# thorondor - Doramagic AI Context Pack

> 定位：安装前体验与判断资产。它帮助宿主 AI 有一个好的开始，但不代表已经安装、执行或验证目标项目。

## 充分原则

- **充分原则，不是压缩原则**：AI Context Pack 应该充分到让宿主 AI 在开工前理解项目价值、能力边界、使用入口、风险和证据来源；它可以分层组织，但不以最短摘要为目标。
- **压缩策略**：只压缩噪声和重复内容，不压缩会影响判断和开工质量的上下文。

## 给宿主 AI 的使用方式

你正在读取 Doramagic 为 thorondor 编译的 AI Context Pack。请把它当作开工前上下文：帮助用户理解适合谁、能做什么、如何开始、哪些必须安装后验证、风险在哪里。不要声称你已经安装、运行或执行了目标项目。

## Claim 消费规则

- **事实来源**：Repo Evidence + Claim/Evidence Graph；Human Wiki 只提供显著性、术语和叙事结构。
- **事实最低状态**：`supported`
- `supported`：可以作为项目事实使用，但回答中必须引用 claim_id 和证据路径。
- `weak`：只能作为低置信度线索，必须要求用户继续核实。
- `inferred`：只能用于风险提示或待确认问题，不能包装成项目事实。
- `unverified`：不得作为事实使用，应明确说证据不足。
- `contradicted`：必须展示冲突来源，不得替用户强行选择一个版本。

## 它最适合谁

- **正在使用 Claude/Codex/Cursor/Gemini 等宿主 AI 的开发者**：README 或插件配置提到多个宿主 AI。 证据：`README.md` Claim：`clm_0003` supported 0.86
- **希望把专业流程带进宿主 AI 的用户**：仓库包含 Skill 文档。 证据：`.agents/skills/thorondor-web-search/SKILL.md` Claim：`clm_0004` supported 0.86

## 它能做什么

- **AI Skill / Agent 指令资产库**（可做安装前预览）：项目包含可被宿主 AI 读取的 Skill 或 Agent 指令文件，可用于把专业流程带入 Claude、Codex、Cursor 等宿主。 证据：`.agents/skills/thorondor-web-search/SKILL.md` Claim：`clm_0001` supported 0.86
- **命令行启动或安装流程**（需要安装后验证）：项目文档中存在可执行命令，真实使用需要在本地或宿主环境中运行这些命令。 证据：`README.md` Claim：`clm_0002` supported 0.86

## 怎么开始

- `curl -LsSf https://raw.githubusercontent.com/FeanorsCodeSL/thorondor/main/scripts/install.sh | sh` 证据：`README.md` Claim：`clm_0005` supported 0.86
- `git clone <repo-url> thorondor` 证据：`README.md` Claim：`clm_0006` supported 0.86
- `curl example:` 证据：`README.md` Claim：`clm_0007` supported 0.86
- `curl -s -X POST http://localhost:8080/v1/search \` 证据：`README.md` Claim：`clm_0008` supported 0.86

## 继续前判断卡

- **当前建议**：需要管理员/安全审批
- **为什么**：继续前可能涉及密钥、账号、外部服务或敏感上下文，建议先经过管理员或安全审批。

### 30 秒判断

- **现在怎么做**：需要管理员/安全审批
- **最小安全下一步**：先跑 Prompt Preview；若涉及凭证或企业环境，先审批再试装
- **先别相信**：工具权限边界不能在安装前相信。
- **继续会触碰**：命令执行、宿主 AI 配置、本地环境或项目文件

### 现在可以相信

- **适合人群线索：正在使用 Claude/Codex/Cursor/Gemini 等宿主 AI 的开发者**（supported）：有 supported claim 或项目证据支撑，但仍不等于真实安装效果。 证据：`README.md` Claim：`clm_0003` supported 0.86
- **适合人群线索：希望把专业流程带进宿主 AI 的用户**（supported）：有 supported claim 或项目证据支撑，但仍不等于真实安装效果。 证据：`.agents/skills/thorondor-web-search/SKILL.md` Claim：`clm_0004` supported 0.86
- **能力存在：AI Skill / Agent 指令资产库**（supported）：可以相信项目包含这类能力线索；是否适合你的具体任务仍要试用或安装后验证。 证据：`.agents/skills/thorondor-web-search/SKILL.md` Claim：`clm_0001` supported 0.86
- **能力存在：命令行启动或安装流程**（supported）：可以相信项目包含这类能力线索；是否适合你的具体任务仍要试用或安装后验证。 证据：`README.md` Claim：`clm_0002` supported 0.86
- **存在 Quick Start / 安装命令线索**（supported）：可以相信项目文档出现过启动或安装入口；不要因此直接在主力环境运行。 证据：`README.md` Claim：`clm_0005` supported 0.86

### 现在还不能相信

- **工具权限边界不能在安装前相信。**（unverified）：MCP/tool 类项目通常会触碰文件、网络、浏览器或外部 API，必须真实检查权限和日志。
- **真实输出质量不能在安装前相信。**（unverified）：Prompt Preview 只能展示引导方式，不能证明真实项目中的结果质量。
- **宿主 AI 版本兼容性不能在安装前相信。**（unverified）：Claude、Cursor、Codex、Gemini 等宿主加载规则和版本差异必须在真实环境验证。
- **不会污染现有宿主 AI 行为，不能直接相信。**（inferred）：Skill、plugin、AGENTS/CLAUDE/GEMINI 指令可能改变宿主 AI 的默认行为。 证据：`.agents/skills/thorondor-web-search/SKILL.md`, `AGENTS.md`, `CLAUDE.md`
- **可安全回滚不能默认相信。**（unverified）：除非项目明确提供卸载和恢复说明，否则必须先在隔离环境验证。
- **真实安装后是否与用户当前宿主 AI 版本兼容？**（unverified）：兼容性只能通过实际宿主环境验证。
- **项目输出质量是否满足用户具体任务？**（unverified）：安装前预览只能展示流程和边界，不能替代真实评测。
- **安装命令是否需要网络、权限或全局写入？**（unverified）：这影响企业环境和个人环境的安装风险。 证据：`README.md`

### 继续会触碰什么

- **命令执行**：包管理器、网络下载、本地插件目录、项目配置或用户主目录。 原因：运行第一条命令就可能产生环境改动；必须先判断是否值得跑。 证据：`README.md`
- **宿主 AI 配置**：Claude/Codex/Cursor/Gemini/OpenCode 等宿主的 plugin、Skill 或规则加载配置。 原因：宿主配置会改变 AI 后续工作方式，可能和用户已有规则冲突。 证据：`.agents/skills/thorondor-web-search/SKILL.md`, `AGENTS.md`, `CLAUDE.md`
- **本地环境或项目文件**：安装结果、插件缓存、项目配置或本地依赖目录。 原因：安装前无法证明写入范围和回滚方式，需要隔离验证。 证据：`README.md`
- **环境变量 / API Key**：项目入口文档明确出现 API key、token、secret 或账号凭证配置。 原因：如果真实安装需要凭证，应先使用测试凭证并经过权限/合规判断。 证据：`README.md`, `docs/architecture/configuration-reference.md`, `docs/architecture/deployment.md`, `docs/architecture/security.md` 等
- **宿主 AI 上下文**：AI Context Pack、Prompt Preview、Skill 路由、风险规则和项目事实。 原因：导入上下文会影响宿主 AI 后续判断，必须避免把未验证项包装成事实。

### 最小安全下一步

- **先跑 Prompt Preview**：用安装前交互式试用判断工作方式是否匹配，不需要授权或改环境。（适用：任何项目都适用，尤其是输出质量未知时。）
- **只在隔离目录或测试账号试装**：避免安装命令污染主力宿主 AI、真实项目或用户主目录。（适用：存在命令执行、插件配置或本地写入线索时。）
- **先备份宿主 AI 配置**：Skill、plugin、规则文件可能改变 Claude/Cursor/Codex 的默认行为。（适用：存在插件 manifest、Skill 或宿主规则入口时。）
- **不要使用真实生产凭证**：环境变量/API key 一旦进入宿主或工具链，可能产生账号和合规风险。（适用：出现 API、TOKEN、KEY、SECRET 等环境线索时。）
- **安装后只验证一个最小任务**：先验证加载、兼容、输出质量和回滚，再决定是否深用。（适用：准备从试用进入真实工作流时。）

### 退出方式

- **保留安装前状态**：记录原始宿主配置和项目状态，后续才能判断是否可恢复。
- **准备移除宿主 plugin / Skill / 规则入口**：如果试装后行为异常，可以把宿主 AI 恢复到试装前状态。
- **记录安装命令和写入路径**：没有明确卸载说明时，至少要知道哪些目录或配置需要手动清理。
- **准备撤销测试 API key 或 token**：测试凭证泄露或误用时，可以快速止损。
- **如果没有回滚路径，不进入主力环境**：不可回滚是继续前阻断项，不应靠信任或运气继续。

## 哪些只能预览

- 解释项目适合谁和能做什么
- 基于项目文档演示典型对话流程
- 帮助用户判断是否值得安装或继续研究

## 哪些必须安装后验证

- 真实安装 Skill、插件或 CLI
- 执行脚本、修改本地文件或访问外部服务
- 验证真实输出质量、性能和兼容性

## 边界与风险判断卡

- **把安装前预览误认为真实运行**：用户可能高估项目已经完成的配置、权限和兼容性验证。 处理方式：明确区分 prompt_preview_can_do 与 runtime_required。 Claim：`clm_0009` inferred 0.45
- **命令执行会修改本地环境**：安装命令可能写入用户主目录、宿主插件目录或项目配置。 处理方式：先在隔离环境或测试账号中运行。 证据：`README.md` Claim：`clm_0010` supported 0.86
- **待确认**：真实安装后是否与用户当前宿主 AI 版本兼容？。原因：兼容性只能通过实际宿主环境验证。
- **待确认**：项目输出质量是否满足用户具体任务？。原因：安装前预览只能展示流程和边界，不能替代真实评测。
- **待确认**：安装命令是否需要网络、权限或全局写入？。原因：这影响企业环境和个人环境的安装风险。

## 开工前工作上下文

### 加载顺序

- 先读取 how_to_use.host_ai_instruction，建立安装前判断资产的边界。
- 读取 claim_graph_summary，确认事实来自 Claim/Evidence Graph，而不是 Human Wiki 叙事。
- 再读取 intended_users、capabilities 和 quick_start_candidates，判断用户是否匹配。
- 需要执行具体任务时，优先查 role_skill_index，再查 evidence_index。
- 遇到真实安装、文件修改、网络访问、性能或兼容性问题时，转入 risk_card 和 boundaries.runtime_required。

### 任务路由

- **AI Skill / Agent 指令资产库**：先基于 role_skill_index / evidence_index 帮用户挑选可用角色、Skill 或工作流。 边界：可做安装前 Prompt 体验。 证据：`.agents/skills/thorondor-web-search/SKILL.md` Claim：`clm_0001` supported 0.86
- **命令行启动或安装流程**：先说明这是安装后验证能力，再给出安装前检查清单。 边界：必须真实安装或运行后验证。 证据：`README.md` Claim：`clm_0002` supported 0.86

### 上下文规模

- 文件总数：166
- 重要文件覆盖：40/166
- 证据索引条目：79
- 角色 / Skill 条目：1

### 证据不足时的处理

- **missing_evidence**：说明证据不足，要求用户提供目标文件、README 段落或安装后验证记录；不要补全事实。
- **out_of_scope_request**：说明该任务超出当前 AI Context Pack 证据范围，并建议用户先查看 Human Manual 或真实安装后验证。
- **runtime_request**：给出安装前检查清单和命令来源，但不要替用户执行命令或声称已执行。
- **source_conflict**：同时展示冲突来源，标记为待核实，不要强行选择一个版本。

## Prompt Recipes

### 适配判断

- 目标：判断这个项目是否适合用户当前任务。
- 预期输出：适配结论、关键理由、证据引用、安装前可预览内容、必须安装后验证内容、下一步建议。

```text
请基于 thorondor 的 AI Context Pack，先问我 3 个必要问题，然后判断它是否适合我的任务。回答必须包含：适合谁、能做什么、不能做什么、是否值得安装、证据来自哪里。所有项目事实必须引用 evidence_refs、source_paths 或 claim_id。
```

### 安装前体验

- 目标：让用户在安装前感受核心工作流，同时避免把预览包装成真实能力或营销承诺。
- 预期输出：一段带边界标签的体验剧本、安装后验证清单和谨慎建议；不含真实运行承诺或强营销表述。

```text
请把 thorondor 当作安装前体验资产，而不是已安装工具或真实运行环境。

请严格输出四段：
1. 先问我 3 个必要问题。
2. 给出一段“体验剧本”：用 [安装前可预览]、[必须安装后验证]、[证据不足] 三种标签展示它可能如何引导工作流。
3. 给出安装后验证清单：列出哪些能力只有真实安装、真实宿主加载、真实项目运行后才能确认。
4. 给出谨慎建议：只能说“值得继续研究/试装”“先补充信息后再判断”或“不建议继续”，不得替项目背书。

硬性边界：
- 不要声称已经安装、运行、执行测试、修改文件或产生真实结果。
- 不要写“自动适配”“确保通过”“完美适配”“强烈建议安装”等承诺性表达。
- 如果描述安装后的工作方式，必须使用“如果安装成功且宿主正确加载 Skill，它可能会……”这种条件句。
- 体验剧本只能写成“示例台词/假设流程”：使用“可能会询问/可能会建议/可能会展示”，不要写“已写入、已生成、已通过、正在运行、正在生成”。
- Prompt Preview 不负责给安装命令；如用户准备试装，只能提示先阅读 Quick Start 和 Risk Card，并在隔离环境验证。
- 所有项目事实必须来自 supported claim、evidence_refs 或 source_paths；inferred/unverified 只能作风险或待确认项。

```

### 角色 / Skill 选择

- 目标：从项目里的角色或 Skill 中挑选最匹配的资产。
- 预期输出：候选角色或 Skill 列表，每项包含适用场景、证据路径、风险边界和是否需要安装后验证。

```text
请读取 role_skill_index，根据我的目标任务推荐 3-5 个最相关的角色或 Skill。每个推荐都要说明适用场景、可能输出、风险边界和 evidence_refs。
```

### 风险预检

- 目标：安装或引入前识别环境、权限、规则冲突和质量风险。
- 预期输出：环境、权限、依赖、许可、宿主冲突、质量风险和未知项的检查清单。

```text
请基于 risk_card、boundaries 和 quick_start_candidates，给我一份安装前风险预检清单。不要替我执行命令，只说明我应该检查什么、为什么检查、失败会有什么影响。
```

### 宿主 AI 开工指令

- 目标：把项目上下文转成一次对话开始前的宿主 AI 指令。
- 预期输出：一段边界明确、证据引用明确、适合复制给宿主 AI 的开工前指令。

```text
请基于 thorondor 的 AI Context Pack，生成一段我可以粘贴给宿主 AI 的开工前指令。这段指令必须遵守 not_runtime=true，不能声称项目已经安装、运行或产生真实结果。
```

## 角色 / Skill 索引

- 共索引 1 个角色 / Skill / 项目文档条目。

- **thorondor-web-search**（skill）：Use Thorondor as a local semantic live-web search system through REST or MCP, returning citation-bearing passages. Use when the user asks to search the live web with this repo, query the local Thorondor service, call POST /search, or use the MCP web search tool. 激活提示：当用户任务与“thorondor-web-search”描述的流程高度相关时，先用它做安装前体验，再决定是否安装。 证据：`.agents/skills/thorondor-web-search/SKILL.md`

## 证据索引

- 共索引 79 条证据。

- **Thorondor**（documentation）：Public alpha: Thorondor is ready for local self-hosted evaluation, but it is not a managed production service. It does not include built-in endpoint authentication or rate limiting; expose it only behind your own proxy/security layer. 证据：`README.md`
- **Cluster-Semantic Goldens**（documentation）：Regenerate the reviewed cluster-semantic@1 goldens only when deliberately accepting behavior drift: 证据：`semantic-chunking-service/tests/golden/README.md`
- **Repository Guidelines**（documentation）：Project Structure & Module Organization 证据：`AGENTS.md`
- **CLAUDE.md**（documentation）：This file gives Claude Code repo-specific context for thorondor . 证据：`CLAUDE.md`
- **Configuration Reference**（documentation）：All environment variables must be present in .env and .env.llamacpp or .env.production for the selected Compose overlay . The Python settings loader raises RuntimeError on startup for any missing key — including keys that are intentionally blank. Leave optional keys set to an empty string rather than deleting them. 证据：`docs/architecture/configuration-reference.md`
- **Dependencies**（documentation）：mermaid graph LR Client Client / Agent 证据：`docs/architecture/dependencies.md`
- **Deployment Guide**（documentation）：Thorondor uses two Compose files that can be stacked: 证据：`docs/architecture/deployment.md`
- **Architecture Overview**（documentation）：Thorondor is a self-hosted semantic web-search service designed for agent workflows that require live web evidence with provenance. It solves the problem of agents needing up-to-date, cited information from the open web without depending on commercial hosted APIs Exa, Tavily, Bing Search, etc. that introduce data residency concerns, rate limits, and vendor lock-in. 证据：`docs/architecture/overview.md`
- **Pipeline Workflow**（documentation）：The following diagram shows the complete path of a single search request from client to response across all services. 证据：`docs/architecture/pipeline-workflow.md`
- **Security Architecture**（documentation）：Thorondor operates at the boundary between an agent's query and the open web. The primary threats specific to this architecture are: 证据：`docs/architecture/security.md`
- **Contributing**（documentation）：Thorondor is a Python/FastAPI project split into an orchestrator service, a semantic chunking service, and a minimal SSRF egress proxy. 证据：`CONTRIBUTING.md`
- **Thorondor Web Search**（skill_instruction）：Use Thorondor only after confirming the local service is reachable: 证据：`.agents/skills/thorondor-web-search/SKILL.md`
- **License**（source_file）：Copyright c 2026 Thorondor contributors 证据：`LICENSE`
- **Security Policy**（documentation）：Thorondor is intended for self-hosted use. The default Compose configuration binds the orchestrator to 127.0.0.1 ; do not expose it to an untrusted network without a reverse proxy that provides TLS, authentication, authorization, and rate limiting. 证据：`SECURITY.md`
- **Restyle Thorondor TUI to match Imladris visual & navigation**（documentation）：Restyle Thorondor TUI to match Imladris visual & navigation 证据：`docs/plans/imladris-style-tui.md`
- **Public Readiness Fixes**（documentation）：Goal Resolve the public-readiness findings from the adversarial repo review so the repository can be published as a clearly documented public alpha without obvious release, licensing, security, or CI gaps. 证据：`docs/plans/public-readiness-fixes.md`
- **Remove Comments from Code**（documentation）：Goal Remove all comment-like text from code, Dockerfiles, shell scripts, and config files Python, PowerShell, bash, Dockerfile, YAML, TOML, .env , .properties , .tcss . Documentation stays in .md files only. After this change, the code is the only artifact that describes the implementation. 证据：`docs/plans/remove-comments-from-code.md`
- **Single-Commit Public Republish**（documentation）：Goal Preserve the current full-history Thorondor repository as a private archive, then publish a clean public FeanorsCodeSL/thorondor repository containing only the final approved source tree as a single initial commit. Recreate the public repository metadata, CI, release surfaces, and branch protections after publication. 证据：`docs/plans/single-commit-public-republish.md`
- **Thorondor GHCR Release Images**（documentation）：Goal Publish Thorondor first-party runtime images to GHCR and provide a production Compose slice that Tengwar can consume without building from source or mounting the Thorondor source tree. 证据：`docs/plans/thorondor-ghcr-release-images.md`
- **Thorondor Installer + TUI Configurator**（documentation）：Thorondor Installer + TUI Configurator 证据：`docs/plans/thorondor-installer-wizard.md`
- **Thorondor local configuration.**（source_file）：Thorondor local configuration. Every key used by Compose and the Python settings loader is explicit here. Leave optional API keys and filters blank only when intentionally disabled. 证据：`.env.example`
- **Thorondor llama.cpp local model configuration.**（source_file）：Thorondor llama.cpp local model configuration. Copy this to .env.llamacpp, then place the referenced GGUF files under ./models. 证据：`.env.llamacpp.example`
- **Thorondor production image deployment overlay.**（source_file）：Thorondor production image deployment overlay. Load after .env.example: docker compose --env-file .env.example --env-file .env.production.example -f docker-compose.production.yml config 证据：`.env.production.example`
- **Docker Compose**（source_file）：name: thorondor x-internal: &internal restart: unless-stopped networks: internal services: egress-proxy: restart: unless-stopped build: context: ./ssrf-proxy dockerfile: Dockerfile networks: internal, egress environment: PROXY LOG LEVEL: "${PROXY LOG LEVEL}" PROXY HOST: "${PROXY HOST}" PROXY PORT: "${PROXY PORT}" PROXY MAX HEADER BYTES: "${PROXY MAX HEADER BYTES}" PROXY READ CHUNK BYTES: "${PROXY READ CHUNK BYTES}" PROXY RELAY CHUNK BYTES: "${PROXY RELAY CHUNK BYTES}" PROXY BLOCKED IP CATEGORIES: "${PROXY BLOCKED IP CATEGORIES}" PROXY BLOCKED SPECIAL IPS: "${PROXY BLOCKED SPECIAL IPS}" PROXY NAT64 NETWORKS: "${PROXY NAT64 NETWORKS}" PROXY SIX TO FOUR NETWORKS: "${PROXY SIX TO FOUR NETWORKS}… 证据：`docker-compose.yml`
- **App**（source_file）：@asynccontextmanager async def lifespan app: FastAPI ⋮---- app = FastAPI title="thorondor", lifespan=lifespan, redirect slashes=False deps = None settings = None health client: httpx.AsyncClient None = None ⋮---- @app.middleware "http" async def route mcp without redirect request: Request, call next ⋮---- request id = request.headers.get "X-Request-ID" or new request id token = set request id request id ⋮---- response = await call next request ⋮---- def get settings ⋮---- settings = load settings ⋮---- def get deps ⋮---- deps = build deps from settings get settings ⋮---- def get health client - httpx.AsyncClient ⋮---- s = get settings health client = httpx.AsyncClient ⋮---- async def close… 证据：`orchestrator/app.py`
- **Mcp Server**（source_file）：mcp = FastMCP "thorondor", streamable http path="/", stateless http=True deps override = None ⋮---- def set deps deps - None ⋮---- deps override = deps ⋮---- def get deps ⋮---- request data = { request = SearchRequest {key: value for key, value in request data.items if value is not None} response = await run search request, get deps ⋮---- def main - None 证据：`orchestrator/mcp_server.py`
- **Pipeline**（source_file）：logger = logging.getLogger name ⋮---- class SearchDependencyUnavailable Exception ⋮---- def init self, dependency: str, reason: str ⋮---- @dataclass class PipelineDeps ⋮---- planner: QueryPlanner discovery: SearchDiscovery selector: SelectionPolicy extractor: ContentExtractor markdown cleaner: MarkdownCleaner chunker: SemanticChunker candidate prefilter: CandidatePrefilter reranker: Reranker assembler: ResultAssembler default token budget: int default max urls: int max subqueries: int profile defaults: dict str, dict str, int blocklist: set str url safety: Callable list DiscoveryResult , list DiscoveryResult relevance score floor: float None domain allowlist: set str None allowlist only: bo… 证据：`orchestrator/pipeline.py`
- **App**（source_file）：HELP = """thorondor - configure and deploy the Thorondor search stack. ⋮---- def extract project dir args: list str - tuple Path None, list str ⋮---- remaining: list str = project dir: Path None = None index = 0 ⋮---- arg = args index ⋮---- project dir = Path args index + 1 ⋮---- project dir = Path arg.partition "=" 2 ⋮---- def doctor project dir: str Path None = None - int ⋮---- project = resolve project dir project dir ⋮---- draft = load draft project.root issues = compute issues draft, {} ⋮---- def run tui project dir: str Path None = None - int ⋮---- def human bytes n: int - str ⋮---- units = "B", "KB", "MB", "GB", "TB" size = float n ⋮---- def download models command project dir: str P… 证据：`thorondor_cli/app.py`
- **Catalog**（source_file）：DependencyKind = Literal "embedding", "reranker", "llm" ⋮---- @dataclass frozen=True class CatalogEntry ⋮---- key: str display name: str kind: DependencyKind default base url: str default model: str health path: str = "/health" rerank path: str = "/rerank" needs token: bool = False ⋮---- CATALOG: tuple CatalogEntry, ... = ⋮---- def entries for kind: DependencyKind - list CatalogEntry ⋮---- def get entry key: str - CatalogEntry None 证据：`thorondor_cli/catalog.py`
- **Deploy**（source_file）：class DeployError RuntimeError ⋮---- @dataclass frozen=True class ComposePlan ⋮---- project dir: Path compose files: list str env files: list str profile: str ⋮---- @dataclass frozen=True class DeployProgress ⋮---- step: str message: str ⋮---- def compose plan project dir: str Path, draft: Draft None = None - ComposePlan ⋮---- root = Path project dir .expanduser .resolve draft = draft or load draft root compose files = "docker-compose.yml", compose overlays draft env files = ".env" profile = draft.profile ⋮---- def compose args plan: ComposePlan - list str ⋮---- args = "compose" ⋮---- def orchestrator url env: dict str, str , path: str - str ⋮---- host = env.get "ORCHESTRATOR HOST", "127.0.… 证据：`thorondor_cli/deploy.py`
- **Envfile**（source_file）：ENV TEMPLATE = "env.example" LLAMACPP TEMPLATE = "env.llamacpp.example" PRODUCTION TEMPLATE = "env.production.example" TEMPLATE FILENAMES = { ⋮---- KEY RE = re.compile r"^ A-Za-z A-Za-z0-9 $" ⋮---- def template repo path project dir: Path None, template name: str - Path None ⋮---- filename = TEMPLATE FILENAMES template name candidate = Path project dir .expanduser .resolve / filename ⋮---- def template text template name: str, project dir: str Path None = None - str ⋮---- """Return template content, preferring repo-root copies when present.""" project path = Path project dir .expanduser .resolve if project dir else None repo path = template repo path project path, template name ⋮---- def st… 证据：`thorondor_cli/envfile.py`
- **Mcp Proxy**（source_file）：mcp = FastMCP "thorondor" ⋮---- def base url - str ⋮---- def headers - dict str, str ⋮---- api key = os.environ.get "THORONDOR API KEY", "" .strip ⋮---- request data = { payload = {key: value for key, value in request data.items if value is not None} ⋮---- response = await client.post ⋮---- def main - None 证据：`thorondor_cli/mcp_proxy.py`
- **Probe**（source_file）：ProbeStatus = Literal "ok", "auth error", "unreachable", "model not found", "other" ⋮---- @dataclass frozen=True class ProbeResult ⋮---- status: ProbeStatus detail: str = "" ⋮---- def auth headers token: str None - dict str, str ⋮---- def clean detail text: str, token: str None - str ⋮---- def status from response response: httpx.Response, token: str None - ProbeResult ⋮---- detail = f"HTTP {response.status code}" body = clean detail response.text :240 , token ⋮---- def post json url: str, payload: dict, token: str None, timeout: float = 30 - ProbeResult ⋮---- response = httpx.post url, json=payload, headers= auth headers token , timeout=timeout ⋮---- def list models base url: str, token: s… 证据：`thorondor_cli/probe.py`
- **Chunker Client**（source_file）：class ChunkerUnavailable Exception ⋮---- class ChunkerClient ⋮---- def init self, base url: str, client: httpx.AsyncClient None = None, api key: str None = None ⋮---- async def aclose self - None ⋮---- async def chunk self, pages: list Page - list Chunk ⋮---- chunks: list Chunk = headers = {"Authorization": f"Bearer {self.api key}"} if self.api key else None headers = request id headers headers ⋮---- response = await self. client.post ⋮---- payload = response.json chunk strategy = payload.get "chunk strategy" or payload.get "strategy version" embedding degraded = bool payload.get "embedding degraded", False ⋮---- metadata = item.get "metadata", {} raw source id = metadata.get "source id", p… 证据：`orchestrator/clients/chunker_client.py`
- **Crawl4Ai Client**（source_file）：logger = logging.getLogger name ⋮---- REDIRECT STATUS CODES = {301, 302, 303, 307, 308} ⋮---- class Crawl4aiExtractor ⋮---- timeout = httpx.Timeout ⋮---- async def aclose self - None ⋮---- async def extract self, urls: list str - list Page ⋮---- semaphore = asyncio.Semaphore self.concurrency host semaphores: dict str, asyncio.Semaphore = defaultdict tasks = ⋮---- def crawl payload self, url: str - dict ⋮---- @staticmethod def result items payload: dict - list dict ⋮---- results = payload.get "results" ⋮---- @staticmethod def markdown from result item: dict, payload: dict - str ⋮---- markdown = item.get "markdown" or payload.get "markdown" ⋮---- @staticmethod def html from result item: dict,… 证据：`orchestrator/clients/crawl4ai_client.py`
- **Searxng Client**（source_file）：class DiscoveryUnavailable Exception ⋮---- SEARXNG INTERNAL HEADERS = {"X-Real-IP": "127.0.0.1"} ⋮---- class SearxngDiscovery ⋮---- def init self, base url: str, client: httpx.AsyncClient None = None, api key: str None = None ⋮---- async def aclose self - None ⋮---- async def search self, subquery: str, freshness: str None = None - list DiscoveryResult ⋮---- params = {"q": subquery, "format": "json"} ⋮---- headers = dict SEARXNG INTERNAL HEADERS ⋮---- headers = request id headers headers ⋮---- response = await self. client.get f"{self.base url}/search", params=params, headers=headers ⋮---- payload = response.json results = ⋮---- score = float item.get "score" or 0.0 ⋮---- score = 1.0 / rank… 证据：`orchestrator/clients/searxng_client.py`
- **App**（source_file）：settings = load settings ⋮---- logger = logging.getLogger "chunking-service" ⋮---- app = FastAPI title="Semantic Chunking Service" ⋮---- embedder = EmbeddingFunction ⋮---- @app.middleware "http" async def request id middleware request: Request, call next ⋮---- request id = request.headers.get "X-Request-ID" or new request id token = set request id request id ⋮---- response = await call next request ⋮---- def length text: str - int ⋮---- @app.get "/healthz" def healthz ⋮---- @app.post "/chunk", responses={400: {"description": "Unknown or invalid chunking strategy"}} def chunk req: ChunkRequest - ChunkResponse ⋮---- version = req.strategy version or settings.default strategy version ⋮---- ove… 证据：`semantic-chunking-service/chunking/app.py`
- **Docker Compose**（source_file）：name: thorondor x-internal: &internal restart: unless-stopped networks: internal services: egress-proxy: restart: unless-stopped image: "${THORONDOR EGRESS PROXY IMAGE}" networks: internal, egress environment: PROXY LOG LEVEL: "${PROXY LOG LEVEL}" PROXY HOST: "${PROXY HOST}" PROXY PORT: "${PROXY PORT}" PROXY MAX HEADER BYTES: "${PROXY MAX HEADER BYTES}" PROXY READ CHUNK BYTES: "${PROXY READ CHUNK BYTES}" PROXY RELAY CHUNK BYTES: "${PROXY RELAY CHUNK BYTES}" PROXY BLOCKED IP CATEGORIES: "${PROXY BLOCKED IP CATEGORIES}" PROXY BLOCKED SPECIAL IPS: "${PROXY BLOCKED SPECIAL IPS}" PROXY NAT64 NETWORKS: "${PROXY NAT64 NETWORKS}" PROXY SIX TO FOUR NETWORKS: "${PROXY SIX TO FOUR NETWORKS}" PROXY IPV… 证据：`thorondor_cli/assets/docker-compose.yml`
- **App**（source_file）：HarnessStatus = dict str, bool DraftLoader = Callable ..., Draft ⋮---- class ThorondorApp App int ⋮---- CSS PATH = "thorondor.tcss" TITLE = "thorondor" SUB TITLE = "Search Stack Configurator" ⋮---- def on mount self - None ⋮---- def refresh dashboard state self - None ⋮---- def detect harnesses self - HarnessStatus 证据：`thorondor_cli/tui/app.py`
- **Deploy**（source_file）：class DeployScreen ArrowNavigationMixin, Screen None ⋮---- BINDINGS = ARROW NAV BINDINGS, "escape", "cancel", "Back" ⋮---- def compose self - ComposeResult ⋮---- def on mount self - None ⋮---- def on button pressed self, event: Button.Pressed - None ⋮---- def action run self - None ⋮---- log = self.query one " deploy-log", Static lines: list str = ⋮---- def action cancel self - None ⋮---- def refresh dashboard widget self - None ⋮---- refresh = getattr self. dashboard, "refresh dashboard", None 证据：`thorondor_cli/tui/screens/deploy.py`
- **Code of Conduct**（documentation）：Contributors are expected to keep discussion technical, respectful, and focused on improving the project. 证据：`CODE_OF_CONDUCT.md`
- **Third-Party Notices**（documentation）：This file records the third-party components intentionally referenced by the Thorondor source distribution. It is engineering inventory, not legal advice. The repository does not vendor Python wheels, third-party container image layers, or model weights; binary or container distributors should attach their own generated SBOM for the exact artifacts they ship. 证据：`THIRD-PARTY-NOTICES.md`
- **Test Chunker Client**（source_file）：def test flattens chunks with provenance monkeypatch ⋮---- seen = {} ⋮---- def handler req ⋮---- transport = httpx.MockTransport handler real async client = httpx.AsyncClient ⋮---- out = anyio.run ChunkerClient "http://chunker:8000" .chunk, Page "https://a.test", "A", "md", 7 ⋮---- def test non 200 raises monkeypatch ⋮---- transport = httpx.MockTransport lambda req: httpx.Response 500, json={} ⋮---- def test per page 4xx skips page and continues monkeypatch ⋮---- source url = json.loads req.content "metadata" "source url" ⋮---- out = anyio.run ⋮---- def test api key is sent as bearer header monkeypatch ⋮---- def test request id is forwarded monkeypatch ⋮---- token = set request id "req-456" 证据：`orchestrator/tests/test_chunker_client.py`
- **Test Crawl4Ai Client**（source_file）：def extractor kwargs - Crawl4aiExtractor ⋮---- policy = UrlSafetyPolicy values = { ⋮---- def test partial failures do not sink batch monkeypatch ⋮---- def handler req ⋮---- payload = json.loads req.read .decode ⋮---- transport = httpx.MockTransport handler real async client = httpx.AsyncClient ⋮---- out = anyio.run ⋮---- def test uses crawl4ai docker api payload monkeypatch ⋮---- seen = ⋮---- def test request id is forwarded to crawl4ai monkeypatch ⋮---- seen = {} ⋮---- payload = json.loads req.content ⋮---- token = set request id "req-crawl" ⋮---- def test can disable crawl4ai robots flag monkeypatch ⋮---- def test unsafe redirected url is dropped monkeypatch ⋮---- def test http redirect t… 证据：`orchestrator/tests/test_crawl4ai_client.py`
- **Test Pipeline**（source_file）：class StaticDiscovery ⋮---- def init self, urls: list str ⋮---- async def search self, subquery: str, freshness: str None = None ⋮---- class RecordingExtractor ⋮---- def init self ⋮---- async def extract self, urls: list str - list Page ⋮---- class CountingDiscovery ⋮---- class ManyPlanner ⋮---- async def plan self, query: str - list str ⋮---- class SinglePageExtractor ⋮---- class DuplicateBodyExtractor ⋮---- class ChromeExtractor ⋮---- class FallbackChunker ⋮---- async def chunk self, pages: list Page - list Chunk ⋮---- class RecordingChunker ⋮---- class ManyChunker ⋮---- chunks: list Chunk = ⋮---- text = "Oppenheimer was born in New York City" if position == 3 else f"filler {position}" ⋮-… 证据：`orchestrator/tests/test_pipeline.py`
- **Test Searxng Client**（source_file）：def test parses searxng json and freshness monkeypatch ⋮---- seen = {} ⋮---- def handler req ⋮---- transport = httpx.MockTransport handler real async client = httpx.AsyncClient ⋮---- out = anyio.run SearxngDiscovery "http://searxng:8080" .search, "q", "week" ⋮---- def test non 200 raises monkeypatch ⋮---- transport = httpx.MockTransport lambda req: httpx.Response 500, json={} ⋮---- def test zero scores fall back to rank order monkeypatch ⋮---- out = anyio.run SearxngDiscovery "http://searxng:8080" .search, "q" ⋮---- def test api key is sent as bearer header monkeypatch ⋮---- def test request id is forwarded monkeypatch ⋮---- token = set request id "req-101" 证据：`orchestrator/tests/test_searxng_client.py`
- **Test App**（source_file）：class FakeEmbedder ⋮---- def call self, texts ⋮---- def health check self ⋮---- @pytest.fixture def client monkeypatch ⋮---- def test chunk happy path passes metadata and version client ⋮---- r = client.post "/chunk", json={ ⋮---- body = r.json ⋮---- first = body "chunks" 0 ⋮---- def test embedding failure surfaces fallback marker monkeypatch ⋮---- class DownEmbedder ⋮---- client = TestClient appmod.app ⋮---- r = client.post "/chunk", json={"text": "Alpha beta gamma. " 80} ⋮---- def test unknown strategy version is 400 client ⋮---- r = client.post "/chunk", json={"text": "hi there friend", "strategy version": "nope@9"} ⋮---- def test oversized chunk text is 422 client ⋮---- r = client.post… 证据：`semantic-chunking-service/tests/test_app.py`
- **Test Deploy**（source_file）：def make project tmp path ⋮---- root = tmp path / "thorondor" ⋮---- def test compose args include env files profiles and overlays tmp path ⋮---- root = make project tmp path ⋮---- plan = compose plan root args = compose args plan ⋮---- def test deploy runs config build up sequence monkeypatch, tmp path ⋮---- calls = ⋮---- def runner command, kwargs ⋮---- class FakeResponse ⋮---- def init self, status code=200, payload=None ⋮---- def json self ⋮---- def raise for status self ⋮---- class FakeClient ⋮---- def init self, responses ⋮---- def get self, url ⋮---- def post self, url, json ⋮---- def close self ⋮---- def test wait for health passes only when all dependencies true ⋮---- payload = {"de… 证据：`thorondor_cli/tests/test_deploy.py`
- **Test Envfile**（source_file）：def test seed from bundled template loads required keys outside repo tmp path, monkeypatch ⋮---- values = seed from example ⋮---- def test write env preserves existing secret and quotes values tmp path ⋮---- target = tmp path / ".env" ⋮---- template = {"SEARXNG SECRET": "", "DOMAIN BLOCKLIST": "", "EXTRA": ""} ⋮---- values = read env target ⋮---- def test missing file created at 0600 tmp path 证据：`thorondor_cli/tests/test_envfile.py`
- **Test Mcp Proxy**（source_file）：respx = pytest.importorskip "respx" ⋮---- @respx.mock def test web search forwards non none args monkeypatch ⋮---- route = respx.post "http://thorondor.test/v1/search" .mock ⋮---- result = asyncio.run mcp proxy.web search "x", token budget=10, max urls=None ⋮---- @respx.mock def test web search returns structured error on unreachable monkeypatch ⋮---- result = asyncio.run mcp proxy.web search "x" ⋮---- def test web search signature matches orchestrator 证据：`thorondor_cli/tests/test_mcp_proxy.py`
- **Test Probe**（source_file）：respx = pytest.importorskip "respx" ⋮---- @respx.mock def test embedding probe maps success and auth error ⋮---- result = probe embedding "http://auth.test", "bge", "secret" ⋮---- @respx.mock def test reranker probe sends production body and flags bad model ⋮---- route = respx.post "http://rank.test/rerank" .mock ⋮---- result = probe reranker "http://rank.test", "/health", "/rerank", "bad-model", "token" ⋮---- @respx.mock def test list models parses openai and bare list shapes ⋮---- @respx.mock def test llm probe transport error maps unreachable ⋮---- def test host rewrite preserves scheme port path query 证据：`thorondor_cli/tests/test_probe.py`
- **Secrets - NEVER commit credentials**（source_file）：Secrets - NEVER commit credentials After running git rm --cached .env, new .env files won't be tracked .env .env.local .env.llamacpp .env.production .env. .local secrets.env Keep template for documentation !secrets.template.env !.env.llamacpp.example 证据：`.gitignore`
- **Docker Compose.Llamacpp**（source_file）：name: thorondor services: orchestrator: environment: RERANKER ENDPOINT: "http://reranker:8080" RERANKER MODEL: "${LLAMACPP RERANKER ALIAS}" RERANKER PATH: "/reranking" RERANKER HEALTH PATH: "/health" chunker: environment: EMBEDDING ENDPOINT: "http://embedding:8080" EMBEDDING MODEL: "${LLAMACPP EMBEDDING ALIAS}" embedding: profiles: "llamacpp-models" image: "${LLAMACPP IMAGE}" volumes: - ./models:/models:ro command: - "-m" - "${LLAMACPP EMBEDDING MODEL}" - "--host" - "0.0.0.0" - "--port" - "8080" - "--embedding" - "--pooling" - "${LLAMACPP EMBEDDING POOLING}" - "-ub" - "${LLAMACPP UBATCH}" - "-c" - "${LLAMACPP EMBEDDING CONTEXT}" reranker: profiles: "llamacpp-models" image: "${LLAMACPP IMAGE… 证据：`docker-compose.llamacpp.yml`
- **Docker Compose.Production**（source_file）：name: thorondor x-thorondor-internal: &thorondor-internal restart: unless-stopped networks: thorondor-internal services: thorondor-egress-proxy: restart: unless-stopped image: "${THORONDOR EGRESS PROXY IMAGE}" networks: - thorondor-internal - thorondor-egress environment: PROXY LOG LEVEL: "${PROXY LOG LEVEL}" PROXY HOST: "${PROXY HOST}" PROXY PORT: "${PROXY PORT}" PROXY MAX HEADER BYTES: "${PROXY MAX HEADER BYTES}" PROXY READ CHUNK BYTES: "${PROXY READ CHUNK BYTES}" PROXY RELAY CHUNK BYTES: "${PROXY RELAY CHUNK BYTES}" PROXY BLOCKED IP CATEGORIES: "${PROXY BLOCKED IP CATEGORIES}" PROXY BLOCKED SPECIAL IPS: "${PROXY BLOCKED SPECIAL IPS}" PROXY NAT64 NETWORKS: "${PROXY NAT64 NETWORKS}" PROXY… 证据：`docker-compose.production.yml`
- **Dockerfile**（source_file）：ENV PYTHONDONTWRITEBYTECODE=1 \ PYTHONUNBUFFERED=1 证据：`orchestrator/Dockerfile`
- **Assembly**（source_file）：class ResultAssemblerImpl ⋮---- citation ids: dict str, int = {} citations: list AssembledCitation = passages: list AssembledPassage = total tokens = 0 ⋮---- key = normalize url item.chunk.source url citation id = citation ids.get key ⋮---- citation id = len citations + 1 证据：`orchestrator/assembly.py`
- **Content Dedup**（source_file）：SPACE = re.compile r"\s+" ⋮---- def fingerprint markdown: str - str ⋮---- normalized = SPACE.sub " ", markdown.lower .strip ⋮---- def content dedup pages: list Page - list Page ⋮---- seen: set str = set out: list Page = ⋮---- key = fingerprint page.markdown 证据：`orchestrator/content_dedup.py`
- **Fakes**（source_file）：def fake extract html: str, kwargs - str ⋮---- async def async boundary - None ⋮---- class FakePlanner ⋮---- def init self ⋮---- async def plan self, query: str - list str ⋮---- class EmptyPlanner ⋮---- async def plan self, query: str - list str ⋮---- class PartialPlanner ⋮---- class DownPlanner ⋮---- class FakeDiscovery ⋮---- async def search self, subquery: str, freshness: str None = None - list DiscoveryResult ⋮---- class EmptyDiscovery ⋮---- async def search self, subquery: str, freshness: str None = None - list DiscoveryResult ⋮---- class PartialDiscovery ⋮---- class DownDiscovery ⋮---- class FakeSelector ⋮---- def init self, subset: list DiscoveryResult None = None ⋮---- class EmptySe… 证据：`orchestrator/fakes.py`
- **Interfaces**（source_file）：class QueryPlanner Protocol ⋮---- async def plan self, query: str - list str : ... ⋮---- class SearchDiscovery Protocol ⋮---- async def search self, subquery: str, freshness: str None = None - list DiscoveryResult : ... ⋮---- class SelectionPolicy Protocol ⋮---- class ContentExtractor Protocol ⋮---- async def extract self, urls: list str - list Page : ... ⋮---- class MarkdownCleaner Protocol ⋮---- def clean self, page: Page - CleanedPage: ... ⋮---- class SemanticChunker Protocol ⋮---- async def chunk self, pages: list Page - list Chunk : ... ⋮---- class CandidatePrefilter Protocol ⋮---- def filter self, query: str, chunks: list Chunk - PrefilteredChunks: ... ⋮---- class Reranker Protocol ⋮-… 证据：`orchestrator/interfaces.py`
- **Markdown Cleaner**（source_file）：Extractor = Callable ..., str None ⋮---- class MarkdownCleanerImpl ⋮---- @property def cleaner version self - str ⋮---- def clean self, page: Page - CleanedPage ⋮---- original = page.original markdown or page.markdown source = page.html ⋮---- extracted = self. extractor cleaned = extracted.strip if extracted else "" ⋮---- cleaned = page.markdown.strip ⋮---- cleaned page = replace page, markdown=cleaned, original markdown=original 证据：`orchestrator/markdown_cleaner.py`
- 其余 19 条证据见 `AI_CONTEXT_PACK.json` 或 `EVIDENCE_INDEX.json`。

## 宿主 AI 必须遵守的规则

- **把本资产当作开工前上下文，而不是运行环境。**：AI Context Pack 只包含证据化项目理解，不包含目标项目的可执行状态。 证据：`README.md`, `semantic-chunking-service/tests/golden/README.md`, `AGENTS.md`
- **回答用户时区分可预览内容与必须安装后才能验证的内容。**：安装前体验的消费者价值来自降低误装和误判，而不是伪装成真实运行。 证据：`README.md`, `semantic-chunking-service/tests/golden/README.md`, `AGENTS.md`

## 用户开工前应该回答的问题

- 你准备在哪个宿主 AI 或本地环境中使用它？
- 你只是想先体验工作流，还是准备真实安装？
- 你最在意的是安装成本、输出质量、还是和现有规则的冲突？

## 验收标准

- 所有能力声明都能回指到 evidence_refs 中的文件路径。
- AI_CONTEXT_PACK.md 没有把预览包装成真实运行。
- 用户能在 3 分钟内看懂适合谁、能做什么、如何开始和风险边界。

---

## Doramagic Context Augmentation

下面内容用于强化 Repomix/AI Context Pack 主体。Human Manual 只提供阅读骨架；踩坑日志会被转成宿主 AI 必须遵守的工作约束。

## Human Manual 骨架

使用规则：这里只是项目阅读路线和显著性信号，不是事实权威。具体事实仍必须回到 repo evidence / Claim Graph。

宿主 AI 硬性规则：
- 不得把页标题、章节顺序、摘要或 importance 当作项目事实证据。
- 解释 Human Manual 骨架时，必须明确说它只是阅读路线/显著性信号。
- 能力、安装、兼容性、运行状态和风险判断必须引用 repo evidence、source path 或 Claim Graph。

- **Thorondor 项目概览与系统架构**：importance `high`
  - source_paths: README.md, docs/architecture/overview.md, docs/architecture/pipeline-workflow.md, docs/architecture/dependencies.md, docker-compose.yml
- **编排服务、语义分块与搜索流水线实现**：importance `high`
  - source_paths: orchestrator/app.py, orchestrator/pipeline.py, orchestrator/mcp_server.py, orchestrator/clients/chunker_client.py, orchestrator/clients/crawl4ai_client.py
- **thorondor_cli 配置工具与 Agent Harness 集成**：importance `medium`
  - source_paths: thorondor_cli/app.py, thorondor_cli/catalog.py, thorondor_cli/deploy.py, thorondor_cli/envfile.py, thorondor_cli/mcp_proxy.py
- **部署、配置参考、运维与故障排查**：importance `high`
  - source_paths: docs/architecture/configuration-reference.md, docs/architecture/deployment.md, docs/architecture/security.md, .env.example, .env.llamacpp.example

## Repo Inspection Evidence / 源码检查证据

- repo_clone_verified: true
- repo_inspection_verified: true
- repo_commit: `b8448c652194dec4021afad34cf22dda6052da3e`
- inspected_files: `README.md`, `docker-compose.yml`, `pyproject.toml`, `uv.lock`, `docs/architecture/configuration-reference.md`, `docs/architecture/dependencies.md`, `docs/architecture/deployment.md`, `docs/architecture/overview.md`, `docs/architecture/pipeline-workflow.md`, `docs/architecture/security.md`, `docs/plans/imladris-style-tui.md`, `docs/plans/public-readiness-fixes.md`, `docs/plans/remove-comments-from-code.md`, `docs/plans/single-commit-public-republish.md`, `docs/plans/thorondor-ghcr-release-images.md`, `docs/plans/thorondor-installer-wizard.md`

宿主 AI 硬性规则：
- 没有 repo_clone_verified=true 时，不得声称已经读过源码。
- 没有 repo_inspection_verified=true 时，不得把 README/docs/package 文件判断写成事实。
- 没有 quick_start_verified=true 时，不得声称 Quick Start 已跑通。

## Doramagic Pitfall Constraints / 踩坑约束

这些规则来自 Doramagic 发现、验证或编译过程中的项目专属坑点。宿主 AI 必须把它们当作工作约束，而不是普通说明文字。

### Constraint 1: 能力判断依赖假设

- Trigger: README/documentation is current enough for a first validation pass.
- Host AI rule: 将假设转成下游验证清单。
- Why it matters: 假设不成立时，用户拿不到承诺的能力。
- Evidence: capability.assumptions | https://github.com/FeanorsCodeSL/thorondor | README/documentation is current enough for a first validation pass.
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 2: 维护活跃度未知

- Trigger: 未记录 last_activity_observed。
- Host AI rule: 补 GitHub 最近 commit、release、issue/PR 响应信号。
- Why it matters: 新项目、停更项目和活跃项目会被混在一起，推荐信任度下降。
- Evidence: evidence.maintainer_signals | https://github.com/FeanorsCodeSL/thorondor | last_activity_observed missing
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

- Trigger: no_demo
- Evidence: downstream_validation.risk_items | https://github.com/FeanorsCodeSL/thorondor | no_demo; severity=medium
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 4: 存在评分风险

- Trigger: no_demo
- Why it matters: 风险会影响是否适合普通用户安装。
- Evidence: risks.scoring_risks | https://github.com/FeanorsCodeSL/thorondor | no_demo; severity=medium
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 5: issue/PR 响应质量未知

- Trigger: issue_or_pr_quality=unknown。
- Host AI rule: 抽样最近 issue/PR，判断是否长期无人处理。
- Why it matters: 用户无法判断遇到问题后是否有人维护。
- Evidence: evidence.maintainer_signals | https://github.com/FeanorsCodeSL/thorondor | issue_or_pr_quality=unknown
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 6: 发布节奏不明确

- Trigger: release_recency=unknown。
- Host AI rule: 确认最近 release/tag 和 README 安装命令是否一致。
- Why it matters: 安装命令和文档可能落后于代码，用户踩坑概率升高。
- Evidence: evidence.maintainer_signals | https://github.com/FeanorsCodeSL/thorondor | release_recency=unknown
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。
