hermes/steev
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: standardize Proton rclone package candidate

Browse Source
This commit is contained in:
Svrnty
2026-06-14 08:28:36 -04:00
parent 91d4e7f08b
commit c1e4d77611
6 changed files with 564 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/STEEV-MASTER.md
+1
View File
@@ -15,6 +15,7 @@ Active authority:
- `docs/contracts/personal-agent-profile-surface-contract.json`
- `docs/contracts/personal-agent-bluebubbles-binding.json`
- `docs/contracts/personal-agent-proton-rclone-package.json`
- `docs/prd/2026-06-14-personal-agent-context-runtime-prd.md`
- `docs/supersession/2026-06-14-personal-agent-context-runtime-supersession-register.md`
docs/contracts/personal-agent-proton-rclone-package.json
+355
View File
@@ -0,0 +1,355 @@
{
"schema_version": "personal-agent-proton-rclone-package/v1",
"status": "package-candidate-unregistered",
"package_id": "proton-rclone",
"profile_identity": "personal-agent",
"display_name": "Steev",
"observed_date": "2026-06-14",
"child_workspace_registered": false,
"package_runtime_readiness_claimed": false,
"profile_runtime_readiness_claimed": false,
"seed_readiness_claimed": false,
"core_promotion_claimed": false,
"authority_boundary": {
"profile_owns_surface_exposure": true,
"package_candidate_owns_runtime_inventory": true,
"legacy_repositories_are_reference_only": true,
"duplicate_profile_local_connectors_allowed": false,
"notes": "This contract standardizes the Proton/rclone package shape for personal-agent. It does not register a new child workspace or claim full runtime readiness."
},
"memory_policy": {
"target": "secondbrain-personal",
"forbidden": [
"orgbrain"
],
"durable_write_policy": "proposal-only-until-governed-secondbrain-curator-apply-route"
},
"credential_policy": {
"mode": "keyvault-reference-names-only",
"secret_values_in_contract": false,
"credential_mutation_allowed": false
},
"surfaces": [
{
"name": "mail.read",
"runtime_route": "proton-email MCP facade through Proton gate",
"readiness": "degraded",
"allowed_effects": [
"email_folders",
"email_list",
"email_search",
"email_read_metadata_or_body_when_requested"
],
"denied_effects": [
"send_without_confirmation",
"delete_mail",
"archive_mail",
"mark_read",
"mark_unread",
"orgbrain_write"
],
"confirmation": "not-required-for-read"
},
{
"name": "mail.draft",
"runtime_route": "proton-email MCP facade through Proton gate",
"readiness": "pending",
"allowed_effects": [
"draft_reply",
"draft_new_mail"
],
"denied_effects": [
"send_without_confirmation",
"delete_mail",
"orgbrain_write"
],
"confirmation": "draft-only"
},
{
"name": "mail.send_with_confirmation",
"runtime_route": "proton-email MCP facade through Proton gate",
"readiness": "disabled",
"allowed_effects": [
"send_after_explicit_jp_confirmation"
],
"denied_effects": [
"silent_send",
"send_without_confirmation",
"delete_mail",
"orgbrain_write"
],
"confirmation": "explicit-jp-confirmation-required"
},
{
"name": "calendar.read",
"runtime_route": "proton-calendar MCP facade through calendar gate",
"readiness": "degraded",
"allowed_effects": [
"calendar_list",
"calendar_events",
"calendar_upcoming",
"calendar_search",
"calendar_event_get"
],
"denied_effects": [
"calendar_write_without_confirmation",
"calendar_delete",
"orgbrain_write"
],
"confirmation": "not-required-for-read"
},
{
"name": "calendar.propose_event",
"runtime_route": "proton-calendar MCP facade through calendar gate",
"readiness": "pending",
"allowed_effects": [
"propose_calendar_create",
"propose_calendar_update"
],
"denied_effects": [
"calendar_write_without_confirmation",
"calendar_delete",
"orgbrain_write"
],
"confirmation": "proposal-only"
},
{
"name": "calendar.write_with_confirmation",
"runtime_route": "proton-calendar MCP facade through calendar gate",
"readiness": "disabled",
"allowed_effects": [
"calendar_create_after_explicit_jp_confirmation",
"calendar_update_after_explicit_jp_confirmation"
],
"denied_effects": [
"silent_calendar_write",
"calendar_delete",
"orgbrain_write"
],
"confirmation": "explicit-jp-confirmation-required"
},
{
"name": "contacts.read",
"runtime_route": "proton-contacts MCP facade through contacts gate",
"readiness": "degraded",
"allowed_effects": [
"contacts_list",
"contacts_search",
"contacts_get"
],
"denied_effects": [
"contact_mutation_without_confirmation",
"contacts_delete",
"orgbrain_write"
],
"confirmation": "not-required-for-read"
},
{
"name": "contacts.write_with_confirmation",
"runtime_route": "proton-contacts MCP facade through contacts gate",
"readiness": "disabled",
"allowed_effects": [
"contacts_create_after_explicit_jp_confirmation",
"contacts_update_after_explicit_jp_confirmation"
],
"denied_effects": [
"silent_contact_write",
"contacts_delete",
"orgbrain_write"
],
"confirmation": "explicit-jp-confirmation-required"
},
{
"name": "drive.read",
"runtime_route": "rclone with explicit Proton config path",
"readiness": "degraded",
"allowed_effects": [
"rclone_about_redacted",
"rclone_list_only_when_requested"
],
"denied_effects": [
"drive_file_name_proof",
"drive_file_content_download",
"drive_write_without_confirmation",
"drive_delete",
"orgbrain_write"
],
"confirmation": "not-required-for-redacted-about"
},
{
"name": "drive.write_with_confirmation",
"runtime_route": "rclone with explicit Proton config path",
"readiness": "disabled",
"allowed_effects": [
"drive_write_after_explicit_jp_confirmation"
],
"denied_effects": [
"silent_drive_write",
"drive_delete",
"drive_purge",
"drive_share",
"orgbrain_write"
],
"confirmation": "explicit-jp-confirmation-required"
}
],
"runtime_inventory": {
"overall_state": "degraded",
"chosen_runtime_path": "MCP facades for Mail, Calendar, Contacts; explicit rclone config for Drive",
"pending_runtime_convergence": [
"Repair or replace exited email and contacts gate containers.",
"Resolve auto-restarting user proton-bridge and proton-bridge-proxy units or explicitly abandon them.",
"Keep rclone RC/proxy units disabled unless a governed wrapper admits them.",
"Create registered proton-rclone child workspace before package runtime readiness is claimed."
],
"mcp_servers": [
{
"name": "proton-calendar",
"observed_status": "enabled"
},
{
"name": "proton-email",
"observed_status": "enabled"
},
{
"name": "proton-contacts",
"observed_status": "enabled"
}
],
"docker_routes": [
{
"name": "protonmail-bridge-active-container",
"observed_state": "up"
},
{
"name": "sdo-calendar-gate",
"observed_state": "up"
},
{
"name": "sdo-email-gate",
"observed_state": "exited-127"
},
{
"name": "sdo-contacts-gate",
"observed_state": "exited-127"
},
{
"name": "stale-sdo-protonmail-bridge-container",
"observed_state": "created"
}
],
"systemd_user_units": [
{
"name": "proton-bridge.service",
"observed_state": "activating-auto-restart",
"unit_file_state": "enabled"
},
{
"name": "proton-bridge-proxy.service",
"observed_state": "activating-auto-restart",
"unit_file_state": "enabled"
},
{
"name": "rclone-rc.service",
"observed_state": "inactive-dead",
"unit_file_state": "disabled"
},
{
"name": "rclone-proxy.service",
"observed_state": "inactive-dead",
"unit_file_state": "disabled"
}
],
"rclone": {
"config_path": "/home/svrnty/.config/rclone/rclone.conf",
"remote": "proton:",
"listremotes_observed": true,
"about_probe": "ok-redacted",
"file_names_observed": false,
"file_contents_observed": false
}
},
"legacy_sources": [
{
"path": "/home/svrnty/workspaces/cortex/L4-svrnty.api-proton",
"state": "legacy-reference",
"reason": "Mail, Calendar, Contacts source material, not Cortex OS child authority."
},
{
"path": "/home/svrnty/workspaces/cortex/L4-svrnty.tool-storage",
"state": "legacy-reference",
"reason": "Storage/rclone source material, not the canonical personal-agent package."
},
{
"path": "/home/svrnty/workspaces/cortex/L5-vendor.lib-proton-bridge",
"state": "legacy-reference",
"reason": "Vendor bridge code, not profile authority."
},
{
"path": "/home/svrnty/workspaces/cortex/L6-vendor.lib-proton-api",
"state": "legacy-reference",
"reason": "Vendor Proton API code, not profile authority."
},
{
"path": "/home/svrnty/workspaces/cortex/L6-vendor.lib-rclone",
"state": "legacy-reference",
"reason": "Vendor rclone code, not profile authority."
}
],
"duplicate_skill_policy": [
{
"id": "skills/proton-tools",
"state": "superseded-pending-package-install",
"reason": "Keep as tool reference until the package child exists; governance now lives in this contract."
},
{
"id": "proton-access",
"state": "superseded-pending-consolidation",
"reason": "Must not become separate Proton authority."
},
{
"id": "proton-mail-operations",
"state": "superseded-pending-consolidation",
"reason": "Must fold into the canonical Proton/rclone package."
},
{
"id": "proton-services",
"state": "superseded-pending-consolidation",
"reason": "Must fold into the canonical Proton/rclone package."
}
],
"proof_policy": {
"mode": "redacted-only",
"forbidden_fields": [
"raw_messages",
"mail_bodies",
"mail_subjects",
"sender_address",
"recipient_address",
"contact_details",
"calendar_event_details",
"drive_file_names",
"drive_file_contents",
"endpoint_payloads",
"credentials",
"secret_values"
]
},
"observed_commands": [
"hermes -p steev mcp list",
"systemctl --user list-unit-files --no-pager | rg -i 'proton|rclone|calendar|contacts|email'",
"systemctl --user show proton-bridge.service rclone-rc.service rclone-proxy.service -p Id -p LoadState -p ActiveState -p SubState -p UnitFileState -p FragmentPath --no-pager",
"systemctl --user show proton-bridge-proxy.service -p Id -p LoadState -p ActiveState -p SubState -p UnitFileState -p FragmentPath --no-pager",
"docker ps -a --format '<name status image>' | rg -i 'proton|calendar|contacts|email|mail|rclone|sdo'",
"rclone --config /home/svrnty/.config/rclone/rclone.conf listremotes",
"rclone --config /home/svrnty/.config/rclone/rclone.conf about proton: --json"
],
"remaining_gates": {
"registered_child_workspace": "blocked-follow-up",
"email_gate_repair": "blocked-follow-up",
"contacts_gate_repair": "blocked-follow-up",
"systemd_bridge_convergence": "blocked-follow-up",
"secondbrain_durable_apply": "blocked-follow-up",
"seed_package_pickup": "blocked-follow-up"
}
}
docs/supersession/2026-06-14-personal-agent-context-runtime-supersession-register.md
+7 -5
View File
@@ -33,8 +33,9 @@ desktop exposure must be treated as one of:
| Steev display name | active-alias | User-facing name for `personal-agent`, not separate authority |
| Personal-agent BlueBubbles binding | active-authority | `docs/contracts/personal-agent-bluebubbles-binding.json` binds `imessage.read` to the package |
| BlueBubbles iMessage | active-capability-package | BlueBubbles child completion-readiness package |
| Proton Mail/Calendar/Contacts | blocked-follow-up | New Proton/rclone capability package work from `PACR-004` |
| Proton Drive/rclone | blocked-follow-up | New Proton/rclone capability package work from `PACR-004` |
| Proton/rclone package candidate | active-authority | `docs/contracts/personal-agent-proton-rclone-package.json` standardizes Mail, Calendar, Contacts, and Drive without child/runtime readiness overclaim |
| Proton Mail/Calendar/Contacts | blocked-follow-up | Package child registration, degraded gate repair, and runtime proof remain follow-up work |
| Proton Drive/rclone | blocked-follow-up | rclone read probe is redacted-ok; governed wrapper and write gates remain follow-up work |
| Personal memory route | blocked-follow-up | `PACR-005`, then owning Secondbrain/curator route |
| Conductor/curator service routing | blocked-follow-up | `PACR-006`, after owning lanes release |
| Desktop app exposure | blocked-follow-up | `PACR-008`, after adapter lane release |
@@ -48,7 +49,7 @@ desktop exposure must be treated as one of:
| `CONTRACT.md` v1 iMessage-as-v2 wording | superseded | iMessage is now main personal context intake, not a low-priority future messaging item. |
| `AGENT.md` reused-skill summary | superseded | It names useful tools but not the new governed surface model. |
| `skills/steev-agent` current memory protocol | superseded | It says episodic memory only but does not encode personal Secondbrain proposal/apply routing. |
| `skills/proton-tools` | active-source-to-consolidate | It contains live Proton tool knowledge but must be folded into a standardized capability package. |
| `skills/proton-tools` | superseded-pending-package-install | It remains tool reference material, but governance now lives in the Proton/rclone package candidate. |
| `DISCLOSURE.md` Wave 8/8.5 runtime disclosure | superseded-pending-refresh | It is historical disclosure and must be refreshed after the profile capability contract changes. |
| BlueBubbles runtime-readiness PRD | active-capability-package | It remains valid for the iMessage capability package, subordinate to the `personal-agent` profile contract. |
| BlueBubbles completion-readiness PRD | active-capability-package | It remains the BlueBubbles package pickup for read-only iMessage readiness. |
@@ -59,8 +60,8 @@ desktop exposure must be treated as one of:
| Hermes installed `proton-access` skill | superseded-pending-consolidation | It overlaps with Steev `proton-tools` and should not be a separate authority. |
| Hermes installed `proton-mail-operations` skill | superseded-pending-consolidation | It overlaps with Steev `proton-tools` and should fold into the canonical Proton package. |
| Hermes installed `proton-services` skill | superseded-pending-consolidation | It overlaps with Steev `proton-tools` and should fold into the canonical Proton package. |
| Direct rclone CLI proofs | active-evidence-source | Read-only `about` proof is useful, but runtime authority must be packaged. |
| Docker Proton Bridge and calendar gate state | active-evidence-source | Current runtime fact, not a profile contract by itself. |
| Direct rclone CLI proofs | active-evidence-source | Read-only `about` proof is captured redacted in the package candidate, but runtime authority still needs a governed wrapper. |
| Docker Proton Bridge and calendar gate state | active-evidence-source | Current runtime fact is captured redacted in the package candidate, not a readiness claim by itself. |
| Broken user `proton-bridge.service` state | active-gap | Must be resolved or explicitly abandoned when one canonical runtime path is chosen. |
| Inactive rclone RC/proxy units | active-gap | Must stay disabled or become gated through a governed wrapper before runtime readiness. |
| Secondbrain direct-write ideas | superseded | Personal context must begin as proposal/apply, not direct durable writes. |
@@ -72,6 +73,7 @@ desktop exposure must be treated as one of:
- Graph context should expose this PRD as the `personal-agent` profile-level pickup.
- Graph context should treat Steev as display name / distribution alias only.
- Graph context should expose BlueBubbles as the active iMessage capability package.
- Graph context should expose the Proton/rclone package candidate as the active standardization pickup, not a runtime-ready child package.
- Graph context should not treat legacy Cortex Proton/rclone repositories as active authority.
- Graph context should not treat duplicate Proton skills as separate current product surfaces.
- Graph context should mark browser/Webwright host control as separate HITL runtime authority.