feat: Day 3 — auto-triage via LLM second pass

scripts/auto_triage.py: fetches candidate memories, asks a triage
model (claude -p, default sonnet) to classify each as promote /
reject / needs_human, and executes the verdict via the API.

Trust model:
- Auto-promote: model says promote AND confidence >= 0.8 AND
  dedup-checked against existing active memories for the project
- Auto-reject: model says reject
- needs_human: everything else stays in queue for manual review

The triage model receives both the candidate content AND a summary
of existing active memories for the same project, so it can detect
duplicates and near-duplicates. The system prompt explicitly lists
the rejection categories learned from the first two manual triage
passes (stale snapshots, impl details, planned-not-implemented,
process rules that belong in ledger not memory).

deploy/dalidou/batch-extract.sh now runs extraction (Step A) then
auto-triage (Step B) in sequence. The nightly cron at 03:00 UTC
will run the full pipeline: backup → cleanup → rsync → extract →
triage. Only needs_human candidates reach the human.

Supports --dry-run for preview without executing.
Supports --model override for multi-model triage (e.g. opus for
higher-quality review, or a future Gemini/Ollama backend).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

deploy/dalidou/batch-extract.sh

@@ -31,10 +31,11 @@ log() { printf '[%s] %s\n' "$TIMESTAMP" "$*"; }
 # The Python script needs the atocore source on PYTHONPATH
 export PYTHONPATH="$APP_DIR/src:${PYTHONPATH:-}"
 
-log "=== AtoCore batch LLM extraction starting ==="
+log "=== AtoCore batch extraction + triage starting ==="
 log "URL=$ATOCORE_URL  LIMIT=$LIMIT"
 
-# Run the host-side extraction script
+# Step A: Extract candidates from recent interactions
+log "Step A: LLM extraction"
 python3 "$APP_DIR/scripts/batch_llm_extract_live.py" \
     --base-url "$ATOCORE_URL" \
     --limit "$LIMIT" \
@@ -42,4 +43,12 @@ python3 "$APP_DIR/scripts/batch_llm_extract_live.py" \
     log "WARN: batch extraction failed (non-blocking)"
 }
 
-log "=== AtoCore batch LLM extraction complete ==="
+# Step B: Auto-triage candidates in the queue
+log "Step B: auto-triage"
+python3 "$APP_DIR/scripts/auto_triage.py" \
+    --base-url "$ATOCORE_URL" \
+    2>&1 || {
+    log "WARN: auto-triage failed (non-blocking)"
+}
+
+log "=== AtoCore batch extraction + triage complete ==="

scripts/auto_triage.py

@@ -0,0 +1,247 @@
+"""Auto-triage: LLM second-pass over candidate memories.
+
+Fetches all status=candidate memories from the AtoCore API, asks
+a triage model (via claude -p) to classify each as promote / reject /
+needs_human, and executes the verdict via the promote/reject endpoints.
+Only needs_human candidates remain in the queue for manual review.
+
+Trust model:
+- Auto-promote: model says promote AND confidence >= 0.8 AND no
+  duplicate content in existing active memories
+- Auto-reject: model says reject
+- needs_human: everything else stays in queue
+
+Runs host-side (same as batch extraction) because it needs the
+claude CLI. Intended to be called after batch-extract.sh in the
+nightly cron, or manually.
+
+Usage:
+
+    python3 scripts/auto_triage.py --base-url http://localhost:8100
+    python3 scripts/auto_triage.py --dry-run  # preview without executing
+"""
+
+from __future__ import annotations
+
+import argparse
+import json
+import os
+import shutil
+import subprocess
+import sys
+import tempfile
+import urllib.error
+import urllib.parse
+import urllib.request
+
+DEFAULT_BASE_URL = os.environ.get("ATOCORE_BASE_URL", "http://localhost:8100")
+DEFAULT_MODEL = os.environ.get("ATOCORE_TRIAGE_MODEL", "sonnet")
+DEFAULT_TIMEOUT_S = float(os.environ.get("ATOCORE_TRIAGE_TIMEOUT_S", "60"))
+AUTO_PROMOTE_MIN_CONFIDENCE = 0.8
+
+TRIAGE_SYSTEM_PROMPT = """You are a memory triage reviewer for a personal context engine called AtoCore. You review candidate memories extracted from LLM conversations and decide whether each should be promoted to active status, rejected, or flagged for human review.
+
+You will receive:
+- The candidate memory content and type
+- A list of existing active memories for the same project (to check for duplicates)
+
+For each candidate, output exactly one JSON object:
+
+{"verdict": "promote|reject|needs_human", "confidence": 0.0-1.0, "reason": "one sentence"}
+
+Rules:
+
+1. PROMOTE when the candidate states a durable architectural fact, ratified decision, standing rule, or engineering constraint that is NOT already covered by an existing active memory. Confidence should reflect how certain you are this is worth keeping.
+
+2. REJECT when the candidate is:
+   - A stale point-in-time snapshot ("live SHA is X", "36 active memories")
+   - An implementation detail too granular to be useful as standalone context
+   - A planned-but-not-implemented feature description
+   - A duplicate or near-duplicate of an existing active memory
+   - A session observation or conversational filler
+   - A process rule that belongs in DEV-LEDGER.md or AGENTS.md, not memory
+
+3. NEEDS_HUMAN when you're genuinely unsure — the candidate might be valuable but you can't tell without domain knowledge. This should be rare (< 20% of candidates).
+
+4. Output ONLY the JSON object. No prose, no markdown, no explanation outside the reason field."""
+
+_sandbox_cwd = None
+
+
+def get_sandbox_cwd():
+    global _sandbox_cwd
+    if _sandbox_cwd is None:
+        _sandbox_cwd = tempfile.mkdtemp(prefix="ato-triage-")
+    return _sandbox_cwd
+
+
+def api_get(base_url, path, timeout=10):
+    req = urllib.request.Request(f"{base_url}{path}")
+    with urllib.request.urlopen(req, timeout=timeout) as resp:
+        return json.loads(resp.read().decode("utf-8"))
+
+
+def api_post(base_url, path, body=None, timeout=10):
+    data = json.dumps(body or {}).encode("utf-8")
+    req = urllib.request.Request(
+        f"{base_url}{path}", method="POST",
+        headers={"Content-Type": "application/json"}, data=data,
+    )
+    with urllib.request.urlopen(req, timeout=timeout) as resp:
+        return json.loads(resp.read().decode("utf-8"))
+
+
+def fetch_active_memories_for_project(base_url, project):
+    """Fetch active memories for dedup checking."""
+    params = "active_only=true&limit=50"
+    if project:
+        params += f"&project={urllib.parse.quote(project)}"
+    result = api_get(base_url, f"/memory?{params}")
+    return result.get("memories", [])
+
+
+def triage_one(candidate, active_memories, model, timeout_s):
+    """Ask the triage model to classify one candidate."""
+    if not shutil.which("claude"):
+        return {"verdict": "needs_human", "confidence": 0.0, "reason": "claude CLI not available"}
+
+    active_summary = "\n".join(
+        f"- [{m['memory_type']}] {m['content'][:150]}"
+        for m in active_memories[:20]
+    ) or "(no active memories for this project)"
+
+    user_message = (
+        f"CANDIDATE TO TRIAGE:\n"
+        f"  type: {candidate['memory_type']}\n"
+        f"  project: {candidate.get('project') or '(none)'}\n"
+        f"  content: {candidate['content']}\n\n"
+        f"EXISTING ACTIVE MEMORIES FOR THIS PROJECT:\n{active_summary}\n\n"
+        f"Return the JSON verdict now."
+    )
+
+    args = [
+        "claude", "-p",
+        "--model", model,
+        "--append-system-prompt", TRIAGE_SYSTEM_PROMPT,
+        "--disable-slash-commands",
+        user_message,
+    ]
+
+    try:
+        completed = subprocess.run(
+            args, capture_output=True, text=True,
+            timeout=timeout_s, cwd=get_sandbox_cwd(),
+            encoding="utf-8", errors="replace",
+        )
+    except subprocess.TimeoutExpired:
+        return {"verdict": "needs_human", "confidence": 0.0, "reason": "triage model timed out"}
+    except Exception as exc:
+        return {"verdict": "needs_human", "confidence": 0.0, "reason": f"subprocess error: {exc}"}
+
+    if completed.returncode != 0:
+        return {"verdict": "needs_human", "confidence": 0.0, "reason": f"claude exit {completed.returncode}"}
+
+    raw = (completed.stdout or "").strip()
+    return parse_verdict(raw)
+
+
+def parse_verdict(raw):
+    """Parse the triage model's JSON verdict."""
+    text = raw.strip()
+    if text.startswith("```"):
+        text = text.strip("`")
+        nl = text.find("\n")
+        if nl >= 0:
+            text = text[nl + 1:]
+        if text.endswith("```"):
+            text = text[:-3]
+        text = text.strip()
+
+    if not text.lstrip().startswith("{"):
+        start = text.find("{")
+        end = text.rfind("}")
+        if start >= 0 and end > start:
+            text = text[start:end + 1]
+
+    try:
+        parsed = json.loads(text)
+    except json.JSONDecodeError:
+        return {"verdict": "needs_human", "confidence": 0.0, "reason": "failed to parse triage output"}
+
+    verdict = str(parsed.get("verdict", "needs_human")).strip().lower()
+    if verdict not in {"promote", "reject", "needs_human"}:
+        verdict = "needs_human"
+
+    confidence = parsed.get("confidence", 0.5)
+    try:
+        confidence = max(0.0, min(1.0, float(confidence)))
+    except (TypeError, ValueError):
+        confidence = 0.5
+
+    reason = str(parsed.get("reason", "")).strip()[:200]
+    return {"verdict": verdict, "confidence": confidence, "reason": reason}
+
+
+def main():
+    parser = argparse.ArgumentParser(description="Auto-triage candidate memories")
+    parser.add_argument("--base-url", default=DEFAULT_BASE_URL)
+    parser.add_argument("--model", default=DEFAULT_MODEL)
+    parser.add_argument("--dry-run", action="store_true", help="preview without executing")
+    args = parser.parse_args()
+
+    # Fetch candidates
+    result = api_get(args.base_url, "/memory?status=candidate&limit=100")
+    candidates = result.get("memories", [])
+    print(f"candidates: {len(candidates)}  model: {args.model}  dry_run: {args.dry_run}")
+
+    if not candidates:
+        print("queue empty, nothing to triage")
+        return
+
+    # Cache active memories per project for dedup
+    active_cache = {}
+    promoted = rejected = needs_human = errors = 0
+
+    for i, cand in enumerate(candidates, 1):
+        project = cand.get("project") or ""
+        if project not in active_cache:
+            active_cache[project] = fetch_active_memories_for_project(args.base_url, project)
+
+        verdict_obj = triage_one(cand, active_cache[project], args.model, DEFAULT_TIMEOUT_S)
+        verdict = verdict_obj["verdict"]
+        conf = verdict_obj["confidence"]
+        reason = verdict_obj["reason"]
+
+        mid = cand["id"]
+        label = f"[{i:2d}/{len(candidates)}] {mid[:8]} [{cand['memory_type']}]"
+
+        if verdict == "promote" and conf >= AUTO_PROMOTE_MIN_CONFIDENCE:
+            if args.dry_run:
+                print(f"  WOULD PROMOTE  {label}  conf={conf:.2f}  {reason}")
+            else:
+                try:
+                    api_post(args.base_url, f"/memory/{mid}/promote")
+                    print(f"  PROMOTED       {label}  conf={conf:.2f}  {reason}")
+                    active_cache[project].append(cand)
+                except Exception:
+                    errors += 1
+            promoted += 1
+        elif verdict == "reject":
+            if args.dry_run:
+                print(f"  WOULD REJECT   {label}  conf={conf:.2f}  {reason}")
+            else:
+                try:
+                    api_post(args.base_url, f"/memory/{mid}/reject")
+                    print(f"  REJECTED       {label}  conf={conf:.2f}  {reason}")
+                except Exception:
+                    errors += 1
+            rejected += 1
+        else:
+            print(f"  NEEDS_HUMAN    {label}  conf={conf:.2f}  {reason}")
+            needs_human += 1
+
+    print(f"\npromoted={promoted} rejected={rejected} needs_human={needs_human} errors={errors}")
+
+
+if __name__ == "__main__":
+    main()

scripts/eval_data/candidate_queue_2026-04-12.txt

@@ -0,0 +1,29 @@
+ 1. [project    ] proj=atocore          AtoCore extraction must stay off the hot capture path; batch endpoint only
+ 2. [project    ] proj=atocore          Auto-promote gate: confidence ≥0.8 AND no duplicate in active memories
+ 3. [project    ] proj=atocore          AtoCore LLM extraction pipeline deployed on Dalidou host, runs via cron at 03:00 UTC via scripts/batch_llm_extract_live.py
+ 4. [project    ] proj=atocore          LLM extractor runs host-side (not in container) because claude CLI not available in container environment
+ 5. [project    ] proj=atocore          Host-side extraction script scripts/batch_llm_extract_live.py uses pure stdlib, no atocore imports for deployment simplicity
+ 6. [project    ] proj=atocore          POST /admin/extract-batch accepts mode: rule|llm, POST /interactions/{id}/extract now mode-aware
+ 7. [knowledge  ] proj=atocore          claude CLI 2.0.60 removed --no-session-persistence flag, extraction sessions now persist in claude history
+ 8. [adaptation ] proj=atocore          Durable memory extraction candidates must be <200 chars, stand-alone, typed as project|knowledge|preference|adaptation
+ 9. [adaptation ] proj=atocore          Memory extraction confidence defaults to 0.5, raise to 0.6 only for unambiguous committed claims
+10. [project    ] proj=atocore          Live Dalidou is on commit 39d73e9, not e2895b5
+11. [project    ] proj=atocore          Live harness is reproducible at 16/18 PASS
+12. [project    ] proj=atocore          Live active memories count is 36
+13. [project    ] proj=atocore          Wave 2 project-state entries on live: p04=5, p05=6, p06=6
+14. [project    ] proj=atocore          R6 is fixed by commit 39d73e9
+15. [project    ] proj=atocore          R9: R6 fix only covers empty project fallback; wrong non-empty model project can still override known interaction scope
+16. [project    ] proj=atocore          R10: Phase 8 is baseline-complete but not primary-complete; OpenClaw client covers narrow read-oriented slice of API
+17. [project    ] proj=atocore          Phase 8 is decent baseline integration milestone but not primary-ready yet
+18. [project    ] proj=atocore          4-step roadmap complete: extractor → harness → Wave 2 → OpenClaw
+19. [project    ] proj=atocore          Codex audit loop proven across two full round-trips in one session
+20. [project    ] proj=atocore          Session end state: 36 active memories, 17 project-state entries, 16/18 harness, 280 tests, main at 54d84b5
+21. [project    ] proj=atocore          AtoCore extraction stays off the hot capture path; LLM extraction runs as scheduled batch, not inline with POST /interactions.
+22. [project    ] proj=atocore          AtoCore auto-triage trust model: auto-promote only when confidence ≥0.8 AND no duplicate active memory; else needs_human.
+23. [project    ] proj=atocore          Multi-model triage: use different model for triage reviewer than extractor (sonnet for extract)
+24. [project    ] proj=atocore          R9 fix: when interaction has known project, prefer it over model's non-matching project unless model's is registered
+25. [project    ] proj=atocore          R7 ranking fix: add overlap-density as secondary signal (overlap_count / memory_token_count)
+26. [project    ] proj=atocore          Extraction pipeline skips interactions with response_chars < 50 to avoid low-signal content
+27. [project    ] proj=atocore          AtoCore triage uses independent model from extractor (extractor: sonnet, triage: different model or different prompt).
+28. [project    ] proj=atocore          AtoCore ranking scorer adds overlap-density (overlap_count / memory_tokens) as secondary signal to fix short-memory ranking.
+29. [project    ] proj=atocore          AtoCore project trust: when interaction has known project and model returns different project, prefer interaction's project unless