Add Steev legacy ingest overview

AGENTS.md

@@ -7,7 +7,7 @@ Stage: CLEAN.
 Clean score: 100.
 Validator: `python3 tools/validate_steev_child.py`.
 Authority boundary: child-local personal-agent profile workspace only; not Cortex OS Core authority, Runtime authority, Profile Exposure authority, credential authority, provider authority, send authority, memory-domain authority, browser-host authority, public product authority, release authority, production-readiness authority, or autonomous execution authority.
-Legacy-work relation: old Steev/personal-agent, BlueBubbles, Proton/rclone, Secondbrain, Conductor/Curator handoff, desktop exposure, and runtime-readiness work is reference-only through current contracts and evidence unless a governed route admits it. Preserve redacted refs; do not import messages, mail bodies, contacts, calendar details, drive names, credentials, or mass because they exist.
+Legacy-work relation: old Steev/personal-agent, BlueBubbles, Proton/rclone, Secondbrain, Conductor/Curator handoff, desktop exposure, and runtime-readiness work is classified in `docs/LEGACY-INGEST.md`; preserve redacted refs and never import personal payloads because they exist.
 
 ## Universal Cortex OS Agent Contract
 

README.md

@@ -32,6 +32,7 @@ route without explicit governed approval.
 - **Desktop exposure contract:** [`docs/contracts/personal-agent-desktop-exposure-contract.json`](docs/contracts/personal-agent-desktop-exposure-contract.json) — adapter-facing state rows for Desktop/Dashboard display; no UI wiring from this route.
 - **Current Core/Seed pickup:** [`docs/evidence/2026-06-15-personal-agent-core-seed-readiness-reconciliation.md`](docs/evidence/2026-06-15-personal-agent-core-seed-readiness-reconciliation.md) — source-locks current Core S641/S642/S643, Seed final acceptance, and remaining broader gaps.
 - **Current governed boundary:** [`docs/evidence/2026-06-15-personal-agent-current-governed-boundary.md`](docs/evidence/2026-06-15-personal-agent-current-governed-boundary.md) — pins Core S654 branch-authority approval status, stale S653 approval risk, and Proton Suite health-panel as future Keyvault successor context only.
+- **Legacy ingest:** [`docs/LEGACY-INGEST.md`](docs/LEGACY-INGEST.md) — compact intention map for old Steev/personal-agent work.
 - **Historical Steev reference redirect:** [`docs/STEEV-MASTER.md`](docs/STEEV-MASTER.md).
 
 ## Structure

docs/LEGACY-INGEST.md

@@ -0,0 +1,68 @@
+# Steev Legacy Ingest
+
+Schema: `cortex.steev.legacy-ingest.v1`
+Last reviewed: `2026-06-18`
+
+This file is Steev child-local operator state. It is not Cortex OS Core SOT,
+not Runtime authority, not Profile Exposure approval, not send approval, not
+credential access, not Memory Domain approval, and not product readiness.
+
+Steev legacy work is assessed by intention first. Old work is kept, ported,
+archived outside the umbrella, deferred, or rejected only after the useful
+intention is identified and compared against current Steev main.
+
+## Rules
+
+- Do not import raw messages, mail bodies, contacts, calendar details, drive
+  names, endpoint payloads, cookies, credentials, or secret values.
+- Do not install or start Steev, mutate `~/.hermes`, broaden Profile Exposure,
+  send messages, write personal surfaces, call providers, or write durable
+  Hindsight memory from this route.
+- Keep legacy records compact: refs, intention, current coverage, decision,
+  closure gate, and forbidden effects.
+
+## Current Gates
+
+### Steev Identity And Master Reference
+
+- Source refs: `AGENT.md`, `docs/STEEV-MASTER.md`, `CONTRACT.md`,
+  `DISCLOSURE.md`, and `manifest.yaml`.
+- Intention: preserve JP's personal-agent identity, role, mission, boundaries,
+  bilingual posture, delegation rules, and no-autonomous-send policy.
+- Current coverage: met by current profile docs, manifest, disclosure, and
+  validator.
+- Decision: keep as canonical child-local profile reference.
+- Closure gate: any identity change needs Steev route validation and must not
+  alter Core truth, Profile Exposure, Runtime, send authority, or memory access.
+
+### Personal-Agent Context Runtime Package
+
+- Source refs: `docs/prd/2026-06-14-personal-agent-context-runtime-prd.md`,
+  `docs/issues/2026-06-14-personal-agent-context-runtime-work-orders.md`,
+  `docs/sandcastles/2026-06-14-personal-agent-context-runtime-sandcastle.md`,
+  `docs/supersession/2026-06-14-personal-agent-context-runtime-supersession-register.md`,
+  and `docs/contracts/*.json`.
+- Intention: standardize personal-agent surfaces for BlueBubbles, Proton/rclone,
+  Secondbrain proposal/apply routing, Conductor/Curator handoff, runtime
+  readiness snapshots, and Desktop exposure without creating duplicate live
+  connectors.
+- Current coverage: met as contracts, redacted refs, supersession register, and
+  validator-backed route-local evidence.
+- Decision: keep as accepted Steev package material; do not import raw personal
+  data or old sandcastle mass.
+- Closure gate: live Runtime, browser host, provider, send, write, Profile
+  Exposure, or durable memory behavior requires explicit governed approval.
+
+### Core/Seed Readiness Boundary
+
+- Source refs:
+  `docs/evidence/2026-06-15-personal-agent-core-seed-readiness-reconciliation.md`
+  and `docs/evidence/2026-06-15-personal-agent-current-governed-boundary.md`.
+- Intention: pin what Core/Seed/Proton evidence can inform Steev without letting
+  Steev claim branch authority, product readiness, or runtime readiness.
+- Current coverage: met as redacted reconciliation evidence and governed
+  boundary notes.
+- Decision: keep as reference-only; do not mutate Core, Seed, Proton, Keyvault,
+  OpenDesign, or sibling repos from Steev.
+- Closure gate: future productization or broader readiness must enter Core/Seed
+  through exact source-lock refs, focused validators, and explicit approval.