System Reform CEO Brief (Apr 2026)

CEO Morning Brief — System Reform Filed by: Petter Graff (architect agent), MC #10043 Date: 2026-04-29 (overnight autonomous session) For: Alem Basic, CEO, ALAI Holding AS TL;DR (3 bullets) CRITICAL SECURITY INCIDENT DISCOVERED: RSA private keys (SSL/TLS certificates) are committed to git and pushed to GitHub (repo: johnatbasicas/vivacare, project: client/lumiscare). These must be treated as compromised. Your first action of the morning: determine if these certificates protect a live endpoint, then revoke them. STRUCTURE IS CONSISTENT BUT UNIVERSALLY INCOMPLETE: All 30 entities (13 companies + 17 projects) follow a similar pattern — they have CLAUDE.md but universally lack blueprint standards (no .alai/manifest.yaml, no brand/, no legal/, no ops/, no RUNBOOK.md, no ADRs). This is fixable with 6-8 weeks of disciplined execution across agents. THE SYSTEM WORKS — NOW IT NEEDS HARDENING: The agent routing (John + specialists), task management (mc.js), and knowledge base (BookStack) are ahead of market. The gaps are documentation, CI/CD, and secret hygiene — all mechanical fixes, not architectural rewrites. Top 5 Critical Gaps CRITICAL: Private SSL Keys in Git (client/lumiscare) HIGH: Zero ADRs Across All Projects HIGH: No RUNBOOK.md on Any Project HIGH: Tim.html — Internal Pricing Page Publicly Accessible HIGH: Active Client Work Without Confirmed Contracts Top 5 Quick Wins (≤2 hours each) Add .alai/manifest.yaml to all 30 entities Add FreeMyEV-v2 .gitignore Add .github/CODEOWNERS + PR template to snowit-site Update bih-tenders CLAUDE.md status to "stalled" Update all company.json files to reference manifest.yaml schema 3 Questions Only You Can Answer CRITICAL (answer TODAY): Are MyPrivate.key and CAPrivate.key protecting any live SSL/TLS endpoint? Should bih-tenders be formally deprecated? Should ~/projects/tools/ be renamed to ~/projects/autocoder/? File location: /Users/makinja/system/specs/system-reform-CEO-BRIEF.md MC Task: #10043 Tags: system-reform-2026-04, MC-10043, petter-graff, CEO-brief