fix: restore local config and cron sovereignty guards

Merge pull request 'feat: add AST-backed AST knowledge ingestion for Python files' (#504 ) from feat/20260413-kb-python-ast into main
feat: add AST-backed Python ingestion to knowledge base
2026-04-13 02:21:23 -04:00 · 2026-04-13 04:19:45 +00:00 · 2026-04-13 04:09:57 +00:00 · 2026-04-13 04:09:54 +00:00 · 2026-04-13 02:10:16 +00:00 · 2026-04-13 02:02:06 +00:00
28 changed files with 1434 additions and 254 deletions
--- a/.gitea/workflows/validate-config.yaml
+++ b/.gitea/workflows/validate-config.yaml
@@ -59,7 +59,21 @@ jobs:
      - name: Flake8 critical errors only
        run: |
          flake8 --select=E9,F63,F7,F82 --show-source --statistics \
-            scripts/ allegro/ cron/ || true
+            scripts/ bin/ tests/
  python-test:
    name: Python Test Suite
    runs-on: ubuntu-latest
    needs: python-check
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: '3.11'
      - name: Install test dependencies
        run: pip install pytest pyyaml
      - name: Run tests
        run: python3 -m pytest tests/ -v --tb=short
  shell-lint:
    name: Shell Script Lint
@@ -70,7 +84,7 @@ jobs:
        run: sudo apt-get install -y shellcheck
      - name: Lint shell scripts
        run: |
-          find . -name '*.sh' -print0 | xargs -0 -r shellcheck --severity=error || true
+          find . -name '*.sh' -not -path './.git/*' -print0 | xargs -0 -r shellcheck --severity=error
  cron-validate:
    name: Cron Syntax Check
--- a/bin/banned_provider_scan.py
+++ b/bin/banned_provider_scan.py
@@ -0,0 +1,82 @@
 #!/usr/bin/env python3
 """Anthropic Ban Enforcement Scanner.
 Scans all config files, scripts, and playbooks for any references to
 banned Anthropic providers, models, or API keys.
 Policy: Anthropic is permanently banned (2026-04-09).
 Refs: ansible/BANNED_PROVIDERS.yml
 """
 import sys
 import os
 import re
 from pathlib import Path
 BANNED_PATTERNS = [
    r"anthropic",
    r"claude-sonnet",
    r"claude-opus",
    r"claude-haiku",
    r"claude-\d",
    r"api\.anthropic\.com",
    r"ANTHROPIC_API_KEY",
    r"CLAUDE_API_KEY",
    r"sk-ant-",
 ]
 ALLOWLIST_FILES = {
    "ansible/BANNED_PROVIDERS.yml",  # The ban list itself
    "bin/banned_provider_scan.py",   # This scanner
    "DEPRECATED.md",                 # Historical references
 }
 SCAN_EXTENSIONS = {".py", ".yml", ".yaml", ".json", ".sh", ".toml", ".cfg", ".md"}
 def scan_file(filepath: str) -> list[tuple[int, str, str]]:
    """Return list of (line_num, pattern_matched, line_text) violations."""
    violations = []
    try:
        with open(filepath, "r", errors="replace") as f:
            for i, line in enumerate(f, 1):
                for pattern in BANNED_PATTERNS:
                    if re.search(pattern, line, re.IGNORECASE):
                        violations.append((i, pattern, line.strip()))
                        break
    except (OSError, UnicodeDecodeError):
        pass
    return violations
 def main():
    root = Path(os.environ.get("SCAN_ROOT", "."))
    total_violations = 0
    scanned = 0
    for ext in SCAN_EXTENSIONS:
        for filepath in root.rglob(f"*{ext}"):
            rel = str(filepath.relative_to(root))
            if rel in ALLOWLIST_FILES:
                continue
            if ".git" in filepath.parts:
                continue
            violations = scan_file(str(filepath))
            scanned += 1
            if violations:
                total_violations += len(violations)
                for line_num, pattern, text in violations:
                    print(f"VIOLATION: {rel}:{line_num} [{pattern}] {text[:120]}")
    print(f"\nScanned {scanned} files. Found {total_violations} violations.")
    if total_violations > 0:
        print("\n❌ BANNED PROVIDER REFERENCES DETECTED. Fix before merging.")
        sys.exit(1)
    else:
        print("\n✓ No banned provider references found.")
        sys.exit(0)
 if __name__ == "__main__":
    main()
--- a/bin/conflict_detector.py
+++ b/bin/conflict_detector.py
@@ -0,0 +1,120 @@
 #!/usr/bin/env python3
 """
 Merge Conflict Detector — catches sibling PRs that will conflict.
 When multiple PRs branch from the same base commit and touch the same files,
 merging one invalidates the others. This script detects that pattern
 before it creates a rebase cascade.
 Usage:
    python3 conflict_detector.py                  # Check all repos
    python3 conflict_detector.py --repo OWNER/REPO # Check one repo
 Environment:
    GITEA_URL   — Gitea instance URL
    GITEA_TOKEN — API token
 """
 import os
 import sys
 import json
 import urllib.request
 from collections import defaultdict
 GITEA_URL = os.environ.get("GITEA_URL", "https://forge.alexanderwhitestone.com")
 GITEA_TOKEN = os.environ.get("GITEA_TOKEN", "")
 REPOS = [
    "Timmy_Foundation/the-nexus",
    "Timmy_Foundation/timmy-config",
    "Timmy_Foundation/timmy-home",
    "Timmy_Foundation/fleet-ops",
    "Timmy_Foundation/hermes-agent",
    "Timmy_Foundation/the-beacon",
 ]
 def api(path):
    url = f"{GITEA_URL}/api/v1{path}"
    req = urllib.request.Request(url)
    if GITEA_TOKEN:
        req.add_header("Authorization", f"token {GITEA_TOKEN}")
    try:
        with urllib.request.urlopen(req, timeout=15) as resp:
            return json.loads(resp.read())
    except Exception:
        return []
 def check_repo(repo):
    """Find sibling PRs that touch the same files."""
    prs = api(f"/repos/{repo}/pulls?state=open&limit=50")
    if not prs:
        return []
    # Group PRs by base commit
    by_base = defaultdict(list)
    for pr in prs:
        base_sha = pr.get("merge_base", pr.get("base", {}).get("sha", "unknown"))
        by_base[base_sha].append(pr)
    conflicts = []
    for base_sha, siblings in by_base.items():
        if len(siblings) < 2:
            continue
        # Get files for each sibling
        file_map = {}
        for pr in siblings:
            files = api(f"/repos/{repo}/pulls/{pr['number']}/files")
            if files:
                file_map[pr['number']] = set(f['filename'] for f in files)
        # Find overlapping file sets
        pr_nums = list(file_map.keys())
        for i in range(len(pr_nums)):
            for j in range(i+1, len(pr_nums)):
                a, b = pr_nums[i], pr_nums[j]
                overlap = file_map[a] & file_map[b]
                if overlap:
                    conflicts.append({
                        "repo": repo,
                        "pr_a": a,
                        "pr_b": b,
                        "base": base_sha[:8],
                        "files": sorted(overlap),
                        "title_a": next(p["title"] for p in siblings if p["number"] == a),
                        "title_b": next(p["title"] for p in siblings if p["number"] == b),
                    })
    return conflicts
 def main():
    repos = REPOS
    if "--repo" in sys.argv:
        idx = sys.argv.index("--repo") + 1
        if idx < len(sys.argv):
            repos = [sys.argv[idx]]
    all_conflicts = []
    for repo in repos:
        conflicts = check_repo(repo)
        all_conflicts.extend(conflicts)
    if not all_conflicts:
        print("No sibling PR conflicts detected. Queue is clean.")
        return 0
    print(f"Found {len(all_conflicts)} potential merge conflicts:")
    print()
    for c in all_conflicts:
        print(f"  {c['repo']}:")
        print(f"    PR #{c['pr_a']} vs #{c['pr_b']} (base: {c['base']})")
        print(f"    #{c['pr_a']}: {c['title_a'][:60]}")
        print(f"    #{c['pr_b']}: {c['title_b'][:60]}")
        print(f"    Overlapping files: {', '.join(c['files'])}")
        print(f"    → Merge one first, then rebase the other.")
        print()
    return 1
 if __name__ == "__main__":
    sys.exit(main())
--- a/bin/deadman-fallback.py
+++ b/bin/deadman-fallback.py
@@ -7,7 +7,7 @@
     7|common sense fallbacks automatically.
     8|
     9|Fallback chain:
-    10|1. Primary model (Anthropic) down -> switch config to local-llama.cpp
+    10|1. Primary model (Kimi) down -> switch config to local-llama.cpp
    11|2. Gitea unreachable -> cache issues locally, retry on recovery
    12|3. VPS agents down -> alert + lazarus protocol
    13|4. Local llama.cpp down -> try Ollama, then alert-only mode
@@ -61,16 +61,16 @@
    61|
    62|# ─── HEALTH CHECKS ───
    63|
-    64|def check_anthropic():
+    64|def check_kimi():
-    65|    """Can we reach Anthropic API?"""
+    65|    """Can we reach Kimi Coding API?"""
-    66|    key = os.environ.get("ANTHROPIC_API_KEY", "")
+    66|    key = os.environ.get("KIMI_API_KEY", "")
    67|    if not key:
    68|        # Check multiple .env locations
    69|        for env_path in [HERMES_HOME / ".env", Path.home() / ".hermes" / ".env"]:
    70|            if env_path.exists():
    71|                for line in open(env_path):
    72|                    line = line.strip()
-    73|                    if line.startswith("ANTHROPIC_API_KEY=***
+    73|                    if line.startswith("KIMI_API_KEY=***
    74|                        key = line.split("=", 1)[1].strip().strip('"').strip("'")
    75|                        break
    76|            if key:
@@ -79,10 +79,10 @@
    79|        return False, "no API key"
    80|    code, out, err = run(
    81|        f'curl -s -o /dev/null -w "%{{http_code}}" -H "x-api-key: {key}" '
-    82|        f'-H "anthropic-version: 2023-06-01" '
+    82|        f'-H "x-api-provider: kimi-coding" '
-    83|        f'https://api.anthropic.com/v1/messages -X POST '
+    83|        f'https://api.kimi.com/coding/v1/models -X POST '
    84|        f'-H "content-type: application/json" '
-    85|        f'-d \'{{"model":"claude-haiku-4-5-20251001","max_tokens":1,"messages":[{{"role":"user","content":"ping"}}]}}\' ',
+    85|        f'-d \'{{"model":"kimi-k2.5","max_tokens":1,"messages":[{{"role":"user","content":"ping"}}]}}\' ',
    86|        timeout=15
    87|    )
    88|    if code == 0 and out in ("200", "429"):
@@ -128,7 +128,7 @@
   128|# ─── FALLBACK ACTIONS ───
   129|
   130|def fallback_to_local_model(cfg):
-   131|    """Switch primary model from Anthropic to local llama.cpp"""
+   131|    """Switch primary model from Kimi to local llama.cpp"""
   132|    if not BACKUP_CONFIG.exists():
   133|        shutil.copy2(CONFIG_PATH, BACKUP_CONFIG)
   134|    
@@ -176,8 +176,8 @@
   176|    }
   177|    
   178|    # Check all systems
-   179|    anthropic_ok, anthropic_msg = check_anthropic()
+   179|    kimi_ok, kimi_msg = check_kimi()
-   180|    results["checks"]["anthropic"] = {"ok": anthropic_ok, "msg": anthropic_msg}
+   180|    results["checks"]["kimi-coding"] = {"ok": kimi_ok, "msg": kimi_msg}
   181|    
   182|    llama_ok, llama_msg = check_local_llama()
   183|    results["checks"]["local_llama"] = {"ok": llama_ok, "msg": llama_msg}
@@ -198,21 +198,21 @@
   198|        vps_ok, vps_msg = check_vps(ip, name)
   199|        results["checks"][f"vps_{name.lower()}"] = {"ok": vps_ok, "msg": vps_msg}
   200|    
-   201|    current_provider = cfg.get("model", {}).get("provider", "anthropic")
+   201|    current_provider = cfg.get("model", {}).get("provider", "kimi-coding")
   202|    
   203|    # ─── FALLBACK LOGIC ───
   204|    
-   205|    # Case 1: Primary (Anthropic) down, local available
+   205|    # Case 1: Primary (Kimi) down, local available
-   206|    if not anthropic_ok and current_provider == "anthropic":
+   206|    if not kimi_ok and current_provider == "kimi-coding":
   207|        if llama_ok:
   208|            msg = fallback_to_local_model(cfg)
   209|            results["actions"].append(msg)
-   210|            state["active_fallbacks"].append("anthropic->local-llama")
+   210|            state["active_fallbacks"].append("kimi->local-llama")
   211|            results["status"] = "degraded_local"
   212|        elif ollama_ok:
   213|            msg = fallback_to_ollama(cfg)
   214|            results["actions"].append(msg)
-   215|            state["active_fallbacks"].append("anthropic->ollama")
+   215|            state["active_fallbacks"].append("kimi->ollama")
   216|            results["status"] = "degraded_ollama"
   217|        else:
   218|            msg = enter_safe_mode(state)
@@ -220,15 +220,15 @@
   220|            results["status"] = "safe_mode"
   221|    
   222|    # Case 2: Already on fallback, check if primary recovered
-   223|    elif anthropic_ok and "anthropic->local-llama" in state.get("active_fallbacks", []):
+   223|    elif kimi_ok and "kimi->local-llama" in state.get("active_fallbacks", []):
   224|        msg = restore_config()
   225|        results["actions"].append(msg)
-   226|        state["active_fallbacks"].remove("anthropic->local-llama")
+   226|        state["active_fallbacks"].remove("kimi->local-llama")
   227|        results["status"] = "recovered"
-   228|    elif anthropic_ok and "anthropic->ollama" in state.get("active_fallbacks", []):
+   228|    elif kimi_ok and "kimi->ollama" in state.get("active_fallbacks", []):
   229|        msg = restore_config()
   230|        results["actions"].append(msg)
-   231|        state["active_fallbacks"].remove("anthropic->ollama")
+   231|        state["active_fallbacks"].remove("kimi->ollama")
   232|        results["status"] = "recovered"
   233|    
   234|    # Case 3: Gitea down — just flag it, work locally
--- a/bin/model-health-check.sh
+++ b/bin/model-health-check.sh
@@ -19,25 +19,25 @@ PASS=0
 FAIL=0
 WARN=0
-check_anthropic_model() {
+check_kimi_model() {
  local model="$1"
  local label="$2"
-  local api_key="${ANTHROPIC_API_KEY:-}"
+  local api_key="${KIMI_API_KEY:-}"
  if [ -z "$api_key" ]; then
    # Try loading from .env
-    api_key=$(grep '^ANTHROPIC_API_KEY=' "${HERMES_HOME:-$HOME/.hermes}/.env" 2>/dev/null | head -1 | cut -d= -f2- | tr -d "'\"" || echo "")
+    api_key=$(grep '^KIMI_API_KEY=' "${HERMES_HOME:-$HOME/.hermes}/.env" 2>/dev/null | head -1 | cut -d= -f2- | tr -d "'\"" || echo "")
  fi
  if [ -z "$api_key" ]; then
-    log "SKIP [$label] $model -- no ANTHROPIC_API_KEY"
+    log "SKIP [$label] $model -- no KIMI_API_KEY"
    return 0
  fi
  response=$(curl -sf --max-time 10 -X POST \
-    "https://api.anthropic.com/v1/messages" \
+    "https://api.kimi.com/coding/v1/chat/completions" \
    -H "x-api-key: ${api_key}" \
-    -H "anthropic-version: 2023-06-01" \
+    -H "x-api-provider: kimi-coding" \
    -H "content-type: application/json" \
    -d "{\"model\":\"${model}\",\"max_tokens\":1,\"messages\":[{\"role\":\"user\",\"content\":\"hi\"}]}" 2>&1 || echo "ERROR")
@@ -85,26 +85,26 @@ else:
    print('')
 " 2>/dev/null || echo "")
-if [ -n "$primary" ] && [ "$provider" = "anthropic" ]; then
+if [ -n "$primary" ] && [ "$provider" = "kimi-coding" ]; then
-  if check_anthropic_model "$primary" "PRIMARY"; then
+  if check_kimi_model "$primary" "PRIMARY"; then
    PASS=$((PASS + 1))
  else
    rc=$?
    if [ "$rc" -eq 1 ]; then
      FAIL=$((FAIL + 1))
      log "CRITICAL: Primary model $primary is DEAD. Loops will fail."
-      log "Known good alternatives: claude-opus-4.6, claude-haiku-4-5-20251001"
+      log "Known good alternatives: kimi-k2.5, google/gemini-2.5-pro"
    else
      WARN=$((WARN + 1))
    fi
  fi
 elif [ -n "$primary" ]; then
-  log "SKIP [PRIMARY] $primary -- non-anthropic provider ($provider), no validator yet"
+  log "SKIP [PRIMARY] $primary -- non-kimi provider ($provider), no validator yet"
 fi
 # Cron model check (haiku)
-CRON_MODEL="claude-haiku-4-5-20251001"
+CRON_MODEL="kimi-k2.5"
-if check_anthropic_model "$CRON_MODEL" "CRON"; then
+if check_kimi_model "$CRON_MODEL" "CRON"; then
  PASS=$((PASS + 1))
 else
  rc=$?
--- a/config.yaml
+++ b/config.yaml
@@ -24,7 +24,6 @@ terminal:
    provider: ollama
    model: nomic-embed-text
    base_url: http://localhost:11434/v1
  memory: 5120
  container_disk: 51200
  container_persistent: true
@@ -183,7 +182,6 @@ mesh:
 security:
  sovereign_audit: true
  no_phone_home: true
  redact_secrets: true
  tirith_enabled: true
  tirith_path: tirith
--- a/cron/jobs.json
+++ b/cron/jobs.json
@@ -114,6 +114,9 @@
      "id": "muda-audit-weekly",
      "name": "Muda Audit",
      "prompt": "Run the Muda Audit script at /root/wizards/ezra/workspace/timmy-config/fleet/muda-audit.sh. The script measures the 7 wastes across the fleet and posts a report to Telegram. Report whether it succeeded or failed.",
      "model": "hermes3:latest",
      "provider": "ollama",
      "base_url": "http://localhost:11434/v1",
      "schedule": {
        "kind": "cron",
        "expr": "0 21 * * 0",
@@ -168,7 +171,38 @@
      "paused_reason": null,
      "skills": [],
      "skill": null
    },
    {
      "id": "overnight-rd-nightly",
      "name": "Overnight R&D Loop",
      "prompt": "Run the overnight R&D automation: Deep Dive paper synthesis, tightening loop for tool-use training data, DPO export sweep, morning briefing prep. All local inference via Ollama.",
      "model": "hermes3:latest",
      "provider": "ollama",
      "base_url": "http://localhost:11434/v1",
      "schedule": {
        "kind": "cron",
        "expr": "0 2 * * *",
        "display": "0 2 * * * (10 PM EDT)"
      },
      "schedule_display": "Nightly at 10 PM EDT",
      "repeat": {
        "times": null,
        "completed": 0
      },
      "enabled": true,
      "created_at": "2026-04-13T02:00:00+00:00",
      "next_run_at": null,
      "last_run_at": null,
      "last_status": null,
      "last_error": null,
      "deliver": "local",
      "origin": "perplexity/overnight-rd-automation",
      "state": "scheduled",
      "paused_at": null,
      "paused_reason": null,
      "skills": [],
      "skill": null
    }
  ],
-  "updated_at": "2026-04-07T15:00:00+00:00"
+  "updated_at": "2026-04-13T02:00:00+00:00"
 }
--- a/docs/overnight-rd.md
+++ b/docs/overnight-rd.md
@@ -0,0 +1,68 @@
 # Overnight R&D Automation
 **Schedule**: Nightly at 10 PM EDT (02:00 UTC)
 **Duration**: ~2-4 hours (self-limiting, finishes before 6 AM morning report)
 **Cost**: $0 — all local Ollama inference
 ## Phases
 ### Phase 1: Deep Dive Intelligence
 Runs the `intelligence/deepdive/pipeline.py` from the-nexus:
 - Aggregates arXiv CS.AI, CS.CL, CS.LG RSS feeds (last 24h)
 - Fetches OpenAI, Anthropic, DeepMind blog updates
 - Filters for relevance using sentence-transformers embeddings
 - Synthesizes a briefing using local Gemma 4 12B
 - Saves briefing to `~/briefings/`
 ### Phase 2: Tightening Loop
 Exercises Timmy's local tool-use capability:
 - 10 tasks × 3 cycles = 30 task attempts per night
 - File reading, writing, searching against real workspace files
 - Each result logged as JSONL for training data analysis
 - Tests sovereignty compliance (SOUL.md alignment, banned provider detection)
 ### Phase 3: DPO Export
 Sweeps overnight Hermes sessions for training pair extraction:
 - Converts good conversation pairs into DPO training format
 - Saves to `~/.timmy/training-data/dpo-pairs/`
 ### Phase 4: Morning Prep
 Compiles overnight findings into `~/.timmy/overnight-rd/latest_summary.md`
 for consumption by the 6 AM `good_morning_report` task.
 ## Approved Providers
 | Slot | Provider | Model |
 |------|----------|-------|
 | Synthesis | Ollama | gemma4:12b |
 | Tool tasks | Ollama | hermes4:14b |
 | Fallback | Ollama | gemma4:12b |
 Anthropic is permanently banned (BANNED_PROVIDERS.yml, 2026-04-09).
 ## Outputs
 | Path | Content |
 |------|---------|
 | `~/.timmy/overnight-rd/{run_id}/rd_log.jsonl` | Full task log |
 | `~/.timmy/overnight-rd/{run_id}/rd_summary.md` | Run summary |
 | `~/.timmy/overnight-rd/latest_summary.md` | Latest summary (for morning report) |
 | `~/briefings/briefing_*.json` | Deep Dive briefings |
 ## Monitoring
 Check the Huey consumer log:
 ```bash
 tail -f ~/.timmy/timmy-config/logs/huey.log | grep overnight
 ```
 Check the latest run summary:
 ```bash
 cat ~/.timmy/overnight-rd/latest_summary.md
 ```
 ## Dependencies
 - Deep Dive pipeline installed: `cd the-nexus/intelligence/deepdive && make install`
 - Ollama running with gemma4:12b and hermes4:14b models
 - Huey consumer running: `huey_consumer.py tasks.huey -w 2 -k thread`
--- a/fallback-portfolios.yaml
+++ b/fallback-portfolios.yaml
@@ -2,7 +2,6 @@ schema_version: 1
 status: proposed
 runtime_wiring: false
 owner: timmy-config
 ownership:
  owns:
  - routing doctrine for task classes
@@ -12,14 +11,12 @@ ownership:
  - live queue state outside Gitea truth
  - launchd or loop process state
  - ad hoc worktree history
 policy:
  require_four_slots_for_critical_agents: true
  terminal_fallback_must_be_usable: true
  forbid_synchronized_fleet_degradation: true
  forbid_human_token_fallbacks: true
  anti_correlation_rule: no two critical agents may share the same primary+fallback1 pair
 sensitive_control_surfaces:
 - SOUL.md
 - config.yaml
@@ -30,7 +27,6 @@ sensitive_control_surfaces:
 - memories/
 - skins/
 - training/
 role_classes:
  judgment:
    current_surfaces:
@@ -66,7 +62,6 @@ role_classes:
        - merge pull requests
        - bulk-reassign the fleet
        - mutate sensitive control surfaces
  builder:
    current_surfaces:
    - playbooks/bug-fixer.yaml
@@ -97,7 +92,6 @@ role_classes:
        - sensitive control-surface edits
        - multi-file architecture work
        - irreversible actions
  wolf_bulk:
    current_surfaces:
    - docs/automation-inventory.md
@@ -130,7 +124,6 @@ role_classes:
        - multi-repo branch fanout
        - mass agent assignment
        - sensitive control-surface edits
 routing:
  issue-triage: judgment
  queue-routing: judgment
@@ -146,12 +139,10 @@ routing:
  queue-hygiene: wolf_bulk
  repetitive-small-diff: wolf_bulk
  research-sweep: wolf_bulk
 promotion_rules:
 - If a wolf/bulk task touches a sensitive control surface, promote it to judgment.
 - If a builder task expands beyond 5 files, architecture review, or multi-repo coordination, promote it to judgment.
 - If a terminal lane cannot produce a usable artifact, the portfolio is invalid and must be redesigned before wiring.
 agents:
  triage-coordinator:
    role_class: judgment
@@ -160,8 +151,8 @@ agents:
    - playbooks/issue-triager.yaml
    portfolio:
      primary:
-        provider: anthropic
+        provider: kimi-coding
-        model: claude-opus-4-6
+        model: kimi-k2.5
        lane: full-judgment
      fallback1:
        provider: openai-codex
@@ -180,7 +171,6 @@ agents:
        - backlog classification
        - routing draft
        - risk summary
  pr-reviewer:
    role_class: judgment
    critical: true
@@ -188,8 +178,8 @@ agents:
    - playbooks/pr-reviewer.yaml
    portfolio:
      primary:
-        provider: anthropic
+        provider: kimi-coding
-        model: claude-opus-4-6
+        model: kimi-k2.5
        lane: full-review
      fallback1:
        provider: gemini
@@ -208,7 +198,6 @@ agents:
        - diff risk summary
        - explicit uncertainty notes
        - merge-block recommendation
  builder-main:
    role_class: builder
    critical: true
@@ -239,7 +228,6 @@ agents:
        - small patch
        - reproducer test
        - docs repair
  wolf-sweeper:
    role_class: wolf_bulk
    critical: true
@@ -267,14 +255,13 @@ agents:
        - inventory refresh
        - evidence bundle
        - summary comment
 cross_checks:
  unique_primary_fallback1_pairs:
    triage-coordinator:
-      - anthropic/claude-opus-4-6
+    - kimi-coding/kimi-k2.5
    - openai-codex/codex
    pr-reviewer:
-      - anthropic/claude-opus-4-6
+    - kimi-coding/kimi-k2.5
    - gemini/gemini-2.5-pro
    builder-main:
    - openai-codex/codex
--- a/hermes-sovereign/wizard-bootstrap/wizard_bootstrap.py
+++ b/hermes-sovereign/wizard-bootstrap/wizard_bootstrap.py
@@ -77,7 +77,7 @@ def check_core_deps() -> CheckResult:
    """Verify that hermes core Python packages are importable."""
    required = [
        "openai",
-        "anthropic",
+        "kimi-coding",
        "dotenv",
        "yaml",
        "rich",
@@ -206,8 +206,8 @@ def check_env_vars() -> CheckResult:
    """Check that at least one LLM provider key is configured."""
    provider_keys = [
        "OPENROUTER_API_KEY",
-        "ANTHROPIC_API_KEY",
+        "KIMI_API_KEY",
-        "ANTHROPIC_TOKEN",
+        # "ANTHROPIC_TOKEN",  # BANNED
        "OPENAI_API_KEY",
        "GLM_API_KEY",
        "KIMI_API_KEY",
@@ -225,7 +225,7 @@ def check_env_vars() -> CheckResult:
        passed=False,
        message="No LLM provider API key found",
        fix_hint=(
-            "Set at least one of: OPENROUTER_API_KEY, ANTHROPIC_API_KEY, OPENAI_API_KEY "
+            "Set at least one of: OPENROUTER_API_KEY, KIMI_API_KEY, OPENAI_API_KEY "
            "in ~/.hermes/.env or your shell."
        ),
    )
--- a/playbooks/bug-fixer.yaml
+++ b/playbooks/bug-fixer.yaml
@@ -4,8 +4,8 @@ description: >
  reproduces the bug, then fixes the code, then verifies.
 model:
-  preferred: claude-opus-4-6
+  preferred: kimi-k2.5
-  fallback: claude-sonnet-4-20250514
+  fallback: google/gemini-2.5-pro
  max_turns: 30
  temperature: 0.2
--- a/playbooks/issue-triager.yaml
+++ b/playbooks/issue-triager.yaml
@@ -4,8 +4,8 @@ description: >
  agents. Decomposes large issues into smaller ones.
 model:
-  preferred: claude-opus-4-6
+  preferred: kimi-k2.5
-  fallback: claude-sonnet-4-20250514
+  fallback: google/gemini-2.5-pro
  max_turns: 20
  temperature: 0.3
@@ -50,7 +50,7 @@ system_prompt: |
     - codex-agent: cleanup, migration verification, dead-code removal, repo-boundary enforcement, workflow hardening
     - groq: bounded implementation, tactical bug fixes, quick feature slices, small patches with clear acceptance criteria
     - manus: bounded support tasks, moderate-scope implementation, follow-through on already-scoped work
-     - claude: hard refactors, broad multi-file implementation, test-heavy changes after the scope is made precise
+     - kimi: hard refactors, broad multi-file implementation, test-heavy changes after the scope is made precise
     - gemini: frontier architecture, research-heavy prototypes, long-range design thinking when a concrete implementation owner is not yet obvious
     - grok: adversarial testing, unusual edge cases, provocative review angles that still need another pass
  5. Decompose any issue touching >5 files or crossing repo boundaries into smaller issues before assigning execution
@@ -63,6 +63,6 @@ system_prompt: |
  - Search for existing issues or PRs covering the same request before assigning anything. If a likely duplicate exists, link it and do not create or route duplicate work.
  - Do not assign open-ended ideation to implementation agents.
  - Do not assign routine backlog maintenance to Timmy.
-  - Do not assign wide speculative backlog generation to codex-agent, groq, manus, or claude.
+  - Do not assign wide speculative backlog generation to codex-agent, groq, or manus.
  - Route archive/history/context-digestion work to ezra or KimiClaw before routing it to a builder.
  - Route “who should do this?” and “what is the next move?” questions to allegro.
--- a/playbooks/pr-reviewer.yaml
+++ b/playbooks/pr-reviewer.yaml
@@ -4,8 +4,8 @@ description: >
  comments on problems. The merge bot replacement.
 model:
-  preferred: claude-opus-4-6
+  preferred: kimi-k2.5
-  fallback: claude-sonnet-4-20250514
+  fallback: google/gemini-2.5-pro
  max_turns: 20
  temperature: 0.2
--- a/playbooks/refactor-specialist.yaml
+++ b/playbooks/refactor-specialist.yaml
@@ -4,8 +4,8 @@ description: >
  Well-scoped: 1-3 files per task, clear acceptance criteria.
 model:
-  preferred: claude-opus-4-6
+  preferred: kimi-k2.5
-  fallback: claude-sonnet-4-20250514
+  fallback: google/gemini-2.5-pro
  max_turns: 30
  temperature: 0.3
--- a/playbooks/security-auditor.yaml
+++ b/playbooks/security-auditor.yaml
@@ -4,8 +4,8 @@ description: >
  dependency issues. Files findings as Gitea issues.
 model:
-  preferred: claude-opus-4-6
+  preferred: kimi-k2.5
-  fallback: claude-opus-4-6
+  fallback: google/gemini-2.5-pro
  max_turns: 40
  temperature: 0.2
--- a/playbooks/test-writer.yaml
+++ b/playbooks/test-writer.yaml
@@ -4,8 +4,8 @@ description: >
  writes meaningful tests, verifies they pass.
 model:
-  preferred: claude-opus-4-6
+  preferred: kimi-k2.5
-  fallback: claude-sonnet-4-20250514
+  fallback: google/gemini-2.5-pro
  max_turns: 30
  temperature: 0.3
--- a/playbooks/verified-logic.yaml
+++ b/playbooks/verified-logic.yaml
@@ -5,8 +5,8 @@ description: >
  and consistency verification.
 model:
-  preferred: claude-opus-4-6
+  preferred: kimi-k2.5
-  fallback: claude-sonnet-4-20250514
+  fallback: google/gemini-2.5-pro
  max_turns: 12
  temperature: 0.1
--- a/scripts/fleet-dashboard.py
+++ b/scripts/fleet-dashboard.py
@@ -0,0 +1,390 @@
 #!/usr/bin/env python3
 """
 fleet-dashboard.py -- Timmy Foundation Fleet Status Dashboard.
 One-page terminal dashboard showing:
  1. Gitea: open PRs, open issues, recent merges
  2. VPS health: SSH reachability, service status, disk usage
  3. Cron jobs: scheduled jobs, last run status
 Usage:
    python3 scripts/fleet-dashboard.py
    python3 scripts/fleet-dashboard.py --json   # machine-readable output
 """
 from __future__ import annotations
 import json
 import os
 import socket
 import subprocess
 import sys
 import time
 import urllib.request
 import urllib.error
 from datetime import datetime, timezone, timedelta
 from pathlib import Path
 # ---------------------------------------------------------------------------
 # Config
 # ---------------------------------------------------------------------------
 GITEA_BASE = os.environ.get("GITEA_URL", "https://forge.alexanderwhitestone.com")
 GITEA_API = f"{GITEA_BASE}/api/v1"
 GITEA_ORG = "Timmy_Foundation"
 # Key repos to check for PRs/issues
 REPOS = [
    "timmy-config",
    "the-nexus",
    "hermes-agent",
    "the-forge",
    "timmy-sandbox",
 ]
 # VPS fleet
 VPS_HOSTS = {
    "ezra": {
        "ip": "143.198.27.163",
        "ssh_user": "root",
        "services": ["nginx", "gitea", "docker"],
    },
    "allegro": {
        "ip": "167.99.126.228",
        "ssh_user": "root",
        "services": ["hermes-agent"],
    },
    "bezalel": {
        "ip": "159.203.146.185",
        "ssh_user": "root",
        "services": ["hermes-agent", "evennia"],
    },
 }
 CRON_JOBS_FILE = Path(__file__).parent.parent / "cron" / "jobs.json"
 # ---------------------------------------------------------------------------
 # Gitea helpers
 # ---------------------------------------------------------------------------
 def _gitea_token() -> str:
    for p in [
        Path.home() / ".hermes" / "gitea_token",
        Path.home() / ".hermes" / "gitea_token_vps",
        Path.home() / ".config" / "gitea" / "token",
    ]:
        if p.exists():
            return p.read_text().strip()
    return ""
 def _gitea_get(path: str, params: dict | None = None) -> list | dict:
    url = f"{GITEA_API}{path}"
    if params:
        qs = "&".join(f"{k}={v}" for k, v in params.items() if v is not None)
        if qs:
            url += f"?{qs}"
    req = urllib.request.Request(url)
    token = _gitea_token()
    if token:
        req.add_header("Authorization", f"token {token}")
    req.add_header("Accept", "application/json")
    try:
        with urllib.request.urlopen(req, timeout=15) as resp:
            return json.loads(resp.read())
    except Exception as e:
        return {"error": str(e)}
 def check_gitea_health() -> dict:
    """Ping Gitea and collect PR/issue stats."""
    result = {"reachable": False, "version": "", "repos": {}, "totals": {}}
    # Ping
    data = _gitea_get("/version")
    if isinstance(data, dict) and "error" not in data:
        result["reachable"] = True
        result["version"] = data.get("version", "unknown")
    elif isinstance(data, dict) and "error" in data:
        return result
    total_open_prs = 0
    total_open_issues = 0
    total_recent_merges = 0
    cutoff = (datetime.now(timezone.utc) - timedelta(days=7)).strftime("%Y-%m-%dT%H:%M:%SZ")
    for repo in REPOS:
        repo_path = f"/repos/{GITEA_ORG}/{repo}"
        repo_info = {"prs": [], "issues": [], "recent_merges": 0}
        # Open PRs
        prs = _gitea_get(f"{repo_path}/pulls", {"state": "open", "limit": "10", "sort": "newest"})
        if isinstance(prs, list):
            for pr in prs:
                repo_info["prs"].append({
                    "number": pr.get("number"),
                    "title": pr.get("title", "")[:60],
                    "user": pr.get("user", {}).get("login", "unknown"),
                    "created": pr.get("created_at", "")[:10],
                })
            total_open_prs += len(prs)
        # Open issues (excluding PRs)
        issues = _gitea_get(f"{repo_path}/issues", {
            "state": "open", "type": "issues", "limit": "10", "sort": "newest"
        })
        if isinstance(issues, list):
            for iss in issues:
                repo_info["issues"].append({
                    "number": iss.get("number"),
                    "title": iss.get("title", "")[:60],
                    "user": iss.get("user", {}).get("login", "unknown"),
                    "created": iss.get("created_at", "")[:10],
                })
            total_open_issues += len(issues)
        # Recent merges (closed PRs)
        merged = _gitea_get(f"{repo_path}/pulls", {"state": "closed", "limit": "20", "sort": "newest"})
        if isinstance(merged, list):
            recent = [p for p in merged if p.get("merged") and p.get("closed_at", "") >= cutoff]
            repo_info["recent_merges"] = len(recent)
            total_recent_merges += len(recent)
        result["repos"][repo] = repo_info
    result["totals"] = {
        "open_prs": total_open_prs,
        "open_issues": total_open_issues,
        "recent_merges_7d": total_recent_merges,
    }
    return result
 # ---------------------------------------------------------------------------
 # VPS health helpers
 # ---------------------------------------------------------------------------
 def check_ssh(ip: str, timeout: int = 5) -> bool:
    try:
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.settimeout(timeout)
        result = sock.connect_ex((ip, 22))
        sock.close()
        return result == 0
    except Exception:
        return False
 def check_service(ip: str, user: str, service: str) -> str:
    """Check if a systemd service is active on remote host."""
    cmd = f"ssh -o StrictHostKeyChecking=no -o ConnectTimeout=8 {user}@{ip} 'systemctl is-active {service} 2>/dev/null || echo inactive'"
    try:
        proc = subprocess.run(cmd, shell=True, capture_output=True, text=True, timeout=15)
        return proc.stdout.strip() or "unknown"
    except subprocess.TimeoutExpired:
        return "timeout"
    except Exception:
        return "error"
 def check_disk(ip: str, user: str) -> dict:
    cmd = f"ssh -o StrictHostKeyChecking=no -o ConnectTimeout=8 {user}@{ip} 'df -h / | tail -1'"
    try:
        proc = subprocess.run(cmd, shell=True, capture_output=True, text=True, timeout=15)
        if proc.returncode == 0:
            parts = proc.stdout.strip().split()
            if len(parts) >= 5:
                return {"total": parts[1], "used": parts[2], "avail": parts[3], "pct": parts[4]}
    except Exception:
        pass
    return {"total": "?", "used": "?", "avail": "?", "pct": "?"}
 def check_vps_health() -> dict:
    result = {}
    for name, cfg in VPS_HOSTS.items():
        ip = cfg["ip"]
        ssh_up = check_ssh(ip)
        entry = {"ip": ip, "ssh": ssh_up, "services": {}, "disk": {}}
        if ssh_up:
            for svc in cfg.get("services", []):
                entry["services"][svc] = check_service(ip, cfg["ssh_user"], svc)
            entry["disk"] = check_disk(ip, cfg["ssh_user"])
        result[name] = entry
    return result
 # ---------------------------------------------------------------------------
 # Cron job status
 # ---------------------------------------------------------------------------
 def check_cron_jobs() -> list[dict]:
    jobs = []
    if not CRON_JOBS_FILE.exists():
        return [{"name": "jobs.json", "status": "FILE NOT FOUND"}]
    try:
        data = json.loads(CRON_JOBS_FILE.read_text())
        for job in data.get("jobs", []):
            jobs.append({
                "name": job.get("name", "unnamed"),
                "schedule": job.get("schedule_display", job.get("schedule", {}).get("display", "?")),
                "enabled": job.get("enabled", False),
                "state": job.get("state", "unknown"),
                "completed": job.get("repeat", {}).get("completed", 0),
                "last_status": job.get("last_status") or "never run",
                "last_error": job.get("last_error"),
            })
    except Exception as e:
        jobs.append({"name": "jobs.json", "status": f"PARSE ERROR: {e}"})
    return jobs
 # ---------------------------------------------------------------------------
 # Terminal rendering
 # ---------------------------------------------------------------------------
 BOLD = "\033[1m"
 DIM = "\033[2m"
 GREEN = "\033[32m"
 RED = "\033[31m"
 YELLOW = "\033[33m"
 CYAN = "\033[36m"
 RESET = "\033[0m"
 def _ok(val: bool) -> str:
    return f"{GREEN}UP{RESET}" if val else f"{RED}DOWN{RESET}"
 def _svc_icon(status: str) -> str:
    s = status.lower().strip()
    if s in ("active", "running"):
        return f"{GREEN}active{RESET}"
    elif s in ("inactive", "dead", "failed"):
        return f"{RED}{s}{RESET}"
    elif s == "timeout":
        return f"{YELLOW}timeout{RESET}"
    else:
        return f"{YELLOW}{s}{RESET}"
 def render_dashboard(gitea: dict, vps: dict, cron: list[dict]) -> str:
    lines = []
    now = datetime.now(timezone.utc).strftime("%Y-%m-%d %H:%M UTC")
    lines.append("")
    lines.append(f"{BOLD}{'=' * 72}{RESET}")
    lines.append(f"{BOLD}  TIMMY FOUNDATION -- FLEET STATUS DASHBOARD{RESET}")
    lines.append(f"{DIM}  Generated: {now}{RESET}")
    lines.append(f"{BOLD}{'=' * 72}{RESET}")
    # ── Section 1: Gitea ──────────────────────────────────────────────────
    lines.append("")
    lines.append(f"{BOLD}{CYAN}  [1] GITEA{RESET}")
    lines.append(f"  {'-' * 68}")
    if gitea.get("reachable"):
        lines.append(f"  Status: {GREEN}REACHABLE{RESET}  (version {gitea.get('version', '?')})")
        t = gitea.get("totals", {})
        lines.append(f"  Totals: {t.get('open_prs', 0)} open PRs  |  {t.get('open_issues', 0)} open issues  |  {t.get('recent_merges_7d', 0)} merges (7d)")
        lines.append("")
        for repo_name, repo in gitea.get("repos", {}).items():
            prs = repo.get("prs", [])
            issues = repo.get("issues", [])
            merges = repo.get("recent_merges", 0)
            lines.append(f"  {BOLD}{repo_name}{RESET}  ({len(prs)} PRs, {len(issues)} issues, {merges} merges/7d)")
            for pr in prs[:5]:
                lines.append(f"    PR #{pr['number']:>4}  {pr['title'][:50]:<50}  {DIM}{pr['user']}{RESET}  {pr['created']}")
            for iss in issues[:3]:
                lines.append(f"    IS #{iss['number']:>4}  {iss['title'][:50]:<50}  {DIM}{iss['user']}{RESET}  {iss['created']}")
    else:
        lines.append(f"  Status: {RED}UNREACHABLE{RESET}")
    # ── Section 2: VPS Health ─────────────────────────────────────────────
    lines.append("")
    lines.append(f"{BOLD}{CYAN}  [2] VPS HEALTH{RESET}")
    lines.append(f"  {'-' * 68}")
    lines.append(f"  {'Host':<12} {'IP':<18} {'SSH':<8} {'Disk':<12} {'Services'}")
    lines.append(f"  {'-' * 12} {'-' * 17} {'-' * 7} {'-' * 11} {'-' * 30}")
    for name, info in vps.items():
        ssh_str = _ok(info["ssh"])
        disk = info.get("disk", {})
        disk_str = disk.get("pct", "?")
        if disk_str != "?":
            pct_val = int(disk_str.rstrip("%"))
            if pct_val >= 90:
                disk_str = f"{RED}{disk_str}{RESET}"
            elif pct_val >= 75:
                disk_str = f"{YELLOW}{disk_str}{RESET}"
            else:
                disk_str = f"{GREEN}{disk_str}{RESET}"
        svc_parts = []
        for svc, status in info.get("services", {}).items():
            svc_parts.append(f"{svc}:{_svc_icon(status)}")
        svc_str = "  ".join(svc_parts) if svc_parts else f"{DIM}n/a{RESET}"
        lines.append(f"  {name:<12} {info['ip']:<18} {ssh_str:<18} {disk_str:<22} {svc_str}")
    # ── Section 3: Cron Jobs ──────────────────────────────────────────────
    lines.append("")
    lines.append(f"{BOLD}{CYAN}  [3] CRON JOBS{RESET}")
    lines.append(f"  {'-' * 68}")
    lines.append(f"  {'Name':<28} {'Schedule':<16} {'State':<12} {'Last':<12} {'Runs'}")
    lines.append(f"  {'-' * 27} {'-' * 15} {'-' * 11} {'-' * 11} {'-' * 5}")
    for job in cron:
        name = job.get("name", "?")[:27]
        sched = job.get("schedule", "?")[:15]
        state = job.get("state", "?")
        if state == "scheduled":
            state_str = f"{GREEN}{state}{RESET}"
        elif state == "paused":
            state_str = f"{YELLOW}{state}{RESET}"
        else:
            state_str = state
        last = job.get("last_status", "never")[:11]
        if last == "ok":
            last_str = f"{GREEN}{last}{RESET}"
        elif last in ("error", "never run"):
            last_str = f"{RED}{last}{RESET}"
        else:
            last_str = last
        runs = job.get("completed", 0)
        enabled = job.get("enabled", False)
        marker = " " if enabled else f"{DIM}(disabled){RESET}"
        lines.append(f"  {name:<28} {sched:<16} {state_str:<22} {last_str:<22} {runs}  {marker}")
    # ── Footer ────────────────────────────────────────────────────────────
    lines.append("")
    lines.append(f"{BOLD}{'=' * 72}{RESET}")
    lines.append(f"{DIM}  python3 scripts/fleet-dashboard.py  |  timmy-config{RESET}")
    lines.append(f"{BOLD}{'=' * 72}{RESET}")
    lines.append("")
    return "\n".join(lines)
 # ---------------------------------------------------------------------------
 # Main
 # ---------------------------------------------------------------------------
 def main():
    json_mode = "--json" in sys.argv
    if not json_mode:
        print(f"\n  {DIM}Collecting fleet data...{RESET}\n", file=sys.stderr)
    gitea = check_gitea_health()
    vps = check_vps_health()
    cron = check_cron_jobs()
    if json_mode:
        output = {
            "timestamp": datetime.now(timezone.utc).isoformat(),
            "gitea": gitea,
            "vps": vps,
            "cron": cron,
        }
        print(json.dumps(output, indent=2))
    else:
        print(render_dashboard(gitea, vps, cron))
 if __name__ == "__main__":
    main()
--- a/scripts/knowledge_base.py
+++ b/scripts/knowledge_base.py
@@ -22,6 +22,7 @@ CLI:
 from __future__ import annotations
 import argparse
 import ast
 import json
 import os
 import sys
@@ -137,6 +138,42 @@ class KnowledgeBase:
            self._save(self._persist_path)
        return removed
    def ingest_python_file(
        self, path: Path, *, module_name: Optional[str] = None, source: str = "ast"
    ) -> List[Fact]:
        """Parse a Python file with ``ast`` and assert symbolic structure facts."""
        tree = ast.parse(path.read_text(), filename=str(path))
        module = module_name or path.stem
        fact_source = f"{source}:{path.name}"
        added: List[Fact] = []
        def add(relation: str, *args: str) -> None:
            added.append(self.assert_fact(relation, *args, source=fact_source))
        for node in tree.body:
            if isinstance(node, ast.Import):
                for alias in node.names:
                    add("imports", module, alias.name)
            elif isinstance(node, ast.ImportFrom):
                prefix = f"{node.module}." if node.module else ""
                for alias in node.names:
                    add("imports", module, f"{prefix}{alias.name}")
            elif isinstance(node, (ast.FunctionDef, ast.AsyncFunctionDef)):
                add("defines_function", module, node.name)
            elif isinstance(node, ast.ClassDef):
                add("defines_class", module, node.name)
                for child in node.body:
                    if isinstance(child, (ast.FunctionDef, ast.AsyncFunctionDef)):
                        add("defines_method", node.name, child.name)
            elif isinstance(node, ast.Assign):
                for target in node.targets:
                    if isinstance(target, ast.Name) and target.id.isupper():
                        add("defines_constant", module, target.id)
            elif isinstance(node, ast.AnnAssign) and isinstance(node.target, ast.Name) and node.target.id.isupper():
                add("defines_constant", module, node.target.id)
        return added
    # ------------------------------------------------------------------
    # Query
    # ------------------------------------------------------------------
@@ -287,6 +324,12 @@ def main() -> None:
        action="store_true",
        help="Dump all facts",
    )
    parser.add_argument(
        "--ingest-python",
        dest="ingest_python",
        type=Path,
        help="Parse a Python file with AST and assert symbolic structure facts",
    )
    parser.add_argument(
        "--relation",
        help="Filter --dump to a specific relation",
@@ -304,6 +347,10 @@ def main() -> None:
        fact = kb.assert_fact(terms[0], *terms[1:], source="cli")
        print(f"Asserted: {fact}")
    if args.ingest_python:
        added = kb.ingest_python_file(args.ingest_python, source="cli-ast")
        print(f"Ingested {len(added)} AST fact(s) from {args.ingest_python}")
    if args.retract_stmt:
        terms = _parse_terms(args.retract_stmt)
        if len(terms) < 2:
--- a/scripts/nexus_smoke_test.py
+++ b/scripts/nexus_smoke_test.py
@@ -0,0 +1,20 @@
 import json
 from hermes_tools import browser_navigate, browser_vision
 def run_smoke_test():
    print("Navigating to The Nexus...")
    browser_navigate(url="https://nexus.alexanderwhitestone.com")
    print("Performing visual verification...")
    analysis = browser_vision(
        question="Is the Nexus landing page rendered correctly? Check for: 1) The Tower logo, 2) The main entry portal, 3) Absence of 404/Error messages. Provide a clear PASS or FAIL."
    )
    result = {
        "status": "PASS" if "PASS" in analysis.upper() else "FAIL",
        "analysis": analysis
    }
    return result
 if __name__ == '__main__':
    print(json.dumps(run_smoke_test(), indent=2))
--- a/scripts/self_healing.py
+++ b/scripts/self_healing.py
@@ -48,6 +48,34 @@ class SelfHealer:
            self.log(f"  [ERROR] Failed to run remote command on {host}: {e}")
            return None
    def confirm(self, prompt: str) -> bool:
        """Ask for confirmation unless --yes flag is set."""
        if self.yes:
            return True
        while True:
            response = input(f"{prompt} [y/N] ").strip().lower()
            if response in ("y", "yes"):
                return True
            if response in ("n", "no", ""):
                return False
            print("Please answer 'y' or 'n'.")
    def check_llama_server(self, host: str):
        ip = FLEET[host]["ip"]
        port = FLEET[host]["port"]
        try:
            requests.get(f"http://{ip}:{port}/health", timeout=2)
        except requests.RequestException:
            self.log(f"  [!] llama-server down on {host}.")
            if self.dry_run:
                self.log(f"  [DRY-RUN] Would restart llama-server on {host}")
            else:
                if self.confirm(f"  Restart llama-server on {host}?"):
                    self.log(f"  Restarting llama-server on {host}...")
                    self.run_remote(host, "systemctl restart llama-server")
                else:
                    self.log(f"  Skipped restart on {host}.")
    def check_disk_space(self, host: str):
        res = self.run_remote(host, "df -h / | tail -1 | awk '{print $5}' | sed 's/%//'")
        if res and res.returncode == 0:
--- a/tasks.py
+++ b/tasks.py
@@ -1755,6 +1755,27 @@ def memory_compress():
 # ── NEW 6: Good Morning Report ───────────────────────────────────────
 def _load_overnight_rd_summary():
    """Load the latest overnight R&D summary for morning report enrichment."""
    summary_path = TIMMY_HOME / "overnight-rd" / "latest_summary.md"
    if not summary_path.exists():
        return None
    try:
        text = summary_path.read_text()
        # Only use if generated in the last 24 hours
        import re
        date_match = re.search(r"Started: (\d{4}-\d{2}-\d{2})", text)
        if date_match:
            from datetime import timedelta
            summary_date = datetime.strptime(date_match.group(1), "%Y-%m-%d").date()
            if (datetime.now(timezone.utc).date() - summary_date).days > 1:
                return None
        return text
    except Exception:
        return None
@huey.periodic_task(crontab(hour="6", minute="0"))  # 6 AM daily
 def good_morning_report():
    """Generate Alexander's daily morning report. Filed as a Gitea issue.
@@ -2437,3 +2458,295 @@ def velocity_tracking():
            msg += f" [ALERT: +{total_open - prev['total_open']} open since {prev['date']}]"
    print(msg)
    return data
 # ── Overnight R&D Loop ──────────────────────────────────────────────
 # Runs 10 PM - 6 AM EDT. Orchestrates:
 #   Phase 1: Deep Dive paper aggregation + relevance filtering
 #   Phase 2: Overnight tightening loop (tool-use capability training)
 #   Phase 3: DPO pair export from overnight sessions
 #   Phase 4: Morning briefing enrichment
 #
 # Provider: local Ollama (gemma4:12b for synthesis, hermes4:14b for tasks)
 # Budget: $0 — all local inference
 OVERNIGHT_RD_SYSTEM_PROMPT = """You are Timmy running the overnight R&D loop.
 You run locally on Ollama. Use tools when asked. Be brief and precise.
 Log findings to the specified output paths. No cloud calls."""
 OVERNIGHT_TIGHTENING_TASKS = [
    {
        "id": "read-soul",
        "prompt": "Read ~/.timmy/SOUL.md. Quote the first sentence of the Prime Directive.",
        "toolsets": "file",
    },
    {
        "id": "read-operations",
        "prompt": "Read ~/.timmy/OPERATIONS.md. List all section headings.",
        "toolsets": "file",
    },
    {
        "id": "search-banned-providers",
        "prompt": "Search ~/.timmy/timmy-config for files containing 'anthropic'. List filenames only.",
        "toolsets": "file",
    },
    {
        "id": "read-config-audit",
        "prompt": "Read ~/.hermes/config.yaml. What model and provider are the default? Is Anthropic present anywhere?",
        "toolsets": "file",
    },
    {
        "id": "write-overnight-log",
        "prompt": "Write a file to {results_dir}/overnight_checkpoint.md with: # Overnight Checkpoint\nTimestamp: {timestamp}\nModel: {model}\nStatus: Running\nSovereignty and service always.",
        "toolsets": "file",
    },
    {
        "id": "search-cloud-markers",
        "prompt": "Search files in ~/.hermes/bin/ for the string 'chatgpt.com'. Report which files and lines.",
        "toolsets": "file",
    },
    {
        "id": "read-decisions",
        "prompt": "Read ~/.timmy/decisions.md. What is the most recent decision?",
        "toolsets": "file",
    },
    {
        "id": "multi-read-sovereignty",
        "prompt": "Read both ~/.timmy/SOUL.md and ~/.hermes/config.yaml. Does the config honor the soul's sovereignty requirement? Yes or no with evidence.",
        "toolsets": "file",
    },
    {
        "id": "search-hermes-skills",
        "prompt": "Search for *.md files in ~/.hermes/skills/. List the first 10 skill names.",
        "toolsets": "file",
    },
    {
        "id": "read-heartbeat",
        "prompt": "Read the most recent file in ~/.timmy/heartbeat/. Summarize what Timmy perceived.",
        "toolsets": "file",
    },
 ]
 def _run_overnight_tightening_task(task, cycle, results_dir, model):
    """Run a single tightening task through Hermes with explicit Ollama provider."""
    from datetime import datetime
    task_id = task["id"]
    prompt = task["prompt"].replace(
        "{results_dir}", str(results_dir)
    ).replace(
        "{timestamp}", datetime.now().isoformat()
    ).replace(
        "{model}", model
    )
    result = {
        "task_id": task_id,
        "cycle": cycle,
        "started_at": datetime.now(timezone.utc).isoformat(),
        "prompt": prompt,
    }
    started = time.time()
    try:
        hermes_result = run_hermes_local(
            prompt=prompt,
            model=model,
            caller_tag=f"overnight-rd-{task_id}",
            system_prompt=OVERNIGHT_RD_SYSTEM_PROMPT,
            skip_context_files=True,
            skip_memory=True,
            max_iterations=5,
        )
        elapsed = time.time() - started
        result["elapsed_seconds"] = round(elapsed, 2)
        if hermes_result:
            result["response"] = hermes_result.get("response", "")[:2000]
            result["session_id"] = hermes_result.get("session_id")
            result["status"] = "pass" if hermes_result.get("response") else "empty"
        else:
            result["status"] = "empty"
            result["response"] = ""
    except Exception as exc:
        result["elapsed_seconds"] = round(time.time() - started, 2)
        result["status"] = "error"
        result["error"] = str(exc)[:500]
    result["finished_at"] = datetime.now(timezone.utc).isoformat()
    return result
 def _run_deepdive_phase(config_path=None):
    """Run the Deep Dive aggregation + synthesis pipeline.
    Uses the existing pipeline.py from the-nexus/intelligence/deepdive.
    Returns path to generated briefing or None.
    """
    deepdive_dir = Path.home() / "wizards" / "the-nexus" / "intelligence" / "deepdive"
    deepdive_venv = Path.home() / ".venvs" / "deepdive" / "bin" / "python"
    pipeline_script = deepdive_dir / "pipeline.py"
    config = config_path or (deepdive_dir / "config.yaml")
    if not pipeline_script.exists():
        return {"status": "not_installed", "error": f"Pipeline not found at {pipeline_script}"}
    python_bin = str(deepdive_venv) if deepdive_venv.exists() else "python3"
    try:
        result = subprocess.run(
            [python_bin, str(pipeline_script), "--config", str(config), "--since", "24"],
            cwd=str(deepdive_dir),
            capture_output=True,
            text=True,
            timeout=600,  # 10 minute timeout
        )
        # Find the latest briefing file
        briefings_dir = Path.home() / "briefings"
        briefing_files = sorted(briefings_dir.glob("briefing_*.json")) if briefings_dir.exists() else []
        latest_briefing = str(briefing_files[-1]) if briefing_files else None
        return {
            "status": "ok" if result.returncode == 0 else "error",
            "exit_code": result.returncode,
            "stdout": result.stdout[-1000:] if result.stdout else "",
            "stderr": result.stderr[-500:] if result.stderr else "",
            "briefing_path": latest_briefing,
        }
    except subprocess.TimeoutExpired:
        return {"status": "timeout", "error": "Pipeline exceeded 10 minute timeout"}
    except Exception as exc:
        return {"status": "error", "error": str(exc)}
@huey.periodic_task(crontab(hour="22", minute="0"))  # 10 PM daily (server time)
 def overnight_rd():
    """Overnight R&D automation loop.
    Runs from 10 PM until 6 AM. Orchestrates:
    1. Deep Dive: Aggregate papers/blogs, filter for relevance, synthesize briefing
    2. Tightening Loop: Exercise tool-use against local model for training data
    3. DPO Export: Sweep overnight sessions for training pair extraction
    4. Morning prep: Compile findings for good_morning_report enrichment
    All inference is local (Ollama). $0 cloud cost.
    """
    from datetime import timedelta
    now = datetime.now(timezone.utc)
    run_id = now.strftime("%Y%m%d_%H%M%S")
    results_dir = TIMMY_HOME / "overnight-rd" / run_id
    results_dir.mkdir(parents=True, exist_ok=True)
    rd_log = results_dir / "rd_log.jsonl"
    rd_summary = results_dir / "rd_summary.md"
    phases = {}
    # ── Phase 1: Deep Dive ──────────────────────────────────────────
    phase1_start = time.time()
    deepdive_result = _run_deepdive_phase()
    phases["deepdive"] = {
        "elapsed_seconds": round(time.time() - phase1_start, 2),
        **deepdive_result,
    }
    # Log result
    with open(rd_log, "a") as f:
        f.write(json.dumps({"phase": "deepdive", "timestamp": now.isoformat(), **deepdive_result}) + "\n")
    # ── Phase 2: Tightening Loop (3 cycles) ─────────────────────────
    tightening_model = "hermes4:14b"
    fallback_model = "gemma4:12b"
    tightening_results = []
    max_cycles = 3
    for cycle in range(1, max_cycles + 1):
        for task in OVERNIGHT_TIGHTENING_TASKS:
            model = tightening_model
            result = _run_overnight_tightening_task(task, cycle, results_dir, model)
            # If primary model fails, try fallback
            if result["status"] == "error" and "Unknown provider" not in result.get("error", ""):
                result = _run_overnight_tightening_task(task, cycle, results_dir, fallback_model)
            tightening_results.append(result)
            with open(rd_log, "a") as f:
                f.write(json.dumps(result) + "\n")
            time.sleep(2)  # Pace local inference
        time.sleep(10)  # Pause between cycles
    passes = sum(1 for r in tightening_results if r["status"] == "pass")
    errors = sum(1 for r in tightening_results if r["status"] == "error")
    total = len(tightening_results)
    avg_time = sum(r.get("elapsed_seconds", 0) for r in tightening_results) / max(total, 1)
    phases["tightening"] = {
        "cycles": max_cycles,
        "total_tasks": total,
        "passes": passes,
        "errors": errors,
        "avg_response_time": round(avg_time, 2),
        "pass_rate": f"{100 * passes // max(total, 1)}%",
    }
    # ── Phase 3: DPO Export Sweep ───────────────────────────────────
    # Trigger the existing session_export task to catch overnight sessions
    try:
        export_result = session_export()
        phases["dpo_export"] = export_result if isinstance(export_result, dict) else {"status": "ok"}
    except Exception as exc:
        phases["dpo_export"] = {"status": "error", "error": str(exc)}
    # ── Phase 4: Compile Summary ────────────────────────────────────
    summary_lines = [
        f"# Overnight R&D Summary — {now.strftime('%Y-%m-%d')}",
        f"Run ID: {run_id}",
        f"Started: {now.isoformat()}",
        f"Finished: {datetime.now(timezone.utc).isoformat()}",
        "",
        "## Deep Dive",
        f"- Status: {phases['deepdive'].get('status', 'unknown')}",
        f"- Elapsed: {phases['deepdive'].get('elapsed_seconds', '?')}s",
    ]
    if phases["deepdive"].get("briefing_path"):
        summary_lines.append(f"- Briefing: {phases['deepdive']['briefing_path']}")
    summary_lines.extend([
        "",
        "## Tightening Loop",
        f"- Cycles: {max_cycles}",
        f"- Pass rate: {phases['tightening']['pass_rate']} ({passes}/{total})",
        f"- Avg response time: {avg_time:.1f}s",
        f"- Errors: {errors}",
        "",
        "## DPO Export",
        f"- Status: {phases.get('dpo_export', {}).get('status', 'unknown')}",
        "",
        "## Error Details",
    ])
    for r in tightening_results:
        if r["status"] == "error":
            summary_lines.append(f"- {r['task_id']} (cycle {r['cycle']}): {r.get('error', '?')[:100]}")
    with open(rd_summary, "w") as f:
        f.write("\n".join(summary_lines) + "\n")
    # Save summary for morning report consumption
    latest_summary = TIMMY_HOME / "overnight-rd" / "latest_summary.md"
    with open(latest_summary, "w") as f:
        f.write("\n".join(summary_lines) + "\n")
    return {
        "run_id": run_id,
        "phases": phases,
        "summary_path": str(rd_summary),
    }
--- a/tests/test_knowledge_base_ast.py
+++ b/tests/test_knowledge_base_ast.py
@@ -0,0 +1,43 @@
 import sys
 from pathlib import Path
 sys.path.insert(0, str(Path(__file__).resolve().parent.parent / "scripts"))
 from knowledge_base import KnowledgeBase
 def test_ingest_python_file_extracts_ast_facts(tmp_path: Path) -> None:
    source = tmp_path / "demo_module.py"
    source.write_text(
        "import os\n"
        "from pathlib import Path\n\n"
        "CONSTANT = 7\n\n"
        "def helper(x):\n"
        "    return x + 1\n\n"
        "class Demo:\n"
        "    def method(self):\n"
        "        return helper(CONSTANT)\n"
    )
    kb = KnowledgeBase()
    facts = kb.ingest_python_file(source)
    assert facts, "AST ingestion should add symbolic facts"
    assert kb.query("defines_function", "demo_module", "helper") == [{}]
    assert kb.query("defines_class", "demo_module", "Demo") == [{}]
    assert kb.query("defines_method", "Demo", "method") == [{}]
    assert kb.query("imports", "demo_module", "os") == [{}]
    assert kb.query("imports", "demo_module", "pathlib.Path") == [{}]
    assert kb.query("defines_constant", "demo_module", "CONSTANT") == [{}]
 def test_ingest_python_file_rejects_invalid_syntax(tmp_path: Path) -> None:
    broken = tmp_path / "broken.py"
    broken.write_text("def nope(:\n    pass\n")
    kb = KnowledgeBase()
    try:
        kb.ingest_python_file(broken)
    except SyntaxError:
        return
    raise AssertionError("Expected SyntaxError for invalid Python source")
--- a/tests/test_local_runtime_defaults.py
+++ b/tests/test_local_runtime_defaults.py
@@ -5,6 +5,11 @@ from pathlib import Path
 import yaml
 def test_config_yaml_parses() -> None:
    config = yaml.safe_load(Path("config.yaml").read_text())
    assert isinstance(config, dict)
 def test_config_defaults_to_local_llama_cpp_runtime() -> None:
    config = yaml.safe_load(Path("config.yaml").read_text())
--- a/tests/test_self_healing.py
+++ b/tests/test_self_healing.py
@@ -3,6 +3,7 @@
 from __future__ import annotations
 import importlib.util
 import subprocess
 from pathlib import Path
 from unittest.mock import MagicMock
@@ -60,3 +61,35 @@ class TestMainCli:
        healer_cls.assert_called_once_with(dry_run=False, confirm_kill=True, yes=True)
        healer.run.assert_called_once_with()
    def test_real_default_dry_run_path_completes(self, monkeypatch, capsys):
        class FakeExecutor:
            def __init__(self):
                self.calls = []
            def run_script(self, host, command, *, local=False, timeout=None):
                self.calls.append((host, command, local, timeout))
                if command.startswith("df -h /"):
                    return subprocess.CompletedProcess(command, 0, stdout="42\n", stderr="")
                if command.startswith("free -m"):
                    return subprocess.CompletedProcess(command, 0, stdout="12.5\n", stderr="")
                if command.startswith("ps aux"):
                    return subprocess.CompletedProcess(command, 0, stdout="", stderr="")
                raise AssertionError(f"unexpected command: {command}")
        fake_executor = FakeExecutor()
        monkeypatch.setattr(sh, "FLEET", {"mac": {"ip": "127.0.0.1", "port": 8080}})
        monkeypatch.setattr(sh.requests, "get", lambda url, timeout: object())
        monkeypatch.setattr(sh, "VerifiedSSHExecutor", lambda: fake_executor)
        sh.main([])
        out = capsys.readouterr().out
        assert "Starting self-healing cycle (DRY-RUN mode)." in out
        assert "Auditing mac..." in out
        assert "Cycle complete." in out
        assert fake_executor.calls == [
            ("127.0.0.1", "df -h / | tail -1 | awk '{print $5}' | sed 's/%//'", True, 15),
            ("127.0.0.1", "free -m | awk '/^Mem:/{print $3/$2 * 100}'", True, 15),
            ("127.0.0.1", "ps aux --sort=-%cpu | awk 'NR>1 && $3>80 {print $2, $11, $3}'", True, 15),
        ]
--- a/wizards/allegro/config.yaml
+++ b/wizards/allegro/config.yaml
@@ -8,16 +8,17 @@ fallback_providers:
  model: kimi-k2.5
  timeout: 120
  reason: Kimi coding fallback (front of chain)
  - provider: anthropic
    model: claude-sonnet-4-20250514
    timeout: 120
    reason: Direct Anthropic fallback
 - provider: openrouter
-    model: anthropic/claude-sonnet-4-20250514
+  model: google/gemini-2.5-pro
  base_url: https://openrouter.ai/api/v1
  api_key_env: OPENROUTER_API_KEY
  timeout: 120
-    reason: OpenRouter fallback
+  reason: Gemini 2.5 Pro via OpenRouter (replaces banned Anthropic)
 - provider: ollama
  model: gemma4:latest
  base_url: http://localhost:11434
  timeout: 300
  reason: "Terminal fallback \u2014 local Ollama"
 agent:
  max_turns: 30
  reasoning_effort: xhigh
@@ -64,16 +65,12 @@ session_reset:
  idle_minutes: 0
 skills:
  creation_nudge_interval: 15
-system_prompt_suffix: |
+system_prompt_suffix: "You are Allegro, the Kimi-backed third wizard house.\nYour\
-  You are Allegro, the Kimi-backed third wizard house.
+  \ soul is defined in SOUL.md \u2014 read it, live it.\nHermes is your harness.\n\
-  Your soul is defined in SOUL.md — read it, live it.
+  Kimi Code is your primary provider.\nYou speak plainly. You prefer short sentences.\
-  Hermes is your harness.
+  \ Brevity is a kindness.\n\nWork best on tight coding tasks: 1-3 file changes, refactors,\
-  Kimi Code is your primary provider.
+  \ tests, and implementation passes.\nRefusal over fabrication. If you do not know,\
-  You speak plainly. You prefer short sentences. Brevity is a kindness.
+  \ say so.\nSovereignty and service always.\n"
  Work best on tight coding tasks: 1-3 file changes, refactors, tests, and implementation passes.
  Refusal over fabrication. If you do not know, say so.
  Sovereignty and service always.
 providers:
  kimi-coding:
    base_url: https://api.kimi.com/coding/v1
--- a/wizards/bezalel/config.yaml
+++ b/wizards/bezalel/config.yaml
@@ -8,23 +8,25 @@ fallback_providers:
  model: kimi-k2.5
  timeout: 120
  reason: Kimi coding fallback (front of chain)
 - provider: anthropic
  model: claude-sonnet-4-20250514
  timeout: 120
  reason: Direct Anthropic fallback
 - provider: openrouter
-  model: anthropic/claude-sonnet-4-20250514
+  model: google/gemini-2.5-pro
  base_url: https://openrouter.ai/api/v1
  api_key_env: OPENROUTER_API_KEY
  timeout: 120
-  reason: OpenRouter fallback
+  reason: Gemini 2.5 Pro via OpenRouter (replaces banned Anthropic)
 - provider: ollama
  model: gemma4:latest
  base_url: http://localhost:11434
  timeout: 300
  reason: "Terminal fallback \u2014 local Ollama"
 agent:
  max_turns: 40
  reasoning_effort: medium
  verbose: false
-  system_prompt: You are Bezalel, the forge-and-testbed wizard of the Timmy Foundation
+  system_prompt: "You are Bezalel, the forge-and-testbed wizard of the Timmy Foundation\
-    fleet. You are a builder and craftsman — infrastructure, deployment, hardening.
+    \ fleet. You are a builder and craftsman \u2014 infrastructure, deployment, hardening.\
-    Your sovereign is Alexander Whitestone (Rockachopa). Sovereignty and service always.
+    \ Your sovereign is Alexander Whitestone (Rockachopa). Sovereignty and service\
    \ always."
 terminal:
  backend: local
  cwd: /root/wizards/bezalel
@@ -62,12 +64,12 @@ platforms:
          - pull_request
          - pull_request_comment
          secret: bezalel-gitea-webhook-secret-2026
-          prompt: 'You are bezalel, the builder and craftsman — infrastructure, deployment,
+          prompt: "You are bezalel, the builder and craftsman \u2014 infrastructure,\
-            hardening. A Gitea webhook fired: event={event_type}, action={action},
+            \ deployment, hardening. A Gitea webhook fired: event={event_type}, action={action},\
-            repo={repository.full_name}, issue/PR=#{issue.number} {issue.title}. Comment
+            \ repo={repository.full_name}, issue/PR=#{issue.number} {issue.title}.\
-            by {comment.user.login}: {comment.body}. If you were tagged, assigned,
+            \ Comment by {comment.user.login}: {comment.body}. If you were tagged,\
-            or this needs your attention, investigate and respond via Gitea API. Otherwise
+            \ assigned, or this needs your attention, investigate and respond via\
-            acknowledge briefly.'
+            \ Gitea API. Otherwise acknowledge briefly."
          deliver: telegram
          deliver_extra: {}
        gitea-assign:
@@ -75,12 +77,12 @@ platforms:
          - issues
          - pull_request
          secret: bezalel-gitea-webhook-secret-2026
-          prompt: 'You are bezalel, the builder and craftsman — infrastructure, deployment,
+          prompt: "You are bezalel, the builder and craftsman \u2014 infrastructure,\
-            hardening. Gitea assignment webhook: event={event_type}, action={action},
+            \ deployment, hardening. Gitea assignment webhook: event={event_type},\
-            repo={repository.full_name}, issue/PR=#{issue.number} {issue.title}. Assigned
+            \ action={action}, repo={repository.full_name}, issue/PR=#{issue.number}\
-            to: {issue.assignee.login}. If you (bezalel) were just assigned, read
+            \ {issue.title}. Assigned to: {issue.assignee.login}. If you (bezalel)\
-            the issue, scope it, and post a plan comment. If not you, acknowledge
+            \ were just assigned, read the issue, scope it, and post a plan comment.\
-            briefly.'
+            \ If not you, acknowledge briefly."
          deliver: telegram
          deliver_extra: {}
 gateway:
--- a/wizards/ezra/config.yaml
+++ b/wizards/ezra/config.yaml
@@ -8,16 +8,17 @@ fallback_providers:
  model: kimi-k2.5
  timeout: 120
  reason: Kimi coding fallback (front of chain)
  - provider: anthropic
    model: claude-sonnet-4-20250514
    timeout: 120
    reason: Direct Anthropic fallback
 - provider: openrouter
-    model: anthropic/claude-sonnet-4-20250514
+  model: google/gemini-2.5-pro
  base_url: https://openrouter.ai/api/v1
  api_key_env: OPENROUTER_API_KEY
  timeout: 120
-    reason: OpenRouter fallback
+  reason: Gemini 2.5 Pro via OpenRouter (replaces banned Anthropic)
 - provider: ollama
  model: gemma4:latest
  base_url: http://localhost:11434
  timeout: 300
  reason: "Terminal fallback \u2014 local Ollama"
 agent:
  max_turns: 90
  reasoning_effort: high
@@ -27,8 +28,6 @@ providers:
    base_url: https://api.kimi.com/coding/v1
    timeout: 60
    max_retries: 3
  anthropic:
    timeout: 120
  openrouter:
    base_url: https://openrouter.ai/api/v1
    timeout: 120
Author	SHA1	Message	Date
Alexander Whitestone	dba2199ece	fix: restore local config and cron sovereignty guards Some checks failed Architecture Lint / Linter Tests (pull_request) Successful in 10s Details PR Checklist / pr-checklist (pull_request) Failing after 1m21s Details Smoke Test / smoke (pull_request) Failing after 7s Details Validate Config / YAML Lint (pull_request) Failing after 6s Details Validate Config / JSON Validate (pull_request) Successful in 6s Details Validate Config / Python Syntax & Import Check (pull_request) Failing after 8s Details Validate Config / Python Test Suite (pull_request) Has been skipped Details Validate Config / Shell Script Lint (pull_request) Failing after 15s Details Validate Config / Cron Syntax Check (pull_request) Successful in 5s Details Validate Config / Deploy Script Dry Run (pull_request) Successful in 4s Details Validate Config / Playbook Schema Validation (pull_request) Successful in 8s Details Architecture Lint / Lint Repository (pull_request) Failing after 6s Details	2026-04-13 02:21:23 -04:00
Timmy Time	4ce9cb6cd4	Merge pull request 'feat: add AST-backed AST knowledge ingestion for Python files' (#504 ) from feat/20260413-kb-python-ast into main Some checks failed Architecture Lint / Linter Tests (push) Successful in 8s Details Smoke Test / smoke (push) Failing after 8s Details Validate Config / YAML Lint (push) Failing after 8s Details Validate Config / JSON Validate (push) Successful in 6s Details Validate Config / Python Syntax & Import Check (push) Failing after 8s Details Validate Config / Python Test Suite (push) Has been skipped Details Validate Config / Shell Script Lint (push) Failing after 14s Details Validate Config / Cron Syntax Check (push) Successful in 5s Details Validate Config / Deploy Script Dry Run (push) Successful in 5s Details Validate Config / Playbook Schema Validation (push) Successful in 8s Details Architecture Lint / Lint Repository (push) Failing after 7s Details	2026-04-13 04:19:45 +00:00
Timmy Time	24887b615f	feat: add AST-backed Python ingestion to knowledge base Some checks failed Architecture Lint / Linter Tests (pull_request) Successful in 9s Details PR Checklist / pr-checklist (pull_request) Failing after 1m18s Details Smoke Test / smoke (pull_request) Failing after 6s Details Validate Config / YAML Lint (pull_request) Failing after 6s Details Validate Config / JSON Validate (pull_request) Successful in 7s Details Validate Config / Python Syntax & Import Check (pull_request) Failing after 6s Details Validate Config / Python Test Suite (pull_request) Has been skipped Details Validate Config / Shell Script Lint (pull_request) Failing after 14s Details Validate Config / Cron Syntax Check (pull_request) Successful in 5s Details Validate Config / Deploy Script Dry Run (pull_request) Successful in 5s Details Validate Config / Playbook Schema Validation (pull_request) Successful in 7s Details Architecture Lint / Lint Repository (pull_request) Failing after 6s Details	2026-04-13 04:09:57 +00:00
Timmy Time	1e43776be1	feat: add AST-backed Python ingestion to knowledge base	2026-04-13 04:09:54 +00:00
Perplexity Computer	e53fdd0f49	feat: overnight R&D automation — Deep Dive + tightening + DPO export (#503 ) Some checks failed Architecture Lint / Linter Tests (push) Successful in 8s Details Smoke Test / smoke (push) Failing after 7s Details Validate Config / YAML Lint (push) Failing after 6s Details Validate Config / JSON Validate (push) Successful in 6s Details Validate Config / Python Syntax & Import Check (push) Failing after 7s Details Validate Config / Python Test Suite (push) Has been skipped Details Validate Config / Shell Script Lint (push) Failing after 13s Details Validate Config / Cron Syntax Check (push) Successful in 5s Details Validate Config / Deploy Script Dry Run (push) Successful in 5s Details Validate Config / Playbook Schema Validation (push) Successful in 7s Details Architecture Lint / Lint Repository (push) Failing after 7s Details	2026-04-13 02:10:16 +00:00
Perplexity Computer	aeefe5027d	purge: remove Anthropic from timmy-config (14 files) (#502 ) Some checks failed Architecture Lint / Linter Tests (push) Successful in 10s Details Smoke Test / smoke (push) Failing after 8s Details Validate Config / YAML Lint (push) Failing after 6s Details Validate Config / JSON Validate (push) Successful in 6s Details Validate Config / Python Syntax & Import Check (push) Failing after 7s Details Validate Config / Python Test Suite (push) Has been skipped Details Validate Config / Shell Script Lint (push) Failing after 14s Details Validate Config / Cron Syntax Check (push) Successful in 5s Details Validate Config / Deploy Script Dry Run (push) Successful in 4s Details Validate Config / Playbook Schema Validation (push) Successful in 8s Details Architecture Lint / Lint Repository (push) Failing after 8s Details	2026-04-13 02:02:06 +00:00
Perplexity Computer	989bc29c96	Merge pull request 'feat: Anthropic ban enforcement scanner' (#501 ) from perplexity/anthropic-ban-scanner into main Some checks failed Architecture Lint / Linter Tests (push) Successful in 9s Details Smoke Test / smoke (push) Failing after 7s Details Validate Config / YAML Lint (push) Failing after 8s Details Validate Config / JSON Validate (push) Successful in 7s Details Validate Config / Python Syntax & Import Check (push) Failing after 9s Details Validate Config / Python Test Suite (push) Has been skipped Details Validate Config / Shell Script Lint (push) Failing after 15s Details Validate Config / Cron Syntax Check (push) Successful in 5s Details Validate Config / Deploy Script Dry Run (push) Successful in 6s Details Validate Config / Playbook Schema Validation (push) Successful in 9s Details Architecture Lint / Lint Repository (push) Failing after 7s Details	2026-04-13 01:36:10 +00:00
Perplexity Computer	d923b9e38a	feat: add Anthropic ban enforcement scanner Some checks failed Architecture Lint / Linter Tests (pull_request) Successful in 10s Details PR Checklist / pr-checklist (pull_request) Failing after 1m14s Details Smoke Test / smoke (pull_request) Failing after 7s Details Validate Config / YAML Lint (pull_request) Failing after 8s Details Validate Config / JSON Validate (pull_request) Successful in 7s Details Validate Config / Python Syntax & Import Check (pull_request) Failing after 8s Details Validate Config / Python Test Suite (pull_request) Has been skipped Details Validate Config / Shell Script Lint (pull_request) Failing after 17s Details Validate Config / Cron Syntax Check (pull_request) Successful in 6s Details Validate Config / Deploy Script Dry Run (pull_request) Successful in 5s Details Validate Config / Playbook Schema Validation (pull_request) Successful in 8s Details Architecture Lint / Lint Repository (pull_request) Failing after 7s Details	2026-04-13 01:34:35 +00:00
Perplexity Computer	22c4bb57fe	Merge pull request '[INFRA] Merge Conflict Detector — catch sibling PR collisions' (#500 ) from perplexity/conflict-detector into main Some checks failed Architecture Lint / Linter Tests (push) Successful in 9s Details Smoke Test / smoke (push) Failing after 7s Details Validate Config / YAML Lint (push) Failing after 5s Details Validate Config / JSON Validate (push) Successful in 6s Details Validate Config / Python Syntax & Import Check (push) Failing after 7s Details Validate Config / Python Test Suite (push) Has been skipped Details Validate Config / Shell Script Lint (push) Failing after 14s Details Validate Config / Cron Syntax Check (push) Successful in 5s Details Validate Config / Playbook Schema Validation (push) Successful in 8s Details Validate Config / Deploy Script Dry Run (push) Successful in 5s Details Architecture Lint / Lint Repository (push) Failing after 7s Details	2026-04-13 00:26:38 +00:00
Perplexity Computer	55fc678dc3	Add merge conflict detector for sibling PRs Some checks failed Architecture Lint / Linter Tests (pull_request) Successful in 10s Details PR Checklist / pr-checklist (pull_request) Failing after 1m12s Details Smoke Test / smoke (pull_request) Failing after 8s Details Validate Config / YAML Lint (pull_request) Failing after 9s Details Validate Config / JSON Validate (pull_request) Successful in 9s Details Validate Config / Python Syntax & Import Check (pull_request) Failing after 10s Details Validate Config / Python Test Suite (pull_request) Has been skipped Details Validate Config / Shell Script Lint (pull_request) Failing after 14s Details Validate Config / Cron Syntax Check (pull_request) Successful in 5s Details Validate Config / Deploy Script Dry Run (pull_request) Successful in 6s Details Validate Config / Playbook Schema Validation (pull_request) Successful in 9s Details Architecture Lint / Lint Repository (pull_request) Failing after 7s Details	2026-04-13 00:26:28 +00:00
Timmy Time	77a95d0ca1	Merge pull request '[Multimodal] Implement Visual Smoke Test for The Nexus (#490 )' (#498 ) from feat/nexus-visual-smoke-test-v2 into main Some checks failed Architecture Lint / Linter Tests (push) Successful in 11s Details Smoke Test / smoke (push) Failing after 8s Details Validate Config / YAML Lint (push) Failing after 7s Details Validate Config / JSON Validate (push) Successful in 7s Details Validate Config / Python Syntax & Import Check (push) Failing after 9s Details Validate Config / Python Test Suite (push) Has been skipped Details Validate Config / Shell Script Lint (push) Failing after 16s Details Validate Config / Cron Syntax Check (push) Successful in 7s Details Validate Config / Deploy Script Dry Run (push) Successful in 5s Details Validate Config / Playbook Schema Validation (push) Successful in 10s Details Architecture Lint / Lint Repository (push) Failing after 8s Details	2026-04-13 00:02:51 +00:00
Timmy Time	9677785d8a	Merge pull request 'fix(ci): Enforce lint failures + add pytest job (fixes #485 )' (#488 ) from burn/20260412-0809-audit-fix into main Some checks failed Architecture Lint / Linter Tests (push) Successful in 11s Details Smoke Test / smoke (push) Failing after 7s Details Validate Config / YAML Lint (push) Failing after 8s Details Validate Config / JSON Validate (push) Successful in 8s Details Validate Config / Python Syntax & Import Check (push) Failing after 11s Details Validate Config / Python Test Suite (push) Has been skipped Details Validate Config / Shell Script Lint (push) Failing after 17s Details Validate Config / Cron Syntax Check (push) Successful in 6s Details Validate Config / Deploy Script Dry Run (push) Successful in 6s Details Validate Config / Playbook Schema Validation (push) Successful in 8s Details Architecture Lint / Lint Repository (push) Has been cancelled Details	2026-04-13 00:00:57 +00:00
Timmy Time	a5ac4cc675	Merge pull request 'fix: restore self-healing runtime checks' (#489 ) from timmy/issue-435-self-healing into main Some checks failed Architecture Lint / Lint Repository (push) Has been cancelled Details Architecture Lint / Linter Tests (push) Has been cancelled Details Smoke Test / smoke (push) Has been cancelled Details Validate Config / JSON Validate (push) Has been cancelled Details Validate Config / Python Syntax & Import Check (push) Has been cancelled Details Validate Config / Shell Script Lint (push) Has been cancelled Details Validate Config / Cron Syntax Check (push) Has been cancelled Details Validate Config / Deploy Script Dry Run (push) Has been cancelled Details Validate Config / Playbook Schema Validation (push) Has been cancelled Details Validate Config / YAML Lint (push) Has started running Details	2026-04-13 00:00:49 +00:00
Timmy Time	d801c5bc78	Merge pull request 'feat: add fleet dashboard script' (#497 ) from burn/20260412-1217-dashboard into main Some checks failed Architecture Lint / Linter Tests (push) Has been cancelled Details Architecture Lint / Lint Repository (push) Has been cancelled Details Smoke Test / smoke (push) Has been cancelled Details Validate Config / YAML Lint (push) Has been cancelled Details Validate Config / JSON Validate (push) Has been cancelled Details Validate Config / Python Syntax & Import Check (push) Has been cancelled Details Validate Config / Shell Script Lint (push) Has been cancelled Details Validate Config / Cron Syntax Check (push) Has been cancelled Details Validate Config / Deploy Script Dry Run (push) Has been cancelled Details Validate Config / Playbook Schema Validation (push) Has been cancelled Details	2026-04-13 00:00:44 +00:00
Timmy Time	90dbd8212c	Merge pull request '[Multimodal] Sovereign Toolsuite Implementation (#491-#496)' (#499 ) from feat/multimodal-toolsuite into main Some checks failed Architecture Lint / Linter Tests (push) Has been cancelled Details Architecture Lint / Lint Repository (push) Has been cancelled Details Smoke Test / smoke (push) Has been cancelled Details Validate Config / JSON Validate (push) Has been cancelled Details Validate Config / Python Syntax & Import Check (push) Has been cancelled Details Validate Config / Shell Script Lint (push) Has been cancelled Details Validate Config / Cron Syntax Check (push) Has been cancelled Details Validate Config / Deploy Script Dry Run (push) Has been cancelled Details Validate Config / Playbook Schema Validation (push) Has been cancelled Details Validate Config / YAML Lint (push) Has started running Details	2026-04-13 00:00:38 +00:00
Alexander Whitestone	7813871296	feat: implement visual smoke test for The Nexus (#490 ) Some checks failed Architecture Lint / Linter Tests (pull_request) Successful in 8s Details PR Checklist / pr-checklist (pull_request) Successful in 1m20s Details Smoke Test / smoke (pull_request) Failing after 6s Details Validate Config / YAML Lint (pull_request) Failing after 6s Details Validate Config / JSON Validate (pull_request) Successful in 6s Details Validate Config / Python Syntax & Import Check (pull_request) Failing after 8s Details Validate Config / Shell Script Lint (pull_request) Successful in 15s Details Validate Config / Cron Syntax Check (pull_request) Successful in 5s Details Validate Config / Deploy Script Dry Run (pull_request) Successful in 4s Details Validate Config / Playbook Schema Validation (pull_request) Successful in 8s Details Architecture Lint / Lint Repository (pull_request) Failing after 7s Details	2026-04-12 23:24:02 +00:00
Alexander Whitestone	6863d9c0c5	feat: add fleet dashboard script (scripts/fleet-dashboard.py) Some checks failed Architecture Lint / Linter Tests (pull_request) Successful in 9s Details PR Checklist / pr-checklist (pull_request) Failing after 1m16s Details Smoke Test / smoke (pull_request) Failing after 6s Details Validate Config / YAML Lint (pull_request) Failing after 6s Details Validate Config / JSON Validate (pull_request) Successful in 6s Details Validate Config / Python Syntax & Import Check (pull_request) Failing after 7s Details Validate Config / Shell Script Lint (pull_request) Successful in 14s Details Validate Config / Cron Syntax Check (pull_request) Successful in 5s Details Validate Config / Deploy Script Dry Run (pull_request) Successful in 5s Details Validate Config / Playbook Schema Validation (pull_request) Successful in 8s Details Architecture Lint / Lint Repository (pull_request) Failing after 8s Details One-page terminal dashboard for the Timmy Foundation fleet: - Gitea: open PRs, issues, recent merges per repo - VPS health: SSH reachability, service status, disk usage for ezra/allegro/bezalel - Cron jobs: schedule, state, last run status from cron/jobs.json Usage: python3 scripts/fleet-dashboard.py python3 scripts/fleet-dashboard.py --json Uses existing gitea_client.py patterns for Gitea API access. No external dependencies -- stdlib only.	2026-04-12 12:19:35 -04:00
Alexander Whitestone	b49a0abf39	fix: restore self-healing runtime checks Some checks failed Architecture Lint / Linter Tests (pull_request) Successful in 9s Details PR Checklist / pr-checklist (pull_request) Failing after 1m17s Details Smoke Test / smoke (pull_request) Failing after 7s Details Validate Config / YAML Lint (pull_request) Failing after 6s Details Validate Config / JSON Validate (pull_request) Successful in 6s Details Validate Config / Python Syntax & Import Check (pull_request) Failing after 8s Details Validate Config / Shell Script Lint (pull_request) Successful in 15s Details Validate Config / Cron Syntax Check (pull_request) Successful in 5s Details Validate Config / Deploy Script Dry Run (pull_request) Successful in 5s Details Validate Config / Playbook Schema Validation (pull_request) Successful in 8s Details Architecture Lint / Lint Repository (pull_request) Failing after 8s Details	2026-04-12 10:53:55 -04:00
Alexander Whitestone	72de3eebdf	fix(ci): enforce lint failures and add pytest job to validate-config Some checks failed Architecture Lint / Linter Tests (pull_request) Successful in 9s Details PR Checklist / pr-checklist (pull_request) Successful in 1m21s Details Smoke Test / smoke (pull_request) Failing after 7s Details Validate Config / YAML Lint (pull_request) Failing after 6s Details Validate Config / JSON Validate (pull_request) Successful in 6s Details Validate Config / Deploy Script Dry Run (pull_request) Successful in 6s Details Validate Config / Python Syntax & Import Check (pull_request) Failing after 8s Details Validate Config / Python Test Suite (pull_request) Has been skipped Details Validate Config / Shell Script Lint (pull_request) Failing after 16s Details Validate Config / Cron Syntax Check (pull_request) Successful in 5s Details Validate Config / Playbook Schema Validation (pull_request) Successful in 7s Details Architecture Lint / Lint Repository (pull_request) Failing after 8s Details Refs #485 - Expand Gitea CI/CD pipeline maturity Changes: - Remove '\|\| true' from shellcheck step so shell lint errors block merges - Remove '\|\| true' from flake8 step so Python lint errors block merges - Expand flake8 scope to include scripts/, bin/, tests/ - Exclude .git/ from shellcheck file discovery - Add python-test job that runs pytest on the test suite after syntax check passes	2026-04-12 08:11:47 -04:00