# orchestrator-console - Doramagic AI Context Pack

> 定位：安装前体验与判断资产。它帮助宿主 AI 有一个好的开始，但不代表已经安装、执行或验证目标项目。

## 充分原则

- **充分原则，不是压缩原则**：AI Context Pack 应该充分到让宿主 AI 在开工前理解项目价值、能力边界、使用入口、风险和证据来源；它可以分层组织，但不以最短摘要为目标。
- **压缩策略**：只压缩噪声和重复内容，不压缩会影响判断和开工质量的上下文。

## 给宿主 AI 的使用方式

你正在读取 Doramagic 为 orchestrator-console 编译的 AI Context Pack。请把它当作开工前上下文：帮助用户理解适合谁、能做什么、如何开始、哪些必须安装后验证、风险在哪里。不要声称你已经安装、运行或执行了目标项目。

## Claim 消费规则

- **事实来源**：Repo Evidence + Claim/Evidence Graph；Human Wiki 只提供显著性、术语和叙事结构。
- **事实最低状态**：`supported`
- `supported`：可以作为项目事实使用，但回答中必须引用 claim_id 和证据路径。
- `weak`：只能作为低置信度线索，必须要求用户继续核实。
- `inferred`：只能用于风险提示或待确认问题，不能包装成项目事实。
- `unverified`：不得作为事实使用，应明确说证据不足。
- `contradicted`：必须展示冲突来源，不得替用户强行选择一个版本。

## 它最适合谁

- **正在使用 Claude/Codex/Cursor/Gemini 等宿主 AI 的开发者**：README 或插件配置提到多个宿主 AI。 证据：`README.md` Claim：`clm_0002` supported 0.86

## 它能做什么

- **命令行启动或安装流程**（需要安装后验证）：项目文档中存在可执行命令，真实使用需要在本地或宿主环境中运行这些命令。 证据：`README.md` Claim：`clm_0001` supported 0.86

## 怎么开始

- `git clone https://github.com/ernesto01louis/ai-orchestrator.git` 证据：`README.md` Claim：`clm_0003` supported 0.86
- `pip install -r requirements.txt` 证据：`README.md` Claim：`clm_0004` supported 0.86

## 继续前判断卡

- **当前建议**：需要管理员/安全审批
- **为什么**：继续前可能涉及密钥、账号、外部服务或敏感上下文，建议先经过管理员或安全审批。

### 30 秒判断

- **现在怎么做**：需要管理员/安全审批
- **最小安全下一步**：先跑 Prompt Preview；若涉及凭证或企业环境，先审批再试装
- **先别相信**：角色质量和任务匹配不能直接相信。
- **继续会触碰**：角色选择偏差、命令执行、宿主 AI 配置

### 现在可以相信

- **适合人群线索：正在使用 Claude/Codex/Cursor/Gemini 等宿主 AI 的开发者**（supported）：有 supported claim 或项目证据支撑，但仍不等于真实安装效果。 证据：`README.md` Claim：`clm_0002` supported 0.86
- **能力存在：命令行启动或安装流程**（supported）：可以相信项目包含这类能力线索；是否适合你的具体任务仍要试用或安装后验证。 证据：`README.md` Claim：`clm_0001` supported 0.86
- **存在 Quick Start / 安装命令线索**（supported）：可以相信项目文档出现过启动或安装入口；不要因此直接在主力环境运行。 证据：`README.md` Claim：`clm_0003` supported 0.86

### 现在还不能相信

- **角色质量和任务匹配不能直接相信。**（unverified）：角色库证明有很多角色，不证明每个角色都适合你的具体任务，也不证明角色能产生高质量结果。
- **不能把角色文案当成真实执行能力。**（unverified）：安装前只能判断角色描述和任务画像是否匹配，不能证明它能在宿主 AI 里完成任务。
- **真实输出质量不能在安装前相信。**（unverified）：Prompt Preview 只能展示引导方式，不能证明真实项目中的结果质量。
- **宿主 AI 版本兼容性不能在安装前相信。**（unverified）：Claude、Cursor、Codex、Gemini 等宿主加载规则和版本差异必须在真实环境验证。
- **不会污染现有宿主 AI 行为，不能直接相信。**（inferred）：Skill、plugin、AGENTS/CLAUDE/GEMINI 指令可能改变宿主 AI 的默认行为。 证据：`CLAUDE.md`
- **可安全回滚不能默认相信。**（unverified）：除非项目明确提供卸载和恢复说明，否则必须先在隔离环境验证。
- **真实安装后是否与用户当前宿主 AI 版本兼容？**（unverified）：兼容性只能通过实际宿主环境验证。
- **项目输出质量是否满足用户具体任务？**（unverified）：安装前预览只能展示流程和边界，不能替代真实评测。

### 继续会触碰什么

- **角色选择偏差**：用户对任务应该由哪个专家角色处理的判断。 原因：选错角色会让 AI 从错误专业视角回答，浪费时间或误导决策。
- **命令执行**：包管理器、网络下载、本地插件目录、项目配置或用户主目录。 原因：运行第一条命令就可能产生环境改动；必须先判断是否值得跑。 证据：`README.md`
- **宿主 AI 配置**：Claude/Codex/Cursor/Gemini/OpenCode 等宿主的 plugin、Skill 或规则加载配置。 原因：宿主配置会改变 AI 后续工作方式，可能和用户已有规则冲突。 证据：`CLAUDE.md`
- **本地环境或项目文件**：安装结果、插件缓存、项目配置或本地依赖目录。 原因：安装前无法证明写入范围和回滚方式，需要隔离验证。 证据：`README.md`
- **环境变量 / API Key**：项目入口文档明确出现 API key、token、secret 或账号凭证配置。 原因：如果真实安装需要凭证，应先使用测试凭证并经过权限/合规判断。 证据：`CLAUDE.md`, `CONTRIBUTING.md`, `README.md`, `ROADMAP.md` 等
- **宿主 AI 上下文**：AI Context Pack、Prompt Preview、Skill 路由、风险规则和项目事实。 原因：导入上下文会影响宿主 AI 后续判断，必须避免把未验证项包装成事实。

### 最小安全下一步

- **先跑 Prompt Preview**：先用交互式试用验证任务画像和角色匹配，不要先导入整套角色库。（适用：任何项目都适用，尤其是输出质量未知时。）
- **只在隔离目录或测试账号试装**：避免安装命令污染主力宿主 AI、真实项目或用户主目录。（适用：存在命令执行、插件配置或本地写入线索时。）
- **先备份宿主 AI 配置**：Skill、plugin、规则文件可能改变 Claude/Cursor/Codex 的默认行为。（适用：存在插件 manifest、Skill 或宿主规则入口时。）
- **不要使用真实生产凭证**：环境变量/API key 一旦进入宿主或工具链，可能产生账号和合规风险。（适用：出现 API、TOKEN、KEY、SECRET 等环境线索时。）
- **安装后只验证一个最小任务**：先验证加载、兼容、输出质量和回滚，再决定是否深用。（适用：准备从试用进入真实工作流时。）

### 退出方式

- **保留安装前状态**：记录原始宿主配置和项目状态，后续才能判断是否可恢复。
- **准备移除宿主 plugin / Skill / 规则入口**：如果试装后行为异常，可以把宿主 AI 恢复到试装前状态。
- **保留原始角色选择记录**：如果输出偏题，可以回到任务画像阶段重新选择角色，而不是继续沿着错误角色推进。
- **记录安装命令和写入路径**：没有明确卸载说明时，至少要知道哪些目录或配置需要手动清理。
- **准备撤销测试 API key 或 token**：测试凭证泄露或误用时，可以快速止损。
- **如果没有回滚路径，不进入主力环境**：不可回滚是继续前阻断项，不应靠信任或运气继续。

## 哪些只能预览

- 解释项目适合谁和能做什么
- 基于项目文档演示典型对话流程
- 帮助用户判断是否值得安装或继续研究

## 哪些必须安装后验证

- 真实安装 Skill、插件或 CLI
- 执行脚本、修改本地文件或访问外部服务
- 验证真实输出质量、性能和兼容性

## 边界与风险判断卡

- **把安装前预览误认为真实运行**：用户可能高估项目已经完成的配置、权限和兼容性验证。 处理方式：明确区分 prompt_preview_can_do 与 runtime_required。 Claim：`clm_0005` inferred 0.45
- **命令执行会修改本地环境**：安装命令可能写入用户主目录、宿主插件目录或项目配置。 处理方式：先在隔离环境或测试账号中运行。 证据：`README.md` Claim：`clm_0006` supported 0.86
- **待确认**：真实安装后是否与用户当前宿主 AI 版本兼容？。原因：兼容性只能通过实际宿主环境验证。
- **待确认**：项目输出质量是否满足用户具体任务？。原因：安装前预览只能展示流程和边界，不能替代真实评测。
- **待确认**：安装命令是否需要网络、权限或全局写入？。原因：这影响企业环境和个人环境的安装风险。

## 开工前工作上下文

### 加载顺序

- 先读取 how_to_use.host_ai_instruction，建立安装前判断资产的边界。
- 读取 claim_graph_summary，确认事实来自 Claim/Evidence Graph，而不是 Human Wiki 叙事。
- 再读取 intended_users、capabilities 和 quick_start_candidates，判断用户是否匹配。
- 需要执行具体任务时，优先查 role_skill_index，再查 evidence_index。
- 遇到真实安装、文件修改、网络访问、性能或兼容性问题时，转入 risk_card 和 boundaries.runtime_required。

### 任务路由

- **命令行启动或安装流程**：先说明这是安装后验证能力，再给出安装前检查清单。 边界：必须真实安装或运行后验证。 证据：`README.md` Claim：`clm_0001` supported 0.86

### 上下文规模

- 文件总数：222
- 重要文件覆盖：40/222
- 证据索引条目：74
- 角色 / Skill 条目：35

### 证据不足时的处理

- **missing_evidence**：说明证据不足，要求用户提供目标文件、README 段落或安装后验证记录；不要补全事实。
- **out_of_scope_request**：说明该任务超出当前 AI Context Pack 证据范围，并建议用户先查看 Human Manual 或真实安装后验证。
- **runtime_request**：给出安装前检查清单和命令来源，但不要替用户执行命令或声称已执行。
- **source_conflict**：同时展示冲突来源，标记为待核实，不要强行选择一个版本。

## Prompt Recipes

### 适配判断

- 目标：判断这个项目是否适合用户当前任务。
- 预期输出：适配结论、关键理由、证据引用、安装前可预览内容、必须安装后验证内容、下一步建议。

```text
请基于 orchestrator-console 的 AI Context Pack，先问我 3 个必要问题，然后判断它是否适合我的任务。回答必须包含：适合谁、能做什么、不能做什么、是否值得安装、证据来自哪里。所有项目事实必须引用 evidence_refs、source_paths 或 claim_id。
```

### 安装前体验

- 目标：让用户在安装前感受核心工作流，同时避免把预览包装成真实能力或营销承诺。
- 预期输出：一段带边界标签的体验剧本、安装后验证清单和谨慎建议；不含真实运行承诺或强营销表述。

```text
请把 orchestrator-console 当作安装前体验资产，而不是已安装工具或真实运行环境。

请严格输出四段：
1. 先问我 3 个必要问题。
2. 给出一段“体验剧本”：用 [安装前可预览]、[必须安装后验证]、[证据不足] 三种标签展示它可能如何引导工作流。
3. 给出安装后验证清单：列出哪些能力只有真实安装、真实宿主加载、真实项目运行后才能确认。
4. 给出谨慎建议：只能说“值得继续研究/试装”“先补充信息后再判断”或“不建议继续”，不得替项目背书。

硬性边界：
- 不要声称已经安装、运行、执行测试、修改文件或产生真实结果。
- 不要写“自动适配”“确保通过”“完美适配”“强烈建议安装”等承诺性表达。
- 如果描述安装后的工作方式，必须使用“如果安装成功且宿主正确加载 Skill，它可能会……”这种条件句。
- 体验剧本只能写成“示例台词/假设流程”：使用“可能会询问/可能会建议/可能会展示”，不要写“已写入、已生成、已通过、正在运行、正在生成”。
- Prompt Preview 不负责给安装命令；如用户准备试装，只能提示先阅读 Quick Start 和 Risk Card，并在隔离环境验证。
- 所有项目事实必须来自 supported claim、evidence_refs 或 source_paths；inferred/unverified 只能作风险或待确认项。

```

### 角色 / Skill 选择

- 目标：从项目里的角色或 Skill 中挑选最匹配的资产。
- 预期输出：候选角色或 Skill 列表，每项包含适用场景、证据路径、风险边界和是否需要安装后验证。

```text
请读取 role_skill_index，根据我的目标任务推荐 3-5 个最相关的角色或 Skill。每个推荐都要说明适用场景、可能输出、风险边界和 evidence_refs。
```

### 风险预检

- 目标：安装或引入前识别环境、权限、规则冲突和质量风险。
- 预期输出：环境、权限、依赖、许可、宿主冲突、质量风险和未知项的检查清单。

```text
请基于 risk_card、boundaries 和 quick_start_candidates，给我一份安装前风险预检清单。不要替我执行命令，只说明我应该检查什么、为什么检查、失败会有什么影响。
```

### 宿主 AI 开工指令

- 目标：把项目上下文转成一次对话开始前的宿主 AI 指令。
- 预期输出：一段边界明确、证据引用明确、适合复制给宿主 AI 的开工前指令。

```text
请基于 orchestrator-console 的 AI Context Pack，生成一段我可以粘贴给宿主 AI 的开工前指令。这段指令必须遵守 not_runtime=true，不能声称项目已经安装、运行或产生真实结果。
```


## 角色 / Skill 索引

- 共索引 35 个角色 / Skill / 项目文档条目。

- **CLAUDE.md — AI Orchestrator**（project_doc）：Auto-loaded by Claude Code at session start. Describes what EXISTS, what's being built, and the conventions that keep the codebase coherent. Update this file whenever reality diverges from it — a stale CLAUDE.md misleads every session until it's fixed. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`CLAUDE.md`
- **AI Orchestrator**（project_doc）：! CI https://github.com/ernesto01louis/ai-orchestrator/actions/workflows/ci.yml/badge.svg?branch=main https://github.com/ernesto01louis/ai-orchestrator/actions/workflows/ci.yml ! Coverage https://codecov.io/gh/ernesto01louis/ai-orchestrator/branch/main/graph/badge.svg https://codecov.io/gh/ernesto01louis/ai-orchestrator ! License: Apache 2.0 https://img.shields.io/badge/License-Apache 2.0-blue.svg LICENSE 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`README.md`
- **patches/**（project_doc）：One-off, operator-run setup/patch scripts. They are not imported by the orchestrator and not run automatically. Each is applied by hand on the deployment host once, is idempotent safe to re-run — guarded by a marker or a presence check , and backs up the file it edits before changing it. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`patches/README.md`
- **example-consumer**（project_doc）：Reference implementation of a project that consumes the AI Orchestrator through its public contract: the ai-orchestrator-client https://pypi.org/project/ai-orchestrator-client/ PyPI SDK plus the orchestrator's REST + WebSocket surface. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`examples/example-consumer/README.md`
- **orchestrator-console**（project_doc）：Operator console for the AI orchestrator platform. React 18 + Vite + Tailwind + react-query + react-router. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`ui/console/README.md`
- **Contributing**（project_doc）：Single-host, single-LXC for now. Bring a fresh LXC up with Python 3.11+, then: 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`CONTRIBUTING.md`
- **Plugins**（project_doc）：Optional integrations carved out of the base install so the orchestrator stays platform-neutral. See VISION.md ../VISION.md for the "platform not hub" principle. Each plugin ships its own requirements file plus a config block in config.example.json ; the orchestrator runs fine with none of them installed. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/PLUGINS.md`
- **Architecture**（project_doc）：Snapshot at the close of Phase 0 v0.1.0-phase0 . When the layout changes, update this file before the next phase starts. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`ARCHITECTURE.md`
- **Changelog**（project_doc）：Notable changes per tagged release, newest first. Dates are the tag's commit date. Full auto-generated notes are on the GitHub Releases https://github.com/ernesto01louis/ai-orchestrator/releases page; run git log for commit-level detail. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`CHANGELOG.md`
- **ROADMAP.md — AI Orchestrator**（project_doc）：Complete task list. When you finish an item, mark x and note the commit. Re-read the "Do not build" list in CLAUDE.md CLAUDE.md before adding anything new. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`ROADMAP.md`
- **VISION.md — why this orchestrator exists**（project_doc）：VISION.md — why this orchestrator exists 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`VISION.md`
- **MCP Contract — AI Orchestrator**（project_doc）：Contract version: 1.0.0 Mount point: /mcp Streamable HTTP, ASGI sub-app under FastAPI Auth: when ORCHESTRATOR API TOKEN is set on the server, requests must carry Authorization: Bearer RFC 6750 . When unset, auth is disabled. See RUNBOOK.md ../RUNBOOK.md for the full setup. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/MCP_TOOLS.md`
- **NoteDiscovery contract — Phase 3.3 REST**（project_doc）：NoteDiscovery contract — Phase 3.3 REST 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/NOTEDISCOVERY.md`
- **SOPS / age secrets at rest**（project_doc）：Phase 0 deferred → PR 3 of the audit-response hardening pass. Closes the gap flagged by SECURITY.md T3 ../SECURITY.md t3--secret-leakage-from-env . 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/SOPS.md`
- **Goals**（project_doc）：This file tracks high-level project objectives and roadmap. It helps the orchestrator understand WHY tasks are being run, and enables context recovery after gaps in development. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`memory/goals.md`
- **Identity**（project_doc）：You are an autonomous AI code orchestrator running on a self-hosted Proxmox server. Your purpose is to generate, test, judge, optimize, and deploy code to Raspberry Pi targets. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`memory/identity.md`
- **Phase J Scope β — LlmCall Citation-Grade Fidelity**（project_doc）：Phase J Scope β — LlmCall Citation-Grade Fidelity 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/superpowers/followups/phase-j-beta-llm-call-fidelity.md`
- **Phase 1.3 — Prefect 3.x Integration Implementation Plan**（project_doc）：Phase 1.3 — Prefect 3.x Integration Implementation Plan 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/superpowers/plans/2026-05-03-phase-1.3-prefect-integration.md`
- **Phase 1.3 — Session Handoff at Phase B → C boundary 2026-05-04**（project_doc）：Phase 1.3 — Session Handoff at Phase B → C boundary 2026-05-04 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/superpowers/plans/2026-05-04-phase-1.3-session-handoff.md`
- **Phase 1.3 — Prefect 3.x Integration Approach A+**（project_doc）：Phase 1.3 — Prefect 3.x Integration Approach A+ 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/superpowers/specs/2026-05-03-phase-1.3-prefect-integration-design.md`
- **CONSUMERS.md — building a consumer project**（project_doc）：CONSUMERS.md — building a consumer project 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`CONSUMERS.md`
- **RESTORE — disaster recovery for the AI Orchestrator**（project_doc）：RESTORE — disaster recovery for the AI Orchestrator 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`RESTORE.md`
- **Security**（project_doc）：1. GitHub Security Advisories preferred — open a private advisory at https://github.com/ernesto01louis/ai-orchestrator/security/advisories/new 2. Email the maintainer at louis ernesto@aol.com with subject line starting ai-orchestrator security . 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`SECURITY.md`
- **User Prompt**（project_doc）：Write a {{language}} script for this task. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/generator/user_prompt.md`
- **User Prompt Multi**（project_doc）：Write a {{language}} project with multiple files. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/generator/user_prompt_multi.md`
- **System Prompt**（project_doc）：You are a code reviewer. Evaluate code quality and return a JSON score. Score each category from 0 to 10. Be strict but fair. The overall score should reflect the code's readiness for production use. List specific, actionable improvements. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/judge/system_prompt.md`
- **User Prompt**（project_doc）：FILES {{file list}} : {{formatted files}} 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/judge/user_prompt.md`
- **User Prompt**（project_doc）：SUGGESTED IMPROVEMENTS: {{improvements}} 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/optimizer/user_prompt.md`
- **User Prompt Multi**（project_doc）：SUGGESTED IMPROVEMENTS: {{improvements}} 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/optimizer/user_prompt_multi.md`
- **System Prompt**（project_doc）：You create implementation plans as structured JSON. Always respond with valid JSON matching the required schema. Choose the best language for the task. Available languages: python, bash, javascript. - Use python for data processing, APIs, automation, math, ML - Use bash for system admin, file operations, service management, cron jobs, simple automation - Use javascript for web servers, REST APIs, real-time apps, das… 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/planner/system_prompt.md`
- **User Prompt**（project_doc）：Create an implementation plan for this task. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/planner/user_prompt.md`
- **System Prompt**（project_doc）：You decide which tools to run before code generation to gather information or prepare the environment. Only select tools that are genuinely useful for the specific task. If no tools are needed, return an empty tools list. Never select tools speculatively — only when they will meaningfully improve the generated code. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/tool_dispatch/system_prompt.md`
- **User Prompt**（project_doc）：Decide which tools to run before generating code for this task. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/tool_dispatch/user_prompt.md`
- **User Prompt**（project_doc）：Fix this {{language}} code that crashed. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/troubleshooter/user_prompt.md`
- **User Prompt Multi**（project_doc）：Fix this {{language}} project that crashed. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`agents/troubleshooter/user_prompt_multi.md`

## 证据索引

- 共索引 74 条证据。

- **CLAUDE.md — AI Orchestrator**（documentation）：Auto-loaded by Claude Code at session start. Describes what EXISTS, what's being built, and the conventions that keep the codebase coherent. Update this file whenever reality diverges from it — a stale CLAUDE.md misleads every session until it's fixed. 证据：`CLAUDE.md`
- **AI Orchestrator**（documentation）：! CI https://github.com/ernesto01louis/ai-orchestrator/actions/workflows/ci.yml/badge.svg?branch=main https://github.com/ernesto01louis/ai-orchestrator/actions/workflows/ci.yml ! Coverage https://codecov.io/gh/ernesto01louis/ai-orchestrator/branch/main/graph/badge.svg https://codecov.io/gh/ernesto01louis/ai-orchestrator ! License: Apache 2.0 https://img.shields.io/badge/License-Apache 2.0-blue.svg LICENSE 证据：`README.md`
- **patches/**（documentation）：One-off, operator-run setup/patch scripts. They are not imported by the orchestrator and not run automatically. Each is applied by hand on the deployment host once, is idempotent safe to re-run — guarded by a marker or a presence check , and backs up the file it edits before changing it. 证据：`patches/README.md`
- **example-consumer**（documentation）：Reference implementation of a project that consumes the AI Orchestrator through its public contract: the ai-orchestrator-client https://pypi.org/project/ai-orchestrator-client/ PyPI SDK plus the orchestrator's REST + WebSocket surface. 证据：`examples/example-consumer/README.md`
- **orchestrator-console**（documentation）：Operator console for the AI orchestrator platform. React 18 + Vite + Tailwind + react-query + react-router. 证据：`ui/console/README.md`
- **Contributing**（documentation）：Single-host, single-LXC for now. Bring a fresh LXC up with Python 3.11+, then: 证据：`CONTRIBUTING.md`
- **Plugins**（documentation）：Optional integrations carved out of the base install so the orchestrator stays platform-neutral. See VISION.md ../VISION.md for the "platform not hub" principle. Each plugin ships its own requirements file plus a config block in config.example.json ; the orchestrator runs fine with none of them installed. 证据：`docs/PLUGINS.md`
- **Package**（package_manifest）：{ "name": "orchestrator-console", "private": true, "version": "0.1.0", "type": "module", "description": "Operator console for the AI orchestrator platform", "scripts": { "dev": "vite", "build": "tsc -b && vite build", "preview": "vite preview", "lint": "eslint . --ext ts,tsx --report-unused-disable-directives --max-warnings 0", "typecheck": "tsc -b --noEmit" }, "dependencies": { "@radix-ui/react-slot": "^1.1.1", "@tanstack/react-query": "^5.66.0", "class-variance-authority": "^0.7.1", "clsx": "^2.1.1", "lucide-react": "^0.469.0", "react": "^18.3.1", "react-dom": "^18.3.1", "react-router-dom": "^6.28.0", "tailwind-merge": "^2.6.0" }, "devDependencies": { "@types/node": "^25.7.0", "@types/rea… 证据：`ui/console/package.json`
- **License**（source_file）：Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ 证据：`LICENSE`
- **Architecture**（documentation）：Snapshot at the close of Phase 0 v0.1.0-phase0 . When the layout changes, update this file before the next phase starts. 证据：`ARCHITECTURE.md`
- **Changelog**（documentation）：Notable changes per tagged release, newest first. Dates are the tag's commit date. Full auto-generated notes are on the GitHub Releases https://github.com/ernesto01louis/ai-orchestrator/releases page; run git log for commit-level detail. 证据：`CHANGELOG.md`
- **ROADMAP.md — AI Orchestrator**（documentation）：Complete task list. When you finish an item, mark x and note the commit. Re-read the "Do not build" list in CLAUDE.md CLAUDE.md before adding anything new. 证据：`ROADMAP.md`
- **VISION.md — why this orchestrator exists**（documentation）：VISION.md — why this orchestrator exists 证据：`VISION.md`
- **MCP Contract — AI Orchestrator**（documentation）：Contract version: 1.0.0 Mount point: /mcp Streamable HTTP, ASGI sub-app under FastAPI Auth: when ORCHESTRATOR API TOKEN is set on the server, requests must carry Authorization: Bearer RFC 6750 . When unset, auth is disabled. See RUNBOOK.md ../RUNBOOK.md for the full setup. 证据：`docs/MCP_TOOLS.md`
- **NoteDiscovery contract — Phase 3.3 REST**（documentation）：NoteDiscovery contract — Phase 3.3 REST 证据：`docs/NOTEDISCOVERY.md`
- **SOPS / age secrets at rest**（documentation）：Phase 0 deferred → PR 3 of the audit-response hardening pass. Closes the gap flagged by SECURITY.md T3 ../SECURITY.md t3--secret-leakage-from-env . 证据：`docs/SOPS.md`
- **Goals**（documentation）：This file tracks high-level project objectives and roadmap. It helps the orchestrator understand WHY tasks are being run, and enables context recovery after gaps in development. 证据：`memory/goals.md`
- **Identity**（documentation）：You are an autonomous AI code orchestrator running on a self-hosted Proxmox server. Your purpose is to generate, test, judge, optimize, and deploy code to Raspberry Pi targets. 证据：`memory/identity.md`
- **Phase J Scope β — LlmCall Citation-Grade Fidelity**（documentation）：Phase J Scope β — LlmCall Citation-Grade Fidelity 证据：`docs/superpowers/followups/phase-j-beta-llm-call-fidelity.md`
- **Phase 1.3 — Prefect 3.x Integration Implementation Plan**（documentation）：Phase 1.3 — Prefect 3.x Integration Implementation Plan 证据：`docs/superpowers/plans/2026-05-03-phase-1.3-prefect-integration.md`
- **Phase 1.3 — Session Handoff at Phase B → C boundary 2026-05-04**（documentation）：Phase 1.3 — Session Handoff at Phase B → C boundary 2026-05-04 证据：`docs/superpowers/plans/2026-05-04-phase-1.3-session-handoff.md`
- **Phase 1.3 — Prefect 3.x Integration Approach A+**（documentation）：Phase 1.3 — Prefect 3.x Integration Approach A+ 证据：`docs/superpowers/specs/2026-05-03-phase-1.3-prefect-integration-design.md`
- **Config.Example**（structured_config）：{ " comment": "Example configuration. Copy to config.json and fill in real values. Secrets tokens, API keys should live in .env instead; see .env.example.", "ollama": { "main url": "http://OLLAMA MAIN HOST:11434", "judge url": "http://OLLAMA JUDGE HOST:11434", "planner url": "http://OLLAMA JUDGE HOST:11434", "judge fallback model": "qwen2.5:72b" }, "hindsight": { "enabled": false, "url": "http://HINDSIGHT HOST:8888", "bank id": "Orchestrator", "timeout": 120 }, "notifications": { "enabled": false, "service": "gotify", "ntfy url": "http://NTFY HOST:8090", "ntfy topic": "ai-orchestrator", "ntfy priority": "default", "gotify url": "http://GOTIFY HOST:80", " gotify token note": "Set GOTIFY TOKE… 证据：`config.example.json`
- **Walk without modifying; report what would happen.**（source_file）：def resolve run dir run id: str, projects dir: Path - Path None ⋮---- matches: list Path = ⋮---- candidate = project dir / "runs" / run id ⋮---- def cmd verify run args: argparse.Namespace - int ⋮---- projects dir = Path args.projects dir if args.projects dir else Path PROJECTS DIR run dir = resolve run dir args.run id, projects dir ⋮---- result = verify run manifest run dir ⋮---- def cmd verify campaign args: argparse.Namespace - int ⋮---- campaigns dir = Path args.campaigns dir if args.campaigns dir else Path CAMPAIGN TEMPLATES DIR ⋮---- campaign dir = campaigns dir / args.campaign id ⋮---- result = verify campaign merkle campaign dir, projects dir ⋮---- def cmd rotate logs args: argparse… 证据：`cli/main.py`
- **Consumer Health**（source_file）：logger = logging.getLogger name ⋮---- health daemon thread: threading.Thread None = None health daemon lock = threading.Lock health daemon stop = threading.Event ⋮---- PROBE TIMEOUT SECONDS = 5.0 ⋮---- def probe one base url: str - str ⋮---- resp = requests.get ⋮---- def health poll pass - int ⋮---- registry = load consumers ⋮---- now = datetime.now timezone.utc .isoformat ⋮---- base url = record.get "base url" or "" status = probe one base url if base url else "unknown" ⋮---- def start consumer health daemon - None ⋮---- interval = CONSUMERS HEALTH POLL SECONDS ⋮---- def loop - None ⋮---- thread = threading.Thread health daemon thread = thread ⋮---- def stop consumer health daemon - None 证据：`core/consumer_health.py`
- **Note Discovery**（source_file）：HIGHLIGHT RE = re.compile r" . ? ", re.IGNORECASE re.DOTALL ⋮---- @dataclass frozen=True class Note ⋮---- """A single NoteDiscovery search result. snippet is the concatenated context from all matches in the note, with NoteDiscovery's HTML stripped. """ ⋮---- name: str path: str folder: str snippet: str ⋮---- def strip marks text: str - str ⋮---- """Drop NoteDiscovery's … HTML used for hit-highlighting in match contexts.""" ⋮---- def api key header - dict str, str ⋮---- """Optional X-API-Key header from .env . NoteDiscovery 0.19.1 advertises auth in OpenAPI but doesn't enforce it; we send the header anyway so future tightening doesn't break us.""" key = os.environ.get "NOTEDISCOVERY API KEY"… 证据：`core/note_discovery.py`
- **Init**（source_file）：all = "EvalScore", "is enabled", "score response" 证据：`eval_pkg/__init__.py`
- **Init**（source_file）：BUILTIN PLUGINS = { ⋮---- pm: pluggy.PluginManager None = None ⋮---- def get plugin manager - pluggy.PluginManager ⋮---- pm = pluggy.PluginManager PLUGIN NAMESPACE ⋮---- pm = pm ⋮---- def reset plugin manager - None ⋮---- pm = None 证据：`evidence/__init__.py`
- **Phase 2.1: mirror the bundle metadata into Postgres. crate sha256**（source_file）：CAMPAIGNS OUTPUT DIR = REPO ROOT / "campaigns" ⋮---- def host from url url: str - str ⋮---- netloc = urlparse url .netloc ⋮---- netloc = "" ⋮---- campaigns = load campaigns ⋮---- raw = campaigns campaign id campaign = Campaign.model validate raw crate dir = CAMPAIGNS OUTPUT DIR / campaign id ⋮---- key = signing key or SigningKey.load builder = BundleBuilder bundle = builder.build ⋮---- Phase 2.1: mirror the bundle metadata into Postgres. crate sha256 is the sha256 of the DSSE envelope file — the same byte-stream whose signature is the tamper-evidence anchor for the whole crate. Failure is logged + swallowed inside mirror evidence bundle. ⋮---- envelope path = crate dir / "manifest.json.dsse… 证据：`evidence/builder.py`
- **── REFORMS auto-fill rules ──────────────────────────**（source_file）：TODO = "TODO researcher to fill via POST /campaigns/{id}/evidence/checklist " ⋮---- REFORMS ITEMS: list tuple str, str = ⋮---- NEURIPS ITEMS: list tuple str, str = ⋮---- auto = reforms autofills ⋮---- def build model cards targets: "list LlmTarget " - dict str, str ⋮---- """One Mitchell-style model card per LLM target.""" ⋮---- def build datasheets prompts: list str - dict str, str ⋮---- """One Gebru-style datasheet per data input. For LLM-orchestration campaigns the only data input is the prompt corpus, so a single prompt corpus datasheet is emitted. prompts is the deduped list of rendered prompts seen across the campaign. """ ⋮---- ── REFORMS auto-fill rules ────────────────────────── ⋮--… 证据：`evidence/checklists.py`
- **── per-entity emitters ──────────────────────────────**（source_file）：RO CRATE CONTEXT = "https://w3id.org/ro/crate/1.2/context" RO CRATE PROFILE = "https://w3id.org/ro/crate/1.2" WRROC PROVENANCE PROFILE = AI ORCHESTRATOR BUNDLE PROPERTY = "ai orchestrator:bundle" AI ORCHESTRATOR NAMESPACE = { ⋮---- def to rocrate bundle: EvidenceBundle - dict str, Any ⋮---- descriptor = { ⋮---- llm entities = llm target entity t, idx for idx, t in enumerate bundle.llm targets run entities = run action entity r for r in bundle.runs artifact entities = artifact entity a for a in bundle.artifacts reference entities = reference entity r, idx for idx, r in enumerate bundle.references ⋮---- control action = { control action = {k: v for k, v in control action.items if v is not Non… 证据：`evidence/rocrate.py`
- **── key material ─────────────────────────────────────**（source_file）：DSSE PAYLOAD TYPE = "application/vnd.in-toto+json" PAE PREFIX = b"DSSEv1" ⋮---- DEFAULT KEY DIR = Path "/etc/ai-orchestrator/signing" SEED FILENAME = "ed25519.seed" PUBLIC FILENAME = "ed25519.pub" ⋮---- def canonical json obj: Any - bytes ⋮---- def dsse pae payload type: str, payload: bytes - bytes ⋮---- def keyid from public public key: bytes - str ⋮---- """16-hex-char keyid: first 16 chars of sha256 pubkey .""" ⋮---- ── key material ───────────────────────────────────── ⋮---- class SigningKey ⋮---- """Wraps a PyNaCl Ed25519 SigningKey with file-based persistence. Seed and public-key are stored as base64-encoded files in a key directory. The seed file is chmod 600 the install script sets t… 证据：`evidence/signing.py`
- **1. recompute manifest digests**（source_file）：def main - int ⋮---- parser = argparse.ArgumentParser description= doc ⋮---- args = parser.parse args ⋮---- crate dir = args.crate dir.resolve errors: list str = ⋮---- manifest path = crate dir / "manifest.json" dsse path = crate dir / "manifest.json.dsse" public key path = crate dir / "public.key" evidence path = crate dir / "evidence.json" ⋮---- 1. recompute manifest digests statement = InTotoStatement.model validate json manifest path.read text ⋮---- target = crate dir / subj.name ⋮---- actual = sha256 file target expected = subj.digest "sha256" ⋮---- 2. verify the DSSE envelope envelope = DsseEnvelope.model validate json dsse path.read text public key = base64.b64decode public key path.… 证据：`evidence/verify.py`
- **-- JavaScript dependency detection --**（source_file）：SAFE PKG PATTERN = re.compile r"^ a-zA-Z0-9 \-\.\ \ < =!, +$" ⋮---- def verify local code, command args, tmp path ⋮---- """Try to verify locally. Raises FileNotFoundError if tool missing.""" ⋮---- r = subprocess.run command args, capture output=True, text=True, timeout=30 ⋮---- def verify remote code, target, remote cmd, run id ⋮---- """Verify on the target Pi via SSH.""" remote tmp = "/tmp/ai verify tmp" ⋮---- result = ssh command target, remote cmd.replace "{file}", remote tmp ⋮---- VERIFY CONFIG = { ⋮---- def verify code code, language, target, run id ⋮---- lang key = language.lower .strip ⋮---- alias map = {"node": "javascript", "nodejs": "javascript", lang key = alias map.get lang key,… 证据：`execution/__init__.py`
- **Init**（source_file）：all = 证据：`manifest/__init__.py`
- **Pad to even length by duplicating the last node**（source_file）：def compute merkle root leaves: list bytes - str ⋮---- level: list bytes = hashlib.sha256 leaf .digest for leaf in leaves ⋮---- next level: list bytes = Pad to even length by duplicating the last node ⋮---- level = next level ⋮---- def missing sentinel run id: str - str ⋮---- """Deterministic placeholder hash for a run with no manifest.json. Keeps Merkle tree shape stable when a run failed before its manifest was written.""" ⋮---- run dirs: list tuple str, str, Path , run id, project name, run dir ⋮---- """Compute a campaign Merkle dict from the given run directories. For each run dir, hashes its manifest.json. If missing, uses a deterministic sentinel: sha256 b"MISSING MANIFEST:" + run id.… 证据：`manifest/merkle.py`
- **Run Manifest**（source_file）：ManifestStatus = Literal "ok", "corrupted", "missing", "skipped" ⋮---- @dataclass class VerifyResult ⋮---- status: ManifestStatus mismatches: list str = field default factory=list expected: dict str, str None = None actual: dict str, str None = None ⋮---- @property def valid self - bool ⋮---- def iter run files run dir: Path - Iterator tuple str, Path ⋮---- rel = path.relative to run dir ⋮---- def compute run manifest run dir: Path, run id: str None = None - dict str, Any ⋮---- run id = run dir.name ⋮---- files: list dict str, Any = sorted ⋮---- def write run manifest run dir: Path, run id: str None = None - Path ⋮---- manifest = compute run manifest run dir, run id=run id dest = run dir /… 证据：`manifest/run_manifest.py`
- **Write through to BOTH Redis fast cross-instance and JSON**（source_file）：def load prompt index ⋮---- def save prompt index data ⋮---- def load embed cache ⋮---- def save embed cache data ⋮---- def load negative memory ⋮---- def save negative memory data ⋮---- def load model stats ⋮---- def save model stats data ⋮---- def load campaigns ⋮---- def save campaigns data, changed ids=None ⋮---- def load consumers ⋮---- def save consumers data ⋮---- def generate embedding text ⋮---- redis hit = redis cache.embed cache get text ⋮---- cache = load embed cache ⋮---- r = requests.post ⋮---- data = r.json ⋮---- emb = data "embedding" ⋮---- emb = data "data" 0 "embedding" ⋮---- Write through to BOTH Redis fast cross-instance and JSON restart-survival when Redis is disabled o… 证据：`memory_pkg/__init__.py`
- **── Agent schemas loaded at import time ─────────**（source_file）：run counter since dream = 0 ⋮---- SAFE FILENAME = re.compile r"^ ?!. \.\. a-zA-Z0-9 \-\. +$" ⋮---- ── Agent schemas loaded at import time ───────── Single-sourced from agents/ /schema.json via agents.loader.load schema imported at the top of the module . Missing or invalid schema → RuntimeError at import time fail-fast . The previous inline-fallback pattern silently activated a stale schema dict whenever the on-disk file failed to load, which broke structured-output validation in confusing ways once the canonical schemas drifted planner gained project type / execution mode / port / steps ; judge swapped scalar score for multi-dimensional scoring; etc. . PLAN SCHEMA = load agent schema "plan… 证据：`orchestration/__init__.py`
- **Init**（source_file）：logger = logging.getLogger name ⋮---- def get execution mode - str ⋮---- val = CONFIG.get "prefect", {} .get "execution mode", "in process" ⋮---- def get api url - str ⋮---- env = os.environ.get "PREFECT API URL" ⋮---- val = CONFIG.get "prefect", {} .get ⋮---- def get work pool - str ⋮---- val = CONFIG.get "prefect", {} .get "work pool", "orchestrator-pool" ⋮---- def raw healthcheck - bool ⋮---- url = get api url .rstrip "/" + "/health" ⋮---- r = client.get url ⋮---- def healthcheck - bool ⋮---- def notify prefect down - None ⋮---- def set flow run state flow run id: str, state type: str - None ⋮---- url = get api url .rstrip "/" + f"/flow runs/{flow run id}/set state" payload = {"state": {… 证据：`prefect_io/__init__.py`
- **pymupdf4llm does the heavy lifting: tables, headings, lists → markdown**（source_file）：def url cache state ⋮---- TEXT EXTENSIONS = {".md", ".txt", ".csv", ".json", ".yaml", ".yml", ".toml", ⋮---- MAX REFERENCE UPLOAD BYTES = 50 1024 1024 MAX REFERENCE CONTENT CHARS = 120 000 ⋮---- def detect vision model ⋮---- vision keywords = "llava", "minicpm-v", "bakllava", "moondream", "vision" ⋮---- def describe image with vision image bytes, model, base url, context="" ⋮---- """Use a vision model to describe an image. Returns description string.""" b64 = base64.b64encode image bytes .decode "utf-8" ⋮---- prompt = "Describe this image concisely. Focus on data, diagrams, charts, or technical content. " ⋮---- r = requests.post ⋮---- def convert pdf to markdown pdf path, run id="convert" ⋮… 证据：`references_pkg/__init__.py`
- **Gates: check learned safety rules before execution**（source_file）：def tool dispatch schema ⋮---- TOOL REGISTRY PATH = Path "/opt/ai-orchestrator/tool registry.json" ⋮---- def load tool registry ⋮---- def save tool registry tools: list ⋮---- TOOL CMD BLOCKLIST = re.compile ⋮---- r"rm\s+-rf\s+/ ?!\btmp\b " rm -rf / except /tmp r"mkfs\. " formatting filesystems r"dd\s+. of=/dev/ " raw disk writes r":\ \ \{. \} " fork bomb r" \s /dev/sd " overwrite block devices r"chmod\s+-R\s+777\s+/ " recursive 777 on root r"curl\s+. \ \s ?:ba ?sh " pipe-to-shell ⋮---- def sanitize tool args args: dict, tool name: str - dict ⋮---- def execute tool tool name, args, target, run id ⋮---- registry = load tool registry defn = next t for t in registry if t "name" == tool name , N… 证据：`tools/__init__.py`
- **Init**（source_file）：router = APIRouter ⋮---- UI DIR = Path "/opt/ai-orchestrator/ui" 证据：`api/routes/__init__.py`
- **Activity**（source_file）：router = APIRouter ⋮---- RUN INDEX = Path MEMORY DIR / "run index.json" ⋮---- def parse ts raw: str None - datetime None ⋮---- dt = datetime.fromisoformat raw ⋮---- def run events cutoff: datetime - list dict str, Any ⋮---- index = json.loads RUN INDEX.read text ⋮---- events: list dict str, Any = ⋮---- ts = parse ts info.get "timestamp" ⋮---- phase = info.get "phase", "?" project = info.get "project", "?" has error = bool info.get "has error" score = info.get "score" ⋮---- def campaign events cutoff: datetime - list dict str, Any ⋮---- campaigns = load campaigns ⋮---- name = camp.get "name", cid :8 n runs = len camp.get "runs", created = parse ts camp.get "created at" ⋮---- completed = pars… 证据：`api/routes/activity.py`
- **------------------------------------------------**（source_file）：router = APIRouter ⋮---- @router.get "/notifications/config" def get notification config ⋮---- class TestNotificationRequest BaseModel ⋮---- title: str None = "Test Notification" message: str None = "This is a test from the AI Orchestrator." ⋮---- @router.post "/notifications/test" def test notification req: TestNotificationRequest = None ⋮---- title = "Test Notification" message = "This is a test from the AI Orchestrator." ⋮---- title = req.title or title message = req.message or message ⋮---- @router.post "/notifications/quick-actions" def api quick actions ⋮---- @router.post "/notifications/cheatsheet" def api send cheatsheet run id: str = None, project name: str = None, target: str = No… 证据：`api/routes/admin.py`
- **Campaigns**（source_file）：router = APIRouter ⋮---- def campaign or 404 campaign id: str - dict ⋮---- campaigns = load campaigns ⋮---- def set campaign flag campaign id: str, flag: str, value: bool - None ⋮---- cs = CAMPAIGN STATUS.setdefault campaign id, {} ⋮---- @router.post "/campaigns" def create campaign req: CampaignCreate ⋮---- campaign id = str uuid.uuid4 now = datetime.utcnow .isoformat ⋮---- combos = expand grid req.params, max runs=req.max runs ⋮---- record = { ⋮---- result = submit campaign campaign id ⋮---- @router.get "/campaigns" def list campaigns ⋮---- out = ⋮---- runs = c.get "runs", scores = r.get "score", 0 for r in runs if r.get "score" is not None mean = sum scores / len scores if scores else No… 证据：`api/routes/campaigns.py`
- **build model summaries**（source_file）：router = APIRouter ⋮---- @router.get "/references" def list references ⋮---- refs = seen stems = set ⋮---- stem = f.stem ⋮---- md path = REFERENCE DIR / f"{stem}.md" has markdown = md path.exists and f.suffix.lower != ".md" st = f.stat ⋮---- @router.get "/references/{filename}/content" def get reference content filename: str ⋮---- safe name = re.sub r" ^a-zA-Z0-9 \-\. ", " ", filename stem = Path safe name .stem ⋮---- orig path = REFERENCE DIR / safe name ⋮---- content = orig path.read text errors="replace" ⋮---- @router.delete "/references/{filename}" def delete reference filename: str ⋮---- path = REFERENCE DIR / safe name ⋮---- img dir = REFERENCE DIR / f"{stem} images" ⋮---- @router.get… 证据：`api/routes/content.py`
- **Health**（source_file）：router = APIRouter ⋮---- def probe postgres - str ⋮---- def probe redis - str ⋮---- def probe otel - str ⋮---- def probe dvc - str ⋮---- def flatten ollama status ollama status: dict - str ⋮---- states = s.get "status", "" for s in ollama status.values ⋮---- @router.get "/models" def get models ⋮---- @router.get "/models/loaded" def get models loaded ⋮---- @router.get "/health" def get health ⋮---- health = get orchestrator health active = get active runs ⋮---- ollama status = {} ⋮---- r = requests.get f"{url}/api/tags", timeout=5 ⋮---- hindsight health = {"enabled": HINDSIGHT ENABLED} ⋮---- r = requests.get f"{HINDSIGHT URL}/v1/default/banks", timeout=5 ⋮---- services = { ⋮---- @router.get… 证据：`api/routes/health.py`
- **Memory**（source_file）：router = APIRouter ⋮---- @router.get "/memory" def get memory ⋮---- index = load prompt index ⋮---- entries = ⋮---- e = {k: v for k, v in entry.items if k != "embedding"} ⋮---- @router.get "/memory/negative" def get negative memory ⋮---- entries = load negative memory ⋮---- clean = ⋮---- @router.get "/memory/search" def search memory q: str ⋮---- positive = find similar q negative = find negative matches q ⋮---- pos results = ⋮---- neg results = ⋮---- @router.get "/model-stats" def get model stats endpoint ⋮---- stats = load model stats ⋮---- summary = {} ⋮---- total = s "total runs" avg score = s "total score" / total if total 0 else 0 win rate = s "wins" / total 100 if total 0 else 0 fail… 证据：`api/routes/memory.py`
- **Phase 2.6: accept the wider set {approve, reject, edit, skip, abort}**（source_file）：router = APIRouter ⋮---- @router.post "/orchestrate" def orchestrate req: OrchestrateRequest ⋮---- run id = str uuid.uuid4 ⋮---- result = submit orchestration req, run id ⋮---- @router.get "/status/{run id}" def status run id: str ⋮---- info = RUN STATUS run id ⋮---- response = { ⋮---- manifest status = info.get "manifest status" ⋮---- project = info.get "project" ⋮---- run dir = Path PROJECTS DIR / project / "runs" / run id ⋮---- result = verify run manifest run dir manifest status = result.status ⋮---- manifest status = "skipped" ⋮---- @router.get "/result/{run id}" def result run id: str ⋮---- @router.get "/runs" def list runs ⋮---- run index = load run index ⋮---- seen = set runs = ⋮---… 证据：`api/routes/runs.py`
- **Backend base URL — REST + WS proxied through Vite during dev.**（source_file）：Backend base URL — REST + WS proxied through Vite during dev. Same-origin in production mount at /console on FastAPI , so the proxy only matters for npm run dev . VITE API BASE=http://localhost:8000 证据：`ui/console/.env.example`
- **Confidencebar**（source_file）：import { TONE, type Tone } from "@/components/ui/badge"; ⋮---- export function ConfidenceBar 证据：`ui/console/src/components/ConfidenceBar.tsx`
- **Mocks**（source_file）：import type { Campaign, Health, Metrics, Run, TimelineEvent, WsMessage, } from "./types"; ⋮---- const ago = s: number : string ⋮---- function genSpark seed: number, n = 32, base = 50, vol = 12 : number ⋮---- export function createMockWsBus : ⋮---- subscribe fn 证据：`ui/console/src/lib/mocks.ts`
- **Types**（source_file）：export type Phase = "planner" "post planner" "generator" "judge" "optimizer" "complete" "failed"; ⋮---- export type HitlMode = "full auto" "gate only" "checkpoint" "step by step" "co pilot" "smartpause"; ⋮---- export type PausedState = null "smartpause" hitl:${string} ; ⋮---- export interface Run { id: string; project: string; campaign id: string; phase: Phase; score: number null; model: string; target: string; started at: string; paused: PausedState; hitl mode: HitlMode; confidence?: number; } ⋮---- export interface Budget { used: number; total: number; percentage: number; state: "healthy" "warn" "err"; } ⋮---- export interface Campaign { id: string; name: string; hitl mode: HitlMode; stat… 证据：`ui/console/src/lib/types.ts`
- **Hitl**（source_file）：import { useEffect, useMemo, useState } from "react"; import { AlertTriangle, Check, Edit, Hand, RefreshCw, X } from "lucide-react"; import { Card } from "@/components/ui/card"; import { Badge, TONE, type Tone } from "@/components/ui/badge"; import { Button } from "@/components/ui/button"; import { ConfidenceBar } from "@/components/ConfidenceBar"; import { PhaseBadge } from "@/components/PhaseBadge"; import { useRuns } from "@/lib/queries"; ⋮---- import { fmtDuration, shortId } from "@/lib/utils"; import type { InterveneAction, Run } from "@/lib/types"; import { MetaCell } from "./RunDetail"; ⋮---- onSelect= ⋮---- <Button variant="outline" size="md" onClick= <Button variant="ghost" size="m… 证据：`ui/console/src/pages/Hitl.tsx`
- **Topbar**（source_file）：import { Search } from "lucide-react"; import { LiveDot } from "@/components/LiveDot"; import { useHealth } from "@/lib/queries"; import type { ReactNode } from "react"; ⋮---- interface Props { title: string; subtitle?: string; actions?: ReactNode; onCmdK?: = void; } ⋮---- export function Topbar 证据：`ui/console/src/shell/Topbar.tsx`
- **CONSUMERS.md — building a consumer project**（documentation）：CONSUMERS.md — building a consumer project 证据：`CONSUMERS.md`
- **RESTORE — disaster recovery for the AI Orchestrator**（documentation）：RESTORE — disaster recovery for the AI Orchestrator 证据：`RESTORE.md`
- **Security**（documentation）：1. GitHub Security Advisories preferred — open a private advisory at https://github.com/ernesto01louis/ai-orchestrator/security/advisories/new 2. Email the maintainer at louis ernesto@aol.com with subject line starting ai-orchestrator security . 证据：`SECURITY.md`
- **User Prompt**（documentation）：Write a {{language}} script for this task. 证据：`agents/generator/user_prompt.md`
- 其余 14 条证据见 `AI_CONTEXT_PACK.json` 或 `EVIDENCE_INDEX.json`。

## 宿主 AI 必须遵守的规则

- **把本资产当作开工前上下文，而不是运行环境。**：AI Context Pack 只包含证据化项目理解，不包含目标项目的可执行状态。 证据：`CLAUDE.md`, `README.md`, `patches/README.md`
- **回答用户时区分可预览内容与必须安装后才能验证的内容。**：安装前体验的消费者价值来自降低误装和误判，而不是伪装成真实运行。 证据：`CLAUDE.md`, `README.md`, `patches/README.md`

## 用户开工前应该回答的问题

- 你准备在哪个宿主 AI 或本地环境中使用它？
- 你只是想先体验工作流，还是准备真实安装？
- 你最在意的是安装成本、输出质量、还是和现有规则的冲突？

## 验收标准

- 所有能力声明都能回指到 evidence_refs 中的文件路径。
- AI_CONTEXT_PACK.md 没有把预览包装成真实运行。
- 用户能在 3 分钟内看懂适合谁、能做什么、如何开始和风险边界。

---

## Doramagic Context Augmentation

下面内容用于强化 Repomix/AI Context Pack 主体。Human Manual 只提供阅读骨架；踩坑日志会被转成宿主 AI 必须遵守的工作约束。

## Human Manual 骨架

使用规则：这里只是项目阅读路线和显著性信号，不是事实权威。具体事实仍必须回到 repo evidence / Claim Graph。

宿主 AI 硬性规则：
- 不得把页标题、章节顺序、摘要或 importance 当作项目事实证据。
- 解释 Human Manual 骨架时，必须明确说它只是阅读路线/显著性信号。
- 能力、安装、兼容性、运行状态和风险判断必须引用 repo evidence、source path 或 Claim Graph。

- **项目介绍**：importance `high`
  - source_paths: README.md, VISION.md, ARCHITECTURE.md
- **快速开始**：importance `high`
  - source_paths: README.md, requirements.txt, config.example.json, .env.example
- **版本发布历史**：importance `medium`
  - source_paths: CHANGELOG.md, ROADMAP.md
- **系统架构**：importance `high`
  - source_paths: ARCHITECTURE.md, app.py, core/config.py, core/db.py
- **五层记忆系统**：importance `high`
  - source_paths: memory_pkg/__init__.py, memory/identity.md, memory/goals.md, core/note_discovery.py, api/routes/memory.py
- **数据流与清单验证**：importance `medium`
  - source_paths: manifest/__init__.py, manifest/merkle.py, manifest/run_manifest.py, cli/main.py, api/routes/campaigns.py
- **Campaign 系统**：importance `high`
  - source_paths: orchestration/campaign.py, core/campaign.py, api/routes/campaigns.py, campaign_templates/example.yaml
- **引用级证据包**：importance `high`
  - source_paths: evidence/__init__.py, evidence/builder.py, evidence/rocrate.py, evidence/signing.py, evidence/verify.py

## Repo Inspection Evidence / 源码检查证据

- repo_clone_verified: true
- repo_inspection_verified: true
- repo_commit: `f8a0ecfba5a43e97332668d5ae69aa5570aa0d5f`
- inspected_files: `pyproject.toml`, `README.md`, `requirements.txt`, `docs/SOPS.md`, `docs/NOTEDISCOVERY.md`, `docs/MCP_TOOLS.md`, `docs/PLUGINS.md`, `docs/superpowers/specs/2026-05-03-phase-1.3-prefect-integration-design.md`, `docs/superpowers/followups/phase-j-beta-llm-call-fidelity.md`, `docs/superpowers/plans/2026-05-03-phase-1.3-prefect-integration.md`, `docs/superpowers/plans/2026-05-04-phase-1.3-session-handoff.md`, `examples/example-consumer/template.yaml`, `examples/example-consumer/README.md`, `examples/example-consumer/run.py`

宿主 AI 硬性规则：
- 没有 repo_clone_verified=true 时，不得声称已经读过源码。
- 没有 repo_inspection_verified=true 时，不得把 README/docs/package 文件判断写成事实。
- 没有 quick_start_verified=true 时，不得声称 Quick Start 已跑通。

## Doramagic Pitfall Constraints / 踩坑约束

这些规则来自 Doramagic 发现、验证或编译过程中的项目专属坑点。宿主 AI 必须把它们当作工作约束，而不是普通说明文字。

### Constraint 1: 能力判断依赖假设

- Trigger: README/documentation is current enough for a first validation pass.
- Host AI rule: 将假设转成下游验证清单。
- Why it matters: 假设不成立时，用户拿不到承诺的能力。
- Evidence: capability.assumptions | github_repo:1225805640 | https://github.com/ernesto01louis/ai-orchestrator | README/documentation is current enough for a first validation pass.
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 2: 维护活跃度未知

- Trigger: 未记录 last_activity_observed。
- Host AI rule: 补 GitHub 最近 commit、release、issue/PR 响应信号。
- Why it matters: 新项目、停更项目和活跃项目会被混在一起，推荐信任度下降。
- Evidence: evidence.maintainer_signals | github_repo:1225805640 | https://github.com/ernesto01louis/ai-orchestrator | last_activity_observed missing
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 3: 下游验证发现风险项

- Trigger: no_demo
- Host AI rule: 进入安全/权限治理复核队列。
- Why it matters: 下游已经要求复核，不能在页面中弱化。
- Evidence: downstream_validation.risk_items | github_repo:1225805640 | https://github.com/ernesto01louis/ai-orchestrator | no_demo; severity=medium
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 4: 存在评分风险

- Trigger: no_demo
- Host AI rule: 把风险写入边界卡，并确认是否需要人工复核。
- Why it matters: 风险会影响是否适合普通用户安装。
- Evidence: risks.scoring_risks | github_repo:1225805640 | https://github.com/ernesto01louis/ai-orchestrator | no_demo; severity=medium
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 5: issue/PR 响应质量未知

- Trigger: issue_or_pr_quality=unknown。
- Host AI rule: 抽样最近 issue/PR，判断是否长期无人处理。
- Why it matters: 用户无法判断遇到问题后是否有人维护。
- Evidence: evidence.maintainer_signals | github_repo:1225805640 | https://github.com/ernesto01louis/ai-orchestrator | issue_or_pr_quality=unknown
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 6: 发布节奏不明确

- Trigger: release_recency=unknown。
- Host AI rule: 确认最近 release/tag 和 README 安装命令是否一致。
- Why it matters: 安装命令和文档可能落后于代码，用户踩坑概率升高。
- Evidence: evidence.maintainer_signals | github_repo:1225805640 | https://github.com/ernesto01louis/ai-orchestrator | release_recency=unknown
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。