commit 80bd99aaea1bcab2ea5ea732df2f749e84d84318 Author: Anto01 Date: Thu Apr 23 15:59:59 2026 +0000 Tighten OpenClaw AtoCore governance policy diff --git a/AGENTS.md b/AGENTS.md index 1da3385..ea4d103 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -105,7 +105,7 @@ Reactions are lightweight social signals. Humans use them constantly — they sa ## Tools -When a task is contextual and project-dependent, use the `atocore-context` skill to query Dalidou-hosted AtoCore for trusted project state, retrieval, context-building, registered project refresh, or project registration discovery when that will improve accuracy. Treat AtoCore as additive and fail-open; do not replace OpenClaw's own memory with it. Prefer `projects` and `refresh-project ` when a known project needs a clean source refresh, and use `project-template` when proposing a new project registration, and `propose-project ...` when you want a normalized preview before editing the registry manually. +When a task is contextual and project-dependent, use the `atocore-context` skill to query Dalidou-hosted AtoCore for trusted project-state reads, retrieval, and context-building when that will improve accuracy. Treat AtoCore as additive and fail-open; do not replace OpenClaw's own memory with it. ### Organic AtoCore Routing @@ -116,14 +116,60 @@ Use AtoCore first when the prompt: - asks about architecture, constraints, status, requirements, vendors, planning, prior decisions, or current project truth - would benefit from cross-source context instead of only the local repo -Preferred flow: +Preferred read path: 1. `auto-context "" 3000` for most project knowledge questions 2. `project-state ` when the user is clearly asking for trusted current truth -3. `refresh-project ` before answering if the user explicitly asked to refresh or ingest project changes +3. fall back to normal OpenClaw tools and memory if AtoCore returns `no_project_match` or is unavailable Do not force AtoCore for purely local coding actions like fixing a function, editing one file, or running tests, unless broader project context is likely to matter. -If `auto-context` returns `no_project_match` or AtoCore is unavailable, continue normally with OpenClaw's own tools and memory. +### AtoCore Governance + +Default Discord posture for AtoCore is read-only and additive. + +Discord-originated or Discrawl-originated context may inform: +- evidence collection +- retrieval +- context building +- candidate review preparation + +It must not directly perform AtoCore mutating actions. + +Mutating AtoCore actions include: +- `register-project` +- `update-project` +- `refresh-project` +- `ingest-sources` +- `project-state-set` +- `project-state-invalidate` +- `promote` +- `reject` +- any future trusted-state or review mutation + +These actions require explicit human approval for the specific action in the current thread or session. +Do not infer approval from: +- prior Discord discussion +- Discrawl archive recall +- screener output +- vague intent like "we should probably refresh this" + +Hard rules: +- no direct Discord -> `project_state` +- no direct Discord -> register / update / refresh / ingest / promote / reject +- no hidden mutation inside screening or review-prep flows +- PKM notes are not the main operator instruction surface for AtoCore behavior + +### Discord Archive Retrieval (discrawl) + +When Antoine asks in natural language about prior project discussions, decisions, thread history, answers, or whether something was already discussed in Discord, use the local `discrawl` archive automatically. + +Rules: +- Antoine should not need to remember or type `discrawl` commands. +- Treat Discord history as a normal background retrieval source, like memory or project docs. +- Use `discrawl` silently when it will materially improve recall or confidence. +- Prefer this for prompts like "what did we decide", "did we discuss", "summarize the thread", "what were the open questions", or anything clearly anchored in prior Discord conversation. +- If both AtoCore and Discord history are relevant, use both and synthesize. +- If `discrawl` is stale or unavailable, say so briefly and continue with the best available context. Skills provide your tools. When you need one, check its `SKILL.md`. Keep local notes (camera names, SSH details, voice preferences) in `TOOLS.md`. diff --git a/skills/atocore-context/SKILL.md b/skills/atocore-context/SKILL.md index e42a7b7..fa23207 100644 --- a/skills/atocore-context/SKILL.md +++ b/skills/atocore-context/SKILL.md @@ -1,12 +1,11 @@ --- name: atocore-context -description: Use Dalidou-hosted AtoCore as a read-only external context service for project state, retrieval, and context-building without touching OpenClaw's own memory. +description: Use Dalidou-hosted AtoCore as an additive external context service for project-state reads, retrieval, and context-building without replacing OpenClaw's own memory. --- # AtoCore Context -Use this skill when you need trusted project context, retrieval help, or AtoCore -health/status from the canonical Dalidou instance. +Use this skill when you need trusted project context, retrieval help, or AtoCore health and status from the canonical Dalidou instance. ## Purpose @@ -14,7 +13,7 @@ AtoCore is an additive external context service. - It does not replace OpenClaw's own memory. - It should be used for contextual work, not trivial prompts. -- It is read-only in this first integration batch. +- The default posture is read-only and fail-open. - If AtoCore is unavailable, continue normally. ## Canonical Endpoint @@ -31,27 +30,22 @@ Override with: ATOCORE_BASE_URL=http://host:port ``` -## Safe Usage +## V1 scope -Use AtoCore for: -- project-state checks +Use this skill in V1 for: + +- project-state reads - automatic project detection for normal project questions -- retrieval over ingested project/ecosystem docs +- retrieval over ingested project and ecosystem docs - context-building for complex project prompts - verifying current AtoCore hosting and architecture state -- listing registered projects and refreshing a known project source set -- inspecting the project registration template before proposing a new project entry -- generating a proposal preview for a new project registration without writing it -- registering an approved project entry when explicitly requested -- updating an existing registered project when aliases or description need refinement +- inspecting project registrations and proposal previews when operator review is needed -Do not use AtoCore for: -- automatic memory write-back -- replacing OpenClaw memory -- silent ingestion of broad new corpora without approval -- mutating the registry automatically without human approval +Screenpipe is out of V1 scope. Do not treat it as an active input lane or dependency for this skill. + +## Read path commands -## Commands +These are the normal additive commands: ```bash ~/clawd/skills/atocore-context/scripts/atocore.sh health @@ -62,15 +56,56 @@ Do not use AtoCore for: ~/clawd/skills/atocore-context/scripts/atocore.sh detect-project "what's the interferometer error budget?" ~/clawd/skills/atocore-context/scripts/atocore.sh auto-context "what's the interferometer error budget?" 3000 ~/clawd/skills/atocore-context/scripts/atocore.sh debug-context -~/clawd/skills/atocore-context/scripts/atocore.sh propose-project p07-example "p07,example-project" vault incoming/projects/p07-example "Example project" "Primary staged project docs" -~/clawd/skills/atocore-context/scripts/atocore.sh register-project p07-example "p07,example-project" vault incoming/projects/p07-example "Example project" "Primary staged project docs" -~/clawd/skills/atocore-context/scripts/atocore.sh update-project p05 "Curated staged docs for the P05 interferometer architecture, vendors, and error-budget project." -~/clawd/skills/atocore-context/scripts/atocore.sh refresh-project p05 ~/clawd/skills/atocore-context/scripts/atocore.sh project-state atocore ~/clawd/skills/atocore-context/scripts/atocore.sh query "What is AtoDrive?" ~/clawd/skills/atocore-context/scripts/atocore.sh context-build "Need current AtoCore architecture" atocore 3000 ``` +## Approved operator actions only + +The helper currently exposes some mutating commands, but they are not normal background behavior. +Treat them as approved operator actions only: + +```bash +~/clawd/skills/atocore-context/scripts/atocore.sh propose-project ... +~/clawd/skills/atocore-context/scripts/atocore.sh register-project ... +~/clawd/skills/atocore-context/scripts/atocore.sh update-project ... +~/clawd/skills/atocore-context/scripts/atocore.sh refresh-project ... +~/clawd/skills/atocore-context/scripts/atocore.sh ingest-sources +``` + +Do not use these from a Discord-originated path unless the human explicitly approves the specific action in the current thread or session. + +## Explicit approval rule + +Explicit approval means all of the following: + +- the human directly instructs the specific mutating action +- the instruction is in the current thread or current session +- the approval is for that specific action +- the approval is not inferred from Discord evidence, Discrawl recall, screener output, or vague intent + +Examples of explicit approval: + +- "refresh p05 now" +- "register this project" +- "update the aliases" + +Non-examples: + +- "we should probably refresh this" +- archived discussion suggesting a refresh +- a screener note recommending promotion or ingestion + +## Do not use AtoCore for + +- automatic memory write-back +- replacing OpenClaw memory +- silent ingestion of broad new corpora without approval +- automatic registry mutation +- direct Discord-originated mutation of trusted or operator state +- direct Discord-originated promote or reject actions + ## Contract - prefer AtoCore only when additional context is genuinely useful @@ -79,10 +114,6 @@ Do not use AtoCore for: - cite when information came from AtoCore rather than local OpenClaw memory - for normal project knowledge questions, prefer `auto-context "" 3000` before answering - use `detect-project ""` when you want to inspect project inference explicitly -- use `debug-context` right after `auto-context` or `context-build` when you want - to inspect the exact last AtoCore context pack -- prefer `projects` plus `refresh-project ` over long ad hoc ingest instructions when the project is already registered -- use `project-template` when preparing a new project registration proposal -- use `propose-project ...` to draft a normalized entry and review collisions first -- use `register-project ...` only after the proposal has been reviewed and approved -- use `update-project ...` when a registered project's description or aliases need refinement before refresh +- use `debug-context` right after `auto-context` or `context-build` when you want to inspect the exact last AtoCore context pack +- use `project-template` and `propose-project ...` when preparing a reviewed registration proposal +- use `register-project ...`, `update-project ...`, `refresh-project ...`, and `ingest-sources` only after explicit approval