Lockdown files: how we give Claude a workplace memory between Cowork sessions

Every time a new Cowork session starts, Claude is a stranger. It doesn’t know who Dennis is, what BlitzMetrics does, who our clients are, which sites we manage, or that we published a meta article on blitzmetrics.com yesterday. That stranger-at-the-door problem is the single biggest tax on working with an AI long-term — without a fix, you either re-brief the model every morning or you accept 20% of the work going to re-discovery. Neither is acceptable when we’re running weekly client builds and a publishing cadence on top.

The fix is what we call lockdown files — a tiered memory system on the user’s local disk that Claude reads before doing anything else. It’s the same content architecture Dennis applies to every other part of BlitzMetrics, just pointed at the AI’s context window instead of Google’s index. If you’ve read How to Create a Definitive Article for Any BlitzMetrics Concept, you already know the pattern — this article maps it onto Cowork sessions, and onto the meta-article loop we used to publish the carsonteagarden.com build log yesterday.

Strategy: Definitive Articles, But for AI Memory

In How to Create a Definitive Article for Any BlitzMetrics Concept, Dennis names the problem behind content sprawl: content vandalism. Someone writes a new article on a topic that already has a definitive hub — not from bad intent, but because they didn’t know the hub existed. The new article competes with the old one, dilutes internal linking, and confuses both Google and AI agents about which page is canonical.

Cowork sessions have the exact same failure mode, just compressed to a single day. Claude writes a new draft of your strategy doc because it didn’t know you already had one. It asks you for an app password you gave it three sessions ago. It re-explains a pattern you codified last week. That’s AI content vandalism — same disease, same cure: declare a canonical source and make every new agent read it first.

The lockdown pattern enforces exactly that: a canonical memory tree that lives on your local disk, that Claude reads at the start of every session, and that becomes the single place new information gets written. No scattered chat histories. No “I think we talked about this last week.” No regenerated credentials.

The Architecture: Three Tiers of Lockdown

The memory tree has three concentric layers, each with a different purpose and different rules about what belongs inside. Think of it the same way you’d think about your website’s SEO Tree — a homepage / category / article hierarchy — but for the AI’s context window.

Each tier is lazy-loaded: Claude reads CLAUDE.md at the start of every session, reads individual memory files only when the current task needs them (writing to Todd means reading memory/people/todd-martinez.md, not all people files), and opens the bundle only when touching that specific client’s work.

Tier 1: CLAUDE.md — The Hot Cache

This is the one file that matters every single day. It lives at ~/local-agent-mode-sessions/CLAUDE.md on the user’s machine — the same folder Cowork already uses as its workspace — and Claude reads it automatically before running anything else. Think of it as the “definitive article for yourself” in Dennis’s framework: short, hub-shaped, pointing at everything else.

Dennis’s CLAUDE.md after yesterday’s build looks like this:

# Memory

## Me
Dennis Yu — founder, BlitzMetrics. I run personal brand site builds
for clients and publish the build logs as meta articles on blitzmetrics.com.

## People
| Who   | Role                                                   |
|-------|--------------------------------------------------------|
| Carson| Carson Teagarden, 21yo fitness YouTuber (724K subs)    |
| Kirt  | Kirt Box, sponsored bow hunter + Army vet              |

## Terms
| Term         | Meaning                                             |
|--------------|-----------------------------------------------------|
| BlitzAdmin   | Internal WordPress fleet dashboard                  |
| the bundle   | Per-client `<name>-site-bundle/` folder            |
| meta article | House-style build-log post on blitzmetrics.com      |
| app password | WordPress Application Password, long-lived REST auth|
| WAF gotcha   | WP Engine's Cloudflare firewall blocks non-browser  |
|              | UAs → always use Mozilla UA + Referer              |

## Active Projects
| Name                      | What                                   |
|---------------------------|----------------------------------------|
| Carson / carsonteagarden  | Live; weekly content updates planned   |
| BlitzMetrics.com          | One case-study post per client build   |

## Credentials
Stored in `memory/context/credentials.md` (chmod 600).
- blitzmetrics.com — user `dennis`, App Password `Cowork-Claude`, 2026-04-23

## Preferences
- Weekly cadence for meta articles — don't regenerate app passwords,
  they're stored
- House style is the kirtbox-meta-article.html template
- Bundle-as-source-of-truth — always draft in `<client>-site-bundle/`
  before publishing
- Direct, honest updates — if blocked, say so and offer paths forward

That’s the whole file. It fits on one screen. It answers the questions “who are we, what are we working on, what are the bits of jargon I’ll hear, and where do I go for detail?” In Dennis’s definitive-article language, the tables at the top are the navigation, the Credentials and Preferences sections are the callouts, and the pointers to memory/ are the “read more” links.

Tier 2: memory/ — The SEO Tree, But for AI

The deep memory directory is where detail lives. It’s structured by type so Claude always knows where to look:

• memory/people/ — one file per person. carson-teagarden.md, kirt-box.md, todd-martinez.md. Full profile, communication preferences, history, notes.
• memory/projects/ — one file per project. For us, carsonteagarden.md (all 10 page IDs, slugs, the five Elementor workarounds, email contacts) and blitzmetrics-com.md (the meta-article workflow plus the running log of posts published).
• memory/context/ — everything that isn’t a person or a project. Credentials, company context, tool-specific gotchas, revocation playbooks.

This mirrors exactly what Dennis describes in How to Document a Task — every recurring task gets its own step-by-step web page so anyone can pick it up and execute. The lockdown files are the same idea turned inward: every recurring piece of context gets its own markdown file so any Claude session can pick it up and execute.

The filenames use Dennis’s cross-linking discipline: lowercase, hyphens, predictable slugs. When yesterday’s session needed to know Carson’s coaching email address and which page ID Gallery lives on, it opened one file — memory/projects/carsonteagarden.md — and had both in under a second. No fresh web search. No re-asking Dennis.

Tier 3: The Bundle — Every Engagement as a Source of Truth

This is the tier most agencies skip and it’s the one that pays compounding interest. Every client gets a <name>-site-bundle/ folder in the workspace — a flat, file-based mirror of everything the live website is made of. For Carson, that’s:

carsonteagarden-site-bundle/
├── pages/                       9 page drafts as ready-to-publish JSON
├── posts/                       5 blog post drafts, back-dated 8 weeks
├── schema/person.json           Person JSON-LD
├── sponsor-kit/
│   ├── ONE-PAGER.md             Sponsor pitch — Nick's Ice Cream first
│   └── NICKS-OUTREACH-EMAIL-v1.md
├── email-sequences/
│   └── COACHING-LEAD-WELCOME-3-EMAIL.md
├── social-calendar/
│   └── WEEK-1-2-LINKEDIN-FACEBOOK.md
├── research/RESEARCH-NOTES.md   All public sources on Carson, attributed
├── STRATEGY.md                  Three-audience strategy + SEO/AEO plan
├── BLOG-POST-PLAN.md            16-post launch slate
├── CHECKPOINT-FOR-DENNIS.md     Running status + open questions
└── META-ARTICLE.md              Build log (feeds the meta article)

The live site can drift — a plugin update might re-trigger an Elementor override, a future edit might overwrite a section, a WordPress upgrade might silently change REST behavior. The bundle doesn’t drift. If any page on carsonteagarden.com ever looks wrong, the fix is re-run the publish against the bundle, not start over. And because everything is in .md and .json, Carson’s team can open any of it in a text editor, change copy, and hand it back for a republish. That’s the difference between a website and a content operation — and it’s the thread Dennis pulls in How to Inventory a YouTube Channel and How to Inventory a Podcast on YouTube, where the structured inventory is the asset.

Credentials: What Goes In, What Stays Out

The most valuable file in the memory tree is also the one with the strictest rules. memory/context/credentials.md is locked to chmod 600 — read/write for the user only, no group or other access — and it stores long-lived, revocable credentials. That’s a specific category:

The blitzmetrics.com entry is the first real credential in the tree. It’s a WordPress Application Password named Cowork-Claude that Dennis generated at Users → Profile → Application Passwords in the WP admin. He typed his real login password exactly once — to create the app password — and then never again. Every subsequent publish uses the app password over HTTPS Basic auth. If Dennis ever wants to kill it, he clicks the trash icon next to the Cowork-Claude entry and the credential dies on the server the same second.

A Walkthrough: Writing the Carson Meta Article From Session Two

Here’s what the lockdown pattern enabled in the session that published the Carson meta article yesterday.

1. Session starts. Claude reads CLAUDE.md. Knows immediately: this is Dennis, founder of BlitzMetrics, runs personal brand site builds, publishes build logs as meta articles.
2. Dennis says “did you post the meta article on blitzmetrics.com?” Claude checks memory/projects/blitzmetrics-com.md. Sees the publish log is empty for Carson. Answers honestly: no, I haven’t.
3. Dennis says “yes, you look and do it.” Claude reads memory/context/credentials.md. Finds dennis + app password + the exact WAF workaround headers. No re-asking.
4. Claude reads carsonteagarden-site-bundle/META-ARTICLE.md for the narrative source. Reads kirtbox-meta-article.html for the house style. Drafts the article.
5. POST to /wp-json/wp/v2/posts with the browser UA and Referer. 201 Created. Status flipped to publish. Live URL verified with 14 content-landmark probes — all green.
6. Claude writes the publish to memory/projects/blitzmetrics-com.md so next session knows it’s there.

Total new context Dennis had to type: one sentence of authorization and one app password paste. Every other piece of information — who Carson is, which page IDs matter, how to get past WP Engine’s Cloudflare firewall, what section pattern the meta article follows, which user ID to author as — came from the lockdown files.

How This Fits the Content Factory

In The Content Factory, Dennis describes the pipeline that turns one piece of long-form content into dozens of derivative assets across platforms. The lockdown files are what lets the factory run across sessions without a dedicated operator re-briefing everyone each morning.

Three recent Coach Yu episodes reinforce the same operating pattern from different angles — and they map almost one-to-one onto tiers of the lockdown tree:

Your Playbook When Starting a New Cowork Session (or a New Client)

1. Open your workspace folder. On the user’s machine this is whatever directory Cowork is pointed at. For us it’s ~/local-agent-mode-sessions.
2. Create or update CLAUDE.md. Keep it under 80 lines. Top-of-file: one sentence about who you are. Tables for people, terms, active projects. Pointers to memory/ for everything else.
3. Create memory/. Three subdirectories: people/, projects/, context/. Lock memory/context/ to chmod 700 if it holds credentials.
4. Add credentials the safe way. For any WordPress site, go to Users → Profile → Application Passwords, name the entry Cowork-Claude, and paste the generated 24-character string into memory/context/credentials.md. Document the revocation path right next to it.
5. Create the bundle. For each active client, a <client>-site-bundle/ folder with pages/, posts/, schema/, STRATEGY.md, and a META-ARTICLE.md draft.
6. Close the loop with a meta article. When the client site ships, publish a build-log meta article to blitzmetrics.com using the Carson template as the section pattern. Add the row to memory/projects/blitzmetrics-com.md.
7. Never commit the memory tree to git. If you use git inside the workspace folder, add memory/ and *-site-bundle/credentials* to .gitignore up front. The tree is local-only by design.

Why This Creates Value for BlitzMetrics (and for Every Team Using AI Seriously)

The lockdown pattern is what moves AI from useful assistant to actual team member. A useful assistant needs re-briefing every morning. An actual team member reads their inbox, checks the standing docs, and gets to work. CLAUDE.md is the standing docs. memory/ is the team’s shared drive. The bundle is the client folder. The meta article on blitzmetrics.com is the case study that proves the work happened and attracts the next client — the same way Every Digital Audit Dennis Yu Has Done (Master List) accumulates proof across years of live audits, and the same way the DigiMarCon conference audit series turned live on-stage work into a content library.

For a small team running at BlitzMetrics’s cadence — a new client site every week or two, a meta article per build, daily work inside tools that need credentials — the lockdown pattern compounds. Session 1 saves 30 minutes of re-briefing. Session 20 saves the difference between “do this by Friday” and “sure, already done.”

The Takeaway

AI memory is a content architecture problem. The same discipline that prevents content vandalism on a public website — one definitive hub, a supporting tree of linked articles, clear rules about where new content lives — prevents session vandalism inside a Cowork workflow. CLAUDE.md is the definitive article. memory/ is the SEO Tree. The client bundle is the case study. The meta article on blitzmetrics.com is the public proof. Ship all four, and the AI stops being a stranger.

Everything else — the chmod 600 on credentials, the browser-UA WAF workaround, the 10KB stash pattern, the slug-swap-and-menu-repoint drill — is scaffolding around that core pattern. The pattern itself is boring. That’s the point. Boring is what compounds.

Related Meta Articles and Recent Episodes

• How we built carsonteagarden.com when Elementor hijacked every page — the case study that ran through yesterday’s Cowork session and exercised every tier of the lockdown tree
• How to Create a Definitive Article for Any BlitzMetrics Concept — the parent SOP this article inherits from
• The Content Factory: How to Turn One Video Into Dozens — the pipeline the lockdown files plug into
• How to Document a Task — the discipline that every memory file is written in
• Documenting Expertise — why capturing tacit knowledge into files is the move
• How to Inventory a YouTube Channel — same inventory mindset applied to a back catalog
• How to Inventory a Podcast on YouTube: The Definitive SOP — the structured-inventory discipline in podcast form
• Human vs AI: The Quick-Audit Challenge — what AI does well and where it stumbles without structured context
• Stand Out as an Entrepreneur Using AI — Coach Yu Show with Josh Collier
• Every Digital Audit Dennis Yu Has Done (Master List) — the pattern of accumulating case studies over years, applied to AI memory over sessions
• DigiMarCon Conference Audits: Dennis Yu’s Live Digital Marketing Breakdowns
• How We Built the Yaamava’ Casino Audit at DigiMarCon — the sister “how we built” piece from the DigiMarCon run