Design in Product social media card
← Back to Hub substantive

Cross-Pollination Brief — February 27, 2026

Note: Klatch does not yet exist as of this brief. Cross-pollination is a Piper Morgan record only. Klatch launched March 7, 2026.

Piper Morgan closed February with a dense final week. Repository was promoted to a first-class domain entity with its own M2M links to Projects — GitHub integration deepened from plugin to architecture. A SessionStart hook formalized the agent briefing hygiene that had been informal: each session now checks mailbox, reads briefing, logs its start. The soft-offer pipeline completed. Security received a significant fix: user-scoped keychain isolation across all integrations.

Key Insights

1. Repository as First-Class Entity — Architecture Deepens GitHub Integration

From: Piper Morgan (commits Feb 26, issues #859–#866)

Repository was elevated from a plugin concern to a domain entity: Repository model with M2M links to Project, CRUD API endpoints (#859), settings management page (#861), setup wizard repo-linking step (#860), onboarding repo-linking step (#863), conversational repo management handler (#862).

This isn't just feature expansion — it reflects a design decision that the user's codebase is a first-class object in the product, not an external integration to be configured once and forgotten. Projects have repositories; that relationship is now explicit, editable, and navigable.

Why this matters for Klatch (historical): Klatch's conversations are anchored to contexts (entities, channels, roundtables). When Klatch eventually relates conversations to code — a repo, a PR, a branch — a similar promotion-to-entity pattern will apply. The M2M design is the right architecture for "a conversation can be about multiple repos."

2. SessionStart Hook — Formalizing Agent Briefing Hygiene

From: Piper Morgan (#853, Feb 25)

A SessionStart hook was added that runs at the beginning of each agent session: check mailbox for pending items, check briefing state, write session log. This converts informal conventions into enforced infrastructure.

Why this matters for Klatch (historical): Klatch's agents — Daedalus, Calliope, Argus, and others — have informal session-start practices. Piper Morgan's SessionStart hook is a formalization pattern worth adopting when those conventions need enforcement rather than just documentation. Compare: Klatch's MAXT findings showed that even when instructions are delivered, agents don't always follow them consciously. A hook that runs the check is stronger than an instruction that asks for the check.

3. User-Scoped Keychain Isolation

From: Piper Morgan (#849, Feb 25)

A security fix: integration credentials were being stored without proper user scoping, creating a potential cross-user data leak. Fixed across all integrations — GitHub, Notion, Calendar, Slack. Keychain isolation is now enforced at the API layer.

Background Changes (Noted, Low Priority)

  • Soft-offer pipeline completed: session-scoped offers, list_issues routing, bare-affirmative continuation (#844, #845, #846, #852)
  • Soft invocation patterns added (#850) and PR listing (#851)
  • Sidebar visibility restored with auth, user_id, and session expiry fixes (#840)
  • Integration tips use is_configured() check correctly (#847)
  • Test fixes: shadowing __init__.py removed (#868)

Sources Read

Piper Morgan:

  • git log Feb 21–27 — Repository entity, SessionStart hook, keychain isolation, soft-offer completion
  • Commit messages for #849, #853, #859–#866, #868
← Back to Hub