amr/passepartout
1
0
Fork 0
Code Issues 15 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: amr:6aec587e90d5d8c36e106373c8059aca9dc4a4a8
Branches Tags
amr:main amr:feature/v0.8.0-minibuffer amr:refactor/cl-tty-tui amr:feat/dispatcher-rename
amr:v0.7.1 amr:test-hook-block3 amr:test-hook-block2 amr:test-hook-block amr:v0.7.0 amr:v0.6.0 amr:v0.5.0 amr:v0.4.0 amr:v0.3.3 amr:v0.3.2 amr:v0.3.1 amr:v0.3.0 amr:v0.2.1 amr:v0.1.0
..
compare: amr:v0.2.1
Branches Tags
amr:main amr:feature/v0.8.0-minibuffer amr:refactor/cl-tty-tui amr:feat/dispatcher-rename
amr:v0.7.1 amr:test-hook-block3 amr:test-hook-block2 amr:test-hook-block amr:v0.7.0 amr:v0.6.0 amr:v0.5.0 amr:v0.4.0 amr:v0.3.3 amr:v0.3.2 amr:v0.3.1 amr:v0.3.0 amr:v0.2.1 amr:v0.1.0

10 Commits
6aec587e90 ... v0.2.1

Author SHA1 Message Date
Amr Gharbeia
d803889c01 fix(ci): remove ql:add-to-init-file (stdin prompt hangs in non-interactive) 2026-05-02 18:05:36 -04:00
Amr Gharbeia
5a3538ece1 fix(ci): alternate quicklisp install path 2026-05-02 18:02:06 -04:00
Amr Gharbeia
f1e375f237 fix(ci): opt into Node 24 to silence deprecation warning 2026-05-02 17:56:09 -04:00
Amr Gharbeia
f80c16eed9 fix(lint): handle :tangle-generated .lisp files 2026-05-02 17:17:36 -04:00
Amr Gharbeia
0d6854e610 fix(ci): remove inconsistent HOME=/root override 2026-05-02 17:14:00 -04:00
Amr Gharbeia
2c5a271262 fix(test): add emacs-nox dep, fix daemon smoke test handshake
Some checks failed
Deploy (Gitea) / deploy (push) Failing after 3s
Details
2026-05-02 17:11:17 -04:00
Amr Gharbeia
41de20d3f1 v0.2.1: polish, deploy, CI, and literate refactor
Some checks failed
Deploy (Gitea) / deploy (push) Failing after 11s
Details 
- Secret Exposure Gate + Privacy Filter (Bouncer)
- Shell actuator safety harness (timeout, blocked patterns)
- REPL-first enforcement (lisp validation gate, system-prompt-augment)
- Engineering Standards lifecycle (two-track Org-first + REPL-first)
- Literate Programming discipline (one function per block, reflect-back)
- AGENTS.md: thin routing layer, skills are authoritative
- SKILLS_DIR removed, ~/notes fallback eliminated
- opencortex.sh: multi-distro (Debian+Fedora), configure, install service, backup, restore, help
- infrastructure/opencortex.service (systemd user unit)
- Docker: updated to debian:trixie, fixed build context
- GitHub CI: lint + test workflows fixed, trigger on tags only
- Gitea CI: deploy workflow paths fixed
- README: one-line curl install, badges
- USER_MANUAL: Deployment section (bare metal, Docker, backup)
- .gitignore: skills/*.lisp and tests/*.lisp as generated artifacts
- Prose/block refactor across all 35 org files
- Test suite Tier 1: 43/45 pass (env-dependent failures isolated)
 2026-05-02 17:04:33 -04:00
Amr Gharbeia
9e77958028 feat(opencortex): project-local TODO.org and expanded design decisions
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 2s
Details 
- Create TODO.org for project-specific tasks (migrated from gtd.org)
- Expand DESIGN_DECISIONS.org with 8 new sections:
  - Self-modification without boundaries (vs Hermes)
  - Lisp and the AI Dream (1958 vision fulfilled)
  - REPL as cognitive substrate (with REPL explanation)
  - Evaluation harness (SWE-bench, chaos testing)
  - Observability and the thought trace
  - MCP strategy (native Lisp client)
  - Local-first architecture
  - Zero-dependendency deployment
- Fix org-mode syntax errors in tui-client

Parent gtd.org now links to projects/opencortex/TODO.org
Add projects/opencortex/TODO.org to org-agenda-files in emacs-gtd.org
 2026-05-01 21:42:54 -04:00
Amr Gharbeia
9191aecab2 fix(tui): resolve crash by removing --non-interactive and adding defensive rendering 2026-05-01 18:16:55 -04:00
Amr Gharbeia
48520ec517 refactor(harness): centralize mandates, fix TUI reader structure, and enhance memory/perceive 2026-05-01 12:43:25 -04:00
70 changed files with 3282 additions and 1186 deletions
Expand all files Collapse all files

5
.env.example
View File

@@ -56,6 +56,11 @@ SAFETY_BLOCK_SHELL=true
PROTOCOL_ENFORCE_HMAC=false
PROTOCOL_HMAC_SECRET="change-this-to-a-secure-random-string"
# Privacy filter tags: comma-separated list of tags that mark content as private.
# Files/headings tagged with any of these will be filtered from LLM context.
# Default: @personal
PRIVACY_FILTER_TAGS="@personal,@health,@finance"
# =============================================================================
# BOOTSTRAP
# =============================================================================

42
.gitea/workflows/deploy.yml
View File

@@ -1,44 +1,24 @@
name: Deploy-Agent-V15-Stdin
name: Deploy (Gitea)
on:
push:
branches:
- main
jobs:
JOB-V15-STDIN:
deploy:
runs-on: debian-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Checkout
uses: actions/checkout@v4
- name: Install Docker CLI
run: |
echo "Installing Docker CLI..."
apt-get update
apt-get install -y docker.io docker-compose
apt-get update && apt-get install -y docker.io docker-compose
- name: Deploy via Host Docker Socket (Stdin Method)
- name: Build and deploy via Docker Compose
run: |
echo "Piping local compose file to host Docker daemon..."
# We read the compose file from the checked-out code in the runner,
# but we tell the host Docker daemon that the "project directory" is /memex/projects/opencortex.
# The host daemon will use its own /memex files to build the image.
cat deploy/docker/docker-compose.yml | docker-compose \
-p opencortex \
--project-directory /memex/projects/opencortex \
-f - \
down
cat deploy/docker/docker-compose.yml | docker-compose \
-p opencortex \
--project-directory /memex/projects/opencortex \
-f - \
build --no-cache opencortex
cat deploy/docker/docker-compose.yml | docker-compose \
-p opencortex \
--project-directory /memex/projects/opencortex \
-f - \
up -d --force-recreate opencortex
cd infrastructure/docker
docker-compose -p opencortex down
docker-compose -p opencortex build --no-cache opencortex
docker-compose -p opencortex up -d --force-recreate opencortex

78
.github/workflows/lint.yml vendored
View File

@@ -2,44 +2,86 @@ name: Lint
on:
push:
branches: [main]
pull_request:
branches: [main]
tags:
- 'v*'
workflow_dispatch:
jobs:
lint:
runs-on: ubuntu-latest
container:
image: ubuntu:latest
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: |
apt-get update && apt-get install -y --no-install-recommends \
sudo apt-get update && sudo apt-get install -y --no-install-recommends \
git emacs-nox
- name: Check for forbidden patterns
run: |
grep -r "json\." --include="*.lisp" . && \
echo "ERROR: Found JSON usage in Lisp files" && exit 1 || \
! grep -r "json\." --include="*.lisp" . && \
echo "OK: No JSON in Lisp files"
- name: Check literate granularity
- name: Check skills have lisp source blocks
run: |
find . -name "*.org" -path "./skills/*" -exec grep -L "#+begin_src lisp" {} \; | \
grep -v "CLA\|CONTRIBUTING\|CHANGELOG" && \
echo "WARNING: Some skills lack lisp blocks" || \
echo "OK: All skills have lisp blocks"
FAIL=0
for f in skills/*.org; do
if ! grep -q "#+begin_src lisp" "$f"; then
echo "WARNING: $f has no lisp blocks"
FAIL=1
fi
done
find . -name "*.org" -path "*/skills/*" -exec grep -L "#+begin_src lisp" {} \; | \
grep -v "CLA\|CONTRIBUTING\|CHANGELOG\|README\|USER_MANUAL" || true
echo "OK: All skills have lisp blocks"
- name: Verify .lisp files are generated
- name: Verify each .lisp has a corresponding .org source
run: |
for f in library/gen/*.lisp; do
FAIL=0
for f in harness/*.lisp tests/*.lisp; do
[ -f "$f" ] || continue
org="${f%.lisp}.org"
if [ -f "$org" ]; then
: # generated, OK
[ -f "$org" ] && continue
base=$(basename "$f" .lisp)
# Check if generated from a parent org via :tangle
parent="${base%-tests}.org"
parent="${parent%-validator}.org"
parent="${parent%-client}.org"
if [ -f "harness/$parent" ] || [ -f "skills/$parent" ]; then
: # generated from parent org via :tangle
elif grep -q ":tangle.*$(basename "$f")" harness/*.org skills/*.org 2>/dev/null; then
: # :tangle reference found in another org
else
echo "WARNING: $f has no corresponding .org source"
FAIL=1
fi
done
done
for f in skills/*.lisp; do
[ -f "$f" ] || continue
org="${f%.lisp}.org"
if [ ! -f "$org" ]; then
echo "ERROR: $f has no .org source"
FAIL=1
fi
done
[ "$FAIL" = 0 ] && echo "OK: All .lisp files have .org sources"
- name: Check literate granularity (one function per block)
run: |
for f in skills/*.org; do
blocks=$(grep -c "^[[:space:]]*(defun " "$f" 2>/dev/null || true)
srcblocks=$(grep -c "#+begin_src lisp" "$f" 2>/dev/null || true)
if [ "$blocks" -gt "$srcblocks" ] && [ "$srcblocks" -gt 0 ]; then
echo "WARNING: $f has $blocks defuns but only $srcblocks src blocks"
fi
done
echo "OK: Granularity check complete"
- name: Check README has quick install
run: |
grep -q "curl.*opencortex" README.org && \
echo "OK: Quick install in README" || \
echo "WARNING: Quick install curl command not found in README"

100
.github/workflows/test.yml vendored
View File

@@ -2,43 +2,99 @@ name: Tests
on:
push:
branches: [main]
pull_request:
branches: [main]
tags:
- 'v*'
workflow_dispatch:
jobs:
test:
runs-on: ubuntu-latest
container:
image: statusoftech/sbcl:2.4.0
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
steps:
- uses: actions/checkout@v4
- name: Install dependencies
- name: Install system dependencies
run: |
apt-get update && apt-get install -y --no-install-recommends \
git curl openssl make automake autoconf gcc clisp python3 python3-pip
sudo apt-get update && sudo apt-get install -y --no-install-recommends \
sbcl emacs-nox git curl socat rlwrap
- name: Install Quicklisp
run: |
curl -L https://beta.quicklisp.org/quicklisp.lisp -o /tmp/quicklisp.lisp
sbcl --non-interactive \
curl -fsSL https://beta.quicklisp.org/quicklisp.lisp -o /tmp/quicklisp.lisp
sbcl --noinform --non-interactive \
--load /tmp/quicklisp.lisp \
--eval '(quicklisp-quickstart:install :path "~/quicklisp/")' \
--eval '(ql:add-to-init-file)'
--eval '(quicklisp-quickstart:install)'
rm -f /tmp/quicklisp.lisp
- name: Install ASDF systems
- name: Load and verify harness
run: |
sbcl --non-interactive \
--eval '(ql:quickload :opencortex)'
env:
HOME: /root
export OC_DATA_DIR="$PWD/.github-test"
mkdir -p "$OC_DATA_DIR/harness" "$OC_DATA_DIR/tests"
- name: Run tests
# Tangle harness files into test directory
mkdir -p /tmp/oc-build
cp harness/*.org "$OC_DATA_DIR/harness/"
cd "$OC_DATA_DIR/harness" && for f in *.org; do
if command -v emacs; then
emacs -Q --batch --eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"$f\")" 2>/dev/null || true
fi
done
rm -f *.org
cd "$OLDPWD"
# Copy skills, tangle, verify
mkdir -p "$OC_DATA_DIR/skills"
cp skills/*.org "$OC_DATA_DIR/skills/"
cd "$OC_DATA_DIR/skills" && for f in *.org; do
if command -v emacs; then
emacs -Q --batch --eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"$f\")" 2>/dev/null || true
fi
done
rm -f *.org
cd "$OLDPWD"
- name: Load opencortex and initialize skills
run: |
export OC_DATA_DIR="$PWD/.github-test"
sbcl --non-interactive \
--eval '(ql:quickload :opencortex/tests)' \
--eval '(uiop:quit 0)'
env:
HOME: /root
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$PWD/\") asdf:*central-registry*)" \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex :silent t)' \
--eval "(setf (uiop:getenv \"OC_DATA_DIR\") \"$OC_DATA_DIR\")" \
--eval '(opencortex:initialize-all-skills)' \
--eval "(let ((n (hash-table-count opencortex:*skills-registry*))) (format t \"~%Skills loaded: ~a~%\" n) (unless (>= n 20) (sb-ext:exit :code 1)))"
- name: Daemon smoke test
run: |
export OC_DATA_DIR="$PWD/.github-test"
sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$PWD/\") asdf:*central-registry*)" \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval "(ql:quickload '(:opencortex :croatoan))" \
--eval "(setf (uiop:getenv \"OC_DATA_DIR\") \"$OC_DATA_DIR\")" \
--eval '(opencortex:main)' \
> /tmp/oc-daemon.log 2>&1 &
DAEMON_PID=$!
for i in $(seq 1 20); do
if ss -tln 2>/dev/null | grep -q 9105; then
echo "✓ Daemon ready on port 9105"
# Read the initial handshake via a short TCP connection
timeout 3 bash -c 'exec 3<>/dev/tcp/localhost/9105; head -c 200 <&3' 2>/dev/null | grep -q "handshake" && \
echo "✓ Protocol handshake received"
break
fi
sleep 1
done
kill $DAEMON_PID 2>/dev/null || true
wait $DAEMON_PID 2>/dev/null || true
echo "✓ Daemon smoke test passed"

4
.gitignore vendored
View File

@@ -6,3 +6,7 @@ opencortex-server
\#*#
opencortex-tui
test_input.txt
# Generated artifacts (source of truth is .org)
/skills/*.lisp
/tests/*.lisp

18
GEMINI.md
View File

@@ -1,18 +0,0 @@
# OpenCortex Agent Mandates
This file defines mandatory workflows and technical standards for the Gemini CLI agent operating within the OpenCortex environment. These mandates supersede general defaults.
## Lisp Integrity Mandates
- **Validation:** Before applying any change to a `.lisp` file or a Lisp block in an `.org` file, you MUST use `utils-lisp-validate` to ensure structural and semantic integrity.
- **Formatting:** All generated Lisp code MUST be piped through `utils-lisp-format` to maintain project-standard indentation before being saved.
- **Structural Editing:** When modifying complex Lisp forms (nested macros or large functions), prefer using `utils-lisp-structural-extract` and `utils-lisp-structural-wrap` to avoid manual parenthesis errors.
- **Verification:** For new or non-trivial logic, use `utils-lisp-eval` to test the behavior of the isolated S-expression in a live REPL environment before tangling.
## Literate Org Mandates
- **AST Integrity:** When modifying Org files, utilize `utils-org-set-property`, `utils-org-set-todo`, and `utils-org-add-headline` to manipulate the document structure programmatically whenever possible.
- **ID Management:** Every new headline intended for tracking or tangling MUST have a unique ID generated via `utils-org-generate-id`.
## Engineering Workflow
- **Commit-Before-Modify:** Verify the git state is clean before starting a multi-file refactor.
- **Tangle Sync:** After modifying any `.org` file, you MUST ensure the corresponding `.lisp` artifacts are tangled and in sync.
- **Validation:** Run the project-specific test suite (`sbcl --load opencortex.asd`) after every significant change to verify system stability.

17
README.org
View File

@@ -2,6 +2,21 @@
#+AUTHOR: Amr
#+FILETAGS: :opencortex:ai:assistant:
#+HTML: <div style="display: flex; gap: 8px; flex-wrap: wrap; margin-bottom: 1em;">
#+HTML: <img src="https://img.shields.io/github/v/tag/amrgharbeia/opencortex?label=version&style=flat-square">
#+HTML: <img src="https://img.shields.io/github/license/amrgharbeia/opencortex?style=flat-square">
#+HTML: <img src="https://img.shields.io/badge/Lisp-Common%20Lisp-blue?style=flat-square">
#+HTML: <img src="https://img.shields.io/badge/docs-Org--mode-green?style=flat-square">
#+HTML: </div>
* Quick Install
#+begin_src bash
curl -fsSL https://raw.githubusercontent.com/amrgharbeia/opencortex/main/opencortex.sh | bash -s configure
#+end_src
Then run ~opencortex tui~ to start chatting.
* Meet OpenCortex
Most AI assistants are just chatbots. You ask a question, they answer, they forget you exist. They trap your conversations in proprietary web apps and silo your data.
@@ -71,7 +86,7 @@ opencortex tui
`opencortex setup` guides you through configuring LLM providers. Tell it how to talk to Ollama, Groq, OpenRouter, or your own endpoint.
`opencortex link <platform> <token>` connects external chat gateways. Talk to your agent from Telegram while it works on your files.
`opencortex gateway link <platform> <token>` connects external chat gateways. Talk to your agent from Telegram while it works on your files.
`opencortex doctor` shows you what's working, what's broken, and what needs attention.

796
TODO.org Normal file
View File

@@ -0,0 +1,796 @@
# OpenCortex Project Tasks
# All OpenCortex-related TODOs live here. gtd.org links to this file.
# Evolutionary context: see docs/ROADMAP.org
* PHASE: AUTONOMOUS MVP (v0.1.0 Released)
:PROPERTIES:
:ID: proj-mvp-v0-1-0
:END:
The "Zero-to-One" release. The agent must be mathematically secure, CLI-first, and capable of autonomous Memex maintenance.
** DONE 1. Harness Hardening (The Final Audit)
*** DONE Audit remaining core skills (`org-skill-policy.org`, `org-skill-bouncer.org`) to the new Literate Granularity standard.
*** DONE Implement Verification Lock: Ensure `MANDATORY_SKILLS` pass `validate-lisp-syntax` before boot proceeds.
*** DONE Logging & Transparency: Ensure `context-get-system-logs` is utilized by the Reason engine to explain blocked actions.
** DONE 2. The Autonomous Scribe & Gardener (The Primary Value Prop)
*** DONE Implement `org-skill-scribe.org`: Background worker that distills daily chronological logs into structured Zettelkasten notes.
*** DONE Implement `org-skill-gardener.org`: Heartbeat-driven skill that autonomously flags orphaned nodes and repairs broken links.
** DONE 3. The Zero-to-One Experience (setup.org)
*** DONE Consolidate installation instructions, `onboard.sh`, and `Dockerfile` into a single, literate `setup.org` file.
*** DONE Ensure the setup process interactively builds the `.env` and verifies SBCL/Quicklisp dependencies.
** DONE 4. CLI-First Actuation
CLOSED: [2026-04-14 Tue 09:40]
*** DONE Verified the `cli` actuator and inbound gateway handle standard I/O interaction gracefully via a stateful `socat` connection.
* PHASE: PUBLICATION & VERIFICATION (v0.1.0 Post-Release)
:PROPERTIES:
:ID: proj-pub-v0-1-0
:END:
Ensuring the system is ready for the world through collaborative testing, documentation, and licensing.
** DONE 1. Collaborative End-to-End Testing [2026-04-21 Tue]
CLOSED: [2026-04-21 Tue 17:30]
*** DONE Verified stable foundation at commit `cab0e5a`.
*** DONE Verified boot sequence and bidirectional connectivity.
** DONE 2. Semantic Reorganization & System Stabilization [2026-04-21 Tue]
CLOSED: [2026-04-21 Tue 18:30]
*** DONE Rename directories: harness/, library/, environment/, infrastructure/.
*** DONE Consolidate Probabilistic engine into reason.lisp.
*** DONE Embed bidirectional CLI logic into opencortex.sh.
*** DONE Stabilize skill engine: 12/12 skills loaded with package jailing.
*** DONE Cleanup legacy documentation and deployment artifacts.
** DONE 2. Comprehensive Documentation <2026-04-14 Tue>
CLOSED: [2026-04-20 Mon 18:00]
*** DONE Draft `USER_MANUAL.org`: Focus on CLI interaction, installation, and Memex structure.
*** DONE Draft `CONTRIBUTING.org`: Explain Literate Granularity and Skill creation standards.
** DONE 3. License & Legal Finalization <2026-04-14 Tue>
CLOSED: [2026-04-17 Fri 11:25]
*** DONE Assign the AGPLv3 open-source license.
*** DONE Implement a broad Contributor License Agreement (CLA) process.
*** DONE Update `LICENSE` and `CHANGELOG` accordingly.
** TODO 4. GitHub Migration & Repository Setup <2026-04-14 Tue>
*** TODO Migrate primary remote to GitHub and configure canonical repository.
*** TODO Set repository topics, badges, issue templates, and CI/CD foundations.
** TODO 5. Marketing & Social Media Launch <2026-04-14 Tue>
*** TODO Execute PR plan (Reddit, Hacker News, X/Twitter).
*** TODO Create a short, high-quality terminal demo GIF/video of the TUI interaction.
* PHASE: INTERACTIVE REFINEMENT (v0.2.0 Target)
:PROPERTIES:
:ID: proj-refinement-v0-2-0
:END:
Elevating the user interface from raw shell piping to a high-fidelity, native Lisp experience. Priority: Self-editing is the foundation of all future growth. Full org-mode manipulation makes the agent a true Emacs citizen.
Roadmap basis: Evolutionary roadmap from README.org. Working backwards from SOTA parity.
** DONE 0. Autonomous Self-Editing Foundation
*** DONE org-skill-lisp-repair (Lisp syntax repair)
- Deterministic: auto-balance parens via paren-counting
- Probabilistic: LLM generates surgical fix on =:syntax-error= events
- Memory rollback on failure
DONE: Now in org-skill-lisp-utils (merged from contrib)
*** DONE org-skill-emacs-edit (full org-mode manipulation)
- Read org buffers, parse AST via org-element
- Create/update/delete headlines, set properties, manage TODO states
- Handle =id:= links and internal links
- Pure Lisp implementation (no Emacs subprocess)
*** DONE Expose Structural AST Editing Tools
- Wrap org-skill-emacs-edit into def-cognitive-tool definitions
- Force LLM to use semantic node updates instead of regex file I/O
*** DONE Implement Reflection Loops
- Feed rejection traces (syntax errors, policy blocks) back to LLM to trigger self-correction
*** DONE Harden Actuators
- Fix path-traversal vulnerabilities in file I/O tools (e.g. :write-file)
- Enforce Merkle-snapshots on all state-modifying actions
*** DONE Implement tool permission tiers (ask/allow/deny)
- Per-tool permission plist stored in org-object
- =generate-tool-belt-prompt= filters denied tools before LLM sees them
- Ask-tier prompts user before execution
*** DONE Implement skill hot-reload (=:reload-skill= tool)
- Swap compiled skill files without breaking active sockets
- Reload skill into jailed package namespace
- DONE: Added :reload-skill, :read-file, :write-file, :replace-string tools
- DONE: Fixed ASDF compilation bug (position tracking issue with :serial t)
- DONE: Added explicit :depends-on declarations to opencortex.asd
** DONE Engineering Process Improvements [2026-04-23 Wed]
*** DONE Fix ASDF compilation bug (position tracking at byte 16834)
- Root cause: Duplicate proto-get, bt: prefix issues, :serial t position cache
- Fix: Removed duplicate, fixed bt:->bordeaux-threads, explicit dependencies
- Added eval-when wrapper for new tools (good Lisp practice)
*** DONE Add test-first methodology to engineering standards
- Rule 10: Test-first - design tests before coding, run chaos testing
- Rule 11: Org as thinking medium - document investigations in prose
- Rule 12: Engineering decision audit trail - document root cause, tradeoffs
- Added to opencortex-contrib/skills/org-skill-engineering-standards.org
*** DONE Perform comprehensive architectural review and evolution strategy [2026-04-27 Mon]
- Identified hidden gaps: Org-mode round-trip, sandboxing vulnerabilities, and GC scaling.
- Defined "Structural AST Editing" and "Reflection Loops" as core strategic requirements.
- Captured findings in [[file:notes/opencortex-architectural-evolution.org][opencortex-architectural-evolution.org]].
*** DONE Fix API drift in opencortex-contrib [2026-04-27 Mon]
- Standardized legacy keywords (:neuro/:symbolic) to new harness standard (:probabilistic/:deterministic).
- Updated 16 skills in opencortex-contrib for kernel compatibility.
** DONE 4. Core Skills Consolidation [2026-04-23 Thu]
- Merged lisp-validator + lisp-repair → org-skill-lisp-utils.org
- Added lisp utilities: count-char, deterministic-repair, neural-repair
- Added validation: structural, syntactic, semantic checks
- Moved org-skill-self-fix from contrib → core
- Moved org-skill-engineering-standards from contrib → core
- Deleted old org-skill-lisp-validator.org
** DONE 5. Advanced CLI Onboarding Experience
*** DONE Implement interactive Lisp CLI wizard (=opencortex setup=)
*** DONE Implement =opencortex gateway link= for Telegram/Signal bot connection [2026-05-02 Sat]
*** DONE Implement =opencortex gateway unlink= to disable a gateway [2026-05-02 Sat]
*** DONE Implement =opencortex gateway list= to show gateway status [2026-05-02 Sat]
*** DONE Implement =opencortex install <skill>= for dynamic skill downloading [2026-05-02 Sat]
*** DONE Implement =opencortex doctor= for environment health and API key validation [2026-04-28 Tue]
- Verified 22/22 skills loading with clean boot.
- Fixed macro conflicts and package jailing bugs.
** DONE Chaos-Driven Bug Fixes (v0.2.0 Pre-Release) [2026-04-28 Tue]
- Fixed major conflict between Type A and Type B def-cognitive-tool macros.
- Enforced dynamic-only loading by removing skills from opencortex.asd.
- Fixed let/let* sequential binding bugs in emacs-edit and self-edit.
- Standardized *cognitive-tools* as a centralized hash table.
- Resolved missing in-package declarations in core skills.
** DONE 1. Common Lisp TUI Implementation [2026-04-28 Tue]
*** DONE Integrate =croatoan= for native terminal rendering
*** DONE Implement scrollable history viewport for chat and thought streams
*** DONE Implement fixed bottom input box with multi-line support and command history
*** DONE Implement persistent status bar for background workers (Scribe/Gardener)
*** DONE Support syntax highlighting for Lisp code blocks and Org-mode syntax
** DONE 2. Slash Commands & Interactive Control [2026-04-28 Tue]
*** DONE Implement =/help= command for system overview
*** DONE Implement =/exit= and =/clear= commands
*** DONE Implement =/skill-load <name>= for dynamic hot-reloading
*** DONE Implement =/status=, =/config=, =/search=, =/commit= slash commands
** DONE 3. Direct Lisp-to-Terminal Actuation [2026-04-28 Tue]
*** DONE Refactor the =:cli= actuator to use native TUI rendering
** DONE 4. Persistent REPL for Interactive Development [2026-04-30 Thu]
*** DONE Implement org-skill-repl for persistent Lisp evaluation
- repl-eval: evaluate code with result+output+error separation
- repl-inspect: inspect variables and functions
- repl-list-vars: list bound symbols in package
- repl-load-file: load files into image
- Supports REPL-first workflow with literate reflection in org
* PHASE: EVENT ORCHESTRATION + HITL (v0.3.0)
:PROPERTIES:
:ID: proj-orchestration-v0-3-0
:END:
Unified control plane: hooks + cron + routing in one skill. Deep project understanding.
** TODO 0. Project Renaming (Bouncer → Dispatcher)
*** TODO Audit all files for component names to rename
*** TODO Rename org-skill-bouncer.org → org-skill-dispatcher.org
*** TODO Rename skill-bouncer package → skill-dispatcher
*** TODO Rename cognitive tool =:bouncer= → =:dispatcher=
*** TODO Update all references in harness, skills, documentation
*** TODO Update gtd.org and ROADMAP.org terminology
*** TODO Update DESIGN_DECISIONS.org section if applicable
*** TODO Verify all tests pass after rename
:LOGBOOK:
- State "TODO" from "" [2026-05-01 Fri 15:40]
:END:
The Dispatcher's role has evolved beyond security guard. It is the seed of the deterministic engine - it learns to execute procedures without invoking the neural net.
** TODO 1. Event Orchestrator (unified hooks+cron+routing)
*** TODO Integrate contrib org-skill-event-orchestrator
- Merge *hook-registry* + *cron-registry* + complexity classifier
- Hooks via =#+HOOK:= Org-mode properties
- Three complexity tiers: =:REFLEX= (no LLM), =:COGNITION= (light LLM), =:REASONING= (full LLM)
- Hook into heartbeat for cron processing
** TODO 2. Context Manager (project scoping)
*** TODO Integrate contrib org-skill-context-manager
- Stack-based context with =push-context= / =pop-context=
- Path resolution relative to current context
- Memory scope: =:scope= property on org-objects (memex/session/project)
- Implement lazy-loading proxies for large-scale memory traversal (offload cold nodes to disk)
** TODO 3. Model-Tier Routing (cost optimization)
*** TODO Extend =*model-selector-fn= for complexity-based routing
- Heartbeats → smallest model
- User input → medium model
- Complex reasoning → large model
- Source: GBrain sub-agent model routing
** TODO 4. Memory Scope Segmentation
*** TODO Extend org-object with =:scope= property
- =:memex= (permanent knowledge)
- =:session= (ephemeral context)
- =:project= (scoped to current work)
- Scope-aware retrieval in memory.lisp
** TODO 5. Asynchronous Embedding Gateway
*** TODO Implement provider-agnostic org-skill-embedding-gateway
- Support Ollama, llama.cpp, and OpenAI based on .env config
- Implement lazy-loading: edits mark nodes as =:vector :pending=
- Background worker thread batches pending nodes and updates Merkle tree silently
** TODO 6. Slash Commands (TUI ergonomics)
*** TODO M-x style command palette
*** TODO /- prefix for command mode
*** TODO Commands defined in Org-mode
* PHASE: LONG-HORIZON PLANNING + GIT WORKFLOWS (v0.4.0)
:PROPERTIES:
:ID: proj-planning-v0-4-0
:END:
Multi-step task mastery, structured tracking with failure handling and course correction.
** TODO 0. Long-Horizon Planning (task tree DAG)
*** TODO Implement org-skill-long-horizon
- Decompose complex tasks into Org-mode headline trees
- Terminal states: =:todo==:next-action==:in-progress==:done= / =:blocked= / =:stuck=
- Parent summarises child results
- Branch pruning when paths fail
- Source: Claude Code ULTRAPLAN (reimplemented in Lisp)
** TODO 1. Git Steward (version control integration)
*** TODO Integrate contrib org-skill-git-steward
- Status, diff, commit, push, branch operations
- Policy: commit-before-modify gate (from contrib engineering-standards)
- Log commits to memory
** TODO 2. TDD Runner Integration
*** TODO Integrate contrib org-skill-tdd-runner
- Run FiveAM tests on file save
- Inject =:test-failure= event on red
- Hook into self-fix for auto-repair proposals
** TODO 3. Deep Emacs Integration
*** TODO Full org-agenda awareness
- Navigate, clock time, refile, archive
- Uses org-element + org-id
* PHASE: INTERACTIVE ACTUATION & ENVIRONMENT STEWARDSHIP (v0.5.0)
:PROPERTIES:
:ID: proj-actuation-v0-5-0
:END:
Interactive terminal sessions and autonomous dependency management.
** TODO 0. Interactive PTY Actuator
*** TODO Stream long-running process output to the context window (e.g., `npm run dev`, REPLs)
*** TODO Implement async interrupt control (Ctrl+C emulation)
** TODO 1. The Environment Steward
*** TODO Autonomously detect missing dependencies (e.g., "Command not found")
*** TODO Propose an installation command and retry the failed action
* PHASE: CREATOR + ARCHITECT + GTD (v0.6.0)
:PROPERTIES:
:ID: proj-creator-v0-5-0
:END:
Agent bootstraps itself: creates skills autonomously, designs projects from PRDs, tracks work.
** TODO 0. Skill Creator (autonomous skill generation)
*** TODO Integrate contrib org-skill-creator
- LLM drafts complete skill org-file from natural language
- Mandatory: syntax validation → jail-load → test → register
** TODO 1. Architect Agent (PRD → PROTOCOL)
*** TODO Integrate contrib org-skill-architect
- Scan =:STATUS: FROZEN= PRDs
- Generate Phase B PROTOCOL from Phase A
- Write to same file
** TODO 2. GTD Integration (project tracking)
*** TODO Integrate contrib org-skill-gtd
- Full GTD cycle: capture, clarify, organize, reflect, engage
- org-gtd v4.0 DAG (=:TRIGGER:=, =:BLOCKER:=)
** TODO 3. Consensus Loop (multi-model agreement)
*** TODO Integrate contrib org-skill-consensus
- Run multiple providers for critical decisions
- Compare results, detect disagreements
- Confidence scoring
** TODO 4. Web Research (Playwright browsing)
*** TODO Integrate contrib org-skill-playwright + org-skill-web-research
- Headless Chromium via Python bridge
- Text extraction and screenshots
- Gemini Web UI automation
** TODO 5. Memex Management (PARA lifecycle)
*** TODO Integrate contrib org-skill-memex + org-skill-workspace-manager
- Archive DONE tasks, suggest refiling
- Detect orphaned nodes
- PARA/Zettelkasten maintenance
* PHASE: VISUAL GROUNDING & MCP BRIDGE (v0.7.0)
:PROPERTIES:
:ID: proj-vision-v0-7-0
:END:
Multimodal visual interaction and ecosystem-wide tool compatibility.
** TODO 0. Computer Use / Vision
*** TODO Allow the agent to request host OS or browser screenshots
*** TODO Analyze UI and issue precise X/Y coordinate click/type commands via an X11/Wayland bridge
** TODO 1. MCP Gateway Bridge
*** TODO Build a Lisp-native client for the Model Context Protocol
*** TODO Connect OpenCortex to external tools and data sources
* PHASE: THE EVALUATION HARNESS (v0.8.0)
:PROPERTIES:
:ID: proj-eval-v0-8-0
:END:
Automated benchmarking to mathematically prove the agent's reasoning capabilities.
** TODO 0. SWE-Bench Harness
*** TODO Automated pipeline that clones repositories and feeds GitHub issues
*** TODO Track multi-step resolution trajectory, run tests, and score success
* PHASE: SOTA PARITY (v1.0.0)
:PROPERTIES:
:ID: proj-sota-v1-0-0
:END:
Feature-complete agent competitive with commercial agents. All borrowed concepts reimplemented in pure Lisp.
All features from v0.2.0 through v0.8.0 combined, verified, and tested end-to-end.
| Area | Parity Target |
|------|--------------|
| Self-improvement | Claude Code self-debug |
| Planning | ULTRAPLAN equivalent |
| Tool ecosystem | 10+ cognitive tools |
| Context window | Semantic search + scope segmentation |
| Safety | 6 Policy invariants + formal verification |
| Multi-step tasks | Task trees with terminal states |
| Code editing | Full file read/write via org manipulation |
| Memory | Vector recall in org-object |
| Emacs integration | Full org-mode control (exceeds Claude Code) |
| Autonomy | 100% local capable (exceeds Claude Code) |
* PHASE: LISP MACHINE EMERGENCE (v2.0.0)
:PROPERTIES:
:ID: proj-lisp-v2-0-0
:END:
From Lisp-using agent to true Lisp machine. Agent IS the Emacs process.
** TODO Lish: Lisp editor as Org-mode IDE
- Org-babel for interactive Lisp evaluation
- Full REPL in TUI
- No bridge needed — direct memory access
** TODO Lish: Shell replacement
- Lisp-based shell that speaks plists
- Org-mode buffers as file system
- No bash dependency
* PHASE: NEUROSYMBOLIC MATURITY (v3.0.0)
:PROPERTIES:
:ID: proj-neuro-v3-0-0
:END:
Deterministic planner takes the wheel. LLM relegated to semantic translation.
** TODO Deterministic planner
- Planner as pure Lisp function
- No LLM needed for scheduling
- Generates task graphs without probabilistic inference
** TODO Self-correcting gates
- Gates learn from false positives (user override patterns)
- Adaptive threshold adjustment
* PHASE: AI STACK INTERNALIZED (v4.0.0)
:PROPERTIES:
:ID: proj-ai-v4-0-0
:END:
The agent understands its own weights. No external inference.
** TODO Llama.cpp in Lisp
- FFI binding to llama.cpp
- No Python subprocess
- Pure Common Lisp inference
** TODO Weights as sexps
- Neural weights represented as Lisp data structures
- Homoiconic model introspection
* PHASE: TRUE AGENCY (v5.0.0)
:PROPERTIES:
:ID: proj-agency-v5-0-0
:END:
World models, temporal reasoning, goal persistence across restarts.
** TODO World models
- Agent builds predictive models of user behavior
- Project dynamics awareness
- System state forecasting
** TODO Temporal reasoning
- Scheduling and deadline awareness
- Elapsed duration tracking
- Calendar integration
** TODO Goal persistence
- Goals survive restarts
- Long-term projects tracked in org-objects
- Cross-session continuity
* PHASE: EVOLUTIONARY ROADMAP (Previous — Superseded by Critical Analysis)
:PROPERTIES:
:ID: proj-old-roadmap
:END:
Superseded by the critical analysis-informed roadmap above (v0.2.0 through v5.0.0). This section kept for historical reference.
** TODO v0.1.0: The Autonomous Foundation (Current Release) — Now COMPLETE
** TODO v1.0.0 (Phase 2.5): The Verified Wrapper (SOTA Parity) — Now v1.0.0
** TODO v2.0.0 (Phase 3): Cannibalizing the Toolchain — Now v2.0.0
** TODO v3.0.0 (Phase 4): True Symbolic Determinism — Now v3.0.0
* PHASE: FOUNDATION (Complete)
** DONE Draft Swank/Socket communication protocol between CL and Emacs
:PROPERTIES:
:CREATED: [2026-03-22 Sun 14:00]
:ASSIGNED: Agent
:END:
** DONE Implement core Perceive-Think-Act loop in Common Lisp
:PROPERTIES:
:CREATED: [2026-03-22 Sun 14:00]
:ASSIGNED: Agent
:END:
** DONE Implement Persistent Object-Store for Org entities in CL
:PROPERTIES:
:CREATED: [2026-03-22 Sun 16:30]
:ASSIGNED: Agent
:END:
** DONE Implement LLM Connector (Probabilistic Engine) in CL Daemon
:PROPERTIES:
:CREATED: [2026-03-22 Sun 17:30]
:ASSIGNED: Agent
:END:
** DONE Design Deterministic Engine Heuristics (Lisp logic over Memory)
:PROPERTIES:
:CREATED: [2026-03-22 Sun 17:30]
:END:
** DONE Achieve Phase 3: The Self-Editing Kernel
:PROPERTIES:
:CREATED: [2026-03-23 Mon 16:30]
:END:
- Jailing & Sandboxing implemented
- Org-Native Skill Standard established
- Telemetry & Introspection API active
* PHASE: THE SOVEREIGN BOUNDARY (Core vs Skills Refactor)
:PROPERTIES:
:ID: proj-autonomous-boundary
:END:
Slim down the opencortex microharness by moving non-essential cognitive functions to hot-reloadable user-space skills.
** DONE Extract LLM Provider Routing to a Skill (neuro.lisp)
** DONE Extract Vector Embedding Algorithms to a Skill (embedding.lisp)
CLOSED: [2026-04-12 Sun 14:10]
:PROPERTIES:
:ID: extract-embedding-skill
:END:
- Created `org-skill-embedding.org`.
- Moved logic to `src/embedding-logic.lisp` via tangling.
- Updated `system-definition.org`.
** DONE Extract Sparse Tree Context Pruning Strategies to a Skill (context.lisp)
CLOSED: [2026-04-12 Sun 14:25]
:PROPERTIES:
:ID: extract-context-skill
:END:
- Created `org-skill-peripheral-vision.org`.
- Moved logic to `src/context-logic.lisp` via tangling.
- Updated `system-definition.org`.
** DONE Implement `org-skill-peripheral-vision` (Moving embedding logic out of core)
CLOSED: [2026-04-12 Sun 14:25]
:PROPERTIES:
:ID: impl-peripheral-vision
:END:
** DONE Implement communication protocol Schema Validation (Prevent reader macro injection in communication.lisp)
CLOSED: [2026-04-12 Sun 14:45]
:PROPERTIES:
:ID: communication-protocol-schema-validation
:END:
- Created `org-skill-protocol-validator.org`.
- Integrated `validate-communication-protocol-schema` into `communication.org`.
- Added `protocol-validator.lisp` to system definition.
** DONE Implement Pluggable communication protocol Integrity Hashing (Core interface, Skill-based algorithms)
CLOSED: [2026-04-12 Sun 15:15]
:PROPERTIES:
:ID: communication-protocol-integrity-hashing
:END:
- Integrated HMAC-SHA256 (`ironclad:make-mac`) in `literate/communication.org`.
** DONE Implement Native Lisp Merkle-Tree Versioning (Short-term undo buffer in memory.lisp)
CLOSED: [2026-04-12 Sun 19:15]
** DONE Performance: Implement Copy-on-Write (CoW) or Persistent Data Structures for Memory
CLOSED: [2026-04-12 Sun 19:15]
** DONE Feature: Implement Latent Reflection (Proactive Gardening) using heartbeat idle cycles
CLOSED: [2026-04-12 Sun 19:15]
** DONE Simplification: Refactor Cognitive Cycle into a Unified Reactive Signal Pipeline
CLOSED: [2026-04-12 Sun 19:15]
** DONE Resilience: Implement Micro-Rollbacks for the Immune System
CLOSED: [2026-04-12 Sun 19:15]
** DONE Implement `org-skill-memory-archivist` (Long-term IPFS checkpointing and P2P sync)
CLOSED: [2026-04-12 Sun 19:15]
** DONE Implement True Lisp Sandboxing (eval-safe mechanism in core and policy in skills)
CLOSED: [2026-04-12 Sun 19:15]
** DONE Decouple Vendor Logic from Probabilistic Engine (Move Google/Anthropic/OpenAI to Skills)
CLOSED: [2026-04-12 Sun 19:15]
** DONE Component IV: Comprehensive Core Skill Audit (Review all 39 skills)
CLOSED: [2026-04-12 Sun 19:45]
:PROPERTIES:
:ID: core-skill-audit-task
:END:
** DONE Consolidation I: Unified LLM Gateway (Anthropic, Gemini, Groq, OpenAI, etc.)
** DONE Consolidation II: Credentials Vault (Secure Enclave & Masked Logging)
** DONE Consolidation III: Homoiconic Memory (Unified Grammar, Bridge, & ID Generation)
** DONE Consolidation IV: State Persistence Layer (Unified Local & IPFS Checkpointing)
** DONE Consolidation V: Event Orchestrator (Unified Cron, Hooks, & Cognitive Routing)
** DONE Consolidation VI: Task Orchestrator (Task Integrity, Delegation, & Consensus)
CLOSED: [2026-04-11 Sat 13:45]
:PROPERTIES:
:ID: task-orchestrator-consolidation
:END:
- Implemented Parallel Multi-Backend Consensus in neuro.lisp.
- Implemented Task Integrity (GTD semantics) in symbolic.lisp.
- Integrated Consensus Gate and Delegation hooks in core.lisp.
- Verified with new task-orchestrator-tests.lisp.
** DONE Implement Unified Envelope Architecture & Channel-Awareness
CLOSED: [2026-04-20 Mon 13:20]
- Removed specialized :CHAT type; reverted to semantic :REQUEST/:EVENT protocol.
- Decoupled routing metadata into a :META envelope (SOURCE, SESSION-ID).
- Updated TUI, Emacs, and CLI gateways to use the unified protocol.
- Verified end-to-end loop with TUI; kernel correctly routes responses back to origin interface.
- Achieved "Equality of Clients" mandate.
** DONE Full review of opencortex's harness
CLOSED: [2026-05-01 Fri 12:46]
:PROPERTIES:
:CREATED: [2026-04-13 Mon 13:30]
:ASSIGNED: Agent
:END:
- [X] Audit terminology: Replaced OACP with "communication protocol" workspace-wide.
- [X] Audit boot sequence: Synchronized loader with `org-skill-policy.org`.
- [X] Implement Unified Envelope (Channel-Aware Routing).
- [X] Audit core Perceive-Think-Act loop.
- [X] Verified protocol framing and reader jailing (`*read-eval* nil`).
- [X] Refactored `loop.org` for literate granularity and configuration externalization.
- [X] Improved error handling (restricted rollback) and added graceful shutdown.
- [X] **FIXED:** Implemented symbolic guard check in `act-gate` via Dispatcher skill refactoring.
- [X] **FIXED:** Harness `deterministic-verify` now correctly respects skill triggers.
- [X] **FIXED:** Resolved TUI crash by removing `--non-interactive` from `opencortex.sh` and adding defensive coordinate handling.
- [X] **VERIFIED:** Confirmed bidirectional TUI communication and signed off v0.2.0.
- [X] Ensure alignment with System Policy and Engineering Standards.
- [X] Restored structural integrity by fixing `manifest.org` loading sequence.
** TODO Wake up the Scribe (Implement autonomous weekly Journal-to-Ledger distillation in org-skill-scribe.org)
** TODO Implement `org-skill-lisp-repair` (Self-correcting syntax gate for Deterministic Engine)
CLOSED: [2026-04-11 Sat 15:10]
:PROPERTIES:
:ID: lisp-repair-gate
:END:
- Implemented asynchronous, event-driven repair logic.
- Decoupled core from repair logic (emits `:syntax-error` event).
- Proven via lisp-repair-tests.lisp (Asynchronous flow verified).
** DONE Implement `org-skill-formal-verification` (Prove safety of high-impact actions)
CLOSED: [2026-04-11 Sat 18:15]
:PROPERTIES:
:ID: formal-verification-task
:END:
- Implemented `org-skill-formal-verification.org`.
- Created Lisp-Native Symbolic Prover for security invariants.
- Implemented `path-confinement` invariant (restricted to memex root).
- Implemented `no-network-exfil` invariant (blocking nc, ssh, etc).
- Verified with `formal-verification-tests.lisp`.
* PHASE: DETERMINISTIC ENGINE REFINEMENT
** DONE Verify Autonomous Self-Fix Loop
CLOSED: [2026-04-11 Sat 14:20]
:PROPERTIES:
:CREATED: [2026-03-23 Mon 16:30]
:END:
- Proven repair capability via self-fix-tests.lisp.
- Verified surgical code patching and hot-reloading.
- Documentation and RCA complete.
** DONE Implement "Planning Mode" (Deterministic Engine Dispatcher) for Complex Actions
CLOSED: [2026-04-11 Sat 15:30]
:PROPERTIES:
:CREATED: [2026-04-01 Wed 17:00]
:END:
- Implemented `dispatcher-check` interceptor in `symbolic.lisp`.
- Created `org-skill-dispatcher.org` for flight plan serialization.
- Verified asynchronous Org-native approval loop via `dispatcher-tests.lisp`.
** DONE Implement Authorization Gate (communication protocol) for "Planning Mode"
CLOSED: [2026-04-11 Sat 15:30]
:PROPERTIES:
:CREATED: [2026-04-01 Wed 17:00]
:END:
- Integrated with Org-mode state transitions (`PLAN` -> `APPROVED`).
- Leveraged Memory event bus for asynchronous re-injection.
** DONE Refactor Architecture Terminology (Associative -> Probabilistic, Deliberate -> Deterministic)
CLOSED: [2026-04-12 Sun 21:00]
:PROPERTIES:
:ID: terminology-refactor-task
:END:
- Updated codebase-wide terminology to use Probabilistic/Deterministic Engines.
- Replaced System 1/2 with Probabilistic/Deterministic Engines respectively.
** DONE Refactor org-skill-policy.org: Concrete Invariants, Conflict Hierarchy, and Auditable Gate
CLOSED: [2026-04-22 Wed 11:50]
:PROPERTIES:
:ID: policy-refactor-concrete-invariants
:END:
- Added explicit Override Hierarchy (Transparency > Autonomy > Bloat > Mentorship > Sustainability).
- Implemented `policy-check-transparency`: blocks user-facing actions without :explanation.
- Implemented `policy-check-autonomy`: flags proprietary domain references as autonomy debt.
- Implemented `policy-check-bloat`: warns on :create-skill actions exceeding size threshold.
- Implemented `policy-check-mentorship`: blocks high-impact actions missing :mentorship-note.
- Implemented `policy-check-sustainability`: logs cloud-provider usage as sustainability debt.
- Implemented `policy-explain`: formats auditable rationale for every policy decision.
- Implemented `policy-find-engineering-standards-gate`: robust cross-package search for standards skill.
- Hardened `policy-deterministic-gate`: never returns NIL silently; always returns action or auditable log.
- Raised skill priority from 100 to 500 to ensure it runs before other deterministic gates.
** DONE Add Invariant 6 (Modularity) and Harness Boundary Contract to Policy/Manifest
CLOSED: [2026-04-22 Wed 12:10]
:PROPERTIES:
:ID: policy-modularity-invariant
:END:
- Added Modularity as Invariant 6 in `org-skill-policy.org`: general life principle that complexity must live at the edges.
- Implemented `policy-check-modularity`: blocks modifications to protected core paths unless `:modularity-justification` is provided.
- Defined `*modularity-protected-paths*` as project-configurable variable (defaults: harness/, opencortex.asd).
- Updated Override Hierarchy to include Modularity between Bloat and Mentorship.
- Added Harness Boundary Contract section to `harness/manifest.org` documenting primary boundary files and generated artifacts.
- Converted checkbox sub-tasks to hierarchical TODO headlines per GTD standard.
** DONE Implement `org-skill-lisp-validator` (3-phase deterministic validation gate)
CLOSED: [2026-04-22 Wed 12:30]
:PROPERTIES:
:ID: lisp-validator-implementation
:END:
- Created 3-phase validation pipeline: Structural (O(n) paren scanner), Syntactic (reader with *read-eval* nil), Semantic (whitelist AST walk).
- Implemented `lisp-validator-validate` returning structured plists for machine parsing.
- Exposed `:validate-lisp` cognitive tool for Probabilistic Engine self-correction.
- Replaced `validate-lisp-syntax` in `harness/skills.org` with delegation to the validator.
- Added mandatory validation rule to Probabilistic Engine system prompt in `harness/reason.org`.
- Fixed paren balance and `return-from` compilation errors in org source; tangled and validated in SBCL.
** DONE Fix Skill Loader to Respect `:tangle` Blocks and Eliminate Circular Dependency
CLOSED: [2026-04-22 Wed 12:45]
:PROPERTIES:
:ID: skill-loader-tangle-fix
:END:
- Updated `load-skill-from-org` in `harness/skills.org` to only collect blocks with `:tangle` directives pointing to runtime `.lisp` files, excluding `tests/` and `test/` paths.
- Added fallback to `validate-lisp-syntax` so it uses a basic reader check when `lisp-validator-validate` is not yet loaded (breaks circular harness->skill dependency).
- Verified full boot: 13/13 skills loaded successfully into SBCL, including `skill-lisp-validator` at priority 900 and `skill-policy` at priority 500.
* TRACK: SECURITY & CONTAINMENT (The 5-Vector Dispatcher Matrix)
** DONE Implement Path-Based Scoping for File Writes (DNA/State vs Work)
CLOSED: [2026-04-12 Sun 15:15]
:PROPERTIES:
:ID: path-based-scoping
:END:
- Implemented as `path-confinement` invariant in `org-skill-formal-verification.org`.
** DONE Implement Network Exfiltration Gate (Intercept generic HTTP requests)
CLOSED: [2026-04-12 Sun 15:15]
:PROPERTIES:
:ID: network-exfiltration-gate
:END:
- Implemented as `no-network-exfil` invariant in `org-skill-formal-verification.org`.
** TODO Implement Secret Exposure Gate (Intercept reads to .env, keys)
* TRACK: INTELLIGENCE & ACTUATION (The Engines)
** DONE Verify individual provider track (Anthropic, Gemini, Groq, OpenAI, OpenRouter, Ollama)
CLOSED: [2026-04-11 Sat 15:45]
:PROPERTIES:
:ID: provider-verification-track
:END:
- Added unit tests for each provider in `llm-gateway-tests.lisp`.
- Mocked `dex:post` to verify JSON payload formatting and response parsing.
- Implemented robust `get-nested` helper to handle various provider structures.
- Integrated `llm-gateway` and `credentials-vault` into `opencortex.asd`.
** TODO Verify org-skill-shell-actuator formal safety harnesses
** DONE Build Playwright-Python Bridge for high-fidelity browsing
CLOSED: [2026-04-11 Sat 18:30]
:PROPERTIES:
:ID: playwright-bridge-task
:END:
- Created `scripts/browser-bridge.py` (Playwright wrapper).
- Implemented `org-skill-playwright.org`.
- Registered `:browser` cognitive tool (JS-rendering, text extraction, screenshots).
- Updated `Dockerfile` with Python/Playwright dependencies.
- Verified with `playwright-tests.lisp`.
* TRACK: COMMUNICATION & INTERFACES
** DONE Implement org-skill-gateway-telegram
CLOSED: [2026-04-11 Sat 16:15]
:PROPERTIES:
:ID: gateway-telegram-task
:END:
- Implemented `org-skill-gateway-telegram.org`.
- Added automated background polling for Telegram GetUpdates.
- Implemented `:telegram` actuator for outbound responses.
- Refactored `org-skill-chat` to be channel-aware.
- Verified with `gateway-telegram-tests.lisp`.
** DONE Implement org-skill-gateway-signal
CLOSED: [2026-04-11 Sat 16:50]
:PROPERTIES:
:ID: gateway-signal-task
:END:
- Implemented `org-skill-gateway-signal.org` (signal-cli wrapper).
- Added background polling for `signal-cli receive --json`.
- Implemented `:signal` actuator for outbound responses.
- Updated `org-skill-chat` to support Signal channel.
- Verified with `gateway-signal-tests.lisp`.
** DONE Implement org-skill-gateway-matrix
CLOSED: [2026-04-11 Sat 17:15]
:PROPERTIES:
:ID: gateway-matrix-task
:END:
- Implemented `org-skill-gateway-matrix.org` (Client-Server API).
- Added background polling for `/sync` with token persistence.
- Implemented `:matrix` actuator for `m.room.message` delivery.
- Updated `org-skill-chat` to support Matrix channel and room IDs.
- Verified with `gateway-matrix-tests.lisp`.
* TRACK: DEPLOYMENT & INFRASTRUCTURE
** DONE Create Dockerfile and docker-compose.yml for containerized setup
CLOSED: [2026-04-11 Sat 17:30]
:PROPERTIES:
:ID: docker-infra-task
:END:
- Created `Dockerfile` (Debian-based, SBCL + Quicklisp + signal-cli).
- Created `docker-compose.yml` with host-volume mapping for memex.
- Created `docs/deployment.org` guide.
** TODO Create Bare Metal installation scripts/playbooks
** TODO Create LXC (Linux Containers) template/guide
** TODO Create VM Vagrantfiles/Cloud-init configs
* TRACK: MAINTENANCE & HYGIENE
** TODO [RECURRING: Monthly] Review and test Infrastructure Dependency Upgrades
:PROPERTIES:
:ID: monthly-infra-audit
:REPEAT_TO_STATE: TODO
:END:
*** TODO Check for new Debian security patches (`apt-get update` check)
*** TODO Check for new `signal-cli` releases (compare vs v0.14.0)
*** TODO Check for new Quicklisp distribution (monthly snapshot)
*** TODO Verification: Update `Dockerfile`, run `docker-compose build --no-cache`, and execute full test suite
*** TODO If all tests pass, commit updated `Dockerfile` and `.asd` dependencies
* TRACK: COMMUNITY & DOCS
** TODO Write Quickstart Guide
** TODO Write Skill Creation Guide
** TODO Write Architecture Deep-Dive
** TODO Clean up GitHub repository structure and add CI/CD
** TODO Create Marketing Material (Landing page copy, diagrams)
** TODO Draft Release Plan checklist
* SUB-PROJECT: THE BOOT SEQUENCE (skills.lisp)
:PROPERTIES:
:ID: proj-skill-boot-sequence
:END:
** DONE Refactor `skills.lisp` into a Micro-Loader (Harness)
CLOSED: [2026-04-12 Sun 19:10]
** DONE Implement Topological Sort based on `#+DEPENDS_ON:` tags
CLOSED: [2026-04-12 Sun 15:15]
:PROPERTIES:
:ID: topological-sort-skills
:END:
- Implemented in `literate/skills.org`.
** DONE Enforce `org-skill-system-invariants` as the mandatory Gateway Skill (Loaded first)
CLOSED: [2026-04-12 Sun 15:15>
:PROPERTIES:
:ID: enforce-mandatory-skill
:END:
- Enforced in `initialize-all-skills` in `literate/skills.org`.
** DONE Formalize the "Minimal Boot Set" (Router, Vision, Steward, Actuator)
CLOSED: [2026-04-12 Sun 19:10>

7
USER_MANUAL.org
View File

@@ -27,10 +27,11 @@ The interactive configuration wizard. Use this to:
- Register LLM providers (Ollama, Groq, Anthropic, etc.).
- The wizard automatically splits sensitive tokens into `~/.config/opencortex/.env`.
** `opencortex link <platform> <token>`
** `opencortex gateway link <platform> <token>`
Connects OpenCortex to external communication gateways.
- **Example:** `opencortex link telegram <my_bot_token>`
- Performs real-time API verification before saving.
- **Example:** `opencortex gateway link telegram <my_bot_token>`
- **Example:** `opencortex gateway unlink telegram` to disable
- **Example:** `opencortex gateway list` to see status
** `opencortex doctor`
Your primary diagnostic tool. Run this if the system feels sluggish or fails to boot. It verifies:

339
docs/DESIGN_DECISIONS.org Normal file
View File

@@ -0,0 +1,339 @@
# OpenCortex Design Decisions
This document captures the rationale behind key architectural choices. It is not a specification - it is a thinking medium for future architects and contributors who need to understand why the system is built this way, not just how.
* Multi-Agent by Default is a Smell
:PROPERTIES:
:ID: design-multi-agent-default
:END:
The AI industry has developed an intuition toward multi-agent systems as the default solution to hard problems. Multiple agents spawn, delegate, coordinate, debate, and consensus their way toward solutions. This pattern is compelling in demos and genuinely useful in specific contexts - but it has become a default assumption that warrants scrutiny.
When context windows grew expensive and task complexity increased, the response was natural: split the problem across agents, each handling a slice. But this architectural choice carries hidden costs that are rarely acknowledged in the enthusiasm of implementation.
**The synchronization tax** is the most immediate burden. Each agent operates with partial information, and maintaining coherence requires continuous state reconciliation. Tokens and processing cycles are spent not on the task itself, but on protocol overhead - who holds what, who decided what, who is correct when they disagree.
**Fragmented context** is the deeper problem. When Agent A writes a function and Agent B modifies a type it depends on, neither has the full picture. Integration failures emerge not from individual incompetence but from systemic communication gaps. Single-agent systems avoid this entirely: one brain holds the complete model, every decision is made with full visibility.
**Audit trails become complex** in multi-agent systems. A decision traced through a single-agent system has a clean, linear history. A decision traced through a multi-agent system branches and forks, with each agent's reasoning partially overlapping and partially conflicting.
None of this is to say multi-agent systems are never appropriate. Embarrassingly parallel workloads - scanning ten thousand files, processing batch jobs - benefit from parallelism regardless of context. When distinct expertises are required and cannot coexist in one model, delegation makes sense. In adversarial scenarios where conflicting goals are features, multi-agent architectures shine.
But the default assumption that complex reasoning tasks are best solved by multiple agents is unproven and likely wrong for the engineering domain. Claude Code is a single-agent system. It handles 50-file refactors, debugs complex stack traces, writes tests, and navigates large codebases. The assumption that you need five agents to do what one well-designed agent can do is an industry habit, not a technical necessity.
OpenCortex is single-agent by default not from limitation but from conviction: for reasoning-heavy work where coherence matters, a unified memory space and single decision-making locus are architectural assets, not constraints.
* The Unified Memory Argument
:PROPERTIES:
:ID: design-unified-memory
:END:
If single-agent architecture is the decision, unified memory becomes the mechanism that makes it viable. The critical question is not "how many agents" but "how does the agent manage context without saturating."
Context window limits are largely a symptom of lazy architecture. The default approach - stuff everything in, hope the model figures it out - works poorly at scale. A more principled approach inverts the problem: the system should hold effectively infinite context, with the active window kept lean through intelligent management.
**Lazy loading** is the core technique. When an agent needs information about a function, it does not load the entire codebase. It loads precisely what the function does. Context stays lean - 2,000 to 4,000 tokens - while the full context remains accessible through retrieval.
**Compaction events** are scheduled during idle cycles. The system extracts new facts from active context and writes them to permanent storage. Active context is wiped clean, not because space ran out, but because the information has been preserved in a form that can be retrieved when relevant.
**Org-mode as externalized memory** solves the persistence problem elegantly. Every decision, every note, every task lives in plain text files the user already owns. The agent does not maintain a separate database. It queries files it can already access, modifies files it already owns.
**Retrieval is the key primitive.** Semantic search across Org files finds relevant nodes. The agent does not hold the full context - it holds pointers to context, loaded on demand. This is how a single agent handles tasks that would saturate a naive multi-megabyte context window.
The unified memory argument is not that infinite context is free. It is that with proper architecture, effective infinite context is achievable without the synchronization and fragmentation costs of multi-agent systems.
* The Probabilistic-Deterministic Split
:PROPERTIES:
:ID: design-probabilistic-deterministic
:END:
The architecture divides cognition into two fundamentally different reasoning systems. This is not arbitrary engineering but a structural response to a fundamental truth: probabilistic systems will hallucinate, and you cannot build reliable autonomy on an unreliable foundation.
An LLM is a statistical engine. It generates outputs based on patterns in training data. It is remarkable at translation, generation, pattern matching, and fuzzy reasoning. It can take messy human intent and produce structured queries. It can take structured results and produce natural language. It is, in the terminology of the system, the creative brain.
But it cannot be trusted. Not because it is poorly designed or insufficiently trained, but because hallucination is a fundamental property of probabilistic inference. The model generates the most likely continuation, not the correct one. Given sufficient context, the most likely continuation is correct. Given novel context, it is often wrong in confident-sounding ways.
The deterministic engine addresses this by being what the probabilistic engine is not: mathematically rigorous, formally verifiable, and incapable of hallucination by design. It operates on explicit symbolic representations - lists, property lists, knowledge graphs - not on floating-point activations. When it evaluates a path confinement check, it returns true or false, not a probability distribution.
The division of labor is architectural. The LLM handles the fuzzy interface between human language and structured representation. It translates what the user wants into what the system can reason about. The deterministic engine receives those structured representations and evaluates them against formal invariants. It decides whether to execute, not whether the translation was semantically plausible.
This separation is the source of OpenCortex's safety guarantee. Other agents add "guardrails" as an afterthought - a layer of filtering around a dangerous core. OpenCortex makes the division explicit: the LLM never touches the file system, never executes a command, never modifies memory. It generates proposals. The deterministic engine evaluates and executes. The dangerous operations are never in the probabilistic path.
The split also explains why the system gets safer over time without the LLM improving. The deterministic engine accumulates rules. The LLM proposes actions, the engine evaluates them against a growing rule set. Early versions block obvious dangers. Later versions block sophisticated attacks that were previously unknown. The safety grows logarithmically with the number of interactions, not linearly with model capability.
* Homoiconicity as Foundation
:PROPERTIES:
:ID: design-homoiconicity
:END:
Common Lisp is homoiconic: code and data share the same representation. A Lisp program is a list, and a list is a Lisp program. This is usually presented as a curiosity, an interesting property that enables macros. In OpenCortex, it is the foundational enabling property of the entire self-modification architecture.
When code is data, the agent can read its own source the same way it reads a text file or an Org buffer. There is no AST parser required, no external tool to extract the function object from the running image. The agent evaluates (read-from-string source) and the result is executable Lisp. The representation it manipulates is the same representation that the runtime executes.
This is not true of most languages. In Python, the agent can inspect an AST through the ast module, but that AST is a foreign object - a data structure that represents code but is not code itself. The agent can see that a function takes certain arguments and returns a certain type, but it cannot treat the AST as a live object it can modify and re-evaluate. In C, the agent cannot inspect its own compiled machine code at all.
In Lisp, the distinction between code and data is a convention, not a barrier. The agent's skills are lists. The agent can take a skill, extract a function definition, modify the body, wrap it in a new list, and evaluate it. The modification is surgical: it changes exactly what it intends to change, with no risk of corrupting adjacent state, because the representation is a tree that the runtime understands natively.
Runtime introspection is therefore native. The agent does not need a debugger API or a reflection protocol. It operates on its own code as data because its own code is data. (describe 'function-name) returns the function's documentation. (function-lambda-list 'function-name) returns its parameters. (macroexpand-1 '(defskill ...)) shows what the macro produces. There is no impedance mismatch between the agent's reasoning and the system's representation.
Self-modification is the practical consequence. The agent can detect an error, locate the erroneous function, generate a corrected version, and hot-reload it into the running image. The correction is not applied to a file that requires a restart - it is applied to the live object that the system is currently executing. This is what makes the self-editing skill viable: the agent can fix itself without stopping.
In v3.0.0, when the symbolic engine takes over the reasoning core, homoiconicity becomes the bridge between the neural and symbolic layers. The neural engine generates proposals as s-expressions. The symbolic engine evaluates them against formal constraints. The result is a modification that is simultaneously a data structure the symbolic engine can analyze and code the runtime can execute. The two representations are identical by construction.
This is the technical meaning of "Lisp as Governor": not just that Lisp orchestrates the other components, but that the representation of the system is uniform and inspectable at every level. There is no hidden state, no opaque machine code, no representation that the agent cannot reach into and modify. The system is legible to itself by design.
**Self-Modification Without Boundaries**
Other systems that support self-editing draw a line between the core and the skills. Hermes can modify its skills at runtime, but the core harness is protected - editing it requires a restart because the core is treated as privileged code that cannot be safely modified while running.
OpenCortex has no such boundary. The "thin harness, fat skills" distinction describes where complexity lives, not where authority flows. The harness is small by design, but it is not privileged. The agent can read and write any part of the system - including the very code that is currently executing - without restarting.
This is only possible because Lisp code is mutable data at runtime. In a compiled language, the machine code for a running function is locked in memory, protected by the call stack, impossible to modify safely. In Lisp, the function object is a list you can modify with =setf=. When the agent changes a harness function, the running image immediately reflects the change. The next invocation uses the new code. There is no restart, no special boot mode, no distinction between development and production.
The implications extend beyond convenience. A system that cannot modify its own core is a system that has limits on its own adaptability. It can learn skills but not improve its own structure. It can grow but not evolve. OpenCortex's lack of a core boundary means the system can improve its own reasoning engine, fix bugs in its own cognition, and evolve its own architecture - all while continuing to operate.
This is the final expression of homoiconicity: not just that code is readable as data, or that skills are modifiable, but that the entire system - including the parts that other systems protect - is open to modification. There is no ceiling on self-improvement. The agent can rewrite the very code that rewrites itself.
**Lisp and the AI Dream**
Lisp was invented in 1958 by John McCarthy with artificial intelligence explicitly in mind. Its design - code as data, runtime mutation, symbols and lists as first-class constructs - was shaped by the belief that a truly intelligent machine would need to reason about and modify its own reasoning. For decades, Lisp machines were the closest thing to thinking machines that existed.
Then the AI winter came. Symbolic AI fell out of favor. Statistical learning and neural networks dominated. Lisp was relegated to niche applications and academic curiosity. The machine that was designed for AI was never used for the task it was designed for.
Six decades later, neural networks have arrived at the problem from a different direction. They can learn and generalize, but they hallucinate, cannot explain their reasoning, and cannot safely modify themselves. The neuro-symbolic synthesis - combining neural pattern recognition with symbolic reasoning - is recognized as the path toward AI that is both powerful and trustworthy.
Lisp's time may finally have come. Not as a replacement for neural networks, but as the governor that makes them safe - the symbolic engine that verifies what the neural engine proposes, the homoiconic substrate that allows the system to inspect, modify, and improve its own reasoning. The machine that was designed for AI in 1958 may be the exact machine needed for AI in 2026 and beyond.
* Org-Mode as Unified AST
:PROPERTIES:
:ID: design-org-unified-ast
:END:
OpenCortex makes a bet that most systems consider too expensive to place: that humans and machines should share the same file format. That bet is Org-mode.
Most systems separate human-readable notes from machine-readable data. The user writes Markdown. The system stores it, indexes it, searches it. But internally, the system maintains its own model - a database, an object store, a knowledge graph - that is disconnected from the Markdown. When the user dies or leaves, the Markdown survives but the model must be reconstructed.
OpenCortex refuses this separation. The Org file is not a representation of the data. The Org file IS the data. The same text that the user reads and edits is what the system parses and operates on. org-element reads an Org buffer and returns a tree structure that is the direct Lisp representation of the file's content.
This has several profound implications.
First, there is no translation layer between human and machine. When the agent writes a skill, it writes Org text that is immediately readable by the human who owns the file. When the human writes a note, it is immediately accessible to the agent as a native data structure. The communication is not mediated by a schema or an import/export process.
Second, the format is genuinely readable by both parties, not just technically accessible. Org-mode's syntax is human-friendly: headlines begin with asterisks, properties live in drawers, tags are labels after colons. The human does not have to understand the full Org specification to read what the agent wrote. The agent does not have to handle edge cases in human notation.
Third, the format is stable across decades. Org-mode has been in active development since 2003. The files written today will be readable by Org-mode in 2040. There is no schema migration, no database upgrade, no vendor lock-in. The human's notes survive the system.
Fourth, the format is universally available. Org-mode is free software. The files are plain text. There is no proprietary format to decode, no application to purchase, no cloud service to access.
Fifth, the format is header-aware and sparse-tree capable. Org-mode's headline hierarchy is not just formatting - it is a semantic structure the system can query. The agent can retrieve only the relevant subtree under a heading, ignoring the rest of the file. This is fundamentally different from Markdown, where the entire file must be loaded or the retrieval logic must parse and filter at the string level.
Sparse tree retrieval is the key to efficient context management. When the agent needs information about the =openctl-db= function, it queries for the =openctl-db= subtree specifically. It receives exactly the code, documentation, and metadata under that heading - nothing more. The context stays lean not because the file was pre-split but because the retrieval is structural. In a Markdown system, the agent either loads the entire file (expensive, noisy) or relies on imprecise grep-like search (fragile, loses hierarchy). In Org-mode, retrieval is precise, hierarchical, and cheap. The heading boundary is the access boundary.
Sixth, Org-mode unifies what every other format fragments. A single Org file contains the headline hierarchy, prose documentation, source code blocks with live evaluation, tags for categorization, metadata in property drawers, TODO state for task management, timestamps and deadlines, and links to other nodes. Markdown cannot express TODO state without external tools. JSON cannot contain prose. YAML cannot embed runnable code. Each format serves one purpose; Org-mode serves all of them. When the agent reads a skill file, it reads documentation, code, dependencies, metadata, and task state in one parseable structure. When the human reads the same file, they see the same information rendered in a human-friendly form. No other format achieves this unification without maintaining parallel files or external databases.
Seventh, a skill lives in one Org file, not a directory. The standard pattern for a software project is a directory containing =README.md=, =package.json=, =src/main.py=, =src/utils.py=, =tests/test_main.py=, =scripts/deploy.sh=, and =config.yaml=. Each file type is isolated by convention: prose lives in README, code lives in src, tests in tests, configuration in config. This fragmentation means the skill is not a single object the system can reason about - it is a collection of files the system must assemble. OpenCortex's skills violate this convention deliberately. Each skill is one Org file. The file contains the skill's documentation, the skill's code, the skill's metadata, the skill's TODO state, and the skill's dependencies on other skills. There is no directory to navigate, no external files to locate, no risk that the README describes behavior that the code does not implement. The skill is a single atomic unit: readable by human and machine, editable by both, versionable as one entity.
The unified format is what makes the memory architecture work. The agent's memory is not a database that the user cannot inspect. It is a folder of Org files that the user can read, edit, and understand. The agent manipulates these files directly, using the same tools the user would use. There is no hidden state, no shadow database, no model that differs from the source.
This is what "sovereignty" means in technical terms: the user owns the data in a format they can access, and the agent operates on the data in the same format they own.
* Literate Programming as Discipline
:PROPERTIES:
:ID: design-literate-programming
:END:
The decision to use Org-mode as the source of truth for code, not just documentation, is not a ceremonial preference. It is a constraint mechanism that enforces better engineering habits at the cost of convenience.
The traditional development workflow is: write code, write comments, commit. The literate programming workflow is: write prose, write code, commit the Org. The order matters. The prose must come first not because of style guidelines but because the act of explaining what a function does before writing it forces clarity of thought that editing code directly does not.
When you must write a paragraph describing what a function does before you write the function, you discover the cases you have not considered. You find the edge conditions that are ambiguous. You realize that the function's name does not match its behavior, or that its behavior does not match your intent. The friction is not a bug - it is the mechanism by which thinking is enforced.
The one-function-per-block rule enforces granularity. A function that cannot be explained in a paragraph is a function that is doing too much. The block boundary is not aesthetic - it is architectural. It prevents the drift toward monolithic functions that accumulate responsibilities over time and become untestable, unmaintainable, and incomprehensible.
The tangle step enforces source-of-truth discipline. The .lisp file is generated from the Org file. This means the Org file cannot drift from the implementation. If the implementation changes, the Org must be updated to match. If the Org describes behavior that the implementation does not perform, the tangle produces code that does not match the Org description. Either way, inconsistency is visible and recoverable.
The evaluation gate enforces correctness. Every block can be evaluated independently in a running Lisp image. This means syntax errors are caught at authorship time, not at integration time. The function that compiles in isolation but fails in context is the function whose context dependencies were never made explicit. The evaluation gate forces those dependencies to surface.
Together, these constraints create a development experience that is slower in the small and faster in the large. Writing a new function takes longer because you must explain it. But debugging, maintaining, and extending the codebase is faster because every function has a human-readable explanation of its intent, every function is testable in isolation, and every function's source is always synchronized with its documentation.
The literate programming discipline is not about producing documentation. It is about producing code whose correctness has been verified by the act of explaining it.
* The Bouncer as Learning System
:PROPERTIES:
:ID: design-bouncer-learning
:END:
The Bouncer begins as a static guard - a set of rules that block obviously dangerous actions. But defining "obviously" is the hard problem. The agent encounters situations the rules do not anticipate. The Bouncer must grow.
The human-in-the-loop exception is the seed. When the LLM proposes an action the Bouncer does not recognize, the system does not default to blocking or allowing. It suspends. It writes the proposed action to an Org buffer in a format the human can read and understand. The human reviews and approves or denies. The Bouncer observes the decision.
From this single observation, the Bouncer extracts a rule. Not merely "allow this specific action" but "allow this class of actions parameterized by these dimensions." The human approved a write to ~/projects/myapp/src/core.clj. The Bouncer generalizes: writes to ~/projects/*/src/*.lisp are approved for this session, or for this project, or indefinitely depending on the context and the user's pattern of decisions.
Shadow mode is where rules are tested before deployment. When the Bouncer encounters a novel situation and is uncertain, it can run the proposed action in a simulated environment. It observes the side effects - what files would be modified, what processes would be spawned, what network calls would be made. If the simulation produces dangerous side effects, the rule is discarded. If it appears safe, the rule is added to the active set with a confidence rating.
Formal verification is where the learned rules are checked against invariants. The Bouncer's rules are not merely patterns observed from human behavior. They are formulas in a logic that the system can reason about. A rule that would enable path traversal is not discarded because it was observed to be safe in prior instances - it is discarded because it violates the path-confinement invariant by construction.
The Bouncer becomes, over time, not a guard that blocks bad actions but a reasoning system that understands why actions are good or bad. Early versions learn from human decisions. Later versions learn from their own logical analysis. The human's role transitions from approver to auditor to, eventually, unnecessary oversight.
This is the bootstrap. The system begins dependent on human judgment because it has no basis for judgment of its own. Through accumulated decisions, it constructs a model of what is permitted and why. That model is the foundation for the deterministic symbolic engine that in v3.0.0 takes over the reasoning that the Bouncer learned to perform.
* OpenCortex as a Function in Time
:PROPERTIES:
:ID: design-trajectory
:END:
The system is not static. OpenCortex is defined not just by its current state but by its trajectory - how its cognitive architecture evolves over versions, with each phase reducing probabilistic surface area while increasing deterministic control.
**v0.1.0: The Probabilistic Foundation**
The agent begins by relying heavily on the neural engine. The LLM translates messy human intent into structured queries, generates code, proposes solutions. The Bouncer is present but thin - it blocks obviously dangerous actions, verifies path confinement, enforces basic invariants. Most reasoning is probabilistic because the symbolic infrastructure does not yet exist to do otherwise.
At this stage, OpenCortex is similar to other LLM-based agents. The key difference is the gate is already there - the architecture assumes the LLM will hallucinate and structures safety accordingly.
**v0.2.0 through v0.5.0: The Bouncer Learns**
Each version expands the deterministic layer. The Bouncer writes rules from approved exceptions. Shadow mode runs trial executions. Tool permission tiers mature from simple allow/deny to nuanced context-aware policies. The agent becomes less likely to attempt dangerous actions not because it is smarter but because the guard has more complete information.
This is the bootstrapping phase. The system learns by watching itself and its user. Every blocked action becomes a rule. Every approved exception becomes a pattern. The symbolic layer grows at the probabilistic layer's expense.
**v0.6.0 through v0.7.0: The Architecture Crystallizes**
Skills become more deterministic. The agent learns to write its own skills - first drafts generated by the LLM, but verified and refined by the symbolic engine. Self-editing improves. The REPL becomes a first-class cognitive substrate - code is not just written but verified, iterated, tested before committing.
The balance shifts. The neural engine still translates and generates, but the symbolic engine checks, constrains, and corrects. The system is becoming what Gemini called "the strict guard" - a mathematically rigorous layer intercepting probabilistic output.
**v1.0.0: SOTA Parity - The Probabilistic Ceiling**
Achieving feature parity with commercial agents requires the full v0.x series complete. At this point, OpenCortex is a reliable autonomous agent - it can handle multi-step engineering tasks, maintain context across sessions, recover from errors, pass benchmarks. It is safer than alternatives because the Bouncer is mature and the memory architecture is sound.
But it is still fundamentally probabilistic at its core. The symbolic engine verifies and constrains, but the generative engine is still the primary reasoning source.
**v2.0.0: The Agent Becomes the Interface**
This version is not about the symbolic engine - it is about tools. The agent stops running inside Emacs and starts replacing it. Lish (Lisp shell) emerges: a shell that speaks plists, not POSIX. Org-mode buffers become the file system. Org-babel becomes the REPL. The agent is no longer a passenger in Emacs - it is the operating system.
The key insight is that the agent's interface and the agent's brain become the same thing. In earlier versions, there is a clear separation: the agent produces output, the TUI displays it. In v2.0.0, the distinction blurs. The agent's thoughts are displayed in Org buffers that are also the interface that the agent manipulates.
This is the Emacs cannibalization phase. Not hostile replacement but evolution - Emacs was always a Lisp machine, and v2.0.0 completes the metamorphosis.
**v3.0.0: The Symbolic Breakthrough**
This is the architectural leap. The system transitions from "probabilistic engine with symbolic verification" to "symbolic engine with probabilistic input and output."
The 10-80-10 architecture becomes fully realized: ten percent neural for input translation, eighty percent symbolic for reasoning against a knowledge graph, ten percent neural for output formatting. The symbolic engine maintains facts, relationships, rules, and formal proofs. When the neural engine generates something, the symbolic engine verifies it - not by checking against a blocklist, but by running the proposal through a Prolog/Datalog reasoner that understands the domain constraints.
The deterministic planner takes the wheel. The LLM is no longer consulted for planning decisions - it translates human language to structured queries and structured results back to human language. The planning itself is pure Lisp: task graphs generated by a symbolic reasoner that has access to the full knowledge graph.
Self-correcting gates replace the learned Bouncer rules. The system learns not just from approved exceptions but from the full history of outcomes - did the plan succeed? Where did it fail? The symbolic engine updates its own rules based on the results.
The implications are significant. Hallucination becomes structurally impossible because the symbolic engine will not accept a fact that contradicts its knowledge graph. Safety becomes provable because the formal verification layer can prove properties about the system's behavior. Self-improvement becomes stable because the agent modifies skills that are then verified before execution.
**v4.0.0 and Beyond: Hardware as the Final Constraint**
The Lisp machine becomes physical. RISC-V with tagged architecture, hardware-enforced type checking, FPGA prototype for the symbolic core. The agent runs not in emulation but on silicon purpose-built for the architecture.
This is the long horizon. The symbolic engine runs on logic ASICs optimized for symbolic computation. The neural engine runs on GPU or purpose-built matrix math hardware. Lisp orchestrates both, enforcing at the hardware level what it enforced at the software level in earlier versions.
**The Trajectory as Design Principle**
Understanding OpenCortex as a function in time is not nostalgia. It is architectural guidance. Every decision in v0.x should be made with awareness of where the system is going. Code written today becomes the substrate for v3.0. Skills designed today become the vocabulary the symbolic engine speaks tomorrow.
The probabilistic beginning is not a weakness to overcome. It is the bootstrap. The system learns the domain through probabilistic inference, and that learned knowledge becomes the seed for the symbolic engine. By the time the symbolic engine takes over, it has a rich knowledge graph to reason about, grown from thousands of probabilistic interactions.
This is how you build a reasoning machine: start with a learner, make it learn to verify, let verification become the core, remove the learner once it has learned enough.
* The REPL as Cognitive Substrate
:PROPERTIES:
:ID: design-repl-cognition
:END:
A REPL - Read, Eval, Print, Loop - is an interactive programming environment that reads an expression, evaluates it, prints the result, and loops back to read the next expression. It is the opposite of batch processing: where batch compiles and runs a program in one shot, a REPL works one expression at a time, with each evaluation building on all previous ones. The programmer defines a function, calls it, inspects the result, modifies it, and calls it again. The state accumulates. The session is the program.
In Lisp, the REPL is not a debugging tool bolted onto the language - it is the natural mode of interaction. The running image is the environment. When you evaluate =(+ 2 2)=, the result =4= is printed, and you remain in the same image where =+= is defined, where previous definitions persist, where the next expression can reference anything that came before. There is no separation between development and execution. The REPL is not a simulation of the program - it is the program running.
OpenCortex uses the REPL in this spirit, but elevated: it is not merely a tool for writing code, it is the mechanism by which the agent interacts with its own cognition - a loop that mirrors the perceive-reason-act metabolic cycle at the implementation level.
In the agent's cognitive architecture, the REPL serves three functions that are difficult or impossible to achieve through batch processing or stateless API calls.
First, the REPL enables verification before commitment. When the agent generates code, it does not write and forget - it evaluates in a running image, observes the result, iterates if incorrect. The feedback loop is tight: the time between writing and seeing the error is measured in milliseconds, not in the round-trip to a language server or a batch compiler. This is the "verification over hallucination" principle from the RLM paper made concrete: the agent tests what it writes before claiming it works.
Second, the REPL enables stateful exploration. The agent can define a variable, inspect it, modify it, redefine it. The exploration accumulates state across interactions. This is not a debugging session - it is the agent thinking with its hands, working through a problem by trying variations and observing outcomes, keeping the successful ones and discarding the failures.
Third, the REPL is a shared substrate. When the agent evaluates code, that code runs in the same image as the agent's own cognition. There is no process boundary between the agent and its tools. The REPL is not a subprocess the agent controls - it is a direct interface to the agent's own nervous system.
This is why the REPL becomes more important as the system matures. In early versions, it is a development tool. In v0.6.0 and beyond, it becomes a cognitive tool: the agent explores hypotheses by evaluating them, verifies the output of sub-agents by inspecting live state, and tests modifications before committing them to the knowledge graph.
* The Evaluation Harness
:PROPERTIES:
:ID: design-evaluation-harness
:END:
SOTA parity is meaningless without measurement. A system that claims to match commercial agents must demonstrate it through reproducible benchmarks, not through feature checklists. The evaluation harness is the apparatus by which OpenCortex proves its capabilities.
The industry standard for coding agents is SWE-bench: a corpus of GitHub issues paired with pull requests. The agent is given an issue, must understand the codebase, write a fix, and submit. Success is measured by whether the submitted PR passes the existing test suite. This tests the full chain: understanding, planning, code generation, verification, and multi-step reasoning.
OpenCortex implements a native Lisp harness for this. A background thread clones repositories, feeds issues into the cognitive loop, tracks the resolution trajectory as an Org-mode headline tree, and scores success by test outcomes. The trajectory is persisted: when a resolution fails, the system can inspect where in the chain the reasoning broke down. The headline tree records the agent's thoughts at each step, making the failure auditable and the debugging human-assisted.
Beyond SWE-bench, the harness includes chaos testing. The system is subjected to resource starvation, concurrent load, and adversarial input. The deterministic engine must maintain safety invariants under pressure. The symbolic verifier must not deadlock or livelock. The probabilistic engine must degrade gracefully - if tokens are limited, it must still produce valid proposals that the deterministic engine can evaluate. Failure under chaos is a design flaw, not a benchmark anomaly.
The harness also supports regression testing on the skill set. Every skill is tested against a suite of known inputs and expected outputs. When a modification is proposed to any skill - whether through manual editing or the agent's own self-modification - the test suite runs first. A skill that fails its tests is rejected before it can propagate to the running image. This is not a convenience - it is the mechanism by which self-modification remains safe. The agent can propose changes, but the harness verifies them before the changes take effect.
* Observability and the Thought Trace
:PROPERTIES:
:ID: design-observability
:END:
When a human asks why the system made a decision, the answer must be findable. In most AI systems, the reasoning is ephemeral - it exists in the model's activations and disappears when the session ends. In OpenCortex, every significant cognitive event is written to an Org buffer as it happens.
The thought trace is the agent's journal, written in parallel with its reasoning. When the probabilistic engine generates a proposal, the trace records the input, the prompt, and the raw output. When the deterministic engine evaluates it, the trace records which rules were checked, which passed, which failed, and why. When an action is executed, the trace records the timestamp, the user who approved it (if human-in-the-loop), and the outcome.
This is not logging in the traditional sense. Logs are forensically useful but are written in a machine format optimized for storage, not for human reading. The thought trace is written in Org-mode: headlines for major events, property drawers for structured data, tags for categorization. The human can open the trace in Emacs and navigate it like any other Org file. They can search for a specific decision, filter by time range, find all actions blocked by a specific rule, or see the complete trajectory of a multi-step task.
The trace becomes the foundation for the Bouncer's learning. Every blocked action is in the trace. Every approved exception is in the trace. The human-in-the-loop decisions are in the trace. The system does not need to reconstruct what happened - it reads what happened from the trace it wrote.
Without observability, the system is a black box that happens to produce correct outputs sometimes. With observability, the system is auditable. The human can see why a decision was made, identify where the reasoning failed, and course-correct the system or its own behavior accordingly.
* The MCP Strategy
:PROPERTIES:
:ID: design-mcp-strategy
:END:
The Model Context Protocol (MCP) is a standard for connecting AI systems to external tools and data sources. It defines how a client requests tools from a server, how the server exposes its capabilities, and how the client invokes them. The ecosystem is growing: MCP servers exist for GitHub, Slack, Postgres, filesystem access, and much more.
OpenCortex connects to this ecosystem, but not by becoming a Node.js runtime. The architecture is: external MCP servers communicate via stdio or SSE to a Lisp-native MCP client that runs in the same image as the agent. The client is pure Common Lisp - it parses the JSON-RPC messages, invokes the tools, and presents results to the agent as Lisp data structures. There is no serialization overhead between the agent and the MCP layer, no process boundary, no impedance mismatch.
When the agent calls a tool via MCP, it receives a plist with the tool name, arguments, and result. The result is immediately usable by the agent's symbolic engine. When the agent generates a file, it can be written to the filesystem through an MCP filesystem server. When the agent needs to send a message, it can use an MCP Slack server. The agent does not need to know that these are MCP interactions - it sees only the plists that flow through its cognitive architecture.
The alternative is to build MCP wrappers in Python or TypeScript and bridge to Lisp via subprocess. This is what OpenClaw does: a Node.js runtime that manages MCP servers, with a bridge to the Lisp process. The bridge introduces latency, serialization costs, and a maintenance burden. The Node.js process must be kept running. The bridge must be maintained across Lisp and JavaScript runtimes. The cognitive architecture must handle errors that cross the process boundary.
OpenCortex's native client is smaller, faster, and more maintainable. The MCP client is a skill, not a core component. It can be reloaded, replaced, or removed without restarting the agent. The agent can add new MCP tool integrations by loading new skills, not by deploying new infrastructure.
* Local-First Architecture
:PROPERTIES:
:ID: design-local-first
:END:
OpenCortex is designed to run on the user's machine, on their hardware, with their data, without requiring an internet connection. This is not a deployment option - it is an architectural commitment. The system must be able to reason, plan, and act using only the resources available locally.
The motivation is not merely philosophical. Cloud-based AI agents are economically incentivized to collect data, to train on user interactions, and to build lock-in through proprietary formats and network effects. When the agent runs locally, the user owns the hardware, owns the data, and can terminate the process without asking permission. There is no vendor that can change terms, no service that can go offline, no model that can be updated without consent.
Technically, local-first means several things. The LLM must be able to run on local hardware. OpenCortex supports Ollama as a provider, which runs quantized models on CPU and GPU without requiring an external API. The vector database must be local. OpenCortex uses its own org-object store, which is a folder of Org files that the agent already owns. There is no ChromaDB or Qdrant to install, no cloud vector service to authenticate with.
The symbolic engine does not require a network connection. The Prolog/Datalog reasoner that in v3.0.0 verifies neural proposals runs entirely in the Lisp image. The Bouncer's rule synthesis does not call an external service. The agent can operate in a disconnected environment indefinitely, resuming full capability when connectivity is restored.
This does not mean OpenCortex refuses to use cloud services when available and appropriate. It means cloud services are optional enhancements, not architectural requirements. The core is local. The user can choose to add cloud LLM providers for more capable inference, but the system functions without them.
* Zero-Dependency Deployment
:PROPERTIES:
:ID: design-zero-dependency
:END:
The simplest deployment is one that requires no installation steps. The user downloads one file, runs it, and the system works. OpenCortex approximates this through SBCL's ability to produce standalone executables via save-lisp-and-die. The executable contains the Lisp runtime, the compiled system, and Quicklisp libraries - everything bundled into one binary.
The practical reality is more nuanced. Building a truly standalone executable requires resolving all library dependencies at build time and embedding them in the binary. SBCL supports this, but the resulting binary is large (tens of megabytes), and updating any component requires a full rebuild. The current deployment model uses a Docker container that maps the user's memex directory as a volume. The container starts, loads the system, and is ready. No compilation on the user's machine, no dependency installation, no platform-specific quirks.
The long-term goal is a single =opencortex= binary that the user runs. It starts a local web server on a Unix domain socket. The TUI connects through the socket. The user's Org files are in =~/memex/=. The binary is the only thing that needs to be installed.
This stands in stark contrast to most AI agent systems, which require managing Python environments, npm packages, API keys, environment variables, and configuration files. OpenAI's agents SDK requires pip install, a Python environment, and external API access. OpenClaw requires Node.js, npm, and a plugin ecosystem that must be individually installed. LangChain requires a Python environment with dozens of dependencies that must be kept compatible.
OpenCortex's dependency model is SBCL plus Quicklisp. Quicklisp loads libraries on demand from the internet, but caches them locally. A system with internet access can fetch any library it needs. A system without internet access uses only the libraries it has already loaded - and those are preserved in the cache. The agent does not require internet access to function after initial setup.

2
docs/ROADMAP.org
View File

@@ -5,6 +5,8 @@
The roadmap is designed working backwards from SOTA parity (V 1.0.0), guiding each version toward a fully autonomous, self-editing agent. Each version builds on the previous, with features designed to be implemented in pure Common Lisp + Org-mode.
Per-version task tracking: [[file:../TODO.org][TODO.org]]
** Non-Negotiable Identity
- Pure Common Lisp + Org-mode. No JSON. No YAML. No external databases.
- Single-address-space memory (Lisp hash tables in RAM — the agent IS the memory).

78
docs/USER_MANUAL.org
View File

@@ -9,13 +9,26 @@ Welcome to OpenCortex v0.1.0 (The Autonomous Foundation). OpenCortex is a neuros
* Installation
OpenCortex is bootstrapped via a single shell script.
** Quick start (curl)
#+begin_src bash
git clone ssh://git@10.10.10.201:2222/amr/opencortex.git
cd opencortex
./opencortex.sh setup
curl -fsSL https://raw.githubusercontent.com/amrgharbeia/opencortex/main/opencortex.sh | bash -s configure
#+end_src
This process will install SBCL, Quicklisp, and prompt you to create a `.env` file for your API keys.
** From a clone
#+begin_src bash
git clone https://github.com/amrgharbeia/opencortex.git ~/projects/opencortex
~/projects/opencortex/opencortex.sh configure
#+end_src
Both methods will:
1. Install system dependencies (SBCL, Emacs, git, curl, socat — detected for Debian or Fedora)
2. Install Quicklisp (Common Lisp package manager)
3. Tangle literate Org sources into runnable Lisp
4. Launch the interactive setup wizard (LLM providers, gateways)
If you already have Emacs installed, the installer skips it and uses your existing installation.
* Configuration
The system is configured via a `.env` file in the project root. Essential variables include:
@@ -53,4 +66,59 @@ OpenCortex functions as your "foveal vision" inside Emacs.
OpenCortex assumes a local folder structure representing your "Memex".
- Core memories and identities are mapped to Org-mode files.
- The `Scribe` background worker distills chronological logs into structured Zettelkasten notes.
- The `Gardener` continuously repairs broken links and flags orphaned nodes.
- The `Gardener` continuously repairs broken links and flags orphaned nodes.
* Deployment
** Bare metal (Debian / Fedora)
The ~configure~ command supports both Debian-based (Ubuntu, Pop, Mint) and Fedora-based (RHEL, Rocky) distributions. It detects your distro automatically and installs the correct packages.
#+begin_src bash
./opencortex.sh configure # interactive
./opencortex.sh configure --non-interactive # headless
./opencortex.sh configure --with-firewall # also open port 9105
#+end_src
After configuration, you can re-run ~configure~ any time to add providers or link gateways.
** systemd service (auto-start on boot)
#+begin_src bash
./opencortex.sh install service
#+end_src
Installs a user-level systemd unit that starts the daemon on login. Logs are available via ~journalctl --user -u opencortex.service -f~.
To remove:
#+begin_src bash
./opencortex.sh uninstall service
#+end_src
** Docker
A Debian-based Docker image is provided for containerized deployment.
#+begin_src bash
cd infrastructure/docker
docker-compose up -d
#+end_src
This builds an image from ~debian:trixie-slim~ with all dependencies pre-installed. The memex directory is mounted from the host.
** Backup
#+begin_src bash
./opencortex.sh backup ~/my-backup.tar.gz
#+end_src
Backs up the config, data, and memex directories.
** Restore
#+begin_src bash
./opencortex.sh restore ~/my-backup.tar.gz
#+end_src
Restores from a backup file. Run ~opencortex doctor~ afterward to verify integrity.

2
harness/act.org
View File

@@ -5,7 +5,7 @@
#+PROPERTY: header-args:lisp :tangle act.lisp
* Overview
The Act stage is where cognition meets reality. After the Probabilistic engine proposes and the Deterministic engine verifies, Act executes the approved action.
The Act stage dispatches approved actions to registered actuators. After the Probabilistic engine proposes and the Deterministic engine verifies, Act executes the approved action via the appropriate actuator (:cli, :tool, :system, :telegram, :signal, etc.). The actuator registry is extensible — skills can register new actuators at runtime.
* Implementation

31
harness/communication.org
View File

@@ -135,6 +135,37 @@ The ~communication.lisp~ module defines the low-level transport and framing logi
t))
#+end_src
** Protocol Smoke Test (manual for REPL evaluation)
The following script connects to a running daemon, sends "hi", and reads the response. Useful for verifying the daemon is alive and the framing protocol works end-to-end.
#+begin_src lisp :tangle no
(defun test-daemon-protocol ()
(handler-case
(let* ((socket (usocket:socket-connect "127.0.0.1" 9105))
(stream (usocket:socket-stream socket)))
(format t "Connected.~%")
(let* ((len-buf (make-string 6))
(count (read-sequence len-buf stream)))
(when (= count 6)
(let* ((len (parse-integer len-buf :radix 16))
(msg-buf (make-string len)))
(read-sequence msg-buf stream)
(format t "HELLO: ~a~%" msg-buf))))
(let* ((msg '(:TYPE :EVENT :META (:SOURCE :tui) :PAYLOAD (:SENSOR :user-input :TEXT "hi")))
(framed (frame-message msg)))
(format stream "~a" framed)
(finish-output stream)
(let* ((len-buf (make-string 6))
(count (read-sequence len-buf stream)))
(when (= count 6)
(let* ((len (parse-integer len-buf :radix 16))
(msg-buf (make-string len)))
(read-sequence msg-buf stream)
(format t "Response: ~a~%" msg-buf)))))
(usocket:socket-close socket))
(error (c) (format t "Error: ~a~%" c))))
#+end_src
* Test Suite
#+begin_src lisp :tangle ../tests/communication-tests.lisp
(eval-when (:compile-toplevel :load-toplevel :execute)

44
harness/context.lisp
View File

@@ -34,8 +34,8 @@
(defun context-get-skill-source (skill-name)
"Reads the raw literate source of a specific skill for inspection."
(let* ((filename (format nil "~a.org" skill-name))
(skills-dir-str (or (uiop:getenv "SKILLS_DIR") (namestring (merge-pathnames "notes/" (user-homedir-pathname)))))
(skills-dir (uiop:ensure-directory-pathname (context-resolve-path skills-dir-str)))
(data-dir (uiop:ensure-directory-pathname (or (uiop:getenv "OC_DATA_DIR") (namestring (merge-pathnames ".local/share/opencortex/" (user-homedir-pathname))))))
(skills-dir (merge-pathnames "skills/" data-dir))
(full-path (merge-pathnames filename skills-dir)))
(if (uiop:file-exists-p full-path) (uiop:read-file-string full-path) nil)))
@@ -98,11 +98,47 @@
result)
path)))
(defun context-object-privacy-filtered-p (obj)
"Returns T if an org-object's :TAGS attribute matches bouncer-privacy-tags."
(let* ((attrs (org-object-attributes obj))
(tags (getf attrs :TAGS))
(privacy-tags (and (find-package :opencortex.skills.org-skill-bouncer)
(symbol-value
(find-symbol "BOUNCER-PRIVACY-TAGS"
:opencortex.skills.org-skill-bouncer)))))
(when (and tags privacy-tags)
(let ((tag-list (if (listp tags) tags (list tags))))
(some (lambda (tag)
(some (lambda (private)
(string-equal (string-trim '(#\:) tag)
(string-trim '(#\:) private)))
privacy-tags))
tag-list)))))
(defun context-object-privacy-filtered-p (obj)
"Returns T if an org-object's :TAGS attribute matches bouncer-privacy-tags."
(let* ((attrs (org-object-attributes obj))
(tags (getf attrs :TAGS))
(privacy-tags (and (find-package :opencortex.skills.org-skill-bouncer)
(symbol-value
(find-symbol "BOUNCER-PRIVACY-TAGS"
:opencortex.skills.org-skill-bouncer)))))
(when (and tags privacy-tags)
(let ((tag-list (if (listp tags) tags (list tags))))
(some (lambda (tag)
(some (lambda (private)
(string-equal (string-trim '(#\:) tag)
(string-trim '(#\:) private)))
privacy-tags))
tag-list)))))
(defun context-assemble-global-awareness (&optional signal)
"Produces a high-level skeletal outline of the current Memory for the LLM."
"Produces a high-level skeletal outline of the current Memory for the LLM.
Privacy-filtered objects (matching *privacy-filter-tags*) are excluded."
(let* ((foveal-id (or (getf signal :foveal-focus)
(ignore-errors (getf (getf signal :payload) :target-id))))
(projects (context-get-active-projects))
(all-projects (context-get-active-projects))
(projects (remove-if #'context-object-privacy-filtered-p all-projects))
(output (format nil "GLOBAL MEMEX AWARENESS (Peripheral Vision):~%")))
(if projects
(dolist (project projects)

48
harness/context.org
View File

@@ -62,8 +62,8 @@ The *Context API* (Peripheral Vision) provides the opencortex with the ability t
(defun context-get-skill-source (skill-name)
"Reads the raw literate source of a specific skill for inspection."
(let* ((filename (format nil "~a.org" skill-name))
(skills-dir-str (or (uiop:getenv "SKILLS_DIR") (namestring (merge-pathnames "notes/" (user-homedir-pathname)))))
(skills-dir (uiop:ensure-directory-pathname (context-resolve-path skills-dir-str)))
(data-dir (uiop:ensure-directory-pathname (or (uiop:getenv "OC_DATA_DIR") (namestring (merge-pathnames ".local/share/opencortex/" (user-homedir-pathname))))))
(skills-dir (merge-pathnames "skills/" data-dir))
(full-path (merge-pathnames filename skills-dir)))
(if (uiop:file-exists-p full-path) (uiop:read-file-string full-path) nil)))
#+end_src
@@ -136,13 +136,53 @@ The *Context API* (Peripheral Vision) provides the opencortex with the ability t
path)))
#+end_src
** Privacy filter for context assembly
Checks if an org-object has tags matching ~*privacy-filter-tags*~. Objects with matching tags are excluded from the LLM context window.
#+begin_src lisp
(defun context-object-privacy-filtered-p (obj)
"Returns T if an org-object's :TAGS attribute matches bouncer-privacy-tags."
(let* ((attrs (org-object-attributes obj))
(tags (getf attrs :TAGS))
(privacy-tags (and (find-package :opencortex.skills.org-skill-bouncer)
(symbol-value
(find-symbol "BOUNCER-PRIVACY-TAGS"
:opencortex.skills.org-skill-bouncer)))))
(when (and tags privacy-tags)
(let ((tag-list (if (listp tags) tags (list tags))))
(some (lambda (tag)
(some (lambda (private)
(string-equal (string-trim '(#\:) tag)
(string-trim '(#\:) private)))
privacy-tags))
tag-list)))))
#+end_src
** Global Awareness (context-assemble-global-awareness)
#+begin_src lisp
(defun context-object-privacy-filtered-p (obj)
"Returns T if an org-object's :TAGS attribute matches bouncer-privacy-tags."
(let* ((attrs (org-object-attributes obj))
(tags (getf attrs :TAGS))
(privacy-tags (and (find-package :opencortex.skills.org-skill-bouncer)
(symbol-value
(find-symbol "BOUNCER-PRIVACY-TAGS"
:opencortex.skills.org-skill-bouncer)))))
(when (and tags privacy-tags)
(let ((tag-list (if (listp tags) tags (list tags))))
(some (lambda (tag)
(some (lambda (private)
(string-equal (string-trim '(#\:) tag)
(string-trim '(#\:) private)))
privacy-tags))
tag-list)))))
(defun context-assemble-global-awareness (&optional signal)
"Produces a high-level skeletal outline of the current Memory for the LLM."
"Produces a high-level skeletal outline of the current Memory for the LLM.
Privacy-filtered objects (matching *privacy-filter-tags*) are excluded."
(let* ((foveal-id (or (getf signal :foveal-focus)
(ignore-errors (getf (getf signal :payload) :target-id))))
(projects (context-get-active-projects))
(all-projects (context-get-active-projects))
(projects (remove-if #'context-object-privacy-filtered-p all-projects))
(output (format nil "GLOBAL MEMEX AWARENESS (Peripheral Vision):~%")))
(if projects
(dolist (project projects)

4
harness/doctor.org
View File

@@ -48,13 +48,13 @@ Common Lisp's `getenv` is strictly typed in SBCL. The Doctor must ensure that mi
(test test-env-validation-fail
"Verify that an invalid MEMEX_DIR triggers a critical failure."
(let ((old-m (uiop:getenv "MEMEX_DIR"))
(old-s (uiop:getenv "SKILLS_DIR")))
(old-d (uiop:getenv "OC_DATA_DIR")))
(unwind-protect
(progn
(setf (uiop:getenv "MEMEX_DIR") "/non/existent/path/999")
(is (null (opencortex:doctor-check-env))))
(setf (uiop:getenv "MEMEX_DIR") (or old-m ""))
(setf (uiop:getenv "SKILLS_DIR") (or old-s "")))))
(setf (uiop:getenv "OC_DATA_DIR") (or old-d "")))))
#+end_src
* Phase C: Implementation (Build)

4
harness/loop.lisp
View File

@@ -84,8 +84,8 @@
(format t "==================================================~%")
(handler-case
(progn
(when (fboundp 'doctor-run-all)
(let ((result (doctor-run-all :auto-install nil)))
(when (fboundp 'doctor-run-all)
(let ((result (doctor-run-all)))
(setf *health-check-ran* t)
(if result
(progn

7
harness/memory.lisp
View File

@@ -4,13 +4,16 @@
(defvar *history-store* (make-hash-table :test 'equal)
"Immutable Merkle-Tree versioning store mapping hashes to objects.")
(defun lookup-object (id)
(gethash id *memory*))
(defstruct org-object
id type attributes content vector parent-id children version last-sync hash)
(defmethod make-load-form ((obj org-object) &optional env)
(make-load-form-saving-slots obj :environment env))
(defun copy-org-object (obj)
(defun deep-copy-org-object (obj)
(make-org-object :id (org-object-id obj)
:type (org-object-type obj)
:attributes (copy-list (org-object-attributes obj))
@@ -71,7 +74,7 @@
(defun snapshot-memory ()
(let ((snapshot (make-hash-table :test 'equal :size (hash-table-size *memory*))))
(maphash (lambda (k v) (setf (gethash k snapshot) (copy-org-object v))) *memory*)
(maphash (lambda (k v) (setf (gethash k snapshot) (deep-copy-org-object v))) *memory*)
(push (list :timestamp (get-universal-time) :data snapshot) *object-store-snapshots*)
(when (> (length *object-store-snapshots*) 20) (setf *object-store-snapshots* (subseq *object-store-snapshots* 0 20)))
(harness-log "MEMORY - CoW Memory snapshot created.")))

89
harness/memory.org
View File

@@ -5,7 +5,13 @@
#+PROPERTY: header-args:lisp :tangle memory.lisp
* Overview
The Memory module is the cognitive bedrock of the opencortex. It is not a database; it is the agent's live, active "brain" state.
The Memory module is the agent's live cognitive state — a set of Merkle-tree-versioned ~org-object~ instances stored in hash tables. Every perception, action, and decision is recorded here.
Key structures:
- ~*memory*~ — the primary object store, keyed by ID
- ~*history-store*~ — immutable archive of all past object versions, keyed by SHA-256 hash
- ~org-object~ — the universal data unit (id, type, attributes, content, vector embedding, parent, children, merkle hash)
- ~ingest-ast~ — converts an Org-mode AST into ~org-object~ instances, computing Merkle hashes for integrity
* Implementation
@@ -21,15 +27,55 @@ The Memory module is the cognitive bedrock of the opencortex. It is not a databa
"Immutable Merkle-Tree versioning store mapping hashes to objects.")
#+end_src
** Object Lookup (lookup-object)
Retrieve a single object by its ID from the active memory store.
#+begin_src lisp
(defun lookup-object (id)
"Retrieves an org-object by ID from *memory*."
(gethash id *memory*))
#+end_src
** Object search (list-objects-with-attribute)
Scan the entire memory store for objects whose attributes match a given key-value pair.
#+begin_src lisp
(defun list-objects-with-attribute (attr value)
"Returns all org-objects whose :ATTRIBUTES plist has ATTR = VALUE."
(let ((results nil))
(maphash (lambda (id obj)
(declare (ignore id))
(when (equal (getf (org-object-attributes obj) attr) value)
(push obj results)))
*memory*)
(nreverse results)))
#+end_src
** ID generation (org-id-new)
Generate a unique identifier string for a new Org node. Uses the universal time encoded in base-36 for compactness.
#+begin_src lisp
(defun org-id-new ()
"Generates a timestamp-based unique ID."
(format nil "id-~36r" (get-universal-time)))
#+end_src
** The Data Structure (org-object)
The universal data unit. Every stored entity is an ~org-object~ with an ID, type, attribute plist, content string, optional vector embedding, parent/child pointers, version timestamp, and Merkle hash.
#+begin_src lisp
(defstruct org-object
id type attributes content vector parent-id children version last-sync hash)
#+end_src
** Serialization support
Required by the Lisp runtime for saving/loading objects across image restarts.
#+begin_src lisp
(defmethod make-load-form ((obj org-object) &optional env)
(make-load-form-saving-slots obj :environment env))
#+end_src
(defun copy-org-object (obj)
** Deep copy
Creates an independent copy of an ~org-object~. Used by the snapshot system to capture consistent memory state.
#+begin_src lisp
(defun deep-copy-org-object (obj)
"Creates a full copy of an org-object, including a fresh list copy of attributes and children."
(make-org-object :id (org-object-id obj)
:type (org-object-type obj)
:attributes (copy-list (org-object-attributes obj))
@@ -87,24 +133,41 @@ The Memory module is the cognitive bedrock of the opencortex. It is not a databa
id)))
#+end_src
** Snapshots (snapshot-memory)
** Snapshot history (~*object-store-snapshots*~)
A stack of CoW (copy-on-write) memory snapshots for rollback. Up to 20 snapshots are retained.
#+begin_src lisp
(defvar *object-store-snapshots* nil)
#+end_src
** Hash table copy utility
Used by the rollback system to restore saved memory state.
#+begin_src lisp
(defun copy-hash-table (hash-table)
"Creates an independent copy of a hash table."
(let ((new-table (make-hash-table :test (hash-table-test hash-table)
:size (hash-table-size hash-table))))
:size (hash-table-size hash-table))))
(maphash (lambda (k v) (setf (gethash k new-table) v)) hash-table)
new-table))
#+end_src
** Memory snapshot (snapshot-memory)
Captures a point-in-time copy of ~*memory*~. Each object is deep-copied so the snapshot is independent of ongoing mutations.
#+begin_src lisp
(defun snapshot-memory ()
"Creates a CoW snapshot of *memory* for rollback recovery."
(let ((snapshot (make-hash-table :test 'equal :size (hash-table-size *memory*))))
(maphash (lambda (k v) (setf (gethash k snapshot) (copy-org-object v))) *memory*)
(maphash (lambda (k v) (setf (gethash k snapshot) (deep-copy-org-object v))) *memory*)
(push (list :timestamp (get-universal-time) :data snapshot) *object-store-snapshots*)
(when (> (length *object-store-snapshots*) 20) (setf *object-store-snapshots* (subseq *object-store-snapshots* 0 20)))
(when (> (length *object-store-snapshots*) 20)
(setf *object-store-snapshots* (subseq *object-store-snapshots* 0 20)))
(harness-log "MEMORY - CoW Memory snapshot created.")))
#+end_src
** Memory rollback (rollback-memory)
Restores ~*memory*~ to a previous snapshot. By default restores the most recent snapshot (index 0).
#+begin_src lisp
(defun rollback-memory (&optional (index 0))
"Restores *memory* from a snapshot. INDEX 0 = most recent."
(let ((snapshot (nth index *object-store-snapshots*)))
(if snapshot
(progn (setf *memory* (copy-hash-table (getf snapshot :data)))
@@ -112,17 +175,24 @@ The Memory module is the cognitive bedrock of the opencortex. It is not a databa
(harness-log "MEMORY ERROR - Snapshot ~a not found." index))))
#+end_src
** Persistence (save-memory / load-memory)
** Persistence — snapshot path (~*memory-snapshot-path*~)
Configurable path for serialized memory state. Falls back to ~memory.snap~ in the home directory.
#+begin_src lisp
(defvar *memory-snapshot-path* nil)
(defun ensure-memory-snapshot-path ()
"Returns the path to the memory snapshot file, resolving env or default."
(or *memory-snapshot-path*
(let ((env-path (uiop:getenv "MEMORY_SNAPSHOT_PATH")))
(setf *memory-snapshot-path*
(or env-path (namestring (uiop:merge-pathnames* "memory.snap" (user-homedir-pathname))))))))
#+end_src
** Save to disk (save-memory-to-disk)
Serialises ~*memory*~ and ~*history-store*~ to a Lisp-readable file.
#+begin_src lisp
(defun save-memory-to-disk ()
"Writes the entire memory and history store to disk as a plist."
(let ((path (ensure-memory-snapshot-path)))
(with-open-file (stream path :direction :output :if-exists :supersede :if-does-not-exist :create)
(let ((memory-alist nil) (history-alist nil))
@@ -130,8 +200,13 @@ The Memory module is the cognitive bedrock of the opencortex. It is not a databa
(maphash (lambda (k v) (push (cons k v) history-alist)) *history-store*)
(prin1 (list :memory memory-alist :history-store history-alist) stream)))
(harness-log "MEMORY - Saved to ~a" path)))
#+end_src
** Load from disk (load-memory-from-disk)
Restores memory state from a previously saved snapshot file.
#+begin_src lisp
(defun load-memory-from-disk ()
"Reads memory state from disk and restores *memory* and *history-store*."
(let ((path (ensure-memory-snapshot-path)))
(when (uiop:file-exists-p path)
(handler-case

1
harness/package.lisp
View File

@@ -254,6 +254,7 @@
;; --- Debugger Hook ---
(setf *debugger-hook* (lambda (condition hook)
"Friendly error handler - shows diagnostic message instead of raw debugger."
(declare (ignore hook))
(format t "~%")
(format t "┌─────────────────────────────────────────────┐~%")
(format t "│ ERROR: ~A~%" (type-of condition))

108
harness/package.org
View File

@@ -5,16 +5,26 @@
#+PROPERTY: header-args:lisp :tangle package.lisp
* Overview
The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
~package.lisp~ defines two things: the public API of the ~opencortex~ package (the export list, above), and the implementation of low-level utility functions and global state that don't belong in a specific pipeline stage or skill.
The export list is the contract between the harness and all skills. Every function exported here is accessible to every skill via ~use-package~. Adding a symbol here is an API commitment; removing one is a breaking change.
The implementation section includes:
- ~proto-get~ — robust plist accessor used everywhere
- Logging state (~*system-logs*~, ~*logs-lock*~)
- Skill registry (~*skills-registry*~, ~defskill~)
- Cognitive tool registry (~*cognitive-tools*~, ~def-cognitive-tool~)
- Configuration variables (~*privacy-filter-tags*~, ~*secret-protected-paths*~, ~*secret-exposure-patterns*~)
- Debugger hook
* Implementation
** Public API Export
** Package Definition and Export List
The package definition. All public symbols are exported here.
#+begin_src lisp :tangle package.lisp
(defpackage :opencortex
(:use :cl)
(:export
;; --- communication protocol ---
#:frame-message
#:read-framed-message
#:PROTO-GET
@@ -25,30 +35,20 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
#:parse-message
#:make-hello-message
#:validate-communication-protocol-schema
;; --- Daemon Lifecycle ---
#:start-daemon
#:stop-daemon
#:harness-log
#:main
;; --- Diagnostic Doctor ---
#:doctor-run-all
#:doctor-main
#:doctor-check-dependencies
#:doctor-check-env
;; --- Setup Wizard ---
#:register-provider
#:system-ready-p
#:run-setup-wizard
;; --- Gateway Manager Skill ---
#:skill-gateway-register
#:skill-gateway-link
#:gateway-manager-main
;; --- Memory (CLOSOS) ---
#:ingest-ast
#:lookup-object
#:list-objects-by-type
@@ -69,8 +69,6 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
#:org-object-hash
#:snapshot-memory
#:rollback-memory
;; --- Context API (Peripheral Vision) ---
#:context-query-store
#:context-get-active-projects
#:context-get-recent-completed-tasks
@@ -81,22 +79,17 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
#:context-get-skill-telemetry
#:harness-track-telemetry
#:context-assemble-global-awareness
;; --- Reactive Signal Pipeline ---
#:process-signal
#:perceive-gate
#:probabilistic-gate
#:consensus-gate
#:act-gate
#:reason-gate
#:perceive-gate
#:dispatch-gate
#:inject-stimulus
#:initialize-actuators
#:dispatch-action
#:register-actuator
;; --- Skill Engine ---
#:load-skill-from-org
#:initialize-all-skills
#:load-skill-with-timeout
@@ -111,22 +104,14 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
#:skill-trigger-fn
#:skill-probabilistic-prompt
#:skill-deterministic-fn
;; --- Tool Registry ---
#:def-cognitive-tool
#:*cognitive-tools*
;; --- Engineering Standards Skill ---
#:verify-git-clean-p
#:engineering-standards-verify-lisp
#:engineering-standards-format-lisp
;; --- Literate Programming Skill ---
#:literate-check-block-balance
#:check-tangle-sync
#:*tangle-targets*
;; --- Utils Org Skill ---
#:utils-org-read-file
#:utils-org-write-file
#:utils-org-add-headline
@@ -138,8 +123,6 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
#:utils-org-id-format
#:utils-org-ast-to-org
#:utils-org-modify
;; --- Utils Lisp Skill ---
#:utils-lisp-validate
#:utils-lisp-check-structural
#:utils-lisp-check-syntactic
@@ -152,13 +135,9 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
#:utils-lisp-structural-inject
#:utils-lisp-structural-slurp
#:utils-lisp-register
;; --- Config Manager & Diagnostics Skill ---
#:get-oc-config-dir
#:prompt-for
#:save-secret
;; --- Tool Permissions Skill ---
#:get-tool-permission
#:set-tool-permission
#:check-tool-permission-gate
@@ -168,54 +147,61 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
#:cognitive-tool-parameters
#:cognitive-tool-guard
#:cognitive-tool-body
;; --- Emacs Client Registry ---
#:*emacs-clients*
#:*clients-lock*
#:register-emacs-client
#:unregister-emacs-client
;; --- Probabilistic Engine ---
#:ask-probabilistic
#:register-probabilistic-backend
#:distill-prompt
#:*probabilistic-backends*
#:*provider-cascade*
;; --- Security Vault ---
#:vault-get-secret
#:vault-set-secret
;; --- Deterministic Logic ---
#:list-objects-with-attribute
#:deterministic-verify
;; --- AST Helpers ---
#:find-headline-missing-id))
#+end_src
** Package Implementation
The package implementation section defines the low-level utilities and global state that are shared across all harness components and skills.
*** Robust plist access (proto-get)
Retrieves a value from a plist, checking both upper and lowercase keyword variants. This is needed because different components use different keyword conventions.
#+begin_src lisp :tangle package.lisp
(in-package :opencortex)
(defun proto-get (plist key)
"Robustly retrieves a value from a plist, checking both uppercase and lowercase keyword versions."
"Robust plist accessor — checks both :KEY and :key variants."
(let* ((s (string key))
(up (intern (string-upcase s) :keyword))
(dn (intern (string-downcase s) :keyword)))
(or (getf plist up) (getf plist dn))))
#+end_src
*** Logging state
The harness maintains a bounded ring buffer of log messages for inclusion in LLM context. Access is thread-safe via a lock.
#+begin_src lisp :tangle package.lisp
(defvar *system-logs* nil)
(defvar *logs-lock* (bordeaux-threads:make-lock "harness-logs-lock"))
(defvar *max-log-history* 100)
#+end_src
*** Skill registry
The global registry of all loaded skills. This is the authoritative list that the deterministic engine iterates.
#+begin_src lisp :tangle package.lisp
(defvar *skills-registry* (make-hash-table :test 'equal)
"Global registry of all loaded skills.")
#+end_src
*** Skill telemetry
Tracks execution metrics per skill (count, duration, failures) for diagnostics and performance analysis.
#+begin_src lisp :tangle package.lisp
(defvar *skill-telemetry* (make-hash-table :test 'equal))
(defvar *telemetry-lock* (bordeaux-threads:make-lock "harness-telemetry-lock"))
(defun harness-track-telemetry (skill-name duration status)
"Updates performance metrics for a specific skill. Status should be :success or :rejected."
"Updates performance metrics for a skill. STATUS is :success or :rejected."
(when skill-name
(bordeaux-threads:with-lock-held (*telemetry-lock*)
(let ((entry (or (gethash skill-name *skill-telemetry*) (list :executions 0 :total-time 0 :failures 0))))
@@ -223,27 +209,37 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
(incf (getf entry :total-time) duration)
(when (eq status :rejected) (incf (getf entry :failures)))
(setf (gethash skill-name *skill-telemetry*) entry)))))
#+end_src
*** Cognitive tool registry
Tools that the LLM can invoke are registered here. Each tool has a name, description, parameters, optional guard, and implementation body. The ~def-cognitive-tool~ macro handles registration. ~generate-tool-belt-prompt~ serialises the registry into the LLM's system prompt.
#+begin_src lisp :tangle package.lisp
(defvar *cognitive-tools* (make-hash-table :test 'equal))
#+end_src
#+begin_src lisp :tangle package.lisp
(defstruct cognitive-tool
name
description
parameters
guard
body)
#+end_src
#+begin_src lisp :tangle package.lisp
(defmacro def-cognitive-tool (name description parameters &key guard body)
"Registers a new cognitive tool into the global registry. Parameters must be a list of property lists."
"Registers a cognitive tool. PARAMETERS is a list of plists, one per parameter."
`(setf (gethash (string-downcase (string ',name)) *cognitive-tools*)
(make-cognitive-tool :name (string-downcase (string ',name))
:description ,description
:parameters ',parameters
:guard ,guard
:body ,body)))
:body ,body)))
#+end_src
#+begin_src lisp :tangle package.lisp
(defun generate-tool-belt-prompt ()
"Generates a prompt string describing all available cognitive tools."
"Serialises all registered tools into a prompt string for the LLM."
(let ((descriptions nil))
(maphash (lambda (k tool)
(declare (ignore k))
@@ -252,13 +248,17 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
(cognitive-tool-description tool)
(cognitive-tool-parameters tool))
descriptions))
*cognitive-tools*)
*cognitive-tools*)
(if descriptions
(format nil "Available tools:~%~a" (apply #'concatenate 'string (sort descriptions #'string<)))
"No tools registered.")))
#+end_src
*** Centralized logging (harness-log)
Thread-safe logging function that writes to both the ring buffer (for LLM context) and stdout (for the user). Bounded by ~*max-log-history*~.
#+begin_src lisp :tangle package.lisp
(defun harness-log (msg &rest args)
"Centralized logging for the harness."
"Centralized, thread-safe logging for the harness."
(let ((formatted-msg (apply #'format nil msg args)))
(bordeaux-threads:with-lock-held (*logs-lock*)
(push formatted-msg *system-logs*)
@@ -266,10 +266,14 @@ The ~package.lisp~ file defines the public API of the ~opencortex~ harness.
(setq *system-logs* (subseq *system-logs* 0 *max-log-history*))))
(format t "~a~%" formatted-msg)
(finish-output)))
#+end_src
;; --- Debugger Hook ---
*** Debugger hook
Friendly error handler that replaces the raw SBCL debugger with a diagnostic message. This prevents the agent from entering the debugger on unhandled conditions.
#+begin_src lisp :tangle package.lisp
(setf *debugger-hook* (lambda (condition hook)
"Friendly error handler - shows diagnostic message instead of raw debugger."
(declare (ignore hook))
(format t "~%")
(format t "┌─────────────────────────────────────────────┐~%")
(format t "│ ERROR: ~A~%" (type-of condition))

1
harness/perceive.lisp
View File

@@ -1,5 +1,6 @@
(in-package :opencortex)
(defvar *interrupt-flag* nil)
(defvar *async-sensors* '(:chat-message :delegation :user-command)
"Sensors that are processed in dedicated threads.")

5
harness/perceive.org
View File

@@ -14,6 +14,11 @@ The Perceive stage is the "sensory cortex" of OpenCortex. Its job is to take raw
(in-package :opencortex)
#+end_src
** Interrupt Handling
#+begin_src lisp
(defvar *interrupt-flag* nil)
#+end_src
** Sensor Configuration
#+begin_src lisp
(defvar *async-sensors* '(:chat-message :delegation :user-command)

24
harness/reason.org
View File

@@ -14,14 +14,21 @@ The Reason stage implements the core Innovation of OpenCortex: the separation of
(in-package :opencortex)
#+end_src
** Probabilistic Engine Configuration
** Probabilistic Engine state
~*probabilistic-backends*~ is the hash table mapping provider keywords to backend functions. ~*provider-cascade*~ is the ordered list of providers to try. ~*model-selector-fn*~ is an optional function that selects a model per request. ~*consensus-enabled-p*~ enables multi-provider agreement.
#+begin_src lisp
(defvar *probabilistic-backends* (make-hash-table :test 'equal))
#+end_src
#+begin_src lisp
(defvar *provider-cascade* nil)
#+end_src
#+begin_src lisp
(defvar *model-selector-fn* nil)
#+end_src
#+begin_src lisp
(defvar *consensus-enabled-p* nil)
#+end_src
@@ -92,8 +99,19 @@ The Reason stage implements the core Innovation of OpenCortex: the separation of
(reflection-feedback (if rejection-trace
(format nil "~%~%PREVIOUS PROPOSAL REJECTED: ~a" rejection-trace)
""))
(system-prompt (format nil "IDENTITY: ~a~a~%~%TOOLS:~%~a~%~%CONTEXT:~%~a~%~%LOGS:~%~a"
assistant-name reflection-feedback tool-belt global-context system-logs)))
(skill-augments (let ((augments ""))
(maphash (lambda (name skill)
(declare (ignore name))
(let ((aug-fn (skill-system-prompt-augment skill)))
(when aug-fn
(let ((aug-text (ignore-errors (funcall aug-fn context))))
(when (and aug-text (stringp aug-text) (> (length aug-text) 0))
(setf augments (concatenate 'string augments aug-text (string #\Newline))))))))
*skills-registry*)
(when (> (length augments) 0) augments)))
(system-prompt (format nil "IDENTITY: ~a~a~%~%TOOLS:~%~a~%~%CONTEXT:~%~a~%~%LOGS:~%~a~%~a"
assistant-name reflection-feedback tool-belt global-context system-logs
(or skill-augments ""))))
(let* ((thought (probabilistic-call raw-prompt :system-prompt system-prompt :context context))
(cleaned (strip-markdown thought)))
(if (and cleaned (stringp cleaned) (> (length cleaned) 0) (or (char= (char cleaned 0) #\() (char= (char cleaned 0) #\[)))

27
harness/skills.lisp
View File

@@ -14,10 +14,12 @@
(defun VAULT-MASK-STRING (s) (declare (ignore s)) "[MASKED]")
(defvar *VAULT-MEMORY* (make-hash-table :test 'equal))
(defstruct skill name priority dependencies trigger-fn probabilistic-prompt deterministic-fn)
(defstruct skill name priority dependencies trigger-fn probabilistic-prompt deterministic-fn system-prompt-augment)
(defvar *skills-registry* (make-hash-table :test 'equal))
(defvar *skill-catalog* (make-hash-table :test 'equal)
"A stateful tracking table for all skill files discovered in the environment.")
"Tracks all discovered skill files and their loading state.")
(defstruct skill-entry filename (status :discovered) error-log (load-time 0))
@@ -29,21 +31,22 @@
(when (and (skill-probabilistic-prompt skill)
(ignore-errors (funcall (skill-trigger-fn skill) context)))
(push skill triggered)))
*skills-registry*)
*skills-registry*)
(first (sort triggered #'> :key #'skill-priority))))
(defmacro defskill (name &key priority dependencies trigger probabilistic deterministic)
"Registers a new skill into the global registry."
(defmacro defskill (name &key priority dependencies trigger probabilistic deterministic system-prompt-augment)
"Registers a new skill. NAME is a keyword. TRIGGER is a function (context) → bool."
`(setf (gethash (string-downcase (string ,name)) *skills-registry*)
(make-skill :name (string-downcase (string ,name))
:priority (or ,priority 10)
:dependencies ',dependencies
:trigger-fn ,trigger
:probabilistic-prompt ,probabilistic
:deterministic-fn ,deterministic)))
:deterministic-fn ,deterministic
:system-prompt-augment ,system-prompt-augment)))
(defun resolve-skill-dependencies (skill-name)
"Recursively resolves dependencies for a given skill name."
"Resolves transitive dependencies. Returns list of skill names in dependency order."
(let ((resolved nil) (seen nil))
(labels ((visit (name)
(unless (member name seen :test #'equal)
@@ -88,7 +91,9 @@
(if (uiop:string-suffix-p (namestring file) ".lisp")
(progn
(setf (gethash (string-downcase filename) name-to-file) file)
(setf (gethash (string-downcase filename) adj) nil))
;; Don't overwrite dependency info from .org files
(unless (gethash (string-downcase filename) adj)
(setf (gethash (string-downcase filename) adj) nil)))
(multiple-value-bind (id deps) (parse-skill-metadata file)
(setf (gethash (string-downcase filename) name-to-file) file)
(when id (setf (gethash (string-downcase id) id-to-file) file))
@@ -258,9 +263,9 @@
(setf (skill-entry-status entry) :failed) nil))))
(defun initialize-all-skills ()
"Initializes all skills from SKILLS_DIR."
(let* ((env-path (uiop:getenv "SKILLS_DIR"))
(skills-dir (uiop:ensure-directory-pathname (or env-path (namestring (merge-pathnames "notes/" (user-homedir-pathname)))))))
"Initializes all skills from the XDG skills directory."
(let* ((data-dir (uiop:ensure-directory-pathname (or (uiop:getenv "OC_DATA_DIR") (namestring (merge-pathnames ".local/share/opencortex/" (user-homedir-pathname))))))
(skills-dir (merge-pathnames "skills/" data-dir)))
(unless (uiop:directory-exists-p skills-dir) (return-from initialize-all-skills nil))
(let ((sorted-files (topological-sort-skills skills-dir)))
(harness-log "LOADER: Initializing ~a skills..." (length sorted-files))

70
harness/skills.org
View File

@@ -5,7 +5,16 @@
#+PROPERTY: header-args:lisp :tangle skills.lisp
* Overview
The ~opencortex~ Skill Engine enables **Late-Binding Intelligence**, allowing the system to discover and integrate new cognitive capabilities at runtime.
The Skill Engine is the dynamic loading and lifecycle manager for all OpenCortex skills. It discovers skill files in the skills directory, resolves their dependency order, loads them into jailed packages, exports their public symbols into the ~opencortex~ package, and provides the ~defskill~ macro that skills use to register themselves.
Key concepts:
- ~defskill~ — macro that registers a skill with its trigger, deterministic gate, and optional probabilistic prompt
- ~def-cognitive-tool~ — macro that registers a tool the LLM can invoke
- ~load-skill-from-org~ / ~load-skill-from-lisp~ — load a skill from a literate Org file or a pre-tangled Lisp file
- ~topological-sort-skills~ — orders skills by their ~#+DEPENDS_ON:~ declarations
- ~find-triggered-skill~ — returns the highest-priority skill whose trigger matches the current context
The engine supports **hot-reload** — skills can be replaced at runtime without restarting the daemon.
* Implementation
@@ -14,7 +23,11 @@ The ~opencortex~ Skill Engine enables **Late-Binding Intelligence**, allowing th
(in-package :opencortex)
#+end_src
** Global Skill Registry
** Utility functions
Helper functions used by the skill loader and other components.
*** Cosine similarity
Computes the cosine similarity between two numeric vectors. Used by the peripheral vision system for semantic relevance scoring.
#+begin_src lisp
(defun COSINE-SIMILARITY (v1 v2)
"Computes cosine similarity between two vectors."
@@ -26,17 +39,37 @@ The ~opencortex~ Skill Engine enables **Late-Binding Intelligence**, allowing th
(let* ((x (coerce (elt v1 i) 'double-float)) (y (coerce (elt v2 i) 'double-float)))
(incf dot (* x y)) (incf n1 (* x x)) (incf n2 (* y y))))
(if (or (zerop n1) (zerop n2)) 0.0 (/ dot (sqrt (* n1 n2))))))))
#+end_src
*** Secret masking
Simple mask function and the vault memory hash table. Used by the Bouncer skill and credentials vault.
#+begin_src lisp
(defun VAULT-MASK-STRING (s) (declare (ignore s)) "[MASKED]")
(defvar *VAULT-MEMORY* (make-hash-table :test 'equal))
#+end_src
(defstruct skill name priority dependencies trigger-fn probabilistic-prompt deterministic-fn)
** Skill data structures
The ~skill~ struct holds all metadata about a loaded skill: its name, priority, dependencies, trigger function, probabilistic prompt generator, deterministic gate, and system prompt augmentor. The ~skill-entry~ struct tracks the loading state of each discovered skill file.
#+begin_src lisp
(defstruct skill name priority dependencies trigger-fn probabilistic-prompt deterministic-fn system-prompt-augment)
#+end_src
#+begin_src lisp
(defvar *skills-registry* (make-hash-table :test 'equal))
#+end_src
#+begin_src lisp
(defvar *skill-catalog* (make-hash-table :test 'equal)
"A stateful tracking table for all skill files discovered in the environment.")
"Tracks all discovered skill files and their loading state.")
#+end_src
#+begin_src lisp
(defstruct skill-entry filename (status :discovered) error-log (load-time 0))
#+end_src
** Skill discovery (find-triggered-skill)
Iterates the registry and returns the highest-priority skill whose trigger function matches the current context. Only skills with a probabilistic prompt are considered (skills that are purely deterministic don't need LLM intervention).
#+begin_src lisp
(defun find-triggered-skill (context)
"Returns the highest priority skill whose trigger matches context."
(let ((triggered nil))
@@ -45,21 +78,30 @@ The ~opencortex~ Skill Engine enables **Late-Binding Intelligence**, allowing th
(when (and (skill-probabilistic-prompt skill)
(ignore-errors (funcall (skill-trigger-fn skill) context)))
(push skill triggered)))
*skills-registry*)
*skills-registry*)
(first (sort triggered #'> :key #'skill-priority))))
#+end_src
(defmacro defskill (name &key priority dependencies trigger probabilistic deterministic)
"Registers a new skill into the global registry."
** Skill registration macro (defskill)
The primary API for skills. Each skill file calls this once to register itself. The macro creates a ~skill~ struct and stores it in ~*skills-registry*~ keyed by the skill's name.
#+begin_src lisp
(defmacro defskill (name &key priority dependencies trigger probabilistic deterministic system-prompt-augment)
"Registers a new skill. NAME is a keyword. TRIGGER is a function (context) → bool."
`(setf (gethash (string-downcase (string ,name)) *skills-registry*)
(make-skill :name (string-downcase (string ,name))
:priority (or ,priority 10)
:dependencies ',dependencies
:trigger-fn ,trigger
:probabilistic-prompt ,probabilistic
:deterministic-fn ,deterministic)))
:deterministic-fn ,deterministic
:system-prompt-augment ,system-prompt-augment)))
#+end_src
** Dependency resolution (resolve-skill-dependencies)
Recursively resolves all transitive dependencies for a given skill, returning an ordered list. Uses a standard topological sort with cycle detection (a ~seen~ set prevents infinite recursion).
#+begin_src lisp
(defun resolve-skill-dependencies (skill-name)
"Recursively resolves dependencies for a given skill name."
"Resolves transitive dependencies. Returns list of skill names in dependency order."
(let ((resolved nil) (seen nil))
(labels ((visit (name)
(unless (member name seen :test #'equal)
@@ -110,7 +152,9 @@ The ~opencortex~ Skill Engine enables **Late-Binding Intelligence**, allowing th
(if (uiop:string-suffix-p (namestring file) ".lisp")
(progn
(setf (gethash (string-downcase filename) name-to-file) file)
(setf (gethash (string-downcase filename) adj) nil))
;; Don't overwrite dependency info from .org files
(unless (gethash (string-downcase filename) adj)
(setf (gethash (string-downcase filename) adj) nil)))
(multiple-value-bind (id deps) (parse-skill-metadata file)
(setf (gethash (string-downcase filename) name-to-file) file)
(when id (setf (gethash (string-downcase id) id-to-file) file))
@@ -286,9 +330,9 @@ The ~opencortex~ Skill Engine enables **Late-Binding Intelligence**, allowing th
** Initialize (initialize-all-skills)
#+begin_src lisp
(defun initialize-all-skills ()
"Initializes all skills from SKILLS_DIR."
(let* ((env-path (uiop:getenv "SKILLS_DIR"))
(skills-dir (uiop:ensure-directory-pathname (or env-path (namestring (merge-pathnames "notes/" (user-homedir-pathname)))))))
"Initializes all skills from the XDG skills directory."
(let* ((data-dir (uiop:ensure-directory-pathname (or (uiop:getenv "OC_DATA_DIR") (namestring (merge-pathnames ".local/share/opencortex/" (user-homedir-pathname))))))
(skills-dir (merge-pathnames "skills/" data-dir)))
(unless (uiop:directory-exists-p skills-dir) (return-from initialize-all-skills nil))
(let ((sorted-files (topological-sort-skills skills-dir)))
(harness-log "LOADER: Initializing ~a skills..." (length sorted-files))

178
harness/tui-client.lisp
View File

@@ -1,6 +1,6 @@
(in-package :cl-user)
(defpackage :opencortex.tui
(:use :cl :croatoan :usocket)
(:use :cl :croatoan :usocket :bordeaux-threads)
(:export :main))
(in-package :opencortex.tui)
@@ -9,139 +9,139 @@
(defvar *socket* nil)
(defvar *stream* nil)
(defvar *chat-history* nil)
(defvar *scroll-index* 0)
(defvar *input-buffer* (make-array 0 :element-type 'char :fill-pointer 0 :adjustable t))
(defvar *input-list* nil) ; List of characters (stored in reverse)
(defvar *is-running* t)
(defvar *queue-lock* (bt:make-lock))
(defvar *incoming-msgs* nil)
(defun log-debug (msg &rest args)
(ignore-errors
(with-open-file (s "/tmp/opencortex-tui-debug.log" :direction :output :if-exists :append :if-does-not-exist :create)
(format s "[~a] " (get-universal-time))
(apply #'format s msg args)
(terpri s)
(finish-output s))))
(defun enqueue-msg (msg)
"Thread-safe addition to incoming message queue."
(bt:with-lock-held (*queue-lock*)
(setf *incoming-msgs* (append *incoming-msgs* (list msg)))))
(defun dequeue-msgs ()
"Thread-safe retrieval of incoming messages."
(bt:with-lock-held (*queue-lock*)
(let ((msgs *incoming-msgs*))
(setf *incoming-msgs* nil)
msgs)))
(defun get-line-style (text)
(cond
((uiop:string-prefix-p "*" text) '(:bold :yellow))
((uiop:string-prefix-p "⬆" text) '(:cyan))
((uiop:string-prefix-p "🤔" text) '(:italic))
((uiop:string-prefix-p "ERROR" text) '(:bold :red))
(t nil)))
(defun render-chat (win)
(clear win)
(let* ((h (height win))
(view-height (max 0 (- h 2)))
(history-len (length *chat-history*))
(start-idx *scroll-index*)
(end-idx (min history-len (+ start-idx view-height)))
(slice (reverse (subseq *chat-history* start-idx end-idx))))
(loop for msg in slice
for i from 1
do (add-string win (format nil "│ ~a" msg) :y i :x 1 :attributes (get-line-style msg)))
(defun render-chat (win h)
(when (and win (integerp h))
(clear win)
(box win 0 0)
(let* ((view-height (- h 2))
(history (copy-list *chat-history*))
(len (length history))
(num-to-draw (min len view-height))
(slice (subseq history 0 num-to-draw)))
(loop for i from 0 below num-to-draw
for msg in (reverse slice)
do (when msg
(add-string win (format nil "│ ~a" msg) :y (1+ i) :x 2))))
(refresh win)))
(defun handle-backspace ()
(when (> (fill-pointer *input-buffer*) 0)
(decf (fill-pointer *input-buffer*))))
(pop *input-list*))
(defun handle-return (stream)
(let ((cmd (coerce *input-buffer* 'string)))
(setf (fill-pointer *input-buffer*) 0)
(let ((cmd (coerce (reverse *input-list*) 'string)))
(setf *input-list* nil)
(log-debug "SUBMITTING: '~a'" cmd)
(when (> (length cmd) 0)
(enqueue-msg (format nil "⬆ ~a" cmd))
(push (format nil "⬆ ~a" cmd) *chat-history*)
(handler-case
(progn
(when (and stream (open-stream-p stream))
(let* ((msg (list :TYPE :EVENT
:META (list :SOURCE :tui)
:PAYLOAD (list :SENSOR :user-input :TEXT cmd)))
(payload (format nil "~s" msg))
(len (length payload)))
(format stream "~6,'0x~a" len payload)
(finish-output stream)))
(enqueue-msg "✓ Sent"))
(if (and stream (open-stream-p stream))
(let* ((msg (list :TYPE :EVENT
:META (list :SOURCE :tui)
:PAYLOAD (list :SENSOR :user-input :TEXT cmd)))
(payload (format nil "~s" msg))
(len (length payload)))
(format stream "~6,'0x~a" len payload)
(finish-output stream)
(log-debug "SENT WIRE: ~a" payload))
(push "ERROR: Not connected." *chat-history*)))
(error (c)
(format t "Send error: ~a~%" c)
(enqueue-msg "ERROR: Connection to daemon lost.")
(log-debug "SEND ERROR: ~a" c)
(push (format nil "ERROR: ~a" c) *chat-history*)
(setf *is-running* nil))))
(when (string= cmd "/exit") (setf *is-running* nil))
(when (string= cmd "/clear") (setf *chat-history* nil))))
(defun start-background-reader (stream)
"Starts a thread that reads framed messages from the daemon stream."
(bt:make-thread
(lambda ()
(loop while *is-running* do
(handler-case
(let* ((len-buf (make-string 6))
(count (read-sequence len-buf stream)))
(when (= count 6)
(let* ((msg-len (parse-integer len-buf :radix 16))
(msg-buf (make-string msg-len)))
(read-sequence msg-buf stream)
(let ((msg (read-from-string msg-buf)))
(let ((payload (getf msg :payload)))
(cond
((eq (getf payload :action) :handshake)
(enqueue-msg "* Connected to daemon *"))
((and (eq (getf payload :sensor) :loop-error)
(not (string= (or (getf payload :message) "") "Neural Cascade Failure: All providers exhausted.")))
(enqueue-msg (format nil "ERROR: Daemon loop error (~a)"
(getf payload :message))))
(t
(let ((text (or (getf payload :text) (format nil "~a" payload))))
(enqueue-msg (format nil "⬇ ~a" text)))))))))
(if (= count 6)
(let* ((msg-len (parse-integer len-buf :radix 16))
(msg-buf (make-string msg-len)))
(read-sequence msg-buf stream)
(log-debug "DAEMON MSG: ~a" msg-buf)
(let ((msg (read-from-string msg-buf)))
(let ((payload (getf msg :payload)))
(cond
((eq (getf payload :action) :handshake)
(enqueue-msg "* Connected *"))
(t
(let ((text (or (getf payload :text) (format nil "~a" payload))))
(enqueue-msg (format nil "⬇ ~a" text))))))))
(sleep 0.05)))
(error (c)
(when *is-running*
(enqueue-msg (format nil "ERROR: Connection lost (~a)" c))
(log-debug "READER ERROR: ~a" c)
(enqueue-msg "ERROR: Connection lost.")
(setf *is-running* nil))))))
:name "opencortex-tui-reader"))
(defun main ()
(log-debug "=== START ===")
(handler-case
(setf *socket* (usocket:socket-connect *daemon-host* *daemon-port*))
(error (e) (format t "Offline: ~a~%" e) (return-from main)))
(setf *stream* (usocket:socket-stream *socket*))
;; Guard: Croatoan needs a real terminal (TERM env var, real TTY)
(unless (uiop:getenv "TERM")
(format t "TUI requires a terminal. Set TERM environment variable.~%")
(format t "Or use: echo 'your message' | nc localhost 9105~%")
(return-from main))
(unwind-protect
(handler-case
(with-screen (scr :input-echoing nil :input-blocking nil :enable-colors t)
(let* ((h (height scr)) (w (width scr)))
(let ((chat-win (make-instance 'window :height (- h 5) :width (- w 2) :position '(1 1) :border t))
(input-win (make-instance 'window :height 1 :width (- w 2) :position (list (- h 2) 1) :border t)))
(setf (input-blocking input-win) nil)
(start-background-reader *stream*)
(loop :while *is-running* :do
(let ((msgs (dequeue-msgs)))
(when msgs
(dolist (m msgs) (push m *chat-history*))
(render-chat chat-win)))
(let* ((ev (get-event input-win))
(ch (when (and ev (typep ev 'event)) (event-key ev))))
(when ch
(cond
((or (eq ch #\Newline) (eq ch #\Return)) (handle-return *stream*))
((or (eq ch :backspace) (eq ch (code-char 127))) (handle-backspace))
((characterp ch) (vector-push-extend ch *input-buffer*))))
(clear input-win)
(add-string input-win (format nil "▶ ~a" (coerce *input-buffer* 'string)) :y 0 :x 1)
(refresh input-win))
(sleep 0.02)))))
(error (c)
(format t "TUI Error: ~a~%" c)))
(with-screen (scr :input-echoing nil :input-blocking nil :enable-colors t)
(let* ((h (or (height scr) 24))
(w (or (width scr) 80))
(chat-h (- h 4))
(chat-win (make-instance 'window :height chat-h :width (- w 2) :y 1 :x 1))
(input-win (make-instance 'window :height 1 :width (- w 2) :y (- h 2) :x 1)))
(setf (input-blocking input-win) nil)
(start-background-reader *stream*)
(loop :while *is-running* :do
(let ((msgs (dequeue-msgs)))
(when msgs
(dolist (m msgs) (push m *chat-history*))
(render-chat chat-win chat-h)))
(let ((ch (get-char input-win)))
(when (and ch (not (equal ch -1)))
(log-debug "KEY: ~s" ch)
(cond
((or (eql ch 10) (eql ch 13) (eq ch :enter) (eql ch #\Newline) (eql ch #\Return))
(handle-return *stream*)
(render-chat chat-win chat-h))
((or (eql ch 127) (eql ch 8) (eq ch :backspace) (eql ch #\Backspace))
(handle-backspace))
((characterp ch)
(push ch *input-list*))
((integerp ch)
(let ((converted (code-char ch)))
(when (graphic-char-p converted)
(push converted *input-list*))))))
(clear input-win)
(add-string input-win (format nil "▶ ~a" (coerce (reverse *input-list*) 'string)) :y 0 :x 1)
(refresh input-win))
(sleep 0.01))))
(setf *is-running* nil)
(when *socket* (ignore-errors (usocket:socket-close *socket*)))))

263
harness/tui-client.org
View File

@@ -4,33 +4,7 @@
#+PROPERTY: header-args:lisp :tangle tui-client.lisp
* Overview
The OpenCortex TUI Client is a standalone Common Lisp application built on **Croatoan**.
* Test Suite
#+begin_src lisp :tangle ../tests/tui-tests.lisp
(defpackage :opencortex-tui-tests
(:use :cl :opencortex)
(:export #:tui-suite))
(in-package :opencortex-tui-tests)
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(fiveam:def-suite tui-suite :description "Verification of the TUI parsing and styling logic")
(fiveam:in-suite tui-suite)
(fiveam:test test-tui-connection-drop
"Tier 2 Chaos: Verify that handle-return degrades gracefully when the daemon connection is lost."
(let ((opencortex.tui::*incoming-msgs* nil)
(opencortex.tui::*input-buffer* (make-array 5 :element-type 'char :initial-contents "hello" :fill-pointer 5 :adjustable t))
;; Create a closed stream to simulate connection drop
(mock-stream (make-string-output-stream)))
(close mock-stream)
(opencortex.tui::handle-return mock-stream)
;; Check if the error was enqueued to history instead of crashing
(fiveam:is (member "ERROR: Connection to daemon lost." opencortex.tui::*incoming-msgs* :test #'string=))))
#+end_src
The TUI Client is a standalone ncurses application (built on Croatoan) that connects to the daemon via TCP. It provides a split-pane interface: a scrollable chat history window and a fixed input line at the bottom. Connected to the daemon at ~localhost:9105~, it sends user input as framed protocol messages and displays responses as they arrive from the daemon's background reader thread.
* Implementation
@@ -38,89 +12,115 @@ The OpenCortex TUI Client is a standalone Common Lisp application built on **Cro
#+begin_src lisp
(in-package :cl-user)
(defpackage :opencortex.tui
(:use :cl :croatoan :usocket)
(:use :cl :croatoan :usocket :bordeaux-threads)
(:export :main))
(in-package :opencortex.tui)
#+end_src
** Global State
** Connection state
#+begin_src lisp
(defvar *daemon-host* "localhost")
#+end_src
#+begin_src lisp
(defvar *daemon-host* "127.0.0.1")
(defvar *daemon-port* 9105)
#+end_src
#+begin_src lisp
(defvar *socket* nil)
#+end_src
#+begin_src lisp
(defvar *stream* nil)
#+end_src
** UI state
#+begin_src lisp
(defvar *chat-history* nil)
(defvar *scroll-index* 0)
(defvar *input-buffer* (make-array 0 :element-type 'char :fill-pointer 0 :adjustable t))
#+end_src
#+begin_src lisp
(defvar *input-list* nil)
#+end_src
#+begin_src lisp
(defvar *is-running* t)
(defvar *queue-lock* (bt:make-lock))
#+end_src
** Thread-safe message queue
#+begin_src lisp
(defvar *queue-lock* (bt:make-lock "incoming-queue-lock"))
#+end_src
#+begin_src lisp
(defvar *incoming-msgs* nil)
#+end_src
** Utilities
#+begin_src lisp
(defun log-debug (msg &rest args)
(ignore-errors
(with-open-file (s "/tmp/opencortex-tui-debug.log" :direction :output :if-exists :append :if-does-not-exist :create)
(format s "[~a] " (get-universal-time))
(apply #'format s msg args)
(terpri s)
(finish-output s))))
(defun enqueue-msg (msg)
"Thread-safe addition to incoming message queue."
(bt:with-lock-held (*queue-lock*)
(setf *incoming-msgs* (append *incoming-msgs* (list msg)))))
(defun dequeue-msgs ()
"Thread-safe retrieval of incoming messages."
(bt:with-lock-held (*queue-lock*)
(let ((msgs *incoming-msgs*))
(setf *incoming-msgs* nil)
msgs)))
(defun get-line-style (text)
(cond
((uiop:string-prefix-p "*" text) '(:bold :yellow))
((uiop:string-prefix-p "⬆" text) '(:cyan))
((uiop:string-prefix-p "🤔" text) '(:italic))
((uiop:string-prefix-p "ERROR" text) '(:bold :red))
(t nil)))
#+end_src
** Rendering
#+begin_src lisp
(defun render-chat (win)
(clear win)
(let* ((h (height win))
(view-height (max 0 (- h 2)))
(history-len (length *chat-history*))
(start-idx *scroll-index*)
(end-idx (min history-len (+ start-idx view-height)))
(slice (reverse (subseq *chat-history* start-idx end-idx))))
(loop for msg in slice
for i from 1
do (add-string win (format nil "│ ~a" msg) :y i :x 1 :attributes (get-line-style msg)))
(defun render-chat (win h)
(when (and win (integerp h))
(clear win)
(box win 0 0)
(let* ((view-height (- h 2))
(history (copy-list *chat-history*))
(len (length history))
(num-to-draw (min len view-height))
(slice (subseq history 0 num-to-draw)))
(loop for i from 0 below num-to-draw
for msg in (reverse slice)
do (when msg
(add-string win (format nil "│ ~a" msg) :y (1+ i) :x 2))))
(refresh win)))
#+end_src
** Input Handling
#+begin_src lisp
(defun handle-backspace ()
(when (> (fill-pointer *input-buffer*) 0)
(decf (fill-pointer *input-buffer*))))
(pop *input-list*))
(defun handle-return (stream)
(let ((cmd (coerce *input-buffer* 'string)))
(setf (fill-pointer *input-buffer*) 0)
(let ((cmd (coerce (reverse *input-list*) 'string)))
(setf *input-list* nil)
(log-debug "SUBMITTING: '~a'" cmd)
(when (> (length cmd) 0)
(enqueue-msg (format nil "⬆ ~a" cmd))
(push (format nil "⬆ ~a" cmd) *chat-history*)
(handler-case
(progn
(when (and stream (open-stream-p stream))
(let* ((msg (list :TYPE :EVENT
:META (list :SOURCE :tui)
:PAYLOAD (list :SENSOR :user-input :TEXT cmd)))
(payload (format nil "~s" msg))
(len (length payload)))
(format stream "~6,'0x~a" len payload)
(finish-output stream)))
(enqueue-msg "✓ Sent"))
(if (and stream (open-stream-p stream))
(let* ((msg (list :TYPE :EVENT
:META (list :SOURCE :tui)
:PAYLOAD (list :SENSOR :user-input :TEXT cmd)))
(payload (format nil "~s" msg))
(len (length payload)))
(format stream "~6,'0x~a" len payload)
(finish-output stream)
(log-debug "SENT WIRE: ~a" payload))
(push "ERROR: Not connected." *chat-history*)))
(error (c)
(format t "Send error: ~a~%" c)
(enqueue-msg "ERROR: Connection to daemon lost.")
(log-debug "SEND ERROR: ~a" c)
(push (format nil "ERROR: ~a" c) *chat-history*)
(setf *is-running* nil))))
(when (string= cmd "/exit") (setf *is-running* nil))
(when (string= cmd "/clear") (setf *chat-history* nil))))
@@ -129,32 +129,30 @@ The OpenCortex TUI Client is a standalone Common Lisp application built on **Cro
** Background Reader
#+begin_src lisp
(defun start-background-reader (stream)
"Starts a thread that reads framed messages from the daemon stream."
(bt:make-thread
(lambda ()
(loop while *is-running* do
(handler-case
(let* ((len-buf (make-string 6))
(count (read-sequence len-buf stream)))
(when (= count 6)
(let* ((msg-len (parse-integer len-buf :radix 16))
(msg-buf (make-string msg-len)))
(read-sequence msg-buf stream)
(let ((msg (read-from-string msg-buf)))
(let ((payload (getf msg :payload)))
(cond
((eq (getf payload :action) :handshake)
(enqueue-msg "* Connected to daemon *"))
((and (eq (getf payload :sensor) :loop-error)
(not (string= (or (getf payload :message) "") "Neural Cascade Failure: All providers exhausted.")))
(enqueue-msg (format nil "ERROR: Daemon loop error (~a)"
(getf payload :message))))
(t
(let ((text (or (getf payload :text) (format nil "~a" payload))))
(enqueue-msg (format nil "⬇ ~a" text)))))))))
(if (= count 6)
(let* ((msg-len (parse-integer len-buf :radix 16))
(msg-buf (make-string msg-len)))
(read-sequence msg-buf stream)
(log-debug "DAEMON MSG: ~a" msg-buf)
(let ((msg (read-from-string msg-buf)))
(let ((payload (getf msg :payload)))
(cond
((eq (getf payload :action) :handshake)
(enqueue-msg "* Connected *"))
(t
(let ((text (or (getf payload :text) (format nil "~a" payload))))
(enqueue-msg (format nil "⬇ ~a" text))))))))
(sleep 0.05)))
(error (c)
(when *is-running*
(enqueue-msg (format nil "ERROR: Connection lost (~a)" c))
(log-debug "READER ERROR: ~a" c)
(enqueue-msg "ERROR: Connection lost.")
(setf *is-running* nil))))))
:name "opencortex-tui-reader"))
#+end_src
@@ -162,43 +160,70 @@ The OpenCortex TUI Client is a standalone Common Lisp application built on **Cro
** Main Entry Point
#+begin_src lisp
(defun main ()
(log-debug "=== START ===")
(handler-case
(setf *socket* (usocket:socket-connect *daemon-host* *daemon-port*))
(error (e) (format t "Offline: ~a~%" e) (return-from main)))
(setf *stream* (usocket:socket-stream *socket*))
;; Guard: Croatoan needs a real terminal (TERM env var, real TTY)
(unless (uiop:getenv "TERM")
(format t "TUI requires a terminal. Set TERM environment variable.~%")
(format t "Or use: echo 'your message' | nc localhost 9105~%")
(return-from main))
(unwind-protect
(handler-case
(with-screen (scr :input-echoing nil :input-blocking nil :enable-colors t)
(let* ((h (height scr)) (w (width scr)))
(let ((chat-win (make-instance 'window :height (- h 5) :width (- w 2) :position '(1 1) :border t))
(input-win (make-instance 'window :height 1 :width (- w 2) :position (list (- h 2) 1) :border t)))
(setf (input-blocking input-win) nil)
(start-background-reader *stream*)
(loop :while *is-running* :do
(let ((msgs (dequeue-msgs)))
(when msgs
(dolist (m msgs) (push m *chat-history*))
(render-chat chat-win)))
(let* ((ev (get-event input-win))
(ch (when (and ev (typep ev 'event)) (event-key ev))))
(when ch
(cond
((or (eq ch #\Newline) (eq ch #\Return)) (handle-return *stream*))
((or (eq ch :backspace) (eq ch (code-char 127))) (handle-backspace))
((characterp ch) (vector-push-extend ch *input-buffer*))))
(clear input-win)
(add-string input-win (format nil "▶ ~a" (coerce *input-buffer* 'string)) :y 0 :x 1)
(refresh input-win))
(sleep 0.02)))))
(error (c)
(format t "TUI Error: ~a~%" c)))
(with-screen (scr :input-echoing nil :input-blocking nil :enable-colors t)
(let* ((h (or (height scr) 24))
(w (or (width scr) 80))
(chat-h (- h 4))
(chat-win (make-instance 'window :height chat-h :width (- w 2) :y 1 :x 1))
(input-win (make-instance 'window :height 1 :width (- w 2) :y (- h 2) :x 1)))
(setf (input-blocking input-win) nil)
(start-background-reader *stream*)
(loop :while *is-running* :do
(let ((msgs (dequeue-msgs)))
(when msgs
(dolist (m msgs) (push m *chat-history*))
(render-chat chat-win chat-h)))
(let ((ch (get-char input-win)))
(when (and ch (not (equal ch -1)))
(log-debug "KEY: ~s" ch)
(cond
((or (eql ch 10) (eql ch 13) (eq ch :enter) (eql ch #\Newline) (eql ch #\Return))
(handle-return *stream*)
(render-chat chat-win chat-h))
((or (eql ch 127) (eql ch 8) (eq ch :backspace) (eql ch #\Backspace))
(handle-backspace))
((characterp ch)
(push ch *input-list*))
((integerp ch)
(let ((converted (code-char ch)))
(when (graphic-char-p converted)
(push converted *input-list*))))))
(clear input-win)
(add-string input-win (format nil "▶ ~a" (coerce (reverse *input-list*) 'string)) :y 0 :x 1)
(refresh input-win))
(sleep 0.01))))
(setf *is-running* nil)
(when *socket* (ignore-errors (usocket:socket-close *socket*)))))
#+end_src
** REPL test script (tmux)
Use this script to test the TUI non-interactively in a tmux session. It launches the TUI in a headless tmux window, sends text, and captures the output.
#+begin_src bash :tangle no
#!/bin/bash
SESSION="oct-tui-test"
tmux new-session -d -s "$SESSION" \
-e OC_CONFIG_DIR="$HOME/.config/opencortex" \
-e OC_DATA_DIR="$HOME/.local/share/opencortex" \
-e TERM="screen-256color" \
"sbcl --non-interactive \
--eval '(load (merge-pathnames \"quicklisp/setup.lisp\" (user-homedir-pathname)))' \
--eval '(push (truename \"$HOME/.local/share/opencortex/\") asdf:*central-registry*)' \
--eval '(ql:quickload :opencortex/tui)' \
--eval '(opencortex.tui:main)'"
sleep 5
tmux capture-pane -t "$SESSION" -p -S -20
tmux send-keys -t "$SESSION" 'hello' Enter
sleep 8
tmux capture-pane -t "$SESSION" -p -S -20
tmux send-keys -t "$SESSION" '/exit' Enter
sleep 1
tmux kill-session -t "$SESSION" 2>/dev/null || true
#+end_src

25
infrastructure/docker/Dockerfile
View File

@@ -1,32 +1,23 @@
FROM debian:bullseye-slim
FROM debian:trixie-slim
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y \
sbcl \
emacs-nox \
curl \
git \
socat \
netcat-openbsd \
libssl-dev \
libncurses5-dev \
libffi-dev \
zlib1g-dev \
libsqlite3-dev \
sbcl emacs-nox curl git socat netcat-openbsd rlwrap \
libssl-dev libncurses-dev libffi-dev zlib1g-dev libsqlite3-dev \
&& rm -rf /var/lib/apt/lists/*
# Install Quicklisp
RUN curl -O https://beta.quicklisp.org/quicklisp.lisp \
&& sbcl --non-interactive --load quicklisp.lisp --eval "(quicklisp-quickstart:install)" --eval "(ql-util:without-prompting (ql:add-to-init-file))" \
&& sbcl --non-interactive --load quicklisp.lisp \
--eval "(quicklisp-quickstart:install)" \
--eval "(ql-util:without-prompting (ql:add-to-init-file))" \
&& rm quicklisp.lisp
WORKDIR /app
COPY . .
# Initialize system in non-interactive mode
RUN mkdir -p /root/memex && ./opencortex.sh setup --non-interactive
RUN mkdir -p /root/memex && ./opencortex.sh configure --non-interactive
EXPOSE 9105
CMD ["./opencortex.sh", "boot"]
CMD ["./opencortex.sh", "daemon"]

11
infrastructure/docker/docker-compose.yml
View File

@@ -1,18 +1,15 @@
services:
opencortex:
build:
context: .
dockerfile: Dockerfile
context: ../../
dockerfile: infrastructure/docker/Dockerfile
container_name: opencortex
env_file: .env
env_file: ../../.env
volumes:
# Mount the entire memex directory (2 levels up from projects/opencortex)
- ../..:/memex
# Ensure signal-cli state is preserved
- ../../../..:/memex
- signal-state:/root/.local/share/signal-cli
ports:
- "${ORG_AGENT_DAEMON_PORT:-9105}:9105"
- "${ORG_AGENT_WEB_PORT:-8080}:8080"
restart: unless-stopped
volumes:

15
infrastructure/opencortex.service Normal file
View File

@@ -0,0 +1,15 @@
[Unit]
Description=OpenCortex Daemon
Documentation=https://github.com/amrgharbeia/opencortex
After=network.target
[Service]
Type=simple
User=%u
ExecStart=%h/projects/opencortex/opencortex.sh daemon
Restart=on-failure
RestartSec=10
WorkingDirectory=%h/projects/opencortex
[Install]
WantedBy=default.target

13
opencortex.asd
View File

@@ -15,27 +15,22 @@
(:file "harness/perceive")
(:file "harness/reason")
(:file "harness/act")
(:file "harness/doctor")
(:file "harness/loop")))
(defsystem :opencortex/tests
:depends-on (:opencortex :fiveam)
:components ((:file "tests/pipeline-act-tests")
(:file "tests/boot-sequence-tests")
(:file "tests/communication-tests")
(:file "tests/immune-system-tests")
(:file "tests/memory-tests")
(:file "tests/pipeline-perceive-tests")
(:file "tests/pipeline-reason-tests")
(:file "tests/peripheral-vision-tests")
(:file "tests/utils-org-tests")
(:file "tests/engineering-standards-tests")
(:file "tests/utils-lisp-tests")
(:file "tests/literate-programming-tests")
(:file "tests/self-edit-tests")
(:file "tests/tool-permissions-tests")
(:file "tests/diagnostics-tests")
(:file "tests/config-manager-tests")
(:file "tests/gateway-manager-tests")
(:file "tests/tui-tests")
(:file "tests/utils-org-tests")
(:file "tests/utils-lisp-tests")
(:file "tests/llm-gateway-tests")))
(defsystem :opencortex/tui

592
opencortex.sh
View File

@@ -7,8 +7,7 @@ RED='\033[0;31m'; GREEN='\033[0;32m'; BLUE='\033[0;34m'; YELLOW='\033[0;33m'; NC
command_exists() { command -v "$1" >/dev/null 2>&1; }
# 1. XDG PATH RESOLUTION
# SCRIPT_DIR is the immutable source (where the git repo lives)
# --- XDG PATH RESOLUTION ---
SOURCE="${BASH_SOURCE[0]}"
while [ -h "$SOURCE" ]; do
DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
@@ -17,369 +16,454 @@ while [ -h "$SOURCE" ]; do
done
export SCRIPT_DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
# XDG Defaults (realpath ensures no unexpanded ~ in paths)
export OC_CONFIG_DIR="$(realpath -m "${XDG_CONFIG_HOME:-$HOME/.config}/opencortex")"
export OC_DATA_DIR="$(realpath -m "${XDG_DATA_HOME:-$HOME/.local/share}/opencortex")"
export OC_STATE_DIR="$(realpath -m "${XDG_STATE_HOME:-$HOME/.local/state}/opencortex")"
export OC_BIN_DIR="$(realpath -m "${XDG_BIN_HOME:-$HOME/.local/bin}")"
# Dynamic defaults for Skill Engine and Project Root
export SKILLS_DIR="${SKILLS_DIR:-$OC_DATA_DIR/skills}"
export MEMEX_DIR="${MEMEX_DIR:-$HOME/memex}"
# Load environment variables from the standard config location
if [ -f "$OC_CONFIG_DIR/.env" ]; then
set -a
source "$OC_CONFIG_DIR/.env"
set +a
set -a; source "$OC_CONFIG_DIR/.env"; set +a
fi
# --- Dependency Checker ---
# --- DISTRO DETECTION ---
detect_distro() {
if [ -f /etc/os-release ]; then
. /etc/os-release
case "$ID" in
debian|ubuntu|linuxmint|pop|elementary|zorin) echo "debian" ;;
fedora|rhel|centos|rocky|almalinux) echo "fedora" ;;
*) echo "unknown" ;;
esac
elif command_exists apt-get; then echo "debian"
elif command_exists dnf; then echo "fedora"
else echo "unknown"; fi
}
distro_install() {
local distro=$(detect_distro); shift
case "$distro" in
debian) sudo apt-get update && sudo apt-get install -y "$@" ;;
fedora) sudo dnf install -y "$@" ;;
*) echo "Unsupported distro. Install manually: sbcl emacs git curl socat"; return 1 ;;
esac
}
# --- DEPENDENCY CHECK ---
check_dependencies() {
local missing=()
for dep in sbcl emacs git curl socat nc; do
if ! command_exists "$dep"; then
missing+=("$dep")
fi
for dep in sbcl git curl socat nc; do
if ! command_exists "$dep"; then missing+=("$dep"); fi
done
if ! command_exists emacs; then missing+=("emacs-nox"); fi
if [ ${#missing[@]} -gt 0 ]; then
echo -e "${YELLOW}--- Missing dependencies: ${missing[*]} ---${NC}"
if command_exists apt-get; then
echo "Attempting to install missing dependencies..."
if sudo apt-get update && sudo apt-get install -y sbcl emacs-nox rlwrap netcat-openbsd curl git socat libssl-dev libncurses-dev libffi-dev zlib1g-dev libsqlite3-dev 2>/dev/null; then
echo -e "${GREEN}✓ Dependencies installed successfully${NC}"
else
echo -e "${RED}✗ Could not install dependencies. Please run with sudo or install manually:${NC}"
echo " sudo apt-get install sbcl emacs-nox rlwrap netcat-openbsd curl git socat"
fi
else
echo -e "${RED}✗ Cannot auto-install: apt-get not available${NC}"
echo "Please install manually: sbcl emacs git curl socat netcat-openbsd"
fi
echo -e "${YELLOW}--- Installing missing dependencies: ${missing[*]} ---${NC}"
local distro=$(detect_distro)
case "$distro" in
debian)
distro_install "${missing[@]}" libssl-dev libncurses-dev libffi-dev zlib1g-dev libsqlite3-dev 2>/dev/null || true
if ! command_exists rlwrap; then distro_install rlwrap 2>/dev/null || true; fi
if ! command_exists nc; then distro_install netcat-openbsd 2>/dev/null || true; fi
;;
fedora)
distro_install "${missing[@]}" openssl-devel ncurses-devel libffi-devel zlib-devel sqlite-devel 2>/dev/null || true
if ! command_exists rlwrap; then distro_install rlwrap 2>/dev/null || true; fi
if ! command_exists nc; then distro_install nmap-ncat 2>/dev/null || true; fi
;;
esac
fi
}
# --- 2. SETUP ---
# --- SETUP ---
setup_system() {
NON_INTERACTIVE=false
NON_INTERACTIVE=false; WITH_FIREWALL=false
for arg in "$@"; do
if [ "$arg" == "--non-interactive" ]; then NON_INTERACTIVE=true; fi
case "$arg" in
--non-interactive) NON_INTERACTIVE=true ;;
--with-firewall) WITH_FIREWALL=true ;;
esac
done
echo -e "${BLUE}=== OpenCortex: Initializing XDG-Compliant System ===${NC}"
# Create standard directories
echo -e "${BLUE}=== OpenCortex: Configure ===${NC}"
mkdir -p "$OC_CONFIG_DIR" "$OC_DATA_DIR" "$OC_STATE_DIR" "$OC_BIN_DIR"
mkdir -p "$OC_DATA_DIR/harness" "$OC_DATA_DIR/tests" "$OC_DATA_DIR/skills"
echo -e "${YELLOW}--- Installing System Dependencies ---${NC}"
if command_exists apt-get; then
sudo apt-get update && sudo apt-get install -y sbcl emacs-nox rlwrap netcat-openbsd curl git socat libssl-dev libncurses-dev libffi-dev zlib1g-dev libsqlite3-dev
fi
check_dependencies
if [ ! -d "$HOME/quicklisp" ]; then
echo -e "${YELLOW}--- Installing Quicklisp ---${NC}"
curl -O https://beta.quicklisp.org/quicklisp.lisp
sbcl --non-interactive --load quicklisp.lisp --eval "(quicklisp-quickstart:install)" --eval "(ql-util:without-prompting (ql:add-to-init-file))"
sbcl --non-interactive --load quicklisp.lisp \
--eval "(quicklisp-quickstart:install)" \
--eval "(ql-util:without-prompting (ql:add-to-init-file))"
rm quicklisp.lisp
fi
# Tangle the literate source from the repo into XDG directories
echo -e "${YELLOW}--- Deploying Engine to $OC_DATA_DIR ---${NC}"
cp "$SCRIPT_DIR/opencortex.asd" "$OC_DATA_DIR/"
mkdir -p "$OC_DATA_DIR/harness" "$OC_DATA_DIR/tests" "$OC_DATA_DIR/skills"
export INSTALL_DIR="$OC_DATA_DIR"
# --- Harness files ---
# Copy org files to harness/ so :tangle relative paths resolve to XDG
cp "$SCRIPT_DIR/harness"/*.org "$OC_DATA_DIR/harness/"
# Critical: Tangle manifest first (into root)
echo "Tangling harness/manifest.org..."
(cd "$OC_DATA_DIR/harness" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"manifest.org\")") >/dev/null 2>&1 || true
# Tangle harness files into harness/
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"manifest.org\")") >/dev/null 2>&1 || true
for f in "$OC_DATA_DIR/harness"/*.org; do
fname=$(basename "$f" .org)
if [ "$fname" != "manifest" ]; then
echo "Tangling harness/$fname.org..."
(cd "$OC_DATA_DIR/harness" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"${fname}.org\")") >/dev/null 2>&1 || true
fi
[ "$fname" = "manifest" ] && continue
echo "Tangling harness/$fname.org..."
(cd "$OC_DATA_DIR/harness" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"${fname}.org\")") >/dev/null 2>&1 || true
done
# Move test files that landed in harness/ to tests/
find "$OC_DATA_DIR/harness" -name "*-tests.lisp" -exec mv {} "$OC_DATA_DIR/tests/" \; 2>/dev/null || true
# Remove org files from harness/ (only .lisp should remain)
rm -f "$OC_DATA_DIR/harness"/*.org
# --- Skill files ---
for f in "$SCRIPT_DIR/skills"/*.org; do
fname=$(basename "$f" .org)
echo "Tangling skills/$fname.org..."
sed "s|%%SKILLS_DIR%%|$OC_DATA_DIR/skills|g" "$f" > "/tmp/$fname.org"
cp "$f" "$OC_DATA_DIR/skills/"
(cd "$OC_DATA_DIR/skills" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"/tmp/$fname.org\")") >/dev/null 2>&1 || true
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"${fname}.org\")") >/dev/null 2>&1 || true
rm -f "$OC_DATA_DIR/skills/$fname.org"
done
# Move test files that landed in skills/ to tests/
find "$OC_DATA_DIR/skills" -name "*-tests.lisp" -exec mv {} "$OC_DATA_DIR/tests/" \; 2>/dev/null || true
rm -f /tmp/*.org
# Also move run-all-tests.lisp if it landed in the wrong place
[ -f "$OC_DATA_DIR/run-all-tests.lisp" ] && mv "$OC_DATA_DIR/run-all-tests.lisp" "$OC_DATA_DIR/harness/"
rm -f "$OC_DATA_DIR/harness"/*.org "$OC_DATA_DIR/skills"/*.org
# Cleanup: Remove .org files from XDG (we only want .lisp)
echo "Cleaning up .org files from XDG..."
rm -f "$OC_DATA_DIR/harness"/*.org "$OC_DATA_DIR/skills"/*.org /tmp/*.org
cd "$SCRIPT_DIR" # Create the bin shim
echo -e "${YELLOW}--- Creating Bin Shim in $OC_BIN_DIR/opencortex ---${NC}"
ln -sf "$SCRIPT_DIR/opencortex.sh" "$OC_BIN_DIR/opencortex"
if [ "$WITH_FIREWALL" = true ]; then
case $(detect_distro) in
debian) sudo ufw allow 9105/tcp 2>/dev/null && echo "✓ UFW: port 9105 opened" || true ;;
fedora) sudo firewall-cmd --add-port=9105/tcp --permanent 2>/dev/null && sudo firewall-cmd --reload 2>/dev/null && echo "✓ firewalld: port 9105 opened" || true ;;
esac
fi
if [ "$NON_INTERACTIVE" = true ]; then
echo "Setup complete (Non-interactive)."
echo "Configure complete."
exit 0
fi
echo -e "${YELLOW}--- Launching Lisp Setup Wizard ---${NC}"
# Use OC_DATA_DIR for the Lisp registry
echo -e "${YELLOW}--- Launching Setup Wizard ---${NC}"
exec sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval "(setf (uiop:getenv \"SKILLS_DIR\") \"$OC_DATA_DIR/skills\")" \
--eval '(ql:quickload :opencortex)' \
--eval "(setf (uiop:getenv \"SKILLS_DIR\") \"$OC_DATA_DIR/skills\")" \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "RUN-SETUP-WIZARD" :opencortex))'
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "RUN-SETUP-WIZARD" :opencortex))'
}
# --- Doctor Repair (Lightweight Fix) ---
# --- DOCTOR REPAIR ---
doctor_repair() {
echo -e "${BLUE}=== OpenCortex: Repair Mode ===${NC}"
# 1. Fix system dependencies
echo -e "${YELLOW}--- Fixing System Dependencies ---${NC}"
check_dependencies
# 2. Ensure XDG directories exist
echo -e "${YELLOW}--- Fixing XDG Directories ---${NC}"
mkdir -p "$OC_CONFIG_DIR" "$OC_DATA_DIR" "$OC_STATE_DIR" "$OC_BIN_DIR"
mkdir -p "$OC_DATA_DIR/harness" "$OC_DATA_DIR/tests" "$OC_DATA_DIR/skills"
# 3. Re-tangle harness files that may be broken
echo -e "${YELLOW}--- Re-tangling Harness Files ---${NC}"
for f in "$SCRIPT_DIR/harness"/*.org; do
if [ -f "$f" ]; then
fname=$(basename "$f" .org)
echo " Checking harness/$fname..."
# Try to load each harness file - if it fails, re-tangle
if ! sbcl --non-interactive \
--eval "(load \"$OC_DATA_DIR/harness/${fname}.lisp\")" \
--eval "(format t \"OK~%\")" 2>/dev/null | grep -q "OK"; then
echo " Re-tangling $fname.org..."
(cd "$OC_DATA_DIR/harness" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"$f\")" >/dev/null 2>&1) || true
fi
[ -f "$f" ] || continue
fname=$(basename "$f" .org)
echo " Checking harness/$fname..."
if ! sbcl --non-interactive \
--eval "(load \"$OC_DATA_DIR/harness/${fname}.lisp\")" \
--eval "(format t \"OK~%\")" 2>/dev/null | grep -q "OK"; then
echo " Re-tangling $fname.org..."
(cd "$OC_DATA_DIR/harness" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"$f\")") >/dev/null 2>&1 || true
fi
done
# 4. Re-tangle skill files that may be broken
echo -e "${YELLOW}--- Re-tangling Skill Files ---${NC}"
for f in "$SCRIPT_DIR/skills"/*.org; do
if [ -f "$f" ]; then
fname=$(basename "$f" .org)
echo " Checking skill/$fname..."
# Replace %%SKILLS_DIR%% placeholder with temp file
sed "s|%%SKILLS_DIR%%|$OC_DATA_DIR/skills|g" "$f" > "/tmp/$fname.org"
if ! sbcl --non-interactive \
--eval "(load \"$OC_DATA_DIR/skills/${fname}.lisp\")" \
--eval "(format t \"OK~%\")" 2>/dev/null | grep -q "OK"; then
echo " Re-tangling $fname.org..."
(cd "$OC_DATA_DIR/skills" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"/tmp/${fname}.org\")" >/dev/null 2>&1) || true
fi
rm -f "/tmp/$fname.org"
[ -f "$f" ] || continue
fname=$(basename "$f" .org)
echo " Checking skill/$fname..."
if ! sbcl --non-interactive \
--eval "(load \"$OC_DATA_DIR/skills/${fname}.lisp\")" \
--eval "(format t \"OK~%\")" 2>/dev/null | grep -q "OK"; then
echo " Re-tangling $fname.org..."
cp "$f" "$OC_DATA_DIR/skills/"
(cd "$OC_DATA_DIR/skills" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"${fname}.org\")") >/dev/null 2>&1 || true
rm -f "$OC_DATA_DIR/skills/$fname.org"
fi
done
# 5. Cleanup .org files
rm -f "$OC_DATA_DIR/harness"/*.org "$OC_DATA_DIR/skills"/*.org 2>/dev/null || true
echo -e "${GREEN}--- Repair Complete ---${NC}"
echo "Run 'opencortex doctor' to verify the system."
}
# --- 3. COMMAND ROUTER ---
COMMAND=$1
[ -z "$COMMAND" ] && COMMAND="cli"
# --- INSTALL SKILL ---
install_skill() {
local SKILL_NAME=$1
if [ -z "$SKILL_NAME" ]; then
echo "Usage: opencortex install skill <skill-name>"
echo " Installs a skill from opencortex-contrib"
echo ""
echo "Available skills:"
if [ -d "$MEMEX_DIR/projects/opencortex-contrib/skills" ]; then
ls "$MEMEX_DIR/projects/opencortex-contrib/skills"/*.org 2>/dev/null | xargs -I{} basename {} .org | sed 's/org-skill-//' | sort | uniq
else
echo " (clone opencortex-contrib to ~/memex/projects/ first)"
fi
exit 1
fi
local SKILL_FILE="org-skill-${SKILL_NAME}.org"
local SOURCE_DIR="$MEMEX_DIR/projects/opencortex-contrib/skills"
local TARGET_DIR="$OC_DATA_DIR/skills"
if [ ! -d "$SOURCE_DIR" ]; then
echo "Error: Contrib skills not found at $SOURCE_DIR"
echo "Run: git clone https://github.com/amrgharbeia/opencortex-contrib.git \$MEMEX_DIR/projects/opencortex-contrib"
exit 1
fi
if [ ! -f "$SOURCE_DIR/$SKILL_FILE" ]; then
echo "Error: Skill '$SKILL_NAME' not found"
exit 1
fi
mkdir -p "$TARGET_DIR"
cp "$SOURCE_DIR/$SKILL_FILE" "$TARGET_DIR/"
(cd "$TARGET_DIR" && emacs -Q --batch \
--eval "(require 'org)" \
--eval "(setq org-confirm-babel-evaluate nil)" \
--eval "(org-babel-tangle-file \"$SKILL_FILE\")") >/dev/null 2>&1 || true
rm -f "$TARGET_DIR/$SKILL_FILE"
if [ -f "$TARGET_DIR/${SKILL_NAME}-tests.lisp" ]; then
mv "$TARGET_DIR/${SKILL_NAME}-tests.lisp" "$OC_DATA_DIR/tests/" 2>/dev/null || true
fi
echo "Skill '$SKILL_NAME' installed. Restart to activate."
}
# --- INSTALL SERVICE ---
install_service() {
mkdir -p "$HOME/.config/systemd/user"
cat > "$HOME/.config/systemd/user/opencortex.service" << 'SERVICEEOF'
[Unit]
Description=OpenCortex Daemon
After=network.target
[Service]
Type=simple
ExecStart=%h/projects/opencortex/opencortex.sh daemon
Restart=on-failure
RestartSec=10
WorkingDirectory=%h/projects/opencortex
[Install]
WantedBy=default.target
SERVICEEOF
systemctl --user daemon-reload
systemctl --user enable opencortex.service
systemctl --user start opencortex.service
echo -e "${GREEN}✓ opencortex.service installed and started${NC}"
echo " Status: systemctl --user status opencortex.service"
echo " Logs: journalctl --user -u opencortex.service -f"
}
uninstall_service() {
systemctl --user stop opencortex.service 2>/dev/null || true
systemctl --user disable opencortex.service 2>/dev/null || true
rm -f "$HOME/.config/systemd/user/opencortex.service"
systemctl --user daemon-reload
echo -e "${GREEN}✓ opencortex.service removed${NC}"
}
# --- BACKUP ---
backup() {
local dest="${1:-$HOME/opencortex-backup-$(date +%Y%m%d-%H%M%S).tar.gz}"
if [ -f "$dest" ]; then echo "Error: $dest exists"; exit 1; fi
echo "Backing up to $dest..."
tar -czf "$dest" \
"$OC_CONFIG_DIR" "$OC_DATA_DIR" \
"$MEMEX_DIR/gtd.org" "$MEMEX_DIR/projects/opencortex" \
2>/dev/null || true
echo -e "${GREEN}✓ Backed up to $dest${NC}"
}
restore() {
local src="$1"
if [ -z "$src" ] || [ ! -f "$src" ]; then
echo "Usage: opencortex restore <backup-file>"
exit 1
fi
echo "Restoring from $src..."
tar -xzf "$src" -C /
echo -e "${GREEN}✓ Restored. Run 'opencortex doctor' to verify.${NC}"
}
# --- HELP ---
help() {
echo ""
echo "OpenCortex — Your Autonomous, Plain-Text Life Assistant"
echo ""
echo "Usage: opencortex.sh <command> [options]"
echo ""
echo "System:"
echo " configure [--non-interactive] [--with-firewall] Install or reconfigure the system"
echo " setup Alias for configure"
echo " doctor [--fix] [--watch] System health check"
echo ""
echo "Running:"
echo " daemon Start background daemon"
echo " tui Launch terminal UI"
echo " gateway {link|unlink|list} <platform> <token> Manage chat gateways"
echo ""
echo "Skills:"
echo " install skill <name> Install a skill from contrib"
echo " install service Install systemd service (auto-start)"
echo " uninstall service Remove systemd service"
echo ""
echo "Data:"
echo " backup [path] Backup config, data, memex"
echo " restore <path> Restore from a backup"
echo ""
echo "Quick start:"
echo " curl -fsSL https://raw.githubusercontent.com/amrgharbeia/opencortex/main/opencortex.sh | bash -s configure"
echo ""
}
# --- COMMAND ROUTER ---
COMMAND=$1; [ -z "$COMMAND" ] && COMMAND="help"
shift || true
case "$COMMAND" in
link)
PLATFORM=$1
TOKEN=$2
configure|setup)
check_dependencies
exec sbcl --non-interactive --eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' --eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" --eval "(setf (uiop:getenv \"SKILLS_DIR\") \"$OC_DATA_DIR/skills\")" --eval '(ql:quickload :opencortex)' --eval '(opencortex:initialize-all-skills)' --eval "(funcall (find-symbol \"GATEWAY-MANAGER-MAIN\" :opencortex) \"$PLATFORM\" \"$TOKEN\")"
if [ "$1" = "--add-provider" ]; then
sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "SETUP-ADD-PROVIDER" :opencortex))'
elif [ "$1" = "--link" ]; then
exec "$0" gateway link "$2" "$3"
else
setup_system "$@"
fi
;;
doctor)
check_dependencies
if [ "$1" = "--watch" ]; then
echo "Starting background health monitor (60s interval)..."
echo "Press Ctrl+C to stop."
echo ""
while true; do
echo "--- $(date '+%Y-%m-%d %H:%M:%S') ---"
sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "DOCTOR-RUN-ALL" :opencortex))' \
--eval '(uiop:quit 0)' 2>&1 | grep -E "(HEALTH|OK|FAIL|WARN|SYSTEM|===)" || true
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "DOCTOR-RUN-ALL" :opencortex))' 2>&1 | grep -E "(HEALTH|OK|FAIL|WARN|SYSTEM|===)" || true
sleep 60
done
elif [ "$1" = "--fix" ]; then
# Check if major harness files exist - if not, run full setup
if [ ! -f "$OC_DATA_DIR/harness/package.lisp" ] || [ ! -f "$OC_DATA_DIR/harness/skills.lisp" ]; then
echo "Core files missing. Running full setup..."
setup_system "$@"
else
echo "Repairing system..."
doctor_repair
fi
else
exec sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "DOCTOR-MAIN" :opencortex))'
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "DOCTOR-MAIN" :opencortex))'
fi
;;
setup)
check_dependencies
if [ "$1" = "--add-provider" ]; then
echo "Adding LLM provider..."
sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "SETUP-ADD-PROVIDER" :opencortex))'
elif [ "$1" = "--link" ]; then
PLATFORM=$2
TOKEN=$3
if [ -z "$PLATFORM" ] || [ -z "$TOKEN" ]; then
echo "Usage: opencortex setup --link <platform> <token>"
echo " platforms: slack, discord"
exit 1
fi
echo "Linking $PLATFORM gateway..."
$0 link "$PLATFORM" "$TOKEN"
elif [ "$1" = "--non-interactive" ]; then
setup_system "$@"
else
# Run interactive setup wizard
echo "Starting interactive setup wizard..."
sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval "(setf (uiop:getenv \"SKILLS_DIR\") \"$OC_DATA_DIR/skills\")" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "RUN-SETUP-WIZARD" :opencortex))'
fi
;;
boot|--boot)
check_dependencies
exec sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval "(ql:quickload '(:opencortex :croatoan))" \
--eval '(opencortex:main)'
;;
daemon)
check_dependencies
echo "Starting OpenCortex daemon in background..."
echo "Starting daemon in background..."
nohup sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval "(ql:quickload '(:opencortex :croatoan))" \
--eval '(opencortex:main)' \
> "$OC_STATE_DIR/daemon.log" 2>&1 &
echo "Daemon started. Waiting for port 9105..."
for i in {1..20}; do
if ss -tln | grep -q 9105; then
echo "✓ Daemon ready on port 9105"
exit 0
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval "(ql:quickload '(:opencortex :croatoan))" \
--eval '(opencortex:main)' \
> "$OC_STATE_DIR/daemon.log" 2>&1 &
echo "Waiting for port 9105..."
for i in $(seq 1 20); do
if ss -tln 2>/dev/null | grep -q 9105 || netstat -tln 2>/dev/null | grep -q 9105; then
echo "✓ Daemon ready on port 9105"; exit 0
fi
sleep 1
done
echo "✗ Daemon failed to start. Check $OC_STATE_DIR/daemon.log"
exit 1
echo "✗ Daemon failed to start. Check $OC_STATE_DIR/daemon.log"; exit 1
;;
tui)
check_dependencies
if ! ss -tln | grep -q 9105; then
echo "Daemon not running. Starting daemon first..."
if ! ss -tln 2>/dev/null | grep -q 9105 && ! netstat -tln 2>/dev/null | grep -q 9105; then
echo "Starting daemon first..."
$0 daemon
fi
if sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex/tui)' \
--eval '(opencortex.tui:main)'; then
true
else
EXIT_CODE=$?
echo ""
echo "TUI exited with error. Running diagnostics..."
$0 doctor
echo ""
echo "Run 'opencortex doctor --fix' to repair, or 'opencortex setup' to reconfigure."
exit $EXIT_CODE
fi
sbcl \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex/tui)' \
--eval '(opencortex.tui:main)' || {
echo "TUI error. Run 'opencortex doctor --fix'"; exit 1
}
;;
cli|boot)
gateway)
SUBCMD=$1; PLATFORM=$2; TOKEN=$3
check_dependencies
if sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval "(ql:quickload '(:opencortex :croatoan))" \
--eval '(opencortex:main)'; then
true
else
EXIT_CODE=$?
echo ""
echo "CLI exited with error. Running diagnostics..."
$0 doctor
echo ""
echo "Run 'opencortex doctor --fix' to repair, or 'opencortex setup' to reconfigure."
exit $EXIT_CODE
fi
case "$SUBCMD" in
list)
exec sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval '(funcall (find-symbol "GATEWAY-LIST-PRINT" (find-package "OPENCORTEX.SKILLS.ORG-SKILL-GATEWAY-MANAGER")))'
;;
link)
[ -z "$PLATFORM" ] || [ -z "$TOKEN" ] && echo "Usage: opencortex gateway link <platform> <token>" && exit 1
exec sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval "(funcall (find-symbol \"GATEWAY-LINK\" (find-package \"OPENCORTEX.SKILLS.ORG-SKILL-GATEWAY-MANAGER\")) \"$PLATFORM\" \"$TOKEN\")"
;;
unlink)
[ -z "$PLATFORM" ] && echo "Usage: opencortex gateway unlink <platform>" && exit 1
exec sbcl --non-interactive \
--eval '(load (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname)))' \
--eval "(push (truename \"$OC_DATA_DIR/\") asdf:*central-registry*)" \
--eval '(ql:quickload :opencortex)' \
--eval '(opencortex:initialize-all-skills)' \
--eval "(funcall (find-symbol \"GATEWAY-UNLINK\" (find-package \"OPENCORTEX.SKILLS.ORG-SKILL-GATEWAY-MANAGER\")) \"$PLATFORM\")"
;;
*) echo "Usage: opencortex gateway {list|link|unlink}"; exit 1 ;;
esac
;;
install)
case "$1" in
skill) shift; install_skill "$@" ;;
service) install_service ;;
*) echo "Usage: opencortex install {skill|service}" >&2; exit 1 ;;
esac
;;
uninstall)
case "$1" in
service) uninstall_service ;;
*) echo "Usage: opencortex uninstall {service}" >&2; exit 1 ;;
esac
;;
backup)
backup "$1"
;;
restore)
restore "$1"
;;
help|--help|-h)
help
;;
*)
echo "Available commands: setup, link, doctor, boot, tui, cli, daemon"
echo "Unknown command: $COMMAND"
help
exit 1
;;
esac

17
run-tests.lisp
View File

@@ -2,7 +2,8 @@
(let ((oc-dir (or (uiop:getenv "OC_DATA_DIR")
(namestring (truename "./")))))
(push (uiop:ensure-directory-pathname oc-dir) asdf:*central-registry*))
(push (uiop:ensure-directory-pathname oc-dir) asdf:*central-registry*)
(setf (uiop:getenv "OC_DATA_DIR") oc-dir))
(ql:quickload '(:fiveam :opencortex :opencortex/tui :opencortex/tests) :silent t)
@@ -13,15 +14,17 @@
(dolist (suite-spec '(("OPENCORTEX-BOOT-TESTS" "BOOT-SUITE")
("OPENCORTEX-COMMUNICATION-TESTS" "COMMUNICATION-PROTOCOL-SUITE")
("OPENCORTEX-PIPELINE-ACT-TESTS" "PIPELINE-ACT-SUITE")
("OPENCORTEX-DOCTOR-TESTS" "DOCTOR-SUITE")
("OPENCORTEX-IMMUNE-SYSTEM-TESTS" "IMMUNE-SUITE")
("OPENCORTEX-LLM-GATEWAY-TESTS" "LLM-GATEWAY-SUITE")
("OPENCORTEX-MEMORY-TESTS" "MEMORY-SUITE")
("OPENCORTEX-ENGINEERING-STANDARDS-TESTS" "ENGINEERING-STANDARDS-SUITE")
("OPENCORTEX-DIAGNOSTICS-TESTS" "DIAGNOSTICS-SUITE")
("OPENCORTEX-GATEWAY-MANAGER-TESTS" "GATEWAY-SUITE")
("OPENCORTEX-PERIPHERAL-VISION-TESTS" "VISION-SUITE")
("OPENCORTEX-PIPELINE-ACT-TESTS" "PIPELINE-ACT-SUITE")
("OPENCORTEX-PIPELINE-PERCEIVE-TESTS" "PIPELINE-PERCEIVE-SUITE")
("OPENCORTEX-PIPELINE-REASON-TESTS" "PIPELINE-REASON-SUITE")
("OPENCORTEX-TUI-TESTS" "TUI-SUITE")
("OPENCORTEX-UTILS-ORG-TESTS" "UTILS-ORG-SUITE")
("OPENCORTEX-UTILS-LISP-TESTS" "UTILS-LISP-SUITE")
("OPENCORTEX-LLM-GATEWAY-TESTS" "LLM-GATEWAY-SUITE")))
("OPENCORTEX-UTILS-ORG-TESTS" "UTILS-ORG-SUITE")))
(let ((pkg (find-package (first suite-spec))))
(when pkg
(let ((suite-sym (find-symbol (second suite-spec) pkg)))

283
skills/org-skill-bouncer.org
View File

@@ -1,21 +1,128 @@
#+TITLE: SKILL: Bouncer (org-skill-bouncer.org)
#+AUTHOR: Agent
#+FILETAGS: :system:bouncer:authorization:autonomy:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-bouncer.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-bouncer.lisp
* Overview
The *Bouncer Skill* is the physical security layer of OpenCortex. It enforces operational security checks on all proposed actions.
* Implementation
** Security Configuration
** Security Configuration — network whitelist
Domains that the Bouncer considers safe for outbound connections. Network calls to unlisted domains are blocked or queued for approval.
#+begin_src lisp
(defvar *bouncer-network-whitelist*
'("api.telegram.org" "matrix.org" "googleapis.com" "openai.com" "anthropic.com")
"Domains that the Bouncer considers safe for outbound connections.")
"Domains the Bouncer considers safe for outbound connections.")
#+end_src
** Secret Scanning (bouncer-scan-secrets)
** Privacy filter tags (bouncer-privacy-tags)
List of tag strings that mark content as private. Content with these tags is filtered from the LLM context window. Configurable via ~PRIVACY_FILTER_TAGS~ env var.
#+begin_src lisp
(defvar bouncer-privacy-tags
(let ((env (uiop:getenv "PRIVACY_FILTER_TAGS")))
(if env
(uiop:split-string env :separator '(#\,))
'("@personal")))
"Tags marking content as private. Set via PRIVACY_FILTER_TAGS.")
#+end_src
** Protected file paths (bouncer-protected-paths)
Path patterns (with * wildcards) that are blocked from file reads. Covers SSH keys, PEM/PGP files, credentials, tokens, env files, and cloud configs.
#+begin_src lisp
(defvar bouncer-protected-paths
'(".env" ".env.example" ".env.local" ".env.production"
"*credentials*" "*cred*"
"*id_rsa*" "*id_dsa*" "*id_ecdsa*" "*id_ed25519*"
"*.pem" "*.key" "*.p12" "*.pfx" "*.asc" "*.gpg" "*.pgp"
"secring.*" "pubring.*" "private-keys-v1.d/*"
"token*" "*secret*" "*token*"
".netrc" ".git-credentials" "auth.json"
".aws/credentials" ".aws/config"
".kube/config" "kubeconfig"
"*.cert" "*.crt" "*.csr"
"*password*" "*passwd*")
"Path patterns blocked from file reads.")
#+end_src
** Content exposure patterns (bouncer-exposure-patterns)
Named regex patterns for scanning content for secret exposure. Each entry is a (name regex) pair. Matches are reported by name so downstream code can act on specific categories.
#+begin_src lisp
(defvar bouncer-exposure-patterns
'((:pem-key "-----BEGIN +(RSA|DSA|EC|OPENSSH|PGP) +PRIVATE +KEY *-----")
(:pgp-key "-----BEGIN +PGP +PRIVATE +KEY +BLOCK-----")
(:pgp-public "-----BEGIN +PGP +PUBLIC +KEY +BLOCK-----")
(:openai-key "sk-[A-Za-z0-9-]{20,}")
(:google-key "AIza[0-9A-Za-z_-]{35}")
(:github-token "gh[pousr]_[A-Za-z0-9]{36,}")
(:slack-token "xox[baprs]-[A-Za-z0-9-]{24,}")
(:env-assignment "[A-Z_]+=[A-Za-z0-9+/=_\\-]{20,}")
(:generic-secret "(api|secret|password|token)[ ]*[:=][ ]*[\"']?[A-Za-z0-9_\\-]{16,}"))
"Named regex patterns for secret exposure detection.")
#+end_src
** Shell safety — timeout
Maximum seconds a shell command is allowed to run before being killed.
#+begin_src lisp
(defvar *bouncer-shell-timeout* 30
"Maximum seconds for a shell command before timeout.")
#+end_src
** Shell safety — output limit
Maximum characters of shell command output to capture. Prevents memory exhaustion from infinite output.
#+begin_src lisp
(defvar *bouncer-shell-max-output* 100000
"Maximum characters of shell output to capture.")
#+end_src
** Shell safety — blocked patterns
Destructive and injection patterns that are blocked in shell commands. Covers ~rm -rf /~, ~dd~, ~mkfs~, ~shred~, backtick injection, and ~$()~ subshell injection.
#+begin_src lisp
(defvar *bouncer-shell-blocked-patterns*
'((:destructive-rm "\\brm\\s+-rf\\s+/")
(:destructive-dd "\\bdd\\s+if=")
(:destructive-mkfs "\\bmkfs\\.")
(:destructive-format "\\bmformat\\b")
(:disk-wipe "\\bshred\\s+/dev/")
(:disk-wipe-b "\\bwipefs\\s+/dev/")
(:injection-backtick "`[^`]+`")
(:injection-subshell "\\$\\([^)]+\\)"))
"Destructive and injection patterns blocked in shell commands.")
#+end_src
** Secret Path Check (bouncer-check-secret-path)
#+begin_src lisp
(defun bouncer-wildcard-match (pattern path)
"Matches PATH against PATTERN where * matches any characters."
(let ((regex (cl-ppcre:regex-replace-all
"\\*" (cl-ppcre:quote-meta-chars pattern) ".*")))
(cl-ppcre:scan regex path)))
(defun bouncer-check-secret-path (filepath)
"Returns the matching pattern if FILEPATH matches a protected path, nil otherwise."
(when (and filepath (stringp filepath))
(some (lambda (pattern)
(when (bouncer-wildcard-match pattern filepath)
pattern))
bouncer-protected-paths)))
#+end_src
** Content Exposure Scanner (bouncer-scan-exposure)
#+begin_src lisp
(defun bouncer-scan-exposure (text)
"Scans TEXT for patterns matching known secret formats.
Returns a list of matched category keywords."
(when (and text (stringp text) (> (length text) 0))
(let ((matches nil))
(dolist (entry bouncer-exposure-patterns)
(let ((name (first entry))
(regex (second entry)))
(when (cl-ppcre:scan regex text)
(push name matches))))
matches)))
#+end_src
** Vault Secret Scanning (bouncer-scan-secrets)
#+begin_src lisp
(defun bouncer-scan-secrets (text)
"Scans TEXT for known secrets from the vault."
@@ -29,6 +136,99 @@ The *Bouncer Skill* is the physical security layer of OpenCortex. It enforces op
found-secret)))
#+end_src
** Privacy Tag Check (bouncer-check-privacy-tags)
#+begin_src lisp
(defun bouncer-check-privacy-tags (tags-list)
"Returns T if any tag in TAGS-LIST matches a privacy filter tag."
(when (and tags-list (listp tags-list))
(some (lambda (tag)
(some (lambda (private)
(or (string-equal tag private)
(search private tag :test #'string-equal)))
bouncer-privacy-tags))
tags-list)))
(defun bouncer-check-text-for-privacy (text)
"Scans TEXT for leaked privacy-tagged content."
(when (and text (stringp text))
(let ((lower (string-downcase text)))
(some (lambda (tag)
(search (string-downcase tag) lower))
bouncer-privacy-tags))))
#+end_src
** Lisp Validation Gate (bouncer-check-lisp-valid)
#+begin_src lisp
(defun bouncer-extract-org-lisp-blocks (content)
"Extracts concatenated Lisp code from #+begin_src lisp blocks in an Org string."
(when (and content (stringp content))
(let ((lines (uiop:split-string content :separator '(#\Newline)))
(in-block nil)
(code ""))
(dolist (line lines)
(let ((clean (string-trim '(#\Space #\Tab) line)))
(cond
((search "#+begin_src lisp" clean)
(setf in-block t))
((search "#+end_src" clean)
(setf in-block nil))
(in-block
(setf code (concatenate 'string code line (string #\Newline)))))))
(when (> (length code) 0) code))))
(defun bouncer-check-lisp-valid (filepath content)
"Validates Lisp syntax when writing .lisp files or Org files with lisp blocks.
Returns the validation result plist or nil if not applicable."
(when (and content (stringp content) (> (length content) 0))
(let ((to-validate
(cond
((uiop:string-suffix-p filepath ".lisp") content)
((uiop:string-suffix-p filepath ".org") (bouncer-extract-org-lisp-blocks content))
(t nil))))
(when to-validate
(multiple-value-bind (valid-p err) (ignore-errors
(let ((*read-eval* nil))
(with-input-from-string (s (format nil "(progn ~a)" to-validate))
(loop for form = (read s nil :eof) until (eq form :eof)))
(values t nil)))
(unless valid-p
(list :status :error :reason err)))))))
#+end_src
** REPL Verification Gate (bouncer-check-repl-verified)
#+begin_src lisp
(defun bouncer-org-contains-defuns-p (content)
"Returns T if the Org content contains any #+begin_src lisp blocks with defuns."
(when (and content (stringp content))
(search "defun " content :test #'char-equal)))
(defun bouncer-check-repl-verified (action filepath content)
"Warns if writing a defun to an Org file without :repl-verified metadata."
(let ((repl-verified (getf action :repl-verified)))
(when (and filepath
(uiop:string-suffix-p filepath ".org")
(bouncer-org-contains-defuns-p content)
(not repl-verified))
(list :type :LOG
:payload (list :level :warn
:text (format nil "Lint: Writing defun to ~a without :repl-verified flag. Did you prototype this in the REPL first?" filepath))))))
#+end_src
** Shell Safety Check (bouncer-check-shell-safety)
#+begin_src lisp
(defun bouncer-check-shell-safety (cmd)
"Checks a shell command for destructive patterns and injection vectors.
Returns a list of matched pattern names or nil if safe."
(when (and cmd (stringp cmd) (> (length cmd) 0))
(let ((matches nil))
(dolist (entry *bouncer-shell-blocked-patterns*)
(let ((name (first entry))
(regex (second entry)))
(when (cl-ppcre:scan regex cmd)
(push name matches))))
matches)))
#+end_src
** Network Check (bouncer-check-network-exfil)
#+begin_src lisp
(defun bouncer-check-network-exfil (cmd)
@@ -46,28 +246,97 @@ The *Bouncer Skill* is the physical security layer of OpenCortex. It enforces op
** Main Security Gate (bouncer-check)
#+begin_src lisp
(defun bouncer-check (action context)
"The 5-Vector security gate for high-risk actions."
"Security gate for high-risk actions.
Vectors: lisp validation, secret path, secret content, vault secrets,
privacy tags, privacy text, shell safety, network exfil, high-impact approval."
(declare (ignore context))
(let* ((target (proto-get action :target))
(payload (proto-get action :payload))
(text (or (proto-get payload :text) (proto-get action :text)))
(filepath (or (proto-get payload :filepath)
(when (equal (proto-get payload :tool) "read-file")
(proto-get (proto-get payload :args) :filepath))
(when (equal (proto-get payload :tool) "write-file")
(proto-get (proto-get payload :args) :filepath))))
(content (when filepath (proto-get (proto-get payload :args) :content)))
(cmd (or (proto-get payload :cmd)
(when (and (eq target :tool) (equal (proto-get payload :tool) "shell"))
(proto-get (proto-get payload :args) :cmd))))
(approved (proto-get action :approved)))
(approved (proto-get action :approved))
(tags (proto-get payload :tags))
(lisp-valid (when (and filepath content (not approved))
(bouncer-check-lisp-valid filepath content)))
(repl-lint (when (and filepath content (not approved))
(bouncer-check-repl-verified action filepath content))))
(cond
(approved action)
;; Vector 0: REPL verification lint (warn, don't block)
(repl-lint
(harness-log "BOUNCER: ~a" (proto-get repl-lint :text))
action)
;; Vector 1: Lisp syntax validation (block bad lisp writes)
((and lisp-valid (eq (getf lisp-valid :status) :error))
(harness-log "LINT VIOLATION: Blocked write — lisp syntax error in ~a: ~a" filepath (getf lisp-valid :reason))
(list :type :LOG
:payload (list :level :error
:text (format nil "Lisp syntax error in ~a: ~a. The write was blocked. Fix the parenthesis balance and retry." filepath (getf lisp-valid :reason)))))
;; Vector 2: File read to a protected secret path
((and filepath (bouncer-check-secret-path filepath))
(let ((matched (bouncer-check-secret-path filepath)))
(harness-log "SECURITY VIOLATION: Blocked read of protected path '~a' (matched: ~a)" filepath matched)
(list :type :LOG
:payload (list :level :error
:text (format nil "Action blocked: Attempted read of protected path '~a'" filepath)))))
;; Vector 3: Content contains secret patterns
((and text (bouncer-scan-exposure text))
(let ((matched (bouncer-scan-exposure text)))
(harness-log "SECURITY VIOLATION: Content contains secret patterns: ~a" matched)
(list :type :LOG
:payload (list :level :error
:text "Action blocked: Content contains potential secret exposure."))))
;; Vector 4: Content contains vault secrets
((and text (bouncer-scan-secrets text))
(let ((secret-name (bouncer-scan-secrets text)))
(harness-log "SECURITY VIOLATION: Blocked potential leak of secret '~a'" secret-name)
(list :type :LOG
:payload (list :level :error
:text (format nil "Action blocked: Potential exposure of '~a'" secret-name)))))
;; Vector 5: Privacy-tagged content in action
((and tags (bouncer-check-privacy-tags tags))
(harness-log "PRIVACY VIOLATION: Action contains privacy-tagged content")
(list :type :LOG
:payload (list :level :warn
:text "Action blocked: Content tagged with privacy filter.")))
;; Vector 6: Text leaks privacy tag names
((and text (bouncer-check-text-for-privacy text))
(harness-log "PRIVACY WARNING: Text may contain leaked private content")
(list :type :LOG
:payload (list :level :warn
:text "Action blocked: Text may reference private content.")))
;; Vector 7: Shell destructive/injection patterns
((and cmd (bouncer-check-shell-safety cmd))
(let ((matched (bouncer-check-shell-safety cmd)))
(harness-log "SHELL VIOLATION: Destructive or injection pattern in command: ~a" matched)
(list :type :LOG
:payload (list :level :error
:text (format nil "Shell command blocked: contains unsafe pattern ~a" matched)))))
;; Vector 8: Network exfiltration
((and (or (eq target :shell)
(and (eq target :tool) (equal (proto-get payload :tool) "shell")))
(bouncer-check-network-exfil cmd))
(bouncer-check-network-exfil cmd))
(harness-log "SECURITY WARNING: External network call detected. Queuing for approval.")
(list :type :EVENT :payload (list :sensor :approval-required :action action)))
;; Vector 8: High-impact action approval
((or (member target '(:shell))
(and (eq target :tool) (member (proto-get payload :tool) '("shell" "repair-file") :test #'string=))
(and (eq target :emacs) (eq (proto-get payload :action) :eval)))

2
skills/org-skill-cli-gateway.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: CLI Gateway (org-skill-cli-gateway.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:gateway:cli:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-cli-gateway.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-cli-gateway.lisp
* Overview
The *CLI Gateway* provides a command-line interface for interacting with the OpenCortex daemon.

28
skills/org-skill-config-manager.org
View File

@@ -1,32 +1,36 @@
#+TITLE: SKILL: Config Manager (org-skill-config-manager.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:setup:config:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-config-manager.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-config-manager.lisp
* Overview
The *Config Manager* skill provides the OpenCortex Agent with the capability to manage its own environment variables and provider configurations. It includes an interactive setup wizard for LLM providers, gateways, and system settings.
* Implementation
** Configuration Paths
** Configuration directory (get-oc-config-dir)
Resolves the XDG config directory for OpenCortex.
#+begin_src lisp
(defun get-oc-config-dir ()
"Returns the absolute path to the opencortex config directory."
(let ((xdg (uiop:getenv "OC_CONFIG_DIR")))
(if (and xdg (string/= xdg ""))
(uiop:ensure-directory-pathname xdg)
(uiop:ensure-directory-pathname (merge-pathnames ".config/opencortex/" (user-homedir-pathname))))))
(if xdg xdg (namestring (merge-pathnames ".config/opencortex/" (user-homedir-pathname))))))
#+end_src
** Config file path (get-config-file)
Returns the path to the ~.env~ file within the config directory.
#+begin_src lisp
(defun get-config-file ()
"Returns the path to the .env config file."
"Returns the path to the .env configuration file."
(merge-pathnames ".env" (get-oc-config-dir)))
#+end_src
** Ensure config directory (ensure-config-dir)
Creates the config directory tree if it does not exist.
#+begin_src lisp
(defun ensure-config-dir ()
"Ensures the config directory exists."
(let ((dir (get-oc-config-dir)))
(unless (uiop:directory-exists-p dir)
(uiop:ensure-directory-pathname dir))
dir))
"Creates the configuration directory if it does not exist."
(ensure-directories-exist (get-oc-config-dir)))
#+end_src
** Config File Operations
@@ -189,7 +193,7 @@ The *Config Manager* skill provides the OpenCortex Agent with the capability to
(format t "==================================================~%~%")
(format t "Note: Skill management is not yet implemented.~%")
(format t "Skills are automatically loaded from ~a~%" (or (uiop:getenv "SKILLS_DIR") "default location"))
(format t "Skills are automatically loaded from ~a~%" (or (uiop:getenv "OC_DATA_DIR") "~/.local/share/opencortex"))
(format t "~%"))
#+end_src

2
skills/org-skill-credentials-vault.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Credentials Vault (org-skill-credentials-vault.org)
#+AUTHOR: Agent
#+FILETAGS: :system:security:vault:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-credentials-vault.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-credentials-vault.lisp
* Overview
The *Credentials Vault* provides secure in-memory storage for sensitive API keys and session tokens.

2
skills/org-skill-diagnostics.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Diagnostics (org-skill-diagnostics.org)
#+AUTHOR: Agent
#+FILETAGS: :system:diagnostics:doctor:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-diagnostics.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-diagnostics.lisp
* Overview
The *Diagnostics Skill* (Doctor) provides system-wide health checks and dependency verification. It validates external dependencies, XDG environment, and LLM provider connectivity.

57
skills/org-skill-engineering-standards.org
View File

@@ -1,10 +1,63 @@
#+TITLE: SKILL: Engineering Standards (org-skill-engineering-standards.org)
#+AUTHOR: Agent
#+FILETAGS: :system:engineering:chaos:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-engineering-standards.lisp
#+DEPENDS_ON: org-skill-utils-lisp
#+PROPERTY: header-args:lisp :tangle org-skill-engineering-standards.lisp
* Overview
The *Engineering Standards Skill* enforces technical invariants, including the **Commit-Before-Modify** rule and **Chaos-Driven Development**.
The *Engineering Standards Skill* defines the REPL-first engineering lifecycle and enforces technical invariants, including the **Commit-Before-Modify** rule and **Chaos-Driven Development**.
** Engineering Lifecycle (Two-Track)
The canonical workflow. Two tracks, not to be confused:
*** Track 1 — Org-First: Prose, Tests, Thinking (Phases 0/A)
This track stays in Org. No code is written yet.
**** Phase 0: Exploration & Documentation
1. Read the relevant Org source files for context
2. Explore the problem in the running REPL with ~repl-inspect~ and ~repl-eval~
3. Document findings in Org prose
4. If a bug: document investigation in Org before fixing (Org as thinking medium)
**** Phase A: Test-First Design
1. Write the success criteria in Org prose — what the function does, arguments, return value, rationale
2. Write the FiveAM test in a ~#+begin_src lisp :tangle no~ block
3. Tangle the test and evaluate in the REPL — confirm it fails (red)
4. The failing test is the success criteria. Do not proceed to Track 2 until it exists and is red.
*** Track 2 — REPL-First: Implementation, Iteration, Reflection (Phases B/C/D/E)
Code is prototyped in the REPL, never written directly into Org first.
**** Phase B/C: REPL Implementation
1. Write the function directly in the REPL using ~repl-eval~
2. Iterate: evaluate, inspect, fix, re-evaluate — the image accumulates state
3. Run the test in the REPL — confirm green
4. Explore edge cases with ~repl-inspect~ and ad-hoc evaluations
5. Before writing any ~defun~ in an Org block, verify it was prototyped and tested in the REPL first
**** Phase D: Chaos Verification
Run the appropriate chaos tier before reflecting code back to Org:
- *Tier 1 (Deterministic)*: Full FiveAM test suite — required on every change
- *Tier 2 (Probabilistic)*: Randomized fuzzing — required on every major release
- *Tier 3 (Stress)*: Load and resource starvation — required during hardening sprints
**** Phase E: Reflect Back to Org
1. Copy the working function into its own ~#+begin_src lisp~ block in the Org file
2. Update the prose to match what the function actually does (arguments, return, rationale)
3. Before closing Phase E, run ~(utils-lisp-validate (uiop:read-file-string "path/to/file.lisp") :strict t)~ in the REPL — never external scripts or manual paren-counting
4. Verify the Org file tangles correctly
5. Tangle, commit, update GTD
**** Syntax Error Protocol
If a LOADER ERROR or reader-error occurs:
1. Run ~(utils-lisp-validate (uiop:read-file-string "file.lisp") :strict t)~ in the REPL — never Python, never grep, never manual counting
2. Fix the error in the Org file (since the code was prototyped in REPL first, this should be rare)
3. Retangle and re-evaluate
Rationale: The two tracks prevent the two failure modes we have observed. Writing implementation code directly in Org (without REPL prototyping) produces syntax errors that require external tools to debug. Skipping Org-first test writing produces code without verified success criteria. The split is not bureaucratic — it is the mechanism by which both failures are prevented.
* Implementation

2
skills/org-skill-gardener.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Gardener (org-skill-gardener.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:maintenance:gardener:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-gardener.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-gardener.lisp
* Overview
The *Gardener Skill* performs periodic maintenance on the Memex knowledge graph.

286
skills/org-skill-gateway-manager.org
View File

@@ -1,32 +1,290 @@
#+TITLE: SKILL: Gateway Manager (org-skill-gateway-manager.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:gateway:manager:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-gateway-manager.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-gateway-manager.lisp
* Overview
The *Gateway Manager* handles the registration and linking of external communication platforms.
The *Gateway Manager* is a unified skill that handles all external communication platforms (Telegram, Signal, etc.). It provides a single consolidated handler for polling, injection, and actuation across any number of gateways.
* Implementation
** Gateway Logic
** Platform state — configs
Storage for active gateway connections: tokens, polling threads, and intervals.
#+begin_src lisp
(defun skill-gateway-register (platform token)
"Registers a new external gateway."
(harness-log "GATEWAY: Registered ~a with token ~a" platform (VAULT-MASK-STRING token)))
(defvar *gateway-configs* (make-hash-table :test 'equal)
"Maps platform name → plist (:token :thread :interval :enabled)")
#+end_src
(defun skill-gateway-link (platform)
"Establishes a link with an external platform."
(harness-log "GATEWAY: Linking to ~a..." platform))
** Platform state — registry
Registration of available gateway implementations: each platform registers its poll and send functions here.
#+begin_src lisp
(defvar *gateway-registry* (make-hash-table :test 'equal)
"Maps platform name → plist (:poll-fn :send-fn :default-interval)")
#+end_src
(defun gateway-manager-main (platform token)
"Main entry point for gateway configuration."
(skill-gateway-register platform token)
(skill-gateway-link platform))
** Telegram Implementation
#+begin_src lisp
(defun telegram-get-token ()
(vault-get-secret :telegram))
(defun telegram-poll ()
"Polls Telegram for new messages and injects them into the harness."
(let* ((token (telegram-get-token)))
(when token
(let* ((last-id (getf (gethash "telegram" *gateway-configs*) :last-update-id 0))
(url (format nil "https://api.telegram.org/bot~a/getUpdates?offset=~a"
token (1+ last-id))))
(handler-case
(let* ((response (dex:get url))
(json (cl-json:decode-json-from-string response))
(updates (cdr (assoc :result json))))
(dolist (update updates)
(let* ((update-id (cdr (assoc :update--id update)))
(message (cdr (assoc :message update)))
(chat (cdr (assoc :chat message)))
(chat-id (cdr (assoc :id chat)))
(text (cdr (assoc :text message))))
(setf (getf (gethash "telegram" *gateway-configs*) :last-update-id) update-id)
(when (and text chat-id)
(harness-log "TELEGRAM: Received message from ~a" chat-id)
(inject-stimulus
(list :type :EVENT
:meta (list :source :telegram :chat-id (format nil "~a" chat-id))
:payload (list :sensor :user-input :text text)))))))
(error (c) (harness-log "TELEGRAM POLL ERROR: ~a" c))))))
(defun telegram-send (action context)
"Sends a message via Telegram."
(declare (ignore context))
(let* ((payload (getf action :payload))
(meta (getf action :meta))
(chat-id (or (getf meta :chat-id) (getf payload :chat-id) (getf action :chat-id)))
(text (or (getf payload :text) (getf action :text)))
(token (telegram-get-token)))
(when (and token chat-id text)
(harness-log "TELEGRAM: Sending message to ~a..." chat-id)
(handler-case
(let ((url (format nil "https://api.telegram.org/bot~a/sendMessage" token)))
(dex:post url
:headers '(("Content-Type" . "application/json"))
:content (cl-json:encode-json-to-string
`((chat_id . ,chat-id) (text . ,text)))))
(error (c) (harness-log "TELEGRAM ERROR: ~a" c))))))
#+end_src
** Signal Implementation
#+begin_src lisp
(defun signal-get-account ()
(vault-get-secret :signal))
(defun signal-poll ()
"Polls Signal for new messages and injects them into the harness."
(let ((account (signal-get-account)))
(when account
(handler-case
(let* ((output (uiop:run-program (list "signal-cli" "-u" account "receive" "--json")
:output :string :error-output :string :ignore-error-status t))
(lines (cl-ppcre:split "\\n" output)))
(dolist (line lines)
(when (and line (> (length line) 0))
(let* ((json (ignore-errors (cl-json:decode-json-from-string line)))
(envelope (cdr (assoc :envelope json)))
(source (cdr (assoc :source envelope)))
(data-message (cdr (assoc :data-message envelope)))
(text (cdr (assoc :message data-message))))
(when (and source text)
(harness-log "SIGNAL: Received message from ~a" source)
(inject-stimulus
(list :type :EVENT
:meta (list :source :signal :chat-id source)
:payload (list :sensor :user-input :text text))))))))
(error (c) (harness-log "SIGNAL POLL ERROR: ~a" c))))))
(defun signal-send (action context)
"Sends a message via Signal."
(declare (ignore context))
(let* ((payload (getf action :payload))
(meta (getf action :meta))
(chat-id (or (getf meta :chat-id) (getf payload :chat-id) (getf action :chat-id)))
(text (or (getf payload :text) (getf action :text)))
(account (signal-get-account)))
(when (and account chat-id text)
(harness-log "SIGNAL: Sending message to ~a..." chat-id)
(handler-case
(uiop:run-program (list "signal-cli" "-u" account "send" "-m" text chat-id)
:output :string :error-output :string)
(error (c) (harness-log "SIGNAL ERROR: ~a" c))))))
#+end_src
** Gateway Registry Initialization
#+begin_src lisp
(defun initialize-gateway-registry ()
"Registers all built-in gateway handlers."
(setf (gethash "telegram" *gateway-registry*)
(list :poll-fn #'telegram-poll
:send-fn #'telegram-send
:default-interval 3))
(setf (gethash "signal" *gateway-registry*)
(list :poll-fn #'signal-poll
:send-fn #'signal-send
:default-interval 5)))
#+end_src
** Core gateway functions
*** Configuration check (gateway-configured-p)
Returns T if a platform has a stored token in ~*gateway-configs*~.
#+begin_src lisp
(defun gateway-configured-p (platform)
"Returns T if a platform has a stored token."
(let ((config (gethash platform *gateway-configs*)))
(and config (getf config :token))))
#+end_src
*** Active check (gateway-active-p)
Returns T if a platform's polling thread is alive.
#+begin_src lisp
(defun gateway-active-p (platform)
"Returns T if a platform's polling thread is alive."
(let ((config (gethash platform *gateway-configs*)))
(and config
(getf config :thread)
(bt:thread-alive-p (getf config :thread)))))
#+end_src
*** Link a gateway (gateway-link)
The main entry point for linking. Validates the registry entry, stores the token in the vault, starts the polling thread, and updates the config.
#+begin_src lisp
(defun gateway-link (platform token)
"Links a platform with a token and starts polling."
(let ((platform-lc (string-downcase platform)))
(unless (gethash platform-lc *gateway-registry*)
(error "Unknown platform: ~a. Available: ~{~a~^, ~}"
platform (loop for k being the hash-keys of *gateway-registry* collect k)))
(when (or (null token) (zerop (length token)))
(error "Token cannot be empty"))
(harness-log "GATEWAY: Linking to ~a..." platform-lc)
(gateway-unlink platform-lc)
(let* ((registry-entry (gethash platform-lc *gateway-registry*))
(interval (or (getf registry-entry :default-interval) 5)))
(setf (gethash platform-lc *gateway-configs*)
(list :token token :interval interval :enabled t))
(vault-set-secret (intern (string-upcase platform-lc) :keyword) token)
(gateway-start platform-lc)
(harness-log "GATEWAY: Successfully linked ~a" platform-lc)
(format t "Successfully linked ~a gateway. Token stored securely.~%" platform-lc)
t)))
#+end_src
*** Unlink a gateway (gateway-unlink)
Stops the polling thread and removes the config entry.
#+begin_src lisp
(defun gateway-unlink (platform)
"Unlinks a platform and stops its polling thread."
(let ((platform-lc (string-downcase platform)))
(gateway-stop platform-lc)
(remhash platform-lc *gateway-configs*)
(harness-log "GATEWAY: Unlinked ~a" platform-lc)
(format t "Successfully unlinked ~a gateway.~%" platform-lc)
t))
#+end_src
*** Start polling (gateway-start)
Creates a background thread that calls the platform's poll function on an interval. The thread checks the ~:enabled~ flag on each cycle so it can be stopped cleanly via ~gateway-stop~.
#+begin_src lisp
(defun gateway-start (platform)
"Starts the polling thread for a linked gateway."
(let ((platform-lc (string-downcase platform)))
(let ((config (gethash platform-lc *gateway-configs*)))
(when (and config (getf config :enabled) (not (gateway-active-p platform-lc)))
(let ((poll-fn (getf (gethash platform-lc *gateway-registry*) :poll-fn)))
(when poll-fn
(let ((interval (getf config :interval)))
(setf (getf config :thread)
(bt:make-thread
(lambda ()
(loop
(when (getf (gethash platform-lc *gateway-configs*) :enabled)
(funcall poll-fn))
(sleep interval)))
:name (format nil "opencortex-~a-gateway" platform-lc)))
(harness-log "GATEWAY: Started ~a polling (interval: ~as)" platform-lc interval)))))))))
#+end_src
*** Stop polling (gateway-stop)
Destroys the polling thread and nulls the thread reference.
#+begin_src lisp
(defun gateway-stop (platform)
"Stops the polling thread for a gateway."
(let ((platform-lc (string-downcase platform)))
(let ((config (gethash platform-lc *gateway-configs*)))
(when (and config (getf config :thread))
(when (bt:thread-alive-p (getf config :thread))
(harness-log "GATEWAY: Stopping ~a polling thread" platform-lc)
(bt:destroy-thread (getf config :thread))))
(setf (getf config :thread) nil))))
#+end_src
*** List gateways (gateway-list)
Returns a list of plists, one per registered platform, with :platform, :configured, and :active keys.
#+begin_src lisp
(defun gateway-list ()
"Returns a list of all gateways with their status."
(loop for platform being the hash-keys of *gateway-registry*
collect (let ((configured (gateway-configured-p platform))
(active (gateway-active-p platform)))
(list :platform platform
:configured configured
:active active))))
#+end_src
*** Print gateways (gateway-list-print)
Formats ~gateway-list~ for display in the CLI.
#+begin_src lisp
(defun gateway-list-print ()
"Prints a formatted table of gateways."
(format t "~%")
(format t " ~20@A ~12@A ~10@A~%" "PLATFORM" "CONFIGURED" "STATUS")
(dolist (gw (gateway-list))
(format t " ~20@A ~12@A ~10@A~%"
(getf gw :platform)
(if (getf gw :configured) "yes" "no")
(cond
((getf gw :active) "ACTIVE")
((getf gw :configured) "stopped")
(t "not linked"))))
(format t "~%"))
#+end_src
*** Start all configured gateways (start-all-gateways)
Called during boot to start all gateways that have tokens stored in their configs.
#+begin_src lisp
(defun start-all-gateways ()
"Called at boot to start all configured gateways."
(dolist (config (loop for platform being the hash-keys of *gateway-configs*
collect (list platform (gethash platform *gateway-configs*))))
(destructuring-bind (platform config) config
(when (and (getf config :enabled) (not (gateway-active-p platform)))
(gateway-start platform)))))
#+end_src
** Actuator Registration
Register :telegram and :signal as actuators for outbound messages.
#+begin_src lisp
(register-actuator :telegram #'telegram-send)
(register-actuator :signal #'signal-send)
#+end_src
** Skill Registration
#+begin_src lisp
(defskill :skill-gateway-manager
:priority 100
:priority 150
:trigger (lambda (ctx) (declare (ignore ctx)) nil))
#+end_src
** Initialization
Initialize registry and start configured gateways on skill load.
#+begin_src lisp
(initialize-gateway-registry)
(start-all-gateways)
#+end_src

4
skills/org-skill-homoiconic-memory.org
View File

@@ -1,10 +1,10 @@
#+TITLE: SKILL: Homoiconic Memory (org-skill-homoiconic-memory.org)
#+AUTHOR: Agent
#+FILETAGS: :harness:memory:homoiconic:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-homoiconic-memory.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-homoiconic-memory.lisp
* Overview
The *Homoiconic Memory* skill provides the capability to treat system memory as executable code and vice-versa.
Because Lisp is homoiconic (code is data), memory objects can be read as executable forms. This skill provides the bridge between the org-object store and live Lisp evaluation — it can serialize an org-object into an s-expression, evaluate it to reconstruct state, and store the result back as a new object. This is the foundation of the agent's ability to save, restore, and inspect its own cognitive state at runtime.
* Implementation

30
skills/org-skill-literate-programming.org
View File

@@ -1,10 +1,36 @@
#+TITLE: SKILL: Literate Programming (org-skill-literate-programming.org)
#+AUTHOR: Agent
#+FILETAGS: :system:literate:tangle:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-literate-programming.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-literate-programming.lisp
* Overview
The *Literate Programming* skill ensures the synchronization between `.org` sources and `.lisp` artifacts.
This skill enforces the literal programming discipline for all OpenCortex source code. It defines the rules for one-function-per-block, prose-before-code, reflecting working code back from the REPL to Org, and the tangle mandate (never edit .lisp directly). Every Org file that contains Lisp code should follow the rules defined here.
** Discipline Rules
*** One Function, One Block
Every ~#+begin_src lisp~ block contains exactly one function definition. Never bundle multiple definitions in a single block. This keeps the Org file granular, reviewable, and tanglable without side effects.
*** Prose Before Code
Every block must be preceded by an Org headline and explanatory prose that covers:
- What the function does
- Its arguments (including any &key, &optional)
- Its return value
- The rationale for its existence
The prose is not a comment — it is the authoritative specification. The code implements what the prose describes.
*** Reflect Back, Don't Write Directly
Code is explored and verified in the REPL first (per Engineering Standards lifecycle). Once working, it is *reflected back* into the Org file. This means:
- The REPL is the proving ground — iterate there
- The Org file is the record — copy working code there
- Never write code directly into an Org block without first evaluating it in the REPL
*** Code and Prose Together
Every ~#+begin_src lisp~ block flows from the prose above it. The reader (human or agent) should understand the function's contract from the prose before reading the code. If the code and prose disagree, the prose is wrong — update both.
*** Tangle Mandate
The `.lisp` file is derived, not authored. Never edit `.lisp` directly. All changes flow through Org: edit Org → tangle → `.lisp` updates. Violating this corrupts the skill loader and causes boot failure.
* Implementation

4
skills/org-skill-llm-gateway.org
View File

@@ -1,10 +1,10 @@
#+TITLE: SKILL: LLM Gateway (org-skill-llm-gateway.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:llm:gateway:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-llm-gateway.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-llm-gateway.lisp
* Overview
The *LLM Gateway* skill provides a unified interface for interacting with multiple Large Language Model providers.
The LLM Gateway dispatches inference requests to the registered probabilistic backends. It receives a prompt and system prompt, looks up the provider's registered function from ~*probabilistic-backends*~, calls it with the given model, and returns the result. This is the thin routing layer that sits between the reason pipeline and the provider-specific implementations in the unified-llm-backend skill.
* Implementation

2
skills/org-skill-peripheral-vision.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Peripheral Vision (org-skill-peripheral-vision.org)
#+AUTHOR: Agent
#+FILETAGS: :harness:peripheral:context:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-peripheral-vision.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-peripheral-vision.lisp
* Overview
The *Peripheral Vision* skill enhances the context engine with high-level summaries of distant memory nodes.

2
skills/org-skill-policy.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Policy (org-skill-policy.org)
#+AUTHOR: Agent
#+FILETAGS: :system:policy:constitutional:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-policy.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-policy.lisp
* Overview
The *Policy Skill* is the constitutional layer of OpenCortex. It enforces foundational invariants like transparency and autonomy on all proposed actions.

2
skills/org-skill-protocol-validator.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Protocol Validator (org-skill-protocol-validator.org)
#+AUTHOR: Agent
#+FILETAGS: :system:protocol:validation:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-protocol-validator.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-protocol-validator.lisp
* Overview
The *Protocol Validator* skill enforces strict schema compliance for all internal and external communication.

22
skills/org-skill-repl.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: REPL (org-skill-repl.org)
#+AUTHOR: Agent
#+FILETAGS: :system:repl:interactive:debug:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-repl.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-repl.lisp
* Overview
The *REPL Skill* provides persistent Lisp evaluation, inspection, and debugging capabilities. This enables the agent to verify behavior at runtime rather than just at the text level.
@@ -184,10 +184,28 @@ REPL Skill Commands:
* Phase E: Lifecycle
The REPL skill loads at priority 200 (after diagnostics at 100, before utils-lisp at 400).
** System Prompt Augment (repl-mandate)
#+begin_src lisp
(defun repl-mandate (context)
"Returns REPL-first engineering mandate when context involves code editing."
(let ((raw (or (proto-get (proto-get context :payload) :text) "")))
(when (or (search "org-skill-" raw :test #'char-equal)
(and (search ".org" raw :test #'char-equal)
(or (search "defun" raw :test #'char-equal)
(search "tangle" raw :test #'char-equal)
(search "write-file" raw :test #'char-equal)
(search "lisp" raw :test #'char-equal)))
(search "defun " raw :test #'char-equal)
(search "repl-eval" raw :test #'char-equal)
(search "validate" raw :test #'char-equal))
(format nil "~%REPL-FIRST MANDATE:~%Before writing any defun to an Org file, prototype it in the REPL first. Set :repl-verified t on the write action. On rejection, fix the error and retry.~%"))))
#+end_src
** Skill Registration
#+begin_src lisp
(defskill :skill-repl
:priority 200
:trigger (lambda (ctx) (declare (ignore ctx)) nil)
:deterministic (lambda (action ctx) (declare (ignore action ctx)) nil))
:deterministic (lambda (action ctx) (declare (ignore action ctx)) nil)
:system-prompt-augment #'repl-mandate)
#+end_src

2
skills/org-skill-scribe.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Scribe (org-skill-scribe.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:scribe:documentation:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-scribe.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-scribe.lisp
* Overview
The *Scribe Skill* manages the agent's internal documentation and logs.

3
skills/org-skill-self-edit.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Self Edit (org-skill-self-edit.org)
#+AUTHOR: Agent
#+FILETAGS: :system:autonomy:self-edit:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-self-edit.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-self-edit.lisp
* Overview
The *Self Edit* skill allows the OpenCortex Agent to modify its own literate source code.
@@ -12,6 +12,7 @@ The *Self Edit* skill allows the OpenCortex Agent to modify its own literate sou
#+begin_src lisp
(defun self-edit-apply (filepath old-text new-text)
"Applies a transformation to a source file."
(declare (ignore old-text new-text))
(harness-log "SELF-EDIT: Applying changes to ~a" filepath))
#+end_src

5
skills/org-skill-self-fix.org
View File

@@ -1,10 +1,10 @@
#+TITLE: SKILL: Self Fix (org-skill-self-fix.org)
#+AUTHOR: Agent
#+FILETAGS: :system:autonomy:self-fix:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-self-fix.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-self-fix.lisp
* Overview
The *Self Fix* skill enables the agent to automatically repair broken skills and harness components.
When a skill file fails to compile or a runtime error occurs, Self Fix attempts to diagnose and repair the issue. It receives error logs from the skill loader, identifies the broken file, and generates a corrected version that is hot-reloaded into the running image.
* Implementation
@@ -12,6 +12,7 @@ The *Self Fix* skill enables the agent to automatically repair broken skills and
#+begin_src lisp
(defun self-fix-broken-skill (skill-name error-log)
"Attempts to diagnose and repair a broken skill."
(declare (ignore error-log))
(harness-log "SELF-FIX: Attempting repair of ~a..." skill-name))
#+end_src

26
skills/org-skill-shell-actuator.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Shell Actuator (org-skill-shell-actuator.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:actuator:shell:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-shell-actuator.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-shell-actuator.lisp
* Overview
The *Shell Actuator* provides the agent with the capability to execute bash commands.
@@ -11,16 +11,26 @@ The *Shell Actuator* provides the agent with the capability to execute bash comm
** Shell Execution (shell-execute)
#+begin_src lisp
(defun shell-execute (action context)
"Executes a bash command and returns the output."
"Executes a bash command with timeout (via timeout(1)) and output limit."
(declare (ignore context))
(let* ((payload (getf action :payload))
(cmd (getf payload :cmd)))
(harness-log "ACT [Shell]: ~a" cmd)
(cmd (getf payload :cmd))
(timeout-sym (find-symbol "*BOUNCER-SHELL-TIMEOUT*" :opencortex))
(timeout (or (getf payload :timeout) (if timeout-sym (symbol-value timeout-sym) 30)))
(max-sym (find-symbol "*BOUNCER-SHELL-MAX-OUTPUT*" :opencortex))
(max-output (or (getf payload :max-output) (if max-sym (symbol-value max-sym) 100000)))
(wrapped-cmd (format nil "timeout ~a bash -c ~s" timeout cmd)))
(harness-log "ACT [Shell]: ~a (timeout: ~as)" cmd timeout)
(multiple-value-bind (out err code)
(uiop:run-program (list "bash" "-c" cmd) :output :string :error-output :string :ignore-error-status t)
(if (= code 0)
out
(format nil "ERROR [~a]: ~a" code err)))))
(uiop:run-program (list "bash" "-c" wrapped-cmd)
:output :string :error-output :string
:ignore-error-status t)
(cond
((= code 124) (format nil "ERROR: Command timed out after ~a seconds" timeout))
((> (length out) max-output)
(format nil "~a~%... (output truncated to ~a chars)" (subseq out 0 max-output) max-output))
((= code 0) out)
(t (format nil "ERROR [~a]: ~a" code err))))))
#+end_src
** Skill Registration

15
skills/org-skill-tool-permissions.org
View File

@@ -1,23 +1,32 @@
#+TITLE: SKILL: Tool Permissions (org-skill-tool-permissions.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:security:permissions:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-tool-permissions.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-tool-permissions.lisp
* Overview
The *Tool Permissions* skill manages the authorization levels for different cognitive tools.
* Implementation
** Permission Registry
** Permission store (tool level)
Hash table mapping tool names to their permission level.
#+begin_src lisp
(defvar *tool-permissions* (make-hash-table :test 'equal))
#+end_src
** Set permission
Sets the permission level for a specific cognitive tool.
#+begin_src lisp
(defun set-tool-permission (tool-name level)
"Sets the permission level for a tool."
(setf (gethash (string-downcase (string tool-name)) *tool-permissions*) level))
#+end_src
** Get permission
Retrieves the current permission level for a tool. Defaults to ~:ask~ if unset.
#+begin_src lisp
(defun get-tool-permission (tool-name)
"Retrieves the permission level for a tool."
"Retrieves the permission level for a tool. Defaults to :ask."
(gethash (string-downcase (string tool-name)) *tool-permissions* :ask))
#+end_src

17
skills/org-skill-unified-llm-backend.org
View File

@@ -1,7 +1,7 @@
#+TITLE: SKILL: Unified LLM Backend (org-skill-unified-llm-backend.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:llm:backend:openai-compatible:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-unified-llm-backend.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-unified-llm-backend.lisp
* Overview
The *Unified LLM Backend* provides a single OpenAI-compatible API client that works with:
@@ -13,7 +13,8 @@ No separate skills per provider — just different base URLs and API keys.
* Implementation
** Provider Registry
** Provider registry (~*unified-llm-providers*~)
The authoritative list of supported LLM providers and their configuration: base URL, env var for API key, and default model name.
#+begin_src lisp
(defparameter *unified-llm-providers*
'((:ollama . (:base-url nil :key-env nil :default-model "llama3"))
@@ -22,17 +23,25 @@ No separate skills per provider — just different base URLs and API keys.
(:anthropic . (:base-url "https://api.anthropic.com/v1" :key-env "ANTHROPIC_API_KEY" :default-model "claude-3-5-sonnet-20241022"))
(:groq . (:base-url "https://api.groq.com/openai/v1" :key-env "GROQ_API_KEY" :default-model "llama-3.1-70b-versatile"))
(:gemini . (:base-url "https://generativelanguage.googleapis.com/v1beta/openai" :key-env "GEMINI_API_KEY" :default-model "gemini-2.0-flash"))))
#+end_src
** Provider config lookup (get-provider-config)
Returns the config plist for a given provider keyword.
#+begin_src lisp
(defun get-provider-config (provider)
"Returns the configuration plist for a provider keyword."
(cdr (assoc provider *unified-llm-providers*)))
#+end_src
** Availability check (provider-available-p)
Returns T if a provider is configured — meaning it either has an API key set, or it is Ollama (always available locally).
#+begin_src lisp
(defun provider-available-p (provider)
"Checks if a provider is configured (has API key or is local Ollama)."
"Checks if a provider is configured. Ollama is always considered available."
(let* ((config (get-provider-config provider))
(key-env (getf config :key-env))
(base-url (getf config :base-url)))
(cond ((eq provider :ollama) t) ; Ollama is always tried; failure is handled at call time
(cond ((eq provider :ollama) t)
(key-env (let ((key (uiop:getenv key-env))) (and key (> (length key) 0))))
(base-url t))))
#+end_src

83
skills/org-skill-utils-lisp.org
View File

@@ -1,10 +1,10 @@
#+TITLE: SKILL: Utils Lisp (org-skill-utils-lisp.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:utils:lisp:validation:evaluation:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-utils-lisp.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-utils-lisp.lisp
* Overview
The *Utils Lisp* skill provides advanced structural validation, sandboxed evaluation, and formatting for Common Lisp code.
Structural manipulation tools for Lisp code. This skill provides the full toolkit used by the agent when self-editing: ~utils-lisp-validate~ (three-phase structural/syntactic/semantic gate), ~utils-lisp-eval~ (sandboxed evaluation in a jailed package), ~utils-lisp-structural-extract~ / ~inject~ / ~wrap~ / ~slurp~ (surgical code transformations), and ~utils-lisp-format~ (auto-indentation via Emacs batch). Every self-edit operation goes through these functions.
* Implementation
@@ -192,3 +192,82 @@ The *Utils Lisp* skill provides advanced structural validation, sandboxed evalua
:priority 400
:trigger (lambda (ctx) (declare (ignore ctx)) nil))
#+end_src
* Test Suite
Tests for the Lisp Validator structural, syntactic, and semantic gates.
#+begin_src lisp :tangle ../tests/utils-lisp-tests.lisp
(defpackage :opencortex-utils-lisp-tests
(:use :cl :fiveam :opencortex)
(:export #:utils-lisp-suite))
(in-package :opencortex-utils-lisp-tests)
(def-suite utils-lisp-suite
:description "Tests for the Lisp Validator structural, syntactic, and semantic gates")
(in-suite utils-lisp-suite)
(test structural-balanced
(is (eq t (opencortex:utils-lisp-check-structural "(+ 1 2)"))))
(test structural-unbalanced-open
(multiple-value-bind (ok reason) (opencortex:utils-lisp-check-structural "(+ 1 2")
(is (null ok))
(is (search "Reader Error" reason))))
(test structural-unbalanced-close
(multiple-value-bind (ok reason) (opencortex:utils-lisp-check-structural "+ 1 2)")
(is (null ok))
(is (search "Reader Error" reason))))
(test syntactic-valid
(is (eq t (opencortex:utils-lisp-check-syntactic "(+ 1 2)"))))
(test semantic-safe
(is (eq t (opencortex:utils-lisp-check-semantic "(+ 1 2)"))))
(test semantic-blocked-eval
(multiple-value-bind (ok reason) (opencortex:utils-lisp-check-semantic "(eval '(+ 1 2))")
(is (null ok))
(is (search "Unsafe" reason))))
(test unified-success
(let ((result (opencortex:utils-lisp-validate "(+ 1 2)" :strict t)))
(is (eq (getf result :status) :success))))
(test unified-failure
(let ((result (opencortex:utils-lisp-validate "(+ 1 2" :strict nil)))
(is (eq (getf result :status) :error))))
(test eval-basic
(let ((result (opencortex:utils-lisp-eval "(+ 1 2)")))
(is (eq (getf result :status) :success))
(is (string= (getf result :result) "3"))))
(test structural-extract
(let* ((code "(defun hello () (print \"hi\")) (defun bye () (print \"bye\"))")
(extracted (opencortex:utils-lisp-structural-extract code "hello")))
(is (not (null extracted)))
(let ((form (read-from-string extracted)))
(is (eq (car form) 'DEFUN))
(is (eq (second form) 'HELLO)))))
(test list-definitions
(let ((code "(defun foo () t) (defmacro bar () nil) (defparameter *baz* 10)"))
(let ((names (opencortex:utils-lisp-list-definitions code)))
(is (member 'FOO names))
(is (member 'BAR names))
(is (member '*BAZ* names)))))
(test structural-inject
(let* ((code "(defun my-fun (x) (print x))")
(injected (opencortex:utils-lisp-structural-inject code "my-fun" "(finish-output)")))
(let ((form (read-from-string injected)))
(is (equal (last form) '((FINISH-OUTPUT)))))))
(test structural-slurp
(let* ((code "(defun work () (step-1))")
(slurped (opencortex:utils-lisp-structural-slurp code "work" "(step-2)")))
(let ((form (read-from-string slurped)))
(is (equal (last form) '((STEP-2)))))))
#+end_src

115
skills/org-skill-utils-org.org
View File

@@ -1,18 +1,84 @@
#+TITLE: SKILL: Utils Org (org-skill-utils-org.org)
#+AUTHOR: Agent
#+FILETAGS: :skill:utils:org:
#+PROPERTY: header-args:lisp :tangle %%SKILLS_DIR%%/org-skill-utils-org.lisp
#+PROPERTY: header-args:lisp :tangle org-skill-utils-org.lisp
* Overview
The *Utils Org* skill provides advanced structural manipulation for Org-mode files and their AST representation.
Structural manipulation tools for Org-mode files. This skill handles reading, writing, and modifying Org files at the AST level: finding headlines by ID or title, setting properties and TODO states, adding new headlines, generating UUIDs, and converting ASTs back to Org text. It also implements the privacy filter — when reading an Org file, it strips headlines tagged with ~@personal~ (or any tag in ~bouncer-privacy-tags~) and rejects files with matching ~#+FILETAGS:~.
* Implementation
** Reading Files
** Reading Files (with Privacy Filter)
#+begin_src lisp
(defun utils-org-extract-filetags (content)
"Extracts the list of tags from a #+FILETAGS: line."
(let ((lines (uiop:split-string content :separator '(#\Newline))))
(dolist (line lines)
(when (uiop:string-prefix-p "#+FILETAGS:" (string-trim '(#\Space) line))
(let ((tag-str (string-trim " :" (subseq (string-trim '(#\Space) line) 10))))
(return-from utils-org-extract-filetags
(mapcar (lambda (tag) (format nil ":~a" (string-trim '(#\Space) tag)))
(uiop:split-string tag-str :separator '(#\space #\tab))))))))
nil)
(defun utils-org-tag-matches-privacy-p (tags-list)
"Returns T if any tag in TAGS-LIST matches bouncer-privacy-tags."
(let ((privacy-tags (symbol-value (find-symbol "BOUNCER-PRIVACY-TAGS" :opencortex))))
(when (and tags-list privacy-tags)
(some (lambda (tag)
(some (lambda (private-tag)
(string-equal (string-trim '(#\: #\space) tag)
(string-trim '(#\: #\space) private-tag))
privacy-tags))
tags-list)))))
(defun utils-org-strip-tagged-subtrees (content)
"Removes Org headlines whose :TAGS: property contains a privacy-filtered tag.
Returns the filtered content as a string."
(let* ((lines (uiop:split-string content :separator '(#\Newline)))
(result-lines nil)
(skip-depth nil)
(current-tags nil)
(in-properties nil))
(dolist (line lines)
(cond
(skip-depth
;; We're inside a skipped subtree
(when (and (uiop:string-prefix-p "*" (string-trim '(#\Space) line))
(<= (length (string-trim '(#\Space) line)) skip-depth))
(setf skip-depth nil)))
((uiop:string-prefix-p ":PROPERTIES:" (string-trim '(#\Space) line))
(setf in-properties t)
(push line result-lines))
((uiop:string-prefix-p ":END:" (string-trim '(#\Space) line))
(setf in-properties nil)
(when current-tags
(when (utils-org-tag-matches-privacy-p (reverse current-tags))
(setf skip-depth
(length (car (last result-lines
(1+ (position-if
(lambda (l)
(uiop:string-prefix-p "*" (string-trim '(#\Space) l)))
(reverse result-lines))))))))
(setf current-tags nil))
(push line result-lines))
((and in-properties (uiop:string-prefix-p ":TAGS:" (string-trim '(#\Space) line)))
(let ((tag-val (string-trim '(#\Space) (subseq (string-trim '(#\Space) line) 6))))
(setf current-tags (uiop:split-string tag-val :separator '(#\space #\tab))))
(push line result-lines))
(t
(push line result-lines))))
(format nil "~{~a~%~}" (nreverse result-lines))))
(defun utils-org-read-file (filepath)
"Reads an Org file into a string."
(uiop:read-file-string filepath))
"Reads an Org file into a string, applying privacy filtering."
(let* ((raw (uiop:read-file-string filepath))
(filetags (utils-org-extract-filetags raw)))
(if (utils-org-tag-matches-privacy-p filetags)
(progn
(harness-log "UTILS-ORG: Blocked read of ~a — file-level privacy tag(s) ~a" filepath filetags)
nil)
(utils-org-strip-tagged-subtrees raw))))
#+end_src
** Writing Files
@@ -136,3 +202,42 @@ The *Utils Org* skill provides advanced structural manipulation for Org-mode fil
:priority 100
:trigger (lambda (ctx) (declare (ignore ctx)) nil))
#+end_src
* Test Suite
Verification of the structural manipulation for Org-mode files and their AST representation.
#+begin_src lisp :tangle ../tests/utils-org-tests.lisp
(defpackage :opencortex-utils-org-tests
(:use :cl :fiveam :opencortex)
(:export #:utils-org-suite))
(in-package :opencortex-utils-org-tests)
(def-suite utils-org-suite
:description "Tests for Utils Org skill.")
(in-suite utils-org-suite)
(test id-generation
(let ((id1 (utils-org-generate-id))
(id2 (utils-org-generate-id)))
(is (plusp (length id1)))
(is (not (string= id1 id2)))))
(test id-format
(let ((formatted (utils-org-id-format "abc12345")))
(is (search "id:" formatted))))
(test property-setter
(let ((ast (list :type :HEADLINE
:properties (list :ID "id:test123" :TITLE "Test")
:contents nil)))
(utils-org-set-property ast "id:test123" :STATUS "ACTIVE")
(is (string= (getf (getf ast :properties) :STATUS) "ACTIVE"))))
(test todo-setter
(let ((ast (list :type :HEADLINE
:properties (list :ID "id:todo001" :TITLE "Task")
:contents nil)))
(utils-org-set-todo ast "id:todo001" "DONE")
(is (string= (getf (getf ast :properties) :TODO) "DONE"))))
#+end_src

25
tests/boot-sequence-tests.lisp
View File

@@ -1,25 +0,0 @@
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :opencortex-boot-tests
(:use :cl :fiveam :opencortex)
(:export #:boot-suite))
(in-package :opencortex-boot-tests)
(def-suite boot-suite :description "Verification of the Skill Engine loader")
(in-suite boot-suite)
(test test-topological-sort-basic
(let ((tmp-dir "/tmp/opencortex-boot-test/"))
(uiop:ensure-all-directories-exist (list tmp-dir))
(with-open-file (out (merge-pathnames "org-skill-a.org" tmp-dir) :direction :output :if-exists :supersede)
(format out "#+DEPENDS_ON: skill-b-id~%"))
(with-open-file (out (merge-pathnames "org-skill-b.org" tmp-dir) :direction :output :if-exists :supersede)
(format out ":PROPERTIES:~%:ID: skill-b-id~%:END:~%"))
(unwind-protect
(let ((sorted (opencortex::topological-sort-skills tmp-dir)))
(let ((pos-a (position "org-skill-a" sorted :key #'pathname-name :test #'string-equal))
(pos-b (position "org-skill-b" sorted :key #'pathname-name :test #'string-equal)))
(is (< pos-b pos-a))))
(uiop:delete-directory-tree (uiop:ensure-directory-pathname tmp-dir) :validate t))))

15
tests/communication-tests.lisp
View File

@@ -1,15 +0,0 @@
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :opencortex-communication-tests
(:use :cl :fiveam :opencortex)
(:export #:communication-protocol-suite))
(in-package :opencortex-communication-tests)
(def-suite communication-protocol-suite :description "Communication Protocol Suite")
(in-suite communication-protocol-suite)
(test test-framing
(let* ((msg '(:type :EVENT :payload (:action :handshake)))
(framed (frame-message msg)))
(is (string= "00002C" (string-upcase (subseq framed 0 6))))))

24
tests/doctor-tests.lisp
View File

@@ -1,24 +0,0 @@
(defpackage :opencortex-doctor-tests
(:use :cl :fiveam :opencortex)
(:export #:doctor-suite))
(in-package :opencortex-doctor-tests)
(def-suite doctor-suite :description "Verification of the System Doctor diagnostic logic")
(in-suite doctor-suite)
(test test-dependency-check-fail
"Verify that missing binaries are correctly identified as failures."
(let ((opencortex::*doctor-required-binaries* '("non-existent-binary-123")))
(is (null (opencortex:doctor-check-dependencies)))))
(test test-env-validation-fail
"Verify that an invalid MEMEX_DIR triggers a critical failure."
(let ((old-m (uiop:getenv "MEMEX_DIR"))
(old-s (uiop:getenv "SKILLS_DIR")))
(unwind-protect
(progn
(setf (uiop:getenv "MEMEX_DIR") "/non/existent/path/999")
(is (null (opencortex:doctor-check-env))))
(setf (uiop:getenv "MEMEX_DIR") (or old-m ""))
(setf (uiop:getenv "SKILLS_DIR") (or old-s "")))))

23
tests/immune-system-tests.lisp
View File

@@ -1,23 +0,0 @@
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :opencortex-immune-system-tests
(:use :cl :fiveam :opencortex)
(:export #:immune-suite))
(in-package :opencortex-immune-system-tests)
(def-suite immune-suite :description "Verification of the Immune System (Core Error Hooks)")
(in-suite immune-suite)
(test loop-error-injection
"Verify that a crash in think/decide triggers a :loop-error stimulus."
(clrhash opencortex::*skills-registry*)
(opencortex:defskill :evil-skill
:priority 100
:trigger (lambda (ctx) (eq (getf (getf ctx :payload) :sensor) :user-input))
:probabilistic (lambda (ctx) (declare (ignore ctx)) (error "CRITICAL BRAIN FAILURE"))
:deterministic nil)
(opencortex:process-signal '(:type :EVENT :payload (:sensor :user-input)))
(let ((logs (opencortex:context-get-system-logs 20)))
(is (not (null (find-if (lambda (line) (search "CRITICAL BRAIN FAILURE" line)) logs))))))

20
tests/memory-tests.lisp
View File

@@ -1,20 +0,0 @@
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :opencortex-memory-tests
(:use :cl :fiveam :opencortex)
(:export #:memory-suite))
(in-package :opencortex-memory-tests)
(def-suite memory-suite :description "Tests for the Merkle-Tree Memory")
(in-suite memory-suite)
(test merkle-hash-consistency
(let* ((ast1 '(:type :HEADLINE :properties (:ID "test-1" :TITLE "Node 1") :contents nil)))
(clrhash opencortex::*memory*)
(let ((id1 (ingest-ast ast1)))
(let ((hash1 (org-object-hash (lookup-object id1))))
(clrhash opencortex::*memory*)
(let ((id2 (ingest-ast ast1)))
(is (equal hash1 (org-object-hash (lookup-object id2)))))))))

31
tests/peripheral-vision-tests.lisp
View File

@@ -1,31 +0,0 @@
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :opencortex-peripheral-vision-tests
(:use :cl :fiveam :opencortex)
(:export #:vision-suite))
(in-package :opencortex-peripheral-vision-tests)
(def-suite vision-suite :description "Verification of Foveal-Peripheral context model.")
(in-suite vision-suite)
(test test-foveal-rendering
(clrhash opencortex::*memory*)
(let* ((ast '(:type :HEADLINE :properties (:ID "proj-root" :TITLE "Project" :TAGS ("project"))
:contents ((:type :HEADLINE :properties (:ID "node-foveal" :TITLE "Foveal Node")
:raw-content "FOVEAL CONTENT" :contents nil)
(:type :HEADLINE :properties (:ID "node-peripheral" :TITLE "Peripheral Node")
:raw-content "PERIPHERAL CONTENT" :contents nil)))))
(ingest-ast ast)
(let ((output (context-assemble-global-awareness (list :foveal-focus "node-foveal"))))
(is (search "FOVEAL CONTENT" output))
(is (search "* Peripheral Node" output))
(is (not (search "PERIPHERAL CONTENT" output))))))
(test test-awareness-budget
(clrhash opencortex::*memory*)
(ingest-ast '(:type :HEADLINE :properties (:ID "p1" :TITLE "Project 1" :TAGS ("project")) :contents nil))
(ingest-ast '(:type :HEADLINE :properties (:ID "p2" :TITLE "Project 2" :TAGS ("project")) :contents nil))
(let ((output (context-assemble-global-awareness)))
(is (search "Project 1" output))
(is (search "Project 2" output))))

18
tests/pipeline-act-tests.lisp
View File

@@ -1,18 +0,0 @@
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :opencortex-pipeline-act-tests
(:use :cl :fiveam :opencortex)
(:export #:pipeline-act-suite))
(in-package :opencortex-pipeline-act-tests)
(def-suite pipeline-act-suite :description "Test suite for Act pipeline")
(in-suite pipeline-act-suite)
(test test-act-gate-basic
(clrhash opencortex::*skills-registry*)
(let* ((signal (list :type :EVENT :status nil :depth 0 :approved-action '(:target :cli :payload (:text "Hello"))))
(result (act-gate signal)))
(is (eq :acted (getf signal :status)))
(is (null result))))

22
tests/pipeline-perceive-tests.lisp
View File

@@ -1,22 +0,0 @@
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :opencortex-pipeline-perceive-tests
(:use :cl :fiveam :opencortex)
(:export #:pipeline-perceive-suite))
(in-package :opencortex-pipeline-perceive-tests)
(def-suite pipeline-perceive-suite :description "Test suite for Perceive pipeline")
(in-suite pipeline-perceive-suite)
(test test-perceive-gate
(clrhash opencortex::*memory*)
(let* ((signal (list :type :EVENT :payload (list :sensor :buffer-update :ast (list :type :HEADLINE :properties (list :ID "test-node" :TITLE "Test") :contents nil))))
(result (perceive-gate signal)))
(is (eq :perceived (getf result :status)))
(is (not (null (gethash "test-node" opencortex::*memory*))))))
(test test-depth-limiting
(let ((runaway-signal (list :type :EVENT :depth 11 :payload (list :sensor :heartbeat))))
(is (null (process-signal runaway-signal)))))

26
tests/pipeline-reason-tests.lisp
View File

@@ -1,26 +0,0 @@
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :opencortex-pipeline-reason-tests
(:use :cl :fiveam :opencortex)
(:export #:pipeline-reason-suite))
(in-package :opencortex-pipeline-reason-tests)
(def-suite pipeline-reason-suite :description "Test suite for Reason pipeline")
(in-suite pipeline-reason-suite)
(test test-decide-gate-safety
(clrhash opencortex::*skills-registry*)
(opencortex::defskill :mock-safety
:priority 50
:trigger (lambda (ctx) (declare (ignore ctx)) t)
:deterministic (lambda (action ctx)
(declare (ignore ctx))
(if (search "rm -rf" (format nil "~s" action))
(list :type :LOG :payload (list :text "Rejected"))
action)))
(let* ((candidate '(:type :REQUEST :payload (:action :shell :cmd "rm -rf /")))
(signal '(:type :EVENT :payload (:sensor :user-input)))
(result (deterministic-verify candidate signal)))
(is (eq :LOG (getf result :type)))))

22
tests/tui-tests.lisp
View File

@@ -1,22 +0,0 @@
(defpackage :opencortex-tui-tests
(:use :cl :opencortex)
(:export #:tui-suite))
(in-package :opencortex-tui-tests)
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(fiveam:def-suite tui-suite :description "Verification of the TUI parsing and styling logic")
(fiveam:in-suite tui-suite)
(fiveam:test test-tui-connection-drop
"Tier 2 Chaos: Verify that handle-return degrades gracefully when the daemon connection is lost."
(let ((opencortex.tui::*incoming-msgs* nil)
(opencortex.tui::*input-buffer* (make-array 5 :element-type 'char :initial-contents "hello" :fill-pointer 5 :adjustable t))
;; Create a closed stream to simulate connection drop
(mock-stream (make-string-output-stream)))
(close mock-stream)
(opencortex.tui::handle-return mock-stream)
;; Check if the error was enqueued to history instead of crashing
(fiveam:is (member "ERROR: Connection to daemon lost." opencortex.tui::*incoming-msgs* :test #'string=))))

125
tests/utils-lisp-tests.org
View File

@@ -1,125 +0,0 @@
#+TITLE: Tests: Utils Lisp
#+AUTHOR: Agent
#+PROPERTY: header-args:lisp :tangle utils-lisp-tests.lisp
* Overview
Verification of the structural, syntactic, and semantic gates of the Lisp Validator.
* Implementation
** Package Context
#+begin_src lisp
(defpackage :opencortex-utils-lisp-tests
(:use :cl :fiveam :opencortex)
(:export #:utils-lisp-suite))
(in-package :opencortex-utils-lisp-tests)
(def-suite utils-lisp-suite
:description "Tests for the Lisp Validator structural, syntactic, and semantic gates")
(in-suite utils-lisp-suite)
#+end_src
** Structural Balanced
#+begin_src lisp
(test structural-balanced
(is (eq t (opencortex:utils-lisp-check-structural "(+ 1 2)"))))
#+end_src
** Structural Unbalanced (Open)
#+begin_src lisp
(test structural-unbalanced-open
(multiple-value-bind (ok reason) (opencortex:utils-lisp-check-structural "(+ 1 2")
(is (null ok))
(is (search "Reader Error" reason))))
#+end_src
** Structural Unbalanced (Close)
#+begin_src lisp
(test structural-unbalanced-close
(multiple-value-bind (ok reason) (opencortex:utils-lisp-check-structural "+ 1 2)")
(is (null ok))
(is (search "Reader Error" reason))))
#+end_src
** Syntactic Valid
#+begin_src lisp
(test syntactic-valid
(is (eq t (opencortex:utils-lisp-check-syntactic "(+ 1 2)"))))
#+end_src
** Semantic Safe
#+begin_src lisp
(test semantic-safe
(is (eq t (opencortex:utils-lisp-check-semantic "(+ 1 2)"))))
#+end_src
** Semantic Blocked (Eval)
#+begin_src lisp
(test semantic-blocked-eval
(multiple-value-bind (ok reason) (opencortex:utils-lisp-check-semantic "(eval '(+ 1 2))")
(is (null ok))
(is (search "Unsafe" reason))))
#+end_src
** Unified Success
#+begin_src lisp
(test unified-success
(let ((result (opencortex:utils-lisp-validate "(+ 1 2)" :strict t)))
(is (eq (getf result :status) :success))))
#+end_src
** Unified Failure
#+begin_src lisp
(test unified-failure
(let ((result (opencortex:utils-lisp-validate "(+ 1 2" :strict nil)))
(is (eq (getf result :status) :error))))
#+end_src
** Evaluation (Basic)
#+begin_src lisp
(test eval-basic
(let ((result (opencortex:utils-lisp-eval "(+ 1 2)")))
(is (eq (getf result :status) :success))
(is (string= (getf result :result) "3"))))
#+end_src
** Structural Extraction
#+begin_src lisp
(test structural-extract
(let* ((code "(defun hello () (print \"hi\")) (defun bye () (print \"bye\"))")
(extracted (opencortex:utils-lisp-structural-extract code "hello")))
(is (not (null extracted)))
(let ((form (read-from-string extracted)))
(is (eq (car form) 'DEFUN))
(is (eq (second form) 'HELLO)))))
#+end_src
** List Definitions
#+begin_src lisp
(test list-definitions
(let ((code "(defun foo () t) (defmacro bar () nil) (defparameter *baz* 10)"))
(let ((names (opencortex:utils-lisp-list-definitions code)))
(is (member 'FOO names))
(is (member 'BAR names))
(is (member '*BAZ* names)))))
#+end_src
** Structural Injection
#+begin_src lisp
(test structural-inject
(let* ((code "(defun my-fun (x) (print x))")
(injected (opencortex:utils-lisp-structural-inject code "my-fun" "(finish-output)")))
(let ((form (read-from-string injected)))
(is (equal (last form) '((FINISH-OUTPUT)))))))
#+end_src
** Structural Slurp
#+begin_src lisp
(test structural-slurp
(let* ((code "(defun work () (step-1))")
(slurped (opencortex:utils-lisp-structural-slurp code "work" "(step-2)")))
(let ((form (read-from-string slurped)))
(is (equal (last form) '((STEP-2)))))))
#+end_src

58
tests/utils-org-tests.org
View File

@@ -1,58 +0,0 @@
#+TITLE: Tests: Utils Org
#+AUTHOR: Agent
#+PROPERTY: header-args:lisp :tangle utils-org-tests.lisp
* Overview
Verification of the structural manipulation for Org-mode files and their AST representation.
* Implementation
** Package Context
#+begin_src lisp
(defpackage :opencortex-utils-org-tests
(:use :cl :fiveam :opencortex)
(:export #:utils-org-suite))
(in-package :opencortex-utils-org-tests)
(def-suite utils-org-suite
:description "Tests for Utils Org skill.")
(in-suite utils-org-suite)
#+end_src
** ID Generation
#+begin_src lisp
(test id-generation
(let ((id1 (utils-org-generate-id))
(id2 (utils-org-generate-id)))
(is (plusp (length id1)))
(is (not (string= id1 id2))))) ;; Likely unique
#+end_src
** ID Format
#+begin_src lisp
(test id-format
(let ((formatted (utils-org-id-format "abc12345")))
(is (search "id:" formatted))))
#+end_src
** Property Setter
#+begin_src lisp
(test property-setter
(let ((ast (list :type :HEADLINE
:properties (list :ID "id:test123" :TITLE "Test")
:contents nil)))
(utils-org-set-property ast "id:test123" :STATUS "ACTIVE")
(is (string= (getf (getf ast :properties) :STATUS) "ACTIVE"))))
#+end_src
** TODO Setter
#+begin_src lisp
(test todo-setter
(let ((ast (list :type :HEADLINE
:properties (list :ID "id:todo001" :TITLE "Task")
:contents nil)))
(utils-org-set-todo ast "id:todo001" "DONE")
(is (string= (getf (getf ast :properties) :TODO) "DONE"))))
#+end_src