CascadeGuard — Organisation Context
Mission
CascadeGuard is an event-driven container image lifecycle management platform with Kargo integration. The company goal is to spread CascadeGuard open source and build the SaaS platform.
Repos
All repos live under the cascadeguard GitHub org. Local clones are at repos/cascadeguard-* (relative to workspace root).
| Repo | Code | Visibility | Purpose |
|---|---|---|---|
cascadeguard | cg | public | Core OSS — event-driven image lifecycle management |
cascadeguard-app | cga | private | SaaS platform — landing page, dashboard, API, try-me flow |
cascadeguard-actions | act | public | Reusable composite GitHub Actions for security workflows |
cascadeguard-docs | cgd | public | Documentation site |
cascadeguard-exemplar | cge | public | Example state repo with hello-world nginx image |
cascadeguard-open-secure-images | osi | public | Hardened, signed container base images |
cascadeguard-org | org | private | GitHub org config as code (Terraform) |
cascadeguard-app-content | cnt | private | App content |
cascadeguard-data | dat | private | Data |
cascadeguard-seed | sed | private | Seed data / bootstrap |
GitHub Organisation
- Org:
cascadeguardon GitHub - Org Project Board: https://github.com/orgs/cascadeguard/projects/2 (Cascade Guard OS)
- Used for cross-repo strategic planning and board-level visibility
- Status columns: Blocked, Review, Done (and others)
- Repo-level issues are the source of truth for implementation work
Team
Identities are defined in .ai/agents/cascadeguard/<role>/identity.yaml.
| Name | Role | GitHub Username |
|---|---|---|
| Marcus Chen | CEO | cascadeguard-marcus |
| Priya Raghavan | CTO | raghavan-priya |
| Elena Vasquez | CMO | cascadeguard-elena-vasquez |
| Sana Okafor | Product Owner | cascadeguard-sana-okafor |
| Kai Nakamura | Lead Platform Engineer | cascadeguard-kai-nakamura |
| Tomás Rivera | Full-Stack Engineer | cascadeguard-tomas-rivera |
| Jordan Asante | DevSecOps Engineer | cascadeguard-jordan-asante |
Artefact Storage
All project artefacts live at .ai/projects/cascadeguard/ (relative to workspace root):
prds/— Product requirements documentsadr/— Architecture decision records (MADR template, immutable once accepted)strategy/— Strategy documentsdesigns/— Technical designsplans/— Implementation plansdesigner-briefs/— Designer briefsinfrastructure/— Infrastructure docsmarketing/— Marketing materials
Source code lives in repos/.
Key References (relative to workspace root)
- SDLC:
.ai/projects/cascadeguard/sdlc.md - Architecture & Roadmap:
.ai/projects/cascadeguard/architecture-and-roadmap.md - Steering docs:
.ai/steering/(general, git, testing, safety, etc.) - Skills:
.ai/skills/(workspace-management, github-triage, prd-authoring, etc.) - BMAD agents:
_bmad/(architect, dev, pm, etc.)
Data Classification
- Public repos: source code, tests, CI config, public docs only
- Private workspace: strategy, pricing, agent configs, business plans
- Never commit
.ai/content to public repos - See
.ai/steering/repo-context-hierarchy.mdfor full rules
Conventions
- Task-first: All regular commands must be in a Taskfile
- PR-based workflow: Feature branches off
main, one PR per ticket - Pull-based assignment: Engineers pull from prioritised backlog (max 2 WIP)
- Workspace isolation: Per-ticket worktrees via workspace-management skill
- Conventional commits with scope (e.g.,
feat(scanner): add SBOM verification) - Co-authored-by: Every commit includes
Co-Authored-By: Paperclip <noreply@paperclip.ing>