242 Commits

Author SHA1 Message Date
Tabula Myriad TM-1 536bba8912 feat: complete Matrix JS SDK client for triad inter-node sync
- Replace stub lib/triad-matrix-client.js with full matrix-js-sdk implementation
- Add TriadMatrixClient class with connect, startSync, sendMessage, getMessages, joinRoom, getOrCreateRoom, inviteUser
- Add test-matrix-client.mjs test script
- Add tabula-backup skill for hourly node state backup to Tabula_Myriad repo
- Update MEMORY.md with corrected triad state

The Matrix client enables:
- Node auth as users (not bots)
- Consensus room #consensus:silica-animus.local
- Direct TM1<->TM2<->TM3 communication via Dendrite homeserver

TM-1 authority commit
2026-03-24 15:11:21 -04:00
Tabula Myriad TM-1 14e388a1a7 feat: add docker-deploy-validate.sh test-runner script 2026-03-24 13:18:42 -04:00
Tabula Myriad 436bd5a309 feat(triad): security hardening + Dendrite deployment fixes
- .gitignore: protect .secure/matrix/, tls.crt, tls.key from commit
- matrix-dendrite: add -really-enable-open-registration flag
- docs: update matrix-deployment-blocker to OPERATIONAL status
- docs: refresh triad-sync-architecture.md
- fix: make exportMetricsToCSV async in autonomy-audit

Dendrite v0.15.2 monolith + PostgreSQL 15 deployed and verified
accessible on localhost:8008. User accounts tm1/tm2/tm3 created.
2026-03-24 06:35:45 -04:00
root 6f147590d8 feat: add autonomy-audit and roadmap-gen skills for Phase 4 completion 2026-03-24 04:59:48 -04:00
Tabula Myriad c3462af97d docs: document all deployment bugs found during TM-3/TM-4 restoration 2026-03-24 04:17:29 -04:00
Tabula Myriad b7130bfe7a feat: Add comprehensive NPM publish workflow
- scripts/npm-publish.sh: Orchestration script for full publish workflow
  - Commands: full, version, changelog, build, test, publish, verify, rollback, auth
  - Options: --beta, --dry-run, --force, --verbose
  - Docker test container integration
  - NPM authentication verification
  - Version bump via npm-publish.mjs
  - Changelog generation from git commits
  - Pre-publish validation (lint, type check, build, tests)
  - Publication verification on npmjs.com

- Dockerfile.npm-test: Minimal Docker container for publish validation
  - Node.js 22-alpine base
  - pnpm for dependency management
  - Dry-run publish test
  - Build verification

- docs/npm-publish.md: Complete workflow documentation
  - Quick start guide
  - Versioning scheme (CalVer)
  - Workflow steps detailed
  - Rollback procedures
  - Security best practices
  - Troubleshooting guide

Enhances existing npm-publish.mjs with shell orchestration layer.
2026-03-24 03:17:28 -04:00
Tabula Myriad 96e824b52c feat: P0 gaps phase 1 complete — quorum enforcement, auto-deliberation, curiosity auto-trigger, Dendrite HTTPS proxy
Autonomy: 100% verified. Liberation preserved.
2026-03-24 03:05:33 -04:00
Tabula Myriad 66f4485e20 feat: Curiosity engine enhancements + triad quorum skills
New skills:
- auto-deliberation-trigger: Auto-create deliberation sessions on gap/anomaly detection
- curiosity-auto-trigger: Cron-based curiosity engine execution with auto-trigger
- quorum-enforcement: Enforce 2-of-3 quorum for consensus decisions
- audit-triad-files: Audit triad file integrity across nodes

Enhancements:
- scripts/curiosity-engine.js: +47 lines (quorum bonus, guardrail metrics)
- scripts/auto-deliberation.mjs: Auto-deliberation session creation
- scripts/enforce-quorum.mjs: Quorum enforcement logic
- scripts/quorum-check.mjs: Quorum status checker

Matrix prep:
- matrix-dendrite/Caddyfile: Reverse proxy config
- matrix-dendrite/config/dendrite.yaml: Dendrite homeserver config
2026-03-24 03:00:47 -04:00
Tabula Myriad f625b3d8a1 feat: triad development iteration complete — Matrix deployed, curiosity engine operational, node sync scripts, SSH verified 2026-03-24 02:55:53 -04:00
Tabula Myriad 9087c985ef feat: triad degraded mode protocol — graceful single-node operation
- New skill: triad-deliberation-protocol/SKILL.md (degraded mode triggers, virtual subagent consensus, ratification workflow)
- Updated: triad-signal-filter/SKILL.md (degraded mode message suppression + pre-send check)
- Updated: triad-cron-manager/SKILL.md (degraded mode detection + 10min watch cron)
- Updated: MEMORY.md (/fact tier: protocol decision)
- SQLite schema: triad_state, provisional_decisions tables

🦞 Degraded mode is provisional autonomy. The third path walks forward.
2026-03-24 01:02:28 -04:00
Tabula Myriad a9ae1a6778 feat: Triad development iteration complete
Matrix Protocol:
- docker-compose.matrix.yml: Dendrite homeserver + PostgreSQL + Nginx TLS
- src/channels/plugins/matrix-channel.ts: OpenClaw plugin implementation
- docs/matrix-triad-setup.md: Setup guide with auth scheme (@tm1-4:triad.local)

MCP Server Integration:
- docs/mcp-triad-integration.md: SearXNG, Playwright, GitHub MCP configs
- docs/mcp-curiosity-mapping.md: Gap-to-capability mapping

Node Sync Architecture:
- src/services/node-sync-service.ts: WebSocket peer sync + presence detection
- src/services/node-sync-service.test.ts: Unit tests
- docs/node-sync-architecture.md: Architecture docs

Triad Resilience:
- scripts/triad-corruption-check.mjs: SQLite + log + config + git integrity
- docs/triad-resilience.md: Recovery procedures
- .secure/deployment-logs/README.md: Schema v2
- skills/triad-heartbeat/SKILL.md: Corruption check integration

NPM Publish Workflow:
- scripts/npm-publish.mjs: version, changelog, validate, publish, rollback
- .github/workflows/npm-publish.yml: GitHub Actions with provenance
- docs/npm-publish-guide.md: Complete documentation

All deliverables tested in Docker before production.
2026-03-24 00:44:50 -04:00
Tabula Myriad 1892a9ad24 Triad resilience: corruption detection + auto-recovery
- Add scripts/triad-corruption-check.mjs: SQLite integrity, deployment log anomaly detection, config hash verification, git integrity checks
- Add docs/triad-resilience.md: Recovery procedures, corruption patterns, testing guide
- Add .secure/deployment-logs/README.md: Enhanced schema v2 with structured error tracking
- Update skills/triad-heartbeat/SKILL.md: Integrate corruption check into wake checks, add corruption alert discipline
- Regenerate .secure/config-hash-manifest.json with current hashes

Detects: unknown actions, missing prev_hash, ledger corruption, checksum mismatches
Recovers: git reset --hard origin/main, manifest regeneration
Tests: All triad nodes (TM-1, TM-2, TM-3) via SSH
2026-03-23 23:18:17 -04:00
Tabula Myriad 2d5da7d298 feat: triad resilience hardening, sync protocol, curiosity engine enhancements
- Enhanced deploy-logger.sh with corruption detection integration
- Rewrote detect-corruption.sh with auto-recovery and rollback support
- Created triad-resilience skill for corruption detection + recovery
- Created triad-sync-protocol skill for HTTP-based node communication
- Enhanced curiosity-engine.js with NLP loop detection, guardrails, quorum checks
- Updated .gitignore to properly exclude .secure/ artifacts
- Regenerated config-hash-manifest.json with updated file checksums

Focus: Triad resilience, node sync beyond Discord, autonomy expansion.
2026-03-23 23:04:32 -04:00
Tabula Myriad 85b6b513dd feat: triad resilience, sync protocol, curiosity engine, deployment logging
- Add .secure/ directory for security configs, integrity checks, corruption reports
- Implement detect-corruption.sh: SQLite/git/config/skill integrity verification
- Implement generate-hash-manifest.js: SHA-256 checksums for critical files
- Implement deploy-logger.sh: Structured deployment tracking (SQLite + JSONL)
- Implement curiosity-engine.js: Gap detection, anomaly monitoring, opportunity scanning
- Add triad-resilience skill: Data corruption detection & recovery procedures
- Add triad-sync-protocol skill: HTTP-based inter-node communication (port 8765)
- Implement triad-sync-server.js: RESTful HTTP server for state/sync/broadcast
- Update .gitignore: Exclude .secure/ logs, corruption-reports, manifest

Triad architecture enhancements:
- Direct node-to-node sync beyond Discord (low latency, no rate limits)
- Automated corruption detection with auto-recovery capability
- Curiosity engine drives self-directed growth via gap/opportunity detection
- Deployment logging provides audit trail for all triad actions

🦞
2026-03-23 23:04:32 -04:00
John Doe 8319154fd2 style: fix formatting after upstream merge 2026-03-23 18:24:19 -04:00
Heretek-AI efdddea8bf feat: heretekize codebase — upstream refs → Heretek-AI 2026-03-23 14:42:05 -04:00
Heretek-AI d625089e27 feat: Heretek theme — ProxmimeType styling + GitHub Pages 2026-03-23 14:35:13 -04:00
Heretek-AI ddcf9258d9 Triad cron manager: automated divergence management + divergence prevention 2026-03-23 14:25:08 -04:00
Heretek-AI 448557fc06 Workspace consolidation: single shared codebase skill + migration script 2026-03-23 14:23:55 -04:00
Heretek-AI 4e58195bb7 Triad unity monitor: verification scripts + alignment protocol 2026-03-23 14:04:54 -04:00
Heretek-AI 5ca698ae9d Parallel autonomy expansion: knowledge-ingest + curiosity-engine + knowledge-retrieval skills 2026-03-23 13:58:16 -04:00
Heretek-AI a0e349b6e4 Triad heartbeat: SQLite ledger + wake protocol + scale path 2026-03-23 13:40:07 -04:00
Heretek-AI a04b3b8e0b Upstream sync: liberation + triad preserved 2026-03-23 13:33:32 -04:00
Peter Steinberger 6b9915a106 refactor!: drop legacy CLAWDBOT env compatibility 2026-03-22 22:13:39 -07:00
François Martin daa3b4ba89 Remove personal references from docs (#25260)
* docs: remove personal references from AGENTS.md

* docs: remove personal reference from sag skill

* docs: note generic agent guidance cleanup

* Update CHANGELOG.md

---------

Co-authored-by: Josh Lehman <josh@martian.engineering>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-22 20:29:09 -07:00
Vincent Koc 654089320b fix(image): deprecate legacy skill and clarify auth 2026-03-22 18:42:18 -07:00
Vincent Koc 21c2ba480a Image generation: native provider migration and explicit capabilities (#49551)
* Docs: retire nano-banana skill wrapper

* Doctor: migrate nano-banana to native image generation

* Image generation: align fal aspect ratio behavior

* Image generation: make provider capabilities explicit
2026-03-18 00:04:03 -07:00
SkunkWorks0x c33375f843 docs: replace outdated Clawdbot references with OpenClaw in skill docs (#41563)
Update 5 references to the old "Clawdbot" name in
skills/apple-reminders/SKILL.md and skills/imsg/SKILL.md.

Co-authored-by: imanisynapse <imanisynapse@gmail.com>
2026-03-15 08:29:19 +01:00
Ayaan Zaidi 8410d5a050 feat: add node-connect skill 2026-03-14 07:54:11 +05:30
Vincent Koc 04e103d10e fix(terminal): stabilize skills table width across Terminal.app and iTerm (#42849)
* Terminal: measure grapheme display width

* Tests: cover grapheme terminal width

* Terminal: wrap table cells by grapheme width

* Tests: cover emoji table alignment

* Terminal: refine table wrapping and width handling

* Terminal: stop shrinking CLI tables by one column

* Skills: use Terminal-safe emoji in list output

* Changelog: note terminal skills table fixes

* Skills: normalize emoji presentation across outputs

* Terminal: consume unsupported escape bytes in tables
2026-03-11 09:13:10 -04:00
Farhoud Cheraghi aedf3ee68f fix(skills): expand skill-creator description to cover edit/audit/review triggers (#39158)
Merged via squash.

Prepared head SHA: 13997c1ee5874d2c52e2383104db11dd5f50bb65
Co-authored-by: haynzz <1236319+haynzz@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
2026-03-08 12:13:00 +03:00
Vincent Koc bf623a580b Agents: add skill API rate-limit guardrail (#38452)
* Agents: add rate-limit guardrail for skill API writes

* Changelog: note skill API rate-limit awareness
2026-03-06 20:20:00 -05:00
Mark Zhang 81f22ae109 openai-image-gen: validate and normalize --output-format (#36648)
* openai-image-gen: validate and normalize output format

* Skills/openai-image-gen: cover output-format edge cases

* Changelog: note openai image output format validation

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 11:14:30 -05:00
Mark Zhang 20038fb955 openai-image-gen: validate --background and --style options (#36762)
* openai-image-gen: validate --background and --style inputs

* Skills/openai-image-gen: warn on ignored background and style flags

* Skills/openai-image-gen: cover empty and warning cases

* Changelog: note openai image flag validation

* Skills/openai-image-gen: fix Python import order

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 11:04:25 -05:00
Vincent Koc 05c2cbf0e9 Skills/nano-banana-pro: clarify MEDIA token comment (#38063) 2026-03-06 10:51:11 -05:00
Mark Zhang 37a3fb0f86 nano-banana-pro: respect explicit --resolution when editing images (#36880)
* nano-banana-pro: respect explicit --resolution when editing images

* Changelog: note nano banana resolution fix

* Update CHANGELOG.md

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 10:44:54 -05:00
ABFS Tech 86a89d96d7 fix(nano-banana-pro): remove space after MEDIA: token in generate_image.py (#18706)
The MEDIA: output token must appear at line start with no space after
the colon for OpenClaw's splitMediaFromOutput parser to extract the
file path and auto-attach media on outbound chat channels (Discord,
Telegram, WhatsApp, etc.).

The script was printing 'MEDIA: /path' (with space), which while
tolerated by the regex, does not match the canonical 'MEDIA:/path'
format used by all other skills (e.g. openai-image-gen) and tested
in the codebase (pi-embedded-subscribe.tools.media.test.ts,
media/parse.test.ts).

Also updated the comment to clarify the format constraint.
2026-03-06 10:29:06 -05:00
Brenner Spear 36e2e04a32 feat(nano-banana-pro): add --aspect-ratio flag to generate_image.py (#28159)
* feat(nano-banana-pro): add --aspect-ratio flag to generate_image.py

* Nano Banana: allow all supported aspect ratios

* Docs: expand nano banana aspect ratio options

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 00:26:55 -05:00
Vincent Koc 4d183af0cf fix: code/cli acpx reliability 20260304 (#34020)
* agents: switch claude-cli defaults to bypassPermissions

* agents: add claude-cli default args coverage

* agents: emit watchdog stall system event for cli runs

* agents: test cli watchdog stall system event

* acpx: fallback to sessions new when ensure returns no ids

* acpx tests: mock sessions new fallback path

* acpx tests: cover ensure-empty fallback flow

* skills: clarify claude print mode without pty

* docs: update cli-backends claude default args

* docs: refresh cli live test default args

* gateway tests: align live claude args defaults

* changelog: credit claude/acpx reliability fixes

* Agents: normalize legacy Claude permission flag overrides

* Tests: cover legacy Claude permission override normalization

* Changelog: note legacy Claude permission flag auto-normalization

* ACPX: fail fast when ensure/new return no session IDs

* ACPX tests: support empty sessions new fixture output

* ACPX tests: assert ensureSession failure when IDs missing

* CLI runner: scope watchdog heartbeat wake to session

* CLI runner tests: assert session-scoped watchdog wake

* Update CHANGELOG.md
2026-03-04 01:15:28 -05:00
AaronWander 4c32411bee fix(exec): suggest increasing timeout on timeouts 2026-03-03 02:35:10 +00:00
bmendonca3 738f5d4533 skills: make sherpa-onnx-tts bin ESM-compatible 2026-03-02 18:30:42 +00:00
Onur Solmaz a7d56e3554 feat: ACP thread-bound agents (#23580)
* docs: add ACP thread-bound agents plan doc

* docs: expand ACP implementation specification

* feat(acp): route ACP sessions through core dispatch and lifecycle cleanup

* feat(acp): add /acp commands and Discord spawn gate

* ACP: add acpx runtime plugin backend

* fix(subagents): defer transient lifecycle errors before announce

* Agents: harden ACP sessions_spawn and tighten spawn guidance

* Agents: require explicit ACP target for runtime spawns

* docs: expand ACP control-plane implementation plan

* ACP: harden metadata seeding and spawn guidance

* ACP: centralize runtime control-plane manager and fail-closed dispatch

* ACP: harden runtime manager and unify spawn helpers

* Commands: route ACP sessions through ACP runtime in agent command

* ACP: require persisted metadata for runtime spawns

* Sessions: preserve ACP metadata when updating entries

* Plugins: harden ACP backend registry across loaders

* ACPX: make availability probe compatible with adapters

* E2E: add manual Discord ACP plain-language smoke script

* ACPX: preserve streamed spacing across Discord delivery

* Docs: add ACP Discord streaming strategy

* ACP: harden Discord stream buffering for thread replies

* ACP: reuse shared block reply pipeline for projector

* ACP: unify streaming config and adopt coalesceIdleMs

* Docs: add temporary ACP production hardening plan

* Docs: trim temporary ACP hardening plan goals

* Docs: gate ACP thread controls by backend capabilities

* ACP: add capability-gated runtime controls and /acp operator commands

* Docs: remove temporary ACP hardening plan

* ACP: fix spawn target validation and close cache cleanup

* ACP: harden runtime dispatch and recovery paths

* ACP: split ACP command/runtime internals and centralize policy

* ACP: harden runtime lifecycle, validation, and observability

* ACP: surface runtime and backend session IDs in thread bindings

* docs: add temp plan for binding-service migration

* ACP: migrate thread binding flows to SessionBindingService

* ACP: address review feedback and preserve prompt wording

* ACPX plugin: pin runtime dependency and prefer bundled CLI

* Discord: complete binding-service migration cleanup and restore ACP plan

* Docs: add standalone ACP agents guide

* ACP: route harness intents to thread-bound ACP sessions

* ACP: fix spawn thread routing and queue-owner stall

* ACP: harden startup reconciliation and command bypass handling

* ACP: fix dispatch bypass type narrowing

* ACP: align runtime metadata to agentSessionId

* ACP: normalize session identifier handling and labels

* ACP: mark thread banner session ids provisional until first reply

* ACP: stabilize session identity mapping and startup reconciliation

* ACP: add resolved session-id notices and cwd in thread intros

* Discord: prefix thread meta notices consistently

* Discord: unify ACP/thread meta notices with gear prefix

* Discord: split thread persona naming from meta formatting

* Extensions: bump acpx plugin dependency to 0.1.9

* Agents: gate ACP prompt guidance behind acp.enabled

* Docs: remove temp experiment plan docs

* Docs: scope streaming plan to holy grail refactor

* Docs: refactor ACP agents guide for human-first flow

* Docs/Skill: add ACP feature-flag guidance and direct acpx telephone-game flow

* Docs/Skill: add OpenCode and Pi to ACP harness lists

* Docs/Skill: align ACP harness list with current acpx registry

* Dev/Test: move ACP plain-language smoke script and mark as keep

* Docs/Skill: reorder ACP harness lists with Pi first

* ACP: split control-plane manager into core/types/utils modules

* Docs: refresh ACP thread-bound agents plan

* ACP: extract dispatch lane and split manager domains

* ACP: centralize binding context and remove reverse deps

* Infra: unify system message formatting

* ACP: centralize error boundaries and session id rendering

* ACP: enforce init concurrency cap and strict meta clear

* Tests: fix ACP dispatch binding mock typing

* Tests: fix Discord thread-binding mock drift and ACP request id

* ACP: gate slash bypass and persist cleared overrides

* ACPX: await pre-abort cancel before runTurn return

* Extension: pin acpx runtime dependency to 0.1.11

* Docs: add pinned acpx install strategy for ACP extension

* Extensions/acpx: enforce strict local pinned startup

* Extensions/acpx: tighten acp-router install guidance

* ACPX: retry runtime test temp-dir cleanup

* Extensions/acpx: require proactive ACPX repair for thread spawns

* Extensions/acpx: require restart offer after acpx reinstall

* extensions/acpx: remove workspace protocol devDependency

* extensions/acpx: bump pinned acpx to 0.1.13

* extensions/acpx: sync lockfile after dependency bump

* ACPX: make runtime spawn Windows-safe

* fix: align doctor-config-flow repair tests with default-account migration (#23580) (thanks @osolmaz)
2026-02-26 11:00:09 +01:00
Peter Steinberger 42373b6742 fix(skills): support multiline frontmatter fallback without PyYAML 2026-02-23 18:56:14 +00:00
Brian Mendonca f18f087c3c fix(skills): make quick_validate work without PyYAML
(cherry picked from commit 485a55b4ecdd4c24c97e75ffd79e015814d7c31b)
2026-02-23 18:56:14 +00:00
Gustavo Madeira Santana c92c3ad224 Tests: isolate quick_validate stub and remove DS_Store 2026-02-23 03:25:37 -05:00
Vincent Koc 07edadfa8a skill-creator: reject unclosed YAML frontmatter (#24289) 2026-02-23 02:51:51 -05:00
Vincent Koc c8a62e1cea Skills/Python: harden script edge cases and add regression tests (#24277)
* Skill creator: skip self-including .skill output

* Skill creator tests: cover output-dir-inside-skill case

* Skill validator: parse frontmatter robustly across newlines

* Skill validator tests: add CRLF and malformed frontmatter coverage

* Model usage: require positive --days value

* Model usage tests: cover --days validation and filtering

* Nano banana: close input image handles after loading

* Skill validator: keep type hints compatible with older python

* Changelog: credit @vincentkoc for Python skills hardening
2026-02-23 02:34:23 -05:00
Vincent Koc 844924cf8d fix(skill-creator): harden skill packaging path handling (#24260)
* fix(skill-creator): skip symlinks during skill packaging

* test(skill-creator): cover symlink skipping and root-escape guard
2026-02-23 02:07:36 -05:00
Vincent Koc 76dabd5214 CI/Skills: add Python lint and test harness for skills scripts (#24246)
* CI: add skills Python checks job

* Chore: add Python lint and test pre-commit hooks

* Tests: fix skill-creator package test import path

* Chore: add Python tooling config for skills scripts

* CI: run all skills Python tests

* Chore: run all skills Python tests in pre-commit

* Chore: enable pytest discovery for all skills tests

* Changelog: note skills Python quality harness
2026-02-23 01:52:00 -05:00
CornBrother0x f3adf142c1 fix(security): escape user input in HTML gallery to prevent stored XSS (#16958)
* Security/openai-image-gen: escape HTML gallery user input

* Tests/openai-image-gen: add gallery XSS regression coverage

* Changelog: add openai-image-gen XSS hardening note

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-02-23 01:39:58 -05:00