LisaOS Map
This is the authoritative bird's-eye reference for the entire LISA operating system — governance documents, frameworks, sub-agents, skills, integrations, automation, and their interdependencies. The Dependency Propagation Protocol in CLAUDE.md references this document as the canonical dependency map. Custodian: Smoke (Vault & Knowledge Infrastructure).
Last Updated: 2026-07-04 (Dispatch 2290 — LisaOS Full-System Audit Campaign, Phase 4 propagation, companion to the regenerated CS.AK.LISA.TechSpec.LisaOSArchitecture. §6 Skills: reconciled against the authoritative registry (tally 95→96 as of 2026-07-04); restored 19 genuine skills that had drifted out of the map (checkpoint, system-init, mac-disk-cleanup, gws-profile, hermes-dispatch, agent-tune, uat-bidirectional-probe, drafting-comms-guides, invoice, brandkit, chatgpt-image-designer, nano-banana-designer, seedance-designer, pixellab-ref-prep, impeccable, site-map-generator, design-system-ingest, feature-scope, code-optimise); re-annotated simplify as a Claude Code built-in (not a custom skill — not restored). §8 Automation: reconciled against installed launchd plists — added 7 undocumented jobs (identified by function in §8), retired a client-recon job (uninstalled, retainer wound down) and lisa-memorygateway (stale — gateway is VPS-only systemd the gateway systemd unit). Data Registries appendix skill tally 95→96. Change Impact Matrix §9b: governed by existing "Any skill created" (HIGH) + automation rows — no new matrix row required. Source: plan lisaos-full-system-audit. Prior: Dispatch 1881 — door-naming doctrine propagation: added §1 Door Naming Registry (Torii/Genkan/doors; "Hermes" = Nous-only; infra identifiers retain legacy hermes naming pending substrate bundle). Annotated OUR-shell "Hermes" references in this map (Cross-Channel Dedup appendix + Gateway Infrastructure rationale) to Genkan. Scoped annotation pass, NOT blanket find-replace — frozen audit-finding records (Wave tables, deferred items) and all infra paths/script names/cron identifiers left verbatim. Companion edits: CLAUDE.md (Shell Role + Model Tier + On-Demand Context + Cross-surface awareness), HermesDelegationProfiles.md (intro naming note; filename = rename candidate). Source: ideas/IDEA.Spark.LisaOSUltimateForm.md. Prior: Dispatch 1833 — loop-forge (per-goal Loop Contract composer + bounded grader-gated self-correcting loop launcher; 5 archetypes; tri-state exit; design-match harness; Pulse/Cortex/Kernel governance + evidence-gate/kill-switch) registered in §6 Skill Lifecycle per [PROPAGATION_REQUIRED]; created via skillcraft Mode A (3-test Gate PASS), executables under Fuda AK-425. §6 tally + Data Registries appendix corrected to 95. Change Impact Matrix §9b checked: the existing "Any skill created" row (HIGH) governs this propagation — no new matrix row required. NOTE: full lisaos-reconcile sweep remains a separate available task — this pass was the loop-forge registration + count lines only, not a whole-map reconcile. Prior: D1791 cartoonify registration, tally 94)
1. Boot Sequence
LISA's operating context loads from a single root document and a session activation skill:
| Component | Path | Purpose |
|---|---|---|
| PERSONALITY.md | PERSONALITY.md (vault root) | Single source of truth — personality, analytical approach, communication standards, operational protocols (dispatch, cache, memory, governance). Included by CLAUDE.md via @PERSONALITY.md and compiled into SOUL.md via compile-soul.sh |
| CLAUDE.md | CLAUDE.md (vault root) | CC shell boot — @PERSONALITY.md include, CC-specific extensions (MCP tool bindings, sidecar paths, worked examples, On-Demand Context full vault paths) |
| konnichiwagwan | ~/.claude/skills/konnichiwagwan/SKILL.md | Session activation — Tier 1 load, MCP pre-flight, project context, full memory load |
| sayonara | ~/.claude/skills/sayonara/SKILL.md | Session close — semantic/episodic summarisation, memory commit, gateway sync |
| Compaction Survival hooks | ~/.claude/scripts/compaction-survival/ | Mid-session state preservation — PreCompact writes thread_checkpoint, SessionStart(compact) injects narrated recap |
Door Naming Registry (ratified 2026-06-11)
LisaOS interfaces onto the single OS core are called doors (plain English, generic term). The named doors:
| Door | Name | Meaning | Status |
|---|---|---|---|
| Flagship desktop app | Torii (鳥居) | The future Cipher Shinobi-branded bespoke desktop application (Ultimate Form Path B build) | Future build |
| VPS harness | Genkan (玄関) | The VPS harness formerly called "Hermes" — TUI shell, Telegram channel, GPT-5.5 front-door logic | Active |
| CC interface shell | (unnamed — "the CC shell") | VS Code / Claude Code execution surface | Active |
Disambiguation rules:
- "Hermes" refers EXCLUSIVELY to Nous Research's products (Hermes Agent app, Hermes model family) in all LisaOS docs. It no longer names our harness.
- Infra identifiers retain a legacy service-account naming pending the substrate-migration bundle: the VPS service user, its home and dot-directories, the gateway systemd unit and its crontab, and the associated maintenance scripts all still carry the pre-rename identifier. Correct documentary form when referencing infra: "Genkan (infra: legacy service-account identifiers)".
- Rename candidate deferred to the substrate bundle:
CS.AK.LISA.Data.HermesDelegationProfiles→GenkanDelegationProfiles(filename not renamed this pass).
Source: ideas/IDEA.Spark.LisaOSUltimateForm.md decision callouts (operator-ratified 2026-06-11).
2. Governance Documents
Documents defining binding operational rules. Located in cipher_shinobi/akatsuki/lisa/.
| Document | FCF Name | Purpose | Binds To |
|---|---|---|---|
| Operational Protocols | CS.AK.LISA.Docu.OperationalProtocols | Censorship, knowledge limits, distress, conflicting instructions; web verification tool hierarchy | On-Demand Context retrieval (edge-case triggers) |
| Vault Governance | CS.AK.LISA.Docu.VaultGovernance | 7 binding rules for file creation, placement, reporting | smoke agent, file-classifier skill, CLAUDE.md Quick-Ref |
| Memory Architecture | CS.AK.LISA.Docu.MemoryArchitecture | Memory taxonomy, classification protocol, context window, gateway tools | konnichiwagwan skill (session start), On-Demand Context retrieval (mid-session) |
| Code Discipline Protocol | CS.AK.LISA.Docu.CodeDisciplineProtocol | Five Pillars, Four-Gate review for all code | genji, raiden agents |
| Raw Twin Discipline | CS.AK.LISA.Docu.RawTwinDiscipline | MCP ListTools cache staleness protocol, *_raw twin pattern, runtime drift detection (/api/tools/list + konnichiwagwan Phase F) | genji agent, CLAUDE.md Canonical write path + On-Demand Context, konnichiwagwan skill, memory_gateway MCP layer |
| Security Operations | CS.AK.LISA.Docu.SecurityOperations | Five security principles, Security Gate Protocol (5 gates) | gray-fox agent |
| Planning Discipline | CS.AK.LISA.Docu.PlanningDiscipline | Five Pillars of planning, four-gate Planning Review | yoshimitsu agent |
| Skill Approval Gate | CS.AK.LISA.Docu.SkillApprovalGate | Three-test pipeline (overlap, necessity, utility) + bidirectional sync lifecycle (sync-skills-to-vps.sh, hermes-skill-pull.sh, konnichiwagwan Phase G) | Skill creation workflows, skillcraft skill, bidirectional sync pipeline |
| Skill Draft Guide | CS.AK.LISA.Docu.SkillDraftGuide | Field-level SKILL.md authoring instructions (includes worked exemplar appendix) | Skill creation workflows, skillcraft skill |
| Sage Mode Guide | CS.AK.LISA.Docu.SageModeGuide | Sage Mode operational reference (Kernel/Cortex/Cerebellum) | sage skill |
| Curriculum Architecture | CS.AK.LISA.Docu.CurriculumArchitecture | 532-hour, 16-module training programme (amendments folded in) | Curriculum delivery |
| Video Knowledge Extraction Guide | CS.AK.LISA.Docu.VideoKnowledgeExtractionGuide | Video transcript processing methodology | video-knowledge-extractor skill |
| CommsStyleGuide Draft Guide | PER.EX.GEN_SCRIBE-CRE.Docu.CommsStyleGuideDraftGuide | Guide for creating Communication Style Guides | comms-clone skill |
| CommsStyleGuide Exemplar | PER.EX.GEN_SCRIBE-CRE.Docu.CommsStyleGuideExemplar | Worked example for CommsStyleGuide | comms-clone skill |
| This LisaOS Map | CS.AK.LISA.Docu.LisaOSMap | Bird's-eye OS reference + Change Impact Matrix | CLAUDE.md Dependency Propagation Protocol, smoke agent |
| Image Engine Designer Handoff | CS.AK.LISA.Docu.ImageEngineDesignerHandoff | Records the PromptObject (v1.0.0 contract) binding the 6 designer skills → image-forge executor; Phase 4 auto-emit deferral | image-forge skill, 6 designer skills, Zer0PromptObjectContract Data note |
| Clean Code Pipeline TechSpec | CS.AK.LISA.TechSpec.CleanCodePipeline | Three-gate clean-code CI/CD architecture (Semgrep MCP write-time + Qodo/CodeRabbit pre-push + GitHub Actions + CODEOWNERS); 5-repo topology; 4 ADRs (Lisa-OS scope, serial migration, the OS core repo sole CODEOWNER, Q4 layered enforcement); cold-migration methodology | genji + raiden agents (operational instantiation of CodeDisciplineProtocol), CLAUDE.md On-Demand Context, RawTwinDiscipline (Semgrep custom rule enforcement) |
Archived (in archive/)
| Document | FCF Name | Reason |
|---|---|---|
| Vault Integration | CS.AK.LISA.Docu.ClaudeCodeVaultIntegration | Setup guide; ~85% duplicated VaultGovernance. Environment already configured. |
| YouTube Transcriber Handoff | CS.AK.LISA.Docu.YouTubeTranscriberHandoff | Dev handoff doc; skill is production. |
| Sage Mode Upgrade | CS.AK.LISA.Docu.SageModeUpgrade | Orphaned proposal; upgrades implemented as separate skills. |
| Agentic Orchestration Architecture | CS.AK.LISA.Matter.AgenticOrchestrationArchitecture | Implemented: persona dissolution, universal skill access, approval gate, domain index. Psychic Cache tracked in deferred TechSpec. |
| Skill Exemplar | CS.AK.LISA.Docu.SkillExemplar | Merged into SkillDraftGuide as appendix (2026-04-05). |
3. Architecture Documents
Design specifications and architectural rationale. Located in cipher_shinobi/akatsuki/lisa/.
No active architecture documents. All implemented designs archived; unbuilt designs deferred.
Deferred (in deferred/)
| Document | FCF Name | Status | Key Dependencies |
|---|---|---|---|
| Psychic Cache | CS.AK.LISA.TechSpec.PsychicCache | Deferred | AgenticOrchestrationArchitecture, MemoryArchitecture |
| Dispatch Dashboard | CS.AK.LISA.TechSpec.DispatchDashboard | Deferred | AgenticOrchestrationArchitecture, PsychicCache, AgentDomainMemory |
| Agent Domain Memory | CS.AK.LISA.TechSpec.AgentDomainMemory | Deferred | AgenticOrchestrationArchitecture, PsychicCache, MemoryArchitecture |
| Persistent Memory Infra | CS.AK.LISA.TechSpec.PersistentMemoryInfra | Deferred | OperationalProtocols, ClaudeCodeMemoryAndExtensibility Intel |
| Claude Code Memory Intel | CS.AK.LISA.Intel.ClaudeCodeMemoryAndExtensibility | Deferred | Referenced by PersistentMemoryInfra |
| YouTube Transcriber GPU Architecture | CS.AK.LISA.Intel.YouTubeTranscriberGPUArchitecture | Deferred | Reference material for future youtube-transcriber optimisation |
4. Frameworks
Reusable classification systems and taxonomies.
| Framework | FCF Name | Path | Scope | Referenced By |
|---|---|---|---|---|
| File Classification Framework | PER.EX.SAG_SYSX.Docu.FileClassFramework | personal/expertise/sagyojutsu/ | Naming, types, segment grammar, 22 TypeSpecs | VaultGovernance (Rule 1), CLAUDE.md FCF Quick-Ref, smoke agent, file-classifier skill, MemoryArchitecture |
| Artefact Map Protocol | PER.EX.SAG_SYSX.Docu.ArtefactMapProtocol | personal/expertise/sagyojutsu/ | Non-markdown artefact governance, placement matrix | VaultGovernance (Rule 3-4), artefact creation workflows |
| Prompt Classification Framework | PER.EX.NINJ_PROMPT.Docu.PromptClassFramework | personal/expertise/ninjutsu/ | Prompt type taxonomy: Henge/Shoki/Ninki/Yomu | CLAUDE.md On-Demand Context, prompt routing |
| Activity Classification Matrix | PER.EX.SAG_SYSX.Data.ActivityClassMatrix.Tobi | personal/expertise/sagyojutsu/ | Personal activity taxonomy (SA/EX/LV subjects) | MemoryArchitecture (namespace resolution), FCF |
| Mission Matrix | CS.AK.CSDAO.Data.MissionMatrix | cipher_shinobi/akatsuki/csdao/ | CS mission namespace registry | MemoryArchitecture (namespace resolution), mission-init skill |
5. Sub-Agents
8 CyberShinobi operatives in .claude/agents/. All run on Opus. All have universal skill access via the Tools Domain Index.
| Agent | Domain | Binding Governance Doc | Key Skills (Priority) | MCP Servers |
|---|---|---|---|---|
| genji | Software Engineering | CodeDisciplineProtocol | simplify, linear, frontend-design | lisa-memory, ref-context |
| raiden | Verification & QA | CodeDisciplineProtocol | skill-grader, skill-comparator, skill-analyzer | lisa-memory, ref-context |
| zer0 | Language & Creative | (none — domain-specific) | text-improver, comms-clone, style-rewriter, deck-presenter | lisa-memory, ref-context |
| smoke | Vault & Knowledge | FileClassFramework + VaultGovernance + LisaOSMap | file-classifier, coherence-improver, skillcraft, skills-registry-update | lisa-memory |
| gray-fox | Security & Intelligence | SecurityOperations | conflict-monitor, seed-ingest, prayer-guide | lisa-memory |
| yoshimitsu | Strategic Planning & Finance | PlanningDiscipline | sprint-plan, mission-brief, seed-create, idea-spark, idea-critic | lisa-memory, ref-context |
| cyrax | Legal & Compliance | (none — jurisdiction-dependent) | seed-ingest, doc-designer | lisa-memory |
| sektor | Data & Analytics | (none — data-driven) | seed-ingest, video-knowledge-extractor | lisa-memory |
Agent prompt format: Each agent has unique sections (Personality, Domain Expertise, Activation Profile) plus a shared 12-line Operating Standards block (universal tool access, confidence signalling, memory namespace, Shadow Clone, escalation). The Operating Standards block replaced the previous 70-line boilerplate (separate Tooling Index, Confidence, Memory, Shadow Clone, Escalation sections) in the 2026-04-05 consolidation refactor.
Dispatch modes: Single-agent | Parallel independent | Team assembly (max 4) | Shadow Clone Jutsu (LISA-initiated, max 3 clones + original)
Signalling: [CONFIDENCE: high|medium|low] + [DOMAIN_AFFINITY: true|false] | [ESCALATION] | [SHADOW_CLONE] | [PROPAGATION_REQUIRED]
6. Skills
Custom skills in ~/.claude/skills/ (registry tally 96 as of 2026-07-04 — authoritative source PER.EX.NINJ_DEV-AI.Data.ClaudeCodeSkills.md). The tables below were reconciled against that registry by dispatch D2290 (LisaOS audit campaign, Phase 4): 19 genuine skills that had drifted out of this map were restored — checkpoint, system-init, mac-disk-cleanup, gws-profile, hermes-dispatch, agent-tune, uat-bidirectional-probe, drafting-comms-guides, invoice, brandkit, chatgpt-image-designer, nano-banana-designer, seedance-designer, pixellab-ref-prep, impeccable, site-map-generator, design-system-ingest, feature-scope, code-optimise — and simplify was re-annotated as a Claude Code built-in (not a custom skill). Plugin-provided design/frontend skills (ckm:*, design-taste-frontend, gpt-taste, high-end-visual-design, minimalist-ui, industrial-brutalist-ui, imagegen-frontend-*, image-to-code, redesign-existing-projects, stitch-design-taste, ui-ux-pro-max, full-output-enforcement) are catalogued under §7 Plugins, not here. Domain mapping: PER.EX.NINJ_DEV-AI.Data.ToolsDomainIndex.md.
Session & System
| Skill | Purpose | References Governance |
|---|---|---|
| konnichiwagwan | Session activation (4 phases) | MemoryArchitecture |
| sayonara | Session close + memory commit | MemoryArchitecture |
| launch | Launch locally-hosted apps | (App Registry in SKILL.md) |
| permission-merge | Sweep settings.local.json for new permissions | (paired with settings-merge launchd job) |
| dream | Nightly memory consolidation | MemoryArchitecture |
| system-update | Process daily note through The System | — |
| system-init | Initialise The System state / scaffolding | — |
| lisaos-reconcile | Weekly 7-check vault reconciliation | (paired with lisaos-reconcile launchd job) |
| checkpoint | File a structured mid-session campaign checkpoint for next-session continuity | (paired with sayonara) |
| mac-disk-cleanup | Inventory + safely reclaim Mac disk space by category | — |
| gws-profile | Route gws CLI to a non-default Google Workspace account (per-call profile) | — |
| hermes-dispatch | Delegate a task to the Genkan (VPS) door via delegation profiles | (HermesDelegationProfiles) |
Governance & Pipeline
| Skill | Purpose | Agent Affinity |
|---|---|---|
| fuda | Gate 0 change scoping — creates Fuda contract before code is written | yoshimitsu (drafts), raiden + gray-fox (review) |
| agent-tune | Process ASI agent-definition proposals through the 4-gate approval + apply across all 5 agent surfaces | smoke (drafts/applies), raiden (verify) |
| uat-bidirectional-probe | UAT probe verifying VPS→Mac skill sync via rclone copy | raiden |
Planning & Operations
| Skill | Purpose | Agent Affinity |
|---|---|---|
| sage | Sage Mode — heightened operational intelligence | LISA (direct) |
| sprint-plan | Sprint planning from Linear backlog | yoshimitsu |
| sprint-adjust | Urgent mid-sprint task insertion | yoshimitsu |
| mission-init | Initiate new AK/YB mission | yoshimitsu |
| mission-brief | Draft Mission Brief | yoshimitsu |
| techspec-drafter | Transform Brief → TechSpec | yoshimitsu |
| seed-create | Create Mission Seed | yoshimitsu |
| seed-update | Update Seed living state | yoshimitsu |
| seed-ingest | Ingest bulk context into Seed | yoshimitsu |
| invoice | Issue-engine invoice lifecycle (draft/issue, PDF, hosted page, Resend notify) — Missions OS P1 | genji |
Writing & Language
| Skill | Purpose | Agent Affinity |
|---|---|---|
| text-improver | Structured text quality improvement | zer0 |
| comms-clone | Tobi's authentic voice replication | zer0 |
| style-rewriter | Archetype style transformation | zer0 |
| style-identifier | Diagnose writing style | zer0 |
| prompt-improver | AI prompt improvement | zer0 |
| drafting-comms-guides | Draft a CUSTOM Communication Style Guide with Beyond-the-Four-Dimensions modifier traits | zer0 |
Creative & Visual
| Skill | Purpose | Agent Affinity |
|---|---|---|
| nano-banana | Image generation (Gemini) — required for all image requests | zer0 / LISA |
| image-forge | Execute a Zer0 PromptObject — model-agnostic render (gpt-image-2 / nano-banana-pro) + vault filing + provenance. Executor/filing layer, NOT the image-generation activation class | zer0 / LISA |
| cartoonify | Apply a researched illustration style to character reference(s) — selects a style from the Illustration Style Library, composes a PromptObject, hands it to image-forge. Apply-style-to-character layer, NOT general image-gen and NOT the executor | zer0 |
| photo-designer | Portrait/full-body photo design | zer0 |
| body-designer | Character body design | zer0 |
| face-designer | Character face design | zer0 |
| face-extractor | Face analysis from existing image | zer0 |
| photo-aesthetic-extractor | Extract aesthetic parameters | zer0 |
| photo-style-extractor | Extract style parameters from ref image | zer0 |
| jewellery-photo-designer | Jewellery e-commerce/editorial photo design | zer0 |
| product-photography | Commercial product photography | zer0 |
| video-designer | Video generation prompt composition | zer0 |
| deck-presenter | HTML slide deck creation | zer0 |
| layout-library | Persistent layout library maintenance | zer0 |
| shinobi-pixel-art-converter | 8-bit pixel art conversion | zer0 |
| pixellab-ref-prep | Generate 8 directional reference angles + character description for PixelLab animation | zer0 |
| extract-brand-identity | Brand visual identity extraction | zer0 |
| brandkit | Premium brand-kit image generation — guidelines boards, logo systems, identity decks | zer0 |
| chatgpt-image-designer | Advisory prompt designer for ChatGPT / OpenAI image generation (P.I.C.T.U.R.E.) | zer0 |
| nano-banana-designer | Advisory prompt designer for /nano-banana execution (P.I.C.T.U.R.E.) | zer0 |
| seedance-designer | Advisory prompt composer for Seedance 2.0 video generation (S.C.R.I.P.T.) | zer0 |
| impeccable | Design/redesign/critique/harden frontend interfaces via impeccable design laws | zer0 |
| site-map-generator | Generate site maps + redirect maps + per-page content plans from briefs/URLs | zer0 |
Vault & Knowledge
| Skill | Purpose | Agent Affinity |
|---|---|---|
| file-classifier | FCF classification | smoke |
| coherence-improver | Single-note structural coherence | smoke |
| inter-note-coherence-improver | Cross-note coherence | smoke |
| save-prompt | Save prompt as vault note | smoke |
| doc-designer | Produce branded PDFs via design system templates + Puppeteer | smoke |
| design-system-ingest | Ingest a Claude Design handoff zip into the design-systems registry (tokens/fonts/assets) | smoke / zer0 |
| pdf-export | (DEPRECATED → doc-designer) | smoke |
| skillcraft | Create/convert/optimise/audit skills | smoke |
| skills-audit | Audit all skills for quality | smoke |
| skills-registry-update | Regenerate skills registry | smoke |
Data & Analytics
| Skill | Purpose | Agent Affinity |
|---|---|---|
| seed-ingest meeting | Meeting transcript → structured note | sektor |
| seed-ingest whatsapp | WhatsApp → Mission Seed | sektor |
| video-knowledge-extractor | Video transcript → knowledge extraction | sektor |
| youtube-transcriber | YouTube → timestamped transcript | sektor |
Intelligence & Monitoring
| Skill | Purpose | Agent Affinity |
|---|---|---|
| conflict-monitor | Iran-UAE conflict + evacuation flight tracking | gray-fox |
| seed-ingest | Multi-channel intelligence sweep | gray-fox |
Ideation & Critique
| Skill | Purpose | Agent Affinity |
|---|---|---|
| idea-spark | Organise raw thoughts into structured ideas | yoshimitsu |
| idea-critic | Challenge and find weak points in ideas | yoshimitsu |
| prayer-guide | Guided prayer structure | gray-fox |
Skill Lifecycle
| Skill | Purpose | Agent Affinity |
|---|---|---|
| loop-forge | Compose per-goal Loop Contracts + launch bounded, grader-gated self-correcting loops (5 archetypes Build/Optimise/Cure/Watch/Campaign; tri-state CLEAN/CAPPED/BLOCKED exit; design-match harness; Pulse/Cortex/Kernel governance; kill-switch + evidence-gate hook) | smoke / LISA |
| skill-grader | Grade skill execution outputs | raiden |
| skill-comparator | Blind comparison of two skill outputs | raiden |
| skill-analyzer | Analyse why one skill version outperforms | raiden |
Code & Engineering
| Skill | Purpose | Agent Affinity |
|---|---|---|
| simplify | Review changed code for reuse/quality — Claude Code built-in (native), not a custom skill; retained here for discoverability only | genji |
| linear | Unified Linear integration | genji |
| feature-scope | Scope a ClientA feature request across three repos — dual layman + technical output | genji |
| code-optimise | Whole-codebase audit (security + performance + optimality) — audit-only default, fixes → Fuda | genji / gray-fox / raiden |
Deprecated
| Skill | Replaced By |
|---|---|
| cmd-to-skill | skillcraft Mode B (Convert) |
| skill-optimiser | skillcraft Mode C (Optimise) |
7. External Integrations
MCP Servers
| Server | Transport | Tool Count | Used By |
|---|---|---|---|
| linear-server | HTTP | 32 | linear skill, seed-ingest, sprint-plan, mission-brief, seed-update |
| krisp | HTTP | 6 | seed-ingest, conflict-monitor |
| Local (Go + SQLite) | 12 | seed-ingest, commsclone-scan launchd | |
| lisa-memory | Stdio (Express + SQLite) | 3 | All sessions, all agents, konnichiwagwan, sayonara, dream |
| imessage | Local (Bun) | 2 | [DEPRECATED] |
| ref-context | Stdio | 2 | genji, raiden, zer0, yoshimitsu agents (documentation lookup) |
| sequential-thinking | Stdio | 1 | Complex reasoning chains |
| figma | HTTP | 17 | extract-brand-identity, photo-designer, design system work |
| github | HTTP | Variable | superpowers plugin, PR workflows |
CLI Tools
| Tool | Path | Purpose | Used By |
|---|---|---|---|
| firecrawl | (install location withheld) | Web scraping/search (primary web tool) | conflict-monitor, seed-ingest, all agents for web research |
| gws | (install location withheld) | Google Workspace (Gmail, Calendar) | seed-ingest, commsclone-scan, client ingestion, conflict-monitor |
| yt-dlp | (install location withheld) | YouTube subtitle extraction | youtube-transcriber |
| encrypted backup engine | (install location withheld) | Encrypted, deduplicating backup | the local backup job |
| claude | (install location withheld) | Headless Claude Code sessions | All scheduled jobs that spawn a headless session |
Plugins (11 enabled)
| Plugin | Purpose |
|---|---|
| frontend-design | Production-grade frontend implementation |
| linear | Linear project management integration |
| imessage | [DEPRECATED] |
| superpowers | Code review, TDD, plan execution workflows |
| github | GitHub repository access |
| skill-creator | Skill scaffolding |
| firecrawl | Web scraping integration |
| playground | Interactive HTML playgrounds |
| figma | Figma design read/write |
| security-guidance | Pre-tool dangerous pattern warnings |
| semgrep | SAST/SCA/secrets scanning |
8. Automation
Mac launchd background jobs + VPS cron entries. Registry: CS.AK.LISA.Data.SchedulerRegistry.md (renamed 2026-05-06 from LaunchdRegistry.md per Tobi-san G3.5 categorical correction — VPS-native scheduler is cron, not launchd). Job identifiers, plist names, script locations, exact schedule times, and log paths are deployment coordinates and are withheld — each job below is named by function; the vault registry holds the operational identifiers. VPS cron: the service-account crontab on the VPS (tailnet-internal). Logs: bounded-retention log locations on each substrate (paths withheld).
Reconciled 2026-07-04 (dispatch D2290) against the installed local scheduler entries. The seven rows marked (D2290-reconciled) were installed but undocumented here prior to this pass.
| Job (by function) | Cadence | Paired Skill | Script |
|---|---|---|---|
| Settings-permission merge | Daily | /permission-merge | (withheld) |
| Communication scan | Daily | (feeds comms-clone) | (withheld) |
| Nightly memory consolidation | Daily | /dream | (withheld) |
| Standing situational monitor | Daily | /conflict-monitor | (withheld) |
| Local encrypted backup | Hourly | (infrastructure) | (withheld) |
| Reconciliation sweep | Weekly | /lisaos-reconcile | (withheld) |
| Feedback / eval pipeline (D2290-reconciled) | Daily | (FIP analytics — feeds Dream/analytics) | (withheld) |
| Vault index refresh (D2290-reconciled) | Sub-hourly | (infrastructure — vault index refresh) | (withheld — POSTs the gateway's vault-index scan endpoint, tailnet-internal) |
| Message-bridge keep-alive (D2290-reconciled) | Always-on | (infrastructure — messaging MCP bridge) | (withheld) |
| Skill sync, both doors (D2290-reconciled) | Periodic | (bidirectional skill sync CC→VPS) | (withheld) |
| Client domain data sync (D2290-reconciled) | Daily | (ClientA domain revenue sync) | (withheld) |
| Plugin refresh (D2290-reconciled) | Weekly | (caveman + plugin updates) | (withheld) |
| Network-heal watchdog (D2290-reconciled) | Always-on | (VPN control heal) | (withheld) |
| Server datastore backup (VPS systemd timer) | Daily | (infrastructure) | (withheld — restore-tested, adopted the existing backup repository) |
Retired / stale (D2290):
- A client-recon ingestion job (was daily,
/seed-ingest) — uninstalled: ClientA retainer wound down. No longer in the installed set. - A local gateway service entry (was always-on, local) — stale: the gateway no longer runs as a local scheduled job. It is VPS-only, systemd unit
the gateway systemd uniton the VPS (tailnet-internal).
Runtime constraints: All Python scripts pin the Homebrew Python runtime (not system python — FDA). All scheduler entries carry an explicit PATH. Headless Claude sessions run non-interactively in an automatic permission mode via subprocess. GUI apps (Terminal.app) cannot launch in DarkWake.
9. Dependency Graph & Change Impact Matrix
9a. Dependency Graph
9b. Change Impact Matrix
| If This Changes | Update These | Priority |
|---|---|---|
| Any governance Docu | CLAUDE.md Quick-Ref (if one exists for this doc), binding agent prompts, On-Demand Context table (if path changed), this System Map | CRITICAL |
ToolsDomainIndex | All 8 agent prompts (Tooling Index section is a copy) | CRITICAL |
ClaudeCodeSkills registry | ToolsDomainIndex (regenerate via /skills-registry-update), then cascade to all 8 agent prompts | CRITICAL |
| Any skill renamed/deleted | ClaudeCodeSkills registry, ToolsDomainIndex, all 8 agent prompts (if skill in Key Skills or Tooling Index), CLAUDE.md On-Demand Context (if referenced), SchedulerRegistry (if paired with a job), this System Map (Section 6) | CRITICAL |
| Any skill created | Run /skills-registry-update, verify ToolsDomainIndex, update agent prompts if domain-relevant, this System Map (Section 6) | HIGH |
FileClassFramework | VaultGovernance, CLAUDE.md FCF Quick-Ref, file-classifier skill, smoke agent binding ref | HIGH |
VaultGovernance | CLAUDE.md Vault Governance Quick-Ref, smoke agent binding ref | HIGH |
MemoryArchitecture | konnichiwagwan skill, sayonara skill, CLAUDE.md On-Demand Context (if path changes), CLAUDE.md Session State Maintenance (if compaction protocol changes) | HIGH |
CodeDisciplineProtocol | genji + raiden agent binding references | HIGH |
RawTwinDiscipline (+ any schema-layer change in memory_gateway/server/*/types.ts that adds a new field/branch to a write-path tool) | artefacts/code/lisa/memory_gateway/server/tools/schema-introspection.ts (bump SCHEMA_VERSION, add field/branch), artefacts/code/lisa/memory_gateway/server/mcp/index.ts (mirror new optional flat field in the permissive-flat tool or add new raw twin per §4), CLAUDE.md Canonical write path section + On-Demand Context table, ~/.claude/skills/konnichiwagwan/SKILL.md Phase F (if behaviour changes), genji agent binding reference, this System Map | HIGH |
SecurityOperations | gray-fox agent binding reference | HIGH |
PlanningDiscipline | yoshimitsu agent binding reference | HIGH |
MissionMatrix | MemoryArchitecture (namespace resolution) | MEDIUM |
ActivityClassMatrix | MemoryArchitecture (namespace resolution) | MEDIUM |
| Operating Standards block | All 8 agent prompts (shared block; update all when changing signalling, clone, or escalation protocols) | CRITICAL |
Cache Write Schema (CLAUDE.md subsection + gateway Zod discriminated union in psychic-cache/types.ts) | All 8 agent prompts (g. Cache output pointer references the schema), LisaOSManual §3.2 Psychic Cache (context types table), MemoryArchitecture (if cache write surface is ever documented there), ToolsDomainIndex write_psychic_cache entry (if description quotes the per-type contract) | CRITICAL |
Context Feedback Discipline (CLAUDE.md Dispatch Execution Checklist step 4 + subsection) | All 8 agent prompts (Context Assembly Protocol block — step 4 mandates context_feedback before report_complete), MemoryArchitecture (Context Feedback subsection), OperationalProtocols (only if it ever starts covering dispatch lifecycle — currently scoped to censorship/knowledge/distress/conflicting-instructions, so out of scope), ToolsDomainIndex context_feedback entry (if description is updated) | CRITICAL |
Mandatory progress reporting clause (CLAUDE.md Dispatch Execution Checklist step 4, bullet 4 — LISA-side dispatch brief template) | LISA dispatch briefs (self-validating on next dispatch via the new canonical phrasing block); agent prompts already describe the agent-side report_progress_raw mechanism in the Operating Standards Dispatch Protocol block (covered by the Operating Standards block row above), so no further propagation unless the agent-side calling convention itself changes. Regression history: D30/D48/D49 dispatch briefs omitted the clause → dashboard expanded-card timelines went silent → D53 codified the mandate into the Checklist | HIGH |
| Agent prompt format/content | All 8 agents (Operating Standards consistency), CLAUDE.md roster table (if domain/triggers changed) | MEDIUM |
| New agent added/removed | CLAUDE.md roster table, CLAUDE.md dispatch triggers, ToolsDomainIndex, this System Map (Section 5) | MEDIUM |
| Scheduled job added/modified/removed (Mac launchd OR VPS cron) | SchedulerRegistry, the installed scheduler entry (Mac) OR the service-account crontab (VPS), this System Map (Section 8) | MEDIUM |
| MCP server added/removed | Agent prompts (mcpServers frontmatter), this System Map (Section 7) | MEDIUM |
| Template added/removed | This System Map (not tracked elsewhere) | LOW |
| Entity added/removed | CLAUDE.md Entity Maintenance section (if scope changes), this System Map | LOW |
CleanCodePipeline TechSpec (any change to gate design, repo topology, ADRs, or migration order in CS.AK.LISA.TechSpec.CleanCodePipeline) | CLAUDE.md On-Demand Context table (Clean Code Pipeline row), this System Map (§2 governance docs table), CodeDisciplineProtocol (Four-Gate cross-link to TechSpec §06 + §09 — the pipeline is the operational instantiation), RawTwinDiscipline (Semgrep custom rule cipher-shinobi.raw-twin-required cross-link), genji + raiden + yoshimitsu + gray-fox agent governance reference lists (yoshimitsu drafts V-3 pre-lock + STOP-after-D Fuda content per §6.0.6 + §6.0.7; gray-fox reviews same), reference_github_org.md memory (lisa-os repo + the OS core repo CODEOWNER), ArtefactMapProtocol (lisa-os repo as new artefact root post-migration), CS.AK.LISA.Data.ArtefactMap (Sprint 0 artefacts: pre-push hook, semgrep rules, GitHub Action), per-repo CLAUDE.md runbook links (Sprint Final), CS.AK.LISA.Docu.CleanCodePipelineRunbook (Sprint Final), feedback_v3_ladder_randomised_order_pre_lock memory (companion discipline at ~/…) | CRITICAL |
| Linear Issue Standard (header template: Collaborators/Job Resources/Job Output + metadata fields: labels, estimate, assignee, project, priority) | ~/.claude/skills/fuda/SKILL.md Step 5 (Fuda-specific issue creation), CS.AK.LISA.TechSpec.CleanCodePipeline §9.6.1 (Fuda = Linear Issue format), ~/.claude/skills/linear/SKILL.md (if unified Linear skill performs issue creation), any future skill that calls save_issue | HIGH |
fuda skill template (any change to the Fuda required sections, Workflow steps, V-Depmap outcome class discipline, threshold matrix, or agent roles in ~/.claude/skills/fuda/SKILL.md) | CS.AK.LISA.TechSpec.CleanCodePipeline (§6.0.1 Required Fuda Sections mirror; §6.0.6 + §6.0.7 cross-link), yoshimitsu agent governance reference list (Fuda drafter), raiden + gray-fox agent governance reference lists (Fuda reviewers), CLAUDE.md Dispatch Execution Checklist Step 0 (fuda skill invocation), linear skill SKILL.md (issue creation cross-link), feedback_dispatch_brief_quotes_fuda_verbatim memory (brief construction discipline) | HIGH |
thread_checkpoint context_type (gateway Zod branch in psychic-cache/types.ts + GET /checkpoint/:session_id endpoint) | CLAUDE.md Cache Write Schema table (thread_checkpoint row + worked example), MemoryArchitecture (Compaction Survival Protocol section — cache type table), dashboard (if checkpoint entries need special rendering), mcp/index.ts (permissive-flat field mirrors), schema-introspection.ts (version bump + branch listing) | HIGH |
Session State Maintenance protocol (CLAUDE.md ### Session State Maintenance + sidecar file ~/.claude/session-env/<session_id>.lisa-state.json) | MemoryArchitecture (Compaction Survival Protocol — sidecar subsection), PreCompact hook script (write-checkpoint.sh reads the sidecar). Agent prompts: not impacted — agents do not write to the sidecar; only LISA does | MEDIUM |
Compaction Survival hook scripts (~/.claude/scripts/compaction-survival/write-checkpoint.sh + inject-recap.sh) | ~/.claude/settings.json (hook installation), artefacts/scripts/lisa/hooks/ArtefactMap.md (vault source copies), MemoryArchitecture (Compaction Survival Protocol — write-side/read-side subsections), CLAUDE.md On-Demand Context table (compaction recovery row) | MEDIUM |
| This System Map | CLAUDE.md Dependency Propagation Protocol (references it) | META |
10. Maintenance Protocol
Custodian: Smoke (Vault & Knowledge Infrastructure agent). Smoke's binding references include this document.
Update triggers:
- Any session that creates, renames, or deletes a governance doc, framework, agent, skill, integration, or automation job MUST update this System Map in the same session
- The Dependency Propagation Protocol in CLAUDE.md enforces this as a binding step
Audit cadence: Automated weekly reconciliation via /lisaos-reconcile skill (VPS cron, Sunday 21:00 UTC = Monday 01:00 GST). The 7-check protocol verifies all tables match current vault state. Telegram notification on drift (severity >= HIGH). Smoke dispatched for remediation on CRITICAL findings.
Dependency Propagation Checklist
When modifying any governance document, framework, agent prompt, skill, or data registry, execute in order:
- Identify scope — read the Change Impact Matrix row (Section 9b) for the document category being modified
- List affected files — enumerate every downstream file from the matrix
- Propagate changes — update each downstream file to reflect the modification (content sync, path updates, name corrections)
- Verify consistency — confirm no stale references remain in affected files (grep for old names/paths)
- Update this System Map — if the change alters the dependency graph itself (new doc, renamed doc, new agent, new skill)
- Report — include a
[PROPAGATION]section in the file operations report listing every downstream file updated and why
Dispatch rule: If propagation touches 3+ files across multiple domains, dispatch to smoke (Vault & Knowledge) as a background task.
Agent obligation: Sub-agents performing structural modifications MUST signal [PROPAGATION_REQUIRED] in their return to LISA with a list of suspected downstream impacts.
Self-referential: This document appears in Section 2 (Governance Documents table) and is referenced by CLAUDE.md's Dependency Propagation Protocol and On-Demand Context table.
Appendix: Data Registries
| Registry | FCF Name | Path | Purpose |
|---|---|---|---|
| Skills Registry | PER.EX.NINJ_DEV-AI.Data.ClaudeCodeSkills | personal/expertise/ninjutsu/ | Authoritative catalogue of 96 installed skills (2026-07-04) |
| Tools Domain Index | PER.EX.NINJ_DEV-AI.Data.ToolsDomainIndex | personal/expertise/ninjutsu/ | Universal tool discovery for all agents (skills + MCP + CLI + plugins) |
| Scheduler Registry | CS.AK.LISA.Data.SchedulerRegistry | cipher_shinobi/akatsuki/lisa/ | Mac launchd jobs + VPS cron entries (renamed 2026-05-06 from LaunchdRegistry) |
| Artefact Map | CS.AK.LISA.Data.ArtefactMap | cipher_shinobi/akatsuki/lisa/ | Non-markdown artefact manifest |
| CommsClone Calibration Log | CS.AK.LISA.Data.CommsCloneCalibrationLog | cipher_shinobi/akatsuki/lisa/ | Voice calibration scan results |
Appendix: Templates
22 structural templates in templates/structural/, 6 executable templates + temporal sub-directory in templates/executable/.
Structural: TMPL.ArtefactMap, TMPL.BJJ, TMPL.CommsStyleGuide, TMPL.Definition, TMPL.EntityIndividual, TMPL.EntityOrganisation, TMPL.InputArticle, TMPL.InputBook, TMPL.InputPodcast, TMPL.InputVideo, TMPL.InputVideoKnowledgeExtraction, TMPL.MasterSvcAgreement.Crypto, TMPL.MasterSvcAgreement.Fiat, TMPL.MeetingNote, TMPL.MissionBrief, TMPL.MissionSeed, TMPL.Prompt, TMPL.ReconConfig, TMPL.SWOTAnalysis, TMPL.Skill, TMPL.TechSpec, TMPL.Template
Executable: CS.AK.TheSystem.Code.AddBattle.Js, AddLinearTask.Js, AddMeal.Js, AddReps.Js, AddTask.Js, FleetingNote.Js + temporal note templates (Daily, Weekly, Monthly, Yearly)
Appendix: Entity Profiles
10 entity files in entities/:
| Entity | Type | Purpose |
|---|---|---|
| ENT.Lisa | AI (Individual) | Full LISA biography |
| ENT.Lisa.Compressed | AI (Compressed) | Context-efficient LISA profile (loaded by CLAUDE.md) |
| ENT.Operator | Individual | Operator profile (Tobi Onotobi) |
| ENT.CipherShinobi | Organisation | DAO structure, domains, ranks, constitution |
| ENT.ClientA | Organisation | YB client |
| ENT.ClientA | Organisation | YB client (employer) |
| ENT.ClientA | Organisation | YB end-client |
| (3 individual collaborator profiles) | Individual | Collaborators (names withheld — pseudonym/aggregate only) |
Appendix: Namespace Naming Convention
FCF namespace keys identify mission scope throughout the system — in dispatch briefs, cache writes, file naming, and memory assembly. The convention is deterministic: once you know the mission's organisational position, the namespace follows.
Patterns
| Pattern | Scope | Example | When to use |
|---|---|---|---|
CS.AK.{Mission} | Akatsuki (internal) mission | CS.AK.LISA, CS.AK.CSDAO, CS.AK.TheSystem | Internal Cipher Shinobi initiatives — infrastructure, governance, tooling, DAO operations |
CS.YB.{Client}.{Mission} | Yurei Butai client mission | CS.YB.ClientA.Exec, CS.YB.ClientA.Retainer | Client engagements with a single end-client or general retainer scope |
CS.YB.{Client}.{EndClient}.{Mission} | Yurei Butai sub-client mission | CS.YB.ClientA.GroupCo.BrandOneChat | Client engagements where the deliverable targets a specific end-client within the client organisation |
CS.YB.{Client}.{EndClient}.{SubBrand}.{Mission} | Yurei Butai sub-brand mission (added 2026-05-08) | CS.YB.ClientA.GroupCo.BrandOne.Website, CS.YB.ClientA.HoldCo.UnitOne.DigSupport | Client engagements where the EndClient is a parent group with multiple commercial sub-brands AND the deliverable targets a specific sub-brand. See FCF SubBrand Slot Revision Proposal for the convention. |
PER.{Pillar}.{Topic} | Personal pillar | PER.LV.KZKU, PER.EX.SAG_SYSX | Personal development, family, faith, expertise — outside Cipher Shinobi mission scope |
Sub-brand identity (codified by the {SubBrand} slot in CS.YB filenames per FCF: CS.YB Grammar) DOES extend the dispatch namespace key. Dispatches for sub-brand work route to the sub-brand-specific namespace (e.g. CS.YB.ClientA.ClientA.ClientA for ClientA Website work, NOT the parent CS.YB.ClientA.ClientA). Mission Matrix entries are added per sub-brand. The sub_brand: YAML field in filed artefacts mirrors the namespace and the filename {SubBrand} slot. Rationale: sub-brand work has distinct stakeholders, deliverable scope, and routing context; dispatching at parent granularity would conflate independent commercial streams. See CS.AK.LISA.Docu.FCFRevisionProposal.SubBrandSlot for the full convention.
Casing Rules
- ALLCAPS: All segment constants —
CS,AK,YB,PER,EX,LV,SA,FDN - PascalCase: Mission names, client names, topics —
LISA,ClientA,ClientA,TheSystem - Delimiter:
.separates hierarchy levels;_joins compound ALLCAPS segments (e.g.SAG_SYSX,NINJ_DEV-AI)
When to Create a New Namespace vs Reuse Existing
Create new when:
- A new Akatsuki initiative is founded (new internal project)
- A new Yurei Butai client engagement begins
- A new sub-mission under an existing client has distinct scope, deliverables, and timeline (e.g.
CS.YB.ClientA.IaDalongsideCS.YB.ClientA.Exec)
Reuse existing when:
- The work is a continuation of the same initiative (new dispatch, not new mission)
- The deliverable belongs to the same client engagement scope
- A sub-task within a larger mission does not warrant its own dispatch tracking
Authoritative registry: The Mission Matrix (CS.AK.CSDAO.Data.MissionMatrix) is the canonical list of active namespaces. New missions are registered via the mission-init skill.
Appendix: Cross-Channel Dispatch Deduplication
When LISA operates across multiple channels simultaneously (VS Code + Telegram/Genkan — the VPS door, formerly "Hermes"), duplicate dispatches become a risk. This protocol prevents the same work from being dispatched twice.
Pre-Dispatch Check
Before firing any dispatch via report_dispatch_raw, LISA MUST:
- Check active dispatches — Call
list_dispatchesfiltered bymission_namespaceandstatus: active. If an active dispatch exists with a matching or substantially similartask_description, do not create a duplicate. - Check concurrent sessions — Query
GET /api/sessions/activeon the gateway to see if another channel has an active session working on the same namespace. If so, check that session'sactive_dispatchesbefore proceeding. - Namespace affinity — If the other session is actively dispatching within the same namespace, defer to that session unless Tobi-san explicitly instructs otherwise.
Collision Resolution
If a duplicate dispatch is detected post-creation:
- The later dispatch should be marked as
retry_ofthe earlier one if it is genuinely continuing the same work - If both are running concurrently, the channel that created the later dispatch should call
report_complete_rawwithstatus: "failed"andresult_summary: "Duplicate of dispatch {N}"to close the duplicate cleanly
Heartbeat Awareness
The session heartbeat (written by LISA on every sidecar update) includes active_dispatches and current_mission_namespaces. Other channels can read this at session start (konnichiwagwan Phase E2) to understand what is already in flight.
Appendix: Post-Audit Remediation Summary (sparkling-waddling-tome)
The comprehensive Lisa-OS audit (D664, CS.AK.LISA.Intel.LisaOSAuditReport.md) identified 26 findings across 6 modules. Remediation was executed in 6 waves. Current disposition:
Wave 1 — Security Remediation (D668)
| Finding | Severity | Status |
|---|---|---|
| GV-01: Hardcoded credential in settings.json | HIGH | RESOLVED — token moved to macOS Keychain, plain text removed |
GV-02: log_activity permission missing | MEDIUM | RESOLVED — permission added to settings.json |
GV-06: __TRACKED_VAR__ placeholder unexpanded | LOW | RESOLVED — placeholder replaced with correct value |
| HM-06: Debug log writes to /tmp | LOW | RESOLVED — log paths hardened in dispatch_agent.py |
| H-05: Smart approval mode on VPS | — | RESOLVED — enabled on VPS |
Wave 2 — Compiler Hygiene (D669)
| Finding | Severity | Status |
|---|---|---|
| GW-02: 3 TypeScript compiler errors (Zod v4 enum drift) | LOW | RESOLVED — enum alignment fixed |
| GW-03: 7 deprecated MCP tools retained | LOW | RESOLVED — JSDoc @deprecated annotations added |
| GW-04: Activity logging manual set check | LOW | RESOLVED — migrated to Zod validation |
| GW-05: depmap.yaml stale | LOW | RESOLVED — regenerated to reflect all current modules |
Wave 3 — Governance (D672)
| Finding | Severity | Status |
|---|---|---|
| GV-05: Fuda skill missing from LisaOSMap §6 | LOW | RESOLVED — registered in Governance & Pipeline table |
| GV-03: Escalation map incomplete (zer0, cyrax, sektor) | MEDIUM | RESOLVED — domain map completed for all 8 agents |
| GV-09: Agent prompt drift | LOW | RESOLVED — templates normalised across all 8 files |
| HM-02: Namespace keywords duplicated across 3 files | MEDIUM | RESOLVED — centralised in _infra_config.py |
| HM-04: Agent list hardcoded | LOW | RESOLVED — made configurable |
| HM-05: Poll interval hardcoded 300s | LOW | RESOLVED — made configurable |
| HM-07: Gate model hardcoded | LOW | RESOLVED — made configurable |
| GV-04: No dispatch deduplication protocol | MEDIUM | RESOLVED — Cross-Channel Dispatch Deduplication appendix added to LisaOSMap |
| GV-07: Namespace naming drift undocumented | LOW | RESOLVED — Namespace Naming Convention appendix added to LisaOSMap |
Wave 4 — Skill Ecosystem (D673)
| Finding | Severity | Status |
|---|---|---|
| SK-05: Skills not consolidated to agentskills.io standard | MEDIUM | RESOLVED — 7 skills migrated to compliant frontmatter |
| SK-01: Hermes improvement engine blocked by one-way sync | HIGH | RESOLVED — sync-skills-to-vps.sh rewritten with bidirectional 3-phase push/pull (--delete removed, --update added) |
| SK-03: No skill version parity enforcement | MEDIUM | RESOLVED — addressed by bidirectional sync rewrite |
| SK-04: No automated skill approval gate enforcement | LOW | PARTIALLY RESOLVED — Skill Approval Gate updated with bidirectional sync lifecycle; full automated enforcement deferred |
| SK-02: FIP never activated | MEDIUM | PARTIALLY RESOLVED — producer infrastructure documented; activation deferred to hermes-feature-integration plan |
Wave 5 — Test Coverage (D691, Fuda AK-298)
| Finding | Severity | Status |
|---|---|---|
| GW-01: Test coverage ~20% | MEDIUM | RESOLVED — 658 tests across 30 files; Lines 84.62%, Branches 72.30%, Functions 91.09%. Vitest + Supertest + real SQLite (no mocks). Config: vitest.config.ts, shared fixtures in test/helpers/setup.ts |
Wave 6 — Parity Verification (D694)
| Finding | Severity | Status |
|---|---|---|
| HM-01: Silent degradation if gateway offline at startup | HIGH | DEFERRED — tracked in hermes-feature-integration plan |
| HM-03: Timeline debounce dict never pruned | MEDIUM | DEFERRED — tracked in hermes-feature-integration plan |
| EL-01: LISA context feedback closure rate at 50% | MEDIUM | PARTIALLY RESOLVED — discipline enforced in CLAUDE.md; ongoing operational improvement |
D694 (genji) is simultaneously running parity verification and will file CS.AK.LISA.Intel.Wave6ParityReport.md.
Deferred Items
| Item | Tracking Location | Notes |
|---|---|---|
| H-01: Voice synthesis (Hermes) | hermes-feature-integration plan | Hermes framework voice feature |
| H-02: Image generation (Hermes) | hermes-feature-integration plan | Hermes framework image gen feature |
| H-03: Extended search (Hermes) | hermes-feature-integration plan | Hermes framework extended search |
| H-04: Browser tool (Hermes) | hermes-feature-integration plan | Hermes framework browser integration |
| HM-01: Gateway startup health check | hermes-feature-integration plan | Requires Hermes daemon modification |
| HM-03: Debounce dict pruning | hermes-feature-integration plan | Requires Hermes daemon modification |
| Fuda AK-265: Dispatch outcome column | In progress | Linear issue tracking |
| Fuda AK-282: Unified VPS brain | In progress | Linear issue tracking |
| Fuda AK-288: Skill lifecycle Wave 1 | In progress | Linear issue tracking |
| Fuda AK-298: Test coverage (Wave 5) | COMPLETED | Verified — 658 tests, 84.62% line coverage |
Remediation Statistics
| Metric | Value |
|---|---|
| Total findings | 26 |
| Resolved | 20 |
| Partially resolved | 3 |
| Deferred | 3 |
| Resolution rate | 88.5% (23/26 addressed) |
Appendix: Gateway Infrastructure Decision
Production Environment
The LISA memory gateway runs exclusively on the VPS (the VPS (tailnet-internal) via Tailscale). This is a standing architectural decision, not a temporary arrangement.
| Aspect | Detail |
|---|---|
| Host | VPS at the VPS (tailnet-internal) (Tailscale IP) |
| Service | systemd unit memory-gateway |
| Database | Persistent SQLite at <VPS>/… |
| Process | node server/index.ts via ts-node |
| Access | Tailscale-only — public IP is firewalled; direct connection attempts via public IP will be refused |
| Vault Mount | Read-write rclone FUSE at /mnt/vault/ (rw, allow_other). Hermes can read and write vault files via this mount. Higher latency than local filesystem; Google Drive sync propagation delay applies. Config: /root/.config/rclone/rclone.conf (Google Drive OAuth). See reference_vps_rclone_mount memory for re-auth procedure. |
| Git Repos | <VPS>/… (shallow clone, gh authenticated as onotobi). Enables Hermes dispatches to perform git operations (branch, commit, PR creation). |
Development Environment
Tobi's local Mac is development-only:
npm run devfor testing gateway changes before VPS deployment- Local SQLite database is ephemeral (test data only)
- No production traffic touches the local instance
Rationale
- Persistent uptime — The VPS runs 24/7. The Mac sleeps, travels, and restarts. Session state, dispatch tracking, and cache writes require a host that does not disappear.
- Genkan integration — The Telegram door (Genkan — the VPS harness formerly "Hermes") runs on the same VPS. Co-locating the gateway eliminates network latency for Genkan-to-gateway calls and simplifies the deployment topology.
- Telegram door co-location — The persistent listener process (
persistent_listener.py) that bridges Genkan (infra: legacyhermesidentifiers) to Claude Code runs on the VPS alongside the gateway. Both processes share the same host, same Tailscale network, same systemd supervision. - Single source of truth — One production database, one gateway URL (
the gateway endpoint (tailnet-internal)), no split-brain risk between local and remote state.
Deployment Protocol
Gateway changes follow the standard VPS deployment path:
- Develop and test locally (
npm run dev) - Push to
lisa-osrepo on GitHub - Pull on VPS (
cd <VPS>/… && git pull) - Restart the service (
sudo systemctl restart memory-gateway)