Documentation

Complete setup
every path

First-time greenfield, Cursor-led install (Phases 0–10), expert hands-on CLI, unlimited projects, Jira policies, and DevOps evidence. Full playbook — no markdown required.

Start

Choose your path

First-time customer

Nothing configured yet. Cursor asks for Jira credentials and creates files from templates.

Greenfield walkthrough →

Cursor-led

Paste one prompt; agent runs Phases 0–10 below.

Prompts → · Full phases →

Expert hands-on

Edit JSON and run CLI yourself.

Expert section → · How to use admin → · Admin panel →

Compatible tools

Which AI tools can use Seal?

Seal is a command-line workflow for Jira tickets and test evidence. It does not replace your chat app or editor — it runs alongside them.

Best experience

Cursor — paste a setup prompt, agent runs phases, installs the Seal rule in your repo.

Cursor Agent

Also works

Run seal open, seal test, and seal done from any agent or terminal that can execute CLI commands.

Claude Code GitHub Copilot Windsurf VS Code

With Orchestra (optional)

Add shared memory across ChatGPT, Codex, Claude, Cursor, and more. Seal closes the Jira loop; Orchestra remembers what shipped.

Browser add-on Editor add-on Agent memory

Not required for Seal

Jira-only mode works without Orchestra. Browser and editor add-ons are Orchestra features, not Seal.

Prerequisites

What you need

ItemWhere
Node.js 22+nodejs.org
Berta Seal packageExtract e.g. D:\BertaSeal
Jira BertaD:\mix\jira-berta (from license bundle)
Jira credentials.jira-berta.env — template: product/templates/jira-berta.env.example
Seal config%USERPROFILE%\.berta-seal\ (or BERTA_SEAL_HOME for isolated sim)
Policies (optional)policies.json — template: product/templates/policies.default.json
Orchestra (optional)http://localhost:4317 for memory on seal done
Run seal setup --sandbox D:\YourProject anytime — it lists ✗ items and points to templates until ready.

Paths

Symbols the agent uses

SymbolMeaning
SEAL_ROOTFolder where Berta Seal was extracted (e.g. D:\BertaSeal)
JIRA_BERTA_ROOTDefault D:/mix/jira-berta — override in programmes.json
SANDBOXUser's day-to-day project folder
CONFIG%USERPROFILE%\.berta-seal\programmes.json

CLI for all commands:

node <SEAL_ROOT>/product/bin/seal.mjs <command>

Agent playbook

How the Cursor agent must behave

  1. One phase at a time. Finish the phase, show pass/fail, then ask "Ready for the next step?"
  2. Run commands yourself in the terminal. Do not tell the user to copy-paste unless they must enter secrets.
  3. Ask for secrets — greenfield installs have no pre-filled .env. Run seal setup after each step.
  4. Phases 0–8: no seal open / seal done. Only Phase 9 runs the verification cycle.
  5. Phase 9 must use evidence workflow — evidence, test, attach, then done with facts. Never close with only open + done.
  6. End with a delivery card — Jira ticket URL, browser checklist, memory ref if Orchestra ran.
  7. After setup, normal rules in .cursor/rules/seal.mdc apply (including policy checks).
Retest shortcut: If the user says retest or seal health already passes — confirm programmes.json, Jira Berta, and seal.mdc in sandbox, then skip to Phase 9.

Greenfield

First-time prep (before Cursor)

1

Isolated simulation (optional)

cd D:\BertaSeal
powershell -ExecutionPolicy Bypass -File scripts/prepare-first-time.ps1

Creates D:\FirstSealUser and wipes only D:\FirstSealUser\.berta-seal\ — your real %USERPROFILE%\.berta-seal is untouched.

2

Open Seal in Cursor

File → Open Folder → D:\BertaSeal. Paste a prompt from Cursor prompts below.

Cursor

Paste into Cursor Agent chat

First-time simulation prompt 
SIMULATION: I am a first-time Berta Seal customer. Nothing is pre-configured for me.

Rules for this session:
- Use BERTA_SEAL_HOME=D:/FirstSealUser/.berta-seal for ALL seal commands
- Do NOT read or use %USERPROFILE%\.berta-seal — it is from another user/dev setup
- Do NOT assume D:/mix/jira-berta/.jira-berta.env is mine — ASK me for Jira URL, email, API token and CREATE the file from product/templates/jira-berta.env.example
- Run seal setup after every phase; show me ✗/✓
- One phase at a time; wait for my OK
- Follow Phases 0–10 in setup-guide.html (or docs/GETTING-STARTED.md)

My sandbox (empty new project): D:/FirstSealUser
Seal CLI: D:/BertaSeal/product/bin/seal.mjs

Phase 9 must complete: seal open → seal evidence → seal test --run → seal attach → seal done with Jira subtask.

I will paste Jira credentials when you ask. Start with Phase 0.
Retest prompt (already configured) 
Retest Berta Seal from Phase 9. seal setup passes on my machine.
Sandbox: D:/YourProject
Seal CLI: D:/BertaSeal/product/bin/seal.mjs
Run open → evidence → test --run → attach → done on a new ticket.
Claude Code / any terminal agent 
Add Berta Seal to this project:
- CLI: node D:/BertaSeal/product/bin/seal.mjs
- Start: seal policy check open → seal open "<user request>"
- Work: seal evidence, seal test --run --command "npm test"
- End: seal policy check done → seal done "<outcome>"
- Configure ~/.berta-seal/programmes.json with all my repo paths and Jira projects.
- Run test cycle and give me the Jira ticket URL.

Setup phases

Phases 0–8 — install (no Jira tickets yet)

0
Orient · ~1 min

Phase 0 — Orient

Goal: Confirm greenfield install; list what's missing.

node -v
node <SEAL_ROOT>/product/bin/seal.mjs setup --sandbox <SANDBOX>

Expect ✗ items on first run — normal. Agent says:

Greenfield setup: I'll ask for your Jira credentials, create .jira-berta.env, map your project in programmes.json, install the Cursor rule, then run a test ticket with automated tests.

Pass: Node version printed, Seal CLI found, missing items known from seal setup.

1
Node.js

Phase 1 — Node.js 22+

Goal: node -v shows v22 or higher.

Fail: send user to nodejs.org, wait, re-check.

2
Jira

Phase 2 — Jira Berta + API credentials

Goal: Jira Berta installed + .jira-berta.env with real values.

node <SEAL_ROOT>/product/bin/seal.mjs setup --scaffold-jira-env --jira-root D:/mix/jira-berta
Test-Path D:/mix/jira-berta/bin/jira-berta.mjs

Ask user once (required — do not skip):

I need three values for Jira Cloud:
1. Site URL — e.g. https://yourcompany.atlassian.net
2. Email — your Atlassian account
3. API tokencreate here

Create at D:/mix/jira-berta/.jira-berta.env from product/templates/jira-berta.env.example:

JIRA_BASE_URL=https://THEIR-SITE.atlassian.net
JIRA_EMAIL=their@email.com
JIRA_API_TOKEN=their_token
node <SEAL_ROOT>/product/bin/seal.mjs setup --jira-root D:/mix/jira-berta
node D:/mix/jira-berta/bin/jira-berta.mjs ledger --limit 1

Pass: ✓ Jira credentials; ledger exits 0.

3
Init

Phase 3 — Seal init (global config)

cd <SEAL_ROOT>
node product/bin/seal.mjs init --target <SANDBOX>
node product/bin/seal.mjs setup --sandbox <SANDBOX>

Pass: programmes.json created · <SANDBOX>\.cursor\rules\seal.mdc exists · optional .env from template.

4
Programmes

Phase 4 — Map programmes (sandbox → Jira)

Ask user: Jira project key (e.g. MYAPP, SEALTEST) and seat count (1 Solo, 5 Team).

Edit %USERPROFILE%\.berta-seal\programmes.json or use Admin panel to import/generate:

{
  "version": 1,
  "seats": 1,
  "jiraBertaRoot": "D:/mix/jira-berta",
  "orchestraUrl": "http://localhost:4317",
  "programmes": [{
    "id": "myapp",
    "label": "My App",
    "path": "D:/path/to/SANDBOX",
    "emoji": "🚀",
    "jiraProject": "PROJECT_KEY",
    "sealPolicy": "ask"
  }]
}
node <SEAL_ROOT>/product/bin/seal.mjs setup --sandbox <SANDBOX>

Pass: ✓ Programme paths mapped (no placeholders).

5
Cursor rule

Phase 5 — Install Cursor rule in sandbox

node <SEAL_ROOT>/product/bin/seal.mjs init --target <SANDBOX>

Pass: <SANDBOX>\.cursor\rules\seal.mdc exists. Agents in this folder will follow Seal workflow.

6
Optional

Phase 6 — Orchestra memory

curl -s -o NUL -w "%{http_code}" http://localhost:4317/api/health

200 = memory saves on seal done. Down = Jira-only mode is fine. Do not block setup.

7
Health

Phase 7 — Health check

cd <SANDBOX>
node <SEAL_ROOT>/product/bin/seal.mjs health

Pass: ✓ Jira Berta · cwd programme shows sandbox label · Orchestra ✓ or gracefully unreachable.

8
Pre-flight

Phase 8 — Pre-flight checklist

Check
Node 22+
.jira-berta.env
programmes.json → sandbox path
seal.mdc in sandbox
Jira project exists / bootstrapped

Ask: "Ready to create your first Seal ticket?"

Verification

Phase 9 — Full evidence verification (mandatory)

Proof that Seal works. Jira must show facts, tests, attachments, and To Do → In Progress → Done.

cd <SANDBOX>
mkdir .seal-evidence -Force
node <SEAL_ROOT>/product/bin/seal.mjs open "Berta Seal setup verification — evidence workflow"

Show user ticket key (e.g. SEALTEST-10) and browse URL. Confirm status is In Progress.

9a — Work + proof file

$ts = (Get-Date).ToUniversalTime().ToString("o")
Add-Content -Path README.md -Value "`nVerified: $ts"
$log = ".seal-evidence/setup-verify-$(Get-Date -Format 'yyyyMMdd-HHmmss').log"
"Setup verification log`nTimestamp: $ts`nSandbox: <SANDBOX>" | Out-File -Encoding utf8 $log

9b — Document facts

node <SEAL_ROOT>/product/bin/seal.mjs evidence "Setup change applied" `
  --fact "README updated with ISO timestamp" `
  --fact "Proof log under .seal-evidence/"

9c — Automated test (creates subtask)

node <SEAL_ROOT>/product/bin/seal.mjs test "Seal health check" --run `
  --command "node <SEAL_ROOT>/product/bin/seal.mjs health" `
  --agent cursor

Note the subtask key printed (e.g. SEALTEST-11).

9d — Attach deliverable

node <SEAL_ROOT>/product/bin/seal.mjs attach .seal-evidence/<your-log>.log `
  --body "Setup verification proof log"

9e — Close with delivery evidence

node <SEAL_ROOT>/product/bin/seal.mjs done "Berta Seal setup complete — full evidence trail verified" `
  --fact "Workflow: open → evidence → test → attach → done" `
  --fact "Subtask created on PASS" `
  --attach .seal-evidence/<your-log>.log

9f — Verify in Jira (browser checklist)

CheckWhere in Jira
Status DoneIssue header
Was In Progress during workActivity / workflow
[evidence] comment with factsComments
[test] comment PASSComments
Subtask under parent (Done)Subtasks panel
Attachments (log file)Attachments
[delivery] commentComments
[workflow] To Do → In Progress → DoneComments

seal status must show no active session.

Automated regression (devs): cd <SEAL_ROOT> && npm run greenfield or node scripts/e2e-test.mjs --skip-memory

Give user: Jira URL · configured paths · daily ritual (seal open → work → seal done) · this guide URL.

Handoff

Phase 10 — Normal operation

Every request after setup (not only install):

seal policy check open                    # ask / always / never
seal open "<request>"                     # To Do → In Progress
seal evidence "<fact>" --fact "..."       # documented facts
seal test "<name>" --run --command "..."   # subtask + log
seal attach file.md                       # deliverables
seal policy check done
seal done "<shipped>" --fact "..."        # Done + delivery evidence

More repos: add to programmes.json and seal init --target <repo>. Use Admin panel to manage programmes and policies.

Expert

Hands-on (expert) setup

You edit files and run commands directly — follow Phases 0–9 above without an agent.

# 1. Jira
copy product\templates\jira-berta.env.example D:\mix\jira-berta\.jira-berta.env
node D:\mix\jira-berta\bin\jira-berta.mjs ledger --limit 1

# 2. Seal config
node product\bin\seal.mjs init
notepad %USERPROFILE%\.berta-seal\programmes.json

# 3. Each project repo
node product\bin\seal.mjs init --target D:\Projects\MyApp

# 4. Policies
node product\bin\seal.mjs policy set --global ask

# 5. Verify (from project cwd)
node D:\BertaSeal\product\bin\seal.mjs health
node D:\BertaSeal\product\bin\seal.mjs open "Expert setup test"
node D:\BertaSeal\product\bin\seal.mjs test "tests" --run --command "npm test"
node D:\BertaSeal\product\bin\seal.mjs done "Expert path verified"

Admin panel → import/generate programmes.json and policies.json.

Projects

Multi-project — any repo you assign to Seal

Add every workspace to programmes.json. Unlimited programmes; license limits seats only.

{
  "version": 1,
  "seats": 5,
  "jiraBertaRoot": "D:/mix/jira-berta",
  "orchestraUrl": "http://localhost:4317",
  "programmes": [
    { "id": "myapp", "label": "My App", "path": "D:/Projects/myapp", "emoji": "🚀", "jiraProject": "MYAPP", "sealPolicy": "always" },
    { "id": "client", "label": "Client X", "path": "D:/Clients/x", "emoji": "🏢", "jiraProject": "CLIENTX", "sealPolicy": "ask" },
    { "id": "scratch", "label": "Experiments", "path": "D:/Scratch", "emoji": "🧪", "jiraProject": "LAB", "sealPolicy": "never" }
  ]
}

seal init --target <path> in each repo installs .cursor/rules/seal.mdc. Seal picks programme from cwd (longest path prefix match).

New Jira project: register in jira-berta/projects.json, then jira-berta bootstrap --create --only id.

Policies

Jira: global vs per-project

File: %USERPROFILE%\.berta-seal\policies.json

ModeBehaviour
alwaysOpen/close Jira automatically for that scope
askAgent asks before seal open / seal done (default)
neverNo Jira — work without tickets

User phrases (when policy is ask)

User saysCommand
Yes / do thisseal open "…" or seal done "…"
Do this, don't ask againseal policy remember --programme <id> always
No / skip JiraWork without open; --no-jira on done if needed
Don't do it and don't ask againseal policy remember --programme <id> never
 
seal policy                          # show rules
seal policy check open|done          # 0=proceed  2=ask agent  skip=never
seal policy set --global always|ask|never
seal policy set --programme myapp ask
seal policy remember --programme myapp always|never|clear
seal admin

Admin panel → import programmes, edit policies, copy JSON or CLI.

DevOps

Evidence & automated testing

Every delivery: parent ticket + test subtasks + ADF tables + log attachments in Jira.

SEALTEST-42  Story: Add user roles          [Done]
├── SEALTEST-43  Sub-task: Test: unit tests  [Done]  ← seal test --run
├── SEALTEST-44  Sub-task: Test: lint        [Done]
└── Comments: [test] tables, [test-summary], [delivery]
    Attachments: test-*.log in .seal-evidence/

Daily workflow

seal open "user request"
seal evidence "fact" --fact "…" --agent cursor
seal test "unit tests" --run --command "npm test" --agent cursor
seal attach deliverable.zip
seal done "shipped" --fact "Tests PASS"

seal test --run will: run command · write log to .seal-evidence/ · create subtask · post table on parent · attach log · transition subtask Done on PASS.

seal done requires at least one test subtask unless --skip-tests (docs-only). Posts [test-summary] automatically.

Manual test (when no command exists)

seal test "manual UI review" --pass --agent human --body "Login verified" --attach screenshot.png

Multi-agent

seal test "API tests" --run --command "npm run test:api" --agent claude
seal evidence "review" --fact "Security pass" --agent copilot
# Default agent: BERTA_SEAL_AGENT=claude in sandbox .env

Support

Troubleshooting

SymptomFix
Ticket in wrong Jira projectprogrammes.json path must prefix-match cwd; jiraProject must match Jira Berta
ledger check failedRe-read .jira-berta.env
No active Jira issue on doneRun open first in same cwd
Orchestra memory failedStart Orchestra or --memory-optional on done
Flags ignored on JiraJira Berta requires flags before positional text (Seal handles this)
Agent keeps asking about Jiraseal policy remember --programme <id> always or set in admin
seal setup shows ✗ programmesEdit paths — no placeholders; use forward slashes

CLI

Command summary

CommandPurpose
seal setupGreenfield checklist + template hints
seal init --targetConfig + Cursor rule in repo
seal healthJira + programme + Orchestra status
seal open / doneJira lifecycle + memory (+ policy gate)
seal evidenceDocumented facts in Jira
seal test --runAutomated test → subtask + log
seal attachAttach files to active ticket
seal policy …Global / per-programme Jira rules
seal adminConfig paths + policy report
seal statusActive session / issue key