main
2 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Svrnty
|
2491d48151 |
feat(steev): Wave 8 PAUSE-walk — apply Q4-Q10 + bte leak fix + proton-tools SKILL.md
Q4: confirm personal-scope discriminators (chat_facing, delegates_to=[ceo-planb], sovereign_only=false) Q5: drop google-workspace cred — builtin manages own OAuth via Hermes hub (not credctl vault) Q6: split proton-bridge-imap → proton-bridge-imap-user + proton-bridge-imap-pass (vault exact-match) Q7: rename perplexity-api → perplexity (vault exact-match) Q8: add 3 proton vault entries (account-email, account-password, mailbox-password) Q9: install.sh F6 — MCP allowlist materialization; wires 3 proton MCPs, removes bte (hard-rule leak) Q10: macOS-only externals annotated os_constraint:darwin; install.sh F7 emits INFO on non-Darwin credbridge.sh: drop google-workspace case, rewrite proton-bridge to use 2 vault entries, rename perplexity case Disclosure §7 rewritten with 6 credentials matching vault exact-name policy (DISCLOSURE-SCHEMA §4.5) Disclosure §12 PAUSE table marked all 8 rows RESOLVED (rows 1-7 Wave 8, row 8 Wave 7) Untracked skills/proton-tools/SKILL.md (90 lines, declared in manifest since Wave 4) — committed for clone-ability Verified: hermes -p steev skills list → 6 enabled (matches disclosure.skills declaration) hermes -p steev mcp list → 3 entries (proton-calendar, proton-email, proton-contacts); bte removed F7 on Linux host correctly suppresses macOS-only externals Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|
Svrnty
|
2db2d26250 |
feat(profile): §7 conformance build-out — credbridge, distribution.yaml, cron, manifest
Closes the largest set of PROFILE-DISTRIBUTION-PROTOCOL §7 readiness gaps
surfaced in the 2026-05-23 audit. Profile goes from 4/8 to expected 8/8
once skills/proton-tools/ is committed.
New files:
credbridge.sh Personal-assistant variant of the shared-core
credbridge pattern. Three credentials in scope:
google-workspace (Gmail/Calendar/Contacts),
proton-bridge (himalaya IMAP/SMTP), perplexity
(raw WebSearch). Plan B marketing platforms
explicitly OUT OF SCOPE per CLAUDE.md hard rule.
validate_access.sh Emits PASS/BLOCKED/FAIL JSON line per credential.
Sourceable from install.sh and standalone. Exit
code always 0; status is in the JSON.
distribution.yaml Native Hermes install contract (`hermes profile
install` reads this). Mirrors cmo/ceo pattern.
Documents personal/agnostic naming exception
per FRAMEWORK §6.1 — no org suffix because there
is exactly one principal.
cron/steev-daily-briefing.json.template
06:30 daily briefing skeleton, ships disabled.
Aggregates calendar + flagged emails + due tasks
+ carried items + brief news scan into a single
digest in JP's voice. NEVER auto-sends, NEVER
touches business comms (CEO → CMO surface).
manifest.yaml fully rewritten:
- Added `contract: CONTRACT.md` pointer (was missing)
- Added inline comment explaining intentional `org:` omission
- Declared skills/proton-tools (on disk via JP's untracked WIP; declared
here so manifest matches disk truth once JP commits it)
- Added `lib:` block (credbridge.sh + validate_access.sh)
- Added `expected_external_skills:` informational list (google-workspace,
apple-*, obsidian, himalaya, imessage, perplexity) — these come from
Hermes' global skills tree per CLAUDE.md "reuse existing core skills"
- Added `optional_tools:` block (4 MCP servers: proton-calendar/-email/
-contacts, perplexity)
- Added `credentials:` block listing the 3 creds + resolution path
- Promoted `cron:` from empty list to a single steev-daily-briefing
entry (disabled_on_install: true)
- Added `sovereignty:` block (qwen3.6-35b-a3b on DGX Spark)
CONTRACT.md frontmatter migrated from legacy `tier: S` to T1 per
FRONTMATTER-SPEC. Added required fields (name, last_reviewed,
description, depends_on).
skills/proton-tools/ left untracked — that's JP's WIP, not mine to
commit.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|