grant/standards
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b5a18c885e018f17ffdd59e927a94f04d9a4696b
standards/STATUS.md
T
Keysat 9c91d699d0 Roundup snapshot — 2026-06-16
2026-06-16 17:02:16 -05:00

123 lines
16 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Roundup — 2026-06-16
Repos scanned: keysat, matrix-bridge, premier-gunner, proof-of-work, recap-relay, recap, spark-control, standards, ten31-database, ten31-signal-engine, ten31-transcripts (11 git repos under `~/Projects`).
Skipped/failed: none. (Non-git folders under `~/Projects` not enumerated — a ~13-folder sweep is itself a standards ROADMAP item.)
This is an inventory, not a ranking. Per-repo priority markers are quoted as found; projects are **not** ranked against each other.
---
## Per-project snapshot
**keysat** — Bitcoin-native software-licensing service, StartOS 0.4.x package + 4 SDKs + public landing/docs site. Live at `0.2.0:56` on registry and `immense-voyage.local`; multi-profile write path shipped this session; tests green. In progress: 3 remaining multi-profile UIs (rail picker, per-profile SMTP, rail-pref editor) + operator data action (grant `unlimited_merchant_profiles` to Pro/Patron). Next: those UIs, then split `audit:read` out of `:read`. Discovered P2 (unfixed): `set_product_entitlements_catalog` has no `rows_affected` guard.
**matrix-bridge** — Single-user Matrix bot turning a room message into a live Claude Code session per repo, surfaced to phone. Phases 03 + ask mode all done; capture mode (D13) LIVE 2026-06-16 on 1 room, N=3 pending. Keyword-type parsing pushed (`0786286`) but running bot pending one Update — still logs every capture as `idea`. Next (triggered, not urgent): Docker HEALTHCHECK, ask-script trust flag, capture priority keyword.
**premier-gunner** — Kid-friendly soccer-training tracker PWA, StartOS `.s9pk`. All requested features built and live at `v0.1.7:0`. No work in progress. Known issue: in-app password change reverts on restart (workaround: "Set Login Password" action). Next: confirm speed unit (mph vs km/h); optional eval backlog.
**proof-of-work** — Self-hosted multi-user workout logger (Next.js), StartOS 0.4 s9pk. Latest `v1.2.0:5` (Gear replaces RPE for cardio); 231 tests pass, verified on-box. Known open bug: Mobile Safari first-login tap fails (gated on capturing error code). Pending: StartOS proxy real-client-IP forwarding check. Next: finish P3 hardening batch (CSP `unsafe-eval`, `/api/health` info disclosure, rate-limit map leak, etc.), then tiered AI prompt formatting.
**recap-relay** — Operator-side credit-metered transcription/analysis router (Gemini + Spark Control); ships to operator's box only, never public. Aligned at `v0.2.126`, 79 tests green. Recent: Users dashboard tab, persistent webhook dedup, CORS scoped to `/relay/*`. Next: split 2225-line `routes/internal-meetings.js` (deferred as likely overkill); P3+ deferred tail.
**recap** — YouTube + podcast summarizer + library; StartOS self-host package **and** cloud SaaS (recaps.cc). Live: app `0.2.159` + relay `0.2.126`, 144 tests pass. Loose end: Daily Digest's relay-synthesis + SMTP path not yet smoke-tested off-box. 5 pending operator actions (incl. iPad scroll-fix verify, digest smoke-test). Next: persist provider preference server-side, Export menu on clip panel, CI lint+type-check.
**spark-control** — Browser StartOS package controlling a dual NVIDIA DGX Spark cluster (vLLM swaps, STT/diarization/TTS, embeddings, redaction). Working at `v0.21.0:1`; matrix-bridge bot tile done; 70 offline tests pass. Signal Engine transient unresponsiveness diagnosed as GPU concurrency (client-side remedy forwarded). Next: audio concurrency sweep (only if Signal Engine dev wants it; needs owner OK), else pull from ROADMAP.
**standards** *(meta/tooling layer)* — Global agent-operating standards + the live fleet (8 commands, subagents) symlinked into `~/.claude`. Fleet operational; design system shipped (ROADMAP item 8); keysat design pilot ran end-to-end (import path tested, extract path not). Next: backfill design into recaps.cc/recap (extract→reconcile Case B), build cross-repo quality-gate standard + `/harden` (ROADMAP item 1), non-git-folder sweep (~13).
**ten31-database** — Self-hosted venture-fund CRM (Ten31, ~$200M AUM) with agentic fundraising/thesis/outreach layer; replaced Airtable. Box+repo at `v0.1.0:82` (2026-06-16), verified live; 22/22 backend tests green; vendored React+SRI+render-smoke gate added. Decision: fundraising grid + email capture is canonical, classic-CRM surfaces retiring. Next: auth regression test for 3 v79-gated endpoints, digest Phase B verify, reports soft-delete sweep, pipeline adoption, `?limit=abc` crash.
**ten31-signal-engine** — Pipeline ingesting audio + text (SEC filings, calls, research) into structured propositions → falsifiable investment signals scored through Ten31's thesis. Strike adversarial test CONDITIONAL PASS (2026-06-16); pipeline complete end-to-end (56,008 claims in Qdrant); engine correctly refuses the false positive. Reflexivity demo unexercised (RHR/CD audio transcription deferred — no GPU spend). No automated test suite yet. Next: Frontier-fan-out test H6, complete Strike reflexivity demo when GPU budget allows, Job A discovery scorers.
**ten31-transcripts** — Active Xcode/Swift app. Reader returned a macOS menu-bar call-recorder summary (dual-track audio capture → Spark Control backend for transcription/diarization/naming); main branch clean, 73 tests pass, backend connected end-to-end 2026-06-16. **Caveat:** the inbox describes ten31-transcripts as a Swift app with **no `.claude/` dir** and a queued P1 mini-retrofit — so either this repo *is* that recorder app (and the AGENTS.md was read despite no `.claude/`) or the reader picked up an adjacent app's docs. See Gaps; confirm the repo's own AGENTS.md before acting.
---
## Priority queue (all projects + untriaged inbox)
Explicit-priority and concrete next-action items, each once. Sprawling P3 tech-debt tails are rolled to a single per-repo line pointing at that repo's ROADMAP rather than enumerated.
**P1**
- [P1] ten31-transcripts: mini-retrofit — add inbox-check line, create `.claude/settings.json`, canonical `.gitignore` block, optional docs reorg — source: inbox(untriaged) — INBOX.md L34
- [P1] matrix-bridge: push the pending **Update** so the running bot picks up keyword-type capture parsing (commit `0786286`) — currently logs every capture as `idea` — source: matrix-bridge — AGENTS Current state
**P2**
- [P2] keysat: ship 3 remaining multi-profile UIs (rail picker, per-profile SMTP, rail-pref editor) — source: keysat — next steps
- [P2] keysat: operator data action — grant `unlimited_merchant_profiles` to Pro/Patron on master — source: keysat — next steps
- [P2] keysat: add `rows_affected` guard to `set_product_entitlements_catalog` (silent 200 on bad product-id) — source: keysat — Discovered
- [P2] keysat: design-contract cleanup from 2026-06-16 design-checker audit — 3 blockers (gold-as-fill ×2, buy-CTA pill radius), CSS-variable consolidation, token gaps; re-run design-checker after — source: inbox(untriaged) + keysat ROADMAP — INBOX.md L44
- [P2] keysat: run spec-checker agent for Start9 community-registry listing — source: inbox(untriaged) — INBOX.md L52
- [P2] keysat: adversarial review — vulnerabilities, complaints, feature gaps a new user might find — source: inbox(untriaged) — INBOX.md L51
- [P2] keysat: doc-auditor website drift review + GitHub history sensitive-info review + add "license existing software" example — source: inbox(untriaged) — INBOX.md L53
- [P2] keysat: research whether the registry must retain every prior keysat version on upgrade — source: inbox(untriaged) — INBOX.md L49
- [P2] recap: smoke-test Daily Digest relay-synthesis + SMTP path (operator action #5, can't run off-box) — source: recap — pending operator actions
- [P2] recap: SMTP daily-digest delivery (feature) — source: inbox(untriaged) — INBOX.md L37
- [P2] recap: mobile can't-scroll-to-top on recaps.cc transcript view — fix attempted in 0.2.157, UNVERIFIED, needs iPad check — source: inbox(untriaged) — INBOX.md L40
- [P2] recap: add Gemini 3.5 to model selection (research agent to confirm available stable model names) — source: inbox(untriaged) — INBOX.md L54
- [P2] recap: persist provider preference server-side; Export ▾ on clip panel; CI lint+type-check (near-term backlog) — source: recap — ROADMAP
- [P2] recap-relay: add Gemini 3.5 to model selection (confirm stable model names) — source: inbox(untriaged) — INBOX.md L55
- [P2] ten31-database: Matrix-bridge intake for fundraising grid (room listener → local-LLM parse → entity/contact creation, approval gate) — source: inbox(untriaged) — INBOX.md L45
- [P2] ten31-database: oversized/zoomed StartOS package icon — research spec, source base logo, produce correctly sized icon before next s9pk — source: inbox(untriaged) — INBOX.md L43
- [P2] ten31-database: explorer agent to report admin-only vs all-user web UI functionality — source: inbox(untriaged) — INBOX.md L46
- [P2] ten31-database: auth regression test for 3 v79-gated endpoints; digest Phase B verify on box; reports soft-delete sweep; pipeline adoption; `?limit=abc` crash — source: ten31-database — next steps
- [P2] ten31-signal-engine: run full-eval (evaluator, security-auditor, exerciser, doc-auditor, spec-checker) on the folder — source: inbox(untriaged) — INBOX.md L47
- [P2] ten31-signal-engine: Frontier-fan-out test H6 (untested §1.1 half) — source: ten31-signal-engine — next steps
- [P2] proof-of-work: finish P3 hardening batch + tiered AI prompt formatting; `@fastify/static` 8.3.0→≥9.1.3 (path-traversal CVEs); input-validation fixes — source: proof-of-work — ROADMAP/next steps
- [P2] spark-control: audio concurrency sweep (only if Signal Engine dev wants the measured knee; needs owner OK) — source: spark-control — next steps
- [P2] standards: backfill design into recaps.cc/recap (extract→reconcile Case B, on-ramp untested) — source: standards — next steps
- [P2] standards: API automation for Gitea in `/new-project` (automate manual create/publish gate via Gitea API) — source: inbox(untriaged) — INBOX.md L35
- [P2] standards: build keysat docs-reader subagent (can a fresh user install+run from docs alone) — source: inbox(untriaged) — INBOX.md L50
- [P2] ten31-transcripts: add Jitsi support — source: inbox(untriaged) — INBOX.md L36
- [P2] (target repo unclear) run janitor agent on all projects — source: inbox(untriaged) — INBOX.md L48
- [P2] premier-gunner: confirm speed unit (mph vs km/h); optional security/test eval backlog — source: premier-gunner — next steps
**P3**
- [P3] recap-relay: fix AGENTS.md endpoint doc — `POST /relay/analyze` takes `{ prompt }` and returns `{ result: { text } }`, not "{ transcript } → topic sections JSON" — source: inbox(untriaged) — INBOX.md L42
- [P3] standards: build cross-repo quality-gate standard + `/harden` (linters / pre-commit / CI) — ROADMAP item 1 — source: standards — ROADMAP
- [P3] standards: non-git-folder sweep under `~/Projects` (~13 folders) — source: standards — next steps
- [P3] Per-repo deferred P3 tech-debt tails (rolled up — full lists in each ROADMAP): recap (request-size caps, invoice-ID hijack, container-as-root, repo hygiene), recap-relay (no rate limiting, container-as-root, dashboard XSS, version-file prune), spark-control (Qdrant auth, observability, README staleness, packaging placeholders), proof-of-work (CSP, CSRF, registry blockers), premier-gunner (CSRF, delete 404s), ten31-database (TLS verify off, 5.4k-line monolith, stale ABOUT.md)
**Unprioritized — needs triage** (no explicit priority signal in source)
- matrix-bridge ROADMAP (Phase 4+): intent-routing brain (D8, local model), thread-based session continuity, Nextcloud/CalDAV output, E2EE (D9)
- spark-control ROADMAP: echo cancellation, LLM referee for label-merge, second audio worker, dashboard local-path/fine-tuned model support, per-model vLLM flags, Qdrant auth + snapshots
- ten31-signal-engine ROADMAP: Estimator rework H4, real resolver, claim-type weighting for §7.1, corpus expansion (BTC Sessions, River OCR), Start9 s9pk packaging
- keysat ROADMAP: Zaprite dedup cache + declined-card hardening, registry-landing repurpose decision, Elastic License v2 vs `LicenseRef-Keysat-1.0`, KEYSAT_INTEGRATION re-test
- recap ROADMAP larger plans: architecture-simplification, core-decoupling, per-tenant-subscriptions, self-serve-purchase (docs/ drafts)
- standards ROADMAP: deterministic inbox surfacing via SessionStart hook (item 3, optional); thread inbox-check line into bootstrapping (item 4)
---
## Not yet pushed down (inbox) — grouped by target
These exist nowhere but the inbox; `/triage` inside each repo routes them.
- **ten31-transcripts:** [P1] mini-retrofit (L34); [P2] add Jitsi (L36)
- **keysat:** [P2] design-contract cleanup (L44); [P2] spec-checker for registry listing (L52); [P2] adversarial new-user review (L51); [P2] website drift + GitHub-history + licensing-example review (L53); [P2] research version-retention question (L49)
- **ten31-database:** [P2] reconcile AGENTS networking facts — ClearNet/StartTunnel, not LAN/Tailscale (L41); [P2] oversized package icon (L43); [P2] matrix-bridge fundraising-grid intake (L45); [P2] explorer admin-vs-all UI report (L46)
- **recap:** [P2] SMTP daily digest (L37); [P2] mobile scroll-to-top bug (L40); [P2] Gemini 3.5 model selection (L54)
- **recap-relay:** [P3] endpoint-doc wording fix (L42); [P2] Gemini 3.5 model selection (L55)
- **ten31-signal-engine:** [P2] run full-eval on the folder (L47)
- **standards:** [P2] Gitea API automation in /new-project (L35); [P2] keysat docs-reader subagent (L50)
- **unclear target (`?`):** [P2] run janitor agent on all projects (L48)
---
## Proposed new projects
The `(new:…)` inbox items — ideas awaiting the new-repo bootstrap (`/new-project`), not tasks in an existing repo.
- **new:embedded-links-reader** [P2] — give the app an article/blog URL; it scrapes the author's embedded links, reads them, and summarizes them (L38)
- **new:portfolio-scraper** [P2] — tracks portfolio companies (podcasts, tweets, founder appearances, news) and delivers a digest via email/another interface (L39)
- **new:personal-website** [P2] — personal website on Start9 Pages, served on clearnet via StartTunnel; HTML site, Claude Design for styling, gather inspiration (L56)
---
## Gaps
- **ten31-transcripts reader ambiguity.** The Explore reader returned a macOS menu-bar call-recorder summary (dual-track capture → Spark Control). The inbox (L34) describes ten31-transcripts as a Swift app with **no `.claude/` dir** and a queued P1 mini-retrofit. These may be the same app, or the reader may have surfaced an adjacent app's docs. The repo's authoritative state isn't fully confirmed from this run — re-read its own AGENTS.md before acting, and treat the mini-retrofit as the known truth.
- **ten31-transcripts has no `.claude/` dir** (per inbox L34) — so it does not yet carry the portable inbox-check line; its items only surface via this roundup and the inbox, not at its own session start.
- **No automated test suite:** ten31-signal-engine explicitly flags this; spark-control has tests but several subsystems remain untested.
- **Inbox item with `?` target** (run janitor on all projects, L48) has no owning repo — needs a triage decision on where it lives.
- **Non-git folders under `~/Projects`** were not enumerated (the ~13-folder sweep is itself a standards ROADMAP item, deliberately out of scope here).
- **Stale-state / unverified risk:** several "live" states depend on pending operator on-device checks — recap Daily Digest path (off-box, not smoke-tested), recap mobile-scroll fix (UNVERIFIED), proof-of-work mobile-Safari first-login (gated on error code), premier-gunner in-app password change (reverts on restart).
Reference in New Issue View Git Blame Copy Permalink