chore: rename cameleer3 to cameleer

Rename Java packages from com.cameleer3 to com.cameleer, module
directories from cameleer3-* to cameleer-*, and all references
throughout workflows, Dockerfiles, docs, migrations, and pom.xml.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

docs/superpowers/plans/2026-03-17-rbac-management.md

@@ -17,51 +17,51 @@
 ### Backend — New Files
 | File | Responsibility |
 |---|---|
-| `cameleer3-server-app/src/main/resources/db/migration/V1__init.sql` | Consolidated schema (replaces V1–V10) |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RbacService.java` | Inheritance computation interface |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/GroupRepository.java` | Group CRUD interface |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RoleRepository.java` | Role CRUD interface |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/UserDetail.java` | Enriched user record |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/GroupDetail.java` | Group detail record |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RoleDetail.java` | Role detail record |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/UserSummary.java` | Embedded user ref |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/GroupSummary.java` | Embedded group ref |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RoleSummary.java` | Embedded role ref |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RbacStats.java` | Dashboard stats record |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/SystemRole.java` | System role constants + fixed UUIDs |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/PostgresGroupRepository.java` | Group repository impl |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/PostgresRoleRepository.java` | Role repository impl |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/rbac/RbacServiceImpl.java` | Inheritance computation impl |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/GroupAdminController.java` | Group CRUD endpoints |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/RoleAdminController.java` | Role CRUD endpoints |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/RbacStatsController.java` | Dashboard stats endpoint |
+| `cameleer-server-app/src/main/resources/db/migration/V1__init.sql` | Consolidated schema (replaces V1–V10) |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RbacService.java` | Inheritance computation interface |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/GroupRepository.java` | Group CRUD interface |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RoleRepository.java` | Role CRUD interface |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/UserDetail.java` | Enriched user record |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/GroupDetail.java` | Group detail record |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RoleDetail.java` | Role detail record |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/UserSummary.java` | Embedded user ref |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/GroupSummary.java` | Embedded group ref |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RoleSummary.java` | Embedded role ref |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RbacStats.java` | Dashboard stats record |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/SystemRole.java` | System role constants + fixed UUIDs |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/storage/PostgresGroupRepository.java` | Group repository impl |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/storage/PostgresRoleRepository.java` | Role repository impl |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/rbac/RbacServiceImpl.java` | Inheritance computation impl |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/GroupAdminController.java` | Group CRUD endpoints |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/RoleAdminController.java` | Role CRUD endpoints |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/RbacStatsController.java` | Dashboard stats endpoint |
 
 ### Backend — Modified Files
 | File | Change |
 |---|---|
-| `cameleer3-server-core/.../security/UserInfo.java` | Remove `roles` field |
-| `cameleer3-server-core/.../security/UserRepository.java` | Remove `updateRoles`, add `findSystemRoles` |
-| `cameleer3-server-core/.../admin/AuditCategory.java` | Add `RBAC` category |
-| `cameleer3-server-app/.../storage/PostgresUserRepository.java` | Rewrite for new schema (no roles column, use user_roles join) |
-| `cameleer3-server-app/.../controller/UserAdminController.java` | Rewrite: use RbacService, new endpoints |
-| `cameleer3-server-app/.../security/UiAuthController.java` | Use user_roles instead of UserInfo.roles |
-| `cameleer3-server-app/.../security/OidcAuthController.java` | Use user_roles for role resolution |
-| `cameleer3-server-app/.../security/JwtAuthenticationFilter.java` | No change (reads roles from JWT, not DB) |
-| `cameleer3-server-app/.../security/AgentRegistrationController.java` | Use user_roles for AGENT role |
-| `cameleer3-server-app/src/test/.../TestSecurityHelper.java` | No change (creates JWT directly) |
+| `cameleer-server-core/.../security/UserInfo.java` | Remove `roles` field |
+| `cameleer-server-core/.../security/UserRepository.java` | Remove `updateRoles`, add `findSystemRoles` |
+| `cameleer-server-core/.../admin/AuditCategory.java` | Add `RBAC` category |
+| `cameleer-server-app/.../storage/PostgresUserRepository.java` | Rewrite for new schema (no roles column, use user_roles join) |
+| `cameleer-server-app/.../controller/UserAdminController.java` | Rewrite: use RbacService, new endpoints |
+| `cameleer-server-app/.../security/UiAuthController.java` | Use user_roles instead of UserInfo.roles |
+| `cameleer-server-app/.../security/OidcAuthController.java` | Use user_roles for role resolution |
+| `cameleer-server-app/.../security/JwtAuthenticationFilter.java` | No change (reads roles from JWT, not DB) |
+| `cameleer-server-app/.../security/AgentRegistrationController.java` | Use user_roles for AGENT role |
+| `cameleer-server-app/src/test/.../TestSecurityHelper.java` | No change (creates JWT directly) |
 
 ### Backend — Deleted Files
 | File |
 |---|
-| `cameleer3-server-app/src/main/resources/db/migration/V2__executions.sql` |
-| `cameleer3-server-app/src/main/resources/db/migration/V3__processor_executions.sql` |
-| `cameleer3-server-app/src/main/resources/db/migration/V4__agent_metrics.sql` |
-| `cameleer3-server-app/src/main/resources/db/migration/V5__route_diagrams.sql` |
-| `cameleer3-server-app/src/main/resources/db/migration/V6__users.sql` |
-| `cameleer3-server-app/src/main/resources/db/migration/V7__oidc_config.sql` |
-| `cameleer3-server-app/src/main/resources/db/migration/V8__continuous_aggregates.sql` |
-| `cameleer3-server-app/src/main/resources/db/migration/V9__admin_thresholds.sql` |
-| `cameleer3-server-app/src/main/resources/db/migration/V10__audit_log.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V2__executions.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V3__processor_executions.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V4__agent_metrics.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V5__route_diagrams.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V6__users.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V7__oidc_config.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V8__continuous_aggregates.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V9__admin_thresholds.sql` |
+| `cameleer-server-app/src/main/resources/db/migration/V10__audit_log.sql` |
 
 ### Frontend — New Files
 | File | Responsibility |
@@ -98,7 +98,7 @@
 ### Task 1: Consolidate Flyway Migrations
 
 **Files:**
-- Create: `cameleer3-server-app/src/main/resources/db/migration/V1__init.sql`
+- Create: `cameleer-server-app/src/main/resources/db/migration/V1__init.sql`
 - Delete: `V1__extensions.sql` through `V10__audit_log.sql` (10 files)
 
 - [ ] **Step 1: Create consolidated V1__init.sql**
@@ -106,7 +106,7 @@
 Combine all existing migration content (V1–V10) into a single file, replacing the `users` table definition to drop `roles TEXT[]`, and adding the new RBAC tables. Order: extensions → users (new) → roles (with seeds) → groups → join tables → executions → processor_executions → agent_metrics → route_diagrams → oidc_config → continuous_aggregates → admin_thresholds → audit_log → indexes.
 
 ```sql
--- V1__init.sql — Consolidated schema for Cameleer3
+-- V1__init.sql — Consolidated schema for Cameleer
 
 -- Extensions
 CREATE EXTENSION IF NOT EXISTS timescaledb;
@@ -400,7 +400,7 @@ CREATE INDEX idx_audit_log_target ON audit_log (target);
 - [ ] **Step 2: Delete old migration files**
 
 ```bash
-cd cameleer3-server-app/src/main/resources/db/migration
+cd cameleer-server-app/src/main/resources/db/migration
 rm V2__executions.sql V3__processor_executions.sql V4__agent_metrics.sql V5__route_diagrams.sql V6__users.sql V7__oidc_config.sql V8__continuous_aggregates.sql V9__admin_thresholds.sql V10__audit_log.sql
 # Keep V1__extensions.sql but it's been replaced by V1__init.sql — rename the old one first
 mv V1__extensions.sql V1__extensions.sql.bak
@@ -417,8 +417,8 @@ rm V1__extensions.sql V2__executions.sql V3__processor_executions.sql V4__agent_
 - [ ] **Step 3: Verify the migration compiles**
 
 ```bash
-cd /c/Users/Hendrik/Documents/projects/cameleer3-server
-mvn clean compile -pl cameleer3-server-app
+cd /c/Users/Hendrik/Documents/projects/cameleer-server
+mvn clean compile -pl cameleer-server-app
 ```
 
 Expected: BUILD SUCCESS (Flyway doesn't run at compile time, just packaging)
@@ -426,7 +426,7 @@ Expected: BUILD SUCCESS (Flyway doesn't run at compile time, just packaging)
 - [ ] **Step 4: Commit**
 
 ```bash
-git add -A cameleer3-server-app/src/main/resources/db/migration/
+git add -A cameleer-server-app/src/main/resources/db/migration/
 git commit -m "refactor: consolidate V1-V10 Flyway migrations into single V1__init.sql
 
 Add RBAC tables (roles, groups, group_roles, user_groups, user_roles)
@@ -438,25 +438,25 @@ with system role seeds and join indexes. Drop users.roles TEXT[] column."
 ### Task 2: RBAC Domain Model (core module)
 
 **Files:**
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/SystemRole.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/UserDetail.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/GroupDetail.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RoleDetail.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/UserSummary.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/GroupSummary.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RoleSummary.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RbacStats.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/GroupRepository.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RoleRepository.java`
-- Create: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/RbacService.java`
-- Modify: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/UserInfo.java`
-- Modify: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/UserRepository.java`
-- Modify: `cameleer3-server-core/src/main/java/com/cameleer3/server/core/admin/AuditCategory.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/SystemRole.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/UserDetail.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/GroupDetail.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RoleDetail.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/UserSummary.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/GroupSummary.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RoleSummary.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RbacStats.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/GroupRepository.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RoleRepository.java`
+- Create: `cameleer-server-core/src/main/java/com/cameleer/server/core/rbac/RbacService.java`
+- Modify: `cameleer-server-core/src/main/java/com/cameleer/server/core/security/UserInfo.java`
+- Modify: `cameleer-server-core/src/main/java/com/cameleer/server/core/security/UserRepository.java`
+- Modify: `cameleer-server-core/src/main/java/com/cameleer/server/core/admin/AuditCategory.java`
 
 - [ ] **Step 1: Create SystemRole constants**
 
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.util.Map;
 import java.util.Set;
@@ -489,14 +489,14 @@ public final class SystemRole {
 
 `UserSummary.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 public record UserSummary(String userId, String displayName, String provider) {}
 ```
 
 `GroupSummary.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.util.UUID;
 
@@ -505,7 +505,7 @@ public record GroupSummary(UUID id, String name) {}
 
 `RoleSummary.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.util.UUID;
 
@@ -514,7 +514,7 @@ public record RoleSummary(UUID id, String name, boolean system, String source) {
 
 `RbacStats.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 public record RbacStats(int userCount, int activeUserCount, int groupCount, int maxGroupDepth, int roleCount) {}
 ```
@@ -523,7 +523,7 @@ public record RbacStats(int userCount, int activeUserCount, int groupCount, int
 
 `UserDetail.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.time.Instant;
 import java.util.List;
@@ -543,7 +543,7 @@ public record UserDetail(
 
 `GroupDetail.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.time.Instant;
 import java.util.List;
@@ -563,7 +563,7 @@ public record GroupDetail(
 
 `RoleDetail.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.time.Instant;
 import java.util.List;
@@ -586,7 +586,7 @@ public record RoleDetail(
 
 `GroupRepository.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.util.List;
 import java.util.Optional;
@@ -607,7 +607,7 @@ public interface GroupRepository {
 
 `RoleRepository.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.util.List;
 import java.util.Optional;
@@ -624,7 +624,7 @@ public interface RoleRepository {
 
 `RbacService.java`:
 ```java
-package com.cameleer3.server.core.rbac;
+package com.cameleer.server.core.rbac;
 
 import java.util.List;
 import java.util.UUID;
@@ -651,10 +651,10 @@ public interface RbacService {
 
 - [ ] **Step 5: Update UserInfo — remove roles field**
 
-In `cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/UserInfo.java`, change to:
+In `cameleer-server-core/src/main/java/com/cameleer/server/core/security/UserInfo.java`, change to:
 
 ```java
-package com.cameleer3.server.core.security;
+package com.cameleer.server.core.security;
 
 import java.time.Instant;
 
@@ -669,10 +669,10 @@ public record UserInfo(
 
 - [ ] **Step 6: Update UserRepository interface**
 
-In `cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/UserRepository.java`, change to:
+In `cameleer-server-core/src/main/java/com/cameleer/server/core/security/UserRepository.java`, change to:
 
 ```java
-package com.cameleer3.server.core.security;
+package com.cameleer.server.core.security;
 
 import java.util.List;
 import java.util.Optional;
@@ -689,7 +689,7 @@ Remove `updateRoles` method (role management moves to `RbacService`).
 
 - [ ] **Step 7: Add RBAC audit category**
 
-In `cameleer3-server-core/src/main/java/com/cameleer3/server/core/admin/AuditCategory.java`, add `RBAC`:
+In `cameleer-server-core/src/main/java/com/cameleer/server/core/admin/AuditCategory.java`, add `RBAC`:
 
 ```java
 public enum AuditCategory {
@@ -700,7 +700,7 @@ public enum AuditCategory {
 - [ ] **Step 8: Verify core module compiles**
 
 ```bash
-mvn clean compile -pl cameleer3-server-core
+mvn clean compile -pl cameleer-server-core
 ```
 
 Expected: BUILD SUCCESS
@@ -712,17 +712,17 @@ Expected: BUILD SUCCESS
 ### Task 3: PostgresUserRepository — Adapt to New Schema
 
 **Files:**
-- Modify: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/PostgresUserRepository.java`
+- Modify: `cameleer-server-app/src/main/java/com/cameleer/server/app/storage/PostgresUserRepository.java`
 
 - [ ] **Step 1: Rewrite PostgresUserRepository**
 
 The `upsert` no longer writes roles (no `roles` column). The `mapUser` no longer reads a roles array. Remove `updateRoles` method.
 
 ```java
-package com.cameleer3.server.app.storage;
+package com.cameleer.server.app.storage;
 
-import com.cameleer3.server.core.security.UserInfo;
-import com.cameleer3.server.core.security.UserRepository;
+import com.cameleer.server.core.security.UserInfo;
+import com.cameleer.server.core.security.UserRepository;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.stereotype.Repository;
 
@@ -793,15 +793,15 @@ public class PostgresUserRepository implements UserRepository {
 ### Task 4: PostgresGroupRepository and PostgresRoleRepository
 
 **Files:**
-- Create: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/PostgresGroupRepository.java`
-- Create: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/PostgresRoleRepository.java`
+- Create: `cameleer-server-app/src/main/java/com/cameleer/server/app/storage/PostgresGroupRepository.java`
+- Create: `cameleer-server-app/src/main/java/com/cameleer/server/app/storage/PostgresRoleRepository.java`
 
 - [ ] **Step 1: Implement PostgresGroupRepository**
 
 ```java
-package com.cameleer3.server.app.storage;
+package com.cameleer.server.app.storage;
 
-import com.cameleer3.server.core.rbac.*;
+import com.cameleer.server.core.rbac.*;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.stereotype.Repository;
 
@@ -920,9 +920,9 @@ public class PostgresGroupRepository implements GroupRepository {
 - [ ] **Step 2: Implement PostgresRoleRepository**
 
 ```java
-package com.cameleer3.server.app.storage;
+package com.cameleer.server.app.storage;
 
-import com.cameleer3.server.core.rbac.*;
+import com.cameleer.server.core.rbac.*;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.stereotype.Repository;
 
@@ -1010,7 +1010,7 @@ public class PostgresRoleRepository implements RoleRepository {
 - [ ] **Step 3: Verify compile**
 
 ```bash
-mvn clean compile -pl cameleer3-server-app
+mvn clean compile -pl cameleer-server-app
 ```
 
 Expected: May still have errors from files referencing `UserInfo.roles()` — those are fixed in Task 6.
@@ -1022,18 +1022,18 @@ Expected: May still have errors from files referencing `UserInfo.roles()` — th
 ### Task 5: RbacServiceImpl — Inheritance Logic
 
 **Files:**
-- Create: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/rbac/RbacServiceImpl.java`
+- Create: `cameleer-server-app/src/main/java/com/cameleer/server/app/rbac/RbacServiceImpl.java`
 
 - [ ] **Step 1: Implement RbacServiceImpl**
 
 This is the core service that computes inheritance. It reads from `user_roles`, `user_groups`, `group_roles`, and `groups` tables to compute effective roles/groups.
 
 ```java
-package com.cameleer3.server.app.rbac;
+package com.cameleer.server.app.rbac;
 
-import com.cameleer3.server.core.rbac.*;
-import com.cameleer3.server.core.security.UserInfo;
-import com.cameleer3.server.core.security.UserRepository;
+import com.cameleer.server.core.rbac.*;
+import com.cameleer.server.core.security.UserInfo;
+import com.cameleer.server.core.security.UserRepository;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.stereotype.Service;
 
@@ -1304,9 +1304,9 @@ public class RbacServiceImpl implements RbacService {
 ### Task 6: Auth Integration — Update Login and OIDC Flows
 
 **Files:**
-- Modify: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/UiAuthController.java`
-- Modify: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/OidcAuthController.java`
-- Modify: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java`
+- Modify: `cameleer-server-app/src/main/java/com/cameleer/server/app/security/UiAuthController.java`
+- Modify: `cameleer-server-app/src/main/java/com/cameleer/server/app/security/OidcAuthController.java`
+- Modify: `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java`
 
 These controllers currently embed roles in `UserInfo` and pass them to JWT creation. After the change, they must:
 1. Create/upsert the `UserInfo` (without roles)
@@ -1357,10 +1357,10 @@ Expected: BUILD SUCCESS (all `UserInfo.roles()` references resolved)
 This is the single commit for the entire backend RBAC model. Tasks 2–6 must all be done before committing since intermediate states don't compile.
 
 ```bash
-git add cameleer3-server-core/ cameleer3-server-app/src/main/java/
+git add cameleer-server-core/ cameleer-server-app/src/main/java/
 git commit -m "feat: replace flat users.roles with relational RBAC model
 
-New package com.cameleer3.server.core.rbac with SystemRole constants,
+New package com.cameleer.server.core.rbac with SystemRole constants,
 detail/summary records, GroupRepository, RoleRepository, RbacService.
 Remove roles field from UserInfo. Implement PostgresGroupRepository,
 PostgresRoleRepository, RbacServiceImpl with inheritance computation.
@@ -1373,19 +1373,19 @@ to assign roles via user_roles table. JWT populated from effective system roles.
 ### Task 7: Admin Controllers — Users, Groups, Roles, Stats
 
 **Files:**
-- Modify: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/UserAdminController.java`
-- Create: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/GroupAdminController.java`
-- Create: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/RoleAdminController.java`
-- Create: `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/RbacStatsController.java`
+- Modify: `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/UserAdminController.java`
+- Create: `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/GroupAdminController.java`
+- Create: `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/RoleAdminController.java`
+- Create: `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/RbacStatsController.java`
 
 - [ ] **Step 1: Rewrite UserAdminController**
 
 ```java
-package com.cameleer3.server.app.controller;
+package com.cameleer.server.app.controller;
 
-import com.cameleer3.server.core.admin.*;
-import com.cameleer3.server.core.rbac.*;
-import com.cameleer3.server.core.security.UserRepository;
+import com.cameleer.server.core.admin.*;
+import com.cameleer.server.core.rbac.*;
+import com.cameleer.server.core.security.UserRepository;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletRequest;
@@ -1485,10 +1485,10 @@ public class UserAdminController {
 - [ ] **Step 2: Create GroupAdminController**
 
 ```java
-package com.cameleer3.server.app.controller;
+package com.cameleer.server.app.controller;
 
-import com.cameleer3.server.core.admin.*;
-import com.cameleer3.server.core.rbac.*;
+import com.cameleer.server.core.admin.*;
+import com.cameleer.server.core.rbac.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletRequest;
@@ -1608,10 +1608,10 @@ public class GroupAdminController {
 - [ ] **Step 3: Create RoleAdminController**
 
 ```java
-package com.cameleer3.server.app.controller;
+package com.cameleer.server.app.controller;
 
-import com.cameleer3.server.core.admin.*;
-import com.cameleer3.server.core.rbac.*;
+import com.cameleer.server.core.admin.*;
+import com.cameleer.server.core.rbac.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletRequest;
@@ -1701,10 +1701,10 @@ public class RoleAdminController {
 - [ ] **Step 4: Create RbacStatsController**
 
 ```java
-package com.cameleer3.server.app.controller;
+package com.cameleer.server.app.controller;
 
-import com.cameleer3.server.core.rbac.RbacService;
-import com.cameleer3.server.core.rbac.RbacStats;
+import com.cameleer.server.core.rbac.RbacService;
+import com.cameleer.server.core.rbac.RbacStats;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.http.ResponseEntity;
@@ -1742,7 +1742,7 @@ Expected: BUILD SUCCESS
 - [ ] **Step 6: Commit**
 
 ```bash
-git add cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/
+git add cameleer-server-app/src/main/java/com/cameleer/server/app/controller/
 git commit -m "feat: add Group, Role, and RBAC stats admin controllers
 
 GroupAdminController with cycle detection, RoleAdminController
@@ -1763,8 +1763,8 @@ Rewrite UserAdminController to use RbacService."
 Search for references to `UserInfo` constructor with 6 args (now 5) or `.roles()` calls in test files. Update constructor calls, remove roles parameter.
 
 ```bash
-grep -rn "UserInfo(" cameleer3-server-app/src/test/
-grep -rn "\.roles()" cameleer3-server-app/src/test/
+grep -rn "UserInfo(" cameleer-server-app/src/test/
+grep -rn "\.roles()" cameleer-server-app/src/test/
 ```
 
 Fix each reference. `TestSecurityHelper` creates JWT directly with roles — this doesn't change since JWT creation still takes `List<String> roles`.