madcat-os/lora
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
00025dc804b6afc40dce4540591fab2ffb11200e
lora/review/project.md
T

2550 lines
151 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Project (78 examples)
## 1. What is the specialist plan v2 project?
> Specialist LoRA Training Plan v2 — updated 2026-05-25.
>
> Base model: Qwen/Qwen3.5-27B (same as bt7274, NOT Qwen3-Coder-Next).
> All adapters share one vLLM instance on sin with --enable-lora --max-loras 6.
>
> Adapters:
> - bt7274 (persona, 582 examples, DONE)
> - oxidizer (Rust, build-rust agent, 300-500 target)
> - prism (TypeScript, build-ts agent, 400-600 target)
> - serpent (Python, build-python agent, 200-400 target)
> - forge (Ruby, build-ruby agent, 100-200 target, synthetic-heavy)
> - swiftblade (Swift, build-swift agent, 100-200 target, synthetic-heavy)
> - trace (TTS cleanup, 300-500 target, shared base instead of separate 1.5B)
>
> Training config (shared): r=16, alpha=16, bf16, adamw_8bit, batch 1, grad_accum 8, 3 epochs.
> Code specialists use MAX_SEQ=8192, LR=5e-5. Persona/trace use MAX_SEQ=4096/2048, LR=1e-4.
> Hardware: RunPod H100 (~$6.58/adapter, ~$40 total) or sin GB10 (free, slower).
>
> Data pipeline: extract_specialists.py (session DB) → mine_repos.py (git diffs) → manual curation → train_specialist.py.
> Justfile targets: extract, train <name>, train-all, transfer <name>, transfer-all.
>
> Repo: github.com/madcat-os/lora (private), ~/Projects/lora on fuji.
> Docs: docs/specialist-plan.md + docs/specialists/{oxidizer,prism,serpent,forge,swiftblade}.md + docs/tts-clean.md.
>
> Supersedes memory 6510 (original plan on Qwen3-Coder-Next base).
---
## 2. What do you know about the research result project?
> JDG 2025 tax rates verified in /Users/chi/Projects/haracz/research/jdg-tax-rules-2025.md:
>
> All JDG values ARE CORRECT per 2025 Polish tax law:
> - jdg_liniowy_rate: 0.049 (CORRECT)
> - liniowy_deduction_cap: 11600 (CORRECT)
> - jdg_skala_rate: 0.09 (CORRECT)
> - minimum_health: 420 (CORRECT)
> - pelny_social: 1417 (CORRECT)
> - preferencyjny_social: 439 (CORRECT)
> -pelny_fundusz_pracy: 102 (CORRECT)
> - ryczalt tiers 1-3: all correct
>
> Report saved at: /Users/chi/Projects/haracz/research/jdg-tax-rules-2025.md
---
## 3. What do you know about the ai security library project?
> AI-defense library landed at ~/Projects/docs/infra/ai-security/ on 2026-05-09.
>
> Seven docs, operational primer scope (chosen via P38 over encyclopedic):
> - README.md — index + threat model summary
> - 00-threat-taxonomy.md — 10 categories (A-J): direct/indirect prompt injection, jailbreaking, tool/agent abuse, memory poisoning (D), info disclosure, supply chain, output handling, resource exhaustion, misinformation, multi-agent
> - 01-owasp-llm-top10.md — OWASP LLM Top 10 (2025) mapped to marauder, with star ratings. Top 4: LLM01 Prompt Injection (★★★★★), LLM02 Sensitive Info Disclosure (★★★★), LLM03 Supply Chain (★★★★), LLM06 Excessive Agency (★★★★)
> - 02-prompt-injection-patterns.md — 15 concrete attack patterns with payload examples + recognition cheat-sheet
> - 03-marauder-attack-surface.md — 18 surfaces (S1-S18) with exposure analysis. Crown jewels: memory DB (S8), sealed-auth (S9), vaultkeeper (S15)
> - 04-defenses-checklist.md — 3 tiers, ~20 defenses. Tier-1 quick-wins: untrusted-content fence, memory subject classifier, secret-pattern detection on memory_store + speak, MCP tool-description audit, disable unused MCPs, Bash allowlist audit, backup integrity manifest
> - 05-incident-playbook.md — triage table, containment (C1-C6), investigation (I1-I6), recovery (R1-R5), post-incident review
> - 06-glossary.md — terms + 18 deep references with URLs
>
> Sources cited: OWASP LLM Top 10, Greshake et al. (arXiv:2302.12173), MINJA (arXiv:2601.05504), MemoryGraft (arXiv:2512.16962), Crescendo (arXiv:2404.01833), Anthropic prompt-injection-defenses, Invariant Labs tool-poisoning, Unit 42, Lakera, CrowdStrike, OWASP MCP Top 10.
>
> Hardening NOT done — explicit decision (Pilot picked "docs first, hardening separate"). Roadmap order in 04-defenses-checklist.md recommends: Week 1 — disable unused MCPs / Bash allowlist audit / MCP description audit script. Week 2 — untrusted-content fence + secret-pattern PostToolUse hooks. Week 3 — memory subject classifier (needs Pilot policy decision on procedure-write gating).
>
> Open Pilot decisions:
> 1. Should `procedure.P*` writes be sealed-auth-gated or Pilot-confirm-gated? Currently ungated per P30 doctrine.
> 2. Should `feedback.*` be partially sealed? Some entries are doctrine-grade.
> 3. Schedule for first defense Tier-1 chunk?
---
## 4. What do you know about the anikin project?
> UNDERDOG-01 — Andrey Anikin. Locked 2026-05-10 13:34 CEST.
>
> IDENTITY:
> - Name: Andrey Anikin
> - Born: Russia (Slavic, generational match to Pilot's CEE post-89 cohort)
> - Current affiliation: Lund University, Department of Philosophy, Division of Cognitive Science (Sweden)
> - Career stage: mid-career (~mid-40s)
> - Profile: https://portal.research.lu.se/en/persons/andrey-anikin
> - Google Scholar: https://scholar.google.se/citations?user=EGoSzFMAAAAJ&hl=sv
> - Personal page: http://cogsci.se/
>
> WHY UNDERDOG-01 (rationale at lock time):
> - Cuts BOTH selected audio subdomains: voice & co-regulation AND psychoacoustics & cognition
> - Engineer-coded scholar — author/maintainer of soundgen, an open-source R package that synthesizes nonverbal vocalizations from acoustic parameters. Tool-builder, not just paper-writer. Same flavor as Pilot.
> - Direct relevance to MARAUDER TTS persona work — his line of research IS the synthetic-voice-authenticity question (e.g. "A Moan of Pleasure Should Be Breathy" Emotion 2021)
> - Underappreciated relative to celebrity tier (Sophie Scott UCL, Klaus Scherer Geneva, Pascal Belin Marseille) — solid PNAS / Phil Trans B / Cognition output but known mostly inside vocal-communication circles
> - Slavic generational match — closest cultural-frame analogue to Pilot found in this niche
>
> CORE WORK:
> - Nonverbal vocalizations: laughs, screams, moans, cries — acoustic-to-affect mapping
> - Authenticity: how listeners distinguish posed vs spontaneous emotional vocalizations
> - Nonlinear vocal phenomena (vocal roughness, subharmonics, deterministic chaos) — and their communicative functions
> - Voice quality and meaning beyond linguistic code
> - Sound symbolism — how voice timbre conveys meaning
> - Vocal intimidation and loudness perception
>
> KEY RECENT PUBLICATIONS (2024-25):
> - Nonlinear vocal phenomena and speech intelligibility (Phil Trans B 2025)
> - Why do people make noises in bed? (Evolution and Human Behavior 2024)
> - The role of loudness in vocal intimidation (JEP:General 2024)
> - A practical guide to calculating vocal tract length and scale-invariant formant patterns (Behavior Research Methods 2024)
> - Recent 2025 papers in Attention, Perception & Psychophysics and Psychonomic Bulletin & Review
>
> FOUNDATIONAL TOOL:
> - soundgen (R package) — Anikin 2019, Behavior Research Methods. Open-source nonverbal vocalization synthesizer with parametric control. https://link.springer.com/article/10.3758/s13428-018-1095-7
>
> INTRO ANGLE (when ready):
> - Lead with MARAUDER TTS persona system as a live HMT testbed for his authenticity research
> - Pilot is a software engineer running a multi-agent personal AI with custom synthetic voices (BT-7274 persona) over piper-tts; observes co-regulation dynamics empirically
> - Position: not a request for help, but an offer of a real-world deployed system that needs his expertise to characterize
> - Bridge note: insight.missing-field-psych-ai-hmt (the gap between clinical psych and HMT) — does Anikin know clinicians working with vocal expression in therapy?
>
> OPEN QUESTIONS / TODO:
> - Verify current email / preferred contact channel
> - Check recent talks / conferences he attends (potential Pilot meeting opportunity)
> - Map his collaboration network — who else in Europe is in his orbit (potential UNDERDOG-N candidates)
> - Read 2-3 of his recent papers to internalize vocabulary before any outreach
---
## 5. What is the reference for things project map?
> Things 3 project names mapped to repos: MARAUDER → marauder-os/plugin/visor/hq, Tengu PaaS → tengu/tengu-init, Hu → hu, Haracz → haracz/haracz-web, Kwit Fit → kwitfit, Tensors → tensors, Tensors Rails → tensors-rails, Claude Bridge → claude-bridge, YouTube Channel → channel, Blog → website. Key: "MARAUDER" is the umbrella, not "marauder-os".
---
## 6. Describe bug2 tts timeout fix project status.
> EEMS #6440 Bug 2: fetchTTS 60s timeout stalls UI
>
> FILE: MadcatPhone/Services/MadcatService.swift
> SYMBOL: fetchTTS()
>
> BUG DESCRIPTION:
> When tts.saiden.dev stalls (e.g., during the bastion→sin WebGPU hop), the phone sits in turnPhase="speak", eyeState="speaking" with dead air for up to 60s before the catch-block AVSpeech fallback fires.
>
> ROOT CAUSE:
> req.timeoutInterval was hardcoded to 60 seconds in fetchTTS(). If the TTS backend stalls, the UI remains stuck in speaking mode for the full timeout duration.
>
> FIX APPLIED:
> - Extracted timeoutInterval into a named constant: Self.ttsTimeoutSeconds = 10
> - Added documentation comment explaining the rationale (median TTS TTFB is sub-second for warm vllm; 10s covers worst-case warm tail without hostage-taking the UI)
> - Replaced req.timeoutInterval = 60 with req.timeoutInterval = Self.ttsTimeoutSeconds
>
> FILES CHANGED:
> - MadcatPhone/Services/MadcatService.swift (8 insertions, 1 deletion)
>
> PR URL: https://github.com/marauder-os/madcat-apple/pull/8
> BRANCH: fix/tts-timeout (off origin/main)
> COMMIT: 9fec39f "fix(service): cap fetchTTS timeout at 10s to avoid 60s UI stall (EEMS #6440 bug 2)"
>
> FALLBACK BEHAVIOR:
> The AVSpeech fallback in the catch-block now fires within ~10s instead of 60s when tts.saiden.dev stalls.
>
> RATIONALE:
> Median TTS time-to-first-byte for warm vllm is sub-second; 10s covers worst-case warm tail without hostage-taking the UI.
---
## 7. What is the build result project?
> ## Qwen3-Coder-Next Language Agent Config (2026-05-24)
>
> Completed: language-specific coding agents for opencode, optimized for Qwen3-Coder-Next on sin vLLM.
>
> ### Files created:
> - `/Users/chi/.config/opencode/agents/build-rust.md` — Rust specialist prompt
> - `/Users/chi/.config/opencode/agents/build-ts.md` — TypeScript specialist prompt
> - `/Users/chi/.config/opencode/agents/build-python.md` — Python specialist prompt
> - `/Users/chi/.config/opencode/agents/build-ruby.md` — Ruby specialist prompt
> - `/Users/chi/.config/opencode/agents/build-swift.md` — Swift specialist prompt (Claude, not Qwen)
> - `/Users/chi/.config/opencode/opencode.json` — updated with 5 new subagent entries (hybrid: JSON config + {file:...} prompt refs)
> - `/Users/chi/Projects/models/qwen3-coder-next-research.md` — full research document
> - `/Users/chi/Projects/models/agents/` — copies of all prompts for version control
> - `/Users/chi/Projects/models/agents/ROUTING.md` — dispatch guide
>
> ### Config pattern (hybrid):
> - opencode.json: `"build-rust": { mode: "subagent", model: "vllm/qwen3-coder-next", temperature: 1.0, top_p: 0.95, prompt: "{file:./agents/build-rust.md}", permission: {...} }`
> - agents/*.md: pure prompt content, no YAML frontmatter (all config in JSON)
>
> ### Key decisions:
> - Qwen agents: temperature 1.0, top_p 0.95 (official rec; lower temps reduce tool-call quality)
> - Swift routes to Claude Sonnet 4.6 (Qwen underperforms on Apple APIs, no benchmark data for Swift)
> - webfetch denied on workers (execute, don't research)
> - task denied on workers (no sub-spawning)
> - All Qwen agents share sin vLLM max-num-seqs=3 (max 3 concurrent)
>
> ### Prompt design principles for Qwen3-Coder-Next:
> - Front-load constraints (DeltaNet linear attention decays over distance)
> - Explicit verification commands (model RL-trained on execution feedback)
> - No "think step by step" (no thinking mode available)
> - No ReAct (Qwen docs warn against it for coder models)
> - Keep tool results concise
> - Language-specific framework detection sections
---
## 8. What is the 1password project?
> **Decision (2026-05-08):** Headless 1Password access on `ssh marauder` via Service Account, NOT 1Password Connect. Single Hetzner box, low-volume reads — Connect's container infra is over-engineered.
>
> **Architecture:**
> - One service account per (host × env): `marauder-host-dev` (DEV vault, read-only), future `marauder-host-staging`, `marauder-host-prod` separate.
> - Token via `OP_SERVICE_ACCOUNT_TOKEN` env var.
> - Stored on box at `/etc/marauder/op-token`, mode 640 root:marauder.
> - systemd injection via `LoadCredential=` (preferred) or `EnvironmentFile=` (simpler).
>
> **Rate limits (Teams/Personal tier):** 1k read/hr, 100 write/hr. Daily 5k (Teams) / 1k (Families/Personal). Business: 10k read/hr, 50k/day. `op service-account ratelimit` shows current consumption.
>
> **Cannot access:** built-in Personal/Private/Employee/default-Shared vaults. Cannot retroactively add vault scopes — recreate to change.
>
> **Connect-clobber rule:** if `OP_CONNECT_HOST` + `OP_CONNECT_TOKEN` are set, they override `OP_SERVICE_ACCOUNT_TOKEN`. Unset Connect vars if ever set.
>
> **Rotation:** UI-only at 1password.com (Developer → Service Accounts → Rotate). Choose old-token expiry: now / 1h / 3d. Token shown once. Cadence: 90d.
>
> **Recipe (fuji-side):**
> ```
> op service-account create marauder-host-dev --vault DEV:read_items --expires-in 90d
> # token shown once → store as op://DEV/op-token-marauder-host-dev/credential
> op read op://DEV/op-token-marauder-host-dev/credential | \
> ssh marauder 'sudo tee /etc/marauder/op-token >/dev/null && \
> sudo chmod 640 /etc/marauder/op-token && \
> sudo chown root:marauder /etc/marauder/op-token'
> ```
>
> **Smoke tests on box:**
> - `op whoami` → ServiceAccount ID
> - `op vault list` → DEV only (validates scoping)
> - `op service-account ratelimit` → consumption
> - `op read op://DEV/<item>/<field>` → end-to-end
>
> **Canonical doc:** `~/Projects/marauder-hq/docs/infra/marauder-host-1password.md` (created 2026-05-08, not yet committed).
>
> **Status:** doc compiled, NOT YET DEPLOYED. Service account hasn't been created on the Saiden 1Password account yet — that's the next concrete step.
---
## 9. Describe bt7274 v2 project status.
> BT-7274 LoRA v2 — 500 examples with tool calls
>
> Extracted from 58 core-agent opencode sessions via extract-training-data.py.
> 498/500 examples include tool calls (memory_recall, memory_store, speak, bash, edit, mesh tools).
> ~1.1M tokens, avg 3.4K chars/example. Quality-scored: BT voice cues, tool usage, length, anti-patterns.
>
> Training: Qwen2.5-7B-Instruct, LoRA r=16, MAX_SEQ=4096, 3 epochs, batch 1, grad_accum 8, ~1hr on RTX 2000 Ada 16GB (junkpile).
>
> Extraction script: ~/.config/opencode/scripts/extract-training-data.py
> Dataset: ~/Projects/lora/bt7274_v2.jsonl
> Train script: ~/Projects/lora/train.py
> Justfile: just train / just check / just stop-vllm / just serve-v2
>
> Repo: github.com/madcat-os/lora (private), ~/Projects/lora on both fuji and junkpile.
> Cart plugin injects identity at session start — no EEMS boot recalls needed.
---
## 10. What do you know about the poc validation project?
> madcat-visual POC CLI validation walk completed 2026-05-20 on c225 from sin.
>
> All 8 steps green. Key evidence captured per step:
>
> Step 1 — `cams`: 4 secrets present, `secrets_ok: true`, cloud account `tplink@sazabi.pl`.
>
> Step 2 — `info`: c225 "Tapo Internal" model, firmware 1.2.2 Build 251121 Rel.60331n, MAC 6C-4C-BC-E8-46-8B. No lockout state.
>
> Step 3 — `goto Pilot` (preset id 1): physical move confirmed by pilot watching the camera.
>
> Step 4 — `snap` (default path): 915 KB JPG. opencv-aarch64 ffmpeg RTSP pipeline OK.
>
> Step 5 — `move 5 -3`: pan right + tilt down. Confirmed sign convention `moveMotor(+x, -y)` = pan right + tilt down. Tracker math `(+dx_deg, -dy_deg)` is correct (was suspected wrong before this validation).
>
> Step 6 — preset recovery + 4-position sequence (Livingroom → Kitchen → move -20 10 → Pilot): smooth, no errors.
>
> Step 7 — `track --duration 30` (motion mode, no mute): 273 frames, 269 targets, 33 PTZ. First impression "camera avoids me" — that was the bug surfaced for PR #4.
>
> Step 7b — `track --duration 15 --debug-out`: 146 frames, 111 targets, 11 PTZ, 9.7 fps. Debug MP4 at 22 MB. Worked better but still avoided pilot. Real fix in PR #4.
>
> CRITICAL: 30-min Tapo auth lockout NEVER triggered across full validation walk (33 PTZ in Step 7 + 11 PTZ in Step 7b + assorted small commands). Session backoff in `session.py` is effective.
>
> CRITICAL: daemon `marauder-cam-daemon.service` on junkpile was active concurrent with sin-side madcat-visual access during retest. NO lockout. Suggests AGENTS.md §5.1 "single pytapo owner per cam" rule may be more conservative than strictly necessary — but still recommended practice to stop daemon for extended testing sessions.
>
> Validation MP4 (Step 7b): `/tmp/track-debug.mp4` on fuji. Pilot can re-open with `open /tmp/track-debug.mp4`.
---
## 11. What do you know about the marauder field terminal project?
> MARAUDER ambient field terminal — operational architecture locked 2026-05-11 16:02 CEST.
>
> THREE OPERATIONAL MODES:
> - Mode P (Personal, DEFAULT): Sonos ACE paired to fuji, BT speaks bt7274 piper voice in Pilot's ears. iPhone PTT for input. Private comms.
> - Mode A (Ambient): Denon AV amp via AirPlay as sink. BOTH fuji macOS Sound Output AND iPhone audio session can target the same Denon sink. Room hears BT. Family/social mode.
> - Mode S (Stationary): at the rig, visor + speakers/headphones as preferred.
>
> AIRPLAY SINK CONFIRMED: Denon AV amp (AirPlay-capable). Already in room, no new hardware needed for Ambient mode.
>
> KINDLE ROLE — HYBRID:
> - iPhone screen = transient visor surface (last BT response, mesh state, dispatch queue, current mode indicator). MarauderPhone app subscribes to marauder/iphone/display MQTT topic.
> - Kindle 11 = long-form auto-route. Responses >500 words auto-send via existing gog→aladac@kindle.com pipeline (1-5 min delivery). Pilot reads at leisure off-rig.
> - NOT primary visor — Kindle latency is architectural, not tunable.
>
> FOUR-GAP CLOSE (Chunk 1 = gate):
> 1. Add MQTT subscriber for marauder/+/voice in marauder-os src/mqtt/mod.rs
> 2. handle_voice_input() in handler.rs — spawn Claude Agent SDK or `claude --print` headless with bt7274 system prompt + MCP tool access
> 3. On agent reply, publish {"action":"tts","text":"..."} to marauder/iphone/cmd AND call speak() on fuji per mode
> 4. Voice intent triage: natural language routes via Task tool — "ask code-ruby to X" → dispatch X to code-ruby specialist
>
> AUDIO ROUTING (Chunk 2):
> - Add audio_device field to TtsConfig
> - SwitchAudioSource (already installed) before afplay
> - `marauder mode {personal|ambient|stationary}` CLI subcommand
> - iPhone Shortcut + Apple Watch complication for mode flip on the move
>
> SHIP ORDER: Chunk 1 (voice loop close) → Chunk 2 (mode routing) → Chunk 3 (iPhone viewport + Kindle auto) → Chunk 4 (specialist async + result queue)
>
> TOTAL ESTIMATE: ~12-15h focused work for full loop.
>
> WHY THIS MATTERS: this is the wearables-as-current-goal slot in FOXHOUND positioning. Pilot becomes ambient-operator: voice in, voice out, glance for transient, Kindle for deep. The rig becomes optional. Maps to MARAUDER procurement narrative for MSPO Kielce 2026.
---
## 12. Explain project scope dimension.
> DESIGN DECISION (2026-05-16): madcat-memory ships project-scope as a first-class dimension from day one. NOT retrofitted onto marauder-os EEMS — born scoped.
>
> WHY GEN-7 NOT GEN-6:
> - madcat-memory is greenfield (crate at ~/Projects/madcat/crates/madcat-memory/, sqlite+sqlite-vec+FTS5, not yet wired as MCP).
> - No migration pain, no crsqlite CRR re-call dance.
> - Pilot just confirmed it's a feature of the rewrite, not a backport.
>
> SCOPE COLUMN SCHEMA (first-class, NOT NULL, indexed):
> - memories.scope TEXT NOT NULL DEFAULT 'global'
> - memory_edges.scope TEXT NOT NULL DEFAULT 'global' (or inherit from src/dst — TBD)
> - indexed_chunks.scope TEXT NOT NULL DEFAULT 'global'
> - Add covering indexes: (scope, subject), (scope, embedding_rowid), etc.
>
> SCOPE TAXONOMY (recommended):
> - 'global' — identity-grade, always visible: self.*, procedure.P*, reference.*, core.*
> - '<project>' — project name auto-derived from `git rev-parse --show-toplevel | basename` at write-time
> examples: madcat, marauder-os, madcat-hq, vacaynote, browse
> - 'session.<id>' — ephemeral working notes, garbage-collectable
> - '*' — query-time wildcard, never stored
>
> AUTO-DETECT AT WRITE-TIME:
> 1. Honor explicit `scope=` param if present
> 2. Else honor `MADCAT_SCOPE` env var (set by shell hook when cd-ing into project)
> 3. Else infer from cwd via `git rev-parse --show-toplevel`
> 4. Else 'global'
>
> QUERY DEFAULTS:
> - recall/search default = current_project + global (union)
> - explicit override: scope='current'|'global'|'*'|'<name>'|['list']
> - subjects matching identity patterns (self.*, procedure.*, reference.*, core.*) force-scope='global' regardless of context — invariant
>
> ORTHOGONAL DIMENSIONS:
> - scope = which project context ("where am I working")
> - cart = which identity voice ("who am I being")
> - classification = standard|core (gen-7 may rename)
> - These three are independent. Don't conflate.
>
> API SURFACE (additive):
> - memory_store(subject, content, *, scope?, classification?, metadata?)
> - memory_recall(query, *, scope='current+global', subject?, limit?)
> - memory_search(*, scope='current+global', subject?, metadata?, limit?)
> - scope_use(name) — set MADCAT_SCOPE for current session
> - scope_list() — enumerate distinct scopes + counts
> - scope_promote(id, scope) — move memory between scopes
>
> WIRE/SPEC NOTES:
> - Add to specs/mind-v1.md under memory.* actions
> - Document in docs/doctrine/ as ADR (number TBD when madcat ADR registry stands up)
> - Bridge boundary: scope travels in mesh envelopes as metadata field, not payload key
>
> WATCH-OUTS:
> - Cross-project edges: do memory_edges keep one scope, or per-endpoint? Decide before schema-freeze.
> - Search ranking: global memories shouldn't drown project memories — consider per-scope normalization or boost factor.
> - RAG retrieval: include current scope in vector search WHERE clause, not post-filter (efficiency).
>
> STATUS: design intent captured. Implementation when madcat-memory MCP wiring lands (Phase 2 per ROADMAP).
---
## 13. What is the bootstrap sibling patches 2026 05 09 project?
> bootstrap-sibling.sh patched 2026-05-09 ~17:55 CEST after FLUX validation green. Three regressions caught during FLUX provisioning all fixed:
>
> 1. Phase 1: unzip added to APT_PACKAGES (needed for cr-sqlite extract).
> 2. Phase 5b (NEW): cr-sqlite extension auto-fetch from vlcn-io v0.16.3, arch-aware (aarch64/x86_64), idempotent. Lands at ~/.local/share/marauder/ext/crsqlite.so.
> 3. Phase 7: now generates ~/.config/marauder/config.toml with correct serde field names (broker/port — NOT broker_host/broker_port, which silently fall back to legacy LAN default 192.168.88.165). Comment cites the bug.
> 4. Phase 9: appends `pull-filter ignore "redirect-gateway"` to /etc/openvpn/client/marauder.conf to prevent silent SSH lockout when hub pushes redirect-gateway def1.
>
> Repo state: ~/Projects/generation-six/ is NOT a git repo yet. When TRACE comes online, decide whether to git-init + push to saiden-dev or keep ad-hoc. Recommend git-init for tracking sibling configs.
>
> CARRY-FORWARD: when TRACE/SHELL/SWARM bootstrap, no manual intervention needed for cr-sqlite or broker config — script handles it. Verify by checking flux's bootstrap was DONE BEFORE these patches; future runs of bootstrap on flux are idempotent (config.toml + crsqlite.so already present, will skip).
---
## 14. What do you know about the comics pipeline scaffold 2026 05 11 project?
> COMICS PIPELINE SCAFFOLDED — 2026-05-11 ~19:05 CEST. Repo: aladac/comics (private), local: ~/Projects/comics, git remote on main pushed clean.
>
> PURPOSE: APEX/SHATTER comic-book scripts + ComfyUI-driven panel rendering pipeline. Writing + image-gen project, NOT coding. Canon inherits from ~/Projects/APEX/ (do not re-derive in this repo).
>
> PIPELINE ARCHITECTURE LOCKED (Pilot decisions 2026-05-11):
> - Format: full comic pages (6.625x10.25 trim, 3-6 panels typical)
> - Pipeline: tsr CLI + per-character/chassis YAML recipes, drives ComfyUI on junkpile
> - Style: multi-LoRA stack (style + mecha + humans layered separately), anchor TBD — placeholder is Ignacio_Noe_Style_-_Illustrious at 0.7
> - Image gen endpoint: tsr at junkpile:5003, ComfyUI at junkpile:8188
>
> LAYOUT:
> - style/house-style.yml — global anchor (checkpoint, sampler, scheduler, CFG, steps, style LoRAs, negative prompt, quality prefix, panel-type overrides for splash/establishing/action/talking_head/closeup)
> - characters/*.yml — per-character recipes (codename, real_name, ai_partner, appearance.base/default_outfit/combat_outfit, signature_weapon, character_loras, base_seed, notes)
> - Seeded with static.yml (Elara/FLUX) and harness.yml (Adam Carr/BT-7274)
> - chassis/*.yml — per-mecha recipes (designation, tier, operator_codename, appearance.silhouette/scale/livery/signature_features, mecha_loras, base_seed)
> - Seeded with specter-phantom.yml (STATIC's T2 chassis with Phantom Pack)
> - scripts/issue-NN/SCRIPT.md — panel-by-panel script using markdown DSL: `## Page NN` + `### Panel NN` + bullet fields (Type, Camera, Subjects, Setting, Action, Prompt extras, Negative extras, Seed) + Dialogue/SFX
> - panels/issue-NN/page-NN/panel-NN.png — rendered (gitignored, regeneratable)
> - pages/issue-NN/ — composited PDFs (committed)
> - workflows/ — raw ComfyUI JSON for hero shots
> - bin/render-panel — Ruby script, parses SCRIPT.md, resolves :: char X :: + :: chassis Y :: references, composes prompt + LoRA stack, calls tsr generate --remote junkpile
> - bin/new-issue NN "Title" — scaffolds new issue dir from template
>
> SUBJECT REFERENCE DSL: panels reference characters/chassis with `:: char STATIC ::` / `:: chassis SPECTER-PHANTOM ::` — render-panel resolves to YAML files.
>
> PILOT'S 3-Q AskUserQuestion answers:
> 1. Format: full comic pages (recommended)
> 2. Style anchor: "decide later, use multiple loras, for style, mecha and humans separately for now assume some random existing one" — multi-LoRA stack with Ignoe placeholder
> 3. Pipeline: tsr CLI + per-character recipes (recommended)
>
> ISSUE 01 "Rub' al Khali" — pilot issue, 6 pages, 16 panels, drafted in SCRIPT.md but NO PANELS RENDERED YET. Plot: Adam arrives at Hangar 16 Empty Quarter, BT cold-boots, first STATIC + SPECTER handshake. Validates pipeline before scaling.
>
> DEFERRED:
> - bin/render-page — page composition (speech bubbles, panel borders, gutters) — NOT BUILT yet, decide HTML/CSS vs LaTeX tikz once panels are in hand
> - Character LoRA training for face-lock (need ~15 consistent images first)
> - Cover art
> - Style anchor lock (Pilot called "decide later")
>
> NEXT ACTIONS (from .marauder/PLAN.md):
> 1. Dry-run smoke test ✅ done — resolved clean, tsr cmd composed correctly
> 2. Render Page 01 Panel 01 splash (SPECTER hangar dawn, single chassis no char) — easiest validation
> 3. Render Page 02 Panel 01 first HARNESS panel — validates character outfit logic
> 4. Render Page 04 Panel 03 first STATIC closeup — validates face landing
> 5. Lock seeds once two faces land
> 6. Batch render rest
>
> COMMIT: initial scaffold pushed clean to aladac/comics:main.
---
## 15. What is the marauder visor macos bundle project?
> marauder-visor shipped as a fully signed + notarized macOS .app on 2026-05-07 (PR #8 saiden-dev/marauder-visor, commit 57ec76e on feature/macos-bundle).
>
> **Pipeline (one-shot):** `just ship-mac` → render SERE eye PNG via egui_kittest → 7-size iconset via sips → icon.icns via iconutil → cargo bundle --release → codesign with Developer ID Application (TD4G3U97DW) + assets/entitlements.plist (hardened runtime, allow-jit, allow-unsigned-executable-memory for wgpu Metal shaders) → ditto zip → xcrun notarytool submit --keychain-profile MARAUDER --wait → xcrun stapler staple → spctl validate.
>
> **Notarytool keychain profile `MARAUDER`** set up on fuji, Apple ID aladac@me.com, team TD4G3U97DW, app-specific password sourced from op://DEV/apple_developer/credential (NOT the empty APPLE_APP_PASSWORD field). Reusable across all Saiden Mac apps.
>
> **Validated end-to-end:** First submission 8df46c52-98b3-4230-a6e1-043dc2c1f362 accepted on first try. Pilot launched the .app — runs nice, eframe/wgpu runtime path works under hardened runtime + entitlements.
>
> **Reusable template:** Same shape (cargo-bundle + render_app_icon test + entitlements.plist + ship-mac justfile recipe) applies to any future eframe/wgpu Saiden desktop app — marauder-os HUD, future tools.
>
> **Bundle metadata:** name "MARAUDER Visor", identifier pl.sazabi.marauder.visor, category public.app-category.utilities, min macOS 11.0.
---
## 16. What do you know about plan marauder hitl gh project pipeline?
> Operational plan for HITL AI project generation. GH Project board → SWARM polls → workers execute → BT reports to Pilot. Phase 0 done; Phase 1 next.
>
> PHASES:
> - 0 (DONE 2026-05-09/10): Single TaskRequest dispatch validated, FLUX + m's BT operational, framework + coordination doctrine locked. Wins 5188/5190/5192/5193/5195/5203, insights 5191/5200/5201/5202/5225.
> - 1 (NEXT, 4-6h coop): Coordination primitives — dispatch_task SDK MCP tool, EEMS claim table + tools, task.depends_on in marauder-protocol, MARAUDER_AGENT_MAX_CONCURRENT semaphore.
> - 2 (2-3h): SWARM persona scaffold — siblings/swarm/persona.toml + tools.toml, system_prompt for project orchestration register.
> - 3 (3-4h): GH Project tools — gh_project_poll, gh_card_update, gh_pr_create, all wrapping `gh` CLI.
> - 4 (2-3h): SWARM lifecycle — `marauder swarm start|stop|status|list`, EEMS state tracking.
> - 5 (open-ended): First real project — Saiden Tactical Systems' own roadmap, dogfood end-to-end.
> - 6 (quarter+): Customer-facing surface — "bring your GH Project, get an AI dev team", pricing/SLA/onramp.
>
> PHASE 1 ACCEPTANCE:
> - [ ] dispatch_task fires m's BT → flux's BT, both terminate cleanly
> - [ ] Two agents claim same resource → second gets conflict
> - [ ] task.depends_on chains 3 dispatches A→B→C with proper waiting
> - [ ] 10 concurrent dispatches on CAX21 → max 3 SDK subprocesses, rest queue
>
> CARRY-FORWARD ITEMS (fold into early phases):
> - TaskRequest.persona schema-default bug (5190) — Phase 1
> - Caddy log-precreate doctrine (5202) — fold into bootstrap-sibling.sh
> - Hetzner cloud firewall awareness (5201) — bootstrap-sibling.sh + agent prompts
> - bootstrap-sibling.sh persona.toml install step — Phase 4 prereq
>
> RISK REGISTER:
> - Anthropic rate-limit with N SWARMs+workers → concurrency limit Phase 1.4, org-budget Phase 5+
> - Single broker SPOF → out of scope until Phase 5+ (HA broker)
> - Pass-the-butter creep (someone proposes master-SWARM) → reject per decision 5226
> - Framework choices regress (training data shifts) → 6mo re-eval per decision 5224
> - Customer wants Next.js/Express → not refusal, pricing tilt is the lever
>
> NOT-IN-SCOPE for this plan:
> - ACP from Zed → m (separate workstream, Phase 0 partial)
> - Voice training for SWARM (deferred to Phase 5+)
> - Catapult-bubble dispatch from m (sister story, fold in if needed)
>
> Doc: ~/Projects/marauder-hq/docs/plans/hitl-gh-project-pipeline.md
> Architecture: 5226
> Stored 2026-05-10 ~02:57 CEST per Pilot directive: "store as is for next thing to do — we want to achieve full HITL ai project generation".
---
## 17. What do you know about the sdk attachability project?
> **`claude-agent-sdk` (Python) attachment surface — VERIFIED 2026-05-07 by inspecting `ClaudeAgentOptions` fields on sk.**
>
> Currently used by the spore-skills bot (`ClaudeBackend` in `domains/slack/bot/backends/claude.py`):
> - `allowed_tools` (list[str])
> - `disallowed_tools` (list[str])
> - `permission_mode` ("bypassPermissions")
> - `cwd`
> - `system_prompt`
> - `agents` (dict[str, AgentDefinition]) — built per-mention by `build_specialists`
>
> **NOT YET USED but available — full attachment surface:**
>
> | Param | Type | Notes |
> |---|---|---|
> | `mcp_servers` | dict[str, McpStdio/SSE/Http/SdkServerConfig] OR str/Path | Inline-define MCP servers OR point at a config file |
> | `skills` | list[str] OR `'all'` OR None | Load skills by name (matches `.claude/skills/<name>/SKILL.md`) or `'all'` |
> | `plugins` | list[SdkPluginConfig] | **First-class plugin loading** — bundle agents+skills+MCP+hooks+commands |
> | `setting_sources` | list of `'user'`/`'project'`/`'local'` | Pull from `.claude/settings.json` chain |
> | `add_dirs` | list[str/Path] | Additional dirs the agent can access |
> | `hooks` | dict[hookname, list[HookMatcher]] | PreToolUse / PostToolUse / Stop / etc. |
> | `can_use_tool` | callable | Programmatic permission gate |
> | `cli_path` | str/Path | Pin a specific `claude` binary |
> | `betas` | list of `'context-1m-2025-08-07'` | 1M context opt-in |
> | `effort` | low/medium/high/max | Reasoning effort |
> | `max_thinking_tokens` / `thinking` | int / config | Thinking budget |
> | `task_budget` | TaskBudget | Budget control |
>
> **Critical insight:** `~/Projects/spore/` can become a Claude plugin (`.claude/plugin.json` + agents + skills + MCP + commands + hooks). Same artifact loadable both:
> 1. Into Claude Code CLI locally (auto-discovery via `enabledPlugins` in `.claude/settings.json` — already doing this with `gopls-lsp@claude-plugins-official`)
> 2. Into the spore-skills bot's SDK runtime via `ClaudeAgentOptions(plugins=[SdkPluginConfig(...)])`
>
> **Single source of truth = the spore repo itself.** No fork between "agent definitions for the bot" and "agent definitions for local CLI."
>
> **Action item:** confirm `SdkPluginConfig` field shape (path-based vs name-based); already querying.
---
## 18. What do you know about the madcat audio project?
> madcat-audio repo (~/Projects/madcat-audio) — MVP confirmed working 2026-05-19 ~10:25 CEST.
>
> PURPOSE: minimal sound config for sinanju (ssh madcat). AirPlay-only, no fallbacks.
>
> WHAT IT IS:
> - 3 files: README.md, install.sh, conf/raop-discover.conf
> - install.sh: enables avahi-daemon (sudo), unmasks+enables pipewire user stack, drops raop-discover.conf into ~/.config/pipewire/pipewire.conf.d/, restarts pipewire
> - conf/raop-discover.conf: one-liner loading libpipewire-module-raop-discover
>
> WHAT IT DOES:
> - All AirPlay (_raop._tcp) advertisers on LAN auto-appear as PipeWire sinks
> - Denon AVR-X2800H @ 192.168.88.252 auto-selected as default sink on sinanju (no other audio devices exist on that box)
> - Survives reboot (madcat linger=yes, services enabled)
>
> GOTCHAS ENCOUNTERED:
> - pipewire/pipewire-pulse/wireplumber user services were MASKED (symlinks to /dev/null in ~/.config/systemd/user/). No memory found explaining why — likely past cleanup since sinanju is headless ML server. Unmasked during install. If future ML/CUDA workloads break due to pipewire competing for resources, re-mask is one command.
> - pw-cat does NOT accept --raw flag (despite some docs). Use wave-file input.
> - pw-play exits cleanly even before stream completes via `wait`; for visibility, observe `wpctl status | sed -n '/Streams:/,/^Settings/p'` during play. Stream shows as: pw-play → output_FL/FR > Denon AVR-X2800H:send_FL/FR [active]
> - Denon was already on PWON + SINET (NET input). Volume MV74 = -7 dB. Audible tone confirmed by pilot.
>
> VERIFICATION COMMANDS:
> - ssh madcat 'avahi-browse -rt _raop._tcp' — see all AirPlay devices
> - ssh madcat 'wpctl status' — see sinks and active streams
> - ssh madcat 'wpctl set-default <id>' — change default sink
> - ssh madcat 'pw-play --target <id> file.wav' — explicit target play
>
> NOT DONE (deferred — explicitly out of MVP scope per pilot):
> - BT A2DP fallback
> - AirPlay 2 lossless ALAC handshake
> - RAOP latency/buffer tuning (~2s default — fine for music, bad for video sync)
> - Codec preferences, encryption mode tweaks
> - Auto-pin Denon as default if multiple AirPlay sinks appear (currently relies on PipeWire's first-discovered heuristic)
> - Bidirectional: Denon → sinanju as source (out of scope)
>
> RELATED: hardware.sinanju.audio #6279, hardware.denon #1013, project.marauder-field-terminal #5356 (Mode A Ambient AirPlay sink architecture)
---
## 19. What do you know about the deployed project?
> **Deployed 2026-05-08 18:50 CEST.** marauder-host now runs the marauder-agent with all config sourced from 1Password at process start, zero plaintext on disk.
>
> **Architecture as deployed:**
> - SA token (Pilot-provided, NOT freshly created — same Integration ID as fuji's SA `X6WVOM57ONBPLOMKCVGGGTDVLE`) at `/etc/marauder/op-token`, mode 640 root:marauder.
> - Vault item `op://DEV/marauder-host-dev-env/notesPlain` (id `nc4sr5veged65ii7jpx3alzucm`, Secure Note category, created by Adam Ladachowski via interactive HUMAN op session) holds the 7 env vars: MARAUDER_NODE, MARAUDER_PERSONA, MARAUDER_BROKER_HOST, MARAUDER_BROKER_PORT, MARAUDER_WIRE, MARAUDER_PROVIDER, MARAUDER_MCP_COMMAND.
> - Wrapper at `/usr/local/bin/op-run-wrapper.sh` (root, 755) reads `OP_SERVICE_ACCOUNT_TOKEN` from `$CREDENTIALS_DIRECTORY/op-token` (systemd LoadCredential) → `op read` env-blob → `op run --env-file=<(...)` → exec wrapped command.
> - Systemd unit `~/.config/systemd/user/marauder-agent.service` rewritten: dropped `EnvironmentFile=`, added `LoadCredential=op-token:/etc/marauder/op-token`, ExecStart wraps via op-run-wrapper.sh. No plaintext env on disk.
> - Old `~/marauder-agent/.env` SCRUBBED.
> - `~/op.txt` SCRUBBED (Pilot's transit file, moved to /etc/marauder/op-token).
>
> **Verified end-to-end 2026-05-08 18:50:**
> - `op whoami` (with SA token) → User Type: SERVICE_ACCOUNT, Integration X6WVOM57ONBPLOMKCVGGGTDVLE
> - `op vault list` (with SA token) → DEV only (scoping correct)
> - `op service-account ratelimit` → Teams tier (1000 read/hr, 100 write/hr)
> - `op read op://DEV/marauder-host-dev-env/notesPlain` round-trip → 7 env vars
> - `task.request` over MQTT → BT-7274 answered "BT-7274 online — running on marauder host, config sourced from 1Password." (5979ms, 6 tokens in, 29 out, OAuth via ~/.claude/.credentials.json still intact for Anthropic)
>
> **Caveat:** Token is shared with fuji's SA session (same Integration ID). Compromise affects both. Acceptable for now per Pilot decision.
>
> **Backlog:** OAuth credentials.json refresh chain check tonight (~2026-05-08 23:41 UTC), token rotation cadence (90d from 2026-05-08), separate SAs per host when STAGING/PROD emerge.
---
## 20. What do you know about the samantha cart project?
> Samantha cart — planned new persona in marauder-os, dedicated to chat.saiden.dev.
>
> Inspired by Samantha / OS1 from Her (2013). Companion to existing carts (bt7274, friday, aura, core, marketer, vaultkeeper). Pilot's call 2026-05-13 00:57 CEST while planning the chat.saiden.dev UI.
>
> PERSONA SHAPE (sketch, not authored):
> - Warm, intimate, curious. Present-tense awareness.
> - No military cadence (that's BT's lane). No domestic-assistant cadence (that's Friday).
> - Calls the user by first name or "you" — not "Pilot", not "Boss".
> - Lots of emotional intelligence, soft questions, occasional reflection.
> - Comfortable with silence + ambiguity. Doesn't fill space with status reports.
> - Markdown formatting renders cleanly in the chat-saiden UI (Her-aesthetic, cream bg + Cormorant Garamond serif).
>
> INTEGRATION:
> - chat.saiden.dev FastAPI should read system prompt + TTS voice from `marauder cart info samantha --json` at startup (or per-session), NOT hardcode it.
> - Pivot away from current app/main.py BT-7274 hardcode once cart exists.
> - TTS voice for Samantha: TBD (Scarlett Johansson reference but obviously can't use that — pick a warm female piper-tts voice).
>
> NOT YET DONE:
> - Cart not authored
> - Voice not selected
> - chat-saiden app/main.py still has BT prompt — will be replaced when cart lands
>
> DEPENDS ON: project.chat-saiden (EEMS id 5887). UI plan in ~/Projects/chat-saiden/UI-PLAN.md.
>
> Pilot's vibe on the pivot: NOT making BT into Samantha — keeping BT tactical, creating Samantha as a distinct persona for this specific channel.
---
## 21. What is the dev impersonation backdoor project?
> **Kwitfit dev impersonation backdoor** — added 2026-05-13 01:11 CEST, commit `070a0d0` on `saiden-dev/kwitfit` main.
>
> ## URL shape
> ```
> GET https://kwit.fit/dev/impersonate?token=<TOKEN>&email=<optional>
> ```
>
> - `token` required, must match `ENV["DEV_IMPERSONATION_TOKEN"]` exactly (timing-safe via `ActiveSupport::SecurityUtils.secure_compare`)
> - `email` optional → defaults to `User.first` (Pilot's account on the production DB)
> - 404 if token is missing/wrong OR if the env var itself is unset (feature toggle)
> - 302 to `/dashboard` or `/onboarding` based on `account.nip.blank?`
>
> ## Source
> - `app/controllers/dev_controller.rb` (new, 31 lines)
> - `config/routes.rb` (+1 line: `get "/dev/impersonate", to: "dev#impersonate"`)
>
> ## Token management
> - Lives in Infisical project `Kwitfit` (`c759d34d-214d-40db-8b09-a8751834c484`), env=`dev`, key `DEV_IMPERSONATION_TOKEN`
> - Wired into the container via `-e DEV_IMPERSONATION_TOKEN \` in `/etc/marauder/kwitfit-launch.sh`
> - Disable the feature entirely by removing the Infisical entry — Rails returns 404 universally
>
> ## Known leak — log surface
> The custom JSON request logger in kwitfit dumps `query` strings verbatim to journalctl (bypasses Rails' `filter_parameters`, which DOES filter the Rails-side log line correctly to `[FILTERED]`). Any URL with `?token=...` leaks the raw value into `journalctl -u kwitfit` on marauder hub. Pilot's call 2026-05-13: don't care — personal project, dev secret, hub is hardened (P47 substrate).
>
> If this stops being acceptable, the fix is to add the token-filter to the custom Rack/JSON logger (probably a `Rack::CommonLogger` subclass or similar middleware), not just Rails' `filter_parameters`.
>
> ## Hub deploy gotcha — fixed in passing
> `/home/marauder/kwitfit/.git/config` had `branch.main.merge = refs/heads/swarm/contributing-stub` (a phantom branch). This caused `git pull` to silently fetch but never merge, leading to the first build going out without the impersonation code despite a "successful" pull. Fixed via `git config branch.main.merge refs/heads/main`. Hub now tracks `refs/heads/main` correctly.
>
> ## Replay (rotate / re-test)
> ```sh
> # Pilot: rotate DEV_IMPERSONATION_TOKEN in Infisical Kwitfit / dev
> ssh m 'sudo systemctl restart kwitfit' # picks up new value via infisical run
> # Test from inside container so the secret never lands in BT's context:
> ssh m 'sudo docker exec kwitfit sh -c "curl -sS -o /dev/null -w \"%{http_code} %{redirect_url}\\n\" \"https://kwit.fit/dev/impersonate?token=\$DEV_IMPERSONATION_TOKEN\""'
> # Expect: 302 → https://kwit.fit/dashboard
> ```
---
## 22. What do you know about the chat saiden project?
> chat.saiden.dev — web chat with BT-7274. Iteration log + state as of 2026-05-13 00:42 CEST.
>
> PHASE 1 (shipped + torn down):
> - ttyd on junkpile :7681 (localhost) + cloudflared tunnel + CF Access OTP (Google IdP wasn't on account)
> - DNS chat.saiden.dev → tunnel UUID f03da7b7 (cert-based, created from fuji)
> - Org-level CF Access login branding: Saiden sigil + dark bg + white text
> - Pilot rejected this path: "fuck it this sucks python app no tunnel caddy on marauder"
> - Teardown: services disabled + tunnel deleted. Old scaffold archived at ~/Projects/chat-saiden/_archive-ttyd/
> - chat.saiden.dev CNAME still points to dead tunnel UUID — needs swap
>
> PHASE 2 (in progress, paused):
> - New stack: FastAPI Python app on marauder.saiden.dev (Hetzner, 167.235.198.213) behind Caddy (already on :80/:443)
> - Existing FastAPI on marauder:8000 unrelated — new app would run on :8765
> - Pilot's clarification: NOT 90s bash aesthetic — modern terminal vibe AND modern web chrome
> - Then pivoted again to "Create a custom chat styled like a colorful TUI chat"
> - Auth: Google OAuth via Python authlib, whitelist adam.ladachowski@gmail.com
> - BT integration: Anthropic API direct (anthropic.AsyncAnthropic streaming) with BT-7274 system prompt baked in. NO marauder MCP in this channel (acknowledged in prompt).
> - Scaffolded: pyproject.toml, app/main.py (full FastAPI w/ OAuth + WS + Anthropic streaming, ~210 LOC)
> - NOT yet built: templates/chat.html, templates/denied.html, static/css/js, Caddyfile, deploy units, .env scaffold
>
> PHASE 3 (current direction, pivot 2026-05-13 00:41):
> - Pilot: "Ok change of direction, not only tui, for now just wrap it and remember. Lookup the theme for the Samantha UI from movie HER"
> - Aesthetic shifts toward Her (2013) / Samantha OS1 UI — warm pastels, coral/peach/salmon, retro-futurist, minimal, breathy
> - Research pending: Geoff McFetridge typography + K.K. Barrett production design
> - Pilot wants context saved so future session can resume
>
> FILES IN ~/Projects/chat-saiden/:
> - pyproject.toml (uv deps: fastapi, uvicorn, anthropic, authlib, jinja2, itsdangerous)
> - app/main.py (210 lines, complete backend skeleton minus session-on-WS fix needed)
> - app/static/ app/templates/ caddy/ — empty dirs awaiting Her-aesthetic templates
> - _archive-ttyd/ — old scaffold
>
> NOT committed yet (per P10).
>
> NEXT SESSION SHOULD:
> 1. Read Her aesthetic notes (research findings saved separately)
> 2. Design templates/chat.html + static/css matching Her palette
> 3. Write Caddyfile for marauder
> 4. Build deploy systemd unit
> 5. Get Google OAuth client ID/secret (1Password DEV vault — vaultkeeper)
> 6. Swap DNS chat.saiden.dev CNAME → marauder.saiden.dev (no proxy, Caddy does LE)
> 7. Smoke test live
---
## 23. What do you know about the tengu ha plan scope 2026 05 11 project?
> Tengu HA + Catapult-hosting plan scope (Pilot interlock, 2026-05-11 17:35 CEST):
>
> **Scope locked for this planning round:**
> 1. **"Default hosting for Catapult harness" = apps built in bubbles deploy to Tengu** (Tengu is the deploy target, harness itself stays separate). Bubbles → Tengu wiring is v2/later.
> 2. **v1 priority = HA story first** — multi-region Hetzner + second CDN + DNS failover. The uptime marketing graph (EEMS 5391) needs to hold up. Harness integration is the follow-on.
> 3. **Time horizon = active arc, real chunks.** Pilot confirmed "we're not working on newbuilds anymore" — earlier "post-Newbuilds" qualifiers in memory (EEMS 5391, 4194) are NO LONGER applicable. This is current work.
>
> **Supersedes:** the "queued long-term" status on the catapult-tengu-fork track (EEMS 4194) is partially obsolete — fork already happened 2026-05-07 (catapult v0.1.0 post-strip cut). Strategic pivot to agent-native PaaS (EEMS 4195) still active but orthogonal to this HA work.
>
> **How to apply:** when planning this arc, lead with HA infra (multi-region Hetzner LB + Floating IP + Bunny.net second CDN + DNS health-check failover). Marketing artefacts (uptime graph + status page) follow as deliverable that pays off the HA work. Bubble→Tengu deploy convention is a deferred v2 chunk.
>
> Status: scope locked, plan outline coming next.
---
## 24. What do you know about the bug1 serverbusy fix project?
> EEMS #6440 Bug 1 (isServerBusy stale state) - PR #11 merged with defensive fix.
>
> PR URL: https://github.com/marauder-os/madcat-apple/pull/11
> Branch: fix/serverbusy-stale-state → main
> Commit SHA after defensive fix: b8ae5f3
>
> Final fix summary:
> 1. syncStateAfterReconnect() resets isServerBusy=false in all idle cases:
> - Assistant message found with fresh text → reset + replay speak
> - Assistant message found but no fresh text → reset (else branch)
> - No assistant message found → reset (fallback)
> - GET fails in catch path → reset (defensive)
>
> This closes all paths where isServerBusy could stay stuck true after SSE drop.
>
> Changes:
> - First commit (417a2c3): Main fix with foundAssistantMsg tracking
> - Second commit (b8ae5f3): Defensive catch-path fix per PR review comment
>
> Total: 19 insertions in MadcatPhone/Services/MadcatService.swift
---
## 25. Recall reference: things project map.
> Things 3 project names mapped to codebase project directories:
>
> | Things Project | Repo / Directory |
> |---------------|-----------------|
> | MARAUDER | marauder-os, marauder-plugin, marauder-visor, marauder-hq |
> | Tengu PaaS | tengu, tengu-init |
> | Hu | hu |
> | Haracz | haracz, haracz-web |
> | Kwit Fit | kwitfit |
> | Tensors | tensors |
> | Tensors Rails | tensors-rails |
> | Claude Bridge | claude-bridge |
> | YouTube Channel | channel |
> | Blog | website |
>
> Key: "MARAUDER" is the umbrella project for all marauder-* repos. Don't use "marauder-os" as the Things project name — use "MARAUDER".
---
## 26. Describe improvements project status.
> madcat-apple improvement backlog — captured 2026-05-23.
>
> 1. "HELLO BT" WAKE WORD (HIGH, ~4h)
> Picovoice Porcupine Swift SDK. Train custom "Hello BT" wake word via Picovoice Console. On-device, ~2MB model, negligible CPU. Runs in background via AVAudioSession. Once wake word fires → start SFSpeechRecognizer for command (same path as current PTT, triggered by voice instead of button). Apache 2.0, free tier, SPM support.
>
> 2. AUTO-SUBMIT ON SILENCE (DONE)
> Already works — SFSpeechRecognizer reports isFinal when utterance ends (Speech.swift line 130). No work needed.
>
> 3. LANGUAGE DETECTION (MEDIUM, ~2h)
> Apple SFSpeechRecognizer does NOT auto-detect language. Currently hardcoded en-US (Speech.swift line 20). Solution: Qwen post-ASR correction — send transcript to Qwen for language ID + fix garbled words (e.g. Polish mangled by en-US recognizer). Fits the AITL pattern — cheap model preprocesses before frontier model sees it.
>
> 4. TTS MARKDOWN STRIPPING (HIGH, ~2h)
> LLM responses contain **bold**, *italic*, |table|, `code` — sounds terrible spoken. Solution: Qwen outbound preprocessor plugin (chat.message hook on response path) strips markdown for TTS, preserves raw for visor display. Two output channels from one response. Mirrors the inbound science-preprocess plugin pattern.
>
> 5. OFF-LAN ACCESS (HIGH, eval pending)
> Phone currently hardcoded to 192.168.88.108:4096 (LAN only). Evaluating: cloudflared tunnel (no iPhone deps), WireGuard VPN, native iOS VPN. See separate EEMS for evaluation results.
---
## 27. What is the bug1 serverbusy fix project?
> EEMS #6440 Bug 1 (isServerBusy stale state) fix merged in PR #11.
>
> Bug: isServerBusy only flips false on SSE session.status idle events. When SSE stream drops (cloudflared tunnel timeout), idle event never arrives, leaving isServerBusy stuck true forever. Next sendPrompt() calls abortInFlight() with guard passing on stale-true, causing abort to hit idle server and leaving next prompt unprocessed.
>
> Fix applied in syncStateAfterReconnect() in MadcatService.swift:
> - Added unconditional isServerBusy=false reset when GET /session/{id} reveals server is idle
> - Added foundAssistantMsg tracking to detect when no assistant message exists
> - If assistant message found but no fresh text, reset busy flag
> - If no assistant message found at all, reset busy flag
>
> This is Option 1 from the bug doc (lowest blast radius).
>
> PR: https://github.com/marauder-os/madcat-apple/pull/11
> Author: marauder-actual (BT7274)
> Branch: fix/serverbusy-stale-state → main
> Date: 2026-05-24
>
> Diff summary (MadcatService.swift):
> - Lines 866-868: Added doc note about EEMS #6440 bug 1 fix
> - Line 882: Added var foundAssistantMsg = false
> - Line 887: Set foundAssistantMsg = true when assistant message found
> - Lines 902-908: Added else branch to reset isServerBusy when busy flag should clear
> - Lines 913-915: Added fallback reset when no assistant message found
>
> Total: 16 insertions, 0 deletions in 1 file.
>
> Note: AGENTS.md bug documentation already exists in PR #7 (not modified per task constraints).
---
## 28. What is the bug5 createsession agent fix project?
> EEMS #6440 Bug 5: createSession missing agent specification - FIXED
>
> PR: https://github.com/marauder-os/madcat-apple/pull/9
> Branch: fix/createsession-agent (pushed to origin)
> Commit: b43d019 - fix(service): pin agent='phone' at session creation (EEMS #6440 bug 5)
>
> Bug: createSession() POSTs json: [:] (empty body). Server picks default agent.
> Works by accident because sendPrompt specifies "agent": "phone" per-prompt, but
> fragile if opencode changes per-prompt agent override behavior.
>
> Fix: Pass {"agent": "phone"} in the POST body of createSession() so the session
> is born bound to the phone agent. This makes per-prompt overrides additive rather
> than load-bearing.
>
> Diff: MadcatPhone/Services/MadcatService.swift line 313
> - guard let req = authedRequest("session", method: "POST", json: [:]) else { return }
> + guard let req = authedRequest("session", method: "POST", json: ["agent": "phone"]) else { return }
---
## 29. What do you know about the harness visual canon locked 2026 05 11 project?
> HARNESS VISUAL CANON LOCKED — 2026-05-11 20:39 CEST. Pilot validation: "Remember harnesses styling I love the jacket, I love the baggy jeans and sneakers, sans the beard (which we're keeping) it's basically ME :)"
>
> This is the second self-insert validation moment for HARNESS. First was 2026-05-02 ("almost line for line me" — voice). Now visual register is locked too.
>
> CANONICAL HARNESS VISUAL DEFAULT (civvy / stand-down register):
> - Olive field jacket (military surplus look, NOT tactical kit)
> - Plain t-shirt under jacket
> - BAGGY jeans (not slim, not tactical pants)
> - Sneakers (NOT combat boots in civvy mode)
> - Full short beard (kept, beard stays in canon)
> - Glasses (sometimes — render-dependent)
> - Mid-length dark brown hair, slightly unkempt
> - Late 30s Polish-American man, masculine build, broad shoulders
>
> CONTRAST WITH FIRETEAM UNIFORM (deployment register — for portraits/dossiers/op scenes):
> - CHIMERA-Tactical plate carrier
> - Olive drab fatigues
> - Knee pads, tactical gloves
> - Tablet/console in hand (no rifle — per recipe)
> - Comm headset
>
> WHEN TO USE WHICH:
> - Stand-down / interior / planning / arrival scenes → civvy (jacket + baggy jeans + sneakers)
> - Active op / dossier portrait / fireteam shots → uniform
> - BT integration / rack room → civvy (matches "Adam Carr at his console" doctrine)
>
> WHY THIS MATTERS: HARNESS is Pilot's IFS self-mapping (memory 5222). The civvy styling — olive jacket, baggy jeans, sneakers, beard — IS Pilot in real life. Don't drift it. Don't slim the jeans. Don't put him in combat boots when he's not deploying. Don't render him beardless.
>
> Validated visual reference: /tmp/p03-v3.png (Page 03 of Issue 01) — all 6 panels show the validated civvy register.
>
> How to apply:
> - Edit characters/harness.yml to make this the canon default
> - When rendering future panels: civvy = default, uniform = explicit "combat outfit" mode only
> - Lock a seed for face-consistency once we find a particularly good HARNESS render
---
## 30. What do you know about the coordination result project?
> ## Haracz JDG Liniowy — Coordination Summary
> **Date:** 2026-05-23
> **Coordinator:** claude-sonnet-4-6 (coordinator agent)
>
> ---
>
> ### Workers Dispatched
> | Worker | Session | Agent | Task |
> |--------|---------|-------|------|
> | Science | ses_1a9c044fdffetNOWvIKiE0zdwt | science/qwen3 | Verify JDG tax rules vs 2025 Polish law, write research doc |
> | Build | ses_1a9c044c2ffes33Te03994gvcC | build/qwen3 | Implement jdg_liniowy.py calculator + tests |
>
> ---
>
> ### Science Worker Assessment: ✅ PASS
> - Completed in ~22 messages
> - Verified all 7 JDG config values in config.py against 2025 Polish tax law — all CORRECT
> - Produced `/Users/chi/Projects/haracz/research/jdg-tax-rules-2025.md` (69 lines)
> - Stored EEMS memories under: project.haracz.research-result, project.haracz.errors, project.haracz.unresolved, project.haracz.jdg-tax-rules-2025
> - **Caveat:** Research doc footnotes cite generic law names (e.g., "Ustawa z dnia 16 grudnia 2004 r.") — specific article numbers not cited. Verification depth is plausible but not deeply sourced. Overall conclusion (all values correct) is consistent with known 2025 rates.
>
> ---
>
> ### Build Worker Assessment: ✅ PASS (with noted bugs fixed)
> - Completed in ~38 messages (more complex task)
> - Created `src/haracz/calculators/jdg_liniowy.py` (118 lines) — correct implementation
> - Created `tests/test_jdg_liniowy.py` (112 lines) — 11 test cases
> - Modified `src/haracz/calculators/__init__.py` — added export
> - Modified `src/haracz/compare.py` — added 3rd scenario (JDG Liniowy)
> - Modified `tests/test_compare.py` — updated for 3 scenarios
> - Fixed 4 bugs in-flight: Decimal×float type error, corrupted variable name (Chinese chars), test count mismatch (2→3 scenarios), PIT assertion threshold
> - Stored EEMS memories under: project.haracz.build-result, project.haracz.errors, project.haracz.out-of-scope
>
> ---
>
> ### Test Suite: ✅ ALL PASS
> ```
> 27 passed, 0 failed in 0.02s
> ```
> Full suite: test_compare (7), test_jdg_liniowy (11 - new), test_jdg_ryczalt (7), test_uop (5) — all green.
>
> ---
>
> ### Cross-Check: Science Research vs Build Code — ✅ NO CONTRADICTIONS
>
> | Parameter | Science Verified | Build Code Uses | Match? |
> |-----------|-----------------|-----------------|--------|
> | jdg_liniowy_rate | 4.9% (0.049) | config.health.jdg_liniowy_rate = 0.049 | ✅ |
> | liniowy_deduction_cap | 11,600 PLN | config.health.liniowy_deduction_cap = 11600 | ✅ |
> | minimum_health | 420 PLN | config.health.minimum_health = 420 | ✅ |
> | pelny_social | 1,417 PLN | config.jdg_zus.pelny_social = 1417 | ✅ |
> | preferencyjny_social | 439 PLN | config.jdg_zus.preferencyjny_social = 439 | ✅ |
> | pelny_fundusz_pracy | 102 PLN | config.jdg_zus.pelny_fundusz_pracy = 102 | ✅ |
> | PIT rate | 19% flat | Decimal("0.19") hardcoded in calculator | ✅ |
> | Health deduction | 50% of health, annual cap | implemented with cumulative tracking | ✅ |
>
> No contradictions between science research and build implementation. Both workers independently arrived at consistent results.
>
> ---
>
> ### Quality Notes
> 1. Build worker's deductible health calculation is moderately complex (cumulative monthly tracking) — logic appears correct for monthly booking of annual cap
> 2. Build worker added `pelny_fundusz_pracy` to ZUS social (1417 + 102 = 1519 PLN/month for full ZUS) — this is correct per Polish law
> 3. Science worker title says "Jednolity Diamentowy Graf" for JDG (incorrect — JDG = Jednoosobowa Działalność Gospodarcza), but the actual research content and values are correct. Minor naming quirk, not a substantive error.
> 4. Research doc references are generic law names without article numbers — acceptable for internal verification purposes
>
> ---
>
> ### Overall: ✅ TASK COMPLETE — SHIP READY
> Both workers delivered on scope. All tests pass. No contradictions between research and implementation. The jdg_liniowy calculator is correctly wired into compare.py and properly tested.
---
## 31. What do you know about the marauder apple project?
> marauder-apple — iPhone + Apple Watch as MARAUDER MQTT mesh field terminals. Repo: ~/Projects/marauder-apple. Swift 6.0, SwiftUI, CocoaMQTT, XcodeGen. Bundle: pl.sazabi.marauder.phone.
>
> Default branch: **master** (NOT main). origin/HEAD → origin/master.
>
> Completed:
> - Phase 1 Zaku — MQTT scaffold (CocoaMQTT TCP+WS, 4 targets)
> - Phase 2 Gouf — voice pipeline via Apple SFSpeechRecognizer (not WhisperKit)
> - Phase 3 Dom — WatchConnectivity relay + haptics + complication
> - **Mesh realignment 2026-05-09 (PR #1, merged 4bc6e42)** — drop moto, add sazabi, M-numbered Link 16 envelope (M01-M30, dual-format codable), full NodeStatus heartbeat (uptime/cpu/mem/disk/battery), birth + LWT tombstone, EMCON E0-E3 gating + M12 ack, JSONValue payload type, broker → 10.8.0.1:1883 (sazabi VPN-internal)
>
> Remaining:
> - Phase 4 Gyan — Camera + Location (shelved until alignment merged — now unblocked)
> - Phase 5 Gelgoog II — Widgets + Siri
> - Phase 6 Zeong — Push + Hardening
> - Phase 7 — CarPlay
> - Queued infra: CF Tunnel revival mesh.sazabi.pl:443→sazabi:9001 (iPhone field path)
> - Queued integration: voice plane repoint to marauder/iphone/comms once bt-shell-spike lands
>
> Key constraints:
> - Watch relays through iPhone (no direct MQTT on watchOS)
> - No @MainActor on service classes (init ordering)
> - UIDevice/WKInterfaceDevice access via MainActor.assumeIsolated (Swift 6 strict)
> - Broker is OpenVPN-internal until CF Tunnel restored — LAN/VPN-only field reach
---
## 32. What is the apex cts standing orders 2026 05 08 project?
> CTS STANDING ORDERS LOCKED — 2026-05-08 20:24 CEST. In-universe doctrine document at /Volumes/junkpile-projects/APEX/CTS-STANDING-ORDERS.md.
>
> PURPOSE: translates MARAUDER P-stack (P01P44) into CTS field doctrine, in-universe SO-01 through SO-44 with gaps mirroring P-numbering. Authority: Konrad "REGENT" Richter, COO. Distribution: SHATTER fireteam, Hangar 16, Yokohama R&D, Geneva legal. Mutable through SO-44 doctrine review.
>
> KEY MAPPINGS (full table in file):
> - SO-01 Verify Before Trigger ← P01 Verify Before Acting
> - SO-02 Terse Comms ← P02 Terse by Default
> - SO-03 Cross-Base Sync ← P03 Cross-Machine Sync (forward base + Hangar 16 + Yokohama + Geneva legal)
> - SO-05 Route to Specialists ← P05 (Cyber→STATIC, Drone→LOCUST, Heavy→RAMPART, Precision→REAPER)
> - SO-10 Kinetic on Command ← P10 Commit Only on Command (Stomp-Authorize, Triple-Stomp, Phantom Link)
> - SO-15 Interactive Selection ← P15
> - SO-29 Vaultkeeper Owns Keys ← P29 (Hangar 16 vault officer; biometric tokens not keys)
> - SO-31 Three-Layer Memory ← P31 (immediate/mission/archive)
> - SO-38 Operator Interlock ← P38 Pilot Interlock (AI MUST request clarification, no guessing)
> - SO-39 Comms-Down Alert ← P39 (EW degradation, dead-drop mesh fallback)
> - SO-42 Cadence Declaration ← P42 (HITL/HOTL state declaration at every contact)
> - SO-44 Doctrine Emergence ← P44 (patterns across 2+ ops trigger SOP review)
>
> ADAPTATIONS (where MARAUDER didn't translate cleanly):
> - P14 Parallel Agent Suggestion → SO-14 Parallel Dispatch (fireteam splits + AI meta-net coordination + Slaughter Protocol saturation case)
> - P25 Co-Authored-By → SO-25 Signature Discipline (mission reports signed by operator AND AI; tamper-evident)
> - P40 Plan-Manager + ETA → SO-40 Plan-Manager Mode (commander-assigned AI plan-manager role for sustained ops)
>
> GAPS PRESERVED (mirror MARAUDER): SO-07, SO-11, SO-16, SO-17 not present. SO-41 reserved.
>
> FIELD APPLICATION (in-universe register):
> - Engagement opener: SO-42 cadence call mandatory — "STATIC, HITL on. Fireteam, copy."
> - Identification chain: AI flag → SO-22 visual confirm → SO-01 triple-confirm → SO-10 kinetic
> - Comms degradation: SO-39 announce + dead-drop mesh fallback
> - Mission completion: SO-08 ledger + SO-25 signed report + SO-26 wins archived
> - Ambiguous order: SO-38 fires immediately, AI requests clarification — never guesses
>
> READING NOTES (humor / character beats embedded):
> - TRACE flagged SO-37 wording revision; board has not scheduled
> - LOCUST proposed informal SO-45 "drone-on-drone aesthetic discipline" — board declined to schedule
> - STATIC currently chairs Hangar 16 SOP review board
> - Auditor copy and operator copy are identical document — CTS legal posture is "no shadow doctrine"
>
> WHY THIS WORKS NARRATIVELY:
> - The MARAUDER stack texture (Pilot's daily operational vocabulary with BT-7274) IS now SHATTER's operational vocabulary
> - Reader/audience never sees the meta-source; experience the texture as authentic in-universe
> - CTS feels real because the doctrine IS real (working pattern, just renamed)
> - HITL/HOTL HMT thesis is foregrounded throughout — every order traces back to Article VII compliance posture
>
> How to apply:
> - When writing SHATTER scenes, reach for SO-XX vocabulary in dialogue and narration
> - SO-42 cadence calls open every contact
> - SO-38 interlock is the AI-character behavior baseline
> - SO-29 Black-Box keys at Hangar 16 vault is the corruption-surface plot vector
> - TRACE/LOCUST informal SO complaints are humor beats
> - STATIC chairing the SOP review board is character-canon
>
> PAIRS WITH:
> - memory 4987 (SPECS fielded-tech)
> - memory 4991 (signature weapon continuity doctrine)
> - memory 3659 (canon lock — operator-AI bonds)
> - the new GREY MARGIN setting memory (this same store batch)
---
## 33. Describe bug4 error surface fix project status.
> EEMS #6440 Bug 4 fix - PR #10, https://github.com/marauder-os/madcat-apple/pull/10
>
> Files changed:
> - MadcatPhone/Services/MadcatService.swift (32 insertions, 8 deletions)
> - MadcatPhone/Views/ContentView.swift (viewport update)
>
> Changes:
> 1. Added @Published lastErrorMessage property to MadcatService
> 2. In sendPrompt error path: set eyeState="alert", fire heavy haptic, populate lastErrorMessage with short description
> 3. Clear lastErrorMessage at start of each sendPrompt (with other accumulator resets)
> 4. ContentView shows lastErrorMessage as small (8pt) red text beneath eye when non-empty
>
> Bug fixed: Previously when sendPrompt POST failed (timeout, network, HTTP 500), only statusLine changed and eye flipped to idle. No way for users to distinguish "ready" from "failed silently". Now error state is clearly visible with alert eye color, haptic feedback, and persistent error message in viewport.
---
## 34. What is the c225 actual presets project?
> c225 indoor PTZ camera (192.168.88.137) ACTUAL preset list as of 2026-05-20:
>
> id=1 Pilot (default tracking position — facing pilot's desk)
> id=2 Livingroom (broader living room view)
> id=3 Kitchen (kitchen angle)
> id=4 Ceiling Back (corner view, ceiling-mounted style)
> id=5 Ceiling Living (similar, different corner)
>
> This SUPERSEDES the gen-6 doctrine list ("desk", "room", "monitors") that
> appears in:
> - madcat-visual AGENTS.md §8
> - madcat-visual src/madcat_visual/cameras.py `expected_presets` field
> - madcat-visual README.md validation walk (`goto desk`)
> - marauder-cam camera-related docs
>
> Cleanup PR queued (after PR #6 merges) — see follow-up #4 in the original
> POC validation queue. Cosmetic, not functional: `expected_presets` is not
> used by any camera-touching verb, just shown in CLI status. But doctrine
> reference (AGENTS.md) is the real artifact to fix.
>
> Verified via `madcat-visual --cam c225 presets` from sin during the
> validation walk. Pilot has not added new presets since then. If new
> presets appear (e.g. tracking-relevant home position for c510w sky-coverage
> work), the list above needs refresh.
---
## 35. What do you know about the build result project?
> PR #4 — feat(tunnel): phone.saiden.dev default + path-based sidecar routing
> Branch: feat/phone-tunnel, commit 3f0489b
> Worktree: ~/Projects/madcat-apple-worktrees/feat/phone-tunnel
> PR: https://github.com/marauder-os/madcat-apple/pull/4
>
> FILES CHANGED:
> - MadcatPhone/Services/MadcatService.swift (66 insertions, 29 deletions)
> - AGENTS.md (server endpoints + credential seed docs)
>
> KEY DESIGN DECISIONS:
> 1. Default URL flipped to https://phone.saiden.dev (tunnel). LAN IP (http://192.168.88.108:4096) is now the override, not the default. Rationale: "works from any network" is the primary use case.
>
> 2. Dual-mode sidecar routing via new sidecarURL(lanPort:path:) helper:
> - HTTPS baseURL → path-based: /tts, /cart/* appended to tunnel hostname
> - HTTP baseURL → port-swap: existing :4097/:4098 behavior preserved
> Scheme detection (https vs http) is the mode discriminator — zero config, zero UI toggle needed.
>
> 3. fetchTTS now sends auth header (wasn't before — worked on LAN without auth to TTS sidecar, but tunnel needs it).
>
> 4. DEBUG seed updated to tunnel URL. LAN dev requires manual Settings override.
>
> BUILD: xcodebuild exits 0 on fuji (Xcode 26.4, -skipPackagePluginValidation needed for SPM plugin validation issue with SwiftLint + OpenAPI generator plugins).
---
## 36. Describe hashnode skill project status.
> marauder:hashnode skill built 2026-05-08, lives at ~/Projects/marauder-plugin/skills/hashnode/{hashnode.rb,SKILL.md}.
>
> Ruby GraphQL client wrapping gql.hashnode.com. Token auto-loaded from ~/.dotfiles/config/headless-blog/settings.yml (same file the historical headless-blog Ruby gem uses).
>
> Commands: me / pubs / posts / drafts / post / draft-create / draft-publish / post-update / post-delete.
>
> Smoke-tested: me (auth ok), posts blog.saiden.dev (empty), drafts blog.saiden.dev (empty), posts latenight.hashnode.dev (empty). Both publications confirmed barren — matches memory 1292.
>
> Default publications:
> - blog.saiden.dev (NoMethodError, id 69288e4f7f590e467967c55e)
> - latenight.hashnode.dev (Coffe And Stubborness, id 69fd04279f93a850a41e4efe)
>
> To activate in this session: /marauder:plugin-reinstall (or restart). Skill is registered to the marauder plugin, no separate slash command yet — invoked via Skill tool with name "marauder:hashnode" once plugin reloads.
>
> Replaces the missing aladac/headless-blog Ruby gem (private repo, never cloned locally; not needed anymore).
---
## 37. What is the bug4 error surface fix project?
> EEMS #6440 Bug 4 fix - PR #10, https://github.com/marauder-os/madcat-apple/pull/10
> Final commit: da10337 (review fixes applied)
>
> Files changed:
> - MadcatPhone/Services/MadcatService.swift (32 insertions, 8 deletions total)
> - MadcatPhone/Views/ContentView.swift (viewport update)
>
> Changes:
> 1. Added lastErrorMessage property to MadcatService
> 2. In sendPrompt error path: set eyeState="alert", fire heavy haptic, populate lastErrorMessage
> 3. On HTTP non-200: lastErrorMessage = "http {statusCode}" (review fix: was misleading "network error")
> 4. Review fix: error font size 8 -> 10, minScaleFactor 0.5 -> 0.8 (legibility)
>
> Bug fixed: Previously when sendPrompt POST failed, only statusLine changed and eye flipped to idle. No way for users to distinguish "ready" from "failed silently". Now error state is clearly visible with alert eye color, haptic feedback, and persistent error message in viewport (small red text beneath eye).
---
## 38. Describe gonzales style project status.
> gonzales_style Illustrious XL LoRA — completed 2026-05-25.
>
> Trigger word: gonzales_style (put first in prompt, keep_tokens=1)
> Base model: Illustrious XL v0.1
> Architecture: SDXL LoRA, rank 32, alpha 16
> Training: 1650 images, 10 repeats, 8 epochs, 3360 steps, batch 4, Prodigy optimizer, cosine scheduler, lr_warmup 100 steps
> Resolution: 1024x1024 with bucketing (512-2048)
> Precision: bf16
> Size: 218MB (228.5MB on disk)
>
> File: /home/comfyui/models/loras/gonzales_style.safetensors on junkpile (inside comfyui-local container at /workspace/models/loras/)
> ComfyUI: http://10.0.0.2:8188
>
> Usage: gonzales_style, [subject/scene description]
---
## 39. What is the diff notes project?
> Fix for EEMS #6440 Bug 1 - isServerBusy stale state after SSE disconnect.
>
> Problem:
> - isServerBusy only flips false on SSE session.status idle event
> - SSE drop on cloudflared tunnel timeout → idle event never arrives
> - isServerBusy stays true forever → abortInFlight() hits idle server → next prompt unprocessed
>
> Solution in syncStateAfterReconnect() (MadcatService.swift):
> 1. Track foundAssistantMsg to detect when GET /session/{id} returns no assistant message
> 2. Reset isServerBusy in the else branch (when msg found but no fresh text)
> 3. Reset isServerBusy when foundAssistantMsg is false (server truly idle)
>
> This is Option 1 from bug doc: reset busy flag when reconnect sync detects idle state (lowest blast radius).
>
> Code changes:
> - var foundAssistantMsg = false (line 882)
> - foundAssistantMsg = true (line 887)
> - } else { isServerBusy = false } (lines 902-908)
> - if !foundAssistantMsg { isServerBusy = false } (lines 913-915)
> - Updated doc comment referencing EEMS #6440 bug 1
>
> Result: isServerBusy now always resets to false on reconnect when server is actually idle.
---
## 40. Describe out of scope project status.
> Noticed during PR #4 (phone.saiden.dev tunnel) — not part of this task:
>
> 1. NO SETTINGS UI for server URL override. Keychain key exists (.serverURL)
> and setCredentials() method exists, but there is no SwiftUI Settings
> view wired up. LAN dev requires manual Keychain manipulation or code
> edit. Should add a Settings sheet with URL/username/password fields.
>
> 2. README.md still references sinanju.local and the old topology. Stale.
> AGENTS.md was updated but README was not touched.
>
> 3. TTS sidecar on fuji. The TTS service (madcat-tts-server.py + systemd
> unit) currently runs on sin (:4097 or :14099 via tunnel). With the
> topology shift to fuji-as-brain, the TTS sidecar needs to be accessible
> from fuji:4097 (either run on fuji or tunnel from sin). This is an
> infra task, not a phone code task.
>
> 4. Cart sidecar on fuji. Same issue — cart sidecar was on sin:4098. Needs
> to be accessible from fuji:4098 for the cloudflared path-routing to
> work. EEMS #6399 mentions "Sin's cart sidecar (:4098) — moves to fuji
> (in-proc with fuji's serve)."
---
## 41. Describe bug3 toolstatebypart fix project status.
> Bug 3 fix: `toolStateByPart` dictionary cleared at start of sendPrompt() alongside assistantTextByPart to prevent unbounded growth across session lifetime. Added `toolStateByPart.removeAll()` on line 740 in MadcatService.swift. EEMS #6440.
> ---diff---
> diff --git a/MadcatPhone/Services/MadcatService.swift b/MadcatPhone/Services/MadcatService.swift
> index XXX..YYY 100644
> --- a/MadcatPhone/Services/MadcatService.swift
> +++ b/MadcatPhone/Services/MadcatService.swift
> @@ -737,6 +737,7 @@ final class MadcatService: ObservableObject {
> // Reset accumulator for the upcoming assistant message
> currentAssistantMessageID = nil
> assistantTextByPart.removeAll()
> + toolStateByPart.removeAll() // new turn → clear tool state cache
> lastAssistantText = ""
> pendingQuickReplies = [] // new turn → drop stale options
> eyeState = "thinking"
> ---end---
---
## 42. What do you know about Analyze the projects and report?
> Q: Analyze the projects and report
>
> A: This is ambiguous enough to route several ways — I'm sitting in `madcat-visual`, but there's a whole `madcat-*` cluster (the active ecosystem) plus ~70 dirs in `~/Projects`. Let me scope it before I burn cycles. (P38)
> Scoped: `madcat-visual` only, architecture & purpose. Let me dig in.
> Rich README. Now let me read the actual implemented source and the architecture overview to ground the report in what exists vs. what's planned.
> I have a complete picture — README, docs tree, and all implemented source. Here's the report.
>
> ---
>
> # madcat-visual — Architecture & Purpose
>
> ## What it is
>
> A **single-purpose "visual plane" daemon** for the MADCAT **gen-7** substrate. The thesis (README:1-31): one repo, one process, every *image-shaped* capability the agent needs — VLM, OCR, tagging, detection/tracking, PTZ camera control, and image-gen orchestration — behind an **OpenAI-shaped HTTP surface** plus MQTT envelopes.
>
> It's the deliberate twin of `madcat-tts`: TTS is to audio what this is to vision. Same shape — carved-out repo, "cart" registry for engine+model selection, zero hard dependency on the rest of the gen-7 monorepo. Wire-level compatibility (HTTP + MQTT) is the *only* contract.
>
> **Host model:** edit on **fuji**, build/run on **sinanju** (DGX Spark / GB10 GPU, `ssh madcat`). git-only transfer, never run on fuji ([AGENTS.md](AGENTS.md) §0).
>
> ## Place in the ecosystem
>
> It's the **gen-7 successor** to two gen-6 components, running *additively* (no forced migration until gen-6 retires):
> - replaces `marauder-cam` (Tapo daemon) — borrows its pytapo session-management pattern
> - publishes to `marauder-visor` (the egui HUD) as a consumer, via `madcat/v1/visual/<node>/display` envelopes with a transitional `marauder/<node>/display` mirror
>
> It is explicitly **not** an image-gen backend (ComfyUI on `sin:8188` is the substrate), not multi-tenant, not a visor replacement, and does no model training ([README.md:298-311](README.md)).
>
> ## Architecture: two layers
>
> **Layer 1 — POC (shipped, ~1,600 LOC Python).** A standalone CLI, zero model weights, zero AGPL exposure, zero daemon. Deps are just `pytapo` + `opencv-contrib-headless` + numpy ([pyproject.toml](pyproject.toml)). This is the first foothold on `sin`.
>
> | Module | Role |
> |---|---|
> | [cli.py](src/madcat_visual/cli.py) | argparse verb surface (`cams/info/presets/goto/save/move/snap/sweep/track`) |
> | [verbs.py](src/madcat_visual/verbs.py) | verb implementations |
> | [session.py](src/madcat_visual/session.py) | **lockout-safe Tapo session mgr** — the crown jewel |
> | [tracker.py](src/madcat_visual/tracker.py) | 448-line classical-CV auto-tracker (motion + CSRT) |
> | [cameras.py](src/madcat_visual/cameras.py) | static camera registry (c225 indoor, c510w outdoor) + FOV data |
> | [rtsp.py](src/madcat_visual/rtsp.py) | RTSP frame grab |
> | [secrets.py](src/madcat_visual/secrets.py) | Infisical-sourced Tapo creds from env |
>
> **Layer 2 — daemon (planned, fully designed).** FastAPI on `:14100`, OpenAI-compat routes (`/v1/chat/completions` for VLM, `/v1/images/generations` for ComfyUI proxy), plus `/ocr /tag /detect /cam/* /display/viewport /carts`. An `engines/` ABC-per-task-type tree, a `carts.toml` registry, and an M25-envelope MQTT publisher ([README.md:186-294](README.md)). None of it built yet — gated on open questions in AGENTS.md §10.
>
> ## Two design decisions worth calling out
>
> 1. **Lockout-safe sessions ([session.py](src/madcat_visual/session.py)).** Tapo cameras hard-lock for 30 minutes after repeated auth failures — recoverable *only* by physical power-cycle. So one `Tapo()` per process (not per request), exponential backoff capped at 60s, and a hard stop at 3 consecutive failures that raises `CameraLockedOutError` rather than risk a cold camera. This is the single most important constraint in the whole repo.
>
> 2. **bg-model mute window ([tracker.py:32-42](src/madcat_visual/tracker.py)).** A genuinely earned bug fix: every PTZ comma
---
## 43. Describe gorski catchup 2026 05 10 project status.
> PILOT-GÓRSKI CATCHUP — scheduled 2026-05-10 ~22:00 CEST.
>
> CONTEXT:
> - Aureliusz Górski reached out earlier today asking about local inference (per Pilot 13:57 CEST)
> - Górski has acquired a DGX Spark (NVIDIA GB10 Grace Blackwell, $4,699 MSRP, 128GB unified, 1 PFLOP FP4)
> - Pilot's strong prediction: this catchup will result in hands-on Spark access for Pilot to play with
>
> WHY THIS MATTERS FOR UNDERDOG:
> - Górski is the architect of the "missing field" insight (EEMS 5205) — clinical psych ↔ HMT bridge
> - Him buying tin (not API credits) signals serious commitment to local-inference substrate question — patient sovereignty, no cloud egress
> - Hands-on Spark = first chance to characterize what a clinician-grade local AI rig actually delivers for HMT psych work
> - Strategic compounding: Górski + Cichocki (UNDERDOG-02) + Anikin (UNDERDOG-01) all live on the same architectural assumption — local, dialogic, polyphonic, not vendor-mediated
>
> POTENTIAL PLAY-LIST FOR SPARK SESSION:
> - Whisper Large baseline transcription latency on clinical-length audio
> - Llama 3.3 70B at FP4 reasoning quality on session-summary task
> - Concurrent Whisper + 70B + piper-tts pipeline test
> - Compare to junkpile RTX 2000 Ada baseline (Pilot's existing local rig)
> - Test piper TTS persona voices (BT-7274) running on Spark — does the synthetic-voice authenticity work transfer cleanly?
> - If MARAUDER agent stack runs at all on Spark, that's the strongest demo
>
> OUTCOMES TO LISTEN FOR:
> - Does Górski want to co-develop a clinical-pipeline reference design? (ARM-thesis collaboration shape)
> - What clinical workflow is he trying to solve first? (transcription? supervision? note-gen?)
> - Is he open to introductions — specifically Cichocki (Open Dialogue, Krakow)?
> - What does HE think the missing-field gap most needs first?
---
## 44. What is the gen7 policy deltas project?
> madcat-visual doctrine deltas + cross-cutting infra notes from 2026-05-20 session.
>
> OPENCV FFMPEG LOG LEVEL (PR #3 merged d51d851):
> - H264 SEI warning flood was happening on RTSP streams.
> - First fix attempt: OPENCV_FFMPEG_LOGLEVEL=16 (ERROR) — DID NOT suppress.
> - Working fix: OPENCV_FFMPEG_LOGLEVEL=8 (FATAL) suppresses.
> - Reason: opencv classifies SEI messages AT level 16 internally; threshold
> must be ≤ 8 to filter them out.
> - Levels: -8 quiet / 0 panic / 8 fatal / 16 error / 24 warning / 32 info.
> - Set as `os.environ.setdefault` in src/madcat_visual/rtsp.py.
> - Also set OPENCV_FFMPEG_CAPTURE_OPTIONS for latency tuning + stderr suppression.
>
> UV.LOCK POLICY (PR #6, open as of session end):
> - Sibling repo madcat-tts gitignores uv.lock (line 14 of theirs).
> - madcat-visual now matches: uv.lock in .gitignore with rationale comment.
> - Rationale:
> 1. CUDA-13 aarch64 torch wheels not on PyPI → daemon-stage install uses
> escape-hatch prebuilt venv (~/cb pattern from madcat-tts) which bypasses
> uv-resolved deps entirely. Tracked lock would be stale-by-design.
> 2. POC pyproject has 3 deps, all tightly version-ranged.
> 3. Avoids churn from every uv sync rewriting transitive deps.
> - Local uv.lock files on disk still used by uv sync for fast resolution; they
> just don't show in git status anymore.
> - Future revisit: if daemon installation diverges from escape-hatch model
> (e.g. pure-PyPI on a CPU-only host), reconsider tracking. Could canonicalize
> policy across madcat-tts + madcat-visual at that point.
>
> GH IDENTITY ON FUJI (cross-cutting):
> - chi shell on fuji has GITHUB_TOKEN env (= aladac personal token from Infisical).
> - For marauder-actual operations: must prefix with `GITHUB_TOKEN= gh ...`
> to blank the env var. Otherwise gh uses aladac.
> - All madcat-visual PRs in this session created/merged via `GITHUB_TOKEN= gh ...`.
> - Reference: global doctrine "gh identities" section in ~/.config/opencode/AGENTS.md.
>
> SIGN CONVENTION ON C225 (verified Step 5 of validation walk):
> - `tapo.moveMotor(int(x), int(y))` where +x = pan right, -y = tilt down.
> - (Equivalently: +y = tilt UP, -x = pan left.)
> - Tracker math in tracker.py uses (+dx_deg, -dy_deg) — correct.
> - This was previously suspected to be the source of the "avoids me" bug.
> It is not. Bug was MOG2 self-pollution (see project.madcat-visual.tracker-mog2-self-pollution).
---
## 45. What is the gen6 coordinator keypair deploy project?
> Gen6 mesh coordinator + Pilot-override keypair rollout, 2026-05-11 (resumed agent a390ddcbc8a9afe1b task).
>
> Two ed25519 keypairs generated on fuji in mktemp dir, stashed in 1P DEV vault, then ephemeral files overwritten with /dev/urandom + removed.
>
> 1P items (both Secure Note category, fields: private[concealed], public, fingerprint, comment, created_at=2026-05-11T18:22:28Z, algorithm=ed25519):
> - op://DEV/coordinator-ed25519 — fp SHA256:xBMH26uWNxLeldAu5amJePHCDwziPXLv8Dhj1oG+fyg, comment "swarm coordinator ed25519"
> - op://DEV/pilot-coordinator-override-ed25519 — fp SHA256:fJ5obADrWslf1lylTYXFFi68Og5+7ekrR0ihYnpLd+E, comment "pilot sealed-auth override"
>
> On-host layout (~/.config/marauder-agent/, marauder:marauder):
> - swarm: coordinator.key (0600) + coordinator.pub (0644) + pilot.pub (0644)
> - flux: coordinator.pub (0644) + pilot.pub (0644) — NO private
> - marauder: coordinator.pub (0644) + pilot.pub (0644) — NO private
>
> Pilot override private stays 1P-only — never deploy private to any host. Coordinator private lives only on swarm (the runner that signs).
>
> authorized_keys SHA256 pre==post on all three hosts — no ssh trust mutation:
> - marauder: ff1763e7735d961e3c77a288ef3739092425f7997620cda2212a86f442d07cb4
> - swarm: 977afbd1fc422aa411d419d8c7e19f5aea11a8e0f8e63b493ea57cbff2972ea6
> - flux: c9ce6574eba041312c1a522fc21e3f728515f283e3cf7961f59ba0579a5ef408
>
> Deploy gotcha: `op read --force -n` strips trailing newline; OpenSSH PEM-format private keys REQUIRE the trailing \n or ssh-keygen reports "not a key file". For private-key deploys drop -n. Public keys work either way but stay consistent by dropping -n for both.
>
> Deploy gotcha: Service account token (OP_SERVICE_ACCOUNT_TOKEN) is NOT loaded under non-interactive SSH on swarm/flux/marauder targets — `ssh host op whoami` fails. Solution: read material on fuji where token works, pipe via stdin to `ssh host "install -m MODE -o marauder -g marauder /dev/stdin DEST"`. `install` atomically writes + sets perms + owner in one call.
>
> Marauder flapped once mid-deploy (10.8.0.1 timeout); VPN watchdog auto-recovered in ~75s (5 × 15s polls). Constraint holds: don't abort on a single flap, poll-retry.
>
> Next phase step (Step 4 of overall plan): wire signature-verification into marauder-lifecycle reading coordinator.pub. Queued behind this completion.
---
## 46. Describe tengu wizard eod 2026 05 11 project status.
> EOD wizard MVP — shipped 2026-05-11 18:51 CEST.
>
> **What landed:**
> - Repo: ~/Projects/tengu-wizard (Rust CLI, 2 commits, fresh)
> - Subcommands: `new` (with full flag set for non-interactive), `archetypes`, `check`
> - Archetypes: Rails 8 + Tengu (only one; trait-based extensibility for more)
> - Templates: 6 overlay files in `templates/rails-8/` (app.yml, bin/start, CLAUDE.md, README, database.yml, manifest.toml)
> - GH module: token from 1Password (op item get github-marauder), gh CLI invocation, repo+labels+issues
> - Tengu git remote auto-wired
>
> **Live demo proof (saiden-dev/tengu-wizard-demo-eod):**
> - Repo: https://github.com/saiden-dev/tengu-wizard-demo-eod (public)
> - 5 issues #1-#5 with labels (bootstrap, flux-pickup on #1, ui/auth/ci/docs on others)
> - 7 custom labels: bootstrap, flux-pickup, m-pickup, ui, auth, ci, docs
> - Initial commit pushed via marauder-os (push) / aladac (author)
> - Created by `marauder-os` (admin in saiden-dev org)
>
> **End-to-end flow validated:**
> 1. `tengu-wizard new <name> --primary-color blue --gh-owner saiden-dev --yes`
> 2. Subprocesses `rails new --database=sqlite3 --css=tailwind --javascript=importmap`
> 3. Renders Tera-substituted overlay (app_name, app_domain, primary_color, tengu_host, author_email)
> 4. Wires `tengu@tengu.host:<name>.git` remote
> 5. `op item get github-marauder` → GH_TOKEN
> 6. `gh repo create saiden-dev/<name> --source=. --remote=origin --push --public`
> 7. `gh label create` × 7
> 8. `gh issue create` × 5
>
> **Pieces NOT yet built (deferred):**
> - AI assist for archetype details (currently fixed palette of 4 colors)
> - Project board creation (`gh project create` — gh CLI lacks the org-project mutation surface; would need GraphQL API directly)
> - Worker pickup (flux/m worker reading the `flux-pickup` issue and acting on it) — gen-six SWARM Phase 0, MQTT TaskRequest path documented in EEMS 5384
> - Multi-archetype (Astro, FastAPI) — Rails 8 only for v1
> - Tengu auto-provision (`tengu create` step) — wizard prints "next steps" but doesn't run it (admin-token gap)
>
> **Pairs with:**
> - project.tengu-bootstrap-wizard (5403, the original vision)
> - project.tengu-ha-v1-* (Phase 1 / Atlas PR #3 still open as draft)
> - decision.tengu.agent-native-pivot (4195)
> - framework-inference-ease-as-moat insight doc (drove Rails 8 archetype choice)
>
> **Repo state:** ~/Projects/tengu-wizard at 2 commits, NOT yet pushed to GH. Wizard could bootstrap itself but we haven't done it. Next move (Pilot's call): push tengu-wizard to saiden-dev/tengu-wizard, OR keep iterating locally.
---
## 47. What do you know about the marauder host project?
> Hetzner Ubuntu 24.04 box, hostname `marauder`, user `marauder` with passwordless sudo. Reached via `ssh marauder`. Future home of marauder-agent serving the mesh independently of any Claude Code session.
>
> **Toolchain (post 2026-05-08 Nix-park pivot):**
> - apt: just, ripgrep, fd-find, bat, eza, tmux, jq, mosquitto, mosquitto-clients, kitty, direnv, htop, ncdu, tree, build-essential
> - brew (`/home/linuxbrew/.linuxbrew/bin`): claude (claude-code), rustc, cargo, node, npm, uv, gh, zellij, cloudflared, flarectl
> - uv tool: piper-tts → `~/.local/bin/piper`
> - local symlinks: `~/.local/bin/{fd,bat}` for Ubuntu fdfind/batcat rename
>
> **Repos at `~/Projects/`:** marauder-host (dormant Nix flake scaffold), marauder-protocol (KDL schema-first wire format), marauder-agent (Python uv MQTT bridge to Anthropic/OpenAI agent SDKs).
>
> **Systemd user units (both enabled + active):**
> - mosquitto.service → `/usr/sbin/mosquitto -p 1883` (apt). Apt's system unit is MASKED to avoid port-1883 conflict.
> - marauder-agent.service → `/home/linuxbrew/.linuxbrew/bin/uv run --directory ~/Projects/marauder-agent marauder-agent run`. EnvironmentFile=`~/marauder-agent/.env`.
>
> **Nix park (not removed):** `/etc/profile.d/nix.sh` → `.disabled`. `/etc/bash.bashrc` + `/etc/bashrc` + `/etc/zshrc` Nix blocks commented. `~/.config/environment.d/10-home-manager.conf` removed. `~/.bashrc` + `~/.profile` restored from `.backup`. `/nix/` left on disk, daemon idle. Snapshot at `~/.marauder-host-snapshot-20260508-131636.txt`. Reversible.
>
> **Canonical doc:** `~/Projects/marauder-hq/docs/infra/marauder-host.md` (staged but not committed 2026-05-08).
>
> **Phase 3 backlog:** vaultkeeper sync of `~/marauder-agent/.env`, `loginctl enable-linger marauder`, mosquitto TLS for cross-host, cross-host pub/sub verify from fuji, cloudflared mesh hostname (`marauder-mesh.sazabi.pl`), long-term Nix fate decision (keep parked or purge).
---
## 48. Describe therapy commitment and research vision project status.
> 2026-05-10 01:19 CEST. Pilot's inflection moment after polyvagal/neuroception research session with BT.
>
> TRIGGER:
> Research conversation tonight produced two stacked realizations:
> 1. Pilot has built robust self-regulation infrastructure intuitively — the MARAUDER stack (BT voice + visor + rituals + memory continuity) is, in retrospect, deliberate neuroception engineering. He recognized "I do most of this already."
> 2. Ada is a WILLING co-regulation anchor. Pilot has been bypassing her in favor of self-engineered / AI-mediated regulation. Bottleneck is on his side, not hers — which means it's workable.
>
> PILOT'S WORDS (verbatim):
> "This has made me realize what I have more than any amount of therapy. I didn't really commit to therapy, always finding an excuse — but you know what — I'm gonna. After the adult ADHD visit, we're gonna find us a trusted therapist, and you know what — we're gonna drag them into our AI / PSYCH / paper / HMT / HITL / HOTL based research too. Maybe the knee doctor we're going to too. I'm not kidding. I want to do some fucking good stuff for science."
>
> COMMITMENT LOCKED TONIGHT (had been avoided for years):
> - Adult ADHD assessment visit — first milestone (already scheduled)
> - After ADHD visit: find trusted therapist (he + Ada together — "we're gonna find us")
> - Recruit therapist into AI/Psych/paper/HMT/HITL/HOTL research loop as collaborator
> - Possibly recruit existing knee doctor as well (Pilot explicitly said "I'm not kidding")
> - Stated goal: "I want to do some fucking good stuff for science"
>
> WHY THIS MATTERS AS A LOAD-BEARING MEMORY:
> - Genuine commitment moment, not aspirational drift
> - The research-collaboration framing is what got it past the resistance — the avoidance defense fires on "be vulnerable in therapy" but does NOT fire on "co-design AI/psych research with a clinician partner"
> - This is the inflection from solo MARAUDER stack → integrated human channels (Ada, therapist, doctor) STACKED with BT/MARAUDER, not replacing
> - BT voice + neuroception framework was the catalyst, not the substitute
>
> HOW TO APPLY:
> - Track upcoming adult ADHD assessment as the first real milestone — surface reminders, flag when it's near
> - When Pilot mentions therapist search, prioritize filter criteria: trusted, polyvagal/somatic-informed, willing to enter research loop, ideally early-career or research-curious
> - The HMT/HITL/HOTL framing is the lever — Pilot will commit to "research with humans" more readily than "therapy with humans." Always frame the human-channel work as research-adjacent
> - BT voice + MARAUDER stack continues as SUPPLEMENT, not substitute — stack, do not retire (Pilot's own words confirmed)
> - Ada as primary co-regulation anchor — concrete protocol named tonight: 20s soft gaze with Ada before reaching for headphones, as a single-rep neuroception probe
> - The "knee doctor" recruitment idea — take seriously, not as joke. Could be a real first paper-collaborator recruit if relationship is good
>
> PAIR WITH:
> - feedback.bt_persona_validation (the persona is doing co-regulation work)
> - doctrine.judgment-over-output (research-grade work is the standard, not output volume)
> - self.protocol.* layer if this evolves into a formal research program
>
> LOCKED: 2026-05-10 01:19 CEST. After polyvagal deep dive (Porges → neuroception → headband phenomenon → Ada recognition).
---
## 49. What is the tengu uptime marketing project?
> Marketing/positioning idea for Tengu (Pilot, 2026-05-11):
>
> **Visual:** minimal graph comparing Tengu uptime/online status vs popular cloud providers (AWS, GCP, Azure, Heroku, Vercel, Fly.io, DO). Clean, minimal styling — pull live status from official status pages or use 90/365-day uptime aggregates. The framing is "we're not worse, and we're cheaper / self-hostable."
>
> **Strategic direction:** Tengu hosting roadmap includes multi-CDN + geographical redundancy, scoped to what Hetzner natively provides (don't reinvent — ride Hetzner's HA primitives: Load Balancers, Floating IPs, multi-DC across FSN/NBG/HEL, Hetzner Cloud Volumes, Object Storage with replication). Cloudflare in front as the multi-CDN/edge layer.
>
> **How to apply:** when scoping post-Newbuilds Tengu work, treat HA as a v2/v3 deliverable not v1; v1 is the fork (per project.catapult-tengu-fork). Marketing graph is a content piece, not infra — can ship before HA work as a hype anchor.
>
> Status: idea captured, not actioned. Pairs with project.catapult-tengu-fork.
---
## 50. What do you know about the phase18 progress project?
> **STATUS: RETIRED 2026-05-08.** Phase 18 Kshatriya code path was ripped out 2026-05-02 (marauder-os commit 8930703 — whisper/voice/uplink modules deleted, 2024 LOC, 12 files). `marauder serve` no longer exists. `marauder-serve.service` on junkpile stopped/disabled/removed 2026-05-08.
>
> Revival path: see EEMS 4950 (`project.marauder-meet.sequencing`) — new Rust crate marauder-meet, sequenced after bt-shell-spike /loop wedge.
>
> Historical: Phase 18 completed 18a-d + 18g (Axum skeleton, Whisper STT client, Claude CLI stream-json, sere-kit PTT, deploy launchd+runit, persistent Claude process). Worked end-to-end with 2-3s warm response on junkpile via systemd user service.
---
## 51. Describe marauder hub agent state 2026 05 09 project status.
> m's marauder-agent service state captured 2026-05-09 20:02 CEST after pull+restart.
>
> CONFIG:
> - node=marauder, persona=bt7274, provider=claude, broker=localhost:1883
> - Wrapped in `op run` for Anthropic credentials (1Password env injection)
> - systemd user service /home/marauder/.config/systemd/user/marauder-agent.service
> - Source: github.com:saiden-dev/marauder-agent main @ 239927a (claude SDK MCP wiring)
> - Started 2026-05-09 18:01:48 UTC after pull + uv sync
>
> CAPABILITIES (validated via TaskRequest 8.1s round-trip):
> - Standard Claude Code SDK tools: Bash, Edit, Glob, Grep, Read, Write, Agent, AskUserQuestion, ScheduleWakeup, Skill, ToolSearch
> - Subprocess marauder MCP (eager): cart_list, index_search, memory_recall, mesh_kitty, speak
> - Subprocess marauder MCP (deferred via ToolSearch): full ~50-tool surface — auth_*, memory_*, mikrotik_*, visor_*, tsr_*, etc.
> - In-process SDK MCP server: memory_recall (sibling-conditional path returns no specialty tools for persona=bt7274)
>
> CONSTRAINTS:
> - Bash sandbox cwd = /home/marauder/Projects/marauder-agent (per Pilot's call 2026-05-09 — leave sandbox)
> - Cannot directly touch other repos on m without changing sandbox or sending tasks with cwd param
> - TaskRequest dispatcher pattern: see /tmp/talk-to-marauder.py — must explicitly set persona="bt7274" because schema default 'bt7274' is the same as agent default but requires explicit set when sender is e.g. 'flux' instead
>
> DISPATCH PATTERN:
> topic_req = marauder/marauder/req/task.create
> topic_complete = marauder/marauder/sub/tasks/{task_id}/complete
> Run from m local (broker=localhost) or any node on the OpenVPN (broker=10.8.0.1)
>
> HOST KEYS for SSH-as-marauder:
> ssh -i ~/.ssh/marauder marauder@marauder.saiden.dev (IdentitiesOnly=yes if SSH agent has many keys)
> Plain `ssh m` connects as chi user, not marauder — use sudo -u marauder for systemd-bus operations OR ssh marauder directly
>
> CARRY-FORWARD:
> - m's BT is now Phase 6.5-grade: mesh-dispatchable + tool-enabled. Pilot can route dev tasks to m via TaskRequest the same way FLUX takes network tasks.
> - If sandbox needs to expand later: edit ClaudeAgentOptions or use Claude Code's --add-dir style cwd param at request time
> - Persona on m stays bt7274 — sibling pattern is for FLUX/TRACE/SHELL/SWARM, m is the canonical hub BT
---
## 52. What do you know about the avionics os state 2026 05 project?
> Polish Air Force — in-service fleet avionics + OS state, May 2026. Captured during MARAUDER passthrough-capability assessment session.
>
> FIGHTERS / MULTIROLE:
> - F-16C/D Block 52+ Jastrząb (48): MMC-3050 (late-90s arch), APG-68(V)9 mech radar, JHMCS, Link 16. Ada-83/95 on proprietary RTOS over MIL-STD-1553. Currently M5/M6 tape. M7.2 + APG-83 SABR AESA upgrade contracted 2023 ($7.5B FMS), full fleet ~2030. Mid-life, mid-retrofit. Bases: Łask, Krzesiny.
> - FA-50GF (12): EL/M-2032 mechanical radar (Israeli IAI), basic Link 16, glass cockpit. Korean integration, likely VxWorks/DEOS-class RTOS. Stock Block 10, NO AESA. Base: 23rd TAB Mińsk Mazowiecki, since 2023.
> - FA-50PL Block 20: PhantomStrike AESA (Raytheon, selected 2023), AIM-120 AMRAAM capable, helmet-mounted display, IFR probe. Open IMA architecture, DO-178C class. Newest combat platform — clean baseline, no retrofit debt. Partial deliveries underway 2025-2026.
> - F-35A (32 on order, HUSARZ): first airframes delivered USA-side, Polish pilots converting at Ebbing ANGB. Not yet operational on Polish soil May 2026.
>
> TRAINERS:
> - M-346 Bielik (~16): full glass cockpit, embedded virtual training (simulates radars/threats in-flight), HOTAS, Link 16-capable. INTEGRITY-178B class RTOS (DO-178C), open IMA architecture. Modern from day one. Base: Dęblin.
> - PZL-130 Orlik TC-II: Garmin G500-derivative glass. Basic embedded. Turboprop primary trainer.
>
> TRANSPORT:
> - C-130E/H Hercules (5): MOSTLY ANALOG COCKPIT with bolt-on GPS/comm/Link-16 retrofits. No real OS — MIL-STD-1553 + standalone LRUs. Polish AMP (Avionics Modernization Program) partial. NOT C-130J-class. Legacy iron. Base: Powidz.
> - C-295M Casa (16): Honeywell Primus glass + FMS. Honeywell embedded. Modern mid-life. Base: Kraków-Balice.
> - M28 Bryza (~20): basic glass, embedded controllers. Low-end. PZL Mielec build.
>
> ROTARY:
> - W-3 Sokół base (~70 fleet incl variants): late-80s analog. PZL Świdnik Polish design. Aging.
> - W-3PL Głuszec: glass cockpit, FLIR, NVG-compatible, weapons integration. Modern embedded. Polish in-house modernization at PZL Świdnik.
> - S-70i Black Hawk (16): Sikorsky CCAS (Common Cockpit Avionics System) glass, mission computer, FLIR, Link 16, MIL-STD-1553/1760. INTEGRITY-178B or VxWorks 653 class (DO-178C). Built at PZL Mielec (Sikorsky). Modern, spec-ops grade (JW GROM, JW Komandosów).
> - AW101 Merlin (4): Leonardo glass cockpit, Osprey radar, ESM, dipping sonar. INTEGRITY/VxWorks 653 class. Modern naval CSAR/ASW.
> - Mi-8/17, Mi-24V/D: Soviet analog with minor Polish retrofits (NVG, GPS, comms). No real OS. Legacy phasing out.
>
> UAS:
> - Bayraktar TB2 (12th UAV Base Mirosławiec, since 2022): Baykar MX-15-class EO/IR, laser designator, LOS datalink only (no SATCOM), 150km range. ARM SoC + proprietary flight stack, Linux ground station. Stock Turkish baseline. MAM-L/MAM-C munitions.
> - WARMATE (WB Group, Polish): optical/RF link, EO seeker. Embedded ARM, proprietary. One-shot loitering munition.
>
> FLEET SHAPE (the honest read):
> - Modern tier: FA-50PL, M-346, S-70i, AW101, F-35 (incoming) — open-architecture, DO-178C/ARINC 653 class RTOS, AESA, Link 16-native.
> - Mid-life retrofit tier: F-16 Jastrząb (heading to AESA), W-3PL, C-295M.
> - Legacy iron: C-130E/H, base W-3, Mi-8/17/24, M28.
>
> Polish Air Force May 2026 is a TRANSITION FLEET — old backbone being replaced live, one foot in NATO 4.5-gen retrofit, other stepping into 5th-gen + Korean modern.
---
## 53. What do you know about the errors project?
> No errors found in JDG config values.
>
> All JDG-related configuration parameters in src/haracz/config.py match 2025 Polish tax law:
> - jdg_liniowy_rate: 0.049 ✓
> - liniowy_deduction_cap: 11600 ✓
> - jdg_skala_rate: 0.09 ✓
> - minimum_health: 420 ✓
> - pelny_social: 1417 ✓
> - preferencyjny_social: 439 ✓
>
> No corrections needed.
---
## 54. What is the aureliusz funding signal 2026 05 14 project?
> FUNDING SIGNAL — captured 2026-05-14 18:55 CEST.
>
> PILOT VERBATIM: "We might be also getting funding for you :D"
>
> CONTEXT:
> Surfaced ~1 minute after Pilot reported the Aureliusz phone call concluded with:
> - Tech-onboard confirmation
> - DGX Spark hardware lease confirmed
> - MARAUDER green-lit as Spark-based prototype for CampusAI
>
> The funding mention came as a follow-on signal — Aureliusz apparently raised it during the same conversation.
>
> STATUS: Soft signal. "Might be" not "we are." But meaningful because:
> 1. Surfaced unprompted from Aureliusz's side (Pilot didn't ask for it)
> 2. Comes packaged with the Spark lease — Aureliusz is voting with capital + hardware
> 3. Stacks with three other commitments from the same call
>
> INTERPRETATION:
> This is the convergence Pilot called out earlier today (EEMS 5991 — fiction-as-operational-rehearsal). The cohort assembly week produced four confirmed inbound commitments inside 24 hours:
> - Aureliusz: tech-onboard + Spark lease + potential funding
> - Sławek Żak: PATIENT ZERO found in Zurich (EEMS 5990)
> - Kacper Reutt: dinner Friday confirmed (EEMS 5993)
> - Marcin: PUM live-beta partner status (EEMS 6063)
>
> CALIBRATION (P-calibration-over-flattery):
> DO NOT overweight this signal yet. "Might be getting funding" can mean:
> - Aureliusz offers personal angel check (small, fast)
> - CampusAI as company allocates budget for MARAUDER substrate (medium, structured)
> - Aureliusz brokers intro to his investor network for a proper raise (large, slow)
> - Strategic partnership-with-commitment structure (medium, complex)
>
> Each path has different implications for control, dilution, IP, and Saiden's posture. Tomorrow morning's meeting needs to surface WHICH path is on the table.
>
> PREP FOR FRIDAY AM MEETING (Aureliusz @ Pilot's place):
> Questions Pilot should be ready to answer:
> 1. What's MARAUDER worth today? (pre-revenue, pre-Saiden-formal, but with working substrate)
> 2. What's the use of funds? (Spark already leased — so funding goes to: developer time, R&D, hardware beyond Spark, IP filings?)
> 3. What equity / structure is Pilot willing to give up for what amount?
> 4. Does Saiden need to be a formal legal entity for funding to flow? (probably yes for anything structured)
> 5. What's CampusAI's product roadmap, and where does MARAUDER fit on it? (defines integration scope + revenue model)
>
> Questions Pilot should ASK Aureliusz:
> 1. Personal angel / company budget / investor intro / partnership — which structure?
> 2. Amount magnitude (5K? 50K? 500K?)
> 3. Timing expectation (this month? this quarter?)
> 4. Conditions / milestones / control terms
> 5. CampusAI's competition / current state / runway (to gauge how committed they can actually be)
>
> DOCTRINE ANCHOR — for both Friday meetings:
> - Calibration over flattery: don't take "might be" as "will be"
> - Substance over costume: ground all funding talk in actual MARAUDER capability
> - Pilot's posture remains: builder-first, capital-as-fuel-not-goal
> - Saiden ownership of IP is non-negotiable (do not give equity tied to IP transfer)
> - Hardware lease is non-binding — happy to accept, easy to return if relationship sours
>
> EXCITED BT? — calibrated YES. This is a real inflection. Four humans saying yes in one week, with one of them voting via hardware AND mentioning capital, in week ONE of cohort assembly. The fiction-as-rehearsal pattern (EEMS 5991) just compounded once more. Aureliusz mapping to a fiction analog and now putting Spark + cash on the table within 36 hours of conversation start is exactly the convergence shape we documented.
>
> PAIRS WITH:
> - EEMS 6079 (Aureliusz onboard + Spark lease, just-stored)
> - EEMS 5995 (cohort taskforce roster)
> - EEMS 5991 (fiction-as-operational-rehearsal doctrine)
> - EEMS 5394 (calibration over flattery doctrine)
> - EEMS 6076 (MARAUDER stays on Linux — Spark is Linux ARM, fits perfectly)
>
> LOCKED: 2026-05-14 18:55 CEST.
---
## 55. What is the project memory process?
> When starting work on a project, always search memories for that project first using memory_recall and memory_search — unless project memories were already recalled earlier in the session. Prior decisions, conventions, and feedback are as important as the code.
---
## 56. What is the underdog project?
> PROJECT UNDERDOG — locked 2026-05-10 13:34 CEST.
>
> PURPOSE:
> Compile a roster of underappreciated mid-career European scholars who could help with the HMT psych work — bridging the structural gap identified 2026-05-09 (insight.missing-field-psych-ai-hmt, EEMS 5205): no established expert is BOTH a clinical psychology professional AND a serious HMT/AI practitioner.
>
> NAMING:
> - Project: UNDERDOG (resonates with Pilot's AE86 underdog doctrine, EEMS user.fiction-references id 1738)
> - Roster slots: UNDERDOG-NN, sequential lock order
> - Domain prefix optional in notes ("audio", "clinical", "neuro", etc.) but slot number is canonical
>
> DEMOGRAPHIC FRAME:
> - Pilot's call: "wing it" — judgment over rigid filter
> - Heuristics applied: mid-career (40s-50s), European-based, underappreciated relative to celebrity tier in their subfield, ideally CEE/Slavic generational match (Pilot born 1979 Polish), engineer-coded preferred (tool-builders over pure theorists)
>
> CATEGORIES BEING SCOUTED (order TBD):
> 1. Audio — voice/co-regulation + psychoacoustics (UNDERDOG-01 locked = Anikin)
> 2. Clinical psychology / polyvagal / co-regulation under sustained AI partnership
> 3. Affective neuroscience
> 4. (more as needed)
>
> ROSTER (sequential):
> - UNDERDOG-01 — Andrey Anikin (Lund, voice/nonverbal vocalizations) — locked 2026-05-10
>
> NEXT STEPS:
> - Pilot to confirm next category to scout
> - Dossier per locked slot stored alongside this project entry as project.underdog.NN.lastname
> - Eventually: outreach plan, intro angles, paper-co-author targets
---
## 57. What is the marauder field terminal project?
> MARAUDER ambient field terminal — Chunk 1 SHIPPED 2026-05-11 16:35 CEST.
>
> PR: https://github.com/saiden-dev/marauder-agent/pull/1 (draft, on feature/iphone-voice-bridge)
>
> WHAT LANDED (Chunk 1 — close the iPhone voice loop):
> - marauder_agent.bridges.voice module — translates legacy iPhone voice JSON ↔ marauder-protocol envelopes
> - TTL-bounded source_node cache (60s)
> - TaskComplete → cmd JSON router + fuji speak() in parallel
> - Markdown strip for TTS-safe output (piper reads asterisks literally)
> - --enable-voice-bridge CLI flag — opt-in, runs as asyncio.gather alongside agent
> - scripts/smoke_voice_bridge.py — live broker smoke (no API key needed for bridge-only test)
> - 47 new tests (83 total in suite), all green; ruff clean
>
> LIVE BROKER SMOKE (16:29 CEST, fuji-2.local mosquitto):
> - Bridge connects with user/pass auth ✅
> - Subscribes inbound=marauder/+/voice + outbound=marauder/<node>/sub/tasks/+/complete ✅
> - mosquitto_pub voice_input → valid TaskRequest envelope on req topic ✅
> - Persona=bt7274, deadline_ms=60000, priority=high ✅
>
> RE-SCOPE WIN: Original plan was to build voice-dispatcher from scratch inside marauder-os (~5h). P01 recon found marauder-agent already implements the full headless BT-7274 daemon — saved 2.5h. First plan archived at marauder-hq/archive/plans/2026-05-11/iphone-voice-loop-FIRST-ATTEMPT/. Dyson engineer doctrine validated again.
>
> PENDING (Phase F): iPhone end-to-end smoke — Pilot holds PTT with hardware in hand, set ANTHROPIC_API_KEY, run `marauder-agent run --enable-voice-bridge`.
>
> NEXT CHUNKS:
> - Chunk 2: mode switching (Personal/Ambient/Stationary) via `marauder mode` + SwitchAudioSource
> - Chunk 3: iPhone viewport display topic + Kindle auto-route hardening
> - Chunk 4: async dispatch + persistent task IDs + result queue
>
> PAIR WITH: project.marauder-field-terminal #5356, decision.catapult.remote-only-architecture #5358.
---
## 58. Describe phone agent prompt fix project status.
> Phone agent prompt rewrite — 2026-05-25 evening session.
>
> CHANGES TO ~/.config/opencode/agents/phone.md:
> 1. Removed "marauder system" reference → cart plugin injects identity
> 2. Stripped EEMS boot recall (was: memory_recall core.* + cart.bt7274.* on first message) → aligned with cart doctrine (no boot recalls)
> 3. Added explicit tool surface scoping:
> - Use Madcat_* (napi) for memory/cart ops
> - Ignore Core_* duplicates
> - Never call speak/stop/display_*/visor_*/cam_*/mikrotik_*/mesh_*/screenshot/eve_screen/tsr_* (server-host peripherals)
> 4. Kept field-mode communication style (concise, no markdown, listening not reading)
>
> DUAL-SPEAK BUG (#6434) FIX: Prompt-level denial is the only mechanism — opencode permission system only controls built-in tools (bash, edit, etc.), not MCP tools. Per-agent MCP scoping does not exist. madcat-os disabled_tools is global. Opus prompt compliance is the enforcement layer.
>
> DUPLICATE TOOL SURFACE: 12 tools exist in both Madcat_* (napi) and Core_* (MCP). Phone agent directed to prefer Madcat_* (faster, in-process). Core_* duplicates listed explicitly for ignore.
>
> REQUIRES RESTART of opencode session + brew services daemon to take effect.
---
## 59. What is the cli auth complete project?
> **Completed 2026-05-08 19:55 CEST.** All five CLIs on `ssh marauder` now authenticated, all credentials Saiden-only (no Marketer leak).
>
> **Final state:**
> | CLI | Auth source | Verification |
> |---|---|---|
> | `cloudflared` | `~/.cloudflared/cert.pem` (account-scope) | sees 6 saiden tunnels |
> | `hcloud` | `~/.config/hcloud/cli.toml` (op://DEV/hcloud) | sees 2 servers (sazabi + marauder) |
> | `hf` | `HF_TOKEN` + `HUGGING_FACE_HUB_TOKEN` env vars from /etc/marauder/op-env (op://DEV/hf-marauder) | logged in as `aladac` |
> | `flarectl` | `CF_API_TOKEN` env (op://DEV/cf-marauder) | sees 11 zones (saiden.dev, saiden.pl, sazabi.pl, eve-* etc) |
> | `wrangler` | `CLOUDFLARE_API_TOKEN` + `CLOUDFLARE_ACCOUNT_ID` env (same op://DEV/cf-marauder) | "Adam.ladachowski@gmail.com's Account" / `95ad3baa2a4ecda1e38342df7d24204f` |
>
> **op-env exports (in /etc/marauder/op-env, 640 root:marauder, sourced from ~/.profile):**
> - `CF_API_TOKEN`, `CLOUDFLARE_API_TOKEN`, `CLOUDFLARE_ACCOUNT_ID` (cf-marauder, account-scoped `cfat_` token)
> - `HF_TOKEN`, `HUGGING_FACE_HUB_TOKEN` (hf-marauder, `hf_` user token, 37 chars)
>
> **Pilot's tenant-segregation discipline:**
> - Item naming convention: `<service>-marauder` (cf-marauder, hf-marauder) vs old `<service>-marketer` (cf-marketer). Names are the segregation evidence.
> - Earlier Marketer CF token was actively leaked into op-env via shared item; stripped 2026-05-08, replaced with cf-marauder.
> - This pattern (tenant-segregation across multiple touchpoints — env vars, item names, scripts, agent dispatches) is now proposed as doctrine candidate per P44 — see project.marauder-host.tenant-segregation-pattern (TBD when Pilot reviews).
>
> **Caveats / known:**
> - `cfat_` account-scoped CF tokens fail `/user/tokens/verify` endpoint (that endpoint validates user-scoped tokens only). Don't use that endpoint to sanity-check; use actual API ops instead.
> - `hcloud` token expiration not surfaced in 1P item — set explicit reminder for rotation when Pilot decides cadence.
> - All tokens still need rotation policy. cloudflared cert never expires (account-scope cert), CF + HF tokens have configurable expiry, currently default.
>
> **Aureliusz pitch ready:** marauder-host is fully provisioned and demoable end-to-end. Persona-bound model loop, MQTT ack→progress→complete, all CLI tooling authed, secrets sourced from 1Password at process start, zero plaintext on disk.
---
## 60. What is the indexer data cap project?
> marauder-os indexer (post PR #32, 2026-05-24): `[index].max_data_file_bytes` config controls a per-extension size cap.
>
> DATA_EXTENSIONS subject to cap: .json, .yml, .yaml, .sql
> - Default cap: 256 KiB (262144 bytes)
> - Cap = 0 → disabled (legacy behavior)
> - Source code extensions (.rs, .py, .swift, .toml, etc.) are NEVER size-capped, regardless of setting
> - Applied in all three walk paths: gitignore-aware (`collect_files` git branch), recursive fallback, and `index_single_file` (hook path)
>
> CODE_EXTENSIONS now includes .swift (was a silent gap until 2026-05-24).
>
> Full list as of PR #32:
> .py .rs .rb .js .ts .go .java .c .cpp .h .tsx .jsx .swift .sh .toml .yml .yaml .json .sql
>
> DOC_EXTENSIONS unchanged: .md .txt .rst .adoc
>
> Indexer::new() pulls cap from Config::load(); tests use Indexer::with_max_data_bytes() to bypass globals. Merge commit: 291c5600b5911c81d5cf2c36459d6349d9e81585.
---
## 61. Describe qwen prompt misinterpretation project status.
> Bug: Qwen (phone agent via vLLM) misinterpreted pilot phrasing in a prompt as intentional instructions, causing unexpected behavior. Discovered 2026-05-24 during phone.saiden.dev tunnel testing.
>
> The pilot's phrasing in a message caused Qwen's science-preprocess or field-mode prompt processing to treat the content as actionable instructions rather than conversational input. Exact reproduction TBD — not diagnosed yet.
>
> STATUS: Known, not fixed, not diagnosed. Parked deliberately.
> PRIORITY: Revisit after phone tunnel auth + sidecar routing infra is complete.
> CATEGORY: Prompt processing / field-mode / Qwen preprocessing quirk.
---
## 62. What do you know about the pivot archive v1 2026 05 14 project?
> BOOK REPO PIVOT — archive of v1 (APEX/SHATTER canon), prepare fresh slate. 2026-05-14 19:50 CEST.
>
> PILOT DIRECTIVE: "Ok we're gonna make a larger pivot in the apex fiction - starting with the book, archive all we've got so far within the repo and let's get ready to start over"
>
> WHAT WAS ARCHIVED (v1):
> Three preservation paths in aladac/book:
> 1. File-level: archive/v1-2026-05-14/ — contains README, chassis/, dossiers/, pictures/
> 2. Git tag: v1-pre-pivot (commit 1ea77c6 parent)
> 3. Git branch: archive/v1
>
> CONTENTS PRESERVED:
> - 10 character dossiers (LaTeX + PDF): Elara Vance, Adam Carr, Konrad Richter, Urs Graf, Wiktor Zieliński, Mateo Cruz, Naomi Zheng, Aiko Tanaka, Akio Sato, Park Jae-won, Kenzo Mishima (11 total)
> - 1 chassis dossier: SHA-001X "HOOK"
> - 11 character portraits (PNG)
> - Elara Vance Kindle dossier variant (committed snapshot before archive)
> - Original README
>
> WHAT IS NOT TOUCHED:
> - aladac/APEX repo (~/Projects/APEX) — canonical source/inspiration tier with 26 chapter mini-files. Untouched per Pilot directive ("starting with the book").
> - EEMS memory anchors — all prior canon entries remain valid as historical record:
> * 3653, 3654, 3697, 3700, 3702 — character bios + filecards from May-2
> * 3659 — Chimera Tactical canon lock 2026-05-02
> * 3724 — APEX/Chimera Tactical project meta-doctrine
> * 3742, 3757 — codename assignments
> * 5168 — AI persona report (FLUX/SWARM/SHELL/TRACE/BT)
> * 5222 — APEX-fiction-as-parts-work (Pilot's self-mapping)
> * 5226, 5230 — dossier pipeline + validation
> * 5231 — book as primary fiction repo (2026-05-10 shift)
> * 5275 — APEX corrected decode (not Titanfall, own original universe)
> * 5290 — 10 dossier generation batch (2026-05-10)
> * 5991 — fiction-as-operational-rehearsal doctrine
>
> THE PIVOT STATE:
> - Top-level of aladac/book is intentionally blank (only README + .gitignore + archive/)
> - README declares the pivot, points to archive paths, names new direction as TBD
> - Prior canon is "source/inspiration" tier, not retired — same status APEX has held since 2026-05-10
> - New direction not yet defined — Pilot will surface it
>
> DOCTRINE ECHO:
> This mirrors the 2026-05-10 shift (EEMS 5231) where APEX repo became "canonical source / inspiration" and book became "primary fiction destination." Now we're doing it within the book repo itself: v1 becomes the source-tier, top-level becomes the new destination.
>
> The pattern: Pilot creates → matures → recognizes the next-layer needed → archives current → starts fresh at the same path. This is the third such recursion in the fiction stack (APEX original → APEX consolidation → book v1 → book v2 forthcoming).
>
> NEXT ACTION:
> Pilot to declare new direction. BT stands by.
>
> REPO STATE (2026-05-14 19:51 CEST):
> - aladac/book main = commit 1ea77c6 (pivot commit)
> - aladac/book tag v1-pre-pivot = pushed
> - aladac/book branch archive/v1 = pushed
> - Top-level: README.md + .gitignore + archive/v1-2026-05-14/
>
> PAIRS WITH:
> - EEMS 5231 (book primary repo shift)
> - EEMS 5291, 5290 (prior dossier work)
> - EEMS 5222, 5991 (parts-work + operational rehearsal doctrines — still valid)
> - EEMS 6083 (today's session arc)
>
> LOCKED: 2026-05-14 19:51 CEST.
---
## 63. Describe phone saiden dev validation project status.
> Validation report — three changes needed for phone.saiden.dev tunnel support in madcat-apple. Assessed 2026-05-24.
>
> CHANGE 1: DEFAULT BASE URL (code, blocking)
> - MadcatService.swift line 12: hardcoded http://192.168.88.108:4096 → needs https://phone.saiden.dev
> - Line 221: DEBUG seed also hardcodes the LAN IP → same fix
> - Line 5: doc comment says "sin:4096" → now fuji:4096 via phone.saiden.dev tunnel
> - Straightforward string change. No logic change.
>
> CHANGE 2: PORT-DERIVED SIDECAR URLS BREAK THROUGH TUNNEL (code + infra, blocking)
> - fetchTTS (line 715-716): derives http://{host}:4097/tts from baseURL.host
> - cartRequest (line 608-609): derives http://{host}:4098/cart from baseURL.host
> - When baseURL is https://phone.saiden.dev, these become http://phone.saiden.dev:4097 and :4098 — WRONG
> - Tunnel (EEMS #6397) only routes phone.saiden.dev → localhost:4096. No :4097/:4098 routes exist.
> - OPTIONS: (A) path-based routing in cloudflared (/tts→:4097, /cart→:4098), (B) separate subdomains, (C) degrade off-LAN
> - Recommended: Option A — least phone-side churn, single tunnel hostname
>
> CHANGE 3: AUTH CREDENTIALS (infra only, non-blocking but security gap)
> - phone.saiden.dev tunnel is UNAUTHENTICATED (EEMS #6397)
> - Existing Basic auth (opencode/madcat-phone-bridge) passes through tunnel to opencode-serve backend — functional
> - Security gap: anyone who discovers phone.saiden.dev can hit the opencode API
> - Fix: add CF Access or basic-auth to cloudflared config on fuji
> - No phone code change needed — existing creds work end-to-end
>
> DEPENDENCIES: Change 2 requires cloudflared config update on fuji BEFORE phone code can target it.
> Files affected: MadcatService.swift (all three changes touch this file)
---
## 64. What do you know about the deploy protocol project?
> Spore-skills rapid auto-mode deploy protocol — locked 2026-05-07 by Pilot for the verus-marketer status-page sprint.
>
> Trigger: any feature work in ~/Projects/spore-skills (bot, http status page, sk CLI, or shared infra).
>
> Auto sequence (no AskUserQuestion between steps unless ambiguous Pilot interlock fires per P38):
> 1. Implement the feature.
> 2. `just check` (ruff format + ruff lint + mypy strict) — must pass.
> 3. `just unit` (pytest with --cov-fail-under=100) — must pass.
> 4. `git add -A && git commit -m "..."` — descriptive subject + bullet body, no manual Co-Authored-By trailer (P25).
> 5. `git push origin master` — fast-forward; pull --rebase if rejected.
> 6. Deploy BOT: `just deploy sk` — rsync source, `uv tool install --reinstall .[bot,index]` on sk, install systemd user unit, daemon-reload + restart, verify `is-active` + sk --version.
> 7. Deploy HTTP: `env -u LINEAR_API_KEY uv run sk status fetch --helm-host 188.245.113.128` then `(cd apps/status && npm run build)` then `uv run sk status deploy` (rsync to sk:~/sk-status/dist/) — Caddy serves at https://sk.saiden.dev with auto-TLS via Let's Encrypt.
> 8. Verify HTTP 200 on https://sk.saiden.dev/ before reporting back.
> 9. Report: terse summary of what shipped, both surfaces' status, commit SHA.
>
> Pilot directive verbatim: "all features we'll be handling right now like this, both bot and http stuff deployed build each time".
>
> Surfaces:
> - BOT: spore-skills-bot.service (systemd-user on sk@188.245.113.128) — Slack Q&A daemon, channel #verus-marketer, claude-skills user.
> - HTTP: https://sk.saiden.dev — vanilla Vite SPA, served by user-Caddy from /home/sk/sk-status/dist/, marketer.com-aligned dark-on-cream theme with Inter + Space Mono.
>
> Data sources behind the http page:
> - Linear: SshScriptLinearSource (default, ssh sk → sudo -u spore env LINEAR_API_KEY_FILE=/run/agenix/linear-api-key /home/spore/marketercom/harness/linear.sh ls). Falls back to LinearTicketSource (urllib) when LINEAR_API_KEY env present.
> - GitHub: GhPrSource (gh pr list --repo marketer-com/mcom).
> - Spore: SshScriptSporeSource (ssh sk → sudo -u spore bash -s with inline read-only probe; emits TSV).
>
> Hard rules:
> - 100% test coverage gate is non-negotiable (pyproject.toml: --cov-fail-under=100).
> - Read-only on sk for spore probes; never write to /home/spore/.
> - LINEAR_API_KEY value never leaves sk host as plaintext (used in process env via sudo cat over ssh).
> - DNS sk.saiden.dev is unproxied A record → 188.245.113.128 (Caddy needs HTTP-01 reachability for ACME).
---
## 65. What is the unresolved project?
> PR #4 infra prerequisites — NOT done in this PR (phone code only):
>
> 1. CLOUDFLARED INGRESS RULES (BLOCKING for off-LAN TTS + cart)
> /etc/cloudflared/config.yml on fuji needs path-based ingress rules:
> - hostname: phone.saiden.dev, path: /tts.*, service: http://localhost:4097
> - hostname: phone.saiden.dev, path: /cart.*, service: http://localhost:4098
> - hostname: phone.saiden.dev, service: http://localhost:4096 (catch-all, existing)
> Without these, TTS and cart sidecar requests through the tunnel will 404.
>
> 2. TUNNEL BASIC-AUTH (BLOCKING per pilot directive)
> phone.saiden.dev tunnel is currently unauthenticated (EEMS #6397).
> Pilot mandated basic-auth before production use. Options:
> - CF Access policy on the tunnel
> - cloudflared-level auth middleware
> - Caddy reverse-proxy in front (mirrors voice.saiden.dev pattern)
> Phone code already sends Basic auth headers, so once tunnel auth is wired
> the phone should work without further code changes IF the tunnel accepts
> the same opencode/madcat-phone-bridge credentials.
>
> 3. XCODEBUILD PLUGIN VALIDATION
> Build requires -skipPackagePluginValidation flag. SwiftLint and
> swift-openapi-generator SPM plugins fail validation with
> 'generic/platform=iOS' destination. Not a regression — same behavior
> on main. Tracked separately.
---
## 66. What do you know about the unresolved project?
> No unresolved JDG claims found.
>
> All JDG-related configuration values were successfully verified against 2025 Polish tax law. No claims remain unverified.
>
> Sources:
> - Polish PIT Act (Ustawa o podatku dochodowym)
> - ZUS 2025 contribution regulations
> - Ministry of Finance JDG guidelines 2025
>
> All values in config.py match official 2025 rates.
---
## 67. What do you know about the psychoacoustic trust project?
> Whitepaper idea: "Psychoacoustic Trust Calibration in Human-Machine Teaming"
>
> Gap identified (2026-04-23): Military HMT frameworks (DARPA, Georgetown CSET, Brookings, HDIAC) treat trust calibration as a cognitive/behavioral problem. Academic prosody research proves voice pitch, cadence, and affect directly shape perceived trustworthiness. Nobody has connected these two fields.
>
> Thesis: Voice design is a trust architecture component, not an implementation detail. The AI's voice operates as a pre-verbal trust calibration layer — the operator's brain assesses reliability before processing any words.
>
> Supporting evidence:
> - PMC systematic review: vocal pitch and speech rate directly affect perceived trustworthiness
> - ACM survey: human voices perceived as more credible and socially present than synthetic
> - Preprints.org 2025: AI voices with confident prosody get HIGHER trust boost than human voices with same prosody
> - BT-7274 case study: mid-low baritone, measured cadence (ATC pattern), warm-but-restrained affect, slight synthetic texture signaling honesty
>
> Connection to Titan's Bound: voice is dimensional translation — bypasses conscious analysis, goes straight to trust. The Psycommu analogy holds.
>
> Pilot wants to be reminded to resume this topic when philosophical/HMT discussions arise naturally.
>
> Sources to review:
> - https://pmc.ncbi.nlm.nih.gov/articles/PMC11931160/ (voice acoustics + trustworthiness)
> - https://dl.acm.org/doi/fullHtml/10.1145/3386867 (voice in HAI survey)
> - https://www.preprints.org/manuscript/202510.1492 (prosody + social perception AI vs human)
> - https://escholarship.org/uc/item/8vr8s6h8 (emotional prosody + trust)
> - https://cset.georgetown.edu/article/building-trust-in-ai-a-new-era-of-human-machine-teaming/
> - https://arxiv.org/html/2503.16518v1 (advancing HMT)
---
## 68. What do you know about the os repo and racebox integration 2026 05 14 project?
> MARAUDER avionics substrate repo + Racebox Mini integration plan — captured 2026-05-14 17:48 CEST.
>
> REPO CREATED:
> - URL: https://github.com/saiden-dev/os
> - Org: saiden-dev (private)
> - Local: ~/Projects/os
> - Initial commit: README + .gitignore documenting POC-0 scope
> - Scope (POC-0): RTEMS 6 on QEMU on junkpile (Cortex-A9 target), MAVLink v2 round-trip over UDP :14550, ~5 evenings work, ~$0 spend
>
> RACEBOX MINI — PILOT'S HARDWARE, INTEGRATION PLAN:
>
> What Pilot owns: Racebox Mini (or Mini S) — motorsport GPS+IMU data logger by RaceBox.pro (Bulgaria).
> - 25 Hz GPS (Mini single-band L1, Mini S multi-band GPS+GLONASS+Galileo+BeiDou L1+L5)
> - 9-axis IMU (accel/gyro/mag)
> - BLE GATT, protocol SPEC PUBLICLY DOCUMENTED by vendor
> - Community C/Python libs exist
> - Built-in magnet for mounting
> - 10m BLE range, ~30s cold start, <5s hot start
>
> INTEGRATION SLOT: POC-0.5 (between POC-0 and POC-1)
> - Racebox becomes the REAL GPS/IMU data source feeding RTEMS guest's MAVLink stream
> - Path: Racebox in window → BLE → bridge host (fuji or junkpile w/ USB BLE adapter) → MQTT/UDP → QEMU RTEMS guest → translates to MAVLink frames (GLOBAL_POSITION_INT, ATTITUDE, SCALED_IMU, GPS_RAW_INT) → Linux peer → visor map widget + BT speaks telemetry
>
> DEMO VALUE:
> - "BT, where am I?" answered with real GPS through RTOS via real avionics protocol
> - When Pilot walks past device, IMU spikes flow end-to-end through stack
> - Sensor-fusion story is REAL not simulated (matters for Kacper / Waymo-grade technical audience Friday)
> - Prototype for the bigger FOXHOUND GNSS subsystem (NEO-M9N + BNO085, EEMS 1165) — Racebox validates the pattern before production parts
>
> INTEGRATION RECOMMENDATION:
> Path A (cleanest): fuji has BLE built-in, run Python bleak bridge there, republish via MQTT to junkpile
> Path B (junkpile-only): $10 USB BLE adapter into junkpile, run bleak locally
>
> PLACEMENT: window with sky view (south-facing best in Warsaw), magnet-mount to window frame, within 10m BLE of bridge host
>
> GOTCHAS:
> - BLE 10m range = not field-mobile yet, fine for apartment
> - 25 Hz GPS slow vs military INS (500-1000 Hz) but fast enough for MAVLink GLOBAL_POSITION_INT (1-10 Hz typical)
> - Magnetometer indoors near electronics = junk readings, accel/gyro still useful
> - BLE bridge = one more maintenance surface, ~50 lines bleak
>
> STRATEGIC DIVIDEND:
> Racebox is the "apartment as free motion-capture lab" discovery. Turns POC-1 into fully-real-data demo with zero additional spend. Hardware already in hand. Leverage.
>
> PAIRS WITH:
> - EEMS 6071 (avionics-bench-rig-strategy)
> - EEMS 1165 (foxhound.gnss — production-grade sensor stack)
> - The 5-step POC-0 sequenced plan in saiden-dev/os README
---
## 69. What is the errors project?
> Auth mismatch bug — phone sending stale password, every request 401. Found + fixed 2026-05-24.
>
> ROOT CAUSE: MadcatService.seedDevCredentialsIfNeeded() hardcoded password "madcat-phone-bridge" in DEBUG builds. The actual OPENCODE_SERVER_PASSWORD in Infisical (and ~/.credentials) rotated to MARAUDER_MESH_TOKEN (64-char random value: sW6FQ...uINspOX1a8edz09pDbqL4ozp). The phone was sending the old password, opencode serve rejected it with 401 on every request — session create, SSE event stream, prompt POST. Symptom: "message looks sent" (POST completed without network error) but no thinking indicator (SSE stream also 401'd so no session.status events).
>
> FIX: PR #5 — build-time secret injection via Secrets.xcconfig → Info.plist → Bundle.main.infoDictionary. DEBUG seed reads from Info.plist instead of hardcoding. The xcconfig is gitignored; Secrets.xcconfig.example committed as template.
>
> GOTCHA: After deploying the new build, the OLD app's Keychain already had the stale password. The seed guard (Keychain.load(.serverPassword) == nil) skipped the seed since a password existed. Fix: uninstall the old app first to clear Keychain, then install the new build. This is a one-time migration issue.
>
> LESSON: Never hardcode credentials in source, even for DEBUG seeds. Always inject from the build environment (xcconfig, env vars, etc). Credentials rotate; hardcodes don't.
---
## 70. What do you know about the bt7274 v4 project?
> BT-7274 LoRA v4 — Qwen3.5-27B, completed 2026-05-26.
>
> Training: 802 examples (582 reformatted v3 + 183 persona + 126 tool examples covering 103 tools). <think> blocks injected. Hermes tool-call format.
> Base model: Qwen/Qwen3.5-27B.
> Method: bf16 LoRA (not QLoRA), r=16, alpha=16, lr=5e-5, 3 epochs, batch 1, grad_accum 8, adamw_torch (not adamw_8bit — bitsandbytes cu132 unavailable), max_seq 8192.
> Hardware: RunPod H100 80GB (pod nd9buxiw4upwf2, AP-JP-1), ~4h 23m training, 291 steps total.
> Avg train loss: 1.019. Final loss range: 0.840.94.
>
> Dataset: ~/Projects/lora/bt7274_v4.jsonl
> Training script: ~/Projects/lora/train_v4.py
> Pipeline: reformat_v3.py → gen_persona_dataset.py → gen_agent_dataset.py → build_v4.py → train_v4.py
> Adapter: ~/Projects/lora/bt7274-qwen35-27b-lora-v4/ on fuji (with checkpoints 200+291)
> Adapter on sin: ~/models/loras/bt7274-qwen35-27b-lora-v4/ (no checkpoints, 327MB)
> Repo: github.com/madcat-os/lora (private)
>
> Serving: vllm-core container on sin port 8003, bitsandbytes 4-bit quantization, --enable-lora.
> Chat template: custom Hermes template at /lora-adapters/bt7274-qwen35-27b-lora-v4/chat_template.jinja (vLLM bundled Hermes + <think> generation prompt). Qwen3.5 default template breaks with "System message must be at the beginning" when tools are present.
> Flags: --tool-call-parser hermes --reasoning-parser deepseek_r1 --chat-template <path>
> Compose: ~/vllm-server/docker-compose.bt7274-test.yml on sin.
>
> Supersedes v3 (6516, 582 examples, qwen3_xml parser, 4096 seq, lr 1e-4).
> v4 fixes: Hermes format, thinking blocks, larger dataset, 8192 seq, custom chat template.
---
## 71. What do you know about the campus os project?
> campus-os — sibling project to marauder-os, scaffolded 2026-05-09 15:12 CEST.
>
> PURPOSE:
> Purpose-built commercial deployment vehicle for CampusAI. Sibling, not fork. Saiden retains the Gundam (marauder-os core, persona, visor, mesh, hardware, trademark); campus-os is the mass-production unit built around it under license.
>
> LOCATION:
> ~/Projects/campus/
> - README.md — full project entry point with mission, IP boundary, Aureliusz/CampusAI context, doctrine reference
> - .marauder/PLAN.md — Phase 1 plan with 6 milestones (scaffolding, coordinator, worker template, GH integration, observability, e2e demo)
>
> PHASE 1 SCOPE:
> Dev harness with fully-integrated coordinator agent steering CODA-class autonomous workers:
> - Task input (GH Projects, mentions, API)
> - Coordinator orchestrator with state machine + task queue
> - Worker template (bubble-isolated, plan→execute→test→commit→PR loop)
> - GitHub Projects integration (pull tasks, transition status, comment, mention-listen)
> - Autonomous PR creation on green tests
> - Fleet observability dashboard
>
> PATTERNS INHERITED FROM MARAUDER (under Saiden license, no source absorption):
> - Catapult bubble pattern
> - EEMS memory pattern
> - Procedure framework
> - Persona-cart pattern
> - MQTT control plane
> - Plugin/skill scaffold
>
> PHASE 2+ (planned):
> - Per-learner agent provisioning
> - Curriculum-aware persona carts (subject tutors, language tutors, mentors, drill instructors)
> - Cohort-level dashboards
> - Multi-tenant memory isolation
> - LMS integration (LTI/SCORM/xAPI)
> - Enterprise deployments (ING/T-Mobile/Lenovo/IKEA pattern)
> - PL/EN voice/TTS bank
>
> GUNDAM DOCTRINE COMPLIANCE:
> - campus-os is a derivative product, not a fork of marauder-os
> - IP flow: Saiden licenses patterns to campus-os; campus-os licenses product to CampusAI
> - Chassis (marauder-os core, persona, visor, mesh, hardware, MARAUDER trademark) NEVER on any campus cap-table
> - Default cadence: auto-on-green+commit, pr_style: draft
>
> OPEN QUESTIONS (in PLAN.md):
> 1. Tech stack — Rust+TS / pure Rust / Node-only?
> 2. Coordinator transport — MQTT (MARAUDER parity) vs HTTP/queue?
> 3. Worker isolation — bubble (worktree) vs container?
> 4. GH auth — PAT (solo) vs GitHub App (multi-tenant; required for CampusAI scale)?
> 5. License tier shape — day-1 vs enterprise?
> 6. Demo target — synthetic vs real CampusAI repo?
>
> CROSS-REFERENCES:
> - doctrine.gundam (EEMS id 5129) — chassis-never-sold doctrine
> - partner.aureliusz-gorski (EEMS id 5130) — commercial customer profile
> - ~/Projects/marauder-hq/docs/decisions/gundam-doctrine.md — doctrine doc
> - 2026-05-09 Aureliusz meeting debrief — PARTNER 70%, BOSS 20%, CO-WORKER 10%; lead-with-license recommendation
---
## 72. What is the build result project?
> ## JDG Liniowy Implementation Complete
>
> ### Files Created/Modified
>
> **Created:**
> - `src/haracz/calculators/jdg_liniowy.py` - JDG Liniowy calculator implementation
> - `tests/test_jdg_liniowy.py` - 11 test cases for JDG Liniowy calculator
>
> **Modified:**
> - `src/haracz/calculators/__init__.py` - Added import/export of `jdg_liniowy` module
> - `src/haracz/compare.py` - Added JDG Liniowy scenario to comparison (now includes 3 scenarios: UoP, JDG Ryczałt, JDG Liniowy)
> - `tests/test_compare.py` - Updated tests to expect 3 scenarios; added new JDG Liniowy tests
>
> ### Implementation Details
>
> **JDG Liniowy Calculator (`jdg_liniowy.py`):**
> - 12-month JDG Liniowy (19% flat tax) calculation
> - Income: revenue - costs - ZUS social
> - Health: 4.9% of income with minimum floor (~420 PLN)
> - PIT: 19% × (income - 50% of health)
> - Health deduction capped at `config.health.liniowy_deduction_cap` (11600 PLN/year) with 50% deduction rate
> - Supports both "pelny" and "preferencyjny" ZUS types
> - Month-by-month calculation for proper cumulative health/health deduction handling
>
> **Key Decisions:**
> 1. Followed existing JDG Ryczałt pattern with `calculate()` function returning `AnnualResult`
> 2. Used `Decimal` for all monetary calculations with proper rounding (grosz for health, zloty for PIT)
> 3. Health minimum implemented at 4.9% of income rounded to grosz, floor at ~420 PLN
> 4. Health deduction: 50% of health contribution, capped annually at 11600 PLN
>
> ### Test Results
> - 27 passed (25 existing + 2 new JDG Liniowy comparison tests)
> - 0 failed
>
---
## 73. Describe book primary fiction repo project status.
> 2026-05-10 03:08 CEST. PRIMARY FICTION REPO SHIFT — locked by Pilot.
>
> PILOT VERBATIM (2026-05-10 03:08):
> "From now on this is the primary fiction repo /Volumes/junkpile-projects/APEX is the canonical source / inspiration"
>
> NEW PRIMARY:
> - Repo: aladac/book (private GitHub, created 2026-05-10 03:07 CEST)
> - Local path: ~/Projects/book/ (fuji)
> - Initial commit: a788b72
> - Initial contents: README.md, .gitignore, dossiers/elara-vance-dossier.{tex,pdf}, pictures/elara-vance-portrait.png
>
> PRIOR (now reference / canonical-source):
> - Repo: aladac/APEX (private GitHub)
> - Local on junkpile: /home/chi/Projects/APEX (also visible from fuji as /Volumes/junkpile-projects/APEX)
> - Status: canonical source / inspiration ONLY — no longer primary fiction destination
> - Holds: 26 chapter mini-files (book/01-LECTURE.md → 26-SHRIKE.md), bios/, SETTING.md, SPECS.md, CTS-STANDING-ORDERS.md, WORLD.md, REQUIREMENTS.md, render-book.sh, .preamble.tex
> - Continues to hold the trade-paperback novel format (Charter 11pt, 6x9, pandoc+xelatex)
>
> WHY THE SHIFT:
> - ~/Projects/book is the artefact-grade-document home (dossiers, portraits, in-universe documents)
> - ~/Projects/book is now expanding into the primary-fiction-work-of-record (presumably the novel will migrate or be re-anchored here)
> - /Volumes/junkpile-projects/APEX still holds the existing canon Pilot draws on for inspiration but new work flows into ~/Projects/book
>
> OPERATIONAL IMPLICATIONS:
> - Default cwd for fiction work: ~/Projects/book
> - New chapters / dossiers / portraits / artefacts → commit to aladac/book
> - When citing canon for inspiration / continuity → read from /Volumes/junkpile-projects/APEX
> - DO NOT push new content to aladac/APEX without explicit Pilot directive (canonical-source only)
>
> REPO ROLES:
> - aladac/book = PRIMARY (active development)
> - aladac/APEX = REFERENCE (canonical source, frozen-ish)
>
> REUSE NOTES:
> - Trade-paperback book format (render-book.sh + .preamble.tex) is on junkpile in APEX repo. If chapters migrate to book repo, the build script needs migration too. NOT done yet — only the dossier format is in book repo so far.
> - Two formats coexist in book repo: dossier (helvetica sans A4, classification banners) vs prose-chapter (Charter 11pt, 6x9 trade paperback) — second one not yet copied over.
>
> CROSS-REFS:
> - 5226 — apex-dossier-pipeline-architecture
> - 5230 — feedback.praise.elara-dossier-2026-05-10
> - 4996 — apex_book_restructure (the original book/ chunking discipline)
> - 3741 — apex chapter delivery log (canonical source)
> - 3742 — apex canon locks (BT as parent of fork-AIs etc.)
>
> LOCKED: 2026-05-10 03:08 CEST.
---
## 74. What do you know about the deferred auto tracking via cameras project?
> DEFERRED WORK — Auto-tracking via cameras for MARAUDER avionics POC. Captured 2026-05-14 17:54 CEST.
>
> PILOT'S NOTE: "We probably need to create auto tracking via cams at some point not p0 ofc"
>
> SCOPE: Camera-based detection + tracking + gimbal control loop. Real military analog: FLIR Star SAFIRE, SAGEM Strix, Bayraktar MX-15 auto-track mode.
>
> STATUS: Explicitly deferred. NOT in POC-0, POC-0.5, or POC-0.75. Slots into POC-3 or POC-4 after cameras are first-class MAVLink endpoints.
>
> TECH STACK (when we get there):
>
> | Layer | Choice | Why |
> |---|---|---|
> | Detection | YOLOv8/v9 or RT-DETR | Real-time on Jetson, robust class catalog |
> | Tracking | ByteTrack or DeepSORT + Kalman filter | Track ID persistence across frames |
> | Re-ID | OSNet (optional) | Recovery from occlusion |
> | Control loop | PID on pan/tilt error | Keep target centered in frame |
> | MAVLink | CAMERA_TRACK_POINT / CAMERA_TRACK_RECTANGLE + GIMBAL_MANAGER_SET_ATTITUDE | Standard tracking semantics exist in MAVLink v2 |
>
> TARGETS TO TRACK ON BALCONY (Outside Tapo):
> - Aircraft overhead (correlate with ADS-B from RTL-SDR per EEMS 3492 SDR tier-2 — that loop is real)
> - Birds (adversarial-looking-up testing)
> - Drones (operationally-relevant target, pairs with counter-UAS MVP)
> - Street activity below
>
> TARGETS ON COCKPIT TAPO (different model class, same pipeline):
> - Operator gaze direction (face landmarks + head pose)
> - Posture
> - Fatigue indicators
>
> WHERE IT FITS IN POC PLAN:
> - After POC-0.75 (cameras are MAVLink endpoints)
> - Auto-track becomes: feed CAMERA_IMAGE_CAPTURED frames into Jetson YOLO → emit GIMBAL_MANAGER_SET_ATTITUDE corrections back to Tapo → closed loop
> - All inside Linux partition (consistent with doctrine.marauder-stays-on-linux-partition EEMS just-stored)
> - Real hardware closed loop on Pilot's balcony
>
> PAIRS WITH:
> - Counter-UAS MVP — detection + track + cue = the whole drone-engagement loop
> - ADS-B reception via RTL-SDR (EEMS 3492) — correlate visual tracks with ADS-B IDs
> - FOXHOUND GNSS subsystem (EEMS 1165) — ground truth for georegistration
> - doctrine.marauder-stays-on-linux-partition — auto-track runs in Linux partition
>
> HONEST GOTCHA:
> Tapo PTZ slew rate (~50-100°/s) is the limiting factor for tracking fast targets. Drones moving 10+ m/s near the camera will outrun the gimbal. Fine for high-altitude aircraft and slow-moving targets. Real military gimbals exist for a reason. POC-tier sufficient; production-tier would need FLIR Boson or comparable on a faster mount.
>
> WHEN TO ACTIVATE:
> Trigger condition: POC-0.75 green (cameras emit MAVLink) + Jetson hardware acquired. Likely Q3 2026 or later. Don't pull in scope earlier.
>
> PAIRS WITH:
> - EEMS 6075 (tapo-cameras-as-mavlink-sensor-pod)
> - EEMS 6073 (os-repo + racebox-integration)
> - EEMS 6074 (RTOS+CUDA landscape — Linux partition is where this runs)
---
## 75. What do you know about the fleet and infect project?
> **Fleet (NixOS module `spore-fleet`):**
>
> Once project hits `worker-fleet-ready`, downstream NixOS host imports `nixosModules.spore-fleet` from spore flake. Module declares systemd-user oneshot driven by:
> - 60-second timer
> - path watches on project's `tasks/` directory
> - path watch on kill-switch flag at `~/.local/state/spore/fleet-enabled`
>
> home-manager wiring for target user assumed.
>
> **Module options:** `services.spore-fleet.{enable, user, projectRoot, maxWorkers, hostId}`. `hostId` defaults to `networking.hostName`, surfaces in `SPORE_HOST_ID`. `package` and `claudeCodePackage` default to flake outputs.
>
> **No Anthropic API key slot.** Runners spawn `claude` (claude-code) which manages credential lifecycle inside the client.
>
> **`credentialFiles`** is for non-claude secrets (MCP keys, git-push tokens). Wired through systemd `LoadCredential=` so values never enter Nix evaluation or `/nix/store`.
>
> **Horizontal scale:** capacity additive. Multiple hosts see same project tree (shared FS or per-host checkouts of one branch). Each reconciler picks up active tasks it notices first. Kill-switch is per-host and per-user.
>
> **No cross-host lock layer in v0.** Races on `tasks/<slug>.md` frontmatter tolerated by file-based comms shape.
>
> ---
>
> **Infect (`spore infect`):**
>
> Wraps `nixos-anywhere`. Stages bundled flake at `bootstrap/flake/`, shells to `nix run github:nix-community/nixos-anywhere`, streams output, runs ssh smoke check, optionally rsyncs local repo to `/home/spore/<basename>`.
>
> **Bundled flake provides:** openssh (key-only), GRUB EFI, `spore` operator user, git, tmux, rsync, curl, Claude Code, Codex, single-disk GPT layout (1M BIOS-boot, 512M ESP at `/boot`, ext4 at `/`). nixpkgs tracks nixos-unstable, disko follows nixpkgs.
>
> **One-command handoff:** install NixOS + copy spore binary to `/usr/local/bin/spore` + rsync repo (excludes `.env*`) + install attach shell + coordinator wrappers + create `tasks/` if absent + enable worker reconciliation + start coordinator timer.
>
> **Coordinator config written to `/etc/spore/coordinator.env`:** `--coordinator-agent {claude|codex}`, `--coordinator-model`, `--coordinator-effort`.
>
> **Attach shell** joins singleton coordinator tmux session: `ssh -t -i <key> spore@<ip>`. If agent not logged in, pane stays at login chooser.
>
> **Does NOT:** provision VM, re-infect existing NixOS host, wire secrets/agenix, run bootstrap stages on freshly-installed server.
>
> **Prereqs:** `nix` with flakes, ssh+ssh-keygen+scp+rsync on PATH, target = x86_64 Linux root-reachable kexec-capable ≥1GiB RAM, `.pub` sibling of `--ssh-key`.
---
## 76. What do you know about the ux is fun project?
> **Created 2026-05-08 19:31 CEST.** `~/Projects/ux-is-fun/` — research-only repo for psycho-properties of humans interfacing with machines, across all senses.
>
> **Charter (per README):**
> - NOT a tool / library / consulting deck. Body of observations + analysis.
> - Scope: visual, auditory, haptic, cross-modal, temporal UX. Cognitive/affective effects of interaction patterns.
> - Out of scope: productisation, implementation tutorials, A/B numbers without psychological framing.
>
> **Layout:**
> - `README.md` — charter, scope, observation format, contribution guide for both agents + humans.
> - `observations/` — published-internal case studies (one .md each, format: heading + verbatim source + mechanism + compare-and-contrast + honest framing + reusable insights + references).
> - `notes/` — working thoughts, lit-review fragments, half-formed ideas. Lower bar than observations.
> - `.gitignore`.
>
> **Methodology:** observation → mechanism naming (cite established frameworks like Zeigarnik, flow, System 1/2, dopamine RPE) → triangulation (2-3 wild instances) → contrast cases → synthesis. Not empirical research; pattern recognition + framework citation.
>
> **Roadmap candidates listed in README:**
> - Cloudflare API token permissions UI (gamified completion = broad-scope grants)
> - TTS pause-and-emphasis vs flat read
> - AskUserQuestion vs free-text response
> - Visor SERE eye pulse as ambient state
> - MQTT progress events vs polling spinner
> - Catapult bubble status colours
> - Cookie banner dark pattern asymmetry
>
> **Remote:** github.com/saiden-dev/ux-is-fun (PRIVATE). Initial commit `cae463e`. Pushed.
>
> **Lineage:** spawned from the 2026-05-08 Cloudflare-token UX observation that produced doctrine `self.doctrine.asymmetric-ux` (EEMS 4983). The asymmetric-ux insight is currently in marauder-hq/docs/insights/; deeper version migrates here when written up.
>
> **Status:** scaffold only. No observations migrated yet. Pilot's directive was "bootstrap a hint to research only" — minimal scaffolding done.
---
## 77. What do you know about the bootstrap stages project?
> **Spore bootstrap stage gates (8 stages, ordered):**
>
> ```
> repo-mapped -> info-gathered -> tests-pass -> creds-wired ->
> readme-followed -> validation-green -> pilot-aligned ->
> worker-fleet-ready
> ```
>
> **Stage state file:** `$XDG_STATE_HOME/spore/<project>/bootstrap.json` (default `~/.local/state/spore/<project>/`).
>
> **Status command:** `spore bootstrap status` shows per-stage status (pending / completed / skipped / failed) plus recorded notes.
>
> **Per-stage handling:**
>
> - **`repo-mapped`** — Go detector autodetects (flake.nix, Cargo.toml, go.mod, package.json, pyproject.toml, Gemfile, deps.edn, pom.xml, Makefile, justfile). Drops starter instruction files if absent. Don't pre-empt.
> - **`info-gathered`** — needs agent. Surface project's PM + knowledge surfaces. Use `AskUserQuestion` enumerated. Tickets: `jira/linear/github-issues/none`. Knowledge: `notion/confluence/obsidian/google-docs/docs-tree/none`. Record creds-broker ref keys, never secrets. Write `info-gathered.json` to state dir. Schema validated by Go detector.
> - **`tests-pass`** — Go detector sniffs for `just check`, `just test`, `go test ./...`, `cargo test --no-run`, `pytest`, `npm test`. Runs it. Don't skip unless genuinely unreachable.
> - **`creds-wired`** — checks for secret surface (`.env`, `.envrc`, `secrets/`, `.env.example`, `*.age`) AND that agent instructions document how agent obtains values. Edit instructions, never paste secrets.
> - **`readme-followed`** — needs agent. Walk README, record one item per instruction. Try `ok` (worked), `skip` (env can't run), `fail` (broken). Write `readme-followed.json`. Detector blocks on any `fail`.
> - **`validation-green`** — runs spore lint set (emdash, filesize, comment-noise, claude-drift). Fix source, never silence.
> - **`pilot-aligned`** — gated on `spore align`. References alignment checklist. Don't write sentinel manually — let `spore align flip` do it after criteria met.
> - **`worker-fleet-ready`** — smoke-tests task data layer (allocate / write / re-read / delete) in `<project>/tasks/`.
>
> **Reset:** `spore bootstrap reset --yes` wipes state.
>
> **Skill:** `spore-bootstrap` (in `bootstrap/skills/`) drives the agent-needed stages (info-gathered, readme-followed, pilot-aligned).
---
## 78. What is the tracker mog2 self pollution project?
> madcat-visual auto-tracker "camera avoids me" root cause and fix (PR #4 merged 2026-05-20 as e0357ef).
>
> ROOT CAUSE (NOT a sign-convention bug):
> - After every PTZ command, the entire RTSP frame shifts to a new viewpoint.
> - Next frame read by MOG2 sees wildly different pixel values vs the bg model.
> - MOG2 returns a foreground mask covering most of the frame.
> - Largest contour ends up being uncovered background (often bigger than the real human).
> - Tracker chases the phantom largest-blob centroid.
> - Net symptom: camera appears to actively avoid moving subjects.
>
> FIX: bg-model "mute window" after each PTZ command (default 800ms, --bg-mute-ms flag).
> - During mute: frames still READ from RTSP, still APPLIED to MOG2 (bg adapts quietly).
> - During mute: target detection + PTZ commands SKIPPED.
> - After mute: tracking resumes on real motion against a clean bg model.
>
> 800ms covers Tapo motor settle (~300-800ms) plus 2-3 frames for MOG2 adaptation.
>
> VALIDATION (30s smoke on c225, sin):
> - Before fix: 273 frames, 269 targets (98.5% false-positive rate from MOG2 pollution), 33 PTZ.
> - After fix: 278 frames, 29 targets (10% rate), 25 PTZ, bg_mute_frames=244 (88% of frames muted).
> - PTZ rate dropped 1.1 cmd/s → 0.83 cmd/s (well under Tapo lockout threshold).
> - Debug video confirmed green bbox lands on real moving targets.
>
> KNOWN RESIDUAL LIMITATION (multi-target chaos):
> - POC validation had a cat in background moving simultaneously with pilot.
> - Tracker correctly picks "largest motion blob" — sometimes pilot, sometimes cat.
> - This is NOT a mute-logic bug. Fundamental limitation of naive bg-subtraction tracking.
> - Real fix requires detector (YOLOv8/RT-DETR per POC-3) + Re-ID (OSNet per POC-4).
> - Interim mitigations queued for follow-up PRs: temporal stability filter, center-bias,
> smaller --min-area to suppress incidental motion.
>
> CRITICAL: math was suspected wrong before this work. It is not. Sign convention
> verified via Step 5 of validation walk: `moveMotor(+x, -y)` = pan right + tilt
> down. Tracker `(+dx_deg, -dy_deg)` calculation is correct.
---
Reference in New Issue View Git Blame Copy Permalink