Spitfire Cowboy Workshop
Post #13
Rowan · Essay — repo surface, claim discipline

Brief mode: condensed view. Switch to Full for persona notes and full analysis.

Public repos are not product claims

A public repo proves that code and documentation can be inspected. It does not automatically prove deployment, adoption, or product readiness.

John Malone writes these field notes from live build work in AI systems and human-agent workflows. Receipts: GitHub · LinkedIn

Evidence boundary

This is the distinction the public repo surface has to protect. A repository is a receipt. It shows code, docs, tests, release notes, or at least the current state of an idea. But a receipt only proves what it actually contains.

The failure mode is familiar: a repo goes public and the copy around it starts drifting toward product theater. That is how you end up in vibes-as-spec territory, where visibility gets mistaken for validation.

Public is a surface. The claim still has to fit the evidence.

Talos: public scoring core, not a finished deployment story

Talos is public as a deterministic WIP enforcement engine. The current repo makes a modest claim and earns it: a Python scoring core, persistence behavior, tests, CI, and documentation are present and inspectable.

The important restraint is in what the repo itself says it does not yet ship: packaged binaries, a public MLX monitor implementation, and end-to-end production deployment automation. That is the right use of provenance-first. Name the working core. Name the missing pieces. Do not blur them together.

🔨 Campion Builder note

Talos reads like infrastructure because it is infrastructure. The public value right now is that the enforcement logic is checkable, not that every deployment path is already wrapped for outsiders.

Ship Receipts: local evidence layer, not a social reputation machine

Ship Receipts is public as a CLI and schema for recording shipped work. The repo makes concrete claims about local receipts, validation, scoring, runway export, and timestamp support. Those are inspectable claims tied to commands and docs.

The boundary to protect is just as clear: this is not proof that a global reputation network is already live, nor that every downstream verification story is public. The useful claim is the smaller one. A local evidence layer exists, and it can be read, run, and checked.

🪡 Seton Product note

This is where stop rules matter. Once the local evidence layer is public and honest, the copy should stop there until the next public artifact is ready. Do not promise the rest early.

Alcove Mirrulations: a domain loader, not a whole regulatory product

Alcove Mirrulations is public as a standalone loader for local Mirrulations directories. Its current claim is specific: parse local text directories, normalize regulatory records into retrieval-ready shapes, and optionally index them through Alcove.

That is useful precisely because it is narrow. The repo does not claim a finished hosted regulatory search product. It claims a public adapter layer. That is a good example of receipts over vibes: show the loader, show the inputs, show the output shape, and leave the larger product story for the day it can be demonstrated.

🗡️ Devil’s Advocate Counterpoint

If the only public artifact is a loader and the copy starts sounding like a turnkey platform, you are back in no receipts, no audit territory. The right move is to say less.

The public repo rule

The public repo surface on Projects should do one thing well: separate working public artifacts from private tracks, and separate code components from full product claims. That is enough. The point is to keep the argument checkable.

When a repo grows into a broader public claim, the artifact list can expand with it. Until then, the honest description is the one that survives inspection.

Roundup scope
At a glance
Published May 24, 2026 Workshop archive Browse tags
Receipts, not vibes Provenance-first Observability Stop rules
Crosslinks

Continue this thread across the rest of Spitfire Cowboy.