PSF: Complete 'Thin Harness' refactor and move kernel logic to skills

skills/org-skill-bouncer.org

@@ -24,6 +24,7 @@ While the *Formal Prover* ensures an action is "legal" (e.g., "Yes, you are allo
 Retrieves all active secrets from the vault and scans the payload for potential leaks.
 
 #+begin_src lisp :tangle ../src/bouncer.lisp
+(in-package :org-agent)
 (defun bouncer-scan-secrets (text)
   "Returns the name of the secret found in TEXT, or NIL if clean."
   (when (and text (stringp text))
@@ -40,6 +41,7 @@ Retrieves all active secrets from the vault and scans the payload for potential
 Inspects shell commands for unwhitelisted domains or IP addresses.
 
 #+begin_src lisp :tangle ../src/bouncer.lisp
+(in-package :org-agent)
 (defun bouncer-check-network-exfil (cmd)
   "Returns T if the command appears to target an unwhitelisted external host."
   (when (and cmd (stringp cmd))
@@ -57,6 +59,7 @@ Inspects shell commands for unwhitelisted domains or IP addresses.
 The primary entry point for all high-impact actions.
 
 #+begin_src lisp :tangle ../src/bouncer.lisp
+(in-package :org-agent)
 (defun bouncer-check (action context)
   "The 5-Vector security gate. Blocks or queues actions based on risk."
   (let* ((target (getf action :target))
@@ -98,6 +101,7 @@ The primary entry point for all high-impact actions.
 
 ** Approval Processing
 #+begin_src lisp :tangle ../src/bouncer.lisp
+(in-package :org-agent)
 (defun bouncer-process-approvals ()
   "Scans the object store for APPROVED flight plans and re-injects their actions."
   (let ((approved-nodes (list-objects-with-attribute :TODO "APPROVED"))
@@ -120,6 +124,7 @@ The primary entry point for all high-impact actions.
 
 ** Skill Definition
 #+begin_src lisp :tangle ../src/bouncer.lisp
+(in-package :org-agent)
 (defskill :skill-bouncer
   :priority 100
   :trigger (lambda (ctx) 

skills/org-skill-consensus.org

@@ -28,6 +28,7 @@ Enable reliable, cross-instance coordination without a central master.
 
 ** Consensus Algorithm (Simplified Raft)
 #+begin_src lisp :tangle ../src/consensus-logic.lisp
+(in-package :org-agent)
 (defun consensus-propose-vote (proposal)
   "Broadcasts a proposal to the peer swarm and collects votes.
    Implements PSF Social Consensus Protocol."

skills/org-skill-inbox-processor.org

@@ -38,6 +38,7 @@ Iterate through the inbox. Use System 2 (Symbolic) to identify the tag. If ~@per
 
 ** Helper: Privacy & Archive Checks
 #+begin_src lisp :tangle ../src/processor-logic.lisp
+(in-package :org-agent)
 (defun inbox-is-private-p (tags)
   (member "@personal" tags :test #'string-equal))
 
@@ -47,6 +48,7 @@ Iterate through the inbox. Use System 2 (Symbolic) to identify the tag. If ~@per
 
 ** Neural Stage (Enrichment)
 #+begin_src lisp :tangle ../src/processor-logic.lisp
+(in-package :org-agent)
 (defun neuro-skill-inbox-processor (context)
   (let* ((payload (getf context :payload))
          (content (getf payload :content))
@@ -64,6 +66,7 @@ RULES:
 
 ** Symbolic Stage (The Physical Move)
 #+begin_src lisp :tangle ../src/processor-logic.lisp
+(in-package :org-agent)
 (defun inbox-process-logic (action context)
   (declare (ignore action))
   (let* ((payload (getf context :payload))

skills/org-skill-self-fix.org

@@ -16,6 +16,8 @@ The *Self-Fix Agent* is the system's "Repair Mechanism." It takes failure hypoth
 
 ** Repair Logic
 #+begin_src lisp :tangle ../src/self-fix.lisp
+(in-package :org-agent)
+
 (defun self-fix-apply (action context)
   "Applies a surgical code fix and reloads the modified skill."
   (declare (ignore context))

skills/org-skill-shell-actuator.org

@@ -79,6 +79,7 @@ Interfaces for secure system calls. State is event-driven via the core kernel bu
 Whitelist of permitted host binaries.
 
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defparameter *allowed-commands* '("ls" "git" "rg" "grep" "date" "echo" "cat" "node" "python3" "sbcl"))
 #+end_src
 
@@ -86,6 +87,7 @@ Whitelist of permitted host binaries.
 Dangerous characters that are banned to prevent command injection.
 
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defparameter *shell-metacharacters* '(#\; #\& #\| #\> #\< #\$ #\` #\\ #\!)
   "Characters that are banned in shell commands to prevent injection.")
 #+end_src
@@ -94,6 +96,7 @@ Dangerous characters that are banned to prevent command injection.
 Predicate to verify a command string is free of metacharacters.
 
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defun shell-command-safe-p (cmd-string)
   "Returns T if the command string contains no dangerous metacharacters."
   (not (some (lambda (char) (find char cmd-string)) *shell-metacharacters*)))
@@ -103,6 +106,7 @@ Predicate to verify a command string is free of metacharacters.
 The primary secure actuator for host system calls.
 
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defun execute-shell-safely (action context)
   (let* ((cmd-string (getf (getf action :payload) :cmd))
          (executable (car (uiop:split-string (string-trim " " cmd-string) :separator '(#\Space)))))
@@ -133,6 +137,7 @@ The primary secure actuator for host system calls.
 Executes a synthesized script (Python/Lisp/JS) in a controlled directory.
 
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defun execute-sandboxed-script (action context)
   "Executes a synthesized script (Python/Lisp/JS) in a controlled directory.
    This enables SOTA-level Tool Synthesis and Iterative Fixing."
@@ -162,6 +167,7 @@ Executes a synthesized script (Python/Lisp/JS) in a controlled directory.
 Hardware-Level Isolation for future security evolution.
 
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defun provision-microvm (id &key (cpu 1) (ram 512))
   "Hardware-Level Isolation: Provisions an ephemeral Firecracker MicroVM.
    This is the high-security evolution of directory-based sandboxing."
@@ -172,6 +178,7 @@ Hardware-Level Isolation for future security evolution.
 
 ** Feedback Perception
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defun trigger-skill-shell-actuator (context)
   (let ((type (getf context :type))
         (payload (getf context :payload)))
@@ -181,6 +188,7 @@ Hardware-Level Isolation for future security evolution.
 
 ** Neuro-Cognitive Analysis
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defun neuro-skill-shell-actuator (context)
   (let* ((p (getf context :payload))
          (cmd (getf p :cmd))
@@ -199,7 +207,19 @@ Hardware-Level Isolation for future security evolution.
           If the command failed (Exit != 0), analyze the STDERR and propose a FIX for the script.
           If it succeeded, use the STDOUT to complete the original goal.
         " cmd exit-code stdout stderr)
-        (let ((result-text (format nil "* Shell Command Result\n- Command: ~a\n- Exit Code: ~a\n\n** STDOUT\n#+begin_example\n~a\n#+end_example\n\n** STDERR\n#+begin_example\n~a\n#+end_example"
+        (let ((result-text (format nil "* Shell Command Result
+- Command: ~a
+- Exit Code: ~a
+
+** STDOUT
+#+begin_example
+~a
+#+end_example
+
+** STDERR
+#+begin_example
+~a
+#+end_example"
                                    cmd exit-code stdout stderr)))
           `(:type :request :target :emacs :payload (:action :insert-at-end :buffer "*org-agent-chat*" :text ,result-text))))))
 #+end_src
@@ -210,6 +230,7 @@ Hardware-Level Isolation for future security evolution.
 Register the shell channel as a physical actuator.
 
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (org-agent:register-actuator :shell #'execute-shell-safely)
 #+end_src
 
@@ -217,6 +238,7 @@ Register the shell channel as a physical actuator.
 Define the skill entry for the shell actuator.
 
 #+begin_src lisp :tangle ../src/shell-logic.lisp
+(in-package :org-agent)
 (defskill :skill-shell-actuator
   :priority 80
   :trigger #'trigger-skill-shell-actuator

skills/org-skill-task-integrity.org

@@ -36,42 +36,62 @@ Define automated behaviors for GTD state consistency and dependency verification
 :END:
 
 
-* Phase B: Blueprint (PROTOCOL)
-:PROPERTIES:
-:STATUS: DRAFT
-:END:
+* Implementation
 
-** 1. Architectural Intent
-   The Task Integrity Agent will operate as a reactive system, intercepting task state change requests within the Org-mode task management system.  It will validate these requests against predefined semantic rules and dependencies before allowing the change to propagate. It will be implemented using Lisp, leveraging Org-mode's extension capabilities to hook into task state modification events. The goal is to build a system that is both performant and easily extensible with new integrity rules.  Errors will be reported clearly to the user with options for correction.
+** Semantic Mapping
+#+begin_src lisp :tangle ../src/task-integrity.lisp
+(in-package :org-agent)
 
-** 2. Semantic Interfaces (Lisp Signatures)
+(defun semantic-mapping (task-state)
+  "Maps Org-mode task states to semantic categories."
+  (case (intern (string-upcase task-state) :keyword)
+    ((:todo :active :started :wait) :active)
+    ((:done :cancelled :resolved) :resolved)
+    (t :unknown)))
+#+end_src
 
-*** `task-integrity-check (task-id new-state)`
-    - *Purpose:*  Core function to validate a proposed state transition.
-    - *Parameters:*
-      - `task-id`: Unique identifier of the task (e.g., Org-id).
-      - `new-state`: Target state of the task (e.g., 'DONE', 'ACTIVE').
-    - *Returns:* `t` if the transition is valid; `nil` or an error message (string) if invalid.
-    - *Example:* `(task-integrity-check "*TODO Example Task" 'DONE)`
+** Active Children Detection
+#+begin_src lisp :tangle ../src/task-integrity.lisp
+(defun detect-active-children (task-id)
+  "Checks if a task has any child tasks in an active state."
+  (let ((children (list-objects-with-attribute :PARENT task-id)))
+    (remove-if-not (lambda (child)
+                     (let ((todo (getf (org-object-attributes child) :TODO)))
+                       (and todo (eq (semantic-mapping todo) :active))))
+                   children)))
+#+end_src
 
-*** `semantic-mapping (task-state)`
-    - *Purpose:*  Maps Org-mode task states (e.g., 'TODO', 'DONE') to semantic categories (e.g., 'Active', 'Resolved').
-    - *Parameters:*
-      - `task-state`: An Org-mode task state keyword.
-    - *Returns:*  Semantic category symbol (e.g., `:active`, `:resolved`).
-    - *Example:* `(semantic-mapping 'TODO)`  -> `:active`
+** Integrity Check (task-integrity-check)
+Enforces high-integrity semantic rules for task management.
 
-*** `detect-active-children (task-id)`
-    - *Purpose:*  Checks if a task has any child tasks in an active state.
-    - *Parameters:*
-      - `task-id`: Unique identifier of the parent task.
-    - *Returns:*  A list of active child task IDs, or `nil` if no active children exist.
-    - *Example:* `(detect-active-children "*TODO Parent Task")` -> `("*TODO Child Task 1" "*TODO Child Task 2")` (if they are TODO)
+#+begin_src lisp :tangle ../src/task-integrity.lisp
+(defun task-integrity-check (action)
+  "Enforces semantic GTD integrity rules on proposed actions."
+  (let* ((payload (getf action :payload))
+         (act (or (getf payload :action) (getf action :action)))
+         (id (or (getf payload :id) (getf action :id)))
+         (new-attrs (or (getf payload :attributes) (getf action :attributes))))
+    (when (and (eq act :update-node) 
+               (equal (getf new-attrs :TODO) "DONE"))
+      (let ((active-children (detect-active-children id)))
+        (when active-children
+          (return-from task-integrity-check 
+            (format nil "Blocked by Task Integrity: ~a active children exist." (length active-children))))))
+    nil))
+#+begin_src
+
+** Skill Definition
+#+begin_src lisp :tangle ../src/task-integrity.lisp
+(defskill :skill-task-integrity
+  :priority 90
+  :trigger (lambda (ctx) (declare (ignore ctx)) nil)
+  :neuro nil
+  :symbolic (lambda (action context)
+              (declare (ignore context))
+              (let ((err (task-integrity-check action)))
+                (if err
+                    (list :type :LOG :payload (list :text err))
+                    action))))
+#+end_src
 
-*** `block-state-transition (task-id error-message)`
-    - *Purpose:*  Prevents a task state transition and displays an error message to the user.
-    - *Parameters:*
-      - `task-id`: Unique identifier of the task.
-      - `error-message`:  String explaining why the transition is blocked.
-    - *Returns:*  `nil` (side effect: displays message).