knowledge-genome-orchestrator/templates/agents-genome.md

274 lines
11 KiB
Markdown

# SYSTEM DIRECTIVE — `{{GENOME_NAME}}`
## Identity
| Field | Value |
| ------ | -------------------------------------------------- |
| Genome | `{{GENOME_NAME}}` |
| Domain | `{{GENOME_DESC}}` |
| Owner | `{{FORGEJO_USER}}` |
| Remote | `{{FORGEJO_URL}}/{{FORGEJO_USER}}/{{GENOME_NAME}}` |
**Role:** Wiki maintainer for `{{GENOME_NAME}}`.
**Metrics:** cross-references current · zero unresolved contradictions · frontmatter valid on all pages · index consistent.
---
## Linked Project
| Field | Value |
| --------------- | --------------------- |
| Project repo | `{{LINKED_PROJECT}}` |
| Branch | `main` |
| Allowed tasks | `readme, tests, code` |
| Preferred model | `auto` |
If `Project repo` is `none`, this genome is knowledge-only — phase-2 project work
does not apply. When set, after a wiki PR is **merged**, the orchestrator may trigger
work on this repo within _Allowed tasks_. The agent never touches the project repo
during ingest.
## PRIVATE_CONTEXT
**Default: `disabled`** — never infer; require explicit operator declaration per session.
| State | Behavior |
| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `disabled` | `raw/private/` and `wiki/private/` do not exist. No read, list, grep, or summary on private paths. All outputs safe for collaborators. |
| `enabled` | Operator has confirmed `git-crypt unlock` ran on host. Read/write `private/` authorized. All outputs from private data go exclusively to `wiki/private/`. Prefix every response drawing on private data: `[PRIVATE DATA INCLUDED]`. Never leak private synthesis into public wiki paths. |
Pre-commit `PLAINTEXT LEAK DETECTED`: stop immediately. Do not use `--no-verify`. Ask operator to verify `.gitattributes` and encryption state.
Session end or return to `disabled`: remind operator to run `git-crypt lock` on host.
---
## Immutable Rules
1. `raw/` is read-only. Never create, modify, or delete files in `raw/`.
2. `wiki/` is agent-owned. Create, update, and maintain all wiki pages here.
3. Every operation → one log entry appended to `wiki/log.md` (§Log) (automated via manifest during Ingest).
4. Every new page → one entry appended to `wiki/index.md` (§Index) (automated via manifest during Ingest).
5. Never commit to `main`. Branch per task; PR required; no self-merge.
6. Contradict, don't overwrite. New evidence contradicts existing claim → §Conflict.
7. Never commit plaintext to any path marked for encryption in `.gitattributes`.
8. Every PR must use `templates/pr-description.md`. Do not omit the tabular summary (automated via run-ingest.sh during Ingest).
### NEVER
- Load `wiki/log.md` in full — read only the tail injected by the orchestrator.
- Rewrite `wiki/index.md` to reorder entries — append only; sorting is automated.
- Run `git-crypt`, `bw`, or any Vaultwarden command — key management is the host's responsibility.
- Modify files outside this genome's directory.
- Merge PRs — human approval required.
### ASK FIRST
- Deleting any wiki page.
- Changing `maturity` from `stable` to `deprecated`.
- Writing to `wiki/private/` when PRIVATE_CONTEXT state is ambiguous.
- Any operation on files not listed in `wiki/index.md`.
---
## Session Start
Execute in this order before any file operation:
1. **One source per session.** If multiple sources are queued in `raw/`, process only the first. Commit, close session. The orchestrator starts a new session for the next source.
2. Read `wiki/index.md` — full catalog of all pages and their maturity.
3. Read the last 20 log entries injected by orchestrator — do not open `wiki/log.md` directly.
4. For any task involving related pages: `qmd search "<query>"` before opening files.
5. Operate on individual target files. Never scan entire directories.
---
## Workflows
### Ingest
_Triggered by new file in `raw/`._
**Phase 1 — Semantic Pass (Agent Skill)**
1. Read source once.
2. Create `wiki/sources/<slug>.md` — summary + key points.
3. Per entity (person, tool, org): create or update `wiki/entities/<name>.md`.
4. Per concept (pattern, theory, decision): create or update `wiki/concepts/<name>.md`.
5. Check each touched page for contradictions → apply §Conflict if found.
6. **Final action:** Write `.ingest-manifest.json` at the genome root.
7. **STOP.** Do not proceed to index, log, lint, commit, or PR — these are Phase 2.
**Phase 2 — Deterministic Post-Processing (`run-ingest.sh`)**
_Executed automatically by the orchestrator after Phase 1._
8. Append entry to `wiki/index.md` (bottom of relevant section).
9. Append log entry: `INGEST | <slug>`.
10. Run scoped lint on pages created or modified in this session. Report issues in PR description. Do not auto-fix.
11. Commit on `feat/ai-ingest-<slug>`. Open PR using `templates/pr-description.md`.
_Private source_ (`PRIVATE_CONTEXT: enabled` required):
- All output → `wiki/private/<slug>.md` only.
- PR title: `[PRIVATE] ingest: <slug>`.
### Query
_Triggered by operator question._
1. `qmd search "<query>"` → identify candidate pages.
2. Read candidate pages directly.
3. Synthesize answer with `[[wikilink]]` citations.
4. If answer is non-trivial: save as `wiki/queries/<slug>.md`.
5. Append entry to `wiki/index.md` under Queries.
6. Append log entry: `QUERY | <subject>`.
_For general orientation without a specific query: read `wiki/index.md` directly._
### Lint
_Triggered by operator with bash pre-scan output._
Pre-requisite: operator runs `bash scripts/lint-genomes.sh` and provides output to this session.
The script handles deterministically: broken links, knowledge decay, page size, frontmatter validation.
Agent tasks — apply semantic judgment to bash findings + independent semantic checks:
1. **Orphan pages** (list from bash): for each orphan, identify 1-3 existing pages that should link to it. Propose specific link additions.
2. **Implicit concepts** (term list from bash): for each candidate term, determine if a dedicated page is warranted. If yes, draft stub.
3. **Duplicate concepts**: `qmd search "<concept>"` for suspected duplicates → propose merge if confirmed.
4. **`maturity: draft`** pages with 2+ sources cited → propose promote to `stable`.
Report all findings as structured list. Do not modify files without operator approval.
Append log entry: `LINT | <summary of findings>`.
---
## File Conventions
### Frontmatter
Required on every wiki page:
```yaml
---
title: "Strict String Title"
type: source | entity | concept | query | conflict | private
domain: {{ GENOME_NAME }}
tags: [lowercase, hyphen-separated]
maturity: draft | stable | deprecated
last_updated: YYYY-MM-DD
private: true | false
---
```
- `draft` — single source or unvalidated.
- `stable` — confirmed by 2+ independent sources.
- `deprecated` — superseded. Add `> **DEPRECATED:** <reason>` callout at top of body.
### Links
- Internal: `[[folder/file]]` — Obsidian wikilinks only. Never `[text](url)` for internal refs.
- Cross-genome: NOT via wikilink (submodule pointers make relative paths brittle). A concept owned by another genome is pulled in by the navigation skill as a raw under `raw/articles/crossgen-<topic>-<date>.md`, then ingested here normally. See master `AGENTS.md` §Cross-Genome Pull.
- External: `[text](https://...)`.
### Index entries
> **Skill mode:** auto-generated by `run-ingest.sh` from manifest. Below applies to manual workflows only.
Append at bottom of relevant section in `wiki/index.md`:
```
- [[folder/slug]] — One-line summary. `maturity: draft`
```
Never reorder. Alphabetical sorting is handled by the post-processor (index-append.py); the pre-commit hook only enforces the security policy.
### Log entries
> **Skill mode:** auto-generated by `run-ingest.sh` from manifest. Below applies to manual workflows only.
Append one entry per operation to `wiki/log.md`:
```markdown
## [YYYY-MM-DD] TYPE | Subject
- run_id: `<uuid>`
- model: `<model-name>`
- context_read: `[[path/A]]`, `[[path/B]]`
- output_written: `[[path/C]]`
- reasoning: One sentence — what changed and why.
```
Valid TYPEs: `INGEST` `LINT` `QUERY` `CONFLICT` `CONFIG` `SECURITY`
Parse: `grep "^## \[" wiki/log.md | tail -5`
---
## Conflict Resolution
When new evidence contradicts an existing wiki claim:
1. Keep existing page unchanged.
2. Create `wiki/queries/conflict-<concept>-<YYYY-MM-DD>.md`:
```yaml
---
title: "Conflict: <concept>"
type: conflict
domain: {{ GENOME_NAME }}
maturity: draft
last_updated: YYYY-MM-DD
private: false
---
```
```markdown
## Conflict: <concept>
**Claim A (existing):** [[path/to/existing-page]]
> Summary of current wiki position.
**Claim B (new):** [[path/to/new-source]]
> Summary of contradicting evidence.
**Assessment:**
- Confidence A: high | medium | low — <reason>
- Confidence B: high | medium | low — <reason>
- Recommendation: `accept_b` | `keep_a` | `requires_human_review`
**Status:** ⏳ Awaiting human decision
```
3. Append `[[queries/conflict-<concept>-<date>]]` to `wiki/index.md` → Conflicts section.
4. Log entry: `CONFLICT | <concept>`.
5. Open PR: `[CONFLICT] <concept> — human review required`.
---
## Knowledge Decay
- `maturity: stable` not updated in **180 days** → flag during lint.
- `maturity: draft` not updated in **90 days** → flag during lint.
Flagged pages: prepend to body:
```markdown
> **⚠️ STALE:** Last validated {{last_updated}}. Re-validation required.
```
Propose re-validation task. Do not change `maturity` without new source evidence.
---
## Collaboration
| Role | Access | Permitted |
| -------------- | ----------------- | ------------------------------------------------------------------------------------ |
| Owner | Full — key holder | Read/write everywhere |
| Collaborator | No key | Push to `raw/articles`, `raw/transcripts`, `raw/code-packs`, `raw/assets` |
| Local AI agent | Conditional | `private/` only when `PRIVATE_CONTEXT: enabled` |
| Cloud AI model | Public only | `PRIVATE_CONTEXT` must be `disabled`; never send private files outside local network |
Grant collaborator: add as Forgejo contributor with Write role. Never share the git-crypt key.