MemberIntel, page by page.

The V1 advisor-only spec for MemberPress operators: two-tier brain architecture, Free/Pro pricing model, and a data-flywheel moat built from product mechanics rather than pre-existing proprietary data.

V1.5 extends MemberIntel with AI write-actions via the MemberPress MCP and a 5-minute 'Set up FOR ME' greenfield wizard backed by a 14-day Pro trial.

V2 expands MemberIntel to BuddyBoss customers via a sister-company partnership — a low-engineering-risk cross-platform proof point since BB Memberships runs on MemberPress under the hood.

Covers GCP vs Heroku vs DigitalOcean for hosting, then deep-dives per-tenant isolation strategy using shared-schema RLS as the V1 foundation.

Details the three failure modes of the cross-pollination pipeline — re-identification, tenant leakage, and opt-out bypass — and the architectural mitigations for each, including k-anonymity floors, three-role isolation, and GCP project structure.

Defines the three separate promotion pipelines — code, Terraform, and database migrations — with GitHub Actions, Workload Identity Federation, manual prod gates, and the eval suite as a release-blocking check.

Describes the three-destination telemetry model — Cloud Logging for debugging, BigQuery for business analytics, locked-down BigQuery for audit — plus domain-specific metrics, on-call structure, and pre-written runbooks for the five highest-stakes failure modes.

Defines the four-layer cost-control stack — rate limiting, entitlement service, per-call token budgets, and continuous spend monitoring — with Redis-backed quota counters, server-side model routing enforcement, and a global daily circuit breaker.

Covers the three signup paths converging into a unified user model, per-license MP OAuth signing keys, customer-OAuth-only Stripe (no Connect), Argon2id passwords with server-side sessions, account merge prevention, and the V1.5 trial state machine.

Defines the three separate sync pipelines — MP (queue-based with per-customer concurrency controls), Stripe (webhooks for Pro, polling for Free), and site analysis (weekly-cached Claude calls) — with shared convergence layer and a platform-agnostic canonical schema designed for V2 expansion.

Defines five distinct secret categories with separate lifecycles, a layered KMS key hierarchy per environment, Secret Manager naming conventions with path-prefix IAM, 5-minute TTL caching, and the hard rule that no human ever reads a production secret.

Treats the eval suite as versioned release-gate infrastructure rather than ad-hoc tests, with 150 structured scenarios across seven categories, a judge-model scoring layer, CI integration, a differentiation subset that proves advantage over baseline LLMs, and a production thumbs-down feedback loop.

Honestly assesses which SPEC risks the architecture handles well, which remain genuinely fragile (differentiation, content lead bottleneck), and names four risks the SPEC never flags — Anthropic dependency, ops time underbudget, per-customer brain as liability, and compliance as a moving target.

Phase-by-phase sequencing of all architectural commitments against the actual team ramp, surfacing five friction points where the phased plan and architectural reality diverge — content lead timing, Phase 2 scope calibration, differentiation eval ship date, privacy counsel engagement depth, and infra engineer hiring window.

A 6-phase team ramp plan growing from 2 people in May to 7+ at launch, with hard milestone gates controlling when each new team member joins MemberIntel full-time.

Rev 2 of the team ramp plan, updated after May architecture sessions: adds a dedicated brain-content lead recommendation, recalibrates Phase 2 milestone language for honesty, and moves the differentiation eval to a Phase 3 gate item.

ADR-0001 (Accepted, 2026-05-08): Entitlement service shape.

ADR-0002 (Accepted, 2026-05-08): Model routing single source of truth.

ADR-0003 (Accepted (resolves SPEC Open Q9), 2026-05-08): pgvector for V1, tenant_id as partition key.

ADR-0004 (Accepted (resolves SPEC Open Q8), 2026-05-08): GCP — Cloud Run + Cloud SQL + Secret Manager.

ADR-0005 (Accepted (with explicit accepted risk), 2026-05-08): Anthropic SDK direct, mitigation seam at llm.call.

ADR-0006 (Accepted, 2026-05-12): Hive Mind as Brain Seed Source.

ADR-0007 (Accepted, 2026-05-12): Auth via JWT + Google OAuth + AI Foundation PKCE.

ADR-0008 (Accepted, 2026-05-12): Voyage voyage-3-lite for Embeddings.

ADR-0009 (Accepted, 2026-05-14): CI/CD Pipeline — GitHub Actions with Workload Identity Federation.

ADR-0010 (Accepted, 2026-05-14): Observability — Cloud Logging + OpenTelemetry + BigQuery.

ADR-0011 (Accepted, 2026-05-14): Secrets Management — Secret Manager + KMS + Path-Prefixed Naming.

ADR-0012 (Proposed (resolves SPEC Open Q4; Ally Roger sign-off pending per Phase 1 friction-points doc), 2026-05-14): Stripe Integration — Customer-OAuth-Only in V1.

ADR-0013 (Proposed (V1 ships with single project; four-project structure targeted for V1.5), 2026-05-14): GCP Project Structure — Project-per-Environment + Shared Tooling.

ADR-0014 (Proposed (pending privacy counsel review by Allen), 2026-05-14): Cross-Pollination Security Boundary — Three-Roles Model.

ADR-0015 (Accepted (deployed 2026-05-15), 2026-05-15): Customer Brain — Four-Document Architecture (SOUL, BIBLE, HEARTBEAT, MEMORY).

ADR-0016 (Accepted (deployed 2026-05-15), 2026-05-15): Brain Mutation via Anthropic Tool Calls (`update_customer_brain`).

ADR-0017 (Accepted (V1 plugin shipped 2026-05-14; sync service deployed 2026-05-15), 2026-05-15): MemberIntel Connect — WordPress Plugin as the Data-Sync Source.

ADR-0018 (Accepted (deployed 2026-05-15), 2026-05-15): Brain Memory Limits and Content Sanitization Policy.

ADR-0025 (Proposed, 2026-06-01): Tier-to-model assignment — Haiku for Free, Sonnet for Pro.

Plain-language descriptions of MemberIntel for different audiences — a one-liner, an elevator paragraph, and riffs tuned to designers, engineers, friendly outsiders, and curious customers. Use when explaining the project to someone new in under a minute.

The whole product on one page — what it is, how it's priced, what V1/V1.5/V2 ship, where the moat is, and what's deliberately out of scope. Written for Blair and Santiago to read in two minutes; everything else in the KB is the long-form backup.

What shipped in V1: site data sync, chat improvements, customer brain spec. What's next: per-customer brain implementation.

A companion one-pager surfacing seven decisions where the May architectural commitments conflict with the v1 phased plan. All 7 decisions resolved in the Blair × Seth working session on 2026-05-11 (see /meeting-2026-05-11-blair); resolution summary at the top of this page.

Strategic prep document for Blair before the friction-points working session: three decisions that need real deliberation (brain content lead hire, differentiation eval cadence, infra-leaning hire on V1.5 roadmap), four confirmation items, predictable team disagreements, what to watch for in the meeting, and the asymmetric May-12 deadline on item 1.

One-sheet of everything currently waiting on a call from Blair as of 2026-05-20 — pricing first (launch packaging trio, Free-tier dial defaults, token budgets), then hiring, naming, architecture sign-offs (ADR-0006), privacy (Allen's late-May review), and operational items. Two hard near-term deadlines: May 22 for the Free-tier circuit-breaker rubric and ADR-0006 signature.

PREP doc for the 2026-05-11 meeting. The actual outcomes are at /meeting-2026-05-11-blair. References to 'Product Lead' below are historical — the role was retired in this session; Santiago absorbed the duties.

Full decision log from the Blair × Seth working session on 2026-05-11: friction-points resolutions, team structure changes (Product Lead retired → Santiago expanded; Russ added as Lead Designer), free-tier LLM strategy (the 2026-05-11 decision pointed to a local Ollama-class model; superseded 2026-05-20 — Free now ships on Anthropic Haiku, see the addendum at the top of the page), GCP hosting confirmed, 14-day Pro trial for existing MP members, domain registrations, action items.

AI Engineer persona's feasibility review of V1 unit economics: architecture as specified can hit $1.07 Free / $10.75 Pro targets if input-token ceilings are pinned, model routing is typed from the entitlement service, retrieval is pre-budgeted, and site analysis stays weekly-cached. The scariest finding is that Free breaks even AT the SPEC's floor conversion target — a Blair conversation about circuit-breaker authority, not an architecture fix.

A binding contract defining who owns which decisions across engineering, product, compliance, and GTM — keeping Seth and Santiago unblocked as peers without escalating every disagreement to Blair. Updated 2026-05-11 to retire the dedicated Product Lead role (Santiago absorbed the duties) and add Russ as Lead Designer.

A 90-minute fixed-agenda template for quarterly architectural health reviews — covering differentiation gap, cost-per-cohort, reliability, cross-pollination health, compliance posture, and a standing 'one thing that worried me' round — starting Q4 2026 post-GA.

Cover letter from Seth and Santiago to Allen, MemberIntel's privacy counsel, introducing the privacy strategy memo and the late-May architecture review agenda. Sent ~5 business days before the session to give Allen context for the pre-read package.

Privacy strategy memo for Allen (Blair's privacy counsel) ahead of the late-May architecture review. Identifies the structural problem (the architecture treats member data as operator data throughout) and proposes seven preconditions before ToS drafting — four code-layer architectural preconditions and three policy items. Drafted 2026-05-12 through a Brandeis-counsel reasoning pass, McPhee-prose rewrite, panel review (Lessig + Sunstein + Rawls), and a Lessig/Rawls debate on permanent exclusion.

A 4-hour late-May working agenda for outside privacy counsel to review MemberIntel's per-tenant isolation, cross-pollination boundary, secrets management, and data lifecycle decisions — grounding counsel's June ToS and Privacy Policy drafting in the actual architecture.

Living index of design artifacts for MemberIntel: the current Claude mockup, the Figma source-of-truth as it lands, and the visual-system conventions documented in docs/design/MemberIntel/CLAUDE.md.

Feature-parity analysis of TripleWhale (Moby 2) and Northbeam against MemberIntel V1, with gap priorities for V1.5/V2 planning.

Seth's operational working checklist for May 2026 — organized week-by-week with ADR drafts, GCP scaffolding, schema design, RLS prototype, hiring pipeline, and cross-functional coordination tasks required to unlock Phase 2 on June 1.

Phase 1 operational working checklist for May 2026 — week-by-week milestones, PRD authoring, customer discovery, privacy counsel engagement, beta program scaffolding, cross-functional kickoffs, and the Phase 1 milestone gate criteria required to kick off Phase 2 on June 1. Originally authored for the Product Lead role; that role was retired 2026-05-11 and the checklist now belongs to Santiago (Product + Project Lead).

Pointer to the V1 product runbooks (deploy, auth, customer brain, incident response) that live in the memberintel repo — bus-factor coverage for whoever takes over V1 operations.

External recruiting copy for the Senior AI Engineer hire — production LLM systems experience required, cost-discipline-as-engineering-surface posture, no LangChain. 30-min CEO screen → 60-90 min technical with Seth → paid week-long trial → offer in ~2-3 weeks.

Seth Shoultes's Lead Architect role definition: end-to-end technical ownership of the brain, data pipeline, AI/ML architecture, engineering team, and vendor decisions for MemberIntel.

Blair Williams's CEO role definition for MemberIntel: product owner, final decision-maker on strategy, pricing, and architecture material choices, executive sponsor across the company.

Ronald Reymundo's Backend / Platform Engineer role definition: MemberPress MCP integration, data sync, WordPress-side platform code, interim code-quality enforcement, and the V2 BuddyBoss integration surface. Reports to Seth Shoultes.

Sam's Brain Content Lead role definition: authors the curated global brain, reviews cross-pollinated entries, operationalizes the voice/style guide, runs the content-side brain audits, and enforces sensitive-vertical exclusions. Reports to Santiago Perez Asis.

Senior AI Engineer role definition: owns the AI substrate end-to-end (inference pipeline, retrieval, prompt versioning, eval suite, cost discipline, feedback loop) under Seth's architectural direction. Reports to Seth Shoultes. Hire pending — target close mid-June 2026.

RETIRED 2026-05-11. The dedicated Product Lead role was not backfilled after Cindy's departure; responsibilities folded into Santiago's expanded mandate. Retained as a historical reference for the duties Santiago now owns. See /santiago-jd for the current operational definition.

Santiago Perez Asis's role definition: Product + Project Lead for MemberIntel — PRD ownership, sprint cadence, dependency tracking, risk register, L10 scorecard, beta program design, support enablement, and cross-functional coordination. Reports to Blair.

Lead Designer role definition: owns the visual system, end-to-end product UX, and design-to-engineering hand-off for MemberIntel. Reports to Blair Williams. Decided 2026-05-11 in the Blair × Seth working session — initially part-time / contract through Phase 1 with potential move to full-time as product surfaces solidify.

One commit in the window: the automated standup bot posted the 2026-06-08 entry (`b94e0c2`).

Nothing shipped in the last 48 hours beyond the standup bot's own commits.

# MemberIntel Weekly Digest — 2026-06-01 → 2026-06-07 One major feature shipped end-to-end in a single day, two security/compliance items closed, and a tooling

Only the standup bot committed today — automated housekeeping, nothing substantive shipped.

**Plugin-initiated one-click connect shipped end-to-end — spec through working zip — in a single day.** The spec ([#164](https://github.com/sethshoultes/memberi

One commit landed: the automated standup bot posted the 2026-06-03 entry (`ce208cf`).

**[#11](https://github.com/sethshoultes/memberpress-intel/pull/11) landed** — a new `.github/copilot-instructions.md` that teaches GitHub-native reviewers what