diff --git a/AGENTS.md b/AGENTS.md index 47fc238..20658e0 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -1,43 +1,41 @@ # Steev Profile Endgoal -Route: `steev` at `/home/svrnty/workspaces/cortex-os/steev`. -Authority: child-local personal-agent profile workspace; Core authority lives in `/home/svrnty/workspaces/cortex-os/core`. Endgoal: keep `personal-agent`/Steev as the child-local JP personal assistant profile for briefing, triage, drafting, delegation, and governed personal-surface handoffs without autonomous sends, credential reads, Core authority, Runtime authority, Profile Exposure broadening, durable memory writes, or readiness claims. -Stage: CLEAN after `python3 tools/validate_steev_child.py` passes. + +Route: `steev`. +Stage: CLEAN. Clean score: 100. -Authority boundary: child-local personal-agent profile workspace only; not Core authority, Runtime authority, Profile Exposure authority, credential authority, provider authority, send authority, memory-domain authority, browser-host authority, or product-readiness authority. Validator: `python3 tools/validate_steev_child.py`. -Legacy-work relation: old Steev/personal-agent, BlueBubbles, Proton/rclone, Secondbrain, Conductor/Curator handoff, desktop exposure, and runtime-readiness work is reference-only through current contracts and evidence unless a governed route admits it. Preserve redacted refs; do not import message bodies, mail bodies, contacts, calendar details, drive names, credentials, or implementation mass because they exist. +Authority boundary: child-local personal-agent profile workspace only; not Cortex OS Core authority, Runtime authority, Profile Exposure authority, credential authority, provider authority, send authority, memory-domain authority, browser-host authority, public product authority, release authority, production-readiness authority, or autonomous execution authority. +Legacy-work relation: old Steev/personal-agent, BlueBubbles, Proton/rclone, Secondbrain, Conductor/Curator handoff, desktop exposure, and runtime-readiness work is reference-only through current contracts and evidence unless a governed route admits it. Preserve redacted refs; do not import messages, mail bodies, contacts, calendar details, drive names, credentials, or mass because they exist. ## Universal Cortex OS Agent Contract -- Treat this file as route-local instruction after parent `AGENTS.md` files and before chat memory. -- Start broad or ambiguous work with `cortex graph context`; use it only as Derived State, then read this repo's local files. -- Before edits, read `AGENTS.md`, `README.md`, and `WORKBOARD.yaml`; keep writes route-local unless a governed Core route explicitly authorizes promotion. -- Run this repo's named validator before handoff or done claims; use stronger proof only for runtime, provider, secret, memory, profile exposure, branch, release, or readiness effects. -- Record proof and handoffs as refs-only artifacts. Do not write Hindsight memory, Core SOT, sibling repos, live runtime state, or personal payloads unless explicitly authorized by the owning route. +- Follow parent `AGENTS.md`; this file is route-local instruction before chat memory. +- For broad work, run `cortex graph context` as Derived State, then read local files. +- Before edits, read `AGENTS.md`, `README.md`, and `WORKBOARD.yaml`; keep writes route-local unless Core authorizes promotion. +- Run the validator before handoff or done claims; raise proof only for runtime, provider, secret, memory, profile exposure, release, or readiness. +- Keep proof and handoffs refs-only. Do not write Hindsight memory, Core SOT, sibling repos, runtime state, or personal payloads without route approval. ## Repo-Custom Agent Contract -Steev is a child-local personal-agent profile workspace. It owns profile identity, role and boundary docs, personal-surface contracts, redacted proof packets, proposal-only memory routing records, desktop exposure contracts, runtime-readiness snapshots, validators, and handoff references. It is not Cortex OS Core authority, Runtime authority, Profile Exposure authority, credential authority, provider authority, send authority, memory-domain authority, browser-host authority, public product authority, release authority, production-readiness authority, or autonomous execution authority. +Steev is a child-local personal-agent profile workspace. It owns profile identity, role and boundary docs, personal-surface contracts, redacted proof packets, proposal-only memory routing records, desktop exposure contracts, runtime-readiness snapshots, validators, and handoff references. -Do not install or start Steev, mutate `~/.hermes`, run browser-host automation, read credentials, read raw messages, read mail bodies, read contacts, read calendar details, read drive names, send messages, write calendar/contact/drive data, write durable memory, broaden Profile Exposure, call providers, mutate Core/Seed/sibling/OpenDesign repos, or claim readiness from this workspace without explicit governed approval. +Do not install or start Steev, mutate `~/.hermes`, run browser-host automation, read credentials, read raw messages, read mail bodies, read contacts, read calendar details, read drive names, send messages, write calendar/contact/drive data, write durable memory, broaden Profile Exposure, call providers, mutate Core/Seed/sibling/OpenDesign repos, or claim readiness without governed approval. -This workspace is a child-local profile-workspace under the Cortex OS umbrella. +## Current Pickup -It is not Cortex OS Core authority. It is not a Cortex OS Instance. It is not a Runtime unless a governed Core route says so. +Use this workspace for profile identity, role and boundary docs, personal-surface contracts, redacted proof packets, proposal-only memory routing records, desktop exposure contracts, runtime-readiness snapshots, validators, and handoff references. -## Authority Order +## Allowed Writes -1. `/home/svrnty/workspaces/cortex-os/core` active SOT. -2. `/home/svrnty/workspaces/cortex-os/core/AGENTS.md`. -3. This file. -4. `README.md`, `WORKBOARD.yaml`, and local tools. -5. Chat/session memory. +Write inside this repo only: profile docs, contracts, redacted proof refs, proposal-only routing records, validators, workboard entries, and handoffs. -## Editing Rule +## Forbidden Effects -Keep work inside this workspace unless Core explicitly routes promotion. +Do not mutate `../core/`, sibling repos, `~/.hermes`, runtime state, browser hosts, credentials, raw personal payloads, send/write surfaces, Profile Exposure, Hindsight live memory, memory domains, or readiness/release claims without governed approval. + +## Validation After editing, run: @@ -47,9 +45,6 @@ python3 tools/validate_steev_child.py For governance text, follow Core caveman prose discipline. -## Protected Boundaries +## Handoff -- Do not mutate `../core/` from this workspace. -- Do not mutate sibling repositories. -- Do not import this workspace into Core source. -- Promotion into Core requires a governed Core route. +Handoffs are compact and refs-only: changed files, validator output, forbidden effects avoided, and legacy intentions left for later.