feat(arch): finalize Universal Literate Note transition for all projects and skills

notes/infrastructure.org

@@ -0,0 +1,55 @@
+#+TITLE: SKILL: Infrastructure & Security (Universal Literate Note)
+#+ID: skill-infrastructure
+#+STARTUP: content
+#+FILETAGS: :infrastructure:security:hardening:psf:
+
+* Overview
+The **Infrastructure** project governs the physical and virtual foundations of the Memex. It ensures high availability, security hardening, and operational transparency across cloud and local resources.
+
+* Phase A: Demand (PRD)
+:PROPERTIES:
+:STATUS: FROZEN
+:END:
+
+** 1. Purpose
+Define the requirements for a secure, resilient, and documented infrastructure posture.
+
+** 2. User Needs
+- **Security Hardening:** Implementation of the OpenClaw security audit findings.
+- **Vulnerability Management:** Regular risk assessments and reporting.
+- **Inventory Control:** Complete mapping of cloud and local assets.
+- **Roadmap Planning:** 30/60/90 day infrastructure evolution.
+
+** 3. Success Criteria
+*** TODO Harden Docker port bindings (bind to 127.0.0.1)
+*** TODO Enable and configure UFW firewall
+*** TODO Create current state assessment document
+*** TODO Add user 'amr' to 'adm' group for log access
+
+* Phase B: Blueprint (PROTOCOL)
+:PROPERTIES:
+:STATUS: SIGNED
+:END:
+
+** 1. Architectural Intent
+Interfaces for infrastructure state monitoring and automated hardening.
+
+** 2. Semantic Interfaces
+#+begin_src bash
+(defun infra-audit-ports ()
+  "Checks for insecure port bindings.")
+
+(defun infra-check-firewall-status ()
+  "Verifies UFW status.")
+#+end_src
+
+* Phase D: Build (Implementation)
+Implementation consists of shell scripts and configuration files located in `projects/infrastructure/`.
+
+** Security Monitoring
+#+begin_src bash
+;; Logic for security monitoring stubs
+#+end_src
+
+* Phase E: Chaos (Verification)
+Verification involves periodic automated scans and manual audit verification.