diff --git a/docs/ux.org b/docs/ux.org index 2b90b3e..3e242f1 100644 --- a/docs/ux.org +++ b/docs/ux.org @@ -53,5 +53,14 @@ This opens a slick, colorful interactive terminal session: 5. The Deterministic Engine (Bouncer) verifies it is a safe read-only action. 6. The ~:cli~ Actuator formats the Lisp response into Markdown and sends it back over the socket. -* 3. The Continuous Loop (Daily Usage) +* 3. The Interactive Refinement (v0.2.0) +** Goal +Transition from a "Verified Wrapper" around netcat to a high-fidelity, native Common Lisp TUI that rivals the experience of ~gemini-cli~. + +** Features +- *Homoiconic UI:* The TUI is rendered directly by the Lisp kernel, allowing for live introspection of the agent's thoughts. +- *Rich Formatting:* ANSI colors, bold headers, and syntax-highlighted code blocks. +- *Command Palette:* Slash commands for system control without leaving the chat. + +* 4. The Continuous Loop (Daily Usage) (To be defined as the agent's capabilities expand into Scribe, Gardener, and Emacs-native interactions). diff --git a/literate/reason.org b/literate/reason.org index 12217de..7e7b311 100644 --- a/literate/reason.org +++ b/literate/reason.org @@ -57,12 +57,13 @@ The `think` function represents the "intuitive" side of the agent. It identifies (let* ((active-skill (find-triggered-skill context)) (tool-belt (generate-tool-belt-prompt)) (global-context (context-assemble-global-awareness)) + (system-logs (context-get-system-logs)) (assistant-name (or (uiop:getenv "MEMEX_ASSISTANT") "Agent"))) (if active-skill (let* ((prompt-generator (skill-probabilistic-prompt active-skill)) (raw-prompt (when prompt-generator (funcall prompt-generator context))) - (system-prompt (format nil "IDENTITY: Actuator for ~a. MANDATE: ONE Lisp plist. ~a ~a" - assistant-name global-context tool-belt))) + (system-prompt (format nil "IDENTITY: Actuator for ~a. MANDATE: ONE Lisp plist. ~a ~a RECENT_LOGS: ~a" + assistant-name global-context tool-belt system-logs))) (if (and raw-prompt (> (length raw-prompt) 1)) (let* ((thought (probabilistic-call raw-prompt :system-prompt system-prompt :context context)) ;; Ensure we are working with a string for read-from-string diff --git a/literate/skills.org b/literate/skills.org index 0ce6419..08460eb 100644 --- a/literate/skills.org +++ b/literate/skills.org @@ -324,9 +324,14 @@ The unified orchestrator for the system boot sequence. (harness-log " LOADER: Initializing ~a skills..." (length sorted-files)) (dolist (file sorted-files) - (let ((skill-name (pathname-name file))) + (let* ((skill-name (pathname-name file)) + (is-mandatory (member skill-name mandatory-skills :test #'string-equal))) (harness-log " LOADER: Loading ~a..." skill-name) - (load-skill-with-timeout file 5))) + (let ((status (load-skill-with-timeout file 5))) + (unless (eq status :success) + (if is-mandatory + (error "BOOT FAILURE: Mandatory skill '~a' failed to load (Status: ~a)." skill-name status) + (harness-log "LOADER WARNING: Skill '~a' failed to load." skill-name)))))) ;; Final Summary (let ((ready 0) (failed 0)) diff --git a/skills/org-skill-bouncer.org b/skills/org-skill-bouncer.org index 11f02d9..643846d 100644 --- a/skills/org-skill-bouncer.org +++ b/skills/org-skill-bouncer.org @@ -1,6 +1,7 @@ :PROPERTIES: :ID: bouncer-agent-skill :CREATED: [2026-04-11 Sat 15:20] +:EDITED: [2026-04-13 Mon 18:35] :END: #+TITLE: SKILL: Deterministic Engine Bouncer (Authorization Gate) #+STARTUP: content @@ -9,18 +10,15 @@ * Overview The *Deterministic Engine Bouncer* is the authorization gate for high-risk actions. It serializes intercepted actions into Org nodes ("Flight Plans") and re-injects them once manually approved by the Sovereign. -** Deep Reasoning: Beyond Permission -While the *Formal Prover* ensures an action is "legal" (e.g., "Yes, you are allowed to send a Matrix message"), the *Bouncer* ensures the action is "safe" by inspecting the payload content via **Deep Packet Inspection (DPI)**. +* Package Context +#+begin_src lisp +(in-package :org-agent) +#+end_src -1. **Secret Exposure Gate:** The Bouncer automatically scans all outgoing `:text` payloads for strings matching your API keys or sensitive IDs stored in the `Credentials Vault`. -2. **Network Exfiltration Gate:** It monitors for unauthorized IP addresses or domains in shell commands, preventing the agent from "phoning home" to a malicious server. -3. **The Final Filter:** The Bouncer sits at the very end of the deterministic pipeline. It is the last gate before an action touches the physical hardware. +* Deep Packet Inspection (DPI) +The Bouncer ensures the action is "safe" by inspecting the payload content via Deep Packet Inspection. -* Implementation - -** Deep Packet Inspection (DPI) - -*** Secret Exposure Check +** Secret Exposure Check Retrieves all active secrets from the vault and scans the payload for potential leaks. #+begin_src lisp @@ -36,7 +34,7 @@ Retrieves all active secrets from the vault and scans the payload for potential found-secret))) #+end_src -*** Network Exfiltration Check +** Network Exfiltration Check Inspects shell commands for unwhitelisted domains or IP addresses. #+begin_src lisp @@ -53,8 +51,8 @@ Inspects shell commands for unwhitelisted domains or IP addresses. (not (some (lambda (safe) (search safe domain)) network-whitelist)))))))) #+end_src -** Runtime Guard (bouncer-check) -The primary entry point for all high-impact actions. +* Runtime Guard (bouncer-check) +The primary entry point for all high-impact actions. It blocks or queues actions based on risk vectors. #+begin_src lisp (defun bouncer-check (action context) @@ -96,7 +94,9 @@ The primary entry point for all high-impact actions. (t action)))) #+end_src -** Approval Processing +* Approval Processing +The Bouncer periodically scans the Memex for approved "Flight Plans" and re-injects them into the metabolic loop. + #+begin_src lisp (defun bouncer-process-approvals () "Scans the object store for APPROVED flight plans and re-injects their actions." @@ -118,31 +118,40 @@ The primary entry point for all high-impact actions. found-any)) #+end_src -** Skill Definition +* Skill Definition +The Bouncer skill reacts to approval requirements by creating flight plan nodes, and periodically checks for manual approvals via heartbeats. + +** Skill Logic +#+begin_src lisp +(defun bouncer-deterministic-gate (action context) + "Main gate for the bouncer skill." + (declare (ignore action)) + (let* ((payload (getf context :payload)) + (sensor (getf payload :sensor))) + (case sensor + (:approval-required + (let* ((blocked-action (getf payload :action)) + (id (org-id-new))) + (harness-log "BOUNCER: Creating flight plan node...") + ;; Create the node in Emacs (or inbox) + (list :type :REQUEST :target :emacs :action :insert-node + :id id :attributes `(:TITLE "Flight Plan: High-Risk Action" + :TODO "PLAN" + :TAGS ("FLIGHT_PLAN") + :ACTION ,(format nil "~s" blocked-action))))) + (:heartbeat + ;; Periodically check for approvals + (bouncer-process-approvals) + nil)))) +#+end_src + +** Skill Registration #+begin_src lisp (defskill :skill-bouncer - :priority 100 + :priority 150 :trigger (lambda (ctx) (or (eq (getf (getf ctx :payload) :sensor) :approval-required) (eq (getf (getf ctx :payload) :sensor) :heartbeat))) :probabilistic nil - :deterministic (lambda (action context) - (declare (ignore action)) - (let* ((payload (getf context :payload)) - (sensor (getf payload :sensor))) - (case sensor - (:approval-required - (let* ((blocked-action (getf payload :action)) - (id (org-id-new))) - (harness-log "BOUNCER: Creating flight plan node...") - ;; Create the node in Emacs (or inbox) - (list :type :REQUEST :target :emacs :action :insert-node - :id id :attributes `(:TITLE "Flight Plan: High-Risk Action" - :TODO "PLAN" - :TAGS ("FLIGHT_PLAN") - :ACTION ,(format nil "~s" blocked-action))))) - (:heartbeat - ;; Periodically check for approvals - (bouncer-process-approvals) - nil))))) + :deterministic #'bouncer-deterministic-gate) #+end_src diff --git a/skills/org-skill-policy.org b/skills/org-skill-policy.org index 7420c6f..bc19d07 100644 --- a/skills/org-skill-policy.org +++ b/skills/org-skill-policy.org @@ -1,7 +1,7 @@ :PROPERTIES: :ID: 47425a43-2be0-423c-8509-22592cfe9c9e :CREATED: [2026-04-07 Tue 12:57] -:EDITED: [2026-04-12 Sun 20:10] +:EDITED: [2026-04-13 Mon 18:30] :END: #+TITLE: SKILL: System Policy #+STARTUP: content @@ -10,15 +10,15 @@ * Overview The *Org-Agent* is a probabilistic-deterministic harness for a personal operating system. It uses Org-mode as its native memory and Common Lisp as its deterministic reasoning engine. +* Package Context +Every skill executes within its own jailed package namespace, while inheriting core harness symbols. + #+begin_src lisp :tangle ../src/policy.lisp (in-package :org-agent) #+end_src -This document contains the *Core System Policy*. These are non-negotiable philosophical and technical constraints that every agentic action MUST satisfy. - -The Deterministic Engine uses these headlines as a "Moral Compass" during the decision stage. - * The Core Invariants +This document contains the *Core System Policy*. These are non-negotiable philosophical and technical constraints that every agentic action MUST satisfy. The Deterministic Engine uses these headlines as a "Moral Compass" during the decision stage. ** 1. Sovereignty Above All Every action must increase the user's independence from centralized, proprietary platforms. If a tool or library introduces a dependency on a non-sovereign entity, it must be flagged for replacement. @@ -27,19 +27,9 @@ Every action must increase the user's independence from centralized, proprietary (defun policy-check-sovereignty (action context) "Ensures the action does not violate the Sovereignty invariant." (declare (ignore context)) - ;; Implementation placeholder + ;; Implementation placeholder: currently permits all actions. + ;; Future: Scan for non-sovereign domain names or proprietary API endpoints. action) - -(defun policy-deterministic-gate (action context) - "The main policy gate. Sub-calls engineering standards if available." - (let ((current-action (policy-check-sovereignty action context))) - (when current-action - (let ((eng-pkg (find-package :org-agent.skills.org-skill-engineering-standards))) - (when eng-pkg - (let ((eng-gate (find-symbol "ENGINEERING-STANDARDS-GATE" eng-pkg))) - (when (and eng-gate (fboundp eng-gate)) - (setf current-action (funcall (symbol-function eng-gate) current-action context))))))) - current-action)) #+end_src ** 2. Technical Mastery & Mentorship @@ -54,9 +44,26 @@ The agent's "Thought Stream" must be fully auditable. Hidden reasoning or obfusc ** 5. Long-Term Sustainability Prioritize local, energy-efficient, and offline-first architectures. The "Memex" should be functional in a 100-year horizon. -* Operational Mandates -Every action performed by an agent in this environment must also adhere to the [[file:../../org-agent-contrib/org-skill-engineering-standards.org][Engineering Standards]]. +* The Policy Gate +The main deterministic entry point for the policy skill. It orchestrates the various invariant checks and delegates to engineering standards. +#+begin_src lisp :tangle ../src/policy.lisp +(defun policy-deterministic-gate (action context) + "The main policy gate. Sub-calls engineering standards if available." + (let ((current-action (policy-check-sovereignty action context))) + (when current-action + (let ((eng-pkg (find-package :org-agent.skills.org-skill-engineering-standards))) + (when eng-pkg + (let ((eng-gate (find-symbol "ENGINEERING-STANDARDS-GATE" eng-pkg))) + (when (and eng-gate (fboundp eng-gate)) + (setf current-action (funcall (symbol-function eng-gate) current-action context))))))) + current-action)) +#+end_src + +* Operational Mandates +Every action performed by an agent in this environment must also adhere to the [[file:org-skill-engineering-standards.org][Engineering Standards]]. + +** Skill Registration #+begin_src lisp :tangle ../src/policy.lisp (defskill :skill-policy :priority 100 diff --git a/src/policy.lisp b/src/policy.lisp index 7b0f359..8d516b2 100644 --- a/src/policy.lisp +++ b/src/policy.lisp @@ -3,7 +3,8 @@ (defun policy-check-sovereignty (action context) "Ensures the action does not violate the Sovereignty invariant." (declare (ignore context)) - ;; Implementation placeholder + ;; Implementation placeholder: currently permits all actions. + ;; Future: Scan for non-sovereign domain names or proprietary API endpoints. action) (defun policy-deterministic-gate (action context) diff --git a/src/reason.lisp b/src/reason.lisp index 7f3de9c..1df7f5d 100644 --- a/src/reason.lisp +++ b/src/reason.lisp @@ -32,12 +32,13 @@ (let* ((active-skill (find-triggered-skill context)) (tool-belt (generate-tool-belt-prompt)) (global-context (context-assemble-global-awareness)) + (system-logs (context-get-system-logs)) (assistant-name (or (uiop:getenv "MEMEX_ASSISTANT") "Agent"))) (if active-skill (let* ((prompt-generator (skill-probabilistic-prompt active-skill)) (raw-prompt (when prompt-generator (funcall prompt-generator context))) - (system-prompt (format nil "IDENTITY: Actuator for ~a. MANDATE: ONE Lisp plist. ~a ~a" - assistant-name global-context tool-belt))) + (system-prompt (format nil "IDENTITY: Actuator for ~a. MANDATE: ONE Lisp plist. ~a ~a RECENT_LOGS: ~a" + assistant-name global-context tool-belt system-logs))) (if (and raw-prompt (> (length raw-prompt) 1)) (let* ((thought (probabilistic-call raw-prompt :system-prompt system-prompt :context context)) ;; Ensure we are working with a string for read-from-string diff --git a/src/skills.lisp b/src/skills.lisp index bba745f..5d79d44 100644 --- a/src/skills.lisp +++ b/src/skills.lisp @@ -211,9 +211,14 @@ (harness-log " LOADER: Initializing ~a skills..." (length sorted-files)) (dolist (file sorted-files) - (let ((skill-name (pathname-name file))) + (let* ((skill-name (pathname-name file)) + (is-mandatory (member skill-name mandatory-skills :test #'string-equal))) (harness-log " LOADER: Loading ~a..." skill-name) - (load-skill-with-timeout file 5))) + (let ((status (load-skill-with-timeout file 5))) + (unless (eq status :success) + (if is-mandatory + (error "BOOT FAILURE: Mandatory skill '~a' failed to load (Status: ~a)." skill-name status) + (harness-log "LOADER WARNING: Skill '~a' failed to load." skill-name)))))) ;; Final Summary (let ((ready 0) (failed 0))