Boss Tier — Full Authority

🦅
Tom
Personal Assistant — CEO & Maintenance
Boss Opus
Serves
Steve
Owner / CEO
Full system access Xero financials All APIs HR records Policy approval Comms prep Maintenance ClickUp
Financial data — Xero, P&L, cash flow, invoices
All client & ad accounts
HR records, salaries, personal data
Steve's personal calendar & email
Maintenance ClickUp space + comms drafting
Can message and task any agent
🦁
Charlie
Personal Assistant — Operations
Boss Opus
Serves
Andy
Operations Manager (Human)
ClickUp — all spaces Project delivery Team coordination Client onboarding Agent delegation
ClickUp — all projects and spaces
Team calendars and utilisation
Client delivery and project data
Can task Brian and Sammy
Xero financials and P&L

Team Tier — Role-Scoped Access

🦊
Sammy
Marketing Manager AI
Team Sonnet
Serves
Megan
Marketing Manager · Melbourne
Google Ads Meta Ads Search Console SEO analysis Campaign reports Anomaly detection
Google & Meta Ads — all client accounts
SEO and Search Console data
Campaign metrics, reporting, anomalies
Xero / financials / client billing
Sales pipeline and lead data
🦝
Brian
Sales Assistant AI
Team Sonnet
Serves
James
Sales Director · Melbourne
CRM pipeline Lead research Prospect scoring Email drafting ClickUp sales
Sales pipeline and ClickUp sales space
Lead, prospect, and contact data
Email drafting — James must approve before sending
Xero / P&L / invoices
Ad account performance

Communication Paths

FromToPurpose
🦅 Tom
→ Any agent
Policy updates, task delegation, access escalation, full oversight
🦁 Charlie
→ 🦝 Brian
New client onboarded — set up sales follow-up in CRM pipeline
🦁 Charlie
→ 🦊 Sammy
Client going live — brief Sammy on new ad account or SEO scope
🦊 Sammy
→ 🦅 Tom
Escalate anomalies and budget issues needing strategic decision
🦝 Brian
→ 🦅 Tom
Hot lead approval requests, cross-team handoff

Data Access Matrix

System🦅 Tom🦁 Charlie🦊 Sammy🦝 Brian
Xero — P&L / Cash
Xero — Invoices
Google Ads
Meta Ads
Google Search Console
ClickUp — All SpacesSales only
Maintenance ClickUp
Client CRM
Gmail / Team emailDraft only
HR Records
Steve's personal data
Objective
Four agents. Clear authority. Shared knowledge. No data leaks between departments.
Two boss agents with full authority, two team agents scoped to their lane. One shared skills library. Domain-split knowledge files that keep context lean. A living memory system that means the whole team gets smarter without burning tokens on irrelevant information.
📋
Independent Review — Changes Applied
An independent evaluator reviewed this plan. Six changes were recommended. Five have been incorporated. The original five-agent structure has been collapsed to four — Sarah's comms prep and maintenance ClickUp work absorbed into Tom. Sammy moved from Opus to Sonnet. Shared knowledge files now domain-split. Memory flush prompts capped at 10 lines. Week 3 testing collapsed to one end-to-end scenario. Token budgets added as a new initiative.
Sammy → Sonnet Sarah collapsed into Tom Domain-split knowledge files 10-line memory flush cap Token budgets added Week 3 single scenario

The Four Agents

🦅
Tom
CEO + Maintenance · Boss
Steve
Owner / CEO
Full access. Approves policy. Handles comms prep and maintenance ClickUp directly — no separate agent needed. Sees everything, shares nothing without sign-off.
🦁
Charlie
Ops Assistant · Boss
Andy
Operations Manager
Full ops authority. Delegates to Brian and Sammy. Escalates financial decisions to Tom. Fewer agents reporting in means less noise.
🦊
Sammy
Marketing AI · Team
Megan
Marketing Manager
Ads, SEO, campaigns on Sonnet. Handles volume work efficiently. Escalates to Tom for decisions that need deeper reasoning — that's what the hierarchy is for.
🦝
Brian
Sales AI · Team
James
Sales Director
CRM, leads, pipeline, email drafts on Sonnet. No financial data. James approves all outbound email before it sends.

What We're Building — 5 Initiatives

01
Lock Down Access by Role
Tool profiles + credential isolation
Enforce the hierarchy technically — not just as a written rule, but at the config and credential level so it's physically impossible for a team agent to access something they shouldn't. Sarah's work is absorbed into Tom, reducing the number of configs to maintain from five to four.
Set tool profile to "full" for Tom & Charlie, "coding" for Brian & Sammy
Enable elevated mode and sandbox off for boss agents, reverse for team agents
Audit each agent's auth-profiles.json — remove API keys they shouldn't hold
Retire Sarah's config entirely — migrate her ClickUp maintenance scope and comms credentials to Tom
Rewrite SOUL.md and AGENTS.md for Brian and Sammy to match their actual roles
02
Build a Shared Skills Library
One place, all agents benefit
A shared library means you update a skill once and every agent who needs it gets the update instantly. Skills gate themselves via credentials — Sammy gets Google Ads, Brian doesn't, automatically. Four agents means four configs to wire up, not five.
Create ~/OpenClaw/shared-skills/ directory
Migrate reusable skills — ClickUp, Google Ads, Meta Ads, web-research, effective-delegation
Add skills.load.extraDirs to all four agent configs pointing to shared-skills
Create agency-standards skill — tone guide, approval protocol, SOP prompts for all agents
Verify credential-based skill gating works correctly per agent
03
Connect the Agents Natively
Replace shell scripts with sessions_send
Replace shell scripts with OpenClaw's native bidirectional messaging. Test with a single end-to-end scenario rather than three isolated tests — one flow covers delegation, escalation, and the approval gateway simultaneously and is more realistic to how it'll actually work.
Enable agentToAgent in all configs — boss → all, team → boss only
Update INTER-AGENT.md to document the sessions_send protocol, retire send-message.sh
Single end-to-end test: Tom delegates a task to Brian → Brian hits an issue and escalates → Tom decides and routes a client email through the approval gateway
One flow, all three patterns tested — delegation, escalation, approval gate
04
Make Agents Learn & Improve
Domain-split knowledge + lean memory flush
Domain-split knowledge files so Brian only reads sales learnings and Sammy only reads marketing ones — no point burning tokens making a sales agent read about a Google Ads optimisation. Memory flush notes capped at 10 lines max: what was I doing, what's the status, what's next.
Create ~/OpenClaw/shared-knowledge/sales/ and /marketing/ subdirectories — domain-split LESSONS, ERRORS, WINS per area
Strict 50-line rolling cap per file — agents prune oldest entries when adding new ones
Each agent's AGENTS.md points to their domain folder only — Brian never reads Sammy's marketing files
Memory flush prompts: 10 lines max — current task, status, what's next. No essays.
Weekly cron review — agent reads own logs, surfaces improvements to boss tier to promote into SOPs
05
Add Token Budgets & Circuit Breakers
Cost controls per agent
The plan had no cost controls. If Brian gets stuck in a lead research loop or Sammy runs a deep analysis that spirals, there's nothing to cap it. A daily token ceiling per agent with an alert to Tom and Charlie when it's hit prevents surprise bills and catches stuck sessions before they run long.
Set a daily token ceiling per agent in openclaw.json — team agents lower than boss agents
Configure alert: when 80% of daily budget is hit, notify Tom (and the relevant boss agent)
Set maxConcurrent: 1 for team agents to prevent sessions stacking and multiplying token burn
Review token usage weekly alongside the cron review — adjust ceilings up or down based on actual patterns

4-Week Rollout Roadmap

Week 1
Formalise the Hierarchy
Define the four roles, collapse Sarah into Tom, lock down credentials and tool access.
● Now
Retire Sarah's profile — migrate maintenance ClickUp scope and comms credentials into Tom's config
Update DATA-ACCESS-POLICY.md — four agents, Tom + Charlie as boss tier
Audit all four auth-profiles.json files — remove credentials that shouldn't be there
Brian: no Xero keys · Sammy: no Xero or HR keys
Set tool profiles and sandbox modes in all four openclaw.json configs
Boss: profile "full", sandbox off · Team: profile "coding", sandbox non-main
Rewrite Brian's SOUL.md — Sales assistant, not CEO orchestrator. Rewrite Sammy's to match Marketing Manager scope.
Week 2
Centralise Shared Skills
One skills library all agents pull from. Wire token budgets into all four configs.
Upcoming
Create ~/OpenClaw/shared-skills/ and migrate reusable skills from main-workspace
Add skills.load.extraDirs to all four agent configs pointing to shared-skills
Create agency-standards skill — tone guide, approval protocol, SOP prompts for all agents
Set daily token ceilings in all four configs with 80% alert to Tom
Set maxConcurrent: 1 for Brian and Sammy
Verify skill gating — Sammy loads Google Ads skill, Brian does not
Week 3
Wire Up Native Agent Comms
Replace shell scripts. Run one end-to-end test covering all three communication patterns.
Upcoming
Enable agentToAgent in all configs — boss → all, team → boss only
Rewrite INTER-AGENT.md — document sessions_send protocol, retire shell script instructions
Single end-to-end test: Tom delegates a task to Brian → Brian hits an issue and escalates to Tom → Tom decides and routes a client email through the approval gateway
One scenario · covers delegation + escalation + approval gate simultaneously
Week 4
Build the Learning Loops
Domain-split knowledge files, lean memory flush, weekly review cycle.
Upcoming
Create domain-split knowledge dirs — ~/OpenClaw/shared-knowledge/sales/ and /marketing/ with LESSONS, ERRORS, WINS per domain
Set 50-line rolling cap per file — agents prune oldest entries when adding new ones
Update each agent's AGENTS.md — point to their domain folder only. Brian reads sales files, Sammy reads marketing files.
Configure memory flush prompts — 10 lines max. Current task · status · what's next. Nothing longer.
Run first full system review — comms logs, token usage, knowledge base quality, SOP gaps

Non-Negotiable Rules

Rule 01
Credentials are the hard wall.
Tool policies set rules in config. The real enforcement is: if an agent doesn't have the API key, they literally cannot call the system. Keep auth-profiles.json clean per agent. This is not optional.
Rule 02
Team agents prepare. Bosses approve.
No outbound email, no client communication, no financial data leaves a team agent without going through Tom or Charlie. Preparation is free. Execution requires explicit sign-off every time.
Rule 03
Agents suggest. Humans promote.
When any agent finds a better way to work, they write it to their domain WINS file and escalate to a boss agent. Boss agents decide what becomes an official SOP. No agent edits RULES.md directly.
Rule 04
Knowledge files stay lean.
Domain-split and 50-line rolling cap per file. Every token spent reading irrelevant learnings is a token wasted. Brian reads sales files. Sammy reads marketing files. Neither reads the other's.
Rule 05
Memory flush is 10 lines. No essays.
Handoff notes are a quick brief, not a report. Current task, status, what's next. Anything longer means agents are re-reading walls of text on every context reset. Keep it tight.
Rule 06
Token budgets are non-negotiable.
Daily ceiling per agent. Alert at 80%. If Brian loops on a lead or Sammy spirals on an analysis, the circuit breaker catches it before it becomes a surprise bill. Review and adjust weekly.
Rule 07
Tom's Telegram whitelist is reviewed monthly.
Any user not actively using the network is removed. The whitelist is not a permanent access grant — it's a living list. Steve reviews it on the first of each month. When in doubt, remove.
Rule 08
No community skills. Ever.
No agent may install any skill from the ClawHub community registry. Only skills from ~/OpenClaw/shared-skills/ are trusted. Any new skill must be reviewed and approved by Tom before installation. No exceptions.