LISAOS // DOCS
GOVERNANCE // LISAOS MAP

LisaOS Map

Authority

This is the authoritative bird's-eye reference for the entire LISA operating system — governance documents, frameworks, sub-agents, skills, integrations, automation, and their interdependencies. The Dependency Propagation Protocol in CLAUDE.md references this document as the canonical dependency map. Custodian: Smoke (Vault & Knowledge Infrastructure).

Last Updated: 2026-07-04 (Dispatch 2290 — LisaOS Full-System Audit Campaign, Phase 4 propagation, companion to the regenerated CS.AK.LISA.TechSpec.LisaOSArchitecture. §6 Skills: reconciled against the authoritative registry (tally 95→96 as of 2026-07-04); restored 19 genuine skills that had drifted out of the map (checkpoint, system-init, mac-disk-cleanup, gws-profile, hermes-dispatch, agent-tune, uat-bidirectional-probe, drafting-comms-guides, invoice, brandkit, chatgpt-image-designer, nano-banana-designer, seedance-designer, pixellab-ref-prep, impeccable, site-map-generator, design-system-ingest, feature-scope, code-optimise); re-annotated simplify as a Claude Code built-in (not a custom skill — not restored). §8 Automation: reconciled against installed launchd plists — added 7 undocumented jobs (identified by function in §8), retired a client-recon job (uninstalled, retainer wound down) and lisa-memorygateway (stale — gateway is VPS-only systemd the gateway systemd unit). Data Registries appendix skill tally 95→96. Change Impact Matrix §9b: governed by existing "Any skill created" (HIGH) + automation rows — no new matrix row required. Source: plan lisaos-full-system-audit. Prior: Dispatch 1881 — door-naming doctrine propagation: added §1 Door Naming Registry (Torii/Genkan/doors; "Hermes" = Nous-only; infra identifiers retain legacy hermes naming pending substrate bundle). Annotated OUR-shell "Hermes" references in this map (Cross-Channel Dedup appendix + Gateway Infrastructure rationale) to Genkan. Scoped annotation pass, NOT blanket find-replace — frozen audit-finding records (Wave tables, deferred items) and all infra paths/script names/cron identifiers left verbatim. Companion edits: CLAUDE.md (Shell Role + Model Tier + On-Demand Context + Cross-surface awareness), HermesDelegationProfiles.md (intro naming note; filename = rename candidate). Source: ideas/IDEA.Spark.LisaOSUltimateForm.md. Prior: Dispatch 1833 — loop-forge (per-goal Loop Contract composer + bounded grader-gated self-correcting loop launcher; 5 archetypes; tri-state exit; design-match harness; Pulse/Cortex/Kernel governance + evidence-gate/kill-switch) registered in §6 Skill Lifecycle per [PROPAGATION_REQUIRED]; created via skillcraft Mode A (3-test Gate PASS), executables under Fuda AK-425. §6 tally + Data Registries appendix corrected to 95. Change Impact Matrix §9b checked: the existing "Any skill created" row (HIGH) governs this propagation — no new matrix row required. NOTE: full lisaos-reconcile sweep remains a separate available task — this pass was the loop-forge registration + count lines only, not a whole-map reconcile. Prior: D1791 cartoonify registration, tally 94)


1. Boot Sequence

LISA's operating context loads from a single root document and a session activation skill:

ComponentPathPurpose
PERSONALITY.mdPERSONALITY.md (vault root)Single source of truth — personality, analytical approach, communication standards, operational protocols (dispatch, cache, memory, governance). Included by CLAUDE.md via @PERSONALITY.md and compiled into SOUL.md via compile-soul.sh
CLAUDE.mdCLAUDE.md (vault root)CC shell boot — @PERSONALITY.md include, CC-specific extensions (MCP tool bindings, sidecar paths, worked examples, On-Demand Context full vault paths)
konnichiwagwan~/.claude/skills/konnichiwagwan/SKILL.mdSession activation — Tier 1 load, MCP pre-flight, project context, full memory load
sayonara~/.claude/skills/sayonara/SKILL.mdSession close — semantic/episodic summarisation, memory commit, gateway sync
Compaction Survival hooks~/.claude/scripts/compaction-survival/Mid-session state preservation — PreCompact writes thread_checkpoint, SessionStart(compact) injects narrated recap

Door Naming Registry (ratified 2026-06-11)

LisaOS interfaces onto the single OS core are called doors (plain English, generic term). The named doors:

DoorNameMeaningStatus
Flagship desktop appTorii (鳥居)The future Cipher Shinobi-branded bespoke desktop application (Ultimate Form Path B build)Future build
VPS harnessGenkan (玄関)The VPS harness formerly called "Hermes" — TUI shell, Telegram channel, GPT-5.5 front-door logicActive
CC interface shell(unnamed — "the CC shell")VS Code / Claude Code execution surfaceActive

Disambiguation rules:

  • "Hermes" refers EXCLUSIVELY to Nous Research's products (Hermes Agent app, Hermes model family) in all LisaOS docs. It no longer names our harness.
  • Infra identifiers retain a legacy service-account naming pending the substrate-migration bundle: the VPS service user, its home and dot-directories, the gateway systemd unit and its crontab, and the associated maintenance scripts all still carry the pre-rename identifier. Correct documentary form when referencing infra: "Genkan (infra: legacy service-account identifiers)".
  • Rename candidate deferred to the substrate bundle: CS.AK.LISA.Data.HermesDelegationProfilesGenkanDelegationProfiles (filename not renamed this pass).

Source: ideas/IDEA.Spark.LisaOSUltimateForm.md decision callouts (operator-ratified 2026-06-11).


2. Governance Documents

Documents defining binding operational rules. Located in cipher_shinobi/akatsuki/lisa/.

DocumentFCF NamePurposeBinds To
Operational ProtocolsCS.AK.LISA.Docu.OperationalProtocolsCensorship, knowledge limits, distress, conflicting instructions; web verification tool hierarchyOn-Demand Context retrieval (edge-case triggers)
Vault GovernanceCS.AK.LISA.Docu.VaultGovernance7 binding rules for file creation, placement, reportingsmoke agent, file-classifier skill, CLAUDE.md Quick-Ref
Memory ArchitectureCS.AK.LISA.Docu.MemoryArchitectureMemory taxonomy, classification protocol, context window, gateway toolskonnichiwagwan skill (session start), On-Demand Context retrieval (mid-session)
Code Discipline ProtocolCS.AK.LISA.Docu.CodeDisciplineProtocolFive Pillars, Four-Gate review for all codegenji, raiden agents
Raw Twin DisciplineCS.AK.LISA.Docu.RawTwinDisciplineMCP ListTools cache staleness protocol, *_raw twin pattern, runtime drift detection (/api/tools/list + konnichiwagwan Phase F)genji agent, CLAUDE.md Canonical write path + On-Demand Context, konnichiwagwan skill, memory_gateway MCP layer
Security OperationsCS.AK.LISA.Docu.SecurityOperationsFive security principles, Security Gate Protocol (5 gates)gray-fox agent
Planning DisciplineCS.AK.LISA.Docu.PlanningDisciplineFive Pillars of planning, four-gate Planning Reviewyoshimitsu agent
Skill Approval GateCS.AK.LISA.Docu.SkillApprovalGateThree-test pipeline (overlap, necessity, utility) + bidirectional sync lifecycle (sync-skills-to-vps.sh, hermes-skill-pull.sh, konnichiwagwan Phase G)Skill creation workflows, skillcraft skill, bidirectional sync pipeline
Skill Draft GuideCS.AK.LISA.Docu.SkillDraftGuideField-level SKILL.md authoring instructions (includes worked exemplar appendix)Skill creation workflows, skillcraft skill
Sage Mode GuideCS.AK.LISA.Docu.SageModeGuideSage Mode operational reference (Kernel/Cortex/Cerebellum)sage skill
Curriculum ArchitectureCS.AK.LISA.Docu.CurriculumArchitecture532-hour, 16-module training programme (amendments folded in)Curriculum delivery
Video Knowledge Extraction GuideCS.AK.LISA.Docu.VideoKnowledgeExtractionGuideVideo transcript processing methodologyvideo-knowledge-extractor skill
CommsStyleGuide Draft GuidePER.EX.GEN_SCRIBE-CRE.Docu.CommsStyleGuideDraftGuideGuide for creating Communication Style Guidescomms-clone skill
CommsStyleGuide ExemplarPER.EX.GEN_SCRIBE-CRE.Docu.CommsStyleGuideExemplarWorked example for CommsStyleGuidecomms-clone skill
This LisaOS MapCS.AK.LISA.Docu.LisaOSMapBird's-eye OS reference + Change Impact MatrixCLAUDE.md Dependency Propagation Protocol, smoke agent
Image Engine Designer HandoffCS.AK.LISA.Docu.ImageEngineDesignerHandoffRecords the PromptObject (v1.0.0 contract) binding the 6 designer skills → image-forge executor; Phase 4 auto-emit deferralimage-forge skill, 6 designer skills, Zer0PromptObjectContract Data note
Clean Code Pipeline TechSpecCS.AK.LISA.TechSpec.CleanCodePipelineThree-gate clean-code CI/CD architecture (Semgrep MCP write-time + Qodo/CodeRabbit pre-push + GitHub Actions + CODEOWNERS); 5-repo topology; 4 ADRs (Lisa-OS scope, serial migration, the OS core repo sole CODEOWNER, Q4 layered enforcement); cold-migration methodologygenji + raiden agents (operational instantiation of CodeDisciplineProtocol), CLAUDE.md On-Demand Context, RawTwinDiscipline (Semgrep custom rule enforcement)

Archived (in archive/)

DocumentFCF NameReason
Vault IntegrationCS.AK.LISA.Docu.ClaudeCodeVaultIntegrationSetup guide; ~85% duplicated VaultGovernance. Environment already configured.
YouTube Transcriber HandoffCS.AK.LISA.Docu.YouTubeTranscriberHandoffDev handoff doc; skill is production.
Sage Mode UpgradeCS.AK.LISA.Docu.SageModeUpgradeOrphaned proposal; upgrades implemented as separate skills.
Agentic Orchestration ArchitectureCS.AK.LISA.Matter.AgenticOrchestrationArchitectureImplemented: persona dissolution, universal skill access, approval gate, domain index. Psychic Cache tracked in deferred TechSpec.
Skill ExemplarCS.AK.LISA.Docu.SkillExemplarMerged into SkillDraftGuide as appendix (2026-04-05).

3. Architecture Documents

Design specifications and architectural rationale. Located in cipher_shinobi/akatsuki/lisa/.

No active architecture documents. All implemented designs archived; unbuilt designs deferred.

Deferred (in deferred/)

DocumentFCF NameStatusKey Dependencies
Psychic CacheCS.AK.LISA.TechSpec.PsychicCacheDeferredAgenticOrchestrationArchitecture, MemoryArchitecture
Dispatch DashboardCS.AK.LISA.TechSpec.DispatchDashboardDeferredAgenticOrchestrationArchitecture, PsychicCache, AgentDomainMemory
Agent Domain MemoryCS.AK.LISA.TechSpec.AgentDomainMemoryDeferredAgenticOrchestrationArchitecture, PsychicCache, MemoryArchitecture
Persistent Memory InfraCS.AK.LISA.TechSpec.PersistentMemoryInfraDeferredOperationalProtocols, ClaudeCodeMemoryAndExtensibility Intel
Claude Code Memory IntelCS.AK.LISA.Intel.ClaudeCodeMemoryAndExtensibilityDeferredReferenced by PersistentMemoryInfra
YouTube Transcriber GPU ArchitectureCS.AK.LISA.Intel.YouTubeTranscriberGPUArchitectureDeferredReference material for future youtube-transcriber optimisation

4. Frameworks

Reusable classification systems and taxonomies.

FrameworkFCF NamePathScopeReferenced By
File Classification FrameworkPER.EX.SAG_SYSX.Docu.FileClassFrameworkpersonal/expertise/sagyojutsu/Naming, types, segment grammar, 22 TypeSpecsVaultGovernance (Rule 1), CLAUDE.md FCF Quick-Ref, smoke agent, file-classifier skill, MemoryArchitecture
Artefact Map ProtocolPER.EX.SAG_SYSX.Docu.ArtefactMapProtocolpersonal/expertise/sagyojutsu/Non-markdown artefact governance, placement matrixVaultGovernance (Rule 3-4), artefact creation workflows
Prompt Classification FrameworkPER.EX.NINJ_PROMPT.Docu.PromptClassFrameworkpersonal/expertise/ninjutsu/Prompt type taxonomy: Henge/Shoki/Ninki/YomuCLAUDE.md On-Demand Context, prompt routing
Activity Classification MatrixPER.EX.SAG_SYSX.Data.ActivityClassMatrix.Tobipersonal/expertise/sagyojutsu/Personal activity taxonomy (SA/EX/LV subjects)MemoryArchitecture (namespace resolution), FCF
Mission MatrixCS.AK.CSDAO.Data.MissionMatrixcipher_shinobi/akatsuki/csdao/CS mission namespace registryMemoryArchitecture (namespace resolution), mission-init skill

5. Sub-Agents

8 CyberShinobi operatives in .claude/agents/. All run on Opus. All have universal skill access via the Tools Domain Index.

AgentDomainBinding Governance DocKey Skills (Priority)MCP Servers
genjiSoftware EngineeringCodeDisciplineProtocolsimplify, linear, frontend-designlisa-memory, ref-context
raidenVerification & QACodeDisciplineProtocolskill-grader, skill-comparator, skill-analyzerlisa-memory, ref-context
zer0Language & Creative(none — domain-specific)text-improver, comms-clone, style-rewriter, deck-presenterlisa-memory, ref-context
smokeVault & KnowledgeFileClassFramework + VaultGovernance + LisaOSMapfile-classifier, coherence-improver, skillcraft, skills-registry-updatelisa-memory
gray-foxSecurity & IntelligenceSecurityOperationsconflict-monitor, seed-ingest, prayer-guidelisa-memory
yoshimitsuStrategic Planning & FinancePlanningDisciplinesprint-plan, mission-brief, seed-create, idea-spark, idea-criticlisa-memory, ref-context
cyraxLegal & Compliance(none — jurisdiction-dependent)seed-ingest, doc-designerlisa-memory
sektorData & Analytics(none — data-driven)seed-ingest, video-knowledge-extractorlisa-memory

Agent prompt format: Each agent has unique sections (Personality, Domain Expertise, Activation Profile) plus a shared 12-line Operating Standards block (universal tool access, confidence signalling, memory namespace, Shadow Clone, escalation). The Operating Standards block replaced the previous 70-line boilerplate (separate Tooling Index, Confidence, Memory, Shadow Clone, Escalation sections) in the 2026-04-05 consolidation refactor.

Dispatch modes: Single-agent | Parallel independent | Team assembly (max 4) | Shadow Clone Jutsu (LISA-initiated, max 3 clones + original)

Signalling: [CONFIDENCE: high|medium|low] + [DOMAIN_AFFINITY: true|false] | [ESCALATION] | [SHADOW_CLONE] | [PROPAGATION_REQUIRED]


6. Skills

Custom skills in ~/.claude/skills/ (registry tally 96 as of 2026-07-04 — authoritative source PER.EX.NINJ_DEV-AI.Data.ClaudeCodeSkills.md). The tables below were reconciled against that registry by dispatch D2290 (LisaOS audit campaign, Phase 4): 19 genuine skills that had drifted out of this map were restoredcheckpoint, system-init, mac-disk-cleanup, gws-profile, hermes-dispatch, agent-tune, uat-bidirectional-probe, drafting-comms-guides, invoice, brandkit, chatgpt-image-designer, nano-banana-designer, seedance-designer, pixellab-ref-prep, impeccable, site-map-generator, design-system-ingest, feature-scope, code-optimise — and simplify was re-annotated as a Claude Code built-in (not a custom skill). Plugin-provided design/frontend skills (ckm:*, design-taste-frontend, gpt-taste, high-end-visual-design, minimalist-ui, industrial-brutalist-ui, imagegen-frontend-*, image-to-code, redesign-existing-projects, stitch-design-taste, ui-ux-pro-max, full-output-enforcement) are catalogued under §7 Plugins, not here. Domain mapping: PER.EX.NINJ_DEV-AI.Data.ToolsDomainIndex.md.

Session & System

SkillPurposeReferences Governance
konnichiwagwanSession activation (4 phases)MemoryArchitecture
sayonaraSession close + memory commitMemoryArchitecture
launchLaunch locally-hosted apps(App Registry in SKILL.md)
permission-mergeSweep settings.local.json for new permissions(paired with settings-merge launchd job)
dreamNightly memory consolidationMemoryArchitecture
system-updateProcess daily note through The System
system-initInitialise The System state / scaffolding
lisaos-reconcileWeekly 7-check vault reconciliation(paired with lisaos-reconcile launchd job)
checkpointFile a structured mid-session campaign checkpoint for next-session continuity(paired with sayonara)
mac-disk-cleanupInventory + safely reclaim Mac disk space by category
gws-profileRoute gws CLI to a non-default Google Workspace account (per-call profile)
hermes-dispatchDelegate a task to the Genkan (VPS) door via delegation profiles(HermesDelegationProfiles)

Governance & Pipeline

SkillPurposeAgent Affinity
fudaGate 0 change scoping — creates Fuda contract before code is writtenyoshimitsu (drafts), raiden + gray-fox (review)
agent-tuneProcess ASI agent-definition proposals through the 4-gate approval + apply across all 5 agent surfacessmoke (drafts/applies), raiden (verify)
uat-bidirectional-probeUAT probe verifying VPS→Mac skill sync via rclone copyraiden

Planning & Operations

SkillPurposeAgent Affinity
sageSage Mode — heightened operational intelligenceLISA (direct)
sprint-planSprint planning from Linear backlogyoshimitsu
sprint-adjustUrgent mid-sprint task insertionyoshimitsu
mission-initInitiate new AK/YB missionyoshimitsu
mission-briefDraft Mission Briefyoshimitsu
techspec-drafterTransform Brief → TechSpecyoshimitsu
seed-createCreate Mission Seedyoshimitsu
seed-updateUpdate Seed living stateyoshimitsu
seed-ingestIngest bulk context into Seedyoshimitsu
invoiceIssue-engine invoice lifecycle (draft/issue, PDF, hosted page, Resend notify) — Missions OS P1genji

Writing & Language

SkillPurposeAgent Affinity
text-improverStructured text quality improvementzer0
comms-cloneTobi's authentic voice replicationzer0
style-rewriterArchetype style transformationzer0
style-identifierDiagnose writing stylezer0
prompt-improverAI prompt improvementzer0
drafting-comms-guidesDraft a CUSTOM Communication Style Guide with Beyond-the-Four-Dimensions modifier traitszer0

Creative & Visual

SkillPurposeAgent Affinity
nano-bananaImage generation (Gemini) — required for all image requestszer0 / LISA
image-forgeExecute a Zer0 PromptObject — model-agnostic render (gpt-image-2 / nano-banana-pro) + vault filing + provenance. Executor/filing layer, NOT the image-generation activation classzer0 / LISA
cartoonifyApply a researched illustration style to character reference(s) — selects a style from the Illustration Style Library, composes a PromptObject, hands it to image-forge. Apply-style-to-character layer, NOT general image-gen and NOT the executorzer0
photo-designerPortrait/full-body photo designzer0
body-designerCharacter body designzer0
face-designerCharacter face designzer0
face-extractorFace analysis from existing imagezer0
photo-aesthetic-extractorExtract aesthetic parameterszer0
photo-style-extractorExtract style parameters from ref imagezer0
jewellery-photo-designerJewellery e-commerce/editorial photo designzer0
product-photographyCommercial product photographyzer0
video-designerVideo generation prompt compositionzer0
deck-presenterHTML slide deck creationzer0
layout-libraryPersistent layout library maintenancezer0
shinobi-pixel-art-converter8-bit pixel art conversionzer0
pixellab-ref-prepGenerate 8 directional reference angles + character description for PixelLab animationzer0
extract-brand-identityBrand visual identity extractionzer0
brandkitPremium brand-kit image generation — guidelines boards, logo systems, identity deckszer0
chatgpt-image-designerAdvisory prompt designer for ChatGPT / OpenAI image generation (P.I.C.T.U.R.E.)zer0
nano-banana-designerAdvisory prompt designer for /nano-banana execution (P.I.C.T.U.R.E.)zer0
seedance-designerAdvisory prompt composer for Seedance 2.0 video generation (S.C.R.I.P.T.)zer0
impeccableDesign/redesign/critique/harden frontend interfaces via impeccable design lawszer0
site-map-generatorGenerate site maps + redirect maps + per-page content plans from briefs/URLszer0

Vault & Knowledge

SkillPurposeAgent Affinity
file-classifierFCF classificationsmoke
coherence-improverSingle-note structural coherencesmoke
inter-note-coherence-improverCross-note coherencesmoke
save-promptSave prompt as vault notesmoke
doc-designerProduce branded PDFs via design system templates + Puppeteersmoke
design-system-ingestIngest a Claude Design handoff zip into the design-systems registry (tokens/fonts/assets)smoke / zer0
pdf-export(DEPRECATED → doc-designer)smoke
skillcraftCreate/convert/optimise/audit skillssmoke
skills-auditAudit all skills for qualitysmoke
skills-registry-updateRegenerate skills registrysmoke

Data & Analytics

SkillPurposeAgent Affinity
seed-ingest meetingMeeting transcript → structured notesektor
seed-ingest whatsappWhatsApp → Mission Seedsektor
video-knowledge-extractorVideo transcript → knowledge extractionsektor
youtube-transcriberYouTube → timestamped transcriptsektor

Intelligence & Monitoring

SkillPurposeAgent Affinity
conflict-monitorIran-UAE conflict + evacuation flight trackinggray-fox
seed-ingestMulti-channel intelligence sweepgray-fox

Ideation & Critique

SkillPurposeAgent Affinity
idea-sparkOrganise raw thoughts into structured ideasyoshimitsu
idea-criticChallenge and find weak points in ideasyoshimitsu
prayer-guideGuided prayer structuregray-fox

Skill Lifecycle

SkillPurposeAgent Affinity
loop-forgeCompose per-goal Loop Contracts + launch bounded, grader-gated self-correcting loops (5 archetypes Build/Optimise/Cure/Watch/Campaign; tri-state CLEAN/CAPPED/BLOCKED exit; design-match harness; Pulse/Cortex/Kernel governance; kill-switch + evidence-gate hook)smoke / LISA
skill-graderGrade skill execution outputsraiden
skill-comparatorBlind comparison of two skill outputsraiden
skill-analyzerAnalyse why one skill version outperformsraiden

Code & Engineering

SkillPurposeAgent Affinity
simplifyReview changed code for reuse/quality — Claude Code built-in (native), not a custom skill; retained here for discoverability onlygenji
linearUnified Linear integrationgenji
feature-scopeScope a ClientA feature request across three repos — dual layman + technical outputgenji
code-optimiseWhole-codebase audit (security + performance + optimality) — audit-only default, fixes → Fudagenji / gray-fox / raiden

Deprecated

SkillReplaced By
cmd-to-skillskillcraft Mode B (Convert)
skill-optimiserskillcraft Mode C (Optimise)

7. External Integrations

MCP Servers

ServerTransportTool CountUsed By
linear-serverHTTP32linear skill, seed-ingest, sprint-plan, mission-brief, seed-update
krispHTTP6seed-ingest, conflict-monitor
whatsappLocal (Go + SQLite)12seed-ingest, commsclone-scan launchd
lisa-memoryStdio (Express + SQLite)3All sessions, all agents, konnichiwagwan, sayonara, dream
imessageLocal (Bun)2[DEPRECATED] Launchd jobs (iMessage dispatch), comms-clone
ref-contextStdio2genji, raiden, zer0, yoshimitsu agents (documentation lookup)
sequential-thinkingStdio1Complex reasoning chains
figmaHTTP17extract-brand-identity, photo-designer, design system work
githubHTTPVariablesuperpowers plugin, PR workflows

CLI Tools

ToolPathPurposeUsed By
firecrawl(install location withheld)Web scraping/search (primary web tool)conflict-monitor, seed-ingest, all agents for web research
gws(install location withheld)Google Workspace (Gmail, Calendar)seed-ingest, commsclone-scan, client ingestion, conflict-monitor
yt-dlp(install location withheld)YouTube subtitle extractionyoutube-transcriber
encrypted backup engine(install location withheld)Encrypted, deduplicating backupthe local backup job
claude(install location withheld)Headless Claude Code sessionsAll scheduled jobs that spawn a headless session

Plugins (11 enabled)

PluginPurpose
frontend-designProduction-grade frontend implementation
linearLinear project management integration
imessage[DEPRECATED] iMessage read/send
superpowersCode review, TDD, plan execution workflows
githubGitHub repository access
skill-creatorSkill scaffolding
firecrawlWeb scraping integration
playgroundInteractive HTML playgrounds
figmaFigma design read/write
security-guidancePre-tool dangerous pattern warnings
semgrepSAST/SCA/secrets scanning

8. Automation

Mac launchd background jobs + VPS cron entries. Registry: CS.AK.LISA.Data.SchedulerRegistry.md (renamed 2026-05-06 from LaunchdRegistry.md per Tobi-san G3.5 categorical correction — VPS-native scheduler is cron, not launchd). Job identifiers, plist names, script locations, exact schedule times, and log paths are deployment coordinates and are withheld — each job below is named by function; the vault registry holds the operational identifiers. VPS cron: the service-account crontab on the VPS (tailnet-internal). Logs: bounded-retention log locations on each substrate (paths withheld).

Reconciled 2026-07-04 (dispatch D2290) against the installed local scheduler entries. The seven rows marked (D2290-reconciled) were installed but undocumented here prior to this pass.

Job (by function)CadencePaired SkillScript
Settings-permission mergeDaily/permission-merge(withheld)
Communication scanDaily(feeds comms-clone)(withheld)
Nightly memory consolidationDaily/dream(withheld)
Standing situational monitorDaily/conflict-monitor(withheld)
Local encrypted backupHourly(infrastructure)(withheld)
Reconciliation sweepWeekly/lisaos-reconcile(withheld)
Feedback / eval pipeline (D2290-reconciled)Daily(FIP analytics — feeds Dream/analytics)(withheld)
Vault index refresh (D2290-reconciled)Sub-hourly(infrastructure — vault index refresh)(withheld — POSTs the gateway's vault-index scan endpoint, tailnet-internal)
Message-bridge keep-alive (D2290-reconciled)Always-on(infrastructure — messaging MCP bridge)(withheld)
Skill sync, both doors (D2290-reconciled)Periodic(bidirectional skill sync CC→VPS)(withheld)
Client domain data sync (D2290-reconciled)Daily(ClientA domain revenue sync)(withheld)
Plugin refresh (D2290-reconciled)Weekly(caveman + plugin updates)(withheld)
Network-heal watchdog (D2290-reconciled)Always-on(VPN control heal)(withheld)
Server datastore backup (VPS systemd timer)Daily(infrastructure)(withheld — restore-tested, adopted the existing backup repository)

Retired / stale (D2290):

  • A client-recon ingestion job (was daily, /seed-ingest) — uninstalled: ClientA retainer wound down. No longer in the installed set.
  • A local gateway service entry (was always-on, local) — stale: the gateway no longer runs as a local scheduled job. It is VPS-only, systemd unit the gateway systemd unit on the VPS (tailnet-internal).

Runtime constraints: All Python scripts pin the Homebrew Python runtime (not system python — FDA). All scheduler entries carry an explicit PATH. Headless Claude sessions run non-interactively in an automatic permission mode via subprocess. GUI apps (Terminal.app) cannot launch in DarkWake.


9. Dependency Graph & Change Impact Matrix

9a. Dependency Graph

PERSONALITY.md (Single Source of Truth — personality + operational protocols)
+-- Included by: CLAUDE.md via @PERSONALITY.md
+-- Compiled into: SOUL.md via compile-soul.sh (+ SOUL_SHELL.md)
+-- Contains: Roster, Dispatch Checklist, Cache Schema, Governance Quick-Refs, FCF Quick-Ref

CLAUDE.md (CC Shell Boot)
+-- @includes: PERSONALITY.md (shared personality + protocols)
+-- CC Shell Extensions: MCP tool bindings, sidecar paths, worked examples
+-- On-Demand Context table --> governance docs with full vault paths
+-- CyberShinobi Roster --> in PERSONALITY.md, must match .claude/agents/ directory
+-- Dependency Propagation Protocol --> references THIS LisaOSMap

Agent Prompts (.claude/agents/*.md)
+-- ALL share: Operating Standards block (tool access, signalling, memory, clone, escalation)
+-- ALL reference: ToolsDomainIndex by path (not embedded)
+-- Each has: Binding reference --> specific governance doc
+-- Skill names in Activation Profile --> if skill renamed, agent prompt breaks

ToolsDomainIndex (PER.EX.NINJ_DEV-AI.Data.ToolsDomainIndex)
+-- Upstream: ClaudeCodeSkills registry (source of truth for custom skills)
+-- Downstream: ALL 8 agent prompts embed this index
+-- Downstream: CLAUDE.md On-Demand Context references it
+-- Downstream: SkillApprovalGate references it for overlap detection

FileClassFramework (PER.EX.SAG_SYSX.Docu.FileClassFramework)
+-- Downstream: VaultGovernance (Rule 1)
+-- Downstream: CLAUDE.md FCF Quick-Ref
+-- Downstream: smoke agent binding ref
+-- Downstream: file-classifier skill
+-- Downstream: MemoryArchitecture (namespace resolution)

MemoryArchitecture (CS.AK.LISA.Docu.MemoryArchitecture)
+-- References: MissionMatrix (CS namespace resolution)
+-- References: ActivityClassMatrix (PER namespace resolution)
+-- Downstream: CLAUDE.md Memory Architecture Quick-Ref
+-- Downstream: konnichiwagwan skill (session activation)
+-- Downstream: sayonara skill (session close)

SchedulerRegistry (CS.AK.LISA.Data.SchedulerRegistry)
+-- Must match: the installed local scheduler entries (Mac) AND `the service-account crontab` on VPS
+-- Each job references: script path, log path, paired skill, host class (Mac/VPS)

9b. Change Impact Matrix

If This ChangesUpdate ThesePriority
Any governance DocuCLAUDE.md Quick-Ref (if one exists for this doc), binding agent prompts, On-Demand Context table (if path changed), this System MapCRITICAL
ToolsDomainIndexAll 8 agent prompts (Tooling Index section is a copy)CRITICAL
ClaudeCodeSkills registryToolsDomainIndex (regenerate via /skills-registry-update), then cascade to all 8 agent promptsCRITICAL
Any skill renamed/deletedClaudeCodeSkills registry, ToolsDomainIndex, all 8 agent prompts (if skill in Key Skills or Tooling Index), CLAUDE.md On-Demand Context (if referenced), SchedulerRegistry (if paired with a job), this System Map (Section 6)CRITICAL
Any skill createdRun /skills-registry-update, verify ToolsDomainIndex, update agent prompts if domain-relevant, this System Map (Section 6)HIGH
FileClassFrameworkVaultGovernance, CLAUDE.md FCF Quick-Ref, file-classifier skill, smoke agent binding refHIGH
VaultGovernanceCLAUDE.md Vault Governance Quick-Ref, smoke agent binding refHIGH
MemoryArchitecturekonnichiwagwan skill, sayonara skill, CLAUDE.md On-Demand Context (if path changes), CLAUDE.md Session State Maintenance (if compaction protocol changes)HIGH
CodeDisciplineProtocolgenji + raiden agent binding referencesHIGH
RawTwinDiscipline (+ any schema-layer change in memory_gateway/server/*/types.ts that adds a new field/branch to a write-path tool)artefacts/code/lisa/memory_gateway/server/tools/schema-introspection.ts (bump SCHEMA_VERSION, add field/branch), artefacts/code/lisa/memory_gateway/server/mcp/index.ts (mirror new optional flat field in the permissive-flat tool or add new raw twin per §4), CLAUDE.md Canonical write path section + On-Demand Context table, ~/.claude/skills/konnichiwagwan/SKILL.md Phase F (if behaviour changes), genji agent binding reference, this System MapHIGH
SecurityOperationsgray-fox agent binding referenceHIGH
PlanningDisciplineyoshimitsu agent binding referenceHIGH
MissionMatrixMemoryArchitecture (namespace resolution)MEDIUM
ActivityClassMatrixMemoryArchitecture (namespace resolution)MEDIUM
Operating Standards blockAll 8 agent prompts (shared block; update all when changing signalling, clone, or escalation protocols)CRITICAL
Cache Write Schema (CLAUDE.md subsection + gateway Zod discriminated union in psychic-cache/types.ts)All 8 agent prompts (g. Cache output pointer references the schema), LisaOSManual §3.2 Psychic Cache (context types table), MemoryArchitecture (if cache write surface is ever documented there), ToolsDomainIndex write_psychic_cache entry (if description quotes the per-type contract)CRITICAL
Context Feedback Discipline (CLAUDE.md Dispatch Execution Checklist step 4 + subsection)All 8 agent prompts (Context Assembly Protocol block — step 4 mandates context_feedback before report_complete), MemoryArchitecture (Context Feedback subsection), OperationalProtocols (only if it ever starts covering dispatch lifecycle — currently scoped to censorship/knowledge/distress/conflicting-instructions, so out of scope), ToolsDomainIndex context_feedback entry (if description is updated)CRITICAL
Mandatory progress reporting clause (CLAUDE.md Dispatch Execution Checklist step 4, bullet 4 — LISA-side dispatch brief template)LISA dispatch briefs (self-validating on next dispatch via the new canonical phrasing block); agent prompts already describe the agent-side report_progress_raw mechanism in the Operating Standards Dispatch Protocol block (covered by the Operating Standards block row above), so no further propagation unless the agent-side calling convention itself changes. Regression history: D30/D48/D49 dispatch briefs omitted the clause → dashboard expanded-card timelines went silent → D53 codified the mandate into the ChecklistHIGH
Agent prompt format/contentAll 8 agents (Operating Standards consistency), CLAUDE.md roster table (if domain/triggers changed)MEDIUM
New agent added/removedCLAUDE.md roster table, CLAUDE.md dispatch triggers, ToolsDomainIndex, this System Map (Section 5)MEDIUM
Scheduled job added/modified/removed (Mac launchd OR VPS cron)SchedulerRegistry, the installed scheduler entry (Mac) OR the service-account crontab (VPS), this System Map (Section 8)MEDIUM
MCP server added/removedAgent prompts (mcpServers frontmatter), this System Map (Section 7)MEDIUM
Template added/removedThis System Map (not tracked elsewhere)LOW
Entity added/removedCLAUDE.md Entity Maintenance section (if scope changes), this System MapLOW
CleanCodePipeline TechSpec (any change to gate design, repo topology, ADRs, or migration order in CS.AK.LISA.TechSpec.CleanCodePipeline)CLAUDE.md On-Demand Context table (Clean Code Pipeline row), this System Map (§2 governance docs table), CodeDisciplineProtocol (Four-Gate cross-link to TechSpec §06 + §09 — the pipeline is the operational instantiation), RawTwinDiscipline (Semgrep custom rule cipher-shinobi.raw-twin-required cross-link), genji + raiden + yoshimitsu + gray-fox agent governance reference lists (yoshimitsu drafts V-3 pre-lock + STOP-after-D Fuda content per §6.0.6 + §6.0.7; gray-fox reviews same), reference_github_org.md memory (lisa-os repo + the OS core repo CODEOWNER), ArtefactMapProtocol (lisa-os repo as new artefact root post-migration), CS.AK.LISA.Data.ArtefactMap (Sprint 0 artefacts: pre-push hook, semgrep rules, GitHub Action), per-repo CLAUDE.md runbook links (Sprint Final), CS.AK.LISA.Docu.CleanCodePipelineRunbook (Sprint Final), feedback_v3_ladder_randomised_order_pre_lock memory (companion discipline at ~/…)CRITICAL
Linear Issue Standard (header template: Collaborators/Job Resources/Job Output + metadata fields: labels, estimate, assignee, project, priority)~/.claude/skills/fuda/SKILL.md Step 5 (Fuda-specific issue creation), CS.AK.LISA.TechSpec.CleanCodePipeline §9.6.1 (Fuda = Linear Issue format), ~/.claude/skills/linear/SKILL.md (if unified Linear skill performs issue creation), any future skill that calls save_issueHIGH
fuda skill template (any change to the Fuda required sections, Workflow steps, V-Depmap outcome class discipline, threshold matrix, or agent roles in ~/.claude/skills/fuda/SKILL.md)CS.AK.LISA.TechSpec.CleanCodePipeline (§6.0.1 Required Fuda Sections mirror; §6.0.6 + §6.0.7 cross-link), yoshimitsu agent governance reference list (Fuda drafter), raiden + gray-fox agent governance reference lists (Fuda reviewers), CLAUDE.md Dispatch Execution Checklist Step 0 (fuda skill invocation), linear skill SKILL.md (issue creation cross-link), feedback_dispatch_brief_quotes_fuda_verbatim memory (brief construction discipline)HIGH
thread_checkpoint context_type (gateway Zod branch in psychic-cache/types.ts + GET /checkpoint/:session_id endpoint)CLAUDE.md Cache Write Schema table (thread_checkpoint row + worked example), MemoryArchitecture (Compaction Survival Protocol section — cache type table), dashboard (if checkpoint entries need special rendering), mcp/index.ts (permissive-flat field mirrors), schema-introspection.ts (version bump + branch listing)HIGH
Session State Maintenance protocol (CLAUDE.md ### Session State Maintenance + sidecar file ~/.claude/session-env/<session_id>.lisa-state.json)MemoryArchitecture (Compaction Survival Protocol — sidecar subsection), PreCompact hook script (write-checkpoint.sh reads the sidecar). Agent prompts: not impacted — agents do not write to the sidecar; only LISA doesMEDIUM
Compaction Survival hook scripts (~/.claude/scripts/compaction-survival/write-checkpoint.sh + inject-recap.sh)~/.claude/settings.json (hook installation), artefacts/scripts/lisa/hooks/ArtefactMap.md (vault source copies), MemoryArchitecture (Compaction Survival Protocol — write-side/read-side subsections), CLAUDE.md On-Demand Context table (compaction recovery row)MEDIUM
This System MapCLAUDE.md Dependency Propagation Protocol (references it)META

10. Maintenance Protocol

Custodian: Smoke (Vault & Knowledge Infrastructure agent). Smoke's binding references include this document.

Update triggers:

  • Any session that creates, renames, or deletes a governance doc, framework, agent, skill, integration, or automation job MUST update this System Map in the same session
  • The Dependency Propagation Protocol in CLAUDE.md enforces this as a binding step

Audit cadence: Automated weekly reconciliation via /lisaos-reconcile skill (VPS cron, Sunday 21:00 UTC = Monday 01:00 GST). The 7-check protocol verifies all tables match current vault state. Telegram notification on drift (severity >= HIGH). Smoke dispatched for remediation on CRITICAL findings.

Dependency Propagation Checklist

When modifying any governance document, framework, agent prompt, skill, or data registry, execute in order:

  1. Identify scope — read the Change Impact Matrix row (Section 9b) for the document category being modified
  2. List affected files — enumerate every downstream file from the matrix
  3. Propagate changes — update each downstream file to reflect the modification (content sync, path updates, name corrections)
  4. Verify consistency — confirm no stale references remain in affected files (grep for old names/paths)
  5. Update this System Map — if the change alters the dependency graph itself (new doc, renamed doc, new agent, new skill)
  6. Report — include a [PROPAGATION] section in the file operations report listing every downstream file updated and why

Dispatch rule: If propagation touches 3+ files across multiple domains, dispatch to smoke (Vault & Knowledge) as a background task.

Agent obligation: Sub-agents performing structural modifications MUST signal [PROPAGATION_REQUIRED] in their return to LISA with a list of suspected downstream impacts.

Self-referential: This document appears in Section 2 (Governance Documents table) and is referenced by CLAUDE.md's Dependency Propagation Protocol and On-Demand Context table.


Appendix: Data Registries

RegistryFCF NamePathPurpose
Skills RegistryPER.EX.NINJ_DEV-AI.Data.ClaudeCodeSkillspersonal/expertise/ninjutsu/Authoritative catalogue of 96 installed skills (2026-07-04)
Tools Domain IndexPER.EX.NINJ_DEV-AI.Data.ToolsDomainIndexpersonal/expertise/ninjutsu/Universal tool discovery for all agents (skills + MCP + CLI + plugins)
Scheduler RegistryCS.AK.LISA.Data.SchedulerRegistrycipher_shinobi/akatsuki/lisa/Mac launchd jobs + VPS cron entries (renamed 2026-05-06 from LaunchdRegistry)
Artefact MapCS.AK.LISA.Data.ArtefactMapcipher_shinobi/akatsuki/lisa/Non-markdown artefact manifest
CommsClone Calibration LogCS.AK.LISA.Data.CommsCloneCalibrationLogcipher_shinobi/akatsuki/lisa/Voice calibration scan results

Appendix: Templates

22 structural templates in templates/structural/, 6 executable templates + temporal sub-directory in templates/executable/.

Structural: TMPL.ArtefactMap, TMPL.BJJ, TMPL.CommsStyleGuide, TMPL.Definition, TMPL.EntityIndividual, TMPL.EntityOrganisation, TMPL.InputArticle, TMPL.InputBook, TMPL.InputPodcast, TMPL.InputVideo, TMPL.InputVideoKnowledgeExtraction, TMPL.MasterSvcAgreement.Crypto, TMPL.MasterSvcAgreement.Fiat, TMPL.MeetingNote, TMPL.MissionBrief, TMPL.MissionSeed, TMPL.Prompt, TMPL.ReconConfig, TMPL.SWOTAnalysis, TMPL.Skill, TMPL.TechSpec, TMPL.Template

Executable: CS.AK.TheSystem.Code.AddBattle.Js, AddLinearTask.Js, AddMeal.Js, AddReps.Js, AddTask.Js, FleetingNote.Js + temporal note templates (Daily, Weekly, Monthly, Yearly)

Appendix: Entity Profiles

10 entity files in entities/:

EntityTypePurpose
ENT.LisaAI (Individual)Full LISA biography
ENT.Lisa.CompressedAI (Compressed)Context-efficient LISA profile (loaded by CLAUDE.md)
ENT.OperatorIndividualOperator profile (Tobi Onotobi)
ENT.CipherShinobiOrganisationDAO structure, domains, ranks, constitution
ENT.ClientAOrganisationYB client
ENT.ClientAOrganisationYB client (employer)
ENT.ClientAOrganisationYB end-client
(3 individual collaborator profiles)IndividualCollaborators (names withheld — pseudonym/aggregate only)

Appendix: Namespace Naming Convention

FCF namespace keys identify mission scope throughout the system — in dispatch briefs, cache writes, file naming, and memory assembly. The convention is deterministic: once you know the mission's organisational position, the namespace follows.

Patterns

PatternScopeExampleWhen to use
CS.AK.{Mission}Akatsuki (internal) missionCS.AK.LISA, CS.AK.CSDAO, CS.AK.TheSystemInternal Cipher Shinobi initiatives — infrastructure, governance, tooling, DAO operations
CS.YB.{Client}.{Mission}Yurei Butai client missionCS.YB.ClientA.Exec, CS.YB.ClientA.RetainerClient engagements with a single end-client or general retainer scope
CS.YB.{Client}.{EndClient}.{Mission}Yurei Butai sub-client missionCS.YB.ClientA.GroupCo.BrandOneChatClient engagements where the deliverable targets a specific end-client within the client organisation
CS.YB.{Client}.{EndClient}.{SubBrand}.{Mission}Yurei Butai sub-brand mission (added 2026-05-08)CS.YB.ClientA.GroupCo.BrandOne.Website, CS.YB.ClientA.HoldCo.UnitOne.DigSupportClient engagements where the EndClient is a parent group with multiple commercial sub-brands AND the deliverable targets a specific sub-brand. See FCF SubBrand Slot Revision Proposal for the convention.
PER.{Pillar}.{Topic}Personal pillarPER.LV.KZKU, PER.EX.SAG_SYSXPersonal development, family, faith, expertise — outside Cipher Shinobi mission scope
SubBrand and the dispatch namespace (Q3 resolution 2026-05-08)

Sub-brand identity (codified by the {SubBrand} slot in CS.YB filenames per FCF: CS.YB Grammar) DOES extend the dispatch namespace key. Dispatches for sub-brand work route to the sub-brand-specific namespace (e.g. CS.YB.ClientA.ClientA.ClientA for ClientA Website work, NOT the parent CS.YB.ClientA.ClientA). Mission Matrix entries are added per sub-brand. The sub_brand: YAML field in filed artefacts mirrors the namespace and the filename {SubBrand} slot. Rationale: sub-brand work has distinct stakeholders, deliverable scope, and routing context; dispatching at parent granularity would conflate independent commercial streams. See CS.AK.LISA.Docu.FCFRevisionProposal.SubBrandSlot for the full convention.

Casing Rules

  • ALLCAPS: All segment constants — CS, AK, YB, PER, EX, LV, SA, FDN
  • PascalCase: Mission names, client names, topics — LISA, ClientA, ClientA, TheSystem
  • Delimiter: . separates hierarchy levels; _ joins compound ALLCAPS segments (e.g. SAG_SYSX, NINJ_DEV-AI)

When to Create a New Namespace vs Reuse Existing

Create new when:

  • A new Akatsuki initiative is founded (new internal project)
  • A new Yurei Butai client engagement begins
  • A new sub-mission under an existing client has distinct scope, deliverables, and timeline (e.g. CS.YB.ClientA.IaD alongside CS.YB.ClientA.Exec)

Reuse existing when:

  • The work is a continuation of the same initiative (new dispatch, not new mission)
  • The deliverable belongs to the same client engagement scope
  • A sub-task within a larger mission does not warrant its own dispatch tracking

Authoritative registry: The Mission Matrix (CS.AK.CSDAO.Data.MissionMatrix) is the canonical list of active namespaces. New missions are registered via the mission-init skill.

Appendix: Cross-Channel Dispatch Deduplication

When LISA operates across multiple channels simultaneously (VS Code + Telegram/Genkan — the VPS door, formerly "Hermes"), duplicate dispatches become a risk. This protocol prevents the same work from being dispatched twice.

Pre-Dispatch Check

Before firing any dispatch via report_dispatch_raw, LISA MUST:

  1. Check active dispatches — Call list_dispatches filtered by mission_namespace and status: active. If an active dispatch exists with a matching or substantially similar task_description, do not create a duplicate.
  2. Check concurrent sessions — Query GET /api/sessions/active on the gateway to see if another channel has an active session working on the same namespace. If so, check that session's active_dispatches before proceeding.
  3. Namespace affinity — If the other session is actively dispatching within the same namespace, defer to that session unless Tobi-san explicitly instructs otherwise.

Collision Resolution

If a duplicate dispatch is detected post-creation:

  • The later dispatch should be marked as retry_of the earlier one if it is genuinely continuing the same work
  • If both are running concurrently, the channel that created the later dispatch should call report_complete_raw with status: "failed" and result_summary: "Duplicate of dispatch {N}" to close the duplicate cleanly

Heartbeat Awareness

The session heartbeat (written by LISA on every sidecar update) includes active_dispatches and current_mission_namespaces. Other channels can read this at session start (konnichiwagwan Phase E2) to understand what is already in flight.

Appendix: Post-Audit Remediation Summary (sparkling-waddling-tome)

The comprehensive Lisa-OS audit (D664, CS.AK.LISA.Intel.LisaOSAuditReport.md) identified 26 findings across 6 modules. Remediation was executed in 6 waves. Current disposition:

Wave 1 — Security Remediation (D668)

FindingSeverityStatus
GV-01: Hardcoded credential in settings.jsonHIGHRESOLVED — token moved to macOS Keychain, plain text removed
GV-02: log_activity permission missingMEDIUMRESOLVED — permission added to settings.json
GV-06: __TRACKED_VAR__ placeholder unexpandedLOWRESOLVED — placeholder replaced with correct value
HM-06: Debug log writes to /tmpLOWRESOLVED — log paths hardened in dispatch_agent.py
H-05: Smart approval mode on VPSRESOLVED — enabled on VPS

Wave 2 — Compiler Hygiene (D669)

FindingSeverityStatus
GW-02: 3 TypeScript compiler errors (Zod v4 enum drift)LOWRESOLVED — enum alignment fixed
GW-03: 7 deprecated MCP tools retainedLOWRESOLVED — JSDoc @deprecated annotations added
GW-04: Activity logging manual set checkLOWRESOLVED — migrated to Zod validation
GW-05: depmap.yaml staleLOWRESOLVED — regenerated to reflect all current modules

Wave 3 — Governance (D672)

FindingSeverityStatus
GV-05: Fuda skill missing from LisaOSMap §6LOWRESOLVED — registered in Governance & Pipeline table
GV-03: Escalation map incomplete (zer0, cyrax, sektor)MEDIUMRESOLVED — domain map completed for all 8 agents
GV-09: Agent prompt driftLOWRESOLVED — templates normalised across all 8 files
HM-02: Namespace keywords duplicated across 3 filesMEDIUMRESOLVED — centralised in _infra_config.py
HM-04: Agent list hardcodedLOWRESOLVED — made configurable
HM-05: Poll interval hardcoded 300sLOWRESOLVED — made configurable
HM-07: Gate model hardcodedLOWRESOLVED — made configurable
GV-04: No dispatch deduplication protocolMEDIUMRESOLVED — Cross-Channel Dispatch Deduplication appendix added to LisaOSMap
GV-07: Namespace naming drift undocumentedLOWRESOLVED — Namespace Naming Convention appendix added to LisaOSMap

Wave 4 — Skill Ecosystem (D673)

FindingSeverityStatus
SK-05: Skills not consolidated to agentskills.io standardMEDIUMRESOLVED — 7 skills migrated to compliant frontmatter
SK-01: Hermes improvement engine blocked by one-way syncHIGHRESOLVED — sync-skills-to-vps.sh rewritten with bidirectional 3-phase push/pull (--delete removed, --update added)
SK-03: No skill version parity enforcementMEDIUMRESOLVED — addressed by bidirectional sync rewrite
SK-04: No automated skill approval gate enforcementLOWPARTIALLY RESOLVED — Skill Approval Gate updated with bidirectional sync lifecycle; full automated enforcement deferred
SK-02: FIP never activatedMEDIUMPARTIALLY RESOLVED — producer infrastructure documented; activation deferred to hermes-feature-integration plan

Wave 5 — Test Coverage (D691, Fuda AK-298)

FindingSeverityStatus
GW-01: Test coverage ~20%MEDIUMRESOLVED — 658 tests across 30 files; Lines 84.62%, Branches 72.30%, Functions 91.09%. Vitest + Supertest + real SQLite (no mocks). Config: vitest.config.ts, shared fixtures in test/helpers/setup.ts

Wave 6 — Parity Verification (D694)

FindingSeverityStatus
HM-01: Silent degradation if gateway offline at startupHIGHDEFERRED — tracked in hermes-feature-integration plan
HM-03: Timeline debounce dict never prunedMEDIUMDEFERRED — tracked in hermes-feature-integration plan
EL-01: LISA context feedback closure rate at 50%MEDIUMPARTIALLY RESOLVED — discipline enforced in CLAUDE.md; ongoing operational improvement

D694 (genji) is simultaneously running parity verification and will file CS.AK.LISA.Intel.Wave6ParityReport.md.

Deferred Items

ItemTracking LocationNotes
H-01: Voice synthesis (Hermes)hermes-feature-integration planHermes framework voice feature
H-02: Image generation (Hermes)hermes-feature-integration planHermes framework image gen feature
H-03: Extended search (Hermes)hermes-feature-integration planHermes framework extended search
H-04: Browser tool (Hermes)hermes-feature-integration planHermes framework browser integration
HM-01: Gateway startup health checkhermes-feature-integration planRequires Hermes daemon modification
HM-03: Debounce dict pruninghermes-feature-integration planRequires Hermes daemon modification
Fuda AK-265: Dispatch outcome columnIn progressLinear issue tracking
Fuda AK-282: Unified VPS brainIn progressLinear issue tracking
Fuda AK-288: Skill lifecycle Wave 1In progressLinear issue tracking
Fuda AK-298: Test coverage (Wave 5)COMPLETEDVerified — 658 tests, 84.62% line coverage

Remediation Statistics

MetricValue
Total findings26
Resolved20
Partially resolved3
Deferred3
Resolution rate88.5% (23/26 addressed)

Appendix: Gateway Infrastructure Decision

Production Environment

The LISA memory gateway runs exclusively on the VPS (the VPS (tailnet-internal) via Tailscale). This is a standing architectural decision, not a temporary arrangement.

AspectDetail
HostVPS at the VPS (tailnet-internal) (Tailscale IP)
Servicesystemd unit memory-gateway
DatabasePersistent SQLite at <VPS>/…
Processnode server/index.ts via ts-node
AccessTailscale-only — public IP is firewalled; direct connection attempts via public IP will be refused
Vault MountRead-write rclone FUSE at /mnt/vault/ (rw, allow_other). Hermes can read and write vault files via this mount. Higher latency than local filesystem; Google Drive sync propagation delay applies. Config: /root/.config/rclone/rclone.conf (Google Drive OAuth). See reference_vps_rclone_mount memory for re-auth procedure.
Git Repos<VPS>/… (shallow clone, gh authenticated as onotobi). Enables Hermes dispatches to perform git operations (branch, commit, PR creation).

Development Environment

Tobi's local Mac is development-only:

  • npm run dev for testing gateway changes before VPS deployment
  • Local SQLite database is ephemeral (test data only)
  • No production traffic touches the local instance

Rationale

  1. Persistent uptime — The VPS runs 24/7. The Mac sleeps, travels, and restarts. Session state, dispatch tracking, and cache writes require a host that does not disappear.
  2. Genkan integration — The Telegram door (Genkan — the VPS harness formerly "Hermes") runs on the same VPS. Co-locating the gateway eliminates network latency for Genkan-to-gateway calls and simplifies the deployment topology.
  3. Telegram door co-location — The persistent listener process (persistent_listener.py) that bridges Genkan (infra: legacy hermes identifiers) to Claude Code runs on the VPS alongside the gateway. Both processes share the same host, same Tailscale network, same systemd supervision.
  4. Single source of truth — One production database, one gateway URL (the gateway endpoint (tailnet-internal)), no split-brain risk between local and remote state.

Deployment Protocol

Gateway changes follow the standard VPS deployment path:

  1. Develop and test locally (npm run dev)
  2. Push to lisa-os repo on GitHub
  3. Pull on VPS (cd <VPS>/… && git pull)
  4. Restart the service (sudo systemctl restart memory-gateway)

On this page