## 1. Episode Overview
Episodes referenced in today’s council record focused on converting recent engineering momentum into user-visible trust and adoption:
- **RETRO-2025-12 — Monthly Retro: December 2025 (2025-12-01-retro)**: Deep platform hardening (server refactor, build health, security fixes) alongside escalating community trust issues (token migration confusion, support gaps, multi-user uncertainty).
- **S1E3 — The Plugin Paradox (episode-the-plugin-paradox)**: Rapid plugin expansion as a growth engine, but with rising fragmentation and UX coherence risks.

## 2. Key Strategic Themes
- **Reliability-first engineering must become measurable outcomes**
  - Internal refactors (server, type safety, dependency upgrades) are only “done” when they reduce setup failures, runtime incidents, and support burden.
- **Security is a first-class reliability requirement**
  - Secret/auth issues were fixed, but posture is still seen as reactive; migration-related scams amplify reputational risk.
- **Streaming as a platform contract (not per-plugin behavior)**
  - Council aligned that real-time streaming should be unified across model providers via a single event model + provider adapters, enforced by end-to-end tests.
- **Developer Experience (DX) is now the adoption bottleneck**
  - Persistent setup blockers (Postgres permissions, plugin conflicts, template/contract churn) are suppressing ecosystem growth despite engineering velocity.
- **Multi-user identity/workspace architecture is gating Cloud and SaaS readiness**
  - Single-user assumptions block serious deployments; lack of an identity model forces downstream product fragility.
- **Plugin ecosystem growth needs governance, standards, and coherence**
  - “Controlled chaos” is acceptable only if there are stable contracts, templates, and a clear “gold path” experience.

## 3. Important Decisions / Insights
- **January priority stack locked:** **Security + Identity + DX fast path**, with **Streaming + Onboarding** as force multipliers.
- **Streaming decision:** Treat streaming as a **core platform contract** with:
  - A provider-agnostic event model (e.g., StreamChunk / ToolCallDelta / MemoryWriteEvent)
  - **Golden-path end-to-end tests** (CLI → server → client) so regressions are caught before users.
- **Security credibility plan (minimum viable program)**
  - Establish prevent/detect/respond loop, plus public-facing migration safety guidance and support SLAs.
- **Identity architecture must be decided via RFC**
  - Explicit model proposed: **user → workspace → agents → plugins → chains**, with data isolation and token-scoped auth boundaries.
- **DX success definition tightened**
  - “Hello Agent” setup speed is positioned as a strategic KPI (not a nicety), with an explicit time goal and support-load reduction target.
- **Plugin growth must not outpace UX coherence**
  - The Plugin Paradox episode reinforced that integrations are beneficial only if purposeful and supported by stable interfaces and onboarding.

## 4. Community Impact
- **Improved core stability is real, but trust is currently shaped by user-facing pain**
  - Token migration confusion, scams, and slow support cycles are undermining confidence at the exact moment the platform is trying to scale.
- **More plugins increase possibility space, but also increase breakage and cognitive load**
  - Without stable templates/contracts, plugin churn becomes a compounding support and adoption tax.
- **Unified streaming would materially improve the “alive agent” experience**
  - Better responsiveness improves demo-ability, engagement, and long-session behavior; also creates clearer performance KPIs (TTFT, latency).
- **Clarifying multi-user identity/workspaces unlocks serious deployments**
  - Enables SaaS-grade Cloud usage, multi-wallet support, and safer marketplace narratives—reducing architectural ambiguity for builders.

## 5. Action Items
- **Security + Trust Operations**
  - Publish a **threat model + security checklist** (auth/secret surfaces prioritized).
  - Perform at least **one internal audit pass** on auth/secret handling.
  - Ship a **public incident-response guide** and a pinned **“migration safety” canonical page**.
  - Implement **migration support operations**: weekly status cadence, consolidated FAQ + exchange matrix, **48-hour ticket SLA** target.
- **Identity / Multi-user Foundations**
  - Draft and approve an **RFC** defining users/workspaces/agents, auth boundaries, and data isolation.
  - Implement a **minimal multi-user scaffold** (feature-flagged) with workspace ownership + token-scoped auth.
  - Validate at least **one reference deployment** supporting **2+ concurrent users**.
- **DX Fast Path (“Hello Agent” < 10 minutes)**
  - Ship a single **docker-compose dev environment** that passes CI.
  - Reduce top setup failures (DB permissions/migrations, plugin conflicts, template drift).
  - Stabilize **plugin templates/contracts** and document a canonical “gold path” workflow.
- **Unified Streaming Contract**
  - Define the **provider-agnostic streaming API** and implement across OpenAI/Anthropic/OpenRouter plugins.
  - Add **golden-path e2e tests** validating token streaming + tool calls.
  - Publish baseline metrics: **time-to-first-token (TTFT)** and response latency.
- **Dashboard/Onboarding v2 (narrow MVP)**
  - Ship an onboarding MVP: **create agent → select provider → run → deploy**, with telemetry.
  - Improve activation and reduce “where do I start” support volume via clearer Cloud vs local explanations.