docs: plan Steev personal context runtime

docs/sandcastles/2026-06-14-steev-personal-context-runtime-sandcastle.md

@@ -0,0 +1,79 @@
+---
+name: 2026-06-14-steev-personal-context-runtime-sandcastle
+status: prepared
+triage: ready-for-agent
+owner: jp
+source: docs/issues/2026-06-14-steev-personal-context-runtime-work-orders.md
+created: 2026-06-14
+last_reviewed: 2026-06-14
+artifact_type: sandcastle-descriptor
+---
+
+# Steev Personal Context Runtime Sandcastle
+
+## Active Sandcastle Decision
+
+- Source repo: `/home/svrnty/workspaces/cortex-os/steev`
+- Active Steev sandcastle before this work: none found
+- Prepared pickup descriptor: this file
+- Local issue tracker: `docs/issues/2026-06-14-steev-personal-context-runtime-work-orders.md`
+- PRD: `docs/prd/2026-06-14-steev-personal-context-runtime-prd.md`
+- Supersession register: `docs/supersession/2026-06-14-steev-personal-context-runtime-supersession-register.md`
+- Local gate: `python3 tools/validate_steev_child.py`
+
+## Decision
+
+Use Steev as the profile-level sandcastle for personal context runtime
+standardization. Do not open a competing iMessage connector, Proton connector,
+rclone storage service, desktop adapter, conductor, curator, or Secondbrain
+runtime from this route.
+
+Continue BlueBubbles-specific execution in the existing BlueBubbles completion
+readiness sandcastle. Use this Steev package as the profile contract that says
+which capability packages Steev may consume and how personal context must route.
+
+## Purpose
+
+Make Steev the clean personal-agent profile over JP's real personal context:
+iMessage, Proton Mail, Calendar, Contacts, Proton Drive through rclone, and
+future browser/Webwright host control. This sandcastle exists to remove context
+confusion, classify old work, and produce vertical implementation slices.
+
+## Boundaries
+
+- No Core mutation from this route.
+- No Seed readiness claim until Seed accepts a package.
+- No conductor or curator mutation until their active lane releases.
+- No desktop adapter mutation until the adapter lane releases.
+- No second production BlueBubbles connector.
+- No profile-local Proton/rclone connector rewrite before capability packaging.
+- No durable Secondbrain writes; proposal/apply route only.
+- No `orgbrain` target.
+- No iMessage sends, read receipts, mark-read, deletes, contact mutation, or attachment download.
+- No Proton send, calendar write, contact write, Drive write, move, copy, purge, or delete without an explicit confirmation surface and JP confirmation.
+- No browser/Webwright full-control runtime until separate Host Runtime approval.
+- No raw message bodies, mail bodies, contact details, event details, drive file names, endpoint payloads, credentials, cookies, keychain values, password-manager values, or secret values in proof artifacts.
+
+## Pickup Order
+
+- Start with `SPCR-001` to define the profile authority and surface contract.
+- Then run `SPCR-002` to classify old work and prevent graph ambiguity.
+- Run `SPCR-003` and `SPCR-004` in parallel only after the supersession register exists.
+- Run `SPCR-005` after iMessage and Proton/rclone surfaces are clear.
+- Keep `SPCR-006` blocked until conductor/curator release their lane.
+- Keep `SPCR-008` blocked until the adapter lane releases.
+- Keep `SPCR-009` HITL because it grants broad Mac/browser authority.
+- Use `SPCR-010` only as the final acceptance gate.
+
+## One-Line Execution Map
+
+- Define Steev profile surfaces: one personal context contract.
+- Classify old work: active, superseded, archived, or legacy-reference.
+- Pick up BlueBubbles: `imessage.read`, read-only, personal memory only.
+- Package Proton/rclone: Mail, Calendar, Contacts, Drive surfaces.
+- Route memory: proposal-only to personal Secondbrain, no `orgbrain`.
+- Hand off services: conductor and curator shape, no cross-route mutation.
+- Prove runtime: per-surface redacted health, no payload leakage.
+- Prepare desktop: adapter contract only, no early UI wiring.
+- Separate host control: browser/Webwright approval packet.
+- Accept final state: only evidence-backed claims become complete.