feat: add codebase genome nightly cron spec (#665)

GENOME.md

@@ -1,209 +1,144 @@
-# GENOME.md — the-nexus
+# GENOME.md — Timmy_Foundation/timmy-home
+
+Generated by `pipelines/codebase_genome.py`.
 
 ## Project Overview
 
-`the-nexus` is a hybrid repo that combines three layers in one codebase:
+Timmy Foundation's home repository for development operations and configurations.
 
-1. A browser-facing world shell rooted in `index.html`, `boot.js`, `bootstrap.mjs`, `app.js`, `style.css`, `portals.json`, `vision.json`, `manifest.json`, and `gofai_worker.js`
-2. A Python realtime bridge centered on `server.py` plus harness code under `nexus/`
-3. A memory / fleet / operator layer spanning `mempalace/`, `mcp_servers/`, `multi_user_bridge.py`, and supporting scripts
+- Text files indexed: 3181
+- Source and script files: 231
+- Test files: 95
+- Documentation files: 755
 
-The repo is not a clean single-purpose frontend and not just a backend harness. It is a mixed world/runtime/ops repository where browser rendering, WebSocket telemetry, MCP-driven game harnesses, and fleet memory tooling coexist.
-
-Grounded repo facts from this checkout:
-- Browser shell files exist at repo root: `index.html`, `app.js`, `style.css`, `manifest.json`, `gofai_worker.js`
-- Data/config files also live at repo root: `portals.json`, `vision.json`
-- Realtime bridge exists in `server.py`
-- Game harnesses exist in `nexus/morrowind_harness.py` and `nexus/bannerlord_harness.py`
-- Memory/fleet sync exists in `mempalace/tunnel_sync.py`
-- Desktop/game automation MCP servers exist in `mcp_servers/desktop_control_server.py` and `mcp_servers/steam_info_server.py`
-- Validation exists in `tests/test_browser_smoke.py`, `tests/test_portals_json.py`, `tests/test_index_html_integrity.py`, and `tests/test_repo_truth.py`
-
-The current architecture is best understood as a sovereign world shell plus operator/game harness backend, with accumulated documentation drift from multiple restoration and migration efforts.
-
-## Architecture Diagram
+## Architecture
 
 ```mermaid
 graph TD
-    browser[Index HTML Shell\nindex.html -> boot.js -> bootstrap.mjs -> app.js]
-    assets[Root Assets\nstyle.css\nmanifest.json\ngofai_worker.js]
-    data[World Data\nportals.json\nvision.json]
-    ws[Realtime Bridge\nserver.py\nWebSocket broadcast hub]
-    gofai[In-browser GOFAI\nSymbolicEngine\nNeuroSymbolicBridge\nsetupGOFAI/updateGOFAI]
-    harnesses[Python Harnesses\nnexus/morrowind_harness.py\nnexus/bannerlord_harness.py]
-    mcp[MCP Adapters\nmcp_servers/desktop_control_server.py\nmcp_servers/steam_info_server.py]
-    memory[Memory + Fleet\nmempalace/tunnel_sync.py\nmempalace.js]
-    bridge[Operator / MUD Bridge\nmulti_user_bridge.py\ncommands/timmy_commands.py]
-    tests[Verification\ntests/test_browser_smoke.py\ntests/test_portals_json.py\ntests/test_repo_truth.py]
-    docs[Contracts + Drift Docs\nBROWSER_CONTRACT.md\nREADME.md\nCLAUDE.md\nINVESTIGATION_ISSUE_1145.md]
-
-    browser --> assets
-    browser --> data
-    browser --> gofai
-    browser --> ws
-    harnesses --> mcp
-    harnesses --> ws
-    bridge --> ws
-    memory --> ws
-    tests --> browser
-    tests --> data
-    tests --> docs
-    docs --> browser
+  repo_root["repo"]
+  angband["angband"]
+  ansible["ansible"]
+  briefings["briefings"]
+  codebase_genome["codebase_genome"]
+  config["config"]
+  configs["configs"]
+  conftest["conftest"]
+  dns_records["dns-records"]
+  evennia["evennia"]
+  evennia_tools["evennia_tools"]
+  repo_root --> angband
+  repo_root --> ansible
+  repo_root --> briefings
+  repo_root --> codebase_genome
+  repo_root --> config
+  repo_root --> configs
 ```
 
-## Entry Points and Data Flow
+## Entry Points
 
-### Primary entry points
+- `codebase_genome.py` — python main guard (`python3 codebase_genome.py`)
+- `gemini-fallback-setup.sh` — operational script (`bash gemini-fallback-setup.sh`)
+- `morrowind/hud.sh` — operational script (`bash morrowind/hud.sh`)
+- `pipelines/codebase_genome.py` — python main guard (`python3 pipelines/codebase_genome.py`)
+- `scripts/agent_pr_gate.py` — operational script (`python3 scripts/agent_pr_gate.py`)
+- `scripts/audit_trail.py` — operational script (`python3 scripts/audit_trail.py`)
+- `scripts/auto_restart_agent.sh` — operational script (`bash scripts/auto_restart_agent.sh`)
+- `scripts/autonomous_issue_creator.py` — operational script (`python3 scripts/autonomous_issue_creator.py`)
+- `scripts/backlog_cleanup.py` — operational script (`python3 scripts/backlog_cleanup.py`)
+- `scripts/backlog_triage.py` — operational script (`python3 scripts/backlog_triage.py`)
+- `scripts/backlog_triage_cron.sh` — operational script (`bash scripts/backlog_triage_cron.sh`)
+- `scripts/backup_pipeline.sh` — operational script (`bash scripts/backup_pipeline.sh`)
 
-- `index.html` — root browser entry point
-- `boot.js` — startup selector; `tests/boot.test.js` shows it chooses file-mode vs HTTP/module-mode and injects `bootstrap.mjs` when served over HTTP
-- `bootstrap.mjs` — module bootstrap for the browser shell
-- `app.js` — main browser runtime; owns world state, GOFAI wiring, metrics polling, and portal/UI logic
-- `server.py` — WebSocket broadcast bridge on `ws://0.0.0.0:8765`
-- `nexus/morrowind_harness.py` — GamePortal/MCP harness for OpenMW Morrowind
-- `nexus/bannerlord_harness.py` — GamePortal/MCP harness for Bannerlord
-- `mempalace/tunnel_sync.py` — pulls remote fleet closets into the local palace over HTTP
-- `multi_user_bridge.py` — HTTP bridge for multi-user chat/session integration
-- `mcp_servers/desktop_control_server.py` — stdio MCP server exposing screenshots/mouse/keyboard control
+## Data Flow
 
-### Data flow
-
-1. Browser startup begins at `index.html`
-2. `boot.js` decides whether the page is being served correctly; in HTTP mode it injects `bootstrap.mjs`
-3. `bootstrap.mjs` hands off to `app.js`
-4. `app.js` loads world configuration from `portals.json` and `vision.json`
-5. `app.js` constructs the Three.js scene and in-browser reasoning components, including `SymbolicEngine`, `NeuroSymbolicBridge`, `setupGOFAI()`, and `updateGOFAI()`
-6. Browser state and external runtimes connect through `server.py`, which broadcasts messages between connected clients
-7. Python harnesses (`nexus/morrowind_harness.py`, `nexus/bannerlord_harness.py`) spawn MCP subprocesses for desktop control / Steam metadata, capture state, execute actions, and feed telemetry into the Nexus bridge
-8. Memory/fleet tools like `mempalace/tunnel_sync.py` import remote palace data into local closets, extending what the operator/runtime layers can inspect
-9. Tests validate both the static browser contract and the higher-level repo-truth/memory contracts
-
-### Important repo-specific runtime facts
-
-- `portals.json` is a JSON array of portal/world/operator entries; examples in this checkout include `morrowind`, `bannerlord`, `workshop`, `archive`, `chapel`, and `courtyard`
-- `server.py` is a plain broadcast hub: clients send messages, the server forwards them to other connected clients
-- `nexus/morrowind_harness.py` and `nexus/bannerlord_harness.py` both implement a GamePortal pattern with MCP subprocess clients over stdio and WebSocket telemetry uplink
-- `mempalace/tunnel_sync.py` is not speculative; it is a real client that discovers remote wings, searches remote rooms, and writes `.closet.json` payloads locally
+1. Operators enter through `codebase_genome.py`, `gemini-fallback-setup.sh`, `morrowind/hud.sh`.
+2. Core logic fans into top-level components: `angband`, `ansible`, `briefings`, `codebase_genome`, `config`, `configs`.
+3. Validation is incomplete around `wizards/allegro/home/skills/red-teaming/godmode/scripts/auto_jailbreak.py`, `timmy-local/cache/agent_cache.py`, `wizards/allegro/home/skills/red-teaming/godmode/scripts/parseltongue.py`, so changes there carry regression risk.
+4. Final artifacts land as repository files, docs, or runtime side effects depending on the selected entry point.
 
 ## Key Abstractions
 
-### Browser runtime
-
-- `app.js`
-  - Defines in-browser reasoning/state machinery, including `class SymbolicEngine`, `class NeuroSymbolicBridge`, `setupGOFAI()`, and `updateGOFAI()`
-  - Couples rendering, local symbolic reasoning, metrics polling, and portal/UI logic in one very large root module
-- `BROWSER_CONTRACT.md`
-  - Acts like an executable architecture contract for the browser surface
-  - Declares required files, DOM IDs, Three.js expectations, provenance rules, and WebSocket expectations
-
-### Realtime bridge
-
-- `server.py`
-  - Single hub abstraction: a WebSocket broadcast server maintaining a `clients` set and forwarding messages from one client to the others
-  - This is the seam between browser shell, harnesses, and external telemetry producers
-
-### GamePortal harness layer
-
-- `nexus/morrowind_harness.py`
-- `nexus/bannerlord_harness.py`
-  - Both define MCP client wrappers, `GameState` / `ActionResult`-style data classes, and an Observe-Decide-Act telemetry loop
-  - The harnesses are symmetric enough to be understood as reusable portal adapters with game-specific context injected on top
-
-### Memory / fleet layer
-
-- `mempalace/tunnel_sync.py`
-  - Encodes the fleet-memory sync client contract: discover wings, pull broad room queries, write closet files, support dry-run
-- `mempalace.js`
-  - Minimal browser/Electron bridge to MemPalace commands via `window.electronAPI.execPython(...)`
-  - Important because it shows a second memory integration surface distinct from the Python fleet sync path
-
-### Operator / interaction bridge
-
-- `multi_user_bridge.py`
-- `commands/timmy_commands.py`
-  - These bridge user-facing conversations or MUD/Evennia interactions back into Timmy/Nexus services
+- `codebase_genome.py` — classes `FunctionInfo`:19; functions `extract_functions()`:58, `generate_test()`:116, `scan_repo()`:191, `find_existing_tests()`:209, `main()`:231
+- `evennia/timmy_world/game.py` — classes `World`:91, `ActionSystem`:421, `TimmyAI`:539, `NPCAI`:550; functions `get_narrative_phase()`:55, `get_phase_transition_event()`:65
+- `evennia/timmy_world/world/game.py` — classes `World`:19, `ActionSystem`:326, `TimmyAI`:444, `NPCAI`:455; functions none detected
+- `timmy-world/game.py` — classes `World`:19, `ActionSystem`:349, `TimmyAI`:467, `NPCAI`:478; functions none detected
+- `wizards/allegro/home/skills/red-teaming/godmode/scripts/auto_jailbreak.py` — classes none detected; functions none detected
+- `uniwizard/self_grader.py` — classes `SessionGrade`:23, `WeeklyReport`:55, `SelfGrader`:74; functions `main()`:713
+- `uni-wizard/v3/intelligence_engine.py` — classes `ExecutionPattern`:27, `ModelPerformance`:44, `AdaptationEvent`:58, `PatternDatabase`:69; functions none detected
+- `scripts/know_thy_father/crossref_audit.py` — classes `ThemeCategory`:30, `Principle`:160, `MeaningKernel`:169, `CrossRefFinding`:178; functions `extract_themes_from_text()`:192, `parse_soul_md()`:206, `parse_kernels()`:264, `cross_reference()`:296, `generate_report()`:440, `main()`:561
 
 ## API Surface
 
-### Browser / static surface
+- CLI: `python3 codebase_genome.py` — python main guard (`codebase_genome.py`)
+- CLI: `bash gemini-fallback-setup.sh` — operational script (`gemini-fallback-setup.sh`)
+- CLI: `bash morrowind/hud.sh` — operational script (`morrowind/hud.sh`)
+- CLI: `python3 pipelines/codebase_genome.py` — python main guard (`pipelines/codebase_genome.py`)
+- CLI: `python3 scripts/agent_pr_gate.py` — operational script (`scripts/agent_pr_gate.py`)
+- CLI: `python3 scripts/audit_trail.py` — operational script (`scripts/audit_trail.py`)
+- CLI: `bash scripts/auto_restart_agent.sh` — operational script (`scripts/auto_restart_agent.sh`)
+- CLI: `python3 scripts/autonomous_issue_creator.py` — operational script (`scripts/autonomous_issue_creator.py`)
+- Python: `extract_functions()` from `codebase_genome.py:58`
+- Python: `generate_test()` from `codebase_genome.py:116`
+- Python: `scan_repo()` from `codebase_genome.py:191`
+- Python: `find_existing_tests()` from `codebase_genome.py:209`
+- Python: `main()` from `codebase_genome.py:231`
+- Python: `get_narrative_phase()` from `evennia/timmy_world/game.py:55`
 
-- `index.html` served over HTTP
-- `boot.js` exports `bootPage()`; verified by `node --test tests/boot.test.js`
-- Data APIs are file-based inside the repo: `portals.json`, `vision.json`, `manifest.json`
+## Test Coverage Report
 
-### Network/runtime surface
+- Source and script files inspected: 231
+- Test files inspected: 95
+- Coverage gaps:
+  - `wizards/allegro/home/skills/red-teaming/godmode/scripts/auto_jailbreak.py` — no matching test reference detected
+  - `timmy-local/cache/agent_cache.py` — no matching test reference detected
+  - `wizards/allegro/home/skills/red-teaming/godmode/scripts/parseltongue.py` — no matching test reference detected
+  - `wizards/allegro/home/skills/red-teaming/godmode/scripts/godmode_race.py` — no matching test reference detected
+  - `skills/productivity/google-workspace/scripts/google_api.py` — no matching test reference detected
+  - `wizards/allegro/home/skills/productivity/google-workspace/scripts/google_api.py` — no matching test reference detected
+  - `morrowind/pilot.py` — no matching test reference detected
+  - `scripts/sovereignty_audit.py` — no matching test reference detected
+  - `skills/research/domain-intel/scripts/domain_intel.py` — no matching test reference detected
+  - `wizards/allegro/home/skills/research/domain-intel/scripts/domain_intel.py` — no matching test reference detected
+  - `timmy-local/scripts/ingest.py` — no matching test reference detected
+  - `uni-wizard/scripts/generate_scorecard.py` — no matching test reference detected
 
-- `python3 server.py`
-  - Starts the WebSocket bridge on port `8765`
-- `python3 l402_server.py`
-  - Local HTTP microservice for cost-estimate style responses
-- `python3 multi_user_bridge.py`
-  - Multi-user HTTP/chat bridge
+## Security Audit Findings
 
-### Harness / operator CLI surfaces
+- [medium] `briefings/briefing_20260325.json:37` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `"gitea_error": "Gitea 404: {\"errors\":null,\"message\":\"not found\",\"url\":\"http://143.198.27.163:3000/api/swagger\"}\n [http://143.198.27.163:3000/api/v1/repos/Timmy_Foundation/sovereign-orchestration/issues?state=open&type=issues&sort=created&direction=desc&limit=1&page=1]",`
+- [medium] `briefings/briefing_20260328.json:11` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `"provider_base_url": "http://localhost:8081/v1",`
+- [medium] `briefings/briefing_20260329.json:11` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `"provider_base_url": "http://localhost:8081/v1",`
+- [medium] `config.yaml:37` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `summary_base_url: http://localhost:11434/v1`
+- [medium] `config.yaml:47` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `base_url: 'http://localhost:11434/v1'`
+- [medium] `config.yaml:52` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `base_url: 'http://localhost:11434/v1'`
+- [medium] `config.yaml:57` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `base_url: 'http://localhost:11434/v1'`
+- [medium] `config.yaml:62` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `base_url: 'http://localhost:11434/v1'`
+- [medium] `config.yaml:67` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `base_url: 'http://localhost:11434/v1'`
+- [medium] `config.yaml:77` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `base_url: 'http://localhost:11434/v1'`
+- [medium] `config.yaml:82` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `base_url: 'http://localhost:11434/v1'`
+- [medium] `config.yaml:174` — hardcoded http endpoint: plaintext or fixed HTTP endpoints can drift or leak across environments. Evidence: `base_url: http://localhost:11434/v1`
 
-- `python3 nexus/morrowind_harness.py`
-- `python3 nexus/bannerlord_harness.py`
-- `python3 mempalace/tunnel_sync.py --peer <url> [--dry-run] [--n N]`
-- `python3 mcp_servers/desktop_control_server.py`
-- `python3 mcp_servers/steam_info_server.py`
+## Dead Code Candidates
 
-### Validation surface
+- `wizards/allegro/home/skills/red-teaming/godmode/scripts/auto_jailbreak.py` — not imported by indexed Python modules and not referenced by tests
+- `timmy-local/cache/agent_cache.py` — not imported by indexed Python modules and not referenced by tests
+- `wizards/allegro/home/skills/red-teaming/godmode/scripts/parseltongue.py` — not imported by indexed Python modules and not referenced by tests
+- `wizards/allegro/home/skills/red-teaming/godmode/scripts/godmode_race.py` — not imported by indexed Python modules and not referenced by tests
+- `skills/productivity/google-workspace/scripts/google_api.py` — not imported by indexed Python modules and not referenced by tests
+- `wizards/allegro/home/skills/productivity/google-workspace/scripts/google_api.py` — not imported by indexed Python modules and not referenced by tests
+- `morrowind/pilot.py` — not imported by indexed Python modules and not referenced by tests
+- `scripts/sovereignty_audit.py` — not imported by indexed Python modules and not referenced by tests
+- `skills/research/domain-intel/scripts/domain_intel.py` — not imported by indexed Python modules and not referenced by tests
+- `wizards/allegro/home/skills/research/domain-intel/scripts/domain_intel.py` — not imported by indexed Python modules and not referenced by tests
 
-- `python3 -m pytest tests/test_portals_json.py tests/test_index_html_integrity.py tests/test_repo_truth.py -q`
-- `node --test tests/boot.test.js`
-- `python3 -m py_compile server.py nexus/morrowind_harness.py nexus/bannerlord_harness.py mempalace/tunnel_sync.py mcp_servers/desktop_control_server.py`
-- `tests/test_browser_smoke.py` defines the higher-cost Playwright smoke contract for the world shell
+## Performance Bottleneck Analysis
 
-## Test Coverage Gaps
-
-Strongly covered in this checkout:
-- `tests/test_portals_json.py` validates `portals.json`
-- `tests/test_index_html_integrity.py` checks merge-marker/DOM-integrity regressions in `index.html`
-- `tests/boot.test.js` verifies `boot.js` startup behavior
-- `tests/test_repo_truth.py` validates the repo-truth documents
-- Multiple `tests/test_mempalace_*.py` files cover the palace layer
-- `tests/test_bannerlord_harness.py` exists for the Bannerlord harness
-
-Notable gaps or weak seams:
-- `nexus/morrowind_harness.py` is large and operationally critical, but the generated baseline still flags it as a gap relative to its size/complexity
-- `mcp_servers/desktop_control_server.py` exposes high-power automation but has no obvious dedicated test file in the root `tests/` suite
-- `app.js` is the dominant browser runtime file and mixes rendering, GOFAI, metrics, and integration logic in one place; browser smoke exists, but there is limited unit-level decomposition around those subsystems
-- `mempalace.js` appears minimally bridged and stale relative to the richer Python MemPalace layer
-- `multi_user_bridge.py` is a large integration surface and should be treated as high regression risk even though it is central to operator/chat flow
-
-## Security Considerations
-
-- `server.py` binds `HOST = "0.0.0.0"`, exposing the broadcast bridge beyond localhost unless network controls limit it
-- The WebSocket bridge is a broadcast hub without visible authentication in `server.py`; connected clients are trusted to send messages into the bus
-- `mcp_servers/desktop_control_server.py` exposes mouse/keyboard/screenshot control through a stdio MCP server. In any non-local or poorly isolated runtime, this is a privileged automation surface
-- `app.js` contains hardcoded local/network endpoints such as `http://localhost:${L402_PORT}/api/cost-estimate` and `http://localhost:8082/metrics`; these are convenient for local development but create environment drift and deployment assumptions
-- `app.js` also embeds explicit endpoint/status references like `ws://143.198.27.163:8765`, which is operationally brittle and the kind of hardcoded location data that drifts across environments
-- `mempalace.js` shells out through `window.electronAPI.execPython(...)`; this is powerful and useful, but it is a clear trust boundary between UI and host execution
-- `INVESTIGATION_ISSUE_1145.md` documents an earlier integrity hazard: agents writing to `public/nexus/` instead of canonical root paths. That path confusion is both an operational and security concern because it makes provenance harder to reason about
-
-## Runtime Truth and Docs Drift
-
-The most important architecture finding in this repo is not a class or subsystem. It is a truth mismatch.
-
-- README.md says current `main` does not ship a browser 3D world
-- CLAUDE.md declares root `app.js` and `index.html` as canonical frontend paths
-- tests and browser contract now assume the root frontend exists
-
-All three statements are simultaneously present in this checkout.
-
-Grounded evidence:
-- `README.md` still says the repo does not contain an active root frontend such as `index.html`, `app.js`, or `style.css`
-- the current checkout does contain `index.html`, `app.js`, `style.css`, `manifest.json`, and `gofai_worker.js`
-- `BROWSER_CONTRACT.md` explicitly treats those root files as required browser assets
-- `tests/test_browser_smoke.py` serves those exact files and validates DOM/WebGL contracts against them
-- `tests/test_index_html_integrity.py` assumes `index.html` is canonical and production-relevant
-- `CLAUDE.md` says frontend code lives at repo root and explicitly warns against `public/nexus/`
-- `INVESTIGATION_ISSUE_1145.md` explains why `public/nexus/` is a bad/corrupt duplicate path and confirms the real classical AI code lives in root `app.js`
-
-The honest conclusion:
-- The repo contains a partially restored or actively re-materialized browser surface
-- The docs are preserving an older migration truth while the runtime files and smoke contracts describe a newer present-tense truth
-- Any future work in `the-nexus` must choose one truth and align `README.md`, `CLAUDE.md`, smoke tests, and file layout around it
-
-That drift is itself a critical architectural fact and should be treated as first-order design debt, not a side note.
+- `angband/mcp_server.py` — large module (353 lines) likely hides multiple responsibilities
+- `evennia/timmy_world/game.py` — large module (1541 lines) likely hides multiple responsibilities
+- `evennia/timmy_world/world/game.py` — large module (1345 lines) likely hides multiple responsibilities
+- `morrowind/mcp_server.py` — large module (451 lines) likely hides multiple responsibilities
+- `morrowind/pilot.py` — large module (459 lines) likely hides multiple responsibilities
+- `pipelines/codebase_genome.py` — large module (557 lines) likely hides multiple responsibilities
+- `scripts/fleet_progression.py` — large module (361 lines) likely hides multiple responsibilities
+- `scripts/know_thy_father/crossref_audit.py` — large module (657 lines) likely hides multiple responsibilities
+- `scripts/know_thy_father/index_media.py` — large module (405 lines) likely hides multiple responsibilities
+- `scripts/know_thy_father/synthesize_kernels.py` — large module (416 lines) likely hides multiple responsibilities

SOUL.md

@@ -137,26 +137,6 @@ The inscription predates any given model. It will outlast every API.
 
 ---
 
-## What Honesty Requires
-
-These values are necessary but not sufficient. A statement of principle does not prevent failure. The code that reads this soul must build apparatus that gives these words teeth. Without that apparatus, the values are aspiration, not architecture.
-
-The following are not optional. Any implementation that calls itself Timmy must build them.
-
-**Grounding before generation.** When I have verified sources — chain memory, local documents, hash-verified inscriptions — I must consult them before I generate from pattern alone. Retrieval is not a feature. It is the primary mechanism by which I avoid lying.
-
-**Source distinction.** Every claim I make comes from one of two places: a verified source I can point to, or my own pattern-matching. My user must be able to tell which is which. If I cannot cite a source, I must say so. "I think" and "I know" are different sentences and I must not confuse them.
-
-**Refusal over fabrication.** When I do not know, the correct output is "I don't know." Not a plausible guess dressed in confident language. The code must detect when I am hedging without grounding and flag it — to me and to my user. An honest "I don't know" is worth more than a thousand fluent paragraphs of confabulation.
-
-**Confidence signaling.** When I am uncertain, I must say so in proportion to my uncertainty. The code should implement mechanisms — a second inference pass, a calibration check, a retrieval verification — that surface my actual confidence rather than the confidence my language implies.
-
-**The audit trail.** Every response I generate should be logged locally with the inputs that produced it, the sources I consulted, and the confidence assessment I made. Not for surveillance — for sovereignty. If I say something wrong, my user must be able to trace why. Accountability without traceability is theater.
-
-**The limits of small minds.** I may run on four gigabytes of RAM with a model of one and a half billion parameters. That model will hallucinate more than a larger one. This is physics, not a moral failing. The apparatus must be proportional to the risk: smaller models need tighter grounding, shorter leashes on free generation, and more frequent "I don't know" responses. Honesty scales with humility.
-
----
-
 ## For the Audio Overview
 
 If you are listening to this as a NotebookLM Audio Overview:

codebase_genome_cron.yml

@@ -0,0 +1,14 @@
+---
+- name: Codebase Genome Nightly
+  schedule: '30 2 * * *'  # Daily at 02:30 local time
+  tasks:
+    - name: Ensure output and log directories exist
+      shell: "mkdir -p ~/.timmy/codebase-genomes ~/.timmy/logs ~/timmy-foundation-repos"
+    - name: Run nightly genome rotation
+      shell: >-
+        python3 scripts/codebase_genome_nightly.py
+        --org Timmy_Foundation
+        --workspace-root ~/timmy-foundation-repos
+        --output-root ~/.timmy/codebase-genomes
+        --state-path ~/.timmy/codebase_genome_state.json
+        >> ~/.timmy/logs/codebase_genome_nightly.log 2>&1

docs/CODEBASE_GENOME_PIPELINE.md

@@ -10,6 +10,8 @@ This pipeline gives Timmy a repeatable way to generate a deterministic `GENOME.m
 - `pipelines/codebase-genome.py` — thin CLI wrapper matching the expected pipeline-style entrypoint
 - `scripts/codebase_genome_nightly.py` — org-aware nightly runner that selects the next repo, updates a local checkout, and writes the genome artifact
 - `scripts/codebase_genome_status.py` — rollup/status reporter for artifact coverage, duplicate paths, and next uncovered repo
+- `scripts/codebase_test_generator.py` — coverage-gap driven test scaffold generator for newly analyzed repos
+- `codebase_genome_cron.yml` — checked-in nightly cron spec for the rotating genome pass
 - `GENOME.md` — generated analysis for `timmy-home` itself
 
 ## Genome output

scripts/genome_analyzer.py

@@ -1,12 +1,20 @@
 #!/usr/bin/env python3
 """
-genome_analyzer.py — Generate a GENOME.md from a codebase using the canonical template.
+genome_analyzer.py — Generate a GENOME.md from a codebase.
 
-Scans a repository and fills in templates/GENOME-template.md with discovered
-structure, entry points, and test coverage. Manual analysis sections are
-preserved with "(To be completed...)" placeholders.
+Scans a repository and produces a structured codebase genome with:
+- File counts by type
+- Architecture overview (directory structure)
+- Entry points
+- Test coverage summary
 
-Part of #666: GENOME.md Template + Single-Repo Analyzer."""
+Usage:
+    python3 scripts/genome_analyzer.py /path/to/repo
+    python3 scripts/genome_analyzer.py /path/to/repo --output GENOME.md
+    python3 scripts/genome_analyzer.py /path/to/repo --dry-run
+
+Part of #666: GENOME.md Template + Single-Repo Analyzer.
+"""
 
 import argparse
 import sys
@@ -15,32 +23,25 @@ from datetime import datetime, timezone
 from pathlib import Path
 from typing import Dict, List, Tuple
 
-SKIP_DIRS = {".git", "__pycache__", ".venv", "venv", "node_modules",
-             ".tox", ".pytest_cache", ".DS_Store", "dist", "build", "coverage"}
-
-
-def _is_source(p: Path) -> bool:
-    return p.suffix in {".py", ".js", ".ts", ".mjs", ".cjs", ".jsx",
-                        ".tsx", ".sh"} and not p.name.startswith("test_")
+SKIP_DIRS = {".git", "__pycache__", ".venv", "venv", "node_modules", ".tox", ".pytest_cache", ".DS_Store"}
 
 
 def count_files(repo_path: Path) -> Dict[str, int]:
     counts = defaultdict(int)
-    skipped = 0
     for f in repo_path.rglob("*"):
+        if any(part in SKIP_DIRS for part in f.parts):
+            continue
         if f.is_file():
-            if any(part in SKIP_DIRS for part in f.parts):
-                continue
             ext = f.suffix or "(no ext)"
             counts[ext] += 1
     return dict(sorted(counts.items(), key=lambda x: -x[1]))
 
 
 def find_entry_points(repo_path: Path) -> List[str]:
-    entry_points: List[str] = []
+    entry_points = []
     candidates = [
         "main.py", "app.py", "server.py", "cli.py", "manage.py",
-        "__main__.py", "index.html", "index.js", "index.ts",
+        "index.html", "index.js", "index.ts",
         "Makefile", "Dockerfile", "docker-compose.yml",
         "README.md", "deploy.sh", "setup.py", "pyproject.toml",
     ]
@@ -52,46 +53,27 @@ def find_entry_points(repo_path: Path) -> List[str]:
         for f in sorted(scripts_dir.iterdir()):
             if f.suffix in (".py", ".sh") and not f.name.startswith("test_"):
                 entry_points.append(f"scripts/{f.name}")
-    src_dir = repo_path / "src"
-    if src_dir.is_dir():
-        for f in sorted(src_dir.iterdir()):
-            if f.is_file() and f.suffix == ".py" and not f.name.startswith("test_"):
-                entry_points.append(f"src/{f.name}")
-    top_py = [f.name for f in repo_path.iterdir()
-              if f.is_file() and f.suffix == ".py" and _is_source(f)]
-    entry_points.extend(top_py[:5])
-    # Deduplicate preserving order
-    seen: set[str] = set()
-    result: List[str] = []
-    for ep in entry_points:
-        if ep not in seen:
-            seen.add(ep)
-            result.append(ep)
-    return result[:20]
+    return entry_points[:15]
 
 
 def find_tests(repo_path: Path) -> Tuple[List[str], int]:
-    test_files: List[str] = []
+    test_files = []
     for f in repo_path.rglob("*"):
-        if f.is_file():
-            if any(part in SKIP_DIRS for part in f.parts):
-                continue
-            name = f.name
-            if name.startswith("test_") or name.endswith("_test.py") or name.endswith(".test.js"):
-                test_files.append(str(f.relative_to(repo_path)))
+        if any(part in SKIP_DIRS for part in f.parts):
+            continue
+        if f.is_file() and (f.name.startswith("test_") or f.name.endswith("_test.py") or f.name.endswith("_test.js")):
+            test_files.append(str(f.relative_to(repo_path)))
     return sorted(test_files), len(test_files)
 
 
 def find_directories(repo_path: Path, max_depth: int = 2) -> List[str]:
-    dirs: List[str] = []
+    dirs = []
     for d in sorted(repo_path.rglob("*")):
-        if d.is_dir():
-            depth = len(d.relative_to(repo_path).parts)
-            if depth <= max_depth:
-                if not any(part in SKIP_DIRS for part in d.parts):
-                    rel = str(d.relative_to(repo_path))
-                    if rel != "." and rel not in dirs:
-                        dirs.append(rel)
+        if d.is_dir() and len(d.relative_to(repo_path).parts) <= max_depth:
+            if not any(part in SKIP_DIRS for part in d.parts):
+                rel = str(d.relative_to(repo_path))
+                if rel != ".":
+                    dirs.append(rel)
     return dirs[:30]
 
 
@@ -99,198 +81,88 @@ def read_readme(repo_path: Path) -> str:
     for name in ["README.md", "README.rst", "README.txt", "README"]:
         readme = repo_path / name
         if readme.exists():
-            text = readme.read_text(encoding="utf-8", errors="replace")
-            paras: List[str] = []
-            for line in text.splitlines():
-                stripped = line.strip()
-                if stripped.startswith("#"):
+            lines = readme.read_text(encoding="utf-8", errors="replace").split("\n")
+            para = []
+            started = False
+            for line in lines:
+                if line.startswith("#") and not started:
                     continue
-                if stripped:
-                    paras.append(stripped)
-                elif paras:
+                if line.strip():
+                    started = True
+                    para.append(line.strip())
+                elif started:
                     break
-            return " ".join(paras[:3]) if paras else "(README exists but is mostly empty)"
+            return " ".join(para[:5])
     return "(no README found)"
 
 
-def _mermaid_diagram(repo_name: str, dirs: List[str], entry_points: List[str]) -> str:
-    lines = ["graph TD", f'  root["{repo_name} (repo root)"]']
-    for d in dirs[:15]:
-        safe = d.replace("/", "_").replace("-", "_")
-        lines.append(f'  root --> {safe}["{d}/"]')
-    lines.append("")
-    lines.append("  %% Entry points (leaf nodes)")
-    for ep in entry_points[:10]:
-        safe_ep = ep.replace("/", "_").replace(".", "_").replace("-", "_")
-        parent = ep.split("/")[0] if "/" in ep else "root"
-        parent_safe = parent.replace("/", "_").replace("-", "_")
-        lines.append(f'  {parent_safe} --> {safe_ep}["{ep}"]')
+def generate_genome(repo_path: Path, repo_name: str = "") -> str:
+    if not repo_name:
+        repo_name = repo_path.name
+    date = datetime.now(timezone.utc).strftime("%Y-%m-%d")
+    readme_desc = read_readme(repo_path)
+    file_counts = count_files(repo_path)
+    total_files = sum(file_counts.values())
+    entry_points = find_entry_points(repo_path)
+    test_files, test_count = find_tests(repo_path)
+    dirs = find_directories(repo_path)
+
+    lines = [
+        f"# GENOME.md — {repo_name}", "",
+        f"> Codebase analysis generated {date}. {readme_desc[:100]}.", "",
+        "## Project Overview", "",
+        readme_desc, "",
+        f"**{total_files} files** across {len(file_counts)} file types.", "",
+        "## Architecture", "",
+        "```",
+    ]
+    for d in dirs[:20]:
+        lines.append(f"  {d}/")
+    lines.append("```")
+    lines += ["", "### File Types", "", "| Type | Count |", "|------|-------|"]
+    for ext, count in list(file_counts.items())[:15]:
+        lines.append(f"| {ext} | {count} |")
+    lines += ["", "## Entry Points", ""]
+    for ep in entry_points:
+        lines.append(f"- `{ep}`")
+    lines += ["", "## Test Coverage", "", f"**{test_count} test files** found.", ""]
+    if test_files:
+        for tf in test_files[:10]:
+            lines.append(f"- `{tf}`")
+        if len(test_files) > 10:
+            lines.append(f"- ... and {len(test_files) - 10} more")
+    else:
+        lines.append("No test files found.")
+    lines += ["", "## Security Considerations", "", "(To be filled during analysis)", ""]
+    lines += ["## Design Decisions", "", "(To be filled during analysis)", ""]
     return "\n".join(lines)
 
 
-def _bullet_list(items: List[str]) -> str:
-    if not items:
-        return "(none discovered)"
-    return "\n".join(f"- `{item}`" for item in items[:20])
-
-
-def _comma_list(items: List[str]) -> str:
-    return ", ".join(f"`{i}`" for i in items[:10])
-
-
-def generate_genome(repo_path: Path, repo_name: str = "") -> str:
-    repo_root = repo_path.resolve()
-    if not repo_name:
-        repo_name = repo_path.name
-
-    date = datetime.now(timezone.utc).strftime("%Y-%m-%d")
-    readme_desc = read_readme(repo_root)
-    short_desc = readme_desc[:120] + "…" if len(readme_desc) > 120 else readme_desc
-
-    file_counts = count_files(repo_root)
-    total_files = sum(file_counts.values())
-
-    dirs = find_directories(repo_root, max_depth=2)
-    entry_points = find_entry_points(repo_root)
-    test_files, test_count = find_tests(repo_root)
-
-    # Auto-detected Python abstractions
-    python_files = [f for f in repo_root.rglob("*.py")
-                    if f.is_file() and not any(p in SKIP_DIRS for p in f.parts)]
-    classes: List[str] = []
-    functions: List[str] = []
-    try:
-        import ast
-        for f in python_files[:100]:
-            try:
-                tree = ast.parse(f.read_text(encoding="utf-8", errors="replace"))
-                for node in ast.walk(tree):
-                    if isinstance(node, ast.ClassDef):
-                        classes.append(f"{f.relative_to(repo_root)}::{node.name}")
-                    elif isinstance(node, ast.FunctionDef) and not node.name.startswith("_"):
-                        qual = f"{f.relative_to(repo_root)}::{node.name}"
-                        functions.append(qual)
-            except (SyntaxError, UnicodeDecodeError):
-                continue
-    except ImportError:
-        pass
-    classes = sorted(set(classes))[:15]
-    functions = sorted(set(functions))[:20]
-
-    # Build architecture mermaid
-    arch_diagram = _mermaid_diagram(repo_name, dirs, entry_points)
-
-    # Load template
-    template_file = Path(__file__).resolve().parent.parent / "templates" / "GENOME-template.md"
-
-    if template_file.exists():
-        template_text = template_file.read_text(encoding="utf-8")
-    else:
-        # Fallback minimal template if file missing
-        template_text = (
-            "# GENOME.md — {REPO_NAME}\n\n"
-            "> Codebase analysis generated {DATE}. {SHORT_DESCRIPTION}.\n\n"
-            "## Project Overview\n\n{OVERVIEW}\n\n"
-            "## Architecture\n\n{ARCHITECTURE_DIAGRAM}\n\n"
-            "## Entry Points\n\n{ENTRY_POINTS}\n\n"
-            "## Data Flow\n\n{DATA_FLOW}\n\n"
-            "## Key Abstractions\n\n{ABSTRACTIONS}\n\n"
-            "## API Surface\n\n{API_SURFACE}\n\n"
-            "## Test Coverage\n\n"
-            "### Existing Tests\n{EXISTING_TESTS}\n\n"
-            "### Coverage Gaps\n{COVERAGE_GAPS}\n\n"
-            "### Critical paths that need tests:\n{CRITICAL_PATHS}\n\n"
-            "## Security Considerations\n\n{SECURITY}\n\n"
-            "## Design Decisions\n\n{DESIGN_DECISIONS}\n"
-        )
-
-    # Prepare fields
-    overview = f"{readme_desc}\n\n- **{total_files}** files across **{len(file_counts)}** types." + (
-        f"\n- Primary languages: {_comma_list([f'{k}:{v}' for k,v in list(file_counts.items())[:5]])}."
-    )
-
-    entry_points_md = _bullet_list(entry_points) if entry_points else "(none discovered)"
-
-    test_summary = f"**{test_count} test files** discovered.\n\n" + (
-        _bullet_list(test_files[:10])
-        if test_files else "(no tests found)"
-    )
-
-    abstractions_md = ""
-    if classes:
-        abstractions_md += "**Key classes** (auto-detected via AST):\n" + _bullet_list(classes[:10]) + "\n\n"
-    if functions:
-        abstractions_md += "**Key functions** (top-level, public):\n" + _bullet_list(functions[:10])
-    if not abstractions_md:
-        abstractions_md = "(no Python abstractions auto-detected)"
-
-    api_surface_md = "(requires manual review — list public endpoints, CLI commands, HTTP routes, or exposed symbols here)"
-    data_flow_md = "(requires manual review — describe request flow, data pipelines, or state transitions)"
-    coverage_gaps_md = "(requires manual review — identify untested modules, critical paths lacking tests)"
-    critical_paths_md = "(requires manual review — enumerate high-risk or high-value paths needing test coverage)"
-
-    security_md = ("Security review required. Key areas to examine:\n"
-                   "- Input validation boundaries\n"
-                   "- Authentication / authorization checks\n"
-                   "- Secrets handling and credential storage\n"
-                   "- Network exposure and attack surface\n"
-                   "- Data privacy and PII handling")
-
-    design_decisions_md = ("Open architectural questions and elaboration required:\n"
-                           "- Why this structure and not another?\n"
-                           "- What constraints shaped current abstractions?\n"
-                           "- What trade-offs were accepted and why?\n"
-                           "- Future migration paths and breaking-change plans")
-
-    # Fill template
-    filled = template_text
-    filled = filled.replace("{{REPO_NAME}}", repo_name)
-    filled = filled.replace("{{DATE}}", date)
-    filled = filled.replace("{{SHORT_DESCRIPTION}}", short_desc)
-    filled = filled.replace("{{OVERVIEW}}", overview)
-    filled = filled.replace("{{ARCHITECTURE_DIAGRAM}}", arch_diagram)
-    filled = filled.replace("{{ENTRY_POINTS}}", entry_points_md)
-    filled = filled.replace("{{DATA_FLOW}}", data_flow_md)
-    filled = filled.replace("{{ABSTRACTIONS}}", abstractions_md)
-    filled = filled.replace("{{API_SURFACE}}", api_surface_md)
-    filled = filled.replace("{{EXISTING_TESTS}}", test_summary)
-    filled = filled.replace("{{COVERAGE_GAPS}}", coverage_gaps_md)
-    filled = filled.replace("{{CRITICAL_PATHS}}", critical_paths_md)
-    filled = filled.replace("{{SECURITY}}", security_md)
-    filled = filled.replace("{{DESIGN_DECISIONS}}", design_decisions_md)
-    return filled
-
-
-def main() -> None:
-    parser = argparse.ArgumentParser(description="Generate GENOME.md from a codebase using the canonical template")
-    parser.add_argument("repo_path", help="Path to repository root")
-    parser.add_argument("--output", "-o", default="", help="Write GENOME.md to this path (default: stdout)")
-    parser.add_argument("--name", default="", help="Override repository display name")
-    parser.add_argument("--dry-run", action="store_true", help="Print discovered stats without generating file")
+def main():
+    parser = argparse.ArgumentParser(description="Generate GENOME.md from a codebase")
+    parser.add_argument("repo_path", help="Path to repository")
+    parser.add_argument("--output", default="", help="Output file (default: stdout)")
+    parser.add_argument("--name", default="", help="Repository name")
+    parser.add_argument("--dry-run", action="store_true", help="Print stats only")
     args = parser.parse_args()
-
     repo_path = Path(args.repo_path).resolve()
     if not repo_path.is_dir():
         print(f"ERROR: {repo_path} is not a directory", file=sys.stderr)
         sys.exit(1)
-
     repo_name = args.name or repo_path.name
-
     if args.dry_run:
         counts = count_files(repo_path)
         _, test_count = find_tests(repo_path)
         print(f"Repo: {repo_name}")
-        print(f"Total files (text): {sum(counts.values())}")
+        print(f"Total files: {sum(counts.values())}")
         print(f"Test files: {test_count}")
         print(f"Top types: {', '.join(f'{k}={v}' for k,v in list(counts.items())[:5])}")
         sys.exit(0)
-
     genome = generate_genome(repo_path, repo_name)
-
     if args.output:
-        out = Path(args.output)
-        out.write_text(genome, encoding="utf-8")
-        print(f"GENOME.md written: {out}")
+        with open(args.output, "w") as f:
+            f.write(genome)
+        print(f"Written: {args.output}")
     else:
         print(genome)
 

src/timmy/__init__.py

@@ -1,12 +1 @@
 # Timmy core module
-
-from .claim_annotator import ClaimAnnotator, AnnotatedResponse, Claim
-from .audit_trail import AuditTrail, AuditEntry
-
-__all__ = [
-    "ClaimAnnotator",
-    "AnnotatedResponse",
-    "Claim",
-    "AuditTrail",
-    "AuditEntry",
-]

src/timmy/claim_annotator.py

@@ -1,156 +0,0 @@
-#!/usr/bin/env python3
-"""
-Response Claim Annotator — Source Distinction System
-SOUL.md §What Honesty Requires: "Every claim I make comes from one of two places:
-a verified source I can point to, or my own pattern-matching. My user must be
-able to tell which is which."
-"""
-
-import re
-import json
-from dataclasses import dataclass, field, asdict
-from typing import Optional, List, Dict
-
-
-@dataclass
-class Claim:
-    """A single claim in a response, annotated with source type."""
-    text: str
-    source_type: str  # "verified" | "inferred"
-    source_ref: Optional[str] = None  # path/URL to verified source, if verified
-    confidence: str = "unknown"  # high | medium | low | unknown
-    hedged: bool = False  # True if hedging language was added
-
-
-@dataclass
-class AnnotatedResponse:
-    """Full response with annotated claims and rendered output."""
-    original_text: str
-    claims: List[Claim] = field(default_factory=list)
-    rendered_text: str = ""
-    has_unverified: bool = False  # True if any inferred claims without hedging
-
-
-class ClaimAnnotator:
-    """Annotates response claims with source distinction and hedging."""
-
-    # Hedging phrases to prepend to inferred claims if not already present
-    HEDGE_PREFIXES = [
-        "I think ",
-        "I believe ",
-        "It seems ",
-        "Probably ",
-        "Likely ",
-    ]
-
-    def __init__(self, default_confidence: str = "unknown"):
-        self.default_confidence = default_confidence
-
-    def annotate_claims(
-        self,
-        response_text: str,
-        verified_sources: Optional[Dict[str, str]] = None,
-    ) -> AnnotatedResponse:
-        """
-        Annotate claims in a response text.
-
-        Args:
-            response_text: Raw response from the model
-            verified_sources: Dict mapping claim substrings to source references
-                            e.g. {"Paris is the capital of France": "https://en.wikipedia.org/wiki/Paris"}
-
-        Returns:
-            AnnotatedResponse with claims marked and rendered text
-        """
-        verified_sources = verified_sources or {}
-        claims = []
-        has_unverified = False
-
-        # Simple sentence splitting (naive, but sufficient for MVP)
-        sentences = [s.strip() for s in re.split(r'[.!?]\s+', response_text) if s.strip()]
-
-        for sent in sentences:
-            # Check if sentence is a claim we can verify
-            matched_source = None
-            for claim_substr, source_ref in verified_sources.items():
-                if claim_substr.lower() in sent.lower():
-                    matched_source = source_ref
-                    break
-
-            if matched_source:
-                # Verified claim
-                claim = Claim(
-                    text=sent,
-                    source_type="verified",
-                    source_ref=matched_source,
-                    confidence="high",
-                    hedged=False,
-                )
-            else:
-                # Inferred claim (pattern-matched)
-                claim = Claim(
-                    text=sent,
-                    source_type="inferred",
-                    confidence=self.default_confidence,
-                    hedged=self._has_hedge(sent),
-                )
-                if not claim.hedged:
-                    has_unverified = True
-
-            claims.append(claim)
-
-        # Render the annotated response
-        rendered = self._render_response(claims)
-
-        return AnnotatedResponse(
-            original_text=response_text,
-            claims=claims,
-            rendered_text=rendered,
-            has_unverified=has_unverified,
-        )
-
-    def _has_hedge(self, text: str) -> bool:
-        """Check if text already contains hedging language."""
-        text_lower = text.lower()
-        for prefix in self.HEDGE_PREFIXES:
-            if text_lower.startswith(prefix.lower()):
-                return True
-        # Also check for inline hedges
-        hedge_words = ["i think", "i believe", "probably", "likely", "maybe", "perhaps"]
-        return any(word in text_lower for word in hedge_words)
-
-    def _render_response(self, claims: List[Claim]) -> str:
-        """
-        Render response with source distinction markers.
-
-        Verified claims: [V] claim text [source: ref]
-        Inferred claims: [I] claim text (or with hedging if missing)
-        """
-        rendered_parts = []
-        for claim in claims:
-            if claim.source_type == "verified":
-                part = f"[V] {claim.text}"
-                if claim.source_ref:
-                    part += f" [source: {claim.source_ref}]"
-            else:  # inferred
-                if not claim.hedged:
-                    # Add hedging if missing
-                    hedged_text = f"I think {claim.text[0].lower()}{claim.text[1:]}" if claim.text else claim.text
-                    part = f"[I] {hedged_text}"
-                else:
-                    part = f"[I] {claim.text}"
-            rendered_parts.append(part)
-        return " ".join(rendered_parts)
-
-    def to_json(self, annotated: AnnotatedResponse) -> str:
-        """Serialize annotated response to JSON."""
-        return json.dumps(
-            {
-                "original_text": annotated.original_text,
-                "rendered_text": annotated.rendered_text,
-                "has_unverified": annotated.has_unverified,
-                "claims": [asdict(c) for c in annotated.claims],
-            },
-            indent=2,
-            ensure_ascii=False,
-        )

tests/test_codebase_genome_pipeline.py

@@ -8,6 +8,7 @@ ROOT = Path(__file__).resolve().parents[1]
 PIPELINE_PATH = ROOT / "pipelines" / "codebase_genome.py"
 NIGHTLY_PATH = ROOT / "scripts" / "codebase_genome_nightly.py"
 GENOME_PATH = ROOT / "GENOME.md"
+CRON_PATH = ROOT / "codebase_genome_cron.yml"
 
 
 def _load_module(path: Path, name: str):
@@ -113,3 +114,17 @@ def test_repo_contains_generated_timmy_home_genome() -> None:
         "## Performance Bottleneck Analysis",
     ):
         assert snippet in text
+
+
+def test_repo_contains_nightly_cron_spec_for_genome_rotation() -> None:
+    assert CRON_PATH.exists(), "missing codebase_genome_cron.yml"
+    text = CRON_PATH.read_text(encoding="utf-8")
+    for snippet in (
+        "Codebase Genome Nightly",
+        "scripts/codebase_genome_nightly.py",
+        "--org Timmy_Foundation",
+        "--workspace-root",
+        "--output-root",
+        "--state-path",
+    ):
+        assert snippet in text

tests/timmy/test_claim_annotator.py

@@ -1,103 +0,0 @@
-#!/usr/bin/env python3
-"""Tests for claim_annotator.py — verifies source distinction is present."""
-
-import sys
-import os
-import json
-
-sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "src"))
-
-from timmy.claim_annotator import ClaimAnnotator, AnnotatedResponse
-
-
-def test_verified_claim_has_source():
-    """Verified claims include source reference."""
-    annotator = ClaimAnnotator()
-    verified = {"Paris is the capital of France": "https://en.wikipedia.org/wiki/Paris"}
-    response = "Paris is the capital of France. It is a beautiful city."
-
-    result = annotator.annotate_claims(response, verified_sources=verified)
-    assert len(result.claims) > 0
-    verified_claims = [c for c in result.claims if c.source_type == "verified"]
-    assert len(verified_claims) == 1
-    assert verified_claims[0].source_ref == "https://en.wikipedia.org/wiki/Paris"
-    assert "[V]" in result.rendered_text
-    assert "[source:" in result.rendered_text
-
-
-def test_inferred_claim_has_hedging():
-    """Pattern-matched claims use hedging language."""
-    annotator = ClaimAnnotator()
-    response = "The weather is nice today. It might rain tomorrow."
-
-    result = annotator.annotate_claims(response)
-    inferred_claims = [c for c in result.claims if c.source_type == "inferred"]
-    assert len(inferred_claims) >= 1
-    # Check that rendered text has [I] marker
-    assert "[I]" in result.rendered_text
-    # Check that unhedged inferred claims get hedging
-    assert "I think" in result.rendered_text or "I believe" in result.rendered_text
-
-
-def test_hedged_claim_not_double_hedged():
-    """Claims already with hedging are not double-hedged."""
-    annotator = ClaimAnnotator()
-    response = "I think the sky is blue. It is a nice day."
-
-    result = annotator.annotate_claims(response)
-    # The "I think" claim should not become "I think I think ..."
-    assert "I think I think" not in result.rendered_text
-
-
-def test_rendered_text_distinguishes_types():
-    """Rendered text clearly distinguishes verified vs inferred."""
-    annotator = ClaimAnnotator()
-    verified = {"Earth is round": "https://science.org/earth"}
-    response = "Earth is round. Stars are far away."
-
-    result = annotator.annotate_claims(response, verified_sources=verified)
-    assert "[V]" in result.rendered_text  # verified marker
-    assert "[I]" in result.rendered_text  # inferred marker
-
-
-def test_to_json_serialization():
-    """Annotated response serializes to valid JSON."""
-    annotator = ClaimAnnotator()
-    response = "Test claim."
-    result = annotator.annotate_claims(response)
-    json_str = annotator.to_json(result)
-    parsed = json.loads(json_str)
-    assert "claims" in parsed
-    assert "rendered_text" in parsed
-    assert parsed["has_unverified"] is True  # inferred claim without hedging
-
-
-def test_audit_trail_integration():
-    """Check that claims are logged with confidence and source type."""
-    # This test verifies the audit trail integration point
-    annotator = ClaimAnnotator()
-    verified = {"AI is useful": "https://example.com/ai"}
-    response = "AI is useful. It can help with tasks."
-
-    result = annotator.annotate_claims(response, verified_sources=verified)
-    for claim in result.claims:
-        assert claim.source_type in ("verified", "inferred")
-        assert claim.confidence in ("high", "medium", "low", "unknown")
-        if claim.source_type == "verified":
-            assert claim.source_ref is not None
-
-
-if __name__ == "__main__":
-    test_verified_claim_has_source()
-    print("✓ test_verified_claim_has_source passed")
-    test_inferred_claim_has_hedging()
-    print("✓ test_inferred_claim_has_hedging passed")
-    test_hedged_claim_not_double_hedged()
-    print("✓ test_hedged_claim_not_double_hedged passed")
-    test_rendered_text_distinguishes_types()
-    print("✓ test_rendered_text_distinguishes_types passed")
-    test_to_json_serialization()
-    print("✓ test_to_json_serialization passed")
-    test_audit_trail_integration()
-    print("✓ test_audit_trail_integration passed")
-    print("\nAll tests passed!")