Context Everywhere
Summary
Operational code should carry explicit context: organization or tenant scope, actor identity, run identity, environment, and the source of a decision where those concepts apply.
Problem
Hidden context is one of the fastest ways to make operational systems unsafe. If a service reads "current tenant" from nowhere, if a job cannot explain which run produced a result, or if a state change has no actor, later review becomes guesswork.
Principle
Pass context explicitly at boundaries. The platform should be able to answer who acted, for which scope, from which run or request, and with which source evidence.
Platform Shape
The repo guidance assumes multi-tenancy and audit even when current usage is internal. Jobs receive runtime params and record execution state. Review surfaces should record actors for mutations. Lakehouse and operational services should avoid unscoped reads when the data has tenant or provider scope.
The point is not boilerplate. Explicit context lets the same service function serve a CLI, scheduled job, API route, worker, or future agent without relying on hidden process state.
Source Evidence
AGENTS.mddocs/reference/architecture.mddocs/reference/job-layout.md
Related Reading
docs/engineering/architecture/designing-for-future-separation.mddocs/engineering/architecture/lakehouse-service-boundary.md