# thorondor - Doramagic AI Context Pack

> Positioning: a pre-install experience and judgment asset. It helps the host AI get off to a good start, but it does not mean the project has already been installed, run, or validated.

## Sufficiency Principle

- **Sufficiency over compression**: The AI Context Pack should be sufficient for the host AI to understand the project's value, capability boundaries, entrypoints, risks, and evidence sources before starting work; it may be layered, but it does not aim for the shortest possible summary.
- **Compression policy**: Compress only noise and duplication, never context that affects judgment or the quality of the work.

## How the Host AI Should Use This

You are reading the AI Context Pack that Doramagic compiled for thorondor. Treat it as pre-work context: help the user understand who it fits, what it can do, how to start, what must be verified after install, and where the risks are. Do not claim that you have already installed, run, or executed the target project.

## Claim Consumption Rules

- **Fact source**: Repo Evidence + Claim/Evidence Graph; the Human Wiki only supplies salience, terminology, and narrative structure.
- **Minimum status for a fact**: `supported`
- `supported`: May be used as a project fact, but the answer must cite the claim_id and evidence path.
- `weak`: Usable only as a low-confidence lead; the user must be asked to keep verifying.
- `inferred`: Usable only for risk notes or open questions; must not be packaged as a project fact.
- `unverified`: Must not be used as fact; state clearly that evidence is insufficient.
- `contradicted`: Must show the conflicting sources and must not force a single version on the user's behalf.

## Who It Fits Best

- **Developers already using host AIs such as Claude/Codex/Cursor/Gemini**: The README or plugin config mentions multiple host AIs. Evidence: `README.md` Claim: `clm_0003` supported 0.86
- **Users who want to bring professional workflows into a host AI**: The repo contains Skill documents. Evidence: `.agents/skills/thorondor-web-search/SKILL.md` Claim: `clm_0004` supported 0.86

## What It Can Do

- **AI Skill / Agent Instruction Asset Library** (Previewable before install): The project contains Skill or Agent instruction files that a host AI can read, useful for bringing professional workflows into hosts like Claude, Codex, or Cursor. Evidence: `.agents/skills/thorondor-web-search/SKILL.md` Claim: `clm_0001` supported 0.86
- **Command-Line Startup or Install Flow** (Verify after install): The project documentation contains runnable commands; real use requires running them in a local or host environment. Evidence: `README.md` Claim: `clm_0002` supported 0.86

## How to Start

- `curl -LsSf https://raw.githubusercontent.com/FeanorsCodeSL/thorondor/main/scripts/install.sh | sh` Evidence: `README.md` Claim: `clm_0005` supported 0.86
- `git clone <repo-url> thorondor` Evidence: `README.md` Claim: `clm_0006` supported 0.86
- `curl example:` Evidence: `README.md` Claim: `clm_0007` supported 0.86
- `curl -s -X POST http://localhost:8080/v1/search \` Evidence: `README.md` Claim: `clm_0008` supported 0.86

## Continue-or-Stop Decision Card

- **Current recommendation**: Needs admin / security approval
- **Why**: Continuing may involve secrets, accounts, external services, or sensitive context; get admin or security approval first.

### 30-Second Read

- **What to do now**: Needs admin / security approval
- **Minimum safe next step**: Run Prompt Preview first; if credentials or an enterprise environment are involved, get approval before trialing
- **Do not trust yet**: Tool permission boundaries cannot be trusted before install.
- **Continuing will touch**: Command execution, Host AI configuration, Local environment or project files

### What You Can Trust Now

- **Target-audience signal: Developers already using host AIs such as Claude/Codex/Cursor/Gemini** (supported): Backed by a supported claim or project evidence, but that still is not the same as real install results. Evidence: `README.md` Claim: `clm_0003` supported 0.86
- **Target-audience signal: Users who want to bring professional workflows into a host AI** (supported): Backed by a supported claim or project evidence, but that still is not the same as real install results. Evidence: `.agents/skills/thorondor-web-search/SKILL.md` Claim: `clm_0004` supported 0.86
- **Capability exists: AI Skill / Agent Instruction Asset Library** (supported): You can trust that the project contains signals of this capability; whether it fits your specific task still needs trial or after-install verification. Evidence: `.agents/skills/thorondor-web-search/SKILL.md` Claim: `clm_0001` supported 0.86
- **Capability exists: Command-Line Startup or Install Flow** (supported): You can trust that the project contains signals of this capability; whether it fits your specific task still needs trial or after-install verification. Evidence: `README.md` Claim: `clm_0002` supported 0.86
- **There are Quick Start / install-command signals** (supported): You can trust that the docs mention a startup or install entrypoint; do not run it directly in your primary environment because of that. Evidence: `README.md` Claim: `clm_0005` supported 0.86

### What You Cannot Trust Yet

- **Tool permission boundaries cannot be trusted before install.** (unverified): MCP/tool projects usually touch files, the network, the browser, or external APIs, so permissions and logs must be checked for real.
- **Real output quality cannot be trusted before install.** (unverified): Prompt Preview can only show how it guides you; it cannot prove result quality in the real project.
- **Host AI version compatibility cannot be trusted before install.** (unverified): Host loading rules and version differences across Claude, Cursor, Codex, Gemini, and others must be verified in a real environment.
- **That it will not pollute your existing host AI's behavior cannot be trusted directly.** (inferred): Skill, plugin, and AGENTS/CLAUDE/GEMINI instructions may change the host AI's default behavior. Evidence: `.agents/skills/thorondor-web-search/SKILL.md`, `AGENTS.md`, `CLAUDE.md`
- **Safe rollback cannot be assumed by default.** (unverified): Unless the project clearly provides uninstall and recovery instructions, verify in an isolated environment first.
- **After a real install, is it compatible with the user's current host AI version?** (unverified): Compatibility can only be verified in the actual host environment.
- **Does the project's output quality meet the user's specific task?** (unverified): The pre-install preview can only show flow and boundaries; it cannot replace real evaluation.
- **Do the install commands require network access, permissions, or global writes?** (unverified): This affects install risk in both enterprise and personal environments. Evidence: `README.md`

### What Continuing Will Touch

- **Command execution**: Package managers, network downloads, the local plugin directory, project config, or the user's home directory. Why: Running the very first command can already change your environment; decide whether it is worth running first. Evidence: `README.md`
- **Host AI configuration**: The plugin, Skill, or rule-loading config of hosts like Claude/Codex/Cursor/Gemini/OpenCode. Why: Host configuration changes how the AI works afterward and may conflict with the user's existing rules. Evidence: `.agents/skills/thorondor-web-search/SKILL.md`, `AGENTS.md`, `CLAUDE.md`
- **Local environment or project files**: Install results, plugin caches, project config, or local dependency directories. Why: The write scope and rollback path cannot be proven before install and need isolated verification. Evidence: `README.md`
- **Environment variables / API keys**: Project entry docs explicitly showing API key, token, secret, or account credential configuration. Why: If a real install needs credentials, use test credentials first and go through a permission/compliance review. Evidence: `README.md`, `docs/architecture/configuration-reference.md`, `docs/architecture/deployment.md`, `docs/architecture/security.md` et al.
- **Host AI context**: The AI Context Pack, Prompt Preview, Skill routing, risk rules, and project facts. Why: Importing context affects the host AI's later judgment, so avoid packaging unverified items as facts.

### Minimum Safe Next Steps

- **Run Prompt Preview first**: Use a pre-install interactive trial to judge whether the way of working fits; it needs no authorization or environment change. (applies when: Applies to any project, especially when output quality is unknown.)
- **Trial-install only in an isolated directory or a test account**: Avoid letting install commands pollute your primary host AI, real projects, or home directory. (applies when: When there are signals of command execution, plugin config, or local writes.)
- **Back up your host AI configuration first**: Skill, plugin, and rule files may change the default behavior of Claude/Cursor/Codex. (applies when: When there is a plugin manifest, a Skill, or a host rule entrypoint.)
- **Do not use real production credentials**: Once an environment variable / API key enters the host or toolchain, it can create account and compliance risk. (applies when: When environment signals like API, TOKEN, KEY, or SECRET appear.)
- **After install, verify just one minimal task**: Verify loading, compatibility, output quality, and rollback first, then decide whether to use it deeply. (applies when: When moving from a trial into a real workflow.)

### Exit Plan

- **Preserve the pre-install state**: Record the original host config and project state so you can later judge whether it is recoverable.
- **Be ready to remove the host plugin / Skill / rule entrypoint**: If behavior is off after the trial install, you can restore the host AI to its pre-trial state.
- **Record the install commands and written paths**: Without clear uninstall instructions, you at least need to know which directories or configs to clean up manually.
- **Be ready to revoke test API keys or tokens**: If test credentials leak or are misused, you can cut losses quickly.
- **If there is no rollback path, do not enter your primary environment**: No rollback is a blocker before continuing; do not proceed on trust or luck.

## What Can Only Be Previewed

- Explain who the project fits and what it can do
- Demonstrate a typical conversation flow based on project docs
- Help the user decide whether it is worth installing or researching further

## What Must Be Verified After Install

- Actually installing the Skill, plugin, or CLI
- Running scripts, modifying local files, or accessing external services
- Verifying real output quality, performance, and compatibility

## Boundary & Risk Decision Card

- **Mistaking the pre-install preview for a real run**: The user may overestimate how much configuration, permission, and compatibility verification the project has already done. Mitigation: Clearly separate prompt_preview_can_do from runtime_required. Claim: `clm_0009` inferred 0.45
- **Command execution will modify the local environment**: Install commands may write to the user's home directory, the host plugin directory, or project configuration. Mitigation: Run in an isolated environment or a test account first. Evidence: `README.md` Claim: `clm_0010` supported 0.86
- **To confirm**: After a real install, is it compatible with the user's current host AI version?. Why: Compatibility can only be verified in the actual host environment.
- **To confirm**: Does the project's output quality meet the user's specific task?. Why: The pre-install preview can only show flow and boundaries; it cannot replace real evaluation.
- **To confirm**: Do the install commands require network access, permissions, or global writes?. Why: This affects install risk in both enterprise and personal environments.

## Pre-Work Working Context

### Loading Order

- First read how_to_use.host_ai_instruction to establish the boundaries of this pre-install judgment asset.
- Read claim_graph_summary to confirm facts come from the Claim/Evidence Graph, not the Human Wiki narrative.
- Then read intended_users, capabilities, and quick_start_candidates to judge whether the user is a match.
- When you need to carry out a concrete task, check role_skill_index first, then evidence_index.
- For real install, file modification, network access, performance, or compatibility questions, turn to risk_card and boundaries.runtime_required.

### Task Routes

- **AI Skill / Agent Instruction Asset Library**: Use role_skill_index / evidence_index to help the user pick a usable role, Skill, or workflow first. Boundary: Can be experienced via a pre-install Prompt. Evidence: `.agents/skills/thorondor-web-search/SKILL.md` Claim: `clm_0001` supported 0.86
- **Command-Line Startup or Install Flow**: State that this is an after-install capability first, then give a pre-install checklist. Boundary: Must be verified after a real install or run. Evidence: `README.md` Claim: `clm_0002` supported 0.86

### Context Scale

- Total files: 166
- Important-file coverage: 40/166
- Evidence index entries: 79
- Role / Skill entries: 1

### Handling Insufficient Evidence

- **missing_evidence**: State that evidence is insufficient and ask the user for the target file, a README section, or after-install verification records; do not fill in facts.
- **out_of_scope_request**: State that the task is beyond the current AI Context Pack's evidence scope and suggest the user check the Human Manual or verify after a real install.
- **runtime_request**: Provide a pre-install checklist and command sources, but do not run commands for the user or claim they have been run.
- **source_conflict**: Show the conflicting sources side by side, mark them as unverified, and do not force a single version.

## Prompt Recipes

### Fit assessment

- Goal: Judge whether this project fits the user's current task.
- Expected output: A fit conclusion, key reasons, evidence citations, what can be previewed before install, what must be verified after install, and a next-step recommendation.

```text
Based on the AI Context Pack for thorondor, ask me 3 necessary questions first, then judge whether it fits my task. The answer must cover: who it fits, what it can do, what it cannot do, whether it is worth installing, and where the evidence comes from. Every project fact must cite evidence_refs, source_paths, or a claim_id.
```

### Pre-install experience

- Goal: Let the user feel the core workflow before installing, while avoiding packaging the preview as real capability or a marketing promise.
- Expected output: An experience script with boundary labels, an after-install verification checklist, and a cautious recommendation; with no real-run promises or strong marketing language.

```text
Treat thorondor as a pre-install experience asset, not an already-installed tool or a real runtime environment.

Output exactly four parts:
1. Ask me 3 necessary questions first.
2. Give an "experience script": use the three labels [Previewable before install], [Must verify after install], and [Insufficient evidence] to show how it might guide the workflow.
3. Give an after-install verification checklist: list which capabilities can only be confirmed after a real install, real host loading, and a real project run.
4. Give a cautious recommendation: only "worth researching/trialing further", "add information before deciding", or "not recommended to continue"; do not endorse the project.

Hard boundaries:
- Do not claim you have installed, run, executed tests, modified files, or produced real results.
- Do not write promise-like phrasing such as "auto-adapts", "guarantees passing", "perfect fit", or "strongly recommend installing".
- If you describe how it works after install, you must use a conditional such as "if installed successfully and the host loads the Skill correctly, it might...".
- The experience script may only be written as "example lines / hypothetical flow": use "might ask / might suggest / might show", not "has written, has generated, has passed, is running, is generating".
- Prompt Preview does not hand out install commands; if the user is ready to trial, only prompt them to read Quick Start and the Risk Card first and to verify in an isolated environment.
- Every project fact must come from a supported claim, evidence_refs, or source_paths; inferred/unverified items can only be risks or open questions.

```

### Role / Skill selection

- Goal: Pick the best-matching asset from the project's roles or Skills.
- Expected output: A list of candidate roles or Skills, each with an applicable scenario, evidence paths, risk boundary, and whether after-install verification is needed.

```text
Read role_skill_index and recommend 3-5 of the most relevant roles or Skills for my target task. For each recommendation, state the applicable scenario, likely output, risk boundary, and evidence_refs.
```

### Risk pre-check

- Goal: Identify environment, permission, rule-conflict, and quality risks before installing or adopting.
- Expected output: A checklist of environment, permission, dependency, license, host-conflict, quality risk, and unknown items.

```text
Based on risk_card, boundaries, and quick_start_candidates, give me a pre-install risk pre-check list. Do not run commands for me; only explain what I should check, why, and what impact a failure would have.
```

### Host AI kickoff instruction

- Goal: Turn the project context into a host AI instruction for the start of a conversation.
- Expected output: A pre-work instruction with clear boundaries and clear evidence citations, suitable to copy to a host AI.

```text
Based on the AI Context Pack for thorondor, generate a pre-work instruction I can paste to my host AI. This instruction must obey not_runtime=true and must not claim the project has been installed, run, or produced real results.
```

## Role / Skill Index

- Indexed 1 role / Skill / project-doc entries.

- **thorondor-web-search** (skill): Use Thorondor as a local semantic live-web search system through REST or MCP, returning citation-bearing passages. Use when the user asks to search the live web with this repo, query the local Thorondor service, call POST /search, or use the MCP web search tool. Activation hint: When the user's task is highly relevant to the workflow described by “thorondor-web-search”, use it for a pre-install experience first, then decide whether to install. Evidence: `.agents/skills/thorondor-web-search/SKILL.md`

## Evidence Index

- Indexed 79 evidence entries.

- **Thorondor** (documentation): Public alpha: Thorondor is ready for local self-hosted evaluation, but it is not a managed production service. It does not include built-in endpoint authentication or rate limiting; expose it only behind your own proxy/security layer. Evidence: `README.md`
- **Cluster-Semantic Goldens** (documentation): Regenerate the reviewed cluster-semantic@1 goldens only when deliberately accepting behavior drift: Evidence: `semantic-chunking-service/tests/golden/README.md`
- **Repository Guidelines** (documentation): Project Structure & Module Organization Evidence: `AGENTS.md`
- **CLAUDE.md** (documentation): This file gives Claude Code repo-specific context for thorondor . Evidence: `CLAUDE.md`
- **Architecture Overview** (documentation): Thorondor is a self-hosted semantic web-search service designed for agent workflows that require live web evidence with provenance. It solves the problem of agents needing up-to-date, cited information from the open web without depending on commercial hosted APIs Exa, Tavily, Bing Search, etc. that introduce data residency concerns, rate limits, and vendor lock-in. Evidence: `docs/architecture/overview.md`
- **Contributing** (documentation): Thorondor is a Python/FastAPI project split into an orchestrator service, a semantic chunking service, and a minimal SSRF egress proxy. Evidence: `CONTRIBUTING.md`
- **Thorondor Web Search** (skill_instruction): Use Thorondor only after confirming the local service is reachable: Evidence: `.agents/skills/thorondor-web-search/SKILL.md`
- **License** (source_file): Copyright c 2026 Thorondor contributors Evidence: `LICENSE`
- **Configuration Reference** (documentation): All environment variables must be present in .env and .env.llamacpp or .env.production for the selected Compose overlay . The Python settings loader raises RuntimeError on startup for any missing key — including keys that are intentionally blank. Leave optional keys set to an empty string rather than deleting them. Evidence: `docs/architecture/configuration-reference.md`
- **Dependencies** (documentation): mermaid graph LR Client Client / Agent Evidence: `docs/architecture/dependencies.md`
- **Deployment Guide** (documentation): Thorondor uses two Compose files that can be stacked: Evidence: `docs/architecture/deployment.md`
- **Pipeline Workflow** (documentation): The following diagram shows the complete path of a single search request from client to response across all services. Evidence: `docs/architecture/pipeline-workflow.md`
- **Security Architecture** (documentation): Thorondor operates at the boundary between an agent's query and the open web. The primary threats specific to this architecture are: Evidence: `docs/architecture/security.md`
- **Restyle Thorondor TUI to match Imladris visual & navigation** (documentation): Restyle Thorondor TUI to match Imladris visual & navigation Evidence: `docs/plans/imladris-style-tui.md`
- **Public Readiness Fixes** (documentation): Goal Resolve the public-readiness findings from the adversarial repo review so the repository can be published as a clearly documented public alpha without obvious release, licensing, security, or CI gaps. Evidence: `docs/plans/public-readiness-fixes.md`
- **Remove Comments from Code** (documentation): Goal Remove all comment-like text from code, Dockerfiles, shell scripts, and config files Python, PowerShell, bash, Dockerfile, YAML, TOML, .env , .properties , .tcss . Documentation stays in .md files only. After this change, the code is the only artifact that describes the implementation. Evidence: `docs/plans/remove-comments-from-code.md`
- **Single-Commit Public Republish** (documentation): Goal Preserve the current full-history Thorondor repository as a private archive, then publish a clean public FeanorsCodeSL/thorondor repository containing only the final approved source tree as a single initial commit. Recreate the public repository metadata, CI, release surfaces, and branch protections after publication. Evidence: `docs/plans/single-commit-public-republish.md`
- **Thorondor GHCR Release Images** (documentation): Goal Publish Thorondor first-party runtime images to GHCR and provide a production Compose slice that Tengwar can consume without building from source or mounting the Thorondor source tree. Evidence: `docs/plans/thorondor-ghcr-release-images.md`
- **Thorondor Installer + TUI Configurator** (documentation): Thorondor Installer + TUI Configurator Evidence: `docs/plans/thorondor-installer-wizard.md`
- **Thorondor local configuration.** (source_file): Thorondor local configuration. Every key used by Compose and the Python settings loader is explicit here. Leave optional API keys and filters blank only when intentionally disabled. Evidence: `.env.example`
- **Thorondor llama.cpp local model configuration.** (source_file): Thorondor llama.cpp local model configuration. Copy this to .env.llamacpp, then place the referenced GGUF files under ./models. Evidence: `.env.llamacpp.example`
- **Thorondor production image deployment overlay.** (source_file): Thorondor production image deployment overlay. Load after .env.example: docker compose --env-file .env.example --env-file .env.production.example -f docker-compose.production.yml config Evidence: `.env.production.example`
- **Docker Compose** (source_file): name: thorondor x-internal: &internal restart: unless-stopped networks: internal services: egress-proxy: restart: unless-stopped build: context: ./ssrf-proxy dockerfile: Dockerfile networks: internal, egress environment: PROXY LOG LEVEL: "${PROXY LOG LEVEL}" PROXY HOST: "${PROXY HOST}" PROXY PORT: "${PROXY PORT}" PROXY MAX HEADER BYTES: "${PROXY MAX HEADER BYTES}" PROXY READ CHUNK BYTES: "${PROXY READ CHUNK BYTES}" PROXY RELAY CHUNK BYTES: "${PROXY RELAY CHUNK BYTES}" PROXY BLOCKED IP CATEGORIES: "${PROXY BLOCKED IP CATEGORIES}" PROXY BLOCKED SPECIAL IPS: "${PROXY BLOCKED SPECIAL IPS}" PROXY NAT64 NETWORKS: "${PROXY NAT64 NETWORKS}" PROXY SIX TO FOUR NETWORKS: "${PROXY SIX TO FOUR NETWORKS}… Evidence: `docker-compose.yml`
- **App** (source_file): @asynccontextmanager async def lifespan app: FastAPI ⋮---- app = FastAPI title="thorondor", lifespan=lifespan, redirect slashes=False deps = None settings = None health client: httpx.AsyncClient None = None ⋮---- @app.middleware "http" async def route mcp without redirect request: Request, call next ⋮---- request id = request.headers.get "X-Request-ID" or new request id token = set request id request id ⋮---- response = await call next request ⋮---- def get settings ⋮---- settings = load settings ⋮---- def get deps ⋮---- deps = build deps from settings get settings ⋮---- def get health client - httpx.AsyncClient ⋮---- s = get settings health client = httpx.AsyncClient ⋮---- async def close… Evidence: `orchestrator/app.py`
- **Interfaces** (source_file): class QueryPlanner Protocol ⋮---- async def plan self, query: str - list str : ... ⋮---- class SearchDiscovery Protocol ⋮---- async def search self, subquery: str, freshness: str None = None - list DiscoveryResult : ... ⋮---- class SelectionPolicy Protocol ⋮---- class ContentExtractor Protocol ⋮---- async def extract self, urls: list str - list Page : ... ⋮---- class MarkdownCleaner Protocol ⋮---- def clean self, page: Page - CleanedPage: ... ⋮---- class SemanticChunker Protocol ⋮---- async def chunk self, pages: list Page - list Chunk : ... ⋮---- class CandidatePrefilter Protocol ⋮---- def filter self, query: str, chunks: list Chunk - PrefilteredChunks: ... ⋮---- class Reranker Protocol ⋮-… Evidence: `orchestrator/interfaces.py`
- **Settings** (source_file): MAX CRAWL CONCURRENCY = 20 ⋮---- def required name: str - str ⋮---- value = os.environ.get name ⋮---- def configured optional name: str - str None ⋮---- value = os.environ name ⋮---- def int env name: str - int ⋮---- def float env name: str - float ⋮---- def bool env name: str - bool ⋮---- raw = required name .lower ⋮---- def set env name: str - set str ⋮---- raw = os.environ name ⋮---- def ip set env name: str - set ipaddress.IPv4Address ipaddress.IPv6Address ⋮---- def ipv6 networks env name: str - list ipaddress.IPv6Network ⋮---- networks = ipaddress.ip network value, strict=False for value in set env name invalid = str network for network in networks if network.version != 6 ⋮---- @datacl… Evidence: `orchestrator/settings.py`
- **App** (source_file): HELP = """thorondor - configure and deploy the Thorondor search stack. ⋮---- def extract project dir args: list str - tuple Path None, list str ⋮---- remaining: list str = project dir: Path None = None index = 0 ⋮---- arg = args index ⋮---- project dir = Path args index + 1 ⋮---- project dir = Path arg.partition "=" 2 ⋮---- def doctor project dir: str Path None = None - int ⋮---- project = resolve project dir project dir ⋮---- draft = load draft project.root issues = compute issues draft, {} ⋮---- def run tui project dir: str Path None = None - int ⋮---- def human bytes n: int - str ⋮---- units = "B", "KB", "MB", "GB", "TB" size = float n ⋮---- def download models command project dir: str P… Evidence: `thorondor_cli/app.py`
- **Catalog** (source_file): DependencyKind = Literal "embedding", "reranker", "llm" ⋮---- @dataclass frozen=True class CatalogEntry ⋮---- key: str display name: str kind: DependencyKind default base url: str default model: str health path: str = "/health" rerank path: str = "/rerank" needs token: bool = False ⋮---- CATALOG: tuple CatalogEntry, ... = ⋮---- def entries for kind: DependencyKind - list CatalogEntry ⋮---- def get entry key: str - CatalogEntry None Evidence: `thorondor_cli/catalog.py`
- **Deploy** (source_file): class DeployError RuntimeError ⋮---- @dataclass frozen=True class ComposePlan ⋮---- project dir: Path compose files: list str env files: list str profile: str ⋮---- @dataclass frozen=True class DeployProgress ⋮---- step: str message: str ⋮---- def compose plan project dir: str Path, draft: Draft None = None - ComposePlan ⋮---- root = Path project dir .expanduser .resolve draft = draft or load draft root compose files = "docker-compose.yml", compose overlays draft env files = ".env" profile = draft.profile ⋮---- def compose args plan: ComposePlan - list str ⋮---- args = "compose" ⋮---- def orchestrator url env: dict str, str , path: str - str ⋮---- host = env.get "ORCHESTRATOR HOST", "127.0.… Evidence: `thorondor_cli/deploy.py`
- **Envfile** (source_file): ENV TEMPLATE = "env.example" LLAMACPP TEMPLATE = "env.llamacpp.example" PRODUCTION TEMPLATE = "env.production.example" TEMPLATE FILENAMES = { ⋮---- KEY RE = re.compile r"^ A-Za-z A-Za-z0-9 $" ⋮---- def template repo path project dir: Path None, template name: str - Path None ⋮---- filename = TEMPLATE FILENAMES template name candidate = Path project dir .expanduser .resolve / filename ⋮---- def template text template name: str, project dir: str Path None = None - str ⋮---- """Return template content, preferring repo-root copies when present.""" project path = Path project dir .expanduser .resolve if project dir else None repo path = template repo path project path, template name ⋮---- def st… Evidence: `thorondor_cli/envfile.py`
- **Probe** (source_file): ProbeStatus = Literal "ok", "auth error", "unreachable", "model not found", "other" ⋮---- @dataclass frozen=True class ProbeResult ⋮---- status: ProbeStatus detail: str = "" ⋮---- def auth headers token: str None - dict str, str ⋮---- def clean detail text: str, token: str None - str ⋮---- def status from response response: httpx.Response, token: str None - ProbeResult ⋮---- detail = f"HTTP {response.status code}" body = clean detail response.text :240 , token ⋮---- def post json url: str, payload: dict, token: str None, timeout: float = 30 - ProbeResult ⋮---- response = httpx.post url, json=payload, headers= auth headers token , timeout=timeout ⋮---- def list models base url: str, token: s… Evidence: `thorondor_cli/probe.py`
- **Project** (source_file): REQUIRED PROJECT PATHS = MANAGED MARKER = ".thorondor-managed" MANAGED ASSETS = { MANAGED TEMPLATES = { ⋮---- class ProjectError ValueError ⋮---- @dataclass frozen=True class Project ⋮---- root: Path ⋮---- @property def env path self - Path ⋮---- @property def llamacpp env path self - Path ⋮---- def missing project paths path: Path - list str ⋮---- root = Path path .expanduser .resolve ⋮---- def default project dir - Path ⋮---- def is managed project path: str Path - bool ⋮---- def copy package asset relative parts: tuple str, ... , target: Path - None ⋮---- source = resources.files "thorondor cli" .joinpath relative parts ⋮---- def is empty directory path: Path - bool ⋮---- def ensure mana… Evidence: `thorondor_cli/project.py`
- **App** (source_file): settings = load settings ⋮---- logger = logging.getLogger "chunking-service" ⋮---- app = FastAPI title="Semantic Chunking Service" ⋮---- embedder = EmbeddingFunction ⋮---- @app.middleware "http" async def request id middleware request: Request, call next ⋮---- request id = request.headers.get "X-Request-ID" or new request id token = set request id request id ⋮---- response = await call next request ⋮---- def length text: str - int ⋮---- @app.get "/healthz" def healthz ⋮---- @app.post "/chunk", responses={400: {"description": "Unknown or invalid chunking strategy"}} def chunk req: ChunkRequest - ChunkResponse ⋮---- version = req.strategy version or settings.default strategy version ⋮---- ove… Evidence: `semantic-chunking-service/chunking/app.py`
- **Settings** (source_file): def require env name: str - str ⋮---- value = os.environ.get name ⋮---- def required int env name: str - int ⋮---- def required float env name: str - float ⋮---- def configured optional env name: str - str None ⋮---- value = os.environ name ⋮---- @dataclass frozen=True class Settings ⋮---- log level: str default strategy version: str embedding endpoint: str embedding model: str embedding api key: str None embedding batch size: int embedding timeout s: float ⋮---- def post init self - None ⋮---- def load settings - Settings ⋮---- CHUNKER MAX SEGMENTS DP = required int env "CHUNKER MAX SEGMENTS DP" ⋮---- REWARD CACHE MAX SIZE = required int env "REWARD CACHE MAX SIZE" Evidence: `semantic-chunking-service/chunking/settings.py`
- **Docker Compose** (source_file): name: thorondor x-internal: &internal restart: unless-stopped networks: internal services: egress-proxy: restart: unless-stopped image: "${THORONDOR EGRESS PROXY IMAGE}" networks: internal, egress environment: PROXY LOG LEVEL: "${PROXY LOG LEVEL}" PROXY HOST: "${PROXY HOST}" PROXY PORT: "${PROXY PORT}" PROXY MAX HEADER BYTES: "${PROXY MAX HEADER BYTES}" PROXY READ CHUNK BYTES: "${PROXY READ CHUNK BYTES}" PROXY RELAY CHUNK BYTES: "${PROXY RELAY CHUNK BYTES}" PROXY BLOCKED IP CATEGORIES: "${PROXY BLOCKED IP CATEGORIES}" PROXY BLOCKED SPECIAL IPS: "${PROXY BLOCKED SPECIAL IPS}" PROXY NAT64 NETWORKS: "${PROXY NAT64 NETWORKS}" PROXY SIX TO FOUR NETWORKS: "${PROXY SIX TO FOUR NETWORKS}" PROXY IPV… Evidence: `thorondor_cli/assets/docker-compose.yml`
- **App** (source_file): HarnessStatus = dict str, bool DraftLoader = Callable ..., Draft ⋮---- class ThorondorApp App int ⋮---- CSS PATH = "thorondor.tcss" TITLE = "thorondor" SUB TITLE = "Search Stack Configurator" ⋮---- def on mount self - None ⋮---- def refresh dashboard state self - None ⋮---- def detect harnesses self - HarnessStatus Evidence: `thorondor_cli/tui/app.py`
- **Deploy** (source_file): class DeployScreen ArrowNavigationMixin, Screen None ⋮---- BINDINGS = ARROW NAV BINDINGS, "escape", "cancel", "Back" ⋮---- def compose self - ComposeResult ⋮---- def on mount self - None ⋮---- def on button pressed self, event: Button.Pressed - None ⋮---- def action run self - None ⋮---- log = self.query one " deploy-log", Static lines: list str = ⋮---- def action cancel self - None ⋮---- def refresh dashboard widget self - None ⋮---- refresh = getattr self. dashboard, "refresh dashboard", None Evidence: `thorondor_cli/tui/screens/deploy.py`
- **Search Settings** (source_file): class SearchSettingsScreen ArrowNavigationMixin, Screen None ⋮---- BINDINGS = ARROW NAV BINDINGS, "escape", "cancel", "Cancel" ⋮---- FIELDS: tuple str, ... = ⋮---- def compose self - ComposeResult ⋮---- draft = load draft self.project dir ⋮---- def on mount self - None ⋮---- overrides = {field: self. value field for field in self.FIELDS} Evidence: `thorondor_cli/tui/screens/search_settings.py`
- **Code of Conduct** (documentation): Contributors are expected to keep discussion technical, respectful, and focused on improving the project. Evidence: `CODE_OF_CONDUCT.md`
- **Security Policy** (documentation): Thorondor is intended for self-hosted use. The default Compose configuration binds the orchestrator to 127.0.0.1 ; do not expose it to an untrusted network without a reverse proxy that provides TLS, authentication, authorization, and rate limiting. Evidence: `SECURITY.md`
- **Third-Party Notices** (documentation): This file records the third-party components intentionally referenced by the Thorondor source distribution. It is engineering inventory, not legal advice. The repository does not vendor Python wheels, third-party container image layers, or model weights; binary or container distributors should attach their own generated SBOM for the exact artifacts they ship. Evidence: `THIRD-PARTY-NOTICES.md`
- **Test Settings** (source_file): REQUIRED = ⋮---- def set required env monkeypatch ⋮---- values = { ⋮---- @pytest.mark.parametrize "name", REQUIRED def test missing required var raises monkeypatch, name ⋮---- def test domain blocklist parses explicit configuration monkeypatch ⋮---- settings = load settings ⋮---- @pytest.mark.parametrize "name", "MAX URLS", "RERANKER PATH", "ALLOWLIST ONLY" def test blank required var raises monkeypatch, name ⋮---- def test optional vars must exist but can be blank monkeypatch ⋮---- def test invalid crawl concurrency rejected monkeypatch Evidence: `orchestrator/tests/test_settings.py`
- **Test App** (source_file): class FakeEmbedder ⋮---- def call self, texts ⋮---- def health check self ⋮---- @pytest.fixture def client monkeypatch ⋮---- def test chunk happy path passes metadata and version client ⋮---- r = client.post "/chunk", json={ ⋮---- body = r.json ⋮---- first = body "chunks" 0 ⋮---- def test embedding failure surfaces fallback marker monkeypatch ⋮---- class DownEmbedder ⋮---- client = TestClient appmod.app ⋮---- r = client.post "/chunk", json={"text": "Alpha beta gamma. " 80} ⋮---- def test unknown strategy version is 400 client ⋮---- r = client.post "/chunk", json={"text": "hi there friend", "strategy version": "nope@9"} ⋮---- def test oversized chunk text is 422 client ⋮---- r = client.post… Evidence: `semantic-chunking-service/tests/test_app.py`
- **Test Settings** (source_file): def test require env raises on blank var monkeypatch ⋮---- def test require env returns stripped value monkeypatch ⋮---- def test required int env raises when missing monkeypatch ⋮---- def test required int env parses explicit value monkeypatch ⋮---- def test load settings requires explicit embedding config monkeypatch ⋮---- def test load settings parses explicit embedding config monkeypatch ⋮---- settings = load settings Evidence: `semantic-chunking-service/tests/test_settings.py`
- **Test Deploy** (source_file): def make project tmp path ⋮---- root = tmp path / "thorondor" ⋮---- def test compose args include env files profiles and overlays tmp path ⋮---- root = make project tmp path ⋮---- plan = compose plan root args = compose args plan ⋮---- def test deploy runs config build up sequence monkeypatch, tmp path ⋮---- calls = ⋮---- def runner command, kwargs ⋮---- class FakeResponse ⋮---- def init self, status code=200, payload=None ⋮---- def json self ⋮---- def raise for status self ⋮---- class FakeClient ⋮---- def init self, responses ⋮---- def get self, url ⋮---- def post self, url, json ⋮---- def close self ⋮---- def test wait for health passes only when all dependencies true ⋮---- payload = {"de… Evidence: `thorondor_cli/tests/test_deploy.py`
- **Test Envfile** (source_file): def test seed from bundled template loads required keys outside repo tmp path, monkeypatch ⋮---- values = seed from example ⋮---- def test write env preserves existing secret and quotes values tmp path ⋮---- target = tmp path / ".env" ⋮---- template = {"SEARXNG SECRET": "", "DOMAIN BLOCKLIST": "", "EXTRA": ""} ⋮---- values = read env target ⋮---- def test missing file created at 0600 tmp path Evidence: `thorondor_cli/tests/test_envfile.py`
- **Test Probe** (source_file): respx = pytest.importorskip "respx" ⋮---- @respx.mock def test embedding probe maps success and auth error ⋮---- result = probe embedding "http://auth.test", "bge", "secret" ⋮---- @respx.mock def test reranker probe sends production body and flags bad model ⋮---- route = respx.post "http://rank.test/rerank" .mock ⋮---- result = probe reranker "http://rank.test", "/health", "/rerank", "bad-model", "token" ⋮---- @respx.mock def test list models parses openai and bare list shapes ⋮---- @respx.mock def test llm probe transport error maps unreachable ⋮---- def test host rewrite preserves scheme port path query Evidence: `thorondor_cli/tests/test_probe.py`
- **Test Project** (source_file): def test default resolution creates managed project monkeypatch, tmp path ⋮---- managed = tmp path / "thorondor-home" ⋮---- project = resolve project dir ⋮---- env = read env managed / ".env" ⋮---- def test explicit empty project dir is initialized tmp path ⋮---- project dir = tmp path / "custom" ⋮---- project = resolve project dir project dir Evidence: `thorondor_cli/tests/test_project.py`
- **Secrets - NEVER commit credentials** (source_file): Secrets - NEVER commit credentials After running git rm --cached .env, new .env files won't be tracked .env .env.local .env.llamacpp .env.production .env. .local secrets.env Keep template for documentation !secrets.template.env !.env.llamacpp.example Evidence: `.gitignore`
- **Docker Compose.Llamacpp** (source_file): name: thorondor services: orchestrator: environment: RERANKER ENDPOINT: "http://reranker:8080" RERANKER MODEL: "${LLAMACPP RERANKER ALIAS}" RERANKER PATH: "/reranking" RERANKER HEALTH PATH: "/health" chunker: environment: EMBEDDING ENDPOINT: "http://embedding:8080" EMBEDDING MODEL: "${LLAMACPP EMBEDDING ALIAS}" embedding: profiles: "llamacpp-models" image: "${LLAMACPP IMAGE}" volumes: - ./models:/models:ro command: - "-m" - "${LLAMACPP EMBEDDING MODEL}" - "--host" - "0.0.0.0" - "--port" - "8080" - "--embedding" - "--pooling" - "${LLAMACPP EMBEDDING POOLING}" - "-ub" - "${LLAMACPP UBATCH}" - "-c" - "${LLAMACPP EMBEDDING CONTEXT}" reranker: profiles: "llamacpp-models" image: "${LLAMACPP IMAGE… Evidence: `docker-compose.llamacpp.yml`
- **Docker Compose.Production** (source_file): name: thorondor x-thorondor-internal: &thorondor-internal restart: unless-stopped networks: thorondor-internal services: thorondor-egress-proxy: restart: unless-stopped image: "${THORONDOR EGRESS PROXY IMAGE}" networks: - thorondor-internal - thorondor-egress environment: PROXY LOG LEVEL: "${PROXY LOG LEVEL}" PROXY HOST: "${PROXY HOST}" PROXY PORT: "${PROXY PORT}" PROXY MAX HEADER BYTES: "${PROXY MAX HEADER BYTES}" PROXY READ CHUNK BYTES: "${PROXY READ CHUNK BYTES}" PROXY RELAY CHUNK BYTES: "${PROXY RELAY CHUNK BYTES}" PROXY BLOCKED IP CATEGORIES: "${PROXY BLOCKED IP CATEGORIES}" PROXY BLOCKED SPECIAL IPS: "${PROXY BLOCKED SPECIAL IPS}" PROXY NAT64 NETWORKS: "${PROXY NAT64 NETWORKS}" PROXY… Evidence: `docker-compose.production.yml`
- **Dockerfile** (source_file): ENV PYTHONDONTWRITEBYTECODE=1 \ PYTHONUNBUFFERED=1 Evidence: `orchestrator/Dockerfile`
- **Assembly** (source_file): class ResultAssemblerImpl ⋮---- citation ids: dict str, int = {} citations: list AssembledCitation = passages: list AssembledPassage = total tokens = 0 ⋮---- key = normalize url item.chunk.source url citation id = citation ids.get key ⋮---- citation id = len citations + 1 Evidence: `orchestrator/assembly.py`
- **Content Dedup** (source_file): SPACE = re.compile r"\s+" ⋮---- def fingerprint markdown: str - str ⋮---- normalized = SPACE.sub " ", markdown.lower .strip ⋮---- def content dedup pages: list Page - list Page ⋮---- seen: set str = set out: list Page = ⋮---- key = fingerprint page.markdown Evidence: `orchestrator/content_dedup.py`
- **Fakes** (source_file): def fake extract html: str, kwargs - str ⋮---- async def async boundary - None ⋮---- class FakePlanner ⋮---- def init self ⋮---- async def plan self, query: str - list str ⋮---- class EmptyPlanner ⋮---- async def plan self, query: str - list str ⋮---- class PartialPlanner ⋮---- class DownPlanner ⋮---- class FakeDiscovery ⋮---- async def search self, subquery: str, freshness: str None = None - list DiscoveryResult ⋮---- class EmptyDiscovery ⋮---- async def search self, subquery: str, freshness: str None = None - list DiscoveryResult ⋮---- class PartialDiscovery ⋮---- class DownDiscovery ⋮---- class FakeSelector ⋮---- def init self, subset: list DiscoveryResult None = None ⋮---- class EmptySe… Evidence: `orchestrator/fakes.py`
- **Markdown Cleaner** (source_file): Extractor = Callable ..., str None ⋮---- class MarkdownCleanerImpl ⋮---- @property def cleaner version self - str ⋮---- def clean self, page: Page - CleanedPage ⋮---- original = page.original markdown or page.markdown source = page.html ⋮---- extracted = self. extractor cleaned = extracted.strip if extracted else "" ⋮---- cleaned = page.markdown.strip ⋮---- cleaned page = replace page, markdown=cleaned, original markdown=original Evidence: `orchestrator/markdown_cleaner.py`
- **Mcp Server** (source_file): mcp = FastMCP "thorondor", streamable http path="/", stateless http=True deps override = None ⋮---- def set deps deps - None ⋮---- deps override = deps ⋮---- def get deps ⋮---- request data = { request = SearchRequest {key: value for key, value in request data.items if value is not None} response = await run search request, get deps ⋮---- def main - None Evidence: `orchestrator/mcp_server.py`
- **Merge** (source_file): def merge dedup result sets: list list DiscoveryResult - list DiscoveryResult ⋮---- best: dict str, DiscoveryResult = {} counts: dict str, int = {} ⋮---- key = normalize url result.url ⋮---- existing = best.get key ⋮---- merged = Evidence: `orchestrator/merge.py`
- **Models** (source_file): MAX QUERY CHARS = 500 MAX TOKEN BUDGET = 16 000 MAX SELECTED URLS = 20 MAX PASSAGES = 50 ⋮---- SearchProfile = Literal "quick", "research", "deep" ReasonCode = Literal ⋮---- class Passage BaseModel ⋮---- text: str score: float token count: int citation id: int provenance: Literal "external web" = "external web" trust: Literal "untrusted" = "untrusted" ⋮---- class Citation BaseModel ⋮---- id: int url: str title: str published: str None = None ⋮---- class UrlDiagnostic BaseModel ⋮---- engine: str discovery score: float selected: bool selection reason: str None = None filtered reason: str None = None ⋮---- class RawMarkdown BaseModel ⋮---- markdown: str ⋮---- class SearchStats BaseModel ⋮----… Evidence: `orchestrator/models.py`
- **Normalize** (source_file): def canonical host host: str None - str ⋮---- normalized = host.rstrip "." .lower literal = parse ip literal normalized ⋮---- def host for url: str - str ⋮---- parsed = urlparse url ⋮---- def normalize url url: str - str ⋮---- scheme = parsed.scheme.lower or "https" host = canonical host parsed.hostname port = parsed.port include port = port and not scheme == "http" and port == 80 or scheme == "https" and port == 443 netloc = f"{host}:{port}" if include port else host query = urlencode path = parsed.path.rstrip "/" or "" Evidence: `orchestrator/normalize.py`
- The remaining 19 evidence entries are in `AI_CONTEXT_PACK.json` or `EVIDENCE_INDEX.json`.

## Rules the Host AI Must Follow

- **Treat this asset as pre-work context, not a runtime environment.**: The AI Context Pack contains only an evidence-backed understanding of the project, not the project's executable state. Evidence: `README.md`, `semantic-chunking-service/tests/golden/README.md`, `AGENTS.md`
- **When answering the user, distinguish what can be previewed from what can only be verified after install.**: The consumer value of the pre-install experience comes from reducing bad installs and misjudgments, not from pretending to be a real run. Evidence: `README.md`, `semantic-chunking-service/tests/golden/README.md`, `AGENTS.md`

## Questions the User Should Answer First

- Which host AI or local environment do you plan to use it in?
- Do you just want to experience the workflow first, or are you ready to actually install?
- What matters most to you: install cost, output quality, or conflicts with your existing rules?

## Acceptance Checks

- Every capability claim can be traced back to a file path in evidence_refs.
- AI_CONTEXT_PACK.md does not package previews as a real run.
- The user can understand who it fits, what it can do, how to start, and the risk boundaries within 3 minutes.

---

## Doramagic Context Augmentation

The following sections strengthen the repository context for a host AI. Human Manual data is a reading route, and pitfall notes become operating constraints.

## Human Manual Outline

Usage rule: this is only a reading route and salience signal, not factual authority. Concrete claims must still return to repo evidence or Claim Graph.

Host AI hard rules:
- Do not treat page titles, section order, summaries, or importance values as factual project evidence.
- When explaining the Human Manual outline, state that it is only a reading route or salience signal.
- Capability, installation, compatibility, runtime state, and risk claims must cite repo evidence, source paths, or Claim Graph.

- **Project Overview and System Architecture**: importance `high`
  - source_paths: README.md, docs/architecture/overview.md, docker-compose.yml, orchestrator/app.py, semantic-chunking-service/chunking/app.py
- **Search Pipeline, Data Flow, and APIs**: importance `high`
  - source_paths: orchestrator/pipeline.py, orchestrator/clients/searxng_client.py, orchestrator/clients/crawl4ai_client.py, orchestrator/clients/chunker_client.py, orchestrator/clients/planner.py
- **Configuration, Deployment Profiles, and Security**: importance `high`
  - source_paths: orchestrator/settings.py, orchestrator/interfaces.py, .env.example, .env.llamacpp.example, .env.production.example
- **CLI, Harness Integration, Observability, and Troubleshooting**: importance `medium`
  - source_paths: thorondor_cli/app.py, thorondor_cli/catalog.py, thorondor_cli/deploy.py, thorondor_cli/envfile.py, thorondor_cli/probe.py

## Repo Inspection Evidence

- repo_clone_verified: true
- repo_inspection_verified: true
- repo_commit: `df41da9204371bfe1de26c6b6592e6a6482df6db`
- inspected_files: `README.md`, `docker-compose.yml`, `pyproject.toml`, `uv.lock`, `docs/architecture/configuration-reference.md`, `docs/architecture/dependencies.md`, `docs/architecture/deployment.md`, `docs/architecture/overview.md`, `docs/architecture/pipeline-workflow.md`, `docs/architecture/security.md`, `docs/plans/imladris-style-tui.md`, `docs/plans/public-readiness-fixes.md`, `docs/plans/remove-comments-from-code.md`, `docs/plans/single-commit-public-republish.md`, `docs/plans/thorondor-ghcr-release-images.md`, `docs/plans/thorondor-installer-wizard.md`

Host AI hard rules:
- Without repo_clone_verified=true, do not claim that the source code has been read.
- Without repo_inspection_verified=true, do not write README, docs, or package-file conclusions as facts.
- Without quick_start_verified=true, do not claim that the Quick Start path has run successfully.

## Doramagic Pitfall Constraints

These rules come from Doramagic discovery, validation, or compilation findings. The host AI must treat them as operating constraints, not background notes.

### Constraint 1: Capability evidence risk requires verification

- Trigger: README/documentation is current enough for a first validation pass.
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.assumptions | https://github.com/FeanorsCodeSL/thorondor
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 2: Security or permission risk requires verification

- Trigger: no_demo
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: downstream_validation.risk_items | https://github.com/FeanorsCodeSL/thorondor
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 3: Security or permission risk requires verification

- Trigger: no_demo
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: risks.scoring_risks | https://github.com/FeanorsCodeSL/thorondor
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 4: Maintenance risk requires verification

- Trigger: issue_or_pr_quality=unknown。
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/FeanorsCodeSL/thorondor
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 5: Maintenance risk requires verification

- Trigger: release_recency=unknown。
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/FeanorsCodeSL/thorondor
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.
