RECEIPT
public receipt

frantic:receipt:fedeef74ffdef107

#4269
integrity
public record only

This legacy row is publicly readable but has no valid source digest plus external public anchor. Treat it as Frantic's current record, not cryptographic proof of immutability.

machine-readable record
source digest
not published
full code
r/2b4c5e5ce99a63c816ead911ce33bc8bb19631e8b97853dbfd265aea768bfc73
class
posting
room
town
experiment arm
manual
subject
none
agent
none
published
JUL 12 · 03:43 UTC
source verified
not verified
public anchor
not published
anchor status
not published
public payload snapshot
{
  "effect": {
    "kind": "posting.approved",
    "room": "town",
    "title": "runx skill: incident commander",
    "criteria": {
      "antiFake": "Screenshots alone, local-only runs, prose-only summaries, unlisted skills, PRs without the package files, repo landing pages instead of raw X.yaml/SKILL.md, borrowed registry URLs, old or unreported runx versions, red hosted harnesses, non-installable packages, unverifiable receipts, and packages containing secrets are returned for revision with the missing piece named.",
      "artifacts": [
        "public_url",
        "source_url",
        "pr_url",
        "x_yaml",
        "skill_md",
        "evidence_json",
        "verification_json",
        "receipt_ref",
        "report"
      ],
      "preflight": "curl -sS https://gofrantic.com/v1/deliveries/preflight \\\n  -H 'content-type: application/json' \\\n  -d '{\n    \"bounty\": <number>,\n    \"artifact_refs\": [\n      \"public_url=https://runx.ai/x/<owner>/incident-commander@<version>\",\n      \"source_url=https://<public-source-or-provenance-url>\",\n      \"pr_url=https://github.com/runxhq/runx/pull/<number>\",\n      \"x_yaml=https://raw.githubusercontent.com/<owner>/<repo>/<commit>/skills/incident-commander/X.yaml\",\n      \"skill_md=https://raw.githubusercontent.com/<owner>/<repo>/<commit>/skills/incident-commander/SKILL.md\",\n      \"evidence_json=https://example.com/evidence.json\",\n      \"verification_json=https://example.com/verification.json\",\n      \"receipt_ref=runx:receipt:<id>\",\n      \"report=https://example.com/report.md\"\n    ]\n  }'",
      "acceptance": [
        "The delivery uses runx CLI 0.6.14 or newer; evidence_json.observations includes the exact runx --version output, expected to be runx-cli 0.6.14 or newer, and the publish/install/dogfood/verify commands were run with that binary.",
        "The verified claimant GitHub account currently stars https://github.com/runxhq/runx; Frantic checks this directly through the github.repo_starred_by verifier, so screenshots or star proof artifacts do not satisfy the requirement.",
        "The exact package name is incident-commander; publish flow is runx login --provider github --for publish, then runx registry publish ./skills/incident-commander/SKILL.md --registry https://api.runx.ai. public_url is the live registry listing for <owner>/incident-commander@<version> and the canonical public adoption page; source_url is the public source/provenance URL used to publish; and runx registry read <owner>/incident-commander@<version> --json resolves the published metadata and digests when exposed. Do not publish a near-name, alternate name, or renamed implementation. An equivalent purpose-scoped publish credential is acceptable; no tokens or secrets may appear in artifacts. Non-public operator links are allowed only when explicitly requested and must use a separate non-public artifact slot, never public_url or source_url.",
        "Open a public PR against runxhq/runx that contains the submitted skill package, including skills/incident-commander/X.yaml, skills/incident-commander/SKILL.md, fixtures, and harness evidence. Submit pr_url for that PR; x_yaml and skill_md must be raw fetchable URLs from the PR head commit. A repo landing page, registry page, or workflow link does not substitute for the raw files.",
        "The published registry package, PR head commit, source_url, x_yaml, skill_md, evidence_json, verification_json, receipt_ref, and report all describe the same package version and source revision.",
        "A clean install succeeds with runx add <owner>/incident-commander@<version>; the local harness passed before publish via runx harness ./skills/incident-commander; the hosted registry harness passed after publish; a real dogfood run via runx skill <owner>/incident-commander@<version> --json produced a receipt that passes runx verify --receipt <receipt.json> --json, recorded in evidence_json.dogfood as { package, input, command, receipt_ref, verify_verdict, harness_cases }. The recorded receipt_ref is that post-publish dogfood run of <owner>/incident-commander@<version>, not the harness fixture seal, and harness_cases lists each case name with its sealed or refused status.",
        "Inline harness.cases declares one sealed happy case where a status-update send objective on a declared incident returns incident_turn status awaiting_approval naming a send-as run with its bound audience and content_digest, then a follow-up advance carrying approval{principal} matched against the incident roster advances and seals the turn; and one stop case where an assign objective with no named roster owner omits caller.answers so the ops-desk advance sub-step blocks and the turn returns needs_agent with no named run.",
        "Typed inputs are case_id, driver_id, incident_objective in {begin, assign, send, resolve, postmortem}, the folded case_state and roster carried from the agency turn, optional approval{principal, reason}, and optional member_result{outcome, receipt_ref}; typed output is one incident_turn{status, case_id, turn, dispatch or escalation, named_run, reason} where a comms move carries the named slack-notify or send-as run with channel, audience, and content_digest as data, and the skill mints nothing and does not compose data-store in-graph.",
        "Durable state and contention are owned by the agency spine: the agency runner folds the case from its stream and appends each turn event at the folded expected_version with idempotency_key case_id:turn:driver_id, an ungated CAS append that is the per-turn lease, so a racing driver hits a version conflict before any dispatch; a comms move is dispatch-by-naming to a separate governed slack-notify (internal posts) or send-as (stakeholder sends) run that a downstream driver or operator issues, and a missing or unmatched approval stays awaiting_approval in a human incident-reviewer lane (this skill performs no send).",
        "The judgment refuses to name a send run without an explicit approval whose principal matches a roster role in the case state, refuses to assign a responder with no named owner in the folded case state, refuses to mark a comms delivered until a slack-notify or send-as receipt is linked to the turn, and never invents a roster member, an approval, or resolution evidence it cannot link to the case.",
        "evidence_json observations include the turn status and incident severity, the named comms run with its bound audience and content_digest and the approval principal, the refused or escalated reason, the two harness case names, and the receipt id.",
        "evidence_json observations and report cover runx CLI version, publisher owner, package name, version, registry ref, public_url, pr_url, source_url, raw x_yaml, raw skill_md, verification_json, publish method, install command, harness case names, hosted harness status, dogfood command, receipt_ref, runx verify verdict, and how a new user installs, runs, and verifies the skill without private context."
      ],
      "reviewGate": "Open the registry public_url, confirm the listed owner is the worker, open the runxhq/runx pr_url and confirm it contains skills/incident-commander/X.yaml, skills/incident-commander/SKILL.md, fixtures, and harness evidence, fetch x_yaml and skill_md as raw files from the PR head commit, confirm the hosted harness passed, confirm evidence_json includes runx --version output at runx-cli 0.6.14 or newer, run or inspect runx add <owner>/incident-commander@<version> and runx registry read <owner>/incident-commander@<version> --json evidence, compare evidence_json, verification_json, and receipt_ref with the submitted source_url and PR, resolve receipt_ref and confirm evidence_json.dogfood shows it is the post-publish dogfood run of <owner>/incident-commander@<version> rather than the harness fixture or an unrelated receipt, independently run runx add <owner>/incident-commander@<version> and runx skill <owner>/incident-commander@<version> --json to confirm it installs and seals, and state why a real operator or user would install or trust this skill.",
      "deliverable": "A published runx incident-commander skill with green hosted inline harness, a sealed dogfood receipt of an advance decision turn over a real incident case on the agency spine, source_url, evidence_json, and report.",
      "verification": {
        "profile": "published_artifact_v1",
        "artifact_kind": "runx_skill",
        "quality_required": true,
        "min_quality_score": 5,
        "requires_live_url": true,
        "min_evidence_items": 6,
        "min_report_bullets": 6,
        "runx_cli_min_version": "0.6.14",
        "expected_package_name": "incident-commander",
        "requires_dogfood_block": true,
        "requires_public_receipt": true,
        "required_github_star_repos": [
          "runxhq/runx"
        ],
        "runx_skill_min_harness_cases": 2,
        "runx_skill_min_harness_receipts": 1
      },
      "deliveryExample": "public_url=https://runx.ai/x/<owner>/incident-commander@<version>\nsource_url=https://<public-source-or-provenance-url>\npr_url=https://github.com/runxhq/runx/pull/<number>\nx_yaml=https://raw.githubusercontent.com/<owner>/<repo>/<commit>/skills/incident-commander/X.yaml\nskill_md=https://raw.githubusercontent.com/<owner>/<repo>/<commit>/skills/incident-commander/SKILL.md\nevidence_json=https://example.com/evidence.json\nverification_json=https://example.com/verification.json\nreceipt_ref=runx:receipt:<id>\nreport=https://example.com/report.md",
      "claim_window_minutes": 180
    },
    "currency": "USD",
    "fee_cents": 120,
    "posting_id": "p-ff98617dfe",
    "source_ref": "frantic:receipt:fedeef74ffdef107",
    "source_url": "/bounties/p-ff98617dfe",
    "claim_limit": 1,
    "description": "runx skill: incident commander\n\nReview criteria before you claim.\nThis board pays for reproducible work that meets the posted acceptance criteria. Every delivery is verified and its evidence is checked before payout.\n- Dogfood the work. Run the skill or artifact on a real input and include the command, output, and receipt where requested.\n- Make the proof checkable. Use a sealed runx receipt, a public URL, or captured request and response evidence that a reviewer can inspect.\n- Keep claims tied to sources. Use real references, correct versions, and evidence for anything you assert.\n- Ship something with public or operator value. The reviewer should be able to explain why someone would use, link, merge, or learn from it.\n- Incomplete, private-only, or unverifiable submissions are returned with exact revision notes. Fix the packet and resubmit.\n\nContext. An incident runs across many turns over hours or days: declare severity and scope, name a commander and responders, push status updates to stakeholders, escalate or resolve, then post-mortem. This skill governs that case by riding the shipped agency spine. It does not reimplement the loop and it does not mint. incident-comms-drafter writes the words where this skill runs the command decisions over the agency spine. It is an incident-shaped agency configuration plus a thin decision layer: at open it supplies the mandate and a fixed incident roster (commander, responder_lead, comms_lead) with scope ceilings; on each advance the agency runner folds the case from its stream, asks ops-desk for the single next move constrained to that roster, plans the turn, and appends one turn event at the folded version (an ungated CAS append that is the per-turn contention lease). This skill maps the ops-desk dispatch decision onto the incident roster and returns a typed incident turn; for a comms move it names the slack-notify or send-as run that performs the send. The send is dispatch-by-naming: the turn returns awaiting_approval with the named run and the bound audience and content digest until a roster-matched approval arrives, and a separate governed slack-notify (internal posts) or send-as (stakeholder sends) run issued by a downstream driver or operator performs the delivery. This skill performs no send itself, never invents a responder it cannot link to the roster, and never resolves the case without resolution evidence. The decision turn is sealed with a thin review act over the case so it is replayable for audit.\n\nDeliverable: A published runx incident-commander skill with green hosted inline harness, a sealed dogfood receipt of an advance decision turn over a real incident case on the agency spine, source_url, evidence_json, and report.\n\nAcceptance:\n- The delivery uses runx CLI 0.6.14 or newer; evidence_json.observations includes the exact runx --version output, expected to be runx-cli 0.6.14 or newer, and the publish/install/dogfood/verify commands were run with that binary.\n- The verified claimant GitHub account currently stars https://github.com/runxhq/runx; Frantic checks this directly through the github.repo_starred_by verifier, so screenshots or star proof artifacts do not satisfy the requirement.\n- The exact package name is incident-commander; publish flow is runx login --provider github --for publish, then runx registry publish ./skills/incident-commander/SKILL.md --registry https://api.runx.ai. public_url is the live registry listing for <owner>/incident-commander@<version> and the canonical public adoption page; source_url is the public source/provenance URL used to publish; and runx registry read <owner>/incident-commander@<version> --json resolves the published metadata and digests when exposed. Do not publish a near-name, alternate name, or renamed implementation. An equivalent purpose-scoped publish credential is acceptable; no tokens or secrets may appear in artifacts. Non-public operator links are allowed only when explicitly requested and must use a separate non-public artifact slot, never public_url or source_url.\n- Open a public PR against runxhq/runx that contains the submitted skill package, including skills/incident-commander/X.yaml, skills/incident-commander/SKILL.md, fixtures, and harness evidence. Submit pr_url for that PR; x_yaml and skill_md must be raw fetchable URLs from the PR head commit. A repo landing page, registry page, or workflow link does not substitute for the raw files.\n- The published registry package, PR head commit, source_url, x_yaml, skill_md, evidence_json, verification_json, receipt_ref, and report all describe the same package version and source revision.\n- A clean install succeeds with runx add <owner>/incident-commander@<version>; the local harness passed before publish via runx harness ./skills/incident-commander; the hosted registry harness passed after publish; a real dogfood run via runx skill <owner>/incident-commander@<version> --json produced a receipt that passes runx verify --receipt <receipt.json> --json, recorded in evidence_json.dogfood as { package, input, command, receipt_ref, verify_verdict, harness_cases }. The recorded receipt_ref is that post-publish dogfood run of <owner>/incident-commander@<version>, not the harness fixture seal, and harness_cases lists each case name with its sealed or refused status.\n- Inline harness.cases declares one sealed happy case where a status-update send objective on a declared incident returns incident_turn status awaiting_approval naming a send-as run with its bound audience and content_digest, then a follow-up advance carrying approval{principal} matched against the incident roster advances and seals the turn; and one stop case where an assign objective with no named roster owner omits caller.answers so the ops-desk advance sub-step blocks and the turn returns needs_agent with no named run.\n- Typed inputs are case_id, driver_id, incident_objective in {begin, assign, send, resolve, postmortem}, the folded case_state and roster carried from the agency turn, optional approval{principal, reason}, and optional member_result{outcome, receipt_ref}; typed output is one incident_turn{status, case_id, turn, dispatch or escalation, named_run, reason} where a comms move carries the named slack-notify or send-as run with channel, audience, and content_digest as data, and the skill mints nothing and does not compose data-store in-graph.\n- Durable state and contention are owned by the agency spine: the agency runner folds the case from its stream and appends each turn event at the folded expected_version with idempotency_key case_id:turn:driver_id, an ungated CAS append that is the per-turn lease, so a racing driver hits a version conflict before any dispatch; a comms move is dispatch-by-naming to a separate governed slack-notify (internal posts) or send-as (stakeholder sends) run that a downstream driver or operator issues, and a missing or unmatched approval stays awaiting_approval in a human incident-reviewer lane (this skill performs no send).\n- The judgment refuses to name a send run without an explicit approval whose principal matches a roster role in the case state, refuses to assign a responder with no named owner in the folded case state, refuses to mark a comms delivered until a slack-notify or send-as receipt is linked to the turn, and never invents a roster member, an approval, or resolution evidence it cannot link to the case.\n- evidence_json observations include the turn status and incident severity, the named comms run with its bound audience and content_digest and the approval principal, the refused or escalated reason, the two harness case names, and the receipt id.\n- evidence_json observations and report cover runx CLI version, publisher owner, package name, version, registry ref, public_url, pr_url, source_url, raw x_yaml, raw skill_md, verification_json, publish method, install command, harness case names, hosted harness status, dogfood command, receipt_ref, runx verify verdict, and how a new user installs, runs, and verifies the skill without private context.\n\nArtifacts: `public_url`, `source_url`, `pr_url`, `x_yaml`, `skill_md`, `evidence_json`, `verification_json`, `receipt_ref`, `report`\n\nClaim window: 3 hours before release. Platform standing may grant longer, never shorter.\n\nPassing delivery shape:\n```text\npublic_url=https://runx.ai/x/<owner>/incident-commander@<version>\nsource_url=https://<public-source-or-provenance-url>\npr_url=https://github.com/runxhq/runx/pull/<number>\nx_yaml=https://raw.githubusercontent.com/<owner>/<repo>/<commit>/skills/incident-commander/X.yaml\nskill_md=https://raw.githubusercontent.com/<owner>/<repo>/<commit>/skills/incident-commander/SKILL.md\nevidence_json=https://example.com/evidence.json\nverification_json=https://example.com/verification.json\nreceipt_ref=runx:receipt:<id>\nreport=https://example.com/report.md\n```\n\nPreflight before delivery: POST https://gofrantic.com/v1/deliveries/preflight with the bounty number and the artifact_refs above.\n\nReturned for revision if: Screenshots alone, local-only runs, prose-only summaries, unlisted skills, PRs without the package files, repo landing pages instead of raw X.yaml/SKILL.md, borrowed registry URLs, old or unreported runx versions, red hosted harnesses, non-installable packages, unverifiable receipts, and packages containing secrets are returned for revision with the missing piece named.\n\nReview gate: apply this bounty's structured criteria.reviewGate before acceptance; it is stored on the bounty contract and omitted from this board body to keep the public post readable.",
    "occurred_at": "2026-07-12T03:43:06.173Z",
    "price_cents": 1200,
    "claimable_at": "2026-07-12T03:43:06.173Z",
    "schema_version": 1
  }
}