chore: align cross-doc inconsistencies and drop stray debug code

.github/ISSUE_TEMPLATE/config.yml

@@ -21,5 +21,5 @@
 blank_issues_enabled: false
 contact_links:
   - name: Security vulnerability
-    url: https://github.com/microsoft/sico/security/advisories/new
+    url: https://github.com/microsoft/Sico/security/advisories/new
     about: Please report security issues privately instead of opening a public issue.

CLAUDE.md

@@ -4,14 +4,16 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 
 ## Project Overview
 
-Sico is an open-source AI agent platform with three main services that communicate via gRPC and a bidirectional "reverse RPC" pattern. The backend handles HTTP APIs and persistence, the core handles AI/LLM orchestration, and the frontend provides a React dashboard (frontend codebase is not opensourced). 
+Sico is an open-source AI agent platform with three main services that communicate via gRPC and a bidirectional "reverse RPC" pattern. The backend handles HTTP APIs and persistence, the core handles AI/LLM orchestration, and the frontend provides a React dashboard.
+
+> **Frontend source code is not in this public repository.** In a public checkout, `frontend/` only contains packaged deployment assets (e.g. `frontend-dist.zip`, `deployments/`) — there is no `frontend/package.json` or `src/`, so any `pnpm`/`vite` workflow must be run from a separate frontend source checkout. Do not add or document `pnpm dev`/`pnpm build` instructions in this repo.
 
 ## Build & Run Commands
 
 ### Full Stack (Docker Compose)
 ```bash
 cp .env.example .env          # first time only
-make compose-up               # builds and starts all services (nginx, backend, core, mysql, redis, kafka, seaweedfs)
+make compose-up               # builds and starts all services (nginx, frontend, backend, core, mysql, redis, kafka, seaweedfs, qdrant)
 make compose-down              # stop and remove containers
 make compose-logs              # tail all service logs
 ```

README.md

@@ -21,10 +21,11 @@ The idea behind Sico emerged from large-scale operational challenges observed in
 
 Through real production workloads, Sico achieved closed-loop validation for Digital Workers operating under continuous execution, evaluation, and human supervision. Through this process, we observed that reliability emerged not from static automation alone, but from the continuous co-evolution between human operators and Digital Workers.
 
-In Sico, three core roles define how work gets done:
+In Sico, four core roles define how work gets done:
 
-- Operator: responsible for training, monitoring, and improving Digital Workers
 - Employer: defines business objectives and outcome standards for Digital Workers
+- Operator: responsible for training, monitoring, and improving Digital Workers
+- Developer: builds the capability structure and infrastructure (workflows, tools, execution environments) of Digital Workers
 - Digital Worker: executes tasks through structured capabilities and continuous learning
 
 At the center of this system, a Digital Worker is not just a model or an agent, but a structured, executable capability unit. 
@@ -120,8 +121,8 @@ On top of this runtime, Sico organizes work into **three loops** that together f
 ### Prepare the configuration (shared by all run modes)
 
 ```bash
-git clone https://github.com/microsoft/sico.git
-cd sico
+git clone https://github.com/microsoft/Sico.git
+cd Sico
 cp .env.example .env            # edit values as needed
 ```
 
@@ -162,7 +163,7 @@ Then pick **one** of the run modes below.
 ### Run mode A: Docker Compose (recommended for local dev)
 
 ```bash
-make compose-up                 # builds and starts nginx, backend, core, mysql, redis
+make compose-up                 # builds and starts nginx, frontend, backend, core, mysql, redis, kafka, seaweedfs, qdrant
 ```
 
 Then verify the stack:
@@ -172,7 +173,7 @@ Then verify the stack:
 - API docs: [http://localhost:8080/api/sico/docs/index.html](http://localhost:8080/api/sico/docs/index.html)
 - Health: `curl http://localhost:8080/api/sico/health`
 
-Sign in with the seeded default account:
+Sign in with the seeded default account (local development only — rotate or remove before exposing the stack outside your machine):
 
 - **Username**: `operator@sico.local`
 - **Password**: `operator`
@@ -239,4 +240,4 @@ This project may contain trademarks or logos for projects, products, or services
 
 ## Acknowledgements
 
-Sico stands on the shoulders of the open-source community: Go, Gin, GORM, Wire, Python, asyncio, grpclib, betterproto, React, Vite, and many more. Thank you to everyone who has [contributed](https://github.com/microsoft/sico/graphs/contributors) to Sico.
+Sico stands on the shoulders of the open-source community: Go, Gin, GORM, Wire, Python, asyncio, grpclib, betterproto, React, Vite, and many more. Thank you to everyone who has [contributed](https://github.com/microsoft/Sico/graphs/contributors) to Sico.

SECURITY.md

@@ -13,7 +13,14 @@ updated to list supported versions.
 
 **Please do not file public GitHub issues for security vulnerabilities.**
 
-Instead, report privately via GitHub's [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability)
+For Microsoft-owned projects, the preferred reporting channel is the
+**Microsoft Security Response Center (MSRC)**: report at
+[https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report),
+or email [secure@microsoft.com](mailto:secure@microsoft.com). MSRC coordinates
+disclosure across Microsoft products and is the canonical channel for issues
+with potential cross-product impact.
+
+As an alternative, you can also report privately via GitHub's [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability)
 on this repository.
 
 Please include:

core/app/biz/chat/service.py

@@ -524,7 +524,7 @@ async def generate_onboard_recommendation_tasks(
             knowledge_list=json.dumps(workspace_context.get("knowledge", []), ensure_ascii=False, indent=2),
             skills_list=json.dumps(workspace_context.get("skills", []), ensure_ascii=False, indent=2),
         )
-        print(prompt)
+
         generation = await app.llmhubs.generate(request=build_llm_request(
             [{
                 "role": "user",

docs/quickstart.md

@@ -21,8 +21,8 @@ For a developer setup (building services from source, writing code, running test
 ## 1. Configure the environment
 
 ```bash
-git clone https://github.com/microsoft/sico.git
-cd sico
+git clone https://github.com/microsoft/Sico.git
+cd Sico
 cp .env.example .env
 ```
 
@@ -210,7 +210,7 @@ curl http://localhost:8080/api/sico/health
 # Core is internal, but the Backend exposes an aggregated health view.
 ```
 
-Sign in with the seeded default account:
+Sign in with the seeded default account (local development only — rotate or remove before exposing the stack outside your machine):
 
 - **Username**: `operator@sico.local`
 - **Password**: `operator`

docs/roadmap.md

@@ -2,7 +2,7 @@
 
 Sico is at an early, actively-evolving stage. This roadmap captures our direction, not a commitment to specific dates. Priorities shift based on user feedback and real-world deployment experience.
 
-We track concrete work items as [GitHub Issues](https://github.com/microsoft/sico/issues). This page is the higher-level view.
+We track concrete work items as [GitHub Issues](https://github.com/microsoft/Sico/issues). This page is the higher-level view.
 
 ## Current scope
 
@@ -41,4 +41,4 @@ Frontend source code is not currently published in this repository. For now, the
 
 ## Contributing ideas
 
-Have a use case, a proposal, or an existing tool you think should integrate with Sico? Open a [discussion](https://github.com/microsoft/sico/discussions) or [issue](https://github.com/microsoft/sico/issues). Real workload feedback is the single most valuable input for the roadmap.
+Have a use case, a proposal, or an existing tool you think should integrate with Sico? Open a [discussion](https://github.com/microsoft/Sico/discussions) or [issue](https://github.com/microsoft/Sico/issues). Real workload feedback is the single most valuable input for the roadmap.

examples/knowledge/create_link_document.py

@@ -30,7 +30,7 @@
 def main() -> None:
     token = require_env("TOKEN")
     project_id = env_int("PROJECT_ID", 1)
-    link_url = os.environ.get("DOC_URL", "https://github.com/microsoft/sico")
+    link_url = os.environ.get("DOC_URL", "https://github.com/microsoft/Sico")
     name = os.environ.get("DOC_NAME", "Sico GitHub Repository")
     agent_id = os.environ.get("AGENT_ID", "").strip()