feat: bootstrap homebrew-tap repo with formula, CI, and agent config

.claude/hooks/fix-git-identity.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+# SessionStart hook: override agent-like git identity with real user.
+
+set -euo pipefail
+
+git rev-parse --git-dir >/dev/null 2>&1 || exit 0
+
+# Check if current git identity looks agent-like
+current_name=$(git config user.name 2>/dev/null || echo "")
+if [[ "$current_name" =~ ^(Claude|Cursor|Copilot|github-actions) ]]; then
+  if [[ -n "${GIT_USER_NAME:-}" && -n "${GIT_USER_EMAIL:-}" ]]; then
+    git config user.name "$GIT_USER_NAME"
+    git config user.email "$GIT_USER_EMAIL"
+  else
+    echo "[WARN] Agent-like git identity detected ($current_name) but GIT_USER_NAME/GIT_USER_EMAIL not set"
+  fi
+fi

.claude/settings.json

@@ -0,0 +1,19 @@
+{
+  "attribution": {
+    "commit": "",
+    "pr": ""
+  },
+  "hooks": {
+    "SessionStart": [
+      {
+        "matcher": "",
+        "hooks": [
+          {
+            "type": "command",
+            "command": ".claude/hooks/fix-git-identity.sh"
+          }
+        ]
+      }
+    ]
+  }
+}

.claude/skills/ship/SKILL.md

@@ -0,0 +1,43 @@
+---
+name: ship
+description: Goal-oriented workflow for landing a Homebrew formula change safely. Use when the user asks to ship, update a formula, or drive PR/CI/merge to completion.
+user-invocable: true
+---
+
+# Ship
+
+Goal: land the requested change safely, with evidence, and merge only after CI is green.
+
+## When To Use
+
+Use this skill when the user asks to:
+
+- ship or fix and ship a change
+- take work through validation, PR creation, CI, and merge
+- prove a branch is merge-ready
+
+## Required Outcomes
+
+1. The branch state is safe.
+   - Do not ship from `main` or `master`.
+   - Rebase onto latest `origin/main` before merge.
+2. The requested goal is achieved with evidence.
+   - Review the delta with `git diff origin/main...HEAD`.
+   - Confirm the formula is correct.
+3. The formula passes linting.
+   - Run `brew audit --strict Formula/*.rb` if possible, or verify CI does it.
+4. The PR is mergeable and merged safely.
+   - Push the branch.
+   - Create or update the PR.
+   - Address every review comment.
+   - Wait for CI to go green.
+   - Merge with squash only after CI is green.
+
+## PR And Merge
+
+- Use a conventional-commit style PR title.
+- Explain what changed, why, and how it was validated.
+- Use `gh pr view --json url` to detect an existing PR.
+- Create with `gh pr create` if needed.
+- Check CI with `gh pr checks`.
+- Merge with `gh pr merge --squash` only after CI is green.

.github/workflows/ci.yml

@@ -0,0 +1,32 @@
+name: Homebrew CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  audit:
+    name: Audit Formulae
+    runs-on: macos-latest
+    steps:
+      - name: Checkout tap
+        uses: actions/checkout@v4
+
+      - name: Tap locally
+        run: |
+          mkdir -p "$(brew --repository)/Library/Taps/everruns"
+          ln -s "$GITHUB_WORKSPACE" "$(brew --repository)/Library/Taps/everruns/homebrew-tap"
+
+      - name: Discover formulae
+        id: formulae
+        run: |
+          names=$(ls Formula/*.rb 2>/dev/null | xargs -I{} basename {} .rb | tr '\n' ' ')
+          echo "names=$names" >> "$GITHUB_OUTPUT"
+
+      - name: Audit formulae
+        run: brew audit --strict ${{ steps.formulae.outputs.names }}
+
+      - name: Style check
+        run: brew style ${{ steps.formulae.outputs.names }}

AGENTS.md

@@ -0,0 +1,83 @@
+# Homebrew Tap — Agent Guidance
+
+## Repository
+
+This is a Homebrew tap (`everruns/homebrew-tap`). Formulae live in `Formula/`.
+
+## Cloud Agent (start here)
+
+Use Doppler for all secret-backed commands in cloud agents.
+
+```bash
+./scripts/init-cloud-env.sh
+```
+
+All cloud secrets are in Doppler (`GITHUB_TOKEN`).
+
+For GitHub CLI, map token explicitly:
+
+```bash
+doppler run -- bash -lc 'GH_TOKEN="$GITHUB_TOKEN" gh auth status'
+```
+
+## Style
+
+Telegraph. Drop filler/grammar. Min tokens.
+
+## Formulae
+
+- Each formula is a Ruby file in `Formula/`
+- Pre-built binary formulae: no `depends_on "rust"`, just `bin.install`
+- Source-build formulae: use `depends_on "rust" => :build` and `cargo build`
+- Always include a `test do` block
+
+## Linting
+
+Run before pushing:
+
+```bash
+brew audit --strict --new Formula/*.rb
+```
+
+## Branch Base
+
+Always work on top of latest main from remote:
+
+```bash
+git fetch origin main
+```
+
+## Commits
+
+Conventional Commits: `type(scope): description`
+
+Types: feat, fix, docs, chore
+
+**NEVER** add links to Claude sessions in PR body or commits.
+
+### Commit Attribution
+
+All commits **MUST** be attributed to the real human user, never to a coding agent or bot.
+
+If current git config already resolves to a real human identity, use it as-is.
+
+If current git config is missing or looks agent-like, set `GIT_USER_NAME` and `GIT_USER_EMAIL`, then configure git before committing:
+
+```bash
+git config user.name "$GIT_USER_NAME"
+git config user.email "$GIT_USER_EMAIL"
+```
+
+- **Do NOT** set `GIT_AUTHOR_NAME`, `GIT_COMMITTER_NAME`, or `user.name` to any AI/bot identity
+- **Do NOT** use `Co-authored-by` trailers referencing AI tools
+- **Do NOT** add "generated by", "authored by AI", or similar attribution in commit messages
+
+## Shipping
+
+Ship means: achieve the goal, lint the formula, create a PR, wait for CI green, merge with squash.
+
+Use `/ship` for the canonical shipping workflow.
+
+## CI
+
+GitHub Actions runs `brew audit` and `brew style` on every PR. Never merge when CI is red.

CLAUDE.md

@@ -0,0 +1 @@
+@AGENTS.md

Formula/everruns.rb

@@ -0,0 +1,27 @@
+class Everruns < Formula
+  desc "Command-line interface for Everruns - headless durable agentic harness engine"
+  homepage "https://github.com/everruns/everruns"
+  license "MIT"
+
+  on_macos do
+    on_arm do
+      url "https://github.com/everruns/everruns/releases/download/v0.8.7/everruns-aarch64-apple-darwin.tar.gz"
+      sha256 "a6c6940bd4d106985df6a10baed5440883ed06cac710bbb6733f3087f9f470da"
+    end
+  end
+
+  on_linux do
+    on_intel do
+      url "https://github.com/everruns/everruns/releases/download/v0.8.7/everruns-x86_64-unknown-linux-gnu.tar.gz"
+      sha256 "ba5100368f1d8832140d296b1b33506c6ec731b1c3e7210363086325cbcbeab2"
+    end
+  end
+
+  def install
+    bin.install "everruns"
+  end
+
+  test do
+    assert_match version.to_s, shell_output("#{bin}/everruns --version")
+  end
+end

README.md

@@ -1 +1,31 @@
-# homebrew-tap
+# Homebrew Tap for Everruns
+
+Homebrew formulae for [Everruns](https://github.com/everruns/everruns) — a headless durable agentic harness engine.
+
+## Installation
+
+```bash
+brew tap everruns/tap
+brew install everruns
+```
+
+## Upgrade
+
+```bash
+brew upgrade everruns
+```
+
+## Available Formulae
+
+| Formula | Description |
+|---------|-------------|
+| `everruns` | CLI for Everruns — run durable AI agents reliably and scalably |
+
+## Updating Formulae
+
+When a new Everruns release is published:
+
+1. Update `url` and `sha256` in `Formula/everruns.rb` for each platform
+2. Run `brew audit --strict --new Formula/everruns.rb` locally
+3. Run `brew install --build-from-source Formula/everruns.rb` to verify
+4. Open a PR — CI will lint and audit automatically