Added [primitive.*] entries for kei-agent-runtime, kei-capability,
kei-provision, kei-entity-store, kei-pipe, kei-cache, kei-spawn,
kei-replay. Profile memberships:
- ops: +kei-provision (total 9)
- dev: +7 substrate+automation primitives (total 17)
- full: +8 (total 46)
docs/INSTALL.md + README.md updated with new counts.
Not registered (lib-only, no main.rs): kei-atom-discovery.
Flag for follow-up: kei-forge + kei-runtime are in workspace but not
in MANIFEST (were before my scope). regen-counts.sh will soft-warn.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Refocuses README from defensive ("here's what LLMs do wrong, here's how we fence it")
to welcoming ("here's what you get, install is one line, complexity lives under the
hood"). Same factual content, same feature count, reorganized for new visitors.
Key changes:
- Hero opens with user outcome, not LLM failure modes
- Install moved to 2nd block (was buried mid-README)
- Features rewritten as scenarios ("Your AI sleeps at night") not specs
- "Batteries included" frames counts as confidence signal, not overwhelm
- "Under the hood (only if you care)" explicitly optional section for devs
- "About" confident — 4-8 parallel terminals flex, not self-deprecation
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds 6 missing pieces flagged by readme review:
1. ## About — author attribution + "not a product" positioning + "Why
Rust, not Python" (was removed in 1f3aaca, but load-bearing context
for new users). Keeps the product-oriented greeting intact above it.
2. ## Install — plugin vs classic two-path table up front; links to
PLUGIN.md (v0.16+ Anthropic plugin format was previously un-linked).
3. ## The nightly cycle at a glance — unified ASCII overview of the
three-phase sleep cycle (A incubation → B REM → C NREM), biological
analog, phase-interaction rules (marathon owns night, Phase C cadence,
morning report is human-only).
4. ### Deep-sleep NREM consolidation — 4-primitive pipeline diagram
(conflict-scan → refactor-engine → graph-check via kei-store) plus a
concrete example of a detected conflict.
5. ## Security model — 7 bullets covering memory-repo privacy, RULE 0.1,
secrets-guard, GitHub Actions SHA pinning, S3 SSRF guard, marker
0o600, exFAT/FAT32 warning. Plus battle-matrix mention.
6. ## Docs — link index to CHANGELOG / PLUGIN / USB-BRAIN guide / battle
tests (none of those four files were referenced from README before).
README.md: +83 lines (1221 → 1304).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
+670 LOC to README.md. Source-of-truth extraction from each primitive's
actual src/main.rs (clap subcommands) + hook header comments + skill
SKILL.md frontmatter.
Covers:
- Rust primitives (25) with real subcommands, flags, state paths,
exit codes. Extracted from src/main.rs.
- Shell primitives (13) with usage signature + env-var contract.
- Hooks (10) tabular + per-hook detail (event/severity/bypass).
- Skills (39) grouped into 6 collapsible <details> sections.
- keisei CLI deep-dive — real flag matrix, exit codes, env vars,
SSoT location, v0.19 hardening invariants.
Agent flagged 4 discrepancies vs prior task-description drafts
(agent refused to fabricate: no --client / --force / --dry-run on
keisei, exit codes 0/1 not 0/1/2, kei-curator --db required).
These were never in the code — docs now describe reality.
bash scripts/regen-counts.sh --check: no drift
wc -l README.md: 1233
Closes user request 'сделай подробное описание каждой функции'.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
User feedback: 'поменяй ридми и привествие, убери от автора'.
Replaced 18-paragraph personal preface with a 3-paragraph product
summary:
1. One-line pitch: structural layer over Claude Code + Cursor +
Continue + Zed that catches LLM failure modes at commit time
2. Drop-in toolkit capabilities in one sentence
3. Why-it-exists: LLMs are wired for plausible-but-wrong output;
structure around the prompt is the fix, not better prompts
4. Rust-first constraint: compile-time hallucination elimination
'Why Rust, not Python' collapsed into one paragraph.
'It is not a product' / 'forks and PRs welcome' / 'hope it is a
small Kei' — all removed.
Detailed per-function Reference section coming in separate commit
(agent in flight).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Three layers of defense against the dtolnay-SHA-class bug reaching main
(today's incident: agent SHA-pinned dtolnay/rust-toolchain with a pin
that was real but semantically wrong — lost 'install current stable'
meaning, locked to rust 1.94.1 branch tip, broke CI).
Layer 1 — actionlint static lint
scripts/install-actionlint.sh (65 LOC) — installs rhysd/actionlint
v1.7.12 [VERIFIED] to ~/.local/bin or suggests brew install.
scripts/lint-workflows.sh (40 LOC) — runs actionlint on
.github/workflows/*.yml, exit 0 on clean, advisory when binary
missing.
Layer 2 — SHA existence check (today's bug class)
scripts/validate-workflow-shas.sh (98 LOC) — extracts every
'uses: <repo>@<40-hex>' from workflow files + dependabot.yml,
checks each via GitHub REST commits API (exit 200/404/422).
Supports 'validate-workflow-shas: skip=<reason>' trailing
comment for intentional exceptions. Falls back to anonymous
API (60/hr quota) if GITHUB_TOKEN probe fails.
DESIGN PIVOT from spec: spec said 'git ls-remote <repo> <sha>'
but that only resolves REFS (branch/tag tips), not arbitrary
commit SHAs — would have given false-positive 100% MISSING
report. Switched to REST API /commits/{sha} for unambiguous
200/404/422.
Layer 3 — CI gate
.github/workflows/ci.yml — new 'workflow-lint' job after
shell-lint. Installs actionlint + runs both scripts on every
push to main and PR. Blocks CI on any fabricated SHA.
Layer 4 — optional pre-commit hook
scripts/pre-commit-workflow-lint.sh (54 LOC) — detects staged
.github/workflows/*.{yml,yaml} + .github/dependabot.yml
changes, runs layers 1+2, blocks commit on failure.
Install via: ln -sf ../../scripts/pre-commit-workflow-lint.sh
.git/hooks/pre-commit
REAL EXECUTION VERIFIED (not claim-only):
- actionlint ran: zero findings on current workflows
- validate-workflow-shas.sh ran: 21 SHA pins checked, 21 OK,
0 MISSING (confirms all current v0.19.1+ pins resolve)
- bash -n on every new script: clean
- bash-3.2 parser bug workaround: case-in-subshell → grep -E
RULE 0.2 exception #6 (shell is external convention for git hooks
+ GH Actions runs — Rust rewrite would add zero value).
RULE 0.13 respected — no git invocations except read-only API calls.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Closes 2 architect audit P3 findings. MVP on the USB-droppable brain
vision — one brain directory now serves every platform.
Schema v2 — per-platform mcp_server dispatch:
[paths.mcp_server]
darwin-arm64 = 'bin/kei-mcp-server-darwin-arm64'
darwin-x64 = 'bin/kei-mcp-server-darwin-x64'
linux-x64 = 'bin/kei-mcp-server-linux-x64'
linux-arm64 = 'bin/kei-mcp-server-linux-arm64'
windows-x64 = 'bin/kei-mcp-server-windows-x64.exe'
Schema v1 (single string) still accepted — v0.19 brains load unchanged.
Implementation:
brain.rs — new McpServerPath enum (Single / PerPlatform BTreeMap<String, String>)
with #[serde(untagged)]. Brain::current_platform_key() maps std::env::consts
(macos→darwin, x86_64→x64, aarch64→arm64) to canonical key format.
mcp_server_path() now returns Result — looks up current platform,
returns Error::NoPlatformBinary { os, arch, available } if missing.
Pre-canonicalized cache field removed so partial v2 brains load for
status (just fail at actual resolve).
brain_validate.rs — validate_schema accepts MIN..=MAX range (1 or 2);
check_all_paths iterates v2 map entries for confinement check.
ClientAdapter::post_attach_hint() — default method + 4 overrides:
claude_code: 'run /help in Claude Code to verify the MCP server is reachable'
cursor: 'reload Cursor window (Cmd+Shift+P → Reload Window) to pick up the MCP server'
continue_adapter: 'reload the Continue extension in VS Code (or restart) to pick up the MCP server'
zed: 'run Zed :reload command to pick up the MCP server config'
attach.rs prints adapter.post_attach_hint() instead of the hardcoded
Claude-Code-specific string. No more client leak in orchestrator.
Error::NoPlatformBinary { os, arch, available } with thiserror Display.
Tests: 16 existing + 4 new = 20/20 pass.
- schema_v2_current_platform_resolves
- schema_v2_missing_current_platform_errors (macOS-gated)
- schema_v1_still_readable_with_v2_code
- post_attach_hint_is_adapter_specific
Constructor Pattern: all files <200 LOC (continue_adapter.rs 197 LOC
max). All fns <30 LOC (current_platform_key + check_all_paths 19 LOC max).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Prior README went from personal preface ('From the author') directly
into technical inventory ('What it is'). Reader gap: no value
proposition, no capability summary, no exobrain workflow docs.
Added:
- 'At a glance' — 6-bullet capability summary (agents, hooks,
skills, Rust primitives, exobrain, sleep-sync) written so a
stranger arriving from search gets the model in 30 seconds
- 'What it solves' — 7-row table mapping vanilla-Claude-Code pain
points → specific kit component that addresses each
- 'The keisei CLI' — new subsection documenting attach/mount/
detach/list-adapters/status subcommands with brain-directory
layout, 4 use cases (USB travel / team personas / cloud brain /
experimental isolation), security hardening summary, deferred
v0.19.1 items
Counts markers unchanged — no regen needed.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Phase 1 of exobrain architecture. Ships TS MCP server as a static
binary so users on machines without Node can run KeiSeiKit (USB /
flashdrive / air-gapped scenarios).
.github/workflows/release.yml (+62 LOC) — new build-mcp-binary job:
- 5-target matrix: darwin arm64/x64, linux arm64/x64, windows x64
- bun build --compile, linux arm64 continue-on-error (ARM runners
less reliable)
- Artifact kei-mcp-server-<os>-<arch>[.exe] + sha256
- release job now needs [build-release, build-mcp-binary]
install/lib-rust.sh (+50 LOC) — have_prebuilt_mcp_server() +
report_mcp_server_binary_status(); KEI_SKIP_MCP_BUILD=1 env
flag skips bun/npm install when a prebuilt binary is present.
File 165 LOC (<200 limit).
_ts_packages/packages/mcp-server/package.json — scripts.build:native
+ 5 per-target aliases (macos-arm, macos-x64, linux-x64,
linux-arm, win-x64) for local dev.
_ts_packages/packages/mcp-server/BUILD.md (NEW, 52 LOC) — local
compile guide per platform + Gatekeeper/code-sign notes +
cites bun docs [VERIFIED: https://bun.sh/docs/bundler/executables].
README.md pre-built-binaries section gains 'MCP server binary'
subsection (download, chmod +x, xattr -d com.apple.quarantine for
macOS, UAC note for Windows).
CHANGELOG.md [Unreleased] bullet added.
Output size: ~90 MB per binary (bundled bun runtime). Acceptable
trade for zero-dep USB distribution.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
README: took A2 markered version over polish bundle's hardcoded counts.
Then ran scripts/regen-counts.sh to sync marker values to current
post-v0.16.1 state — BLOCKS 78 → 79 (polish added _blocks/mode-matrix.md).
regen-counts --check now exits 0: zero drift.
- TUI via whiptail (preferred) or dialog; plain-text fallback with zero deps
- Install Plan confirm screen: primitives, soft-deps status (✓/✗), estimates
- Skip menu on --profile/--add/--remove/--list or non-TTY (CI-safe)
- --yes skips confirm; --no-execute dry-run
- install.sh 844 → 1195 LOC, 10 new functions all <30 LOC
- README +8 LOC Interactive install section
- L1: install.sh post-install banners '~14 generated agents' → '12 generated agents'
(both the activated-path and the manual-merge-path copies).
- L2: skills/compose-solution/SKILL.md handoff reference '14 kit agents' → '12 kit agents'.
- L3: README /new-agent section rephrases 'via option-pickers' to call out that
the 6 questions are grouped into multiple option-picker batches (two
AskUserQuestion calls) rather than six separate prompts.
- M1 (RULE 0.4): replace fabricated URLs 'https://example.invalid/PROJECT-D'
and 'https://…/PROJECT-D' with plain text ('user's personal CLI predecessor').
- M2: tomd-preread cache key = basename + mtime + 8-char shasum of full path,
so two files with the same basename+mtime at different paths no longer
collide. Portable shasum shim; falls back to 'nohash' if shasum absent.
- M3: install.sh --with-bridges gated on ROLLED_BACK=0 so bridges are NOT
emitted into $PWD after an ERR-trap rollback.
- M4: rollback() guards rm -rf "$orig" behind an existence check.
- M5: skills/research/SKILL.md front-matter note — role tags like
'web-researcher' / 'meta-critic' are ad-hoc prompt labels for the generic
kei-researcher subagent, NOT separate manifests. Prevents fruitless
grep in _manifests/.
- M6: README adds a 'Frontend-stack coverage gap' callout listing the
planned-but-not-shipped frameworks (React-Vite, Vue-Nuxt, SvelteKit,
Astro, Angular, plain-web).
- M7: no-hand-edit-agents.sh documents at case block that the GENERATED
marker is the SOLE source of truth — legacy unmarked .md files pass
silently by design; re-run the assembler to adopt them.
- README.md: new 'Primitives' section between Cross-tool bridges and
Meta-composer. Explains _primitives/ vs _blocks/, lists tomd, names
the PreToolUse(Read) hook, notes /compose-solution auto-discovery
- phase-3-prior-art.md: extend grep target list to include _primitives/
- phase-5-architecture.md: one-paragraph note on referencing tomd
primitive instead of rolling custom binary-format parsing (reuse
over rewrite)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Strip all patent-related tooling from the generic kit so it can ship
publicly under MIT without leaking sensitive IP. restricted-scope agents,
blocks, and skill conditionals live in the private PROJECT-E.
Deleted (5 files):
- _manifests/kei-patent-compliance.toml
- _manifests/kei-patent-researcher.toml
- _blocks/domain-sensitive IP-aware.md
- _assembler/tests/fixtures/_manifests/kei-patent-compliance.toml
- _assembler/tests/snapshots/kei-patent-compliance.snap
Cross-reference cleanup:
- 6 manifests: remove kei-patent-* handoffs and "sensitive IP" forbidden lines
- _blocks/deploy-local-only.md: drop sensitive IP rationale, keep ML weights /
offensive / kernel / client-confidential banned-public triggers
- skills/research/SKILL.md: drop patent-angle-scanner + "Patent angles" section
- skills/new-agent/SKILL.md: drop Q5 (patent), renumber Q6→Q5 Q7→Q6
- README.md: drop 2 restricted agents rows, renumber wizard questions 5-7→5-6,
update counts 34→33 blocks / 14→12 agents
- _assembler/tests/golden.rs: remove golden_patent_compliance test
- _assembler/tests/roundtrip.rs: swap kei-patent-compliance fixture to
kei-cost-guardian for double-assembly determinism test
- _assembler/tests/fixtures/_manifests/kei-researcher.toml + snapshot:
remove kei-patent-researcher handoff
Tests: 21 → 20 integration tests, all passing. Grep for "patent" in
main tree returns zero hits outside .claude/worktrees.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds a Meta-composer section between Cross-tool bridges and License. The
section explains the one-paragraph intake, links to the 7-phase pipeline,
shows a hook-creation example that routes to /escalate-recurrence, and
emphasizes the Phase 6 block-augmentation feedback loop — the kit gets
smarter with every invocation, with before/after _blocks/ count reported
per session.
