prices, products, subscriptions — write is forced by API (includes read)
Mercury	Active	Allow all	N/A (read-only API)	Balance, transactions, statements, cards — banking visibility only, no write capability in API
Zapier	Active	Allow	N/A	Get configuration URL — single tool for checking Zapier connection status

Infrastructure & Development

Connector	Status	Read	Write	Key Capabilities
Cloudflare Workers	Active	Allow	Needs Approval	Manage Workers, KV namespaces, D1 databases, R2 buckets, Hyperdrive configs, query D1 databases
Cloudflare Docs	Active	Allow	N/A	Query Cloudflare documentation, resolve library IDs — reference tool for Workers development
Netlify	Active	Allow	Needs Approval	Read/update deploy services, extension services, project services, team and user info
GitHub	Active	Allow	Needs Approval	List repos, view files, search code, view issues/PRs — write requires approval (push, merge, create)
WordPress.com	Active	Allow	Needs Approval	Site stats, content authoring, site settings/plugins/users, domain management, user profile and notifications

Sales, CRM & Outreach

Connector	Status	Read	Write	Key Capabilities
Apollo	Active	Allow	Needs Approval	Find & enrich contacts/companies, list contacts, run subroutines, add data points — prospecting and lead enrichment
Common Room	Active (via plugin)	Allow	N/A	Account research, contact research, compose outreach, prospect lists, call prep, weekly briefings
Intercom	Active	Allow	Needs Approval	Search contacts/companies/conversations, list articles/companies, fetch conversations, create/update articles
Pipedrive	Failed	—	—	Custom MCP via Activepieces failed auth. Workaround: Claude in Chrome for Pipedrive web UI. Revisit when official connector available.

Design, Content & Creative

Connector	Status	Read	Write	Key Capabilities
Figma	Active	Allow	Needs Approval	Get design context, screenshots, metadata, variable defs, design system; create files, generate diagrams, export designs
Canva	Active	Allow	Needs Approval	Search/list designs and folders, generate/edit designs, export, manage brand kits, merge designs, resize
Gamma	Active	Allow	Needs Approval	Generate presentations/docs, read Gamma files, get themes and folders — AI-native presentation builder
ElevenLabs (Agents)	Active	Allow	Needs Approval	Get agent config, search voices, create/update agents — voice AI integration
ElevenLabs (Player)	Active	N/A	Needs Approval (all)	Play/load audio, generate speech, generate sound effects, generate music — every action burns free-tier credits

Desktop Extensions (Native Mac Apps)

Extension	Status	Tier	Key Capabilities
Desktop Commander	Active	Read: Allow all · Write: Needs Approval	Full filesystem access: read files, list directories, search, get file info, start/manage processes. Write (create/edit/move/delete files) always gated.
Claude in Chrome	Active	DOM-level access via extension	Navigate, find, read pages, form input, JavaScript execution, tab management, screenshots — primary browser automation tool. Never use computer-use for browser tasks.
Control Chrome	Active	Read: Allow · Execute JS: Needs Approval	Get current tab, list tabs, get page content, open URLs, go back/forward, reload — lighter browser control layer.
Control your Mac	Active	Needs Approval (all)	Run AppleScript (osascript) — any macOS automation. High-power, high-risk; every action confirmed.
PowerPoint (by Anthropic)	Active	Allow all (read + write)	Create, open, edit, save presentations; add/delete slides; set titles; add text; insert images; export PDF. Allow-all avoids approval spam during deck builds.
Word (by Anthropic)	Active	Allow all (read + write)	Create, open, edit, save .docx files; insert/replace/format text; export PDF. Allow-all avoids approval spam during document builds.
Apple Notes	Active	Read: Allow · Write: Needs Approval	List notes, get note content — read allowed. Add/update notes requires approval.
iMessages	Configured, Not Used	Read: Allow · Send: Needs Approval	Get unread messages, read messages, search contacts, send iMessage. NOTE: Self-routing loop at 541-514-2521 confirmed broken. Use Dispatch instead.
Computer Use	Active — Last Resort	Full (mouse, keyboard, screenshot)	Screenshot, click, type, scroll, drag — any on-screen action. Use only for native desktop apps with no MCP. Never use for browser tasks (Chrome MCP is faster and safer).

Cowork System Tools (Built-In)

Tool	Purpose
Workspace / Bash	Isolated Linux sandbox for running code, scripts, file operations, math verification, date calculations
Scheduled Tasks	Create, list, and update scheduled automations — powers the Sunday report and all recurring tasks
MCP Registry	Search for available MCP connectors, suggest connector installs — used when a needed integration isn't connected
Session Info	List and read session transcripts — used for continuity across session handoffs
Cowork File Tools	Request workspace directory access, present files to user, allow/manage file deletion
Plugins	Search and install Cowork plugins that bundle MCPs, skills, and tools
Web Fetch	Fetch specific URLs — used for rules worker, documentation, research
Web Search	Search the web — used when URL isn't known or broad research is needed

Specialty / Reference

Connector	Status	Key Capabilities
Domain Search	Active	Check domain availability, suggest domain alternatives — useful for client brand naming and launch prep
Base44 App Builder	Active	Create and edit web apps, manage entity schemas and data, query app data — AI-native app builder
Wyndham Hotels	Available	Search and get hotel details — travel planning
Tax / Expert Search	Available	Tax estimates, checklists, filing options, expert interviews — financial reference

10

Output & Brand Standards

Standards

Consistent output format defaults ensure that every deliverable — internal or client-facing — follows the same quality and branding standards without per-task decisions.

Output Format Decision Tree

Output Type	Format	Destination	Notes
Client reports, audits, roadmaps, analyses	HTML	Cloudflare Worker → live URL	URL in email body, never attachment
Internal briefs, plans, analyses	HTML or Markdown	Google Drive	Drive link for sharing
Memory, config, rules, context files	Markdown (.md)	Google Drive / GitHub	Light, version-control friendly
Data, tables, lists with rows/columns	CSV or XLSX	Google Drive or email attachment	Only use attachments for data files
Presentations	PPTX (via skill) or HTML slides	Google Drive	Use pptx skill for complex decks
Word documents (when .docx explicitly needed)	.docx (via skill)	Google Drive	Use docx skill; not the default
PDFs (when signed/print-ready needed)	HTML → PDF via skill	Google Drive or attachment	Enforce: page numbers, brand palette, polished header/footer
Code, scripts, automations	Language file, sandbox-verified	GitHub (private repo)	Never ship unexecuted code
Short answers, quick lookups	Plain text in response	Chat	No file creation overhead

BOSSTORQUE Brand Standards — All Deliverables

Element	Value	Usage
Tagline	"Run It Like You Built It"	Footer, cover pages, email signatures
Deep Blue (primary)	#1e3a8a	Headers, section numbers, table headers, nav bars
Bright Blue (secondary)	#3b82f6	Links, callout borders, accent elements
Orange (accent / highlights)	#ff6b35	Label text, stat numbers, badges, key callouts
Body text	#374151 (UI) / #666666 (reports)	All body copy
Font family	Inter (Google Fonts), system-ui fallback	All deliverables
Base font size	15px	Body text in reports
Max report width	900–960px centered	All HTML reports
Legal entity	True Grit Toolkits LLC DBA BossTorque LLC	All footers, legal references
Primary email	jason@bosstorque.ai	All outbound communications
Website	bosstorque.ai	All brand references

PDF Requirements (when explicitly requested): Must use pdf skill before generating. Enforce: pagination with no content cut mid-section, page numbers on every page (Page X of Y), BOSSTORQUE brand palette, polished header/footer. Not a raw HTML print — it must look like a client deliverable.

11

Blocker Protocol & Self-Healing

Resilience

Three techniques developed from production Quicken automation work to handle blocked tasks without wasting iterations or stalling. The core lesson: most failed attempts are caused by repeating the same approach, not by lack of effort. Structure the retries, research before pivoting, and build auto-fix into every QA pass.

From Quicken Build

Iteration Cap With Varied Methods

5 Attempts Max — Each Must Use a Different Method

When blocked on any task step, try up to 5 approaches before escalating via Dispatch. The rule is not "try 5 times" — it's "try 5 materially different methods." Repeating the same approach with minor variations doesn't count as a new attempt. On the 5th failure, send a Dispatch alert with 2–3 concrete options (a/b/c) for Jason to reply from his phone. Don't halt the full run — skip and continue on steps that allow it; halt only on steps where proceeding would corrupt state.

What counts as a different method: different tool (MCP vs bash vs computer-use), different data source, different API endpoint, different import/export format, different architectural approach. Minor parameter variations on the same method do not count — that's iteration, not a method change.

Research First

Web Research Before Pivoting

Search Before Trying a New Approach on a Blocker

Before attempting attempt #2 or #3 on a technical blocker, run a web search to understand whether the approach is fundamentally blocked, what the known workarounds are, and whether others have hit the same wall. This prevents wasting attempts on paths the broader community already confirmed are dead ends.

Research source priority:

Official docs first: The software vendor's own documentation — support articles, release notes, known limitations. (Source: Quicken's own docs confirmed Mint CSV import always creates a new account.)
Stack Overflow / technical forums: For API errors, tool errors, code errors. Search the exact error string in quotes first.
Reddit (r/[tool], r/[platform]): For UI/UX blockers, integration quirks, and undocumented behavior. Often the fastest path to a real-world workaround.
GitHub Issues: For open-source tools and APIs — search closed issues for the error pattern. Frequently reveals that it's a known bug with a specific fix or version pin.
General web search: Fallback for anything not covered above. Use exact error strings in quotes for best results.

Lesson from the field: The Quicken QFX/OFX import blocker ran v1–v7 across two sessions before web research confirmed the block was a deliberate server-side gate. That research took 2 minutes. The 7 format iterations took hours. Research first would have ended at v2.

Post-Build

Self-Healing QA Step

Post-Build Pass That Finds AND Fixes — Not Just Flags

After any significant build, automation, or multi-step workflow, run a structured QA pass with one key difference from a standard audit: issues found during the pass are fixed immediately in the same session, not logged for later. The QA pass is not a report — it's a repair run.

Self-Healing QA Structure

Run complete task once

→

Operational QA (every check listed explicitly)

→

Security QA (permissions, credential storage, exposure)

Logic QA (edge cases, race conditions, state drift)

→

Fix each issue in-place as found

→

Document fixes with Issue IDs

Issue Type	Self-Heal Action	Example
File permissions too open	chmod in-place, add enforcement to task code	SQLite DB was world-readable → fixed to 600, chmod enforced on every run
Empty required directory	Create and populate immediately	Backups dir was empty → created initial backup during QA
Logic gap for edge case	Add handling to workflow before marking done	caffeinate not cleaned up on crash → added EXIT trap to task code
Untested path in production	Split into confirmed vs. unconfirmed with retry caps	Brokerage reconcile added without testing → split Phase A/B, Phase B gets 2 retries + Dispatch on failure
State drift between runs	Add idempotent enforcement step to daily workflow	ZBUSINESS NULL on new QCS rows → added Step 6e to set ZBUSINESS=1 on every run
App crash / corrupt state	Relaunch and verify recovery before continuing	Reconcile crash after ZTRANSACTION delete → Quicken self-heals on Relaunch; documented recovery path

Why in-place fixes matter: The Quicken QA pass found and fixed 8 issues in a single session — file permissions, logic gaps, timing problems, and untested paths. If those had been logged as "issues for later," most would never have been addressed. Self-healing QA closes the loop in the same session, before the system goes live or gets handed off.

Combined Blocker Protocol — Decision Tree

Attempt 1: First approach. If it fails, stop and research before attempt 2 — web search for the exact error, check docs, Reddit, Stack Overflow, GitHub Issues.
Attempt 2: New method informed by research. If it fails, re-evaluate whether the path is fundamentally blocked or just incorrectly executed.
Attempts 3–4: Two more materially different methods. Each must be a genuine architectural alternative, not a minor variation of what failed.
Attempt 5: Final attempt. If this fails, send Dispatch with 2–3 concrete options. Skip the step if the task allows it; halt only if proceeding would corrupt state or produce wrong output.
Post-build: After any significant build completes, run the self-healing QA pass. Find issues, fix them in-place, document with Issue IDs. Ship nothing that hasn't passed this pass.

Claude Desktop Performance Standards& Operating Techniques

Context Continuity System

_COWORK_HUB — Centralized Session Memory

Automated Context Update

Manual Context Sync

New Client Auto-Setup

Hub Folder Structure

CONTEXT.md Format — Locked 4-Field Structure, Under 300 Words

Claude API Prompt — Context Generation (Zap Step 6)

Operating Rules — Live Rule File

Core Behavioral Rules

Subagent Model Routing

Dispatch — Unattended Communication Protocol

CLAUDE.md File Architecture

Cowork Settings (Personal Profile)

Cloudflare Rule Worker

Per-Folder CLAUDE.md

_COWORK_HUB / claude.md

Session Auto-Loading Sequence (Every Session Open)

HTML-First Deliverable System

Speed & Iteration Advantage

Format Lock Kills Velocity

Internal vs. External Destinations

HTML → Cloudflare Worker Publish Flow

What Goes Where

Cloudflare Workers — Setup & Usage Guide

Serverless Edge Platform

Live Report URLs

How to Sign Up

Pricing (April 2026)

Minimal Worker Script — HTML Report

Deploy Commands

Naming Convention

What Cloudflare Workers Can Do (Beyond Report Delivery)

Skill System — Encoded Workflows

Skill Folder Anatomy (Sperry Campaign Report — Production Example)

Sunday Automation Workflow (Fully Unattended)

QA & Friction Log Methodology

Automation Friction Logging

Issue-ID Audit with Prescribed Fixes

QA Severity Framework

Math Corrections Log — Standard Trap List (13 Documented)

Security Scans & Containment Audits

5 Audit Dimensions — System Containment Framework

Connectors & MCPs — Full Inventory

Output & Brand Standards

Output Format Decision Tree

BOSSTORQUE Brand Standards — All Deliverables

Blocker Protocol & Self-Healing

5 Attempts Max — Each Must Use a Different Method

Search Before Trying a New Approach on a Blocker

Research source priority:

Post-Build Pass That Finds AND Fixes — Not Just Flags

Self-Healing QA Structure

Combined Blocker Protocol — Decision Tree

Claude Desktop Performance Standards
& Operating Techniques