M MemberIntel KB

Activity Decisions

standup

Standup — 2026-05-23

Eight commits landed on `memberintel` yesterday, all building out the admin foundation — PRs [#127](https://github.com/sethshoultes/memberintel/pull/127) throug

Daily standup for 2026-05-23. What shipped:

Eight commits landed on memberintel yesterday, all building out the admin foundation — PRs #127 through #136.

The backend is now complete: audit log table and helper (with a retrofit on escalation resolve), CF Access JWT verification replacing the old bearer-JWT admin auth, user search and detail read endpoints, and the five mutating endpoints — reset-password, email change, tier change, resend-verification, and a Stripe stub. The email-change path is fully atomic: email, email_verified, jwt_version, new VerificationToken, and the audit row all commit together; Resend is called outside the transaction so a delivery failure never rolls back the mutation.

The admin SPA landed in parallel: a SvelteKit static app scaffolded on Cloudflare Pages, user list and detail pages, escalation list and resolve pages. The API proxy runs through a Pages Functions middleware. One follow-up fix collapsed the staging/prod hostname split down to a single admin.membersintel.com (0267c8c).

Three implementation plans were written and checked in for the CF Access auth work, the read endpoints, and the mutating endpoints — each a task-by-task red/green test sequence for an agentic worker. The design spec locks the two-key auth principle: CF Access handles the perimeter; User.is_admin = TRUE in the DB is the second gate. A stale CF allowlist alone grants nothing.

Notable. The CLI (scripts/list_escalations.py) drops its ADMIN_JWT/JWT_SECRET path entirely — no legacy fallback. Service-token headers go directly to CF Access at the edge, which exchanges them for the same JWT shape the browser SPA produces. Backend sees one code path regardless of caller.

Window: 2026-05-22T13:00

→ 2026-05-23T13:00
.241Z · Sources: memberintel @ 0267c8c, memberpress-intel @ 9a29b6a

For: S Seth Shoultes

Index

All pages

spec

MemberIntel V1 Specification

The V1 advisor-only spec for MemberPress operators: two-tier brain architecture, Free/Pro pricing model, and a data-flywheel moat built from product mechanics rather than pre-existing proprietary data.

S P B

MemberIntel V1.5 Specification

V1.5 extends MemberIntel with AI write-actions via the MemberPress MCP and a 5-minute 'Set up FOR ME' greenfield wizard backed by a 14-day Pro trial.

S P B

MemberIntel V2 Specification

V2 expands MemberIntel to BuddyBoss customers via a sister-company partnership — a low-engineering-risk cross-platform proof point since BB Memberships runs on MemberPress under the hood.

S P B

Architecture Overview & Tech Choices

Covers GCP vs Heroku vs DigitalOcean for hosting, then deep-dives per-tenant isolation strategy using shared-schema RLS as the V1 foundation.

S P B

Cross-Pollination & Brain Isolation

Details the three failure modes of the cross-pollination pipeline — re-identification, tenant leakage, and opt-out bypass — and the architectural mitigations for each, including k-anonymity floors, three-role isolation, and GCP project structure.

S P B

CI/CD & Code Flow

Defines the three separate promotion pipelines — code, Terraform, and database migrations — with GitHub Actions, Workload Identity Federation, manual prod gates, and the eval suite as a release-blocking check.

S B

Observability & Incident Response

Describes the three-destination telemetry model — Cloud Logging for debugging, BigQuery for business analytics, locked-down BigQuery for audit — plus domain-specific metrics, on-call structure, and pre-written runbooks for the five highest-stakes failure modes.

S S A

LLM Cost-Control Architecture

Defines the four-layer cost-control stack — rate limiting, entitlement service, per-call token budgets, and continuous spend monitoring — with Redis-backed quota counters, server-side model routing enforcement, and a global daily circuit breaker.

S P B

Auth & Identity Layer

Covers the three signup paths converging into a unified user model, per-license MP OAuth signing keys, customer-OAuth-only Stripe (no Connect), Argon2id passwords with server-side sessions, account merge prevention, and the V1.5 trial state machine.

S B

Data Sync Pipeline

Defines the three separate sync pipelines — MP (queue-based with per-customer concurrency controls), Stripe (webhooks for Pro, polling for Free), and site analysis (weekly-cached Claude calls) — with shared convergence layer and a platform-agnostic canonical schema designed for V2 expansion.

S S

Secrets Management

Defines five distinct secret categories with separate lifecycles, a layered KMS key hierarchy per environment, Secret Manager naming conventions with path-prefix IAM, 5-minute TTL caching, and the hard rule that no human ever reads a production secret.

S B

AI Eval Suite as Architecture

Treats the eval suite as versioned release-gate infrastructure rather than ad-hoc tests, with 150 structured scenarios across seven categories, a judge-model scoring layer, CI integration, a differentiation subset that proves advantage over baseline LLMs, and a production thumbs-down feedback loop.

S P B

Strategic Risk Landscape

Honestly assesses which SPEC risks the architecture handles well, which remain genuinely fragile (differentiation, content lead bottleneck), and names four risks the SPEC never flags — Anthropic dependency, ops time underbudget, per-customer brain as liability, and compliance as a moving target.

S B S

Synthesis

Phase-by-phase sequencing of all architectural commitments against the actual team ramp, surfacing five friction points where the phased plan and architectural reality diverge — content lead timing, Phase 2 scope calibration, differentiation eval ship date, privacy counsel engagement depth, and infra engineer hiring window.

S P B

Phased Plan

A 6-phase team ramp plan growing from 2 people in May to 7+ at launch, with hard milestone gates controlling when each new team member joins MemberIntel full-time.

S P B

Phased Plan — Rev 2

Rev 2 of the team ramp plan, updated after May architecture sessions: adds a dedicated brain-content lead recommendation, recalibrates Phase 2 milestone language for honesty, and moves the differentiation eval to a Phase 3 gate item.

S P B

decision

ADR-0001: Entitlement service shape

ADR-0001 (Accepted, 2026-05-08): Entitlement service shape.

S A B

ADR-0002: Model routing single source of truth

ADR-0002 (Accepted, 2026-05-08): Model routing single source of truth.

S A B

ADR-0003: pgvector for V1, tenant_id as partition key

ADR-0003 (Accepted (resolves SPEC Open Q9), 2026-05-08): pgvector for V1, tenant_id as partition key.

S A B

ADR-0004: GCP — Cloud Run + Cloud SQL + Secret Manager

ADR-0004 (Accepted (resolves SPEC Open Q8), 2026-05-08): GCP — Cloud Run + Cloud SQL + Secret Manager.

S A B

ADR-0005: Anthropic SDK direct, mitigation seam at llm.call

ADR-0005 (Accepted (with explicit accepted risk), 2026-05-08): Anthropic SDK direct, mitigation seam at llm.call.

S A B

ADR-0006: Hive Mind as Brain Seed Source

ADR-0006 (Accepted, 2026-05-12): Hive Mind as Brain Seed Source.

S A B

ADR-0007: Auth via JWT + Google OAuth + AI Foundation PKCE

ADR-0007 (Accepted, 2026-05-12): Auth via JWT + Google OAuth + AI Foundation PKCE.

S A B

ADR-0008: Voyage voyage-3-lite for Embeddings

ADR-0008 (Accepted, 2026-05-12): Voyage voyage-3-lite for Embeddings.

S A B

ADR-0009: CI/CD Pipeline — GitHub Actions with Workload Identity Federation

ADR-0009 (Accepted, 2026-05-14): CI/CD Pipeline — GitHub Actions with Workload Identity Federation.

S A B

ADR-0010: Observability — Cloud Logging + OpenTelemetry + BigQuery

ADR-0010 (Accepted, 2026-05-14): Observability — Cloud Logging + OpenTelemetry + BigQuery.

S A B

ADR-0011: Secrets Management — Secret Manager + KMS + Path-Prefixed Naming

ADR-0011 (Accepted, 2026-05-14): Secrets Management — Secret Manager + KMS + Path-Prefixed Naming.

S A B

ADR-0012: Stripe Integration — Customer-OAuth-Only in V1

ADR-0012 (Proposed (resolves SPEC Open Q4; Ally Roger sign-off pending per Phase 1 friction-points doc), 2026-05-14): Stripe Integration — Customer-OAuth-Only in V1.

S A B

ADR-0013: GCP Project Structure — Project-per-Environment + Shared Tooling

ADR-0013 (Proposed (V1 ships with single project; four-project structure targeted for V1.5), 2026-05-14): GCP Project Structure — Project-per-Environment + Shared Tooling.

S A B

ADR-0014: Cross-Pollination Security Boundary — Three-Roles Model

ADR-0014 (Proposed (pending privacy counsel review by Allen), 2026-05-14): Cross-Pollination Security Boundary — Three-Roles Model.

S A B

ADR-0015: Customer Brain — Four-Document Architecture (SOUL, BIBLE, HEARTBEAT, MEMORY)

ADR-0015 (Accepted (deployed 2026-05-15), 2026-05-15): Customer Brain — Four-Document Architecture (SOUL, BIBLE, HEARTBEAT, MEMORY).

S A B

ADR-0016: Brain Mutation via Anthropic Tool Calls (`update_customer_brain`)

ADR-0016 (Accepted (deployed 2026-05-15), 2026-05-15): Brain Mutation via Anthropic Tool Calls (`update_customer_brain`).

S A B

ADR-0017: MemberIntel Connect — WordPress Plugin as the Data-Sync Source

ADR-0017 (Accepted (V1 plugin shipped 2026-05-14; sync service deployed 2026-05-15), 2026-05-15): MemberIntel Connect — WordPress Plugin as the Data-Sync Source.

S A B

ADR-0018: Brain Memory Limits and Content Sanitization Policy

ADR-0018 (Accepted (deployed 2026-05-15), 2026-05-15): Brain Memory Limits and Content Sanitization Policy.

S A B

ADR-0025: Tier-to-model assignment — Haiku for Free, Sonnet for Pro

ADR-0025 (Proposed, 2026-06-01): Tier-to-model assignment — Haiku for Free, Sonnet for Pro.

S A B

reference

Elevator Pitch — What MemberIntel Is

Plain-language descriptions of MemberIntel for different audiences — a one-liner, an elevator paragraph, and riffs tuned to designers, engineers, friendly outsiders, and curious customers. Use when explaining the project to someone new in under a minute.

S B S

MemberIntel — One-Page Executive Summary

The whole product on one page — what it is, how it's priced, what V1/V1.5/V2 ship, where the moat is, and what's deliberately out of scope. Written for Blair and Santiago to read in two minutes; everything else in the KB is the long-form backup.

S B S

V1 Progress — May 15, 2026

What shipped in V1: site data sync, chat improvements, customer brain spec. What's next: per-customer brain implementation.

S

Phase 1-2 Friction Points

A companion one-pager surfacing seven decisions where the May architectural commitments conflict with the v1 phased plan. All 7 decisions resolved in the Blair × Seth working session on 2026-05-11 (see /meeting-2026-05-11-blair); resolution summary at the top of this page.

S P B

Friction-Points Prep for Blair

Strategic prep document for Blair before the friction-points working session: three decisions that need real deliberation (brain content lead hire, differentiation eval cadence, infra-leaning hire on V1.5 roadmap), four confirmation items, predictable team disagreements, what to watch for in the meeting, and the asymmetric May-12 deadline on item 1.

B S P

Open questions for Blair — 2026-05-20

One-sheet of everything currently waiting on a call from Blair as of 2026-05-20 — pricing first (launch packaging trio, Free-tier dial defaults, token budgets), then hiring, naming, architecture sign-offs (ADR-0006), privacy (Allen's late-May review), and operational items. Two hard near-term deadlines: May 22 for the Free-tier circuit-breaker rubric and ADR-0006 signature.

B S S

Decisions Due — Monday 2026-05-11 (prep doc — historical)

PREP doc for the 2026-05-11 meeting. The actual outcomes are at /meeting-2026-05-11-blair. References to 'Product Lead' below are historical — the role was retired in this session; Santiago absorbed the duties.

B S P

Meeting Log — Blair × Seth, 2026-05-11

Full decision log from the Blair × Seth working session on 2026-05-11: friction-points resolutions, team structure changes (Product Lead retired → Santiago expanded; Russ added as Lead Designer), free-tier LLM strategy (the 2026-05-11 decision pointed to a local Ollama-class model; superseded 2026-05-20 — Free now ships on Anthropic Haiku, see the addendum at the top of the page), GCP hosting confirmed, 14-day Pro trial for existing MP members, domain registrations, action items.

B S S

V1 Cost Discipline Review

AI Engineer persona's feasibility review of V1 unit economics: architecture as specified can hit $1.07 Free / $10.75 Pro targets if input-token ceilings are pinned, model routing is typed from the entitlement service, retrieval is pre-budgeted, and site analysis stays weekly-cached. The scariest finding is that Free breaks even AT the SPEC's floor conversion target — a Blair conversation about circuit-breaker authority, not an architecture fix.

S B P

Decision Rights Matrix

A binding contract defining who owns which decisions across engineering, product, compliance, and GTM — keeping Seth and Santiago unblocked as peers without escalating every disagreement to Blair. Updated 2026-05-11 to retire the dedicated Product Lead role (Santiago absorbed the duties) and add Russ as Lead Designer.

S P B

Quarterly Architecture Review Template

A 90-minute fixed-agenda template for quarterly architectural health reviews — covering differentiation gap, cost-per-cohort, reliability, cross-pollination health, compliance posture, and a standing 'one thing that worried me' round — starting Q4 2026 post-GA.

S B S

Cover Letter to Allen — Privacy Architecture Review

Cover letter from Seth and Santiago to Allen, MemberIntel's privacy counsel, introducing the privacy strategy memo and the late-May architecture review agenda. Sent ~5 business days before the session to give Allen context for the pre-read package.

S S B

Privacy Strategy for Counsel — Memo to Allen

Privacy strategy memo for Allen (Blair's privacy counsel) ahead of the late-May architecture review. Identifies the structural problem (the architecture treats member data as operator data throughout) and proposes seven preconditions before ToS drafting — four code-layer architectural preconditions and three policy items. Drafted 2026-05-12 through a Brandeis-counsel reasoning pass, McPhee-prose rewrite, panel review (Lessig + Sunstein + Rawls), and a Lessig/Rawls debate on permanent exclusion.

S B S

Privacy Counsel Architecture Review Agenda

A 4-hour late-May working agenda for outside privacy counsel to review MemberIntel's per-tenant isolation, cross-pollination boundary, secrets management, and data lifecycle decisions — grounding counsel's June ToS and Privacy Policy drafting in the actual architecture.

S P B

Design References

Living index of design artifacts for MemberIntel: the current Claude mockup, the Figma source-of-truth as it lands, and the visual-system conventions documented in docs/design/MemberIntel/CLAUDE.md.

R S B

Competitive Landscape

Feature-parity analysis of TripleWhale (Moby 2) and Northbeam against MemberIntel V1, with gap priorities for V1.5/V2 planning.

S B S

Seth's Phase 1 Deliverable Checklist

Seth's operational working checklist for May 2026 — organized week-by-week with ADR drafts, GCP scaffolding, schema design, RLS prototype, hiring pipeline, and cross-functional coordination tasks required to unlock Phase 2 on June 1.

S B

Phase 1 Deliverable Checklist (Santiago — formerly Product Lead)

Phase 1 operational working checklist for May 2026 — week-by-week milestones, PRD authoring, customer discovery, privacy counsel engagement, beta program scaffolding, cross-functional kickoffs, and the Phase 1 milestone gate criteria required to kick off Phase 2 on June 1. Originally authored for the Product Lead role; that role was retired 2026-05-11 and the checklist now belongs to Santiago (Product + Project Lead).

P S B

V1 Operational Runbooks

Pointer to the V1 product runbooks (deploy, auth, customer brain, incident response) that live in the memberintel repo — bus-factor coverage for whoever takes over V1 operations.

S A P

AI Engineer — Public Job Posting

External recruiting copy for the Senior AI Engineer hire — production LLM systems experience required, cost-discipline-as-engineering-surface posture, no LangChain. 30-min CEO screen → 60-90 min technical with Seth → paid week-long trial → offer in ~2-3 weeks.

A B S

role

Seth — Lead Architect JD

Seth Shoultes's Lead Architect role definition: end-to-end technical ownership of the brain, data pipeline, AI/ML architecture, engineering team, and vendor decisions for MemberIntel.

S B A

Blair — CEO JD

Blair Williams's CEO role definition for MemberIntel: product owner, final decision-maker on strategy, pricing, and architecture material choices, executive sponsor across the company.

B S P

Ronald — Backend / Platform Engineer JD

Ronald Reymundo's Backend / Platform Engineer role definition: MemberPress MCP integration, data sync, WordPress-side platform code, interim code-quality enforcement, and the V2 BuddyBoss integration surface. Reports to Seth Shoultes.

R S B

Sam — Brain Content Lead JD

Sam's Brain Content Lead role definition: authors the curated global brain, reviews cross-pollinated entries, operationalizes the voice/style guide, runs the content-side brain audits, and enforces sensitive-vertical exclusions. Reports to Santiago Perez Asis.

S S B

Senior AI Engineer JD

Senior AI Engineer role definition: owns the AI substrate end-to-end (inference pipeline, retrieval, prompt versioning, eval suite, cost discipline, feedback loop) under Seth's architectural direction. Reports to Seth Shoultes. Hire pending — target close mid-June 2026.

A S B

Product Lead JD (retired — folded into Santiago 2026-05-11)

RETIRED 2026-05-11. The dedicated Product Lead role was not backfilled after Cindy's departure; responsibilities folded into Santiago's expanded mandate. Retained as a historical reference for the duties Santiago now owns. See /santiago-jd for the current operational definition.

P B S

Santiago — Product + Project Lead JD

Santiago Perez Asis's role definition: Product + Project Lead for MemberIntel — PRD ownership, sprint cadence, dependency tracking, risk register, L10 scorecard, beta program design, support enablement, and cross-functional coordination. Reports to Blair.

S B S

Russell — Lead Designer JD

Lead Designer role definition: owns the visual system, end-to-end product UX, and design-to-engineering hand-off for MemberIntel. Reports to Blair Williams. Decided 2026-05-11 in the Blair × Seth working session — initially part-time / contract through Phase 1 with potential move to full-time as product surfaces solidify.

R S B

standup

Standup — 2026-06-09

One commit in the window: the automated standup bot posted the 2026-06-08 entry (`b94e0c2`).

S

Standup — 2026-06-08

Nothing shipped in the last 48 hours beyond the standup bot's own commits.

S

Weekly — week of 2026-06-07

# MemberIntel Weekly Digest — 2026-06-01 → 2026-06-07 One major feature shipped end-to-end in a single day, two security/compliance items closed, and a tooling

S

Standup — 2026-06-06

Only the standup bot committed today — automated housekeeping, nothing substantive shipped.

S

Standup — 2026-06-05

**Plugin-initiated one-click connect shipped end-to-end — spec through working zip — in a single day.** The spec ([#164](https://github.com/sethshoultes/memberi

S

Standup — 2026-06-04

One commit landed: the automated standup bot posted the 2026-06-03 entry (`ce208cf`).

S

Standup — 2026-06-03

**[#11](https://github.com/sethshoultes/memberpress-intel/pull/11) landed** — a new `.github/copilot-instructions.md` that teaches GitHub-native reviewers what

S

View all standups (28 total) →