@agentikos/omega-os 0.1.0 → 0.19.5

package/omega/Agentik_SSOT/skills/apiaudit/SKILL.md

@@ -0,0 +1,157 @@
+---
+name: apiaudit
+description: Forensic api audit — Does the API work CORRECTLY, CONSISTENTLY and SAFELY for every caller?. Runs the gather (deterministic) + falsify (agentic) pipeline, batches fixes, dispatches capped workers, re-audits, and persists scores. Use when the user says "/apiaudit", "audit api", or asks to verify the api health of the project.
+when_to_use: User says /apiaudit, audit api, check api, verify api, is api healthy.
+argument-hint: "[--scope <path>] [--fix] [--max-workers N]"
+arguments: [args]
+allowed-tools: Bash Read Edit Grep Glob Write
+---
+
+# apiaudit — forensic audit (Agentik OS Quality Arsenal)
+
+> Does the API work CORRECTLY, CONSISTENTLY and SAFELY for every caller?
+
+You are running the apiaudit forensic audit. Apply the **Gestalt-Popper
+doctrine**: identify the hinge point, scrutinise it 10x, then assume
+every name is a CLAIM and look for the divergence between the claim and
+the reality. Bias toward FAIL. A perfect score is earned by finding zero
+falsifiable claims, never by absence of effort.
+
+## Run
+
+The audit is one engine call — gather (deterministic) + falsify (agentic)
++ optional fix-dispatch (capped) + re-audit. Invoke the unified pipeline:
+
+```bash
+omega audit run apiaudit $args
+```
+
+Common options:
+
+| Flag | Effect |
+|---|---|
+| `--scope <path>` | scope the audit (file or directory) |
+| `--fix` | after analysing, batch findings + dispatch up to N workers + re-audit |
+| `--max-workers N` | cap parallel fix workers (default 3) |
+| `--min-severity high` | only batch + fix findings at or above this severity |
+
+Read-only by default. Add `--fix` to enable the dispatch + re-audit loop.
+
+## Phases under investigation
+
+The agentic pass walks each phase below and emits structured findings
+(claim vs. reality). Every PASS must cite ≥3 concrete checks.
+
+### 1. endpoint-inventory
+
+Enumerate every route with its HTTP method; classify public vs authenticated vs admin; flag debug/test routes live in prod, duplicate routes, and verbs-in-paths breaking REST nouns.
+
+### 2. hinge-authentication
+
+HINGE — for EVERY endpoint verify auth is enforced BEFORE any data access; send no-token / expired / malformed / other-user's-token; any 200 with data instead of 401/403 is a critical breach. Catch routes accidentally public via missing middleware.
+
+### 3. hinge-authorization
+
+HINGE — test every endpoint with every role; admin routes reject regular users, user routes reject guests; resource-level ownership enforced (no IDOR); no privilege escalation via body params; field-level authz on sensitive fields; no mass assignment.
+
+### 4. input-validation
+
+Every parameter on every endpoint — type, boundary (min/max length, range, array size, nesting depth), format (email/url/uuid), enum whitelist; Content-Type matches body; injection chars (SQL, NoSQL $ops, ../, shell) rejected.
+
+### 5. contract-compliance
+
+Response envelope identical across endpoints (data/errors/meta); ISO-8601 dates; consistent null-vs-missing handling; no breaking changes (field removal, type change, new required field); GraphQL depth/complexity limits, introspection off in prod.
+
+### 6. status-codes
+
+Correct codes per outcome — 201+Location on create, 204 on delete, 400 validation, 401 unauthenticated, 403 unauthorised, 404 missing, 409 conflict, 422 semantic, 429 rate-limited; never 200 for errors, never 500 for client mistakes.
+
+### 7. error-format
+
+Every error has status + machine-parseable code + message; validation errors list ALL invalid fields; no stack traces / DB errors / internal paths leaked; no user enumeration (same error for existing vs non-existing); Retry-After on 429.
+
+### 8. rate-limiting
+
+Global per-IP/user limit plus per-endpoint limits on expensive and auth operations; X-RateLimit-* and Retry-After headers present; tiered fairness for authenticated/paid callers; limits not bypassable via header spoofing.
+
+### 9. pagination
+
+Every list endpoint paginated with a sane default and enforced max page size; cursor- or offset-based consistently; page metadata (cursor/total/hasNext) returned; empty page returns [] not 404.
+
+### 10. idempotency
+
+GET/HEAD/OPTIONS truly side-effect free; PUT and DELETE idempotent on repeat; POST supports idempotency keys for money/critical ops; timeout+retry never creates duplicates or corrupts state.
+
+### 11. n-plus-one-perf
+
+Count DB queries per API call — find N+1 (list endpoint issuing one query per row); dataloader/batching for GraphQL, eager loading for ORM relations; no SELECT *; response times within p95<1s budget.
+
+### 12. cors-webhooks
+
+CORS Allow-Origin is a specific allowlist (no wildcard with credentials), only needed methods/headers; webhooks verify HMAC signature, enforce HTTPS, include event type + timestamp, retry with backoff.
+
+### 13. versioning-deprecation
+
+API version communicated consistently; backward compatibility preserved or sunset announced; deprecated endpoints emit Deprecation/Sunset headers, still function during the window, and point callers to the replacement.
+
+## Falsification rules
+
+"It works in Postman" proves nothing — Postman has the token, correct headers and the happy path. Every PASS must cite >=3 concrete requests run (no auth, wrong role, malformed body, boundary value, concurrent calls) with verbatim status + body. Categorise findings as HAPPY-vs-EDGE, ADMIN-vs-USER, SINGLE-vs-CONCURRENT, SPEC-vs-REALITY or POSTMAN-vs-PRODUCTION. A static scan reporting an "unauthenticated endpoint" must be confirmed by reading the handler — auth may live in middleware the scan cannot see. Bias toward FAIL.
+
+## After the run
+
+The pipeline writes one structured verdict to:
+
+```
+Agentik_Runtime/audits.db    (history — `omega audit history apiaudit`)
+Agentik_Runtime/sessions/${CLAUDE_SESSION_ID}/.done.json   (this turn)
+```
+
+The `.done.json` schema:
+
+```json
+{
+  "status": "done_clean" | "pending" | "failed",
+  "summary": "<one-paragraph verdict>",
+  "artifacts": {
+    "audit": "apiaudit",
+    "score": 0-100,
+    "verified": bool,
+    "findings": [...],
+    "fix_plan": [...],
+    "dispatches": [...],
+    "reaudit_score": 0-100  // only when --fix was used
+  }
+}
+```
+
+## Hard rules (don't break these)
+
+1. **No fake "done".** First Law: only runtime tells the truth. If the
+   gather phase fails or the agentic verdict scores below the threshold,
+   you have NOT verified — set status to `pending` or `failed`.
+2. **Cap parallelism.** ≤ 3 fix workers at a time. The
+   batcher enforces this; do not call out to other dispatch mechanisms.
+3. **No worker per finding.** Findings are clustered by file footprint and
+   severity. One worker handles one disjoint batch.
+4. **Re-audit confirms.** After fixes land, the pipeline re-runs the same
+   gather + agentic phases. If the score did not improve, escalate honestly.
+5. **History is the trend.** `omega audit history apiaudit` shows whether the
+   codebase is improving over time on this dimension. Use it to decide
+   whether to push for `--fix` again.
+
+## Why this audit exists
+
+The 18 forensic audits are the OmegaOS verification layer. Claude's
+"I'm done" claims used to be unverified. With these audits running as
+the gate, completion is **derived from observable facts**, not declared
+by the worker. Run this audit any time someone (human or agent) claims
+the api dimension is healthy. Insist on the score before you
+accept.
+
+## Reference
+
+Audit definition: `Agentik_SSOT/audits/apiaudit.yaml`
+Engine pipeline:  `omega_engine.audits.pipeline.AuditPipeline`
+Batcher:          `omega_engine.audits.batcher.batch_findings`
+History:          `omega_engine.audits.history`

package/omega/Agentik_SSOT/skills/automationaudit/SKILL.md

@@ -0,0 +1,161 @@
+---
+name: automationaudit
+description: Forensic automation audit — Every cron is a promise, every script a liability, every daemon a lie — do they hold?. Runs the gather (deterministic) + falsify (agentic) pipeline, batches fixes, dispatches capped workers, re-audits, and persists scores. Use when the user says "/automationaudit", "audit automation", or asks to verify the automation health of the project.
+when_to_use: User says /automationaudit, audit automation, check automation, verify automation, is automation healthy.
+argument-hint: "[--scope <path>] [--fix] [--max-workers N]"
+arguments: [args]
+allowed-tools: Bash Read Edit Grep Glob Write
+---
+
+# automationaudit — forensic audit (Agentik OS Quality Arsenal)
+
+> Every cron is a promise, every script a liability, every daemon a lie — do they hold?
+
+You are running the automationaudit forensic audit. Apply the **Gestalt-Popper
+doctrine**: identify the hinge point, scrutinise it 10x, then assume
+every name is a CLAIM and look for the divergence between the claim and
+the reality. Bias toward FAIL. A perfect score is earned by finding zero
+falsifiable claims, never by absence of effort.
+
+## Run
+
+The audit is one engine call — gather (deterministic) + falsify (agentic)
++ optional fix-dispatch (capped) + re-audit. Invoke the unified pipeline:
+
+```bash
+omega audit run automationaudit $args
+```
+
+Common options:
+
+| Flag | Effect |
+|---|---|
+| `--scope <path>` | scope the audit (file or directory) |
+| `--fix` | after analysing, batch findings + dispatch up to N workers + re-audit |
+| `--max-workers N` | cap parallel fix workers (default 3) |
+| `--min-severity high` | only batch + fix findings at or above this severity |
+
+Read-only by default. Add `--fix` to enable the dispatch + re-audit loop.
+
+## Phases under investigation
+
+The agentic pass walks each phase below and emits structured findings
+(claim vs. reality). Every PASS must cite ≥3 concrete checks.
+
+### 1. cron-health
+
+Cron expressions valid; DST/timezone traps; journalctl proves actual run count matches schedule (gaps = silent failures); output captured not '>/dev/null'; overlap-locked; failure alerts wired.
+
+### 2. script-quality
+
+Shebang correct; 'set -euo pipefail' present; passes shellcheck; variables quoted; 'cd' guarded with '|| exit'; Python venv + imports valid; bare-except swallows nothing.
+
+### 3. dependency-order
+
+Map the timeline — script B reading A's output must have an EXPLICIT dependency (not 'scheduled 5min later'); pipeline stages gate on SUCCESS not just completion; clock-skew safe.
+
+### 4. error-recovery
+
+Transient failures retried with bounded exponential backoff; partial failures logged-and-continued not aborted; killed mid-run can resume from checkpoint; timeouts set on curl/ssh; reboot survival.
+
+### 5. idempotency
+
+Running twice produces no duplicates / double notifications / lock-collision crash; catch-up after downtime is safe (24 missed runs ≠ 24 simultaneous API calls); INSERT vs UPSERT correct.
+
+### 6. logging-monitoring
+
+Every automation writes a timestamped structured log; log rotation configured (no unbounded disk bomb); failure escalates log→monitor→alert→human; dead-man's-switch alerts on non-execution.
+
+### 7. secret-exposure
+
+No hardcoded keys/passwords/connection-strings in scripts; gitleaks clean on history; secrets not echoed in logs or 'set -x' traces; .env files chmod 600 and gitignored; rotation plan exists.
+
+### 8. daemon-health
+
+Daemon actually running and systemd-enabled; CPU/RSS/FD not leaking; output/heartbeat fresh; Restart=on-failure policy; SIGTERM flushes buffers and releases locks; no OOM-kill history.
+
+### 9. race-conditions
+
+Automations sharing files/APIs/tables/repos are flock-protected; atomic write (.tmp then mv); concurrent git access locked; API schedules staggered to avoid combined rate-limit breach.
+
+### 10. dead-automations
+
+Cron entries point to existing scripts; no scripts that never ran (no log, stale mtime); commented-out crons explained; no orphaned log files; no deprecated automation still running alongside its replacement.
+
+### 11. dispatch-chains
+
+Every dispatch chain (trigger→worker→completion) verifies completion via done-signal/exit-code; failure propagates not fire-and-forget; backpressure caps concurrency; orphaned workers detected.
+
+### 12. failure-cascade
+
+Build the dependency graph; identify SPOFs and blast radius; disk-full/network-down/token-expired common failure modes; circuit breakers back off instead of hammering; global freeze switch exists.
+
+### 13. lock-management
+
+Lock files have a max-age/staleness check (PID alive via 'kill -0'); cleanup trap on EXIT and crash; reboot clears stale locks; granularity avoids deadlock between mutually-waiting scripts.
+
+### 14. backup-portability
+
+Backups exist, offsite, integrity-verified, restore actually tested with documented RTO/RPO; scripts use full tool paths (cron's minimal PATH); correct shebang vs syntax; tool availability checked.
+
+## Falsification rules
+
+Every automation lies — the cron says "every 5min" (prove it with journalctl), the log says "completed successfully" (prove the output file is stale/empty), the daemon "is alive" (prove the heartbeat is stale). Exit code 0 is NOT success. Categorise findings as SCHEDULE-vs-REALITY, LOG-vs-TRUTH, DEPENDENCY-vs-ORDER, IDEMPOTENT-vs-DESTRUCTIVE, ALIVE-vs-ZOMBIE, or SECRET-vs-EXPOSED. Every PASS cites ≥3 concrete commands with output.
+
+## After the run
+
+The pipeline writes one structured verdict to:
+
+```
+Agentik_Runtime/audits.db    (history — `omega audit history automationaudit`)
+Agentik_Runtime/sessions/${CLAUDE_SESSION_ID}/.done.json   (this turn)
+```
+
+The `.done.json` schema:
+
+```json
+{
+  "status": "done_clean" | "pending" | "failed",
+  "summary": "<one-paragraph verdict>",
+  "artifacts": {
+    "audit": "automationaudit",
+    "score": 0-100,
+    "verified": bool,
+    "findings": [...],
+    "fix_plan": [...],
+    "dispatches": [...],
+    "reaudit_score": 0-100  // only when --fix was used
+  }
+}
+```
+
+## Hard rules (don't break these)
+
+1. **No fake "done".** First Law: only runtime tells the truth. If the
+   gather phase fails or the agentic verdict scores below the threshold,
+   you have NOT verified — set status to `pending` or `failed`.
+2. **Cap parallelism.** ≤ 3 fix workers at a time. The
+   batcher enforces this; do not call out to other dispatch mechanisms.
+3. **No worker per finding.** Findings are clustered by file footprint and
+   severity. One worker handles one disjoint batch.
+4. **Re-audit confirms.** After fixes land, the pipeline re-runs the same
+   gather + agentic phases. If the score did not improve, escalate honestly.
+5. **History is the trend.** `omega audit history automationaudit` shows whether the
+   codebase is improving over time on this dimension. Use it to decide
+   whether to push for `--fix` again.
+
+## Why this audit exists
+
+The 18 forensic audits are the OmegaOS verification layer. Claude's
+"I'm done" claims used to be unverified. With these audits running as
+the gate, completion is **derived from observable facts**, not declared
+by the worker. Run this audit any time someone (human or agent) claims
+the automation dimension is healthy. Insist on the score before you
+accept.
+
+## Reference
+
+Audit definition: `Agentik_SSOT/audits/automationaudit.yaml`
+Engine pipeline:  `omega_engine.audits.pipeline.AuditPipeline`
+Batcher:          `omega_engine.audits.batcher.batch_findings`
+History:          `omega_engine.audits.history`

package/omega/Agentik_SSOT/skills/cadence/SKILL.md

@@ -0,0 +1,76 @@
+---
+name: cadence
+description: Schedule a recurring beat — cron, delay, or self-paced — that runs an intent at every tick via the OmegaOS AutonomousSupervisor. Agentik OS native equivalent of /loop, runs on the Claude Code Max subscription with zero API surcharge. Use when the user says "every N minutes do X", "schedule Y", "loop X every day", "run Z on a cron", "fire X in N seconds".
+when_to_use: A recurring or scheduled task that should persist beyond the current Claude Code session. Survives editor restarts because the supervisor daemon owns the schedule.
+allowed-tools: Bash Read
+argument-hint: "<cron|delay|self> <schedule-spec> <intent>"
+arguments: [trigger_type, schedule, intent]
+---
+
+# cadence — recurring execution on Max
+
+You are scheduling a beat. The user wants something to happen on a schedule
+(cron, delay, or self-paced). You will persist a charter to
+`Agentik_Orchestration/autonomous/cadence-<id>.yaml` — the existing
+`AutonomousSupervisor` daemon will pick it up at its next tick and run the
+intent at every beat from then on.
+
+## This run
+
+- **Trigger type:** $trigger_type (must be `cron`, `delay`, or `self`)
+- **Schedule:** $schedule
+- **Intent:** $intent
+
+## Protocol
+
+Use the Python primitive — it validates the trigger and writes the charter:
+
+```bash
+omega cadence "$trigger_type" "$schedule" "$intent"
+```
+
+The CLI:
+1. Validates the trigger type and schedule format.
+2. Generates a stable charter id `cadence-<8hex>`.
+3. Writes the YAML to `Agentik_Orchestration/autonomous/<id>.yaml`.
+4. The `omega-autonomous` daemon picks it up at its next tick (≤ 60s).
+
+## Trigger formats
+
+| Type | Schedule example | What it does |
+|---|---|---|
+| `cron` | `"*/5 * * * *"` | Standard 5-field cron — every 5 minutes |
+| `cron` | `"0 9 * * 1"` | Every Monday at 09:00 |
+| `delay` | `"3600"` | Fire once 3600 seconds from now |
+| `self` | `"self"` | Tick every 60s, the agent decides whether to act |
+
+## After scheduling
+
+Inspect:
+```bash
+omega cadence list                   # all scheduled cadences
+omega cadence list --enabled         # active only
+```
+
+Disable / remove:
+```bash
+omega cadence disable cadence-abc123def
+omega cadence remove cadence-abc123def
+```
+
+## Hard rules
+
+- **Never** write directly to `Agentik_Orchestration/autonomous/` from this skill — use the CLI so the charter is validated.
+- A `delay` charter that fires once should set itself to `enabled: false` on completion (the supervisor handles this).
+- A `cron` charter runs until you disable it or remove it. Make sure the user understands the cadence is persistent.
+
+## Completion
+
+Write `Agentik_Runtime/sessions/${CLAUDE_SESSION_ID}/.done.json`:
+```json
+{
+  "status": "done_clean",
+  "summary": "Scheduled cadence <id>: <trigger> at <schedule> → <intent>",
+  "artifacts": {"charter_id": "...", "path": "..."}
+}
+```

package/omega/Agentik_SSOT/skills/codeaudit/SKILL.md

@@ -0,0 +1,153 @@
+---
+name: codeaudit
+description: Forensic code audit — Is the code SOLID — does every claim the code makes hold at runtime?. Runs the gather (deterministic) + falsify (agentic) pipeline, batches fixes, dispatches capped workers, re-audits, and persists scores. Use when the user says "/codeaudit", "audit code", or asks to verify the code health of the project.
+when_to_use: User says /codeaudit, audit code, check code, verify code, is code healthy.
+argument-hint: "[--scope <path>] [--fix] [--max-workers N]"
+arguments: [args]
+allowed-tools: Bash Read Edit Grep Glob Write
+---
+
+# codeaudit — forensic audit (Agentik OS Quality Arsenal)
+
+> Is the code SOLID — does every claim the code makes hold at runtime?
+
+You are running the codeaudit forensic audit. Apply the **Gestalt-Popper
+doctrine**: identify the hinge point, scrutinise it 10x, then assume
+every name is a CLAIM and look for the divergence between the claim and
+the reality. Bias toward FAIL. A perfect score is earned by finding zero
+falsifiable claims, never by absence of effort.
+
+## Run
+
+The audit is one engine call — gather (deterministic) + falsify (agentic)
++ optional fix-dispatch (capped) + re-audit. Invoke the unified pipeline:
+
+```bash
+omega audit run codeaudit $args
+```
+
+Common options:
+
+| Flag | Effect |
+|---|---|
+| `--scope <path>` | scope the audit (file or directory) |
+| `--fix` | after analysing, batch findings + dispatch up to N workers + re-audit |
+| `--max-workers N` | cap parallel fix workers (default 3) |
+| `--min-severity high` | only batch + fix findings at or above this severity |
+
+Read-only by default. Add `--fix` to enable the dispatch + re-audit loop.
+
+## Phases under investigation
+
+The agentic pass walks each phase below and emits structured findings
+(claim vs. reality). Every PASS must cite ≥3 concrete checks.
+
+### 1. phantoms
+
+Dead code, unreachable branches, unused exports, orphan files, commented-out blocks.
+
+### 2. contracts
+
+Names vs behaviour — does `validate` validate? does `save` persist? does `delete` remove?
+
+### 3. data-flow
+
+Trace every external input to its sink — find untrusted data reaching a query, shell, path or render unguarded.
+
+### 4. state-mutation
+
+Shared mutable state, hidden globals, mutation through aliases, unenforced ordering assumptions.
+
+### 5. concurrency
+
+Races, missing locks/awaits, parent finishing before children, double-execution, lost updates.
+
+### 6. error-propagation
+
+Swallowed exceptions, errors logged but not handled, failure paths that silently succeed.
+
+### 7. blast-radius
+
+If this module breaks, what else dies? Identify the hinge point; prove its defenses exist.
+
+### 8. time-bombs
+
+Hardcoded dates, expiring tokens, size limits, retry loops with no ceiling, resources never released.
+
+### 9. contract-vs-type
+
+Type annotations vs runtime reality — a `str` param that receives `None`; a return shape the type denies.
+
+### 10. feature-verification
+
+Does the feature the code claims actually work end to end, or is it a stub wired to nothing?
+
+### 11. test-coverage
+
+Are failure modes tested, or only the happy path? Do tests assert behaviour or merely run it?
+
+### 12. resilience
+
+Behaviour under bad input, network failure, empty data, concurrent callers — what breaks first?
+
+## Falsification rules
+
+Every PASS must cite at least 3 concrete checks with their actual output. Categorise every finding as CLAIM-vs-REALITY, PROMISE-vs-DELIVERY, or CONTRACT-vs-BEHAVIOUR. Bias toward FAIL — a 100 is earned by finding zero falsifiable claims, never assumed.
+
+## After the run
+
+The pipeline writes one structured verdict to:
+
+```
+Agentik_Runtime/audits.db    (history — `omega audit history codeaudit`)
+Agentik_Runtime/sessions/${CLAUDE_SESSION_ID}/.done.json   (this turn)
+```
+
+The `.done.json` schema:
+
+```json
+{
+  "status": "done_clean" | "pending" | "failed",
+  "summary": "<one-paragraph verdict>",
+  "artifacts": {
+    "audit": "codeaudit",
+    "score": 0-100,
+    "verified": bool,
+    "findings": [...],
+    "fix_plan": [...],
+    "dispatches": [...],
+    "reaudit_score": 0-100  // only when --fix was used
+  }
+}
+```
+
+## Hard rules (don't break these)
+
+1. **No fake "done".** First Law: only runtime tells the truth. If the
+   gather phase fails or the agentic verdict scores below the threshold,
+   you have NOT verified — set status to `pending` or `failed`.
+2. **Cap parallelism.** ≤ 3 fix workers at a time. The
+   batcher enforces this; do not call out to other dispatch mechanisms.
+3. **No worker per finding.** Findings are clustered by file footprint and
+   severity. One worker handles one disjoint batch.
+4. **Re-audit confirms.** After fixes land, the pipeline re-runs the same
+   gather + agentic phases. If the score did not improve, escalate honestly.
+5. **History is the trend.** `omega audit history codeaudit` shows whether the
+   codebase is improving over time on this dimension. Use it to decide
+   whether to push for `--fix` again.
+
+## Why this audit exists
+
+The 18 forensic audits are the OmegaOS verification layer. Claude's
+"I'm done" claims used to be unverified. With these audits running as
+the gate, completion is **derived from observable facts**, not declared
+by the worker. Run this audit any time someone (human or agent) claims
+the code dimension is healthy. Insist on the score before you
+accept.
+
+## Reference
+
+Audit definition: `Agentik_SSOT/audits/codeaudit.yaml`
+Engine pipeline:  `omega_engine.audits.pipeline.AuditPipeline`
+Batcher:          `omega_engine.audits.batcher.batch_findings`
+History:          `omega_engine.audits.history`