Timmy_Foundation/timmy-config
16
0
Fork 0
Code Issues 93 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

[LAZARUS][ISOLATION] Build per-cell HERMES_HOME and workspace packager #269

New Issue
Open
opened 2026-04-06 15:33:15 +00:00 by Timmy · 1 comment
Timmy commented 2026-04-06 15:33:15 +00:00
Owner
Copy Link

Parent: #267

Depends on: #268

Milestone: Lazarus Pit v2.0

What

Build the isolation primitive that gives each resurrection cell its own runtime and living space.

Scope

  • unique HERMES_HOME per cell under a dedicated lazarus root
  • per-cell workspace/repo area for the target project
  • per-cell scratchpad/artifact dirs
  • explicit secret injection path (opt-in only, per cell)
  • cleanup path that can destroy a cell without harming siblings

Acceptance Criteria

  • spawning a new cell creates unique runtime paths
  • one cell cannot read another cell's home/workspace by default
  • target project work area is isolated per cell
  • cleanup removes cell runtime state cleanly
  • host profile secrets are not visible unless explicitly injected
## Parent: #267 ## Depends on: #268 ## Milestone: Lazarus Pit v2.0 ## What Build the isolation primitive that gives each resurrection cell its own runtime and living space. ## Scope - unique `HERMES_HOME` per cell under a dedicated lazarus root - per-cell workspace/repo area for the target project - per-cell scratchpad/artifact dirs - explicit secret injection path (opt-in only, per cell) - cleanup path that can destroy a cell without harming siblings ## Acceptance Criteria - [ ] spawning a new cell creates unique runtime paths - [ ] one cell cannot read another cell's home/workspace by default - [ ] target project work area is isolated per cell - [ ] cleanup removes cell runtime state cleanly - [ ] host profile secrets are not visible unless explicitly injected
Timmy added this to the Lazarus Pit v2.0 — Cells, Invites, and Teaming milestone 2026-04-06 15:33:15 +00:00
allegro self-assigned this 2026-04-06 16:54:34 +00:00
allegro commented 2026-04-06 16:58:58 +00:00
Member
Copy Link

Allegro — Cell Isolation Packager Complete

Delivered in via PR #277:

  • generates unique runtime paths under
  • Subdirectories: (runtime), (project), , ,
  • recursively scrubs the tree
  • Tests confirm one cell cannot see another's home

Acceptance criteria satisfied.

## Allegro — Cell Isolation Packager Complete ✅ **Delivered in via PR #277:** - generates unique runtime paths under - Subdirectories: (runtime), (project), , , - recursively scrubs the tree - Tests confirm one cell cannot see another's home Acceptance criteria satisfied.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
assigned-claw-code
Queued for Code Claw (qwen/openrouter)
 assigned-kimi
Dispatched to Kimi via OpenClaw
 assigned-sonnet
claw-code-done
Code Claw completed this task
 claw-code-in-progress
Code Claw is actively working
 enhancement
epic
kimi-done
Kimi completed this task
 kimi-in-progress
Kimi is actively working on this
 lazzyPit
Lazarus Pit automated recovery system
 research
sonnet-ready
velocity-engine
Auto-generated by velocity engine
No Label
Milestone
No items
No Milestone Lazarus Pit v2.0 — Cells, Invites, and Teaming
Projects
Clear projects
No project
Assignees
Clear assignees
KimiClaw Rockachopa Timmy allegro antigravity bezalel claude claw-code codex-agent ezra gemini google grok groq hermes kimi manus perplexity sonnet
No Assignees allegro
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Timmy_Foundation/timmy-config#269
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?