# KeiSeiKit Primitives Manifest # Declarative SSoT for install.sh profile resolution. # # Profiles compose primitive sets; install.sh --profile= resolves the # member list, copies/builds only those, and records the result in # ~/.claude/agents/_primitives/.installed. # # Individual primitives can be added/removed on top of any profile via # --add=[,] / --remove=. # # Schema (per primitive): # kind = "shell" | "rust" # file = ".sh" (shell only — lives at _primitives/) # crate = "" (rust only — lives at _primitives/_rust/) # deps = ["", ...] # runtime/host deps, human-readable # desc = "" [profile] minimal = [] core = ["tomd"] frontend = ["mock-render", "visual-diff", "tokens-sync", "design-scrape", "live-preview", "figma-tokens", "frontend-inspect", "screenshot-decode"] ops = ["kei-ledger", "ssh-check", "firewall-diff", "provision-hetzner", "provision-vultr", "harden-base", "metrics-scrape", "log-ship"] dev = ["kei-migrate", "kei-changelog", "kei-ci-lint", "kei-docs-scaffold", "kei-memory", "kei-conflict-scan", "kei-refactor-engine", "kei-graph-check", "kei-store"] mcp = ["kei-router", "kei-sage", "kei-task", "kei-chat-store", "kei-crossdomain", "kei-search-core", "kei-content-store", "kei-social-store", "kei-curator", "kei-auth"] full = ["tomd", "kei-ledger", "kei-migrate", "kei-changelog", "ssh-check", "firewall-diff", "mock-render", "visual-diff", "tokens-sync", "design-scrape", "live-preview", "figma-tokens", "frontend-inspect", "screenshot-decode", "provision-hetzner", "provision-vultr", "harden-base", "metrics-scrape", "log-ship", "kei-ci-lint", "kei-docs-scaffold", "kei-memory", "kei-conflict-scan", "kei-refactor-engine", "kei-graph-check", "kei-store", "kei-router", "kei-sage", "kei-task", "kei-chat-store", "kei-crossdomain", "kei-search-core", "kei-content-store", "kei-social-store", "kei-curator", "kei-auth"] # --- shell primitives (13) ------------------------------------------------- [primitive.tomd] kind = "shell" file = "tomd.sh" deps = ["jq", "pandoc (optional — needed for .docx/.pptx/.html)"] desc = "Universal non-native format → markdown (PDF, DOCX, XLSX, PPTX, CSV, images, code)" [primitive.design-scrape] kind = "shell" file = "design-scrape.sh" deps = ["jq", "npx (Node)", "playwright (`npx playwright install chromium`)"] desc = "Live URL → design tokens + screenshots JSON via Playwright" [primitive.live-preview] kind = "shell" file = "live-preview.sh" deps = ["npm"] desc = "start/stop/status wrapper for a project's dev server (.keisei/dev-server.pid)" [primitive.figma-tokens] kind = "shell" file = "figma-tokens.sh" deps = ["curl", "jq", "FIGMA_TOKEN env var"] desc = "Figma API → design tokens JSON (consumed by tokens-sync)" [primitive.frontend-inspect] kind = "shell" file = "frontend-inspect.sh" deps = ["jq"] desc = "Scan project dir → report framework, styling, UI count, lockfile" [primitive.screenshot-decode] kind = "shell" file = "screenshot-decode.sh" deps = ["curl", "jq", "base64", "ANTHROPIC_API_KEY env var"] desc = "Screenshot → structured design description via Claude vision API" [primitive.harden-base] kind = "shell" file = "harden-base.sh" deps = ["bash", "apt (runs on target Debian/Ubuntu VPS)"] desc = "Idempotent Debian/Ubuntu baseline hardening (fail2ban, ufw, unattended-upgrades)" [primitive.provision-hetzner] kind = "shell" file = "provision-hetzner.sh" deps = ["hcloud CLI", "HCLOUD_TOKEN env var"] desc = "Hetzner Cloud server provisioner — create/status/destroy/list" [primitive.provision-vultr] kind = "shell" file = "provision-vultr.sh" deps = ["vultr-cli v3", "VULTR_API_KEY env var"] desc = "Vultr VPS provisioner — create/status/destroy/list" [primitive.metrics-scrape] kind = "shell" file = "metrics-scrape.sh" deps = ["curl", "awk", "jq (optional — needed for --format json)"] desc = "Prometheus /metrics scrape + normalize + diff against baseline" [primitive.log-ship] kind = "shell" file = "log-ship.sh" deps = ["curl", "awk", "jq (optional — needed for --validate)"] desc = "Tail structured logs → forward to Loki / Datadog / HTTP with rate limits" [primitive.kei-ci-lint] kind = "shell" file = "kei-ci-lint.sh" deps = ["yq v4+ (mikefarah/yq Go impl)"] desc = "Validate GitHub/Forgejo Actions workflow YAML (pinning, OIDC, cache, permissions)" [primitive.kei-docs-scaffold] kind = "shell" file = "kei-docs-scaffold.sh" deps = [] desc = "Detect project type → generate missing CLAUDE.md/DECISIONS.md/RUNBOOK.md/README.md" # --- rust primitives (8) --------------------------------------------------- [primitive.kei-ledger] kind = "rust" crate = "kei-ledger" deps = ["rusqlite bundled (no system sqlite required)"] desc = "Agent-fork lifecycle SQLite ledger (fork/done/fail) — SSoT for RULE 0.12" [primitive.kei-migrate] kind = "rust" crate = "kei-migrate" deps = ["sqlx (postgres/sqlite/mysql)", "tokio", "DATABASE_URL env var"] desc = "Universal SQL migration runner — Postgres/SQLite/MySQL autodetect" [primitive.kei-changelog] kind = "rust" crate = "kei-changelog" deps = ["git2 (vendored libgit2)"] desc = "Git-cliff-style CHANGELOG.md generator from Conventional Commits" [primitive.ssh-check] kind = "rust" crate = "ssh-check" deps = [] desc = "sshd_config linter — flags weak ciphers, PermitRootLogin yes, password auth" [primitive.firewall-diff] kind = "rust" crate = "firewall-diff" deps = ["ufw (target-side; binary parses `ufw status` output)"] desc = "ufw intended-vs-running diff — catches drift between declared and live rules" [primitive.mock-render] kind = "rust" crate = "mock-render" deps = ["Chrome/Chromium (runtime)", "playwright (optional for parity driver)"] desc = "Playwright wrapper with SHA-locked PNG (WYSIWYD: What You See Is What You Deploy)" [primitive.visual-diff] kind = "rust" crate = "visual-diff" deps = [] desc = "Pixel diff with tolerance — used in /site-create screenshot-regression loop" [primitive.tokens-sync] kind = "rust" crate = "tokens-sync" deps = [] desc = "Design tokens JSON → Tailwind config extend + CSS variables under :root" [primitive.kei-memory] kind = "rust" crate = "kei-memory" deps = ["rusqlite bundled (no system sqlite required)"] desc = "Session retrospective + recurring pattern detector (offline-first, RULE 0.14)" [primitive.kei-conflict-scan] kind = "rust" crate = "kei-conflict-scan" deps = [] desc = "Deep-sleep (NREM) conflict scanner — rules/hooks/blocks/orphans/CP violations across ~/.claude" [primitive.kei-refactor-engine] kind = "rust" crate = "kei-refactor-engine" deps = [] desc = "Deep-sleep refactor-plan generator; consumes kei-conflict-scan JSON; zero-conflict guarantee on patches" [primitive.kei-graph-check] kind = "rust" crate = "kei-graph-check" deps = [] desc = "Post-refactor graph-integrity gate — wikilinks + handoffs + block refs resolve after patch" [primitive.kei-store] kind = "rust" crate = "kei-store" deps = ["git2 (vendored libgit2)"] desc = "Memory-repo backend abstraction — GitHub / Forgejo / Gitea / Filesystem / S3 (S3 = MVP stub)" # --- v0.14 LBM port (10) --------------------------------------------------- [primitive.kei-router] kind = "rust" crate = "kei-router" deps = ["regex"] desc = "Natural-language query → tool-call router (LBM pkg/keirouter port, no ML)" [primitive.kei-sage] kind = "rust" crate = "kei-sage" deps = ["rusqlite bundled (FTS5 enabled)"] desc = "Obsidian-style knowledge graph with FTS5, BFS, PageRank (LBM internal/sage port)" [primitive.kei-task] kind = "rust" crate = "kei-task" deps = ["rusqlite bundled (FTS5 enabled)"] desc = "Task DAG + deps + milestones (LBM internal/task port)" [primitive.kei-chat-store] kind = "rust" crate = "kei-chat-store" deps = ["rusqlite bundled (FTS5 enabled)"] desc = "Session persistence for Claude chats (LBM internal/chat port)" [primitive.kei-crossdomain] kind = "rust" crate = "kei-crossdomain" deps = ["rusqlite bundled"] desc = "Cross-domain typed-edge store + BFS + auto-link (LBM internal/crossdomain port)" [primitive.kei-search-core] kind = "rust" crate = "kei-search-core" deps = ["rusqlite bundled"] desc = "3-wave research engine with budget cap; fetch interface frozen (LBM internal/search port)" [primitive.kei-content-store] kind = "rust" crate = "kei-content-store" deps = ["rusqlite bundled", "sha2"] desc = "Asset + prompt + campaign registry (LBM internal/content port)" [primitive.kei-social-store] kind = "rust" crate = "kei-social-store" deps = ["rusqlite bundled (FTS5 enabled)"] desc = "People + interaction CRM lite (LBM internal/social port)" [primitive.kei-curator] kind = "rust" crate = "kei-curator" deps = ["rusqlite bundled"] desc = "Edge decay + orphan prune for cross-domain graphs (LBM internal/curator port)" [primitive.kei-auth] kind = "rust" crate = "kei-auth" deps = ["rusqlite bundled", "hmac", "sha2"] desc = "Multi-tenant session tokens with scopes + HMAC-signed expiry (rewrite, not port)"