Split secrets into two SOPS-encrypted files:
- .env.enc for agent secrets (FORGE_TOKEN, CLAUDE_API_KEY, etc.)
- .env.vault.enc for vault secrets (GITHUB_TOKEN, deploy keys, etc.)
Add ephemeral vault-runner container (profiles: ["vault"]) that receives
only vault secrets at runtime. Agents never see vault secrets; vault-runner
never sees agent secrets.
Key changes:
- bin/disinto: vault-run subcommand, dual-file secrets management,
vault-runner service in compose template
- vault/vault-fire.sh: delegates action execution to vault-runner
container via disinto vault-run (bare-metal fallback preserved)
- vault/vault-poll.sh: new phase 5 detects vault-bot authorized
comments on issues with action label
- vault/vault-run-action.sh: entrypoint for ephemeral container,
dispatches to action handlers
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Moves shared env.sh sourcing + vault-bot token override into
vault/vault-env.sh so the three vault sub-scripts no longer share
a duplicate 5-line block.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Each agent now gets its own Forgejo account (dev-bot, review-bot,
planner-bot, gardener-bot, vault-bot, supervisor-bot, predictor-bot,
action-bot) with a dedicated API token. This enables:
- Audit trail: every forge action attributable to a specific agent
- Permission boundaries: agents act under their own identity
- Vault authorization model: vault-bot comments = proof of approval
Changes:
- bin/disinto: setup_forge() creates all 8 bot accounts during init,
stores per-agent tokens (FORGE_*_TOKEN) in .env, adds all bots as
repo collaborators
- lib/env.sh: exports per-agent token vars with fallback to FORGE_TOKEN
for backwards compat; sets FORGE_BOT_USERNAMES default to all 8 bots
- Agent scripts: each agent overrides FORGE_TOKEN with its per-agent
token after sourcing env.sh (gardener, planner, supervisor, predictor,
vault, action)
- .env.example: documents all per-agent token fields
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add mandatory Addressables and Observables sections to AGENTS.md so all
agents have a concrete inventory of what the factory has produced.
- AGENTS.md: add Addressables table (website, repo, skill, GitHub org)
and empty Observables section
- run-gardener.toml: add portfolio lifecycle duties (add, promote,
remove, flag) to the grooming step
- run-planner.toml: reference portfolio as planning input
- run-predictor.toml: reference portfolio for weakness detection
Critical fixes:
- vault/vault-agent.sh: Update comment and prompt to use PHASE:escalate
instead of "send a Matrix message"
- dev/dev-agent.sh: Update escalation instruction from "reply via Matrix"
to "respond via the forge"
- dev/phase-handler.sh: Update build_phase_protocol_prompt() escalation
text from "reply via Matrix" to "respond via the forge"
Minor fixes:
- bin/disinto: Remove duplicate comment line in docker-compose header
- README.md: Update vault table row from "via Matrix" to "via vault/forge"
- BOOTSTRAP.md: Remove "Matrix credentials" from TOML description
- lib/AGENTS.md: Remove "callers may follow up via Matrix" from
formula_phase_callback description
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The memory guard block in action-poll.sh and dev-poll.sh became
identical after removing matrix_send calls, triggering the
duplicate-detection CI check. Extract to a shared function in
lib/env.sh (already sourced by both scripts).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
These variables were only used by the matrix_send call removed in the
prior commit. ShellCheck SC2034 flagged them as unused.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove all Matrix/Dendrite infrastructure:
- Delete lib/matrix_listener.sh (long-poll daemon), lib/matrix_listener.service
(systemd unit), lib/hooks/on-stop-matrix.sh (response streaming hook)
- Remove matrix_send() and matrix_send_ctx() from lib/env.sh
- Remove MATRIX_HOMESERVER auto-detection, MATRIX_THREAD_MAP from lib/env.sh
- Remove [matrix] section parsing from lib/load-project.sh
- Remove Matrix hook installation from lib/agent-session.sh
- Remove notify/notify_ctx helpers and Matrix thread tracking from
dev/dev-agent.sh and action/action-agent.sh
- Remove all matrix_send calls from dev-poll.sh, phase-handler.sh,
action-poll.sh, vault-poll.sh, vault-fire.sh, vault-reject.sh,
review-poll.sh, review-pr.sh, supervisor-poll.sh, formula-session.sh
- Remove Matrix listener startup from docker/agents/entrypoint.sh
- Remove append_dendrite_compose() and setup_matrix() from bin/disinto
- Remove --matrix flag from disinto init
- Clean Matrix references from .env.example, projects/*.toml.example,
formulas/*.toml, AGENTS.md, BOOTSTRAP.md, README.md, RESOURCES.md,
PHASE-PROTOCOL.md, and all agent AGENTS.md/PROMPT.md files
Status visibility now via Codeberg PR/issue activity. Human interaction
via vault items through forge. Proactive alerts via OpenClaw heartbeats.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
On crash (PHASE:crashed or non-zero exit), preserve the worktree and log
its location instead of destroying it unconditionally. Successful sessions
still clean up normally. Supervisor runs housekeeping to remove stale
crashed worktrees older than 24h.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add jq error fallback to TOP_PAGES pipeline (matches TOP_REFERRERS guard)
- Add referred_visitors and response_time to empty-period report schema
- Switch Caddy log parsing to jq -R with try/fromjson for line-level recovery
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Recommend against building an MCP server at this time. The SKILL.md skill
already exposes the same factory operations, and an MCP server would add a
new language dependency (TypeScript/Python) to an all-bash codebase for
marginal benefit. Document conditions under which to revisit.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Published disinto@0.1.1 to ClawHub with env_vars and tools declared
in SKILL.md frontmatter. Added ClawHub badge to README.md.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove stale Matrix escalation-reply routing text (supervisor-run.sh no
longer calls consume_escalation_reply)
- Fix preflight description: PHASE:escalate (matches actual code), not
PHASE:failed
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Restructure session.lock from command-wrapper flock to fd-based flock so
the lock can be released when Claude is idle and re-acquired before
injecting the next prompt.
- agent-session.sh: add session_lock_acquire/release helpers, open fd in
create_agent_session instead of wrapping claude with flock, auto-acquire
in agent_inject_into_session before injecting
- phase-handler.sh: call session_lock_release at start of awaiting_ci and
awaiting_review handlers (Claude is idle during CI polling / review wait)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
## What
Removes the exec agent (PR #697). Its functionality is replaced by:
1. **OpenClaw skill** — teaches any OpenClaw instance to be the factory's face
2. **Vault API** — structured interface for proposals, approvals, rejections
The exec agent was rebuilding OpenClaw in bash. Every piece has a native OpenClaw equivalent:
- CHARACTER.md → SOUL.md
- exec/MEMORY.md → MEMORY.md
- exec-session.sh → session management
- exec-briefing.sh → heartbeats/cron
- Matrix dispatch → channel plugins
## Why
Prudence isn't a separate agent. She's what OpenClaw becomes when it has the disinto skill. One LLM, one vault API, no LLM-to-LLM.
## Related
- #721 — remove escalation, route through vault
- #709 — skill registry research
- #466 — example project (vault should have handled this, not escalation)
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/disinto/pulls/722
Remove ESCALATED signal and escalation handling from planner, supervisor,
and gardener. When blocked on external resources or human decisions, these
agents now file vault procurement items (vault/pending/*.md) instead of
escalating directly to the human.
Changes:
- Planner formula: ESCALATED signal replaced with HUMAN_BLOCKED; files
vault items and marks prerequisites as blocked-on-vault
- Supervisor formula/prompt: escalation sections replaced with vault item
filing; preflight now reports pending vault items instead of escalation
replies
- Gardener formula: ESCALATE action replaced with VAULT action; files
vault/pending/*.md for human decisions
- Groom-backlog formula: same ESCALATE→VAULT replacement
- Gardener shell: PHASE:escalate replaced with PHASE:failed for merge
blocks and CI exhaustion; escalation reply consumption removed
- Supervisor shell: escalation reply consumption removed from both
supervisor-run.sh and legacy supervisor-poll.sh
- Prerequisite tree: #466 updated from "escalated" to "blocked-on-vault"
The vault is the factory's only interface to the human for resources and
approvals. Dev/action agents retain PHASE:escalate for operational session
issues (CI timeouts, merge blocks) which are a different mechanism.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Deduplicate the three 5-line windows flagged by CI duplicate-detection:
- read-journal.sh: replace sed-based usage() with inline heredoc
- file-issue.sh: use printf with script name prefix for unknown options
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add skill/ directory implementing the Agent Skills open standard (SKILL.md
format) for the disinto factory. Includes:
- SKILL.md with YAML frontmatter, 9-agent architecture overview, env var
documentation, 6 common workflows, and gotchas section (170 lines)
- scripts/factory-status.sh — query agent status, open issues, CI pipelines
- scripts/file-issue.sh — create forge issues with label resolution and
secret scanning
- scripts/read-journal.sh — read planner/supervisor/exec journals by date
- templates/issue-template.md — standard issue body format
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
## What
Rewrites the factory lifecycle model in VISION.md around three primitives:
- **Resources** — what the factory can use
- **Addressables** — artifacts reachable by users (the outbound path)
- **Observables** — addressables with signal flowing back (the return path)
## The lifecycle
```
Resources → build → Addressable → promote → Observable → experiment → learn → build
```
## Key ideas
- **Three folds** (Build, Ship, Learn) as concurrent capabilities, not sequential phases
- **Vault-gated fold transitions** — dormant infrastructure activates on human approval
- **"It's not shipped until it's measured"** — observable-by-default principle
- **Assumptions register** over variation surfaces — track beliefs, challenge them with data
- **Signal detection** — follow the energy, not the hypothesis
- **Maximum contact with reality** — vary the audience, instrument everything, notice surprises
## Milestone updates
- Added Ship (Fold 2) and Learn (Fold 3) milestones
- Updated Adoption milestone to reflect containerization
- Added knowledge graph to Foundation
- Added observable-by-default to design principles
Co-designed in conversation, 2026-03-25.
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/disinto/pulls/708
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Non-blocking flock (-n) silently drops work items when concurrent agents
race for the lock. Switch to -w 300 so sessions queue up to 5 minutes,
and single-quote the lock path to handle spaces in $HOME.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
