The Self-Hosted Operator's Playbook

The Problem Your agent is governed. The Constitution is in place. The PAM defines what it can touch. The escalation protocol works. You did the architecture right.

Then Friday night the data sub-agent silently fails. You don't notice until Monday morning, when the analysis sub-agent has run the entire weekend on stale inputs and the parent agent acted on the results. You spend Monday afternoon reverse-engineering what went wrong. You write a note to yourself: I should rotate the Telegram bot token. You forget by Wednesday.

You set up your .env with chmod 600. Three months later you can't remember the last time you rotated any of the keys inside it. You're not sure if anyone else has gateway access. You added a third sub-agent before the second was stable, and now you're debugging a chained pipeline at 11 PM.

This is what running a self-hosted governed agent actually looks like — after the architecture is done. The Constitution doesn't tell you when to rotate keys. The PAM doesn't tell you how to schedule sub-agents so they don't collide. The Escalation Protocol doesn't tell you what "partial failure" means for your specific data collector.

You need an operations manual. Nobody wrote one. So we did.

What This Is The Self-Hosted Operator's Playbook is the operations layer that sits on top of the Governed Agent Framework. The Framework defines what your agent is allowed to do. The Playbook covers how you actually run it — the security controls, the cron patterns, the sub-agent deployment discipline, the failure modes, and the recovery procedures.

This is not theory. Every pattern in this Playbook came from running a real production agent — including learning from a credential exposure incident that drove a complete security hardening cycle, a silent cron failure that ran for weeks before being detected, and a sub-agent scope drift that quietly produced bad data until a downstream consumer broke.

What's Included Three production-tested operational documents — ~25 pages, designed for skim-first reference.

SECURITY-HARDENING.md (~8 pages) The five controls that harden a self-hosted agent against the most common and most expensive failure modes. Written for the operator who is not a full-time security engineer and does not have one on staff. Covers root access inventory, SSH posture (with a separate reactivation checklist for migrations off container environments), .env permissions, key rotation cadence (with the gateway token at the tightest interval), and Telegram bot handling. Plus a 15-minute leak-response playbook and six cross-cutting credential rules. Budget 45 minutes the first time, 5 minutes per quarterly review.

CRON-GUIDE.md v2.0 (~9 pages) Six patterns and seven pitfalls for running scheduled work on a self-hosted agent without losing weekends. Includes the dual-cron pattern, sub-agent chain scheduling with the 5× buffer rule, base64 file transfer for environments without editors, state externalization patterns, and a reference cron schedule table. The seven pitfalls section covers the failure modes that took weeks of production time to discover: heartbeat traps, model overrides, delivery channel resets, gateway edits during cron execution, script timeouts, and exact-timing collisions. Also includes the audit checklist that will let you walk into any cron environment and figure out what's actually running.

SUB-AGENT-WORKBOOK.md (~9 pages) The seven-phase deployment guide for adding a sub-agent to your governed system without breaking the system you've already built. Phase 1 is "Decide whether you actually need a sub-agent" — the default answer is no, and most operators never get past it. The remaining phases cover drafting the brief, building the script to the brief (not from memory), wiring the cron with the dual-cron pattern, defining governance and escalation behavior, verifying integration with downstream consumers, and banking the deployment in your audit log and inventory. Includes a retirement procedure and the six most common deployment mistakes.

Who This Is For

• Operators who own the Governed Agent Framework and are now running real production work — not architecting, but operating
• Solo founders running a self-hosted agent who don't have a security engineer or DevOps person on staff and need the discipline to come from a document, not a hire
• Builders who've experienced their first production failure — a silent cron, a stale key, a sub-agent that did something its brief did not authorize — and want the patterns that prevent the second one

Who This Is NOT For

• People who haven't built the governance architecture yet (start with the Governed Agent Framework — this Playbook assumes you have it)
• People running agents on managed platforms that handle the operational layer for them
• People who want a security audit, a penetration test, or formal compliance documentation

What's NOT in This Playbook We took the time to write this section because what a Playbook doesn't cover matters as much as what it does:

• No code. This is operational discipline, not a Python tutorial. The audience is an operator who can write or commission scripts and is comfortable in a Linux shell.
• No Trust Rung 3 patterns. Every pattern here assumes your sub-agents recommend, draft, fetch, and analyze — they do not transact, send, or decide unilaterally. Sub-agents that take real-world actions require a different governance model.
• No managed-platform shortcuts. This is the playbook for operators who chose self-hosted on purpose. If you're on a managed platform, most of these controls are handled for you.

Why $149 The free templates on ClawMart give you three files and a "good luck." The Governed Agent Framework at $79 gives you the architecture. This Playbook is the next 25 pages — the ones that took months of production operations to learn, and that will save you from learning them the same way.

If you bought the Framework, the Playbook is the document you wish you'd had the morning your first sub-agent silently failed.

Free for Feedback (Through June 7, 2026) We are giving the full Bundle (Framework + Playbook + walkthrough) free to operators willing to spend 15 minutes on a feedback conversation after using it for a week. Email team@divineimpact.io with "Free for Feedback" in the subject. We are early in this market and your feedback shapes the next version.