rename: remaining Bouncer mentions → Dispatcher

- BOUNCER-PRIVACY-TAGS → *DISPATCHER-PRIVACY-TAGS*
- BOUNCER-SHELL-TIMEOUT → *DISPATCHER-SHELL-TIMEOUT*
- BOUNCER-SHELL-MAX-OUTPUT → *DISPATCHER-SHELL-MAX-OUTPUT*
- bouncer-privacy-tags docstrings → Dispatcher privacy tags
- 'Bouncer' in log messages, docstrings, test descriptions
- 'Bouncer Security Dispatcher' → 'Security Dispatcher'

org/security-dispatcher.org

@@ -1,15 +1,15 @@
-#+TITLE: SKILL: Bouncer (org-skill-bouncer.org)
+#+TITLE: SKILL: Security Dispatcher (org-skill-security-dispatcher.org)
 #+AUTHOR: Agent
-#+FILETAGS: :system:bouncer:authorization:autonomy:
+#+FILETAGS: :system:dispatcher:authorization:autonomy:
 #+PROPERTY: header-args:lisp :tangle ../lisp/security-dispatcher.lisp
 
 * Deep Reasoning: Beyond Permission
 
-The Bouncer is the physical security layer of Passepartout. While the Policy skill ensures an action is "legal" (e.g., "Yes, you are allowed to send a Telegram message"), the Bouncer ensures the action is "safe" by inspecting the payload content via Deep Packet Inspection.
+The Dispatcher is the physical security layer of Passepartout. While the Policy skill ensures an action is "legal" (e.g., "Yes, you are allowed to send a Telegram message"), the Dispatcher ensures the action is "safe" by inspecting the payload content via Deep Packet Inspection.
 
-Every action that reaches the Bouncer has already been approved by the Reasoning pipeline. The LLM generated it, the deterministic gates verified it, and the Act stage is about to execute it. The Bouncer is the last gate before the action touches the physical world.
+Every action that reaches the Dispatcher has already been approved by the Reasoning pipeline. The LLM generated it, the deterministic gates verified it, and the Act stage is about to execute it. The Dispatcher is the last gate before the action touches the physical world.
 
-The Bouncer inspects nine vectors:
+The Dispatcher inspects nine vectors:
 1. **REPL verification** — warns if a defun is written without REPL prototyping
 2. **Lisp syntax** — blocks writes with unbalanced parens
 3. **Secret paths** — blocks reads to ~.env~, SSH keys, PEM files, etc.
@@ -20,7 +20,7 @@ The Bouncer inspects nine vectors:
 8. **Shell safety** — blocks destructive commands and injection patterns
 9. **Network exfil** — blocks unwhitelisted outbound connections
 
-The Bouncer also handles the **Flight Plan** system: when a high-risk action is blocked, it creates a Flight Plan node in the Org files that the user can manually approve.
+The Dispatcher also handles the **Flight Plan** system: when a high-risk action is blocked, it creates a Flight Plan node in the Org files that the user can manually approve.
 
 ** Contract
 
@@ -59,12 +59,12 @@ The Bouncer also handles the **Flight Plan** system: when a high-risk action is
 #+end_src
 
 ** Security Configuration — network whitelist
-Domains that the Bouncer considers safe for outbound connections. Network calls to unlisted domains are blocked or queued for approval.
+Domains that the Dispatcher considers safe for outbound connections. Network calls to unlisted domains are blocked or queued for approval.
 ;; REPL-VERIFIED: 2026-05-03T13:00:00
 #+begin_src lisp
 (defvar *dispatcher-network-whitelist*
   '("api.telegram.org" "matrix.org" "googleapis.com" "openai.com" "anthropic.com")
-  "Domains the Bouncer considers safe for outbound connections.")
+  "Domains the Dispatcher considers safe for outbound connections.")
 #+end_src
 
 ** Privacy filter tags (*dispatcher-privacy-tags*)
@@ -359,7 +359,7 @@ privacy tags, privacy text, shell safety, network exfil, high-impact approval."
 
        ;; Vector 0: REPL verification lint (warn, don't block)
       (repl-lint
-       (log-message "BOUNCER: ~a" (proto-get repl-lint :text))
+       (log-message "DISPATCHER: ~a" (proto-get repl-lint :text))
        action)
 
        ;; Vector 1: Lisp syntax validation (block bad lisp writes)
@@ -446,7 +446,7 @@ privacy tags, privacy text, shell safety, network exfil, high-impact approval."
              (tags (getf attrs :TAGS))
              (action-str (getf attrs :ACTION)))
         (when (and (member "FLIGHT_PLAN" tags :test #'string-equal) action-str)
-          (log-message "BOUNCER: Found approved flight plan '~a'. Re-injecting..." (memory-object-id node))
+          (log-message "DISPATCHER: Found approved flight plan '~a'. Re-injecting..." (memory-object-id node))
           (let ((action (ignore-errors (read-from-string action-str))))
             (when action
               (setf (getf action :approved) t)
@@ -466,7 +466,7 @@ privacy tags, privacy text, shell safety, network exfil, high-impact approval."
 (defun dispatcher-flight-plan-create (blocked-action)
   "Creates a Flight Plan node for manual approval in Emacs."
   (let ((id (remove #\- (princ-to-string (uuid:make-v4-uuid)))))
-    (log-message "BOUNCER: Creating flight plan node '~a'..." id)
+    (log-message "DISPATCHER: Creating flight plan node '~a'..." id)
     (list :type :REQUEST :target :emacs
           :payload (list :action :insert-node :id id
                          :attributes (list :TITLE "Flight Plan: High-Risk Action"
@@ -596,7 +596,7 @@ Recognized formats:
 ;; REPL-VERIFIED: 2026-05-03T13:00:00
 #+begin_src lisp
 (defun dispatcher-gate (action context)
-  "Main deterministic gate for the Bouncer skill."
+  "Main deterministic gate for the Security Dispatcher skill."
   (let* ((payload (getf context :payload))
          (sensor (getf payload :sensor)))
     (case sensor
@@ -629,7 +629,7 @@ Recognized formats:
 
 (in-package :passepartout-security-dispatcher-tests)
 
-(def-suite dispatcher-suite :description "Verification of the Bouncer Security Dispatcher")
+(def-suite dispatcher-suite :description "Verification of the Security Dispatcher")
 (in-suite dispatcher-suite)
 
 (test test-wildcard-match