Routines
Routines are periodic maintenance tasks that keep the project healthy. They audit dependencies, clean up documentation drift, validate project status, and scan for vulnerabilities — all on a defined schedule.
Routines are managed exclusively by the Tech Lead. Code agents don’t run them. This is by design — maintenance tasks require broad project context and cross-cutting awareness that only the orchestrating agent has.
How Routines Work
Section titled “How Routines Work”Each routine has three components:
| Component | What it is |
|---|---|
| Frequency | How often it should run (e.g., every 5 days, every 7 days, every 14 days) |
| Procedure | A concrete, step-by-step process the Tech Lead follows |
| Dashboard entry | A row in agent/Core/routines.md tracking when it last ran and when it’s next due |
Routines are opt-in. The routine-check sensor flags overdue routines at session start, but you decide when to run them. The agent never runs a routine autonomously — it waits for your approval.
The Routine Lifecycle
Section titled “The Routine Lifecycle”-
Detection
At the start of every session, the
routine-checksensor parses the dashboard atagent/Core/routines.md. It compares each routine’s last-ran date against its frequency and flags any that are overdue.Agent: OVERDUE: dependency-audit (last ran 12 days ago, due every 7) -
Approval
You tell the Tech Lead to run the routine. You can be specific or broad:
You: Run the dependency auditYou: Run all overdue routines -
Execution
The Tech Lead follows the routine’s concrete procedure step-by-step. Each routine has a detailed checklist — the agent doesn’t improvise. For example, the dependency-audit routine walks through scanning
go.mod, checking for CVEs, flagging unmaintained packages, and documenting findings. -
Logging
Results are appended to
station/Logs/RoutineLog.mdwith a timestamp, the routine name, and a summary of findings. -
Dashboard update
The Tech Lead updates the
last_rantimestamp inagent/Core/routines.md. The next-due date is automatically calculated from the frequency.
Complete Routine Reference
Section titled “Complete Routine Reference”All 8 routines in the Bonsai catalog:
| Routine | Frequency | What it does |
|---|---|---|
| backlog-hygiene | 7 days | Review Playbook/Backlog.md — flag stale items, escalate P0s, cross-reference with Status and Roadmap |
| dependency-audit | 7 days | Scan dependencies for known CVEs and unmaintained packages |
| doc-freshness-check | 7 days | Detect documentation drift — find docs that are stale relative to recent code changes |
| infra-drift-check | 7 days | Compare declared IaC state against actual cloud resources |
| vulnerability-scan | 7 days | SAST scan, secrets scan, and dependency audit — flag new, resolved, and persistent vulnerabilities |
| status-hygiene | 5 days | Keep Playbook/Status.md clean — archive old Done items, validate Pending items |
| memory-consolidation | 5 days | Bridge Claude Code auto-memory into agent/Core/memory.md — validate facts, clean redundant entries |
| roadmap-accuracy | 14 days | Ensure Playbook/Roadmap.md reflects what’s actually built and what’s actually next |
The Routine Dashboard
Section titled “The Routine Dashboard”The dashboard lives at agent/Core/routines.md inside the Tech Lead’s workspace. It tracks each routine’s status in a structured format:
## Routines
| Routine | Frequency | Last Ran | Next Due ||---------|-----------|----------|----------|| backlog-hygiene | 7 days | 2025-01-15 | 2025-01-22 || dependency-audit | 7 days | 2025-01-10 | 2025-01-17 || doc-freshness-check | 7 days | 2025-01-14 | 2025-01-21 |...The routine-check sensor reads this dashboard at session start. If any routine’s next-due date is in the past, it flags it as overdue in the session context.
Auto-Managed Sensor
Section titled “Auto-Managed Sensor”The routine-check sensor is automatically managed by Bonsai:
- Installed when you add any routine to an agent
- Removed when you remove the last routine from an agent
You never need to manually install or configure it. If an agent has routines, the sensor is there. If it doesn’t, the sensor is gone.
Routines and Scaffolding
Section titled “Routines and Scaffolding”Routines depend on scaffolding files to do their work:
| Routine | Scaffolding dependency |
|---|---|
| backlog-hygiene | Reads and maintains Playbook/Backlog.md |
| status-hygiene | Reads and maintains Playbook/Status.md |
| roadmap-accuracy | Reads and maintains Playbook/Roadmap.md |
| doc-freshness-check | Scans all project documentation |
| dependency-audit | Logs results to Logs/RoutineLog.md |
| vulnerability-scan | Logs results to Logs/RoutineLog.md |
| memory-consolidation | Reads and maintains agent/Core/memory.md |
| infra-drift-check | Logs results to Logs/RoutineLog.md |
This is why scaffolding modules like Playbook and Logs are required — routines rely on them to function.
Running Routines
Section titled “Running Routines”You: Hi, get startedLead: [startup flags: "OVERDUE: dependency-audit (last ran 12 days ago, due every 7)"]You: Run the dependency auditLead: [follows procedure -> logs to RoutineLog.md -> updates dashboard]Useful prompts for working with routines:
- “Are any routines overdue?”
- “Run all overdue routines”
- “Run the vulnerability scan”
- “What did the last dependency audit find?”
Each routine has a concrete, step-by-step procedure — the agent doesn’t improvise. This makes routine execution predictable and auditable.
Creating Custom Routines
Section titled “Creating Custom Routines”You can create your own routines by adding markdown files with YAML frontmatter (including a frequency field) to agent/Routines/. See Creating Custom Routines for the full guide.