ForgeBot plan preview

ForgeBot Mention Apple Watch Alert

A share-safe, numbered step-by-step plan to make direct Slack mentions of ForgeBot trigger an Apple Watch alert for Adam through the normal Slack notification path.

Decision: Option A Format: Numbered steps Harness: Hermes Transport: #forgebot_private Auth: Doppler-injected secrets Local time: 2026-06-27 17:01 PDT Runtime audit: 17:18 PDT Status: Gateway + background channel green

Fastest route from 5pm

Formal end-state goal: when any non-Adam Slack user directly mentions ForgeBot, Hermes detects the mention before the agent run, posts exactly one ForgeBot alert in #forgebot_private through Doppler-injected Slack auth, and Adam's Apple Watch produces a haptic notification while worn, unlocked, and paired to the iPhone.

Current local time: 2026-06-27 17:01:11 PDT.

Latest readiness check: 2026-06-27 17:27:58 PDT. Hermes gateway is alive under Doppler, the hook is loaded, ForgeBot Slack health is green, and the repeatable readiness helper passes. The remaining unproven pieces are the real non-Adam Slack event source and the physical Watch haptic after pairing/settings.

  1. Finish pairing and notification settings

    Adam gets the Watch app available again, then enables Slack iPhone notifications, Watch mirroring, and haptics with Focus, Theater Mode, and Airplane Mode off.

  2. Hold the proven Slack path steady

    Codex keeps the repo policy tests, Hermes hook, Doppler access, and live synthetic #forgebot_private delivery green while Adam finishes pairing.

  3. Run one controlled real mention

    After pairing, trigger one direct ForgeBot mention from a real non-Adam Slack user and watch for exactly one #forgebot_private background comms alert.

  4. Classify the result immediately

    Channel alert plus Watch buzz means done. Channel alert without Watch buzz means Hermes is complete and only iPhone/Watch routing remains. No channel alert means debug Hermes, Doppler, or Slack send path.

Parallel lanes

Lane Owner Target Blocked by
Watch pairing/settings Adam Watch app available; Slack mirrored; haptics enabled Watch repair/pairing
Hermes/Slack delivery Codex One live synthetic #forgebot_private alert confirmed in Slack history None
Repo policy and tests Codex TypeScript policy tests and typecheck stay green None
Real end-to-end proof Adam + Codex Real ForgeBot mention creates #forgebot_private alert and Watch buzz Watch pairing/settings
Docs and operations Codex Plan and skill capture final path and recovery checks None

Final acceptance test

  1. Re-run readiness

    Run doppler run --project forgeapps --config prd -- pnpm --dir apps/forgebot watch-alert:readiness and confirm the machine-side gate is green.

  2. Set Watch routing conditions

    Adam wears and unlocks the paired Apple Watch, then locks the iPhone so eligible Slack notifications can route to the Watch.

  3. Trigger a real non-Adam mention

    A real non-Adam Slack user directly mentions ForgeBot in a controlled channel where ForgeBot is present.

  4. Confirm delivery and haptic

    Adam confirms exactly one ForgeBot alert appears in #forgebot_private and the Apple Watch produces the haptic notification.

  5. Confirm dedupe state

    Check the hook state for exactly one new dedupe key for the real Slack message and confirm no duplicate channel alert was posted.

Step-by-step plan

  1. Choose the alert path

    Use option A, revised: a direct ForgeBot Slack mention creates a ForgeBot alert in #forgebot_private, Adam's background comms channel, and Slack mobile notification mirroring carries that channel notification to Apple Watch.

  2. Keep Hermes as the Slack harness

    Handle the Slack event inside Hermes, where ForgeBot gateway traffic already enters the system. The alert should fire before the agent run continues.

  3. Keep the scope narrow

    Do not add a native Apple Watch push path, phone bridge, iMessage route, Reminders workflow, or macOS Notification Center dependency.

  4. Start with the red TDD tracer

    Use the focused TypeScript behavior test as the contract for turning a Hermes Slack mention context into one #forgebot_private background comms alert payload. Current state: green for the existing policy shape; update the target from the older private alert payload to the channel payload.

  5. Build the alert payload policy

    The policy should produce a stable dedupe key, disable link unfurling, and include concise channel, sender, permalink, and trimmed source message details.

  6. Require Doppler-injected auth

    Verify the required Slack credential names through Doppler and fail loudly if any are missing. The canonical names are SLACK_BOT_TOKEN, SLACK_FORGEBOT_BOT_USER_OAUTH_TOKEN, and SLACK_FORGEBOT_APP_LEVEL_TOKEN. Run pnpm --dir apps/forgebot watch-alert:readiness under Doppler for the repeatable machine-side gate. Do not read dotenv files or create local fallback secrets.

  7. Run the gateway under Doppler

    The live Hermes gateway inherits its Slack credentials from Doppler at process launch. Current audit found PID 12989 alive, launched under doppler run --project forgeapps --config prd, with the ForgeBot app-level token exported as the runtime SLACK_APP_TOKEN alias.

  8. Confirm the hook loads

    Check gateway logs for the mention-alert hook loading successfully before testing detection or Slack delivery.

  9. Dry-run the mention detector

    Feed a synthetic direct mention into the hook with sending disabled. Current state: dry-run prints the alert text without calling Slack or writing state.

  10. Send one controlled live mention

    Use a safe test mention in a controlled Slack location. Current target: live synthetic delivery should send exactly one ForgeBot alert to #forgebot_private and Slack history should confirm one match. Separate proof already shows ForgeBot can write to C08QU8FMB44.

  11. Verify the Apple Watch side

    Confirm the #forgebot_private alert appears on Adam's phone and Apple Watch mirrors it. If the channel alert arrives but the Watch does not buzz, the remaining issue is notification configuration.

  12. Monitor and tighten

    Watch for duplicate channel alerts, missing channel metadata, failed Slack sends, or suppressed Watch notifications, then tune dedupe, permissions, and notification settings.

Numbered verification checklist

  1. Doppler access works

    Done: the host can authenticate to Doppler and fetch the configured environment without printing secret values.

  2. Required Slack credentials exist

    Done: the expected Slack credential names are present in the production Doppler config.

  3. Hermes is running with injected secrets

    Done: the gateway process is alive under Doppler with runtime Slack aliases injected, not from dotenv files or local fallbacks.

  4. The alert hook is loaded

    Done: gateway logs show the ForgeBot mention-alert hook loaded without errors.

  5. Dry run succeeds

    Done: a synthetic mention produces the expected alert text and does not call Slack.

  6. Live Slack delivery succeeds

    Done for channel write proof: ForgeBot posted to #forgebot_private through Doppler-injected Slack auth and Slack reported private=true, member=true.

  7. Machine-side readiness passes

    Done: the Doppler-wrapped readiness helper verifies required keys, ForgeBot token identity, gateway liveness, Slack connection, and hook evidence.

  8. Real non-Adam event enters Hermes

    A real non-Adam Slack user directly mentions ForgeBot and Hermes handles that event source before the agent run continues.

  9. Phone and Watch receive it

    The #forgebot_private alert appears on Adam's iPhone and Apple Watch mirrors the notification.

  10. Dedupe state records it once

    The hook state contains exactly one new dedupe key for the real non-Adam Slack message.

Blockers

The machine-side path is ready. These are the remaining human or physical gates, with prompts Adam can paste into the next chat or Slack thread to move each one forward.

Blocked / needs another user

Real non-Adam Slack event

This host has no usable non-Adam human Slack token. SLACK_FORGEBOT_USER_OAUTH_TOKEN exists for the ForgeBot Slack user account, but Slack currently returns token_revoked; the usable bot tokens authenticate as ForgeBot U0B9SM7MVB5, not as a separate human actor.

Candidate ID D0BA0Q2HZ1P was checked on 2026-06-27 at 17:50 PDT. Slack rejects it as a user via users.info and ForgeBot cannot see it as a conversation via conversations.info. Treat it as an unverified channel identifier, not the final non-Adam user ID.

Copyable prompt
Blocked / needs Watch state

Apple Watch haptic proof

#forgebot_private delivery is machine-verifiable, but the Watch haptic has to be observed while the Watch is worn, unlocked, paired, and the iPhone is locked.

Copyable prompt
Blocked / needs post-test evidence

Dedupe evidence after the real test

After the real mention, completion needs exactly one new dedupe key in hook state and no duplicate #forgebot_private alert.

Copyable prompt
Fallback / if channel alert arrives only

Channel alert arrives but Watch does not buzz

If the #forgebot_private alert arrives but the Watch stays quiet, stop changing Hermes and diagnose only iPhone, Slack, and Watch notification routing.

Copyable prompt

Numbered failure handling

  1. Missing Slack credential in the gateway environment

    Meaning: the gateway was not launched with the required Doppler-injected credential. Fix: confirm the required secret names exist, then relaunch through Doppler.

  2. Channel lookup fails

    Meaning: ForgeBot lacks access to the source channel or Slack does not allow metadata lookup. Fix: invite ForgeBot to the channel or use an ID-only label.

  3. Channel alert does not arrive

    Meaning: the Slack API send path failed. Fix: check gateway auth injection, bot scopes, #forgebot_private membership, and Slack API errors in gateway logs.

  4. Channel alert arrives but Watch does not buzz

    Meaning: Hermes and Slack delivery worked; notification configuration is the remaining issue. Fix: adjust Slack iPhone notifications, Watch mirroring, or Focus rules.

  5. Duplicate channel alerts appear

    Meaning: the dedupe key is unstable or dedupe state is not persisting. Fix: use Slack event identity and persist state near the hook runtime.

Numbered open questions

  1. Adam's own mentions: Should Adam's own mentions trigger alerts during testing only, or stay suppressed by default?
  2. Who can trigger alerts: Should every direct ForgeBot mention alert Adam, or only mentions from other people?
  3. Alert content: Should alerts include message text, or only sender, channel, and permalink for privacy?
  4. Hook failure routing: Should hook failures stay in local logs, or send a rate-limited failure notice to #forgebot_private?

This page is a sanitized public preview. The implementation plan in the ForgeApps repo keeps exact identifiers, commands, and file paths for local execution.