Sidekick ships features end-to-end#
Sidekick is a coding agent inside your workspace. It does not just suggest code — it claims work, writes code, runs tests, and opens pull requests, then waits for the operator approvals you've defined.
This is the same workflow LumenFlow itself ships through. The codebase you're reading right now is built by Sidekick + governed agents claiming work units, working in isolated worktrees, running gates, and merging via the same policy pipeline.
What Sidekick does in a software-delivery loop#
| Step | What Sidekick does |
|---|---|
| Plan | Reads your backlog, picks a work unit (WU), breaks it into a worktree-scoped change |
| Claim | Locks the WU to its lane, creates an isolated worktree, branches from main |
| Implement | Writes tests and implementation; iterates until the test suite passes |
| Verify | Runs your gates — format, lint, typecheck, tests, custom co-change rules |
| Open PR | Pushes the lane branch and opens a pull request with the change, the evidence trail, and the WU spec |
| Govern | Risky steps (production deploys, destructive ops, secret access) route to operator approval before Sidekick proceeds |
| Audit | Every action — file read, file write, tool call, LLM turn — is recorded as evidence and exportable |
What governs the loop#
- Policy boundaries — Sidekick can only touch files declared in the WU's
code_paths, only call tools you've allowed, and only commit to its claimed worktree. - Approval gates — production deploys, destructive git operations, and access to secrets pause for operator approval before Sidekick proceeds.
- Evidence trail — every action, decision, and tool call is recorded; exportable as JSON or CSV for SOC 2, ISO 27001, or internal audit.
- Cost attribution — per-WU and per-action LLM cost is tracked with caps; runaway turns are blocked at the budget gate.
- Replay — every WU is reproducible from its evidence chain; you can rerun the same work against a fresh worktree to verify the same outcome.
How to put Sidekick on your repo#
- Sign up at /auth/sign-up and create a workspace.
- Connect your code host — GitHub or compatible — under Connections.
- Define lanes for the kinds of work you want governed (Framework, Experience, Operations, Content).
- Create work units in your backlog using
pnpm wu:createor the dashboard. - Delegate to Sidekick from the Sidekick chat or by claiming a WU directly.
- Approve risky steps when Sidekick pauses; everything else runs autonomously and posts evidence to your dashboard.
Where this fits in LumenFlow#
Sidekick is the agent surface. The runtime that governs Sidekick — and any other connected agent — is the control plane: it enforces policy, routes approvals, captures evidence, and exports audit trails. See What is LumenFlow? for the broader picture.
What Sidekick does not replace#
Sidekick can prepare software changes, generate files, run tests, open pull requests, and produce governed outputs. It does not become your public web host, browser IDE, code host, or deployment platform.
For live websites and applications, Sidekick routes work through the destinations you connect and approve: a code host for source truth, a deployment target for public hosting, or a manual export when you have not connected a destination yet.
info Sidekick uses the LLM provider configured in your workspace. Code generation runs against your chosen provider (Anthropic, OpenAI, or bring-your-own-key). Your code never leaves your chosen provider's infrastructure unless you explicitly route it elsewhere.