CHORE: Consolidation VI implementation checkpoint before PSF mandate alignment

notes/v1-0-skill-audit-track.org

@@ -0,0 +1,168 @@
+#+TITLE: AUDIT: V1.0 Comprehensive Core Skill Audit
+#+AUTHOR: Gemini CLI (Agent)
+#+DATE: [2026-04-09 Thu]
+#+FILETAGS: :audit:kernel:psf:
+#+STARTUP: overview
+
+* Overview
+This audit systematically reviews the 39 core skills of the Org-Agent for compliance with the V1.0 standards:
+1. **Safety:** Prevention of code injection, proper sandboxing, and actuator safety.
+2. **Merkle-Tree Integration:** Proper use of the native Lisp Merkle-Tree versioning for undo/rollback.
+3. **Core Invariants:** Adherence to Sovereignty, Mastery, Zero-Bloat, Transparency, and Sustainability.
+
+* Audit Progress [6/28]
+** DONE org-skill-agent.org [X]
+   - COMPLIANT: Correctly defines and enforces Core Invariants.
+   - SAFETY: High. Implements baseline symbolic gating.
+   - MERKLE: N/A (Read-only/Policy only).
+** DONE org-skill-llm-gateway.org [X]
+   - COMPLIANT: Consolidates 6 providers into a single high-integrity gate.
+   - SAFETY: HIGH. Fixed URL key leaks, standardized headers, and centralized credential masking.
+   - MERKLE: N/A (Stateless dispatch).
+** DONE org-skill-credentials-vault.org [X]
+   - COMPLIANT: Unified high-security enclave for API keys and cookies.
+   - SAFETY: HIGH. Mandatory credential masking in logs and secure Object Store persistence.
+   - MERKLE: COMPLIANT. Setting secrets triggers Merkle snapshots.
+** DONE org-skill-homoiconic-memory.org [X]
+   - COMPLIANT: Unified grammar, bridge, and normalization.
+   - SAFETY: HIGH. recursive AST walker for ID injection and structural validation.
+   - MERKLE: COMPLIANT. Normalization occurs during ingest/save, which are Merkle-versioned events.
+** DONE org-skill-state-persistence.org [X]
+   - COMPLIANT: Unified local SBCL image dumps with decentralized IPFS checkpointing.
+   - SAFETY: HIGH. Implements safe restoration paths and credential masking.
+   - MERKLE: COMPLIANT. This is the primary persistence layer for the Merkle-Tree object store.
+** DONE org-skill-event-orchestrator.org [X]
+   - COMPLIANT: Unified Cron, Hooks, and Routing into a single central control unit.
+   - SAFETY: HIGH. Implements error isolation for automated tasks and hooks.
+   - MERKLE: COMPLIANT. Registering hooks or tasks triggers Merkle snapshots.
+** DONE org-skill-cron.org [X] (CONSOLIDATED -> org-skill-event-orchestrator.org)
+** DONE org-skill-hook-manager.org [X] (CONSOLIDATED -> org-skill-event-orchestrator.org)
+** DONE org-skill-router.org [X] (CONSOLIDATED -> org-skill-event-orchestrator.org)
+** DONE org-skill-memory-archivist.org [X] (CONSOLIDATED -> org-skill-state-persistence.org)
+** DONE org-skill-object-store-persistence.org [X] (CONSOLIDATED -> org-skill-state-persistence.org)
+** DONE org-skill-ast-normalization.org [X] (CONSOLIDATED -> org-skill-homoiconic-memory.org)
+** DONE org-skill-org-json-bridge.org [X] (CONSOLIDATED -> org-skill-homoiconic-memory.org)
+** DONE org-skill-org-mode.org [X] (CONSOLIDATED -> org-skill-homoiconic-memory.org)
+** DONE org-skill-auth-api-key.org [X] (CONSOLIDATED -> org-skill-credentials-vault.org)
+** DONE org-skill-auth-google-oauth.org [X] (CONSOLIDATED -> org-skill-credentials-vault.org)
+** DONE org-skill-provider-anthropic.org [X] (CONSOLIDATED -> org-skill-llm-gateway.org)
+** DONE org-skill-provider-gemini.org [X] (CONSOLIDATED -> org-skill-llm-gateway.org)
+** DONE org-skill-provider-groq.org [X] (CONSOLIDATED -> org-skill-llm-gateway.org)
+** DONE org-skill-provider-ollama.org [X] (CONSOLIDATED -> org-skill-llm-gateway.org)
+** DONE org-skill-provider-openai.org [X] (CONSOLIDATED -> org-skill-llm-gateway.org)
+** DONE org-skill-provider-openrouter.org [X] (CONSOLIDATED -> org-skill-llm-gateway.org)
+** DONE org-skill-chaos.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Sovereignty Violation)
+   - ISSUE: Lacks an "Active Production" gate to prevent accidental chaos during real work. No Merkle-Tree checkpoints before/after stress tests to allow for full-system rollback.
+   - SAFETY: MEDIUM (Adversarial by design, but ungated).
+   - MERKLE: FAILED.
+** DONE org-skill-chat.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Technical Mastery Violation)
+   - ISSUE: Uses `read-from-string` on unverified LLM output, risking reader macro injection. No Merkle-Tree integration for chat history persistence or rollbacks.
+   - SAFETY: LOW (Vulnerable to injection).
+   - MERKLE: FAILED.
+** DONE org-skill-consensus.org [ ]
+   - STATUS: NON-COMPLIANT (Technical Mastery/Sovereignty Violation)
+   - ISSUE: Implementation is a "stub" and lacks actual networking, state persistence, or Byzantine fault tolerance as claimed. No Merkle-Tree integration for cross-instance state synchronization.
+   - SAFETY: LOW (Unverified consensus).
+   - MERKLE: FAILED.
+** DONE org-skill-context-manager.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for context stack snapshots or rollbacks.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-delegation.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for delegation history or state rollbacks.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-environment-config.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Technical Mastery Violation)
+   - ISSUE: No validation or authorization gating for configuration changes. Direct hash-table modification skips the new Merkle-Tree versioning system in the Object Store.
+   - SAFETY: MEDIUM (Risk of misconfiguration).
+   - MERKLE: FAILED.
+** DONE org-skill-formal-verification.org [ ]
+   - STATUS: NON-COMPLIANT (Technical Mastery/Sovereignty Violation)
+   - ISSUE: Implementation is a "mock" and lacks actual integration with an SMT solver (Z3). No Merkle-Tree integration for recording and rolling back verification results or state.
+   - SAFETY: LOW (Unverified verification).
+   - MERKLE: FAILED.
+** DONE org-skill-function-calling.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for recording and rolling back tool-use history or state.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-inbound-gateway.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for recording and rolling back inbound message history or state.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-inbox-processor.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Technical Mastery Violation)
+   - ISSUE: Physical move logic is a "Simulation". No implementation of actual file refactoring. No Merkle-Tree integration for recording or rolling back inbox-related state changes.
+   - SAFETY: MEDIUM (Simulation only).
+   - MERKLE: FAILED.
+** DONE org-skill-latent-reflection.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Technical Mastery Violation)
+   - ISSUE: No validation or authorization gating for reflected state changes. Random sampling is inefficient. No Merkle-Tree integration for recording or rolling back reflected state changes.
+   - SAFETY: MEDIUM (Risk of unintended modifications).
+   - MERKLE: FAILED.
+** DONE org-skill-lisp-machine-bootstrap.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for recording or rolling back bootstrap-related state changes or ISA simulation history.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-log-aggregator.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for recording or rolling back log-related state changes or observability history.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-memex.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for recording or rolling back memex-related state changes or metadata audits.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-model-explorer.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code or blueprint. The skill is only a title and overview. No Merkle-Tree integration for model discovery or state changes.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-onboarding.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for recording or rolling back onboarding-related state changes or environment calibration.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-safety-harness.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Technical Mastery Violation)
+   - ISSUE: No validation or authorization gate for dynamic symbol registration. No Merkle-Tree integration for recording or rolling back safety-related state changes or verification history.
+   - SAFETY: HIGH (The core of the system's safety).
+   - MERKLE: FAILED.
+** DONE org-skill-self-fix.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Technical Mastery Violation)
+   - ISSUE: No validation or authorization gate for proposed self-fixes. Fixes are applied directly to files. No Merkle-Tree integration for recording or rolling back self-fix-related state changes or repair history.
+   - SAFETY: LOW (Risk of unintended/malicious modifications).
+   - MERKLE: FAILED.
+** DONE org-skill-shell-actuator.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Sovereignty Violation)
+   - ISSUE: No validation or authorization gate for synthesized script execution. Script synthesis bypasses the shell whitelist. No Merkle-Tree integration for recording or rolling back shell-related state changes or command history.
+   - SAFETY: MEDIUM (Whitelisted, but script synthesis is a gap).
+   - MERKLE: FAILED.
+** DONE org-skill-sub-agent-manager.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for recording or rolling back sub-agent-related state changes or concurrent thoughts.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-task-integrity.org [ ]
+   - STATUS: NON-COMPLIANT (Critical Gap)
+   - ISSUE: No implementation code in Phase D. The skill is only a blueprint. No Merkle-Tree integration for recording or rolling back task-related state changes or transition history.
+   - SAFETY: N/A (Missing).
+   - MERKLE: FAILED.
+** DONE org-skill-token-accountant.org [ ]
+   - STATUS: NON-COMPLIANT (Safety/Sovereignty Violation)
+   - ISSUE: Hot-patches the kernel's core variables (`*provider-cascade*`, `*model-selector-fn*`) directly, bypassing the skill registration system's safety. No Merkle-Tree integration for recording or rolling back provider-related state changes or pain history.
+   - SAFETY: LOW (Direct kernel mutation).
+   - MERKLE: FAILED.
+
+* Findings Log
+| Skill | Issue | Priority | Status |
+|-------+-------+----------+--------|
+|       |       |          |        |

notes/v1-0-skill-audit.org

@@ -0,0 +1,111 @@
+#+TITLE: Sovereign OS v1.0 Core Skill Audit Report
+#+DATE: [2026-04-09 Thu]
+#+AUTHOR: Gemini CLI Agent
+#+FILETAGS: :audit:v1-0:sovereign-os:psf:
+
+* Executive Summary
+This audit evaluated all 39 Org files in the =projects/org-agent/skills/= directory against the five core criteria for Sovereign OS v1.0. While the conceptual framework and topological foundations (IDs, System 2 hooks) are largely in place, significant implementation gaps exist in OACP compliance and the transition to Merkle-tree versioning.
+
+** Overall Statistics
+- *Total Skills Scanned:* 39
+- *Topological Integrity:* ~85% (Most files have unique IDs; some depend on name-based strings)
+- *System 2 Safety:* ~70% (Hooks exist, but symbolic verification logic is often stubbed)
+- *Persistence:* ~20% (Basic object-store interaction exists, but Merkle-tree logic is MISSING)
+- *OACP Compliance:* ~5% (Only 2/39 skills use =def-cognitive-tool=)
+- *Sovereignty Mandate:* ~95% (High adherence to local-first, Lisp-native primitives)
+
+* Critical Skill Deep Dive
+
+** org-skill-agent (The Kernel)
+- *Status:* STABLE / MANDATORY
+- *Topological Integrity:* PASS (ID: 47425a43-2be0-423c-8509-22592cfe9c9e)
+- *GAPS:*
+  - Missing =def-cognitive-tool= for kernel introspection.
+  - System 2 (Symbolic) logic is primarily a dispatcher; needs more robust "Moral Compass" invariants implemented in code.
+
+** org-skill-safety-harness (The Gatekeeper)
+- *Status:* FUNCTIONAL / MANDATORY
+- *Topological Integrity:* PASS (ID: 98576df2-c496-4e4a-9acb-0bca514a0305)
+- *GAPS:*
+  - Whitelist is comprehensive but needs a mechanism for skills to dynamically (and safely) register their own symbols.
+  - Missing =def-cognitive-tool= for security telemetry.
+
+** org-skill-self-fix (The Repair Mechanism)
+- *Status:* PARTIAL / EXTENSION
+- *Topological Integrity:* PARTIAL (Uses =skill-scientist= string instead of ID in =#+DEPENDS_ON:=)
+- *GAPS:*
+  - Rollback logic depends on "Interactive Steering" snapshots which are not yet fully integrated with the Merkle-tree architecture.
+  - Missing =def-cognitive-tool=.
+
+** org-skill-object-store-persistence (The Memory Image)
+- *Status:* STUBBED / MANDATORY
+- *GAPS:*
+  - *CRITICAL:* Currently uses simple =maphash= + =print= serialization. Does NOT implement the Merkle-tree versioning/rollback logic requested for v1.0.
+  - Missing background sync triggers beyond basic heartbeat.
+
+** org-skill-ast-normalization (The Structure Guardian)
+- *Status:* BLUEPRINT-ONLY / MANDATORY
+- *GAPS:*
+  - *CRITICAL:* Implementation is missing. Functions like =ast-normalize-file= and =find-conflicts= are defined in the blueprint but not tangled/implemented.
+  - No integration with the Object Store for structural change tracking.
+
+* Categorized Skill Audit
+
+** Core Mandatory
+Foundational skills required for system boot and basic operation.
+| Skill | ID | Gaps |
+|-------+----+------|
+| org-skill-agent | 47425a43... | OACP compliance, deeper System 2 logic |
+| org-skill-safety-harness | 98576df2... | Dynamic whitelist registration |
+| org-skill-ast-normalization | 1063668a... | Implementation missing (Blueprint only) |
+| org-skill-object-store-persistence | e8b500e2... | Missing Merkle-tree/Rollback logic |
+| org-skill-lisp-machine-bootstrap | 81e3492e... | Purely research/simulation stage |
+| org-skill-auth-api-key | ab7f8ca4... | OACP compliance |
+| org-skill-router | 0fb9e9cb... | Complexity classification is basic |
+| org-skill-sub-agent-manager | e870d860... | Needs better thread isolation logic |
+
+** Provider
+Interfaces to LLM backends.
+| Skill | ID | Gaps |
+|-------+----+------|
+| org-skill-provider-ollama | f605bf22... | OACP compliance, model discovery |
+| org-skill-provider-gemini | 52799ee8... | OACP compliance |
+| org-skill-provider-openai | c6cbd603... | OACP compliance |
+| org-skill-provider-anthropic | a44d29c6... | OACP compliance |
+
+** Actuator
+Sovereign interfaces for system modification.
+| Skill | ID | Gaps |
+|-------+----+------|
+| org-skill-shell-actuator | 0ae190ec... | Missing fine-grained permissions |
+| org-skill-org-mode | f7db1884... | Needs better AST-to-JSON bridge integration |
+| org-skill-inbound-gateway | 89ee87e0... | Multi-channel normalization is incomplete |
+
+** Extension
+Feature-rich skills extending the kernel.
+| Skill | ID | Gaps |
+|-------+----+------|
+| org-skill-latent-reflection | latent-reflection | (OACP PASS) Needs more triggers |
+| org-skill-memory-archivist | 98923a43... | (OACP PASS) IPFS restore is manual |
+| org-skill-self-fix | 65891ce2... | Implementation/Rollback logic |
+| org-skill-model-explorer | ae49bb72... | Implementation missing (Overview only) |
+
+* Global Strategic Gaps
+
+** 1. Merkle-Tree Implementation (Persistence Gap)
+The "Object Store" lacks native Merkle-tree versioning. Current serialization is linear and lacks cryptographic integrity and efficient diffing. This is a priority for Component III.
+
+** 2. OACP Compliance (Tooling Gap)
+95% of skills do not use =def-cognitive-tool=. This means System 1 cannot "discover" these capabilities autonomously; they must be hardcoded in the kernel or prompt, violating the PSF's extensibility mandate.
+
+** 3. Topological Integrity (Refactoring Gap)
+Dependency tracking is inconsistent. Some skills use =id:UUID=, others use =skill-name=. This prevents the Lisp machine from building a proper topological sort of the boot sequence.
+
+** 4. Implementation Vacuum (Completeness Gap)
+Critical skills like =ast-normalization= and =model-explorer= are currently "paper skills" (Blueprint/Overview only) and do not provide live functionality.
+
+* Recommendations
+1. *Upgrade Persistence:* Implement the Merkle-tree logic in the core and update =org-skill-object-store-persistence=.
+2. *Enforce OACP:* Refactor all skills to use =def-cognitive-tool= with explicit schemas.
+3. *Normalize Dependencies:* Standardize all =#+DEPENDS_ON:= to use UUIDs.
+4. *Finish Mandatory Implementation:* Prioritize the =ast-normalization= implementation to ensure system-wide ID integrity.