atris 3.27.0 → 3.28.0

package/AGENTS.md

@@ -110,7 +110,7 @@ member -> mission start --verify -> status --status active -> one bounded step -
 - [ ] Only use `atris task accept <id>` when the human has approved the proof
 - [ ] Keep durable learning in Atris-owned policy/skill/wiki/task state; keep `AGENTS.md` as a generated/pointer layer
 - [ ] Treat `atris/TODO.md` as a rendered view; do not manually use it as the source of truth
-- [ ] Use `atris-labs` for the Atris Labs business computer slug in docs and links
+- [ ] Use the real business slug from local Atris state; do not hardcode private slugs in generated docs
 
 ## Anti-patterns
 

package/README.md

@@ -10,7 +10,7 @@ Owner has many Computers
 Computer = workspace + files + tools + secrets + memory + agents + validation loop
 ```
 
-A computer can be personal or shared by a business. It can run a job like code, research, CRM, reporting, recruiting, event ops, support, or business ops.
+A computer can be personal or shared by a business. It can run a job like code, research, CRM, reporting, event ops, support, or business ops.
 
 ## For Coding Agents
 
@@ -142,9 +142,9 @@ leaderboard.
 If you want a shared owner for a company, lab, collective, community, artist, team, or project, use the business command instead of raw `atris init`.
 
 ```bash
-atris business init "BLOND:ISH" --owner-email joel@blondish.world
-cd ~/arena/atris-business/blondish
-atris business onboard --website https://blondish.world --contact "Joel Zimmerman" --note "artist-led brand and ticket sales"
+atris business init "Example Co" --owner-email operator@example.com
+cd ~/arena/atris-business/example-co
+atris business onboard --website https://example.com --contact "Example Owner" --note "sample customer workspace"
 atris align --fix
 ```
 
@@ -166,7 +166,7 @@ You can also use bare input:
 atris business onboard https://example.com "founder-led b2b ops" ./notes.md
 ```
 
-If you already have a folder full of source material, run it from there with `atris business init "BLOND:ISH" --here`.
+If you already have a folder full of source material, run it from there with `atris business init "Example Co" --here`.
 
 When the first recap is done, record it into the RL state logs:
 

package/atris/features/company-brain-sync/build.md

@@ -2,9 +2,9 @@
 
 ## Current Patch
 
-The immediate DoorDash lane now follows the correct company-brain model:
+The immediate Example Co lane now follows the correct company-brain model:
 
-- `atris push` keeps the business root as the path root so `doordash/atris/MAP.md` maps to cloud `/atris/MAP.md`
+- `atris push` keeps the business root as the path root so `example-co/atris/MAP.md` maps to cloud `/atris/MAP.md`
 - business `pull` and `push` default to the `atris/` scope
 - root-level duplicates such as `MAP.md`, `TODO.md`, and `security-report.md` are ignored by default
 - manifests record the local workspace root to prevent a manifest from one folder authorizing pushes from another folder
@@ -114,7 +114,7 @@ Later it should also let the user ask Atris to merge semantically with model ass
 
 `atris sync --watch` is the current always-on lane:
 
-- watch `doordash/atris/`
+- watch `example-co/atris/`
 - debounce local edits
 - fetch cloud hashes periodically
 - sync clean changes
@@ -136,5 +136,5 @@ Required before broad customer use:
 - retry-policy tests proving watch failures do not kill the alive loop
 - fixture tests proving parent-folder junk is ignored
 - fixture tests proving no cloud deletes without explicit opt-in
-- end-to-end dry-run against a real DoorDash-shaped workspace
+- end-to-end dry-run against a real Example Co-shaped workspace
 - command copy that never recommends `--force` for normal use

package/atris/features/company-brain-sync/idea.md

@@ -2,7 +2,7 @@
 
 ## Problem
 
-Atris business workspaces are company brains, not plain folders. The canonical knowledge surface is the `atris/` folder inside each business workspace, for example `doordash/atris/`.
+Atris business workspaces are company brains, not plain folders. The canonical knowledge surface is the `atris/` folder inside each business workspace, for example `example-co/atris/`.
 
 Raw push/pull is the wrong abstraction for this surface. It makes a shared knowledge base feel like file mirroring, which creates merge anxiety and makes users responsible for sync safety.
 
@@ -19,7 +19,7 @@ Cloud Atris is canonical. Local Atris is a working copy. Sync publishes proposed
 
 ## User Model
 
-Jonathan should be able to work inside `doordash/atris/` and run one command:
+Jonathan should be able to work inside `example-co/atris/` and run one command:
 
 ```bash
 atris sync

package/atris/features/company-brain-sync/validate.md

@@ -51,47 +51,47 @@ node -c commands/pull.js
 node -c commands/push.js
 ```
 
-Fresh DoorDash-shaped workspace dry-run:
+Fresh Example Co-shaped workspace dry-run:
 
 ```bash
-atris sync doordash --dry-run
+atris sync example-co --dry-run
 ```
 
 Observed result:
 
 ```text
-Syncing doordash knowledge wiki...
+Syncing example-co knowledge wiki...
 scope: atris/
 ...
-Pushing to DoorDash...
+Pushing to Example Co...
 Checking cloud freshness... fresh
 Already up to date.
 ```
 
-Fresh DoorDash-shaped workspace real command with no local edits:
+Fresh Example Co-shaped workspace real command with no local edits:
 
 ```bash
-atris sync doordash
+atris sync example-co
 ```
 
 Observed result:
 
 ```text
-Pulling DoorDash...
+Pulling Example Co...
 Already up to date.
 122 unchanged.
-Pushing to DoorDash...
+Pushing to Example Co...
 Checking cloud freshness... fresh
 Already up to date.
 ```
 
 No cloud writes were required in the validation case because the clean workspace had no local changes to publish.
 
-Local edit dry-run in a DoorDash-shaped workspace:
+Local edit dry-run in an Example Co-shaped workspace:
 
 ```bash
 printf '# Sync smoke\n\nLocal-only knowledge update.\n' > atris/wiki/smoke/local-edit.md
-atris sync doordash --dry-run
+atris sync example-co --dry-run
 ```
 
 Observed result:
@@ -101,11 +101,11 @@ Observed result:
 1 would be pushed, 122 unchanged. (--dry-run, nothing sent)
 ```
 
-Local delete dry-run in a DoorDash-shaped workspace:
+Local delete dry-run in an Example Co-shaped workspace:
 
 ```bash
 rm -f atris/wiki/index.md
-atris sync doordash --dry-run
+atris sync example-co --dry-run
 ```
 
 Observed result:
@@ -118,7 +118,7 @@ Deletes require an explicit real push with --delete.
 Real delete attempt without `--delete`:
 
 ```bash
-atris sync doordash
+atris sync example-co
 ```
 
 Observed result:
@@ -148,10 +148,10 @@ Slug auto-detection:
 atris sync --dry-run
 ```
 
-Observed result from a DoorDash-shaped workspace:
+Observed result from an Example Co-shaped workspace:
 
 ```text
-Syncing doordash knowledge wiki...
+Syncing example-co knowledge wiki...
 scope: atris/
 ```
 
@@ -165,7 +165,7 @@ Observed shape:
 
 ```text
 Company brain status
-  business: doordash
+  business: example-co
   brain: atris/ (...)
   conflicts: none
   watcher: ...
@@ -218,12 +218,12 @@ atris pull example-co --keep-local --only atris/wiki --timeout 120
 atris push example-co --only atris/wiki --dry-run
 ```
 
-- DoorDash post-publish smoke:
+- Example Co post-publish smoke:
 
 ```bash
-cd ~/arena/atris-business/doordash
+cd ~/arena/atris-business/example-co
 atris wiki verify
-atris push doordash --dry-run
+atris push example-co --dry-run
 ```
 
 - Packaged CLI smoke already passed locally for `3.15.12`: tarball install exposes `atris pull --no-manifest` and `atris wiki verify`.

package/atris/skills/aeo/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: aeo
 description: "AI Engine Optimization — write content engineered to get cited by ChatGPT, Claude, and Gemini. Not SEO. Triggers on: aeo, AI engine, llm citation, get cited, write for ai."
-when_to_use: "Use when the user wants content that ranks in AI answers (not Google SERP). Examples: 'write an AEO page', 'get ExampleCo cited by ChatGPT', 'aeo for our recruiting page', 'make this quotable by LLMs'."
+when_to_use: "Use when the user wants content that ranks in AI answers (not Google SERP). Examples: 'write an AEO page', 'get ExampleCo cited by ChatGPT', 'aeo for our pricing page', 'make this quotable by LLMs'."
 version: 0.1.0
 allowed-tools: Read, Write, Edit, Glob, Grep, Bash
 tags:

package/atris/skills/autopilot/SKILL.md

@@ -20,8 +20,8 @@ Every tick prints this BEFORE scanning for work, so you can see the loop's state
   ┌──────────────────────────────────────────────────────────────┐
   │ tick · 14:23                                                 │
   │ identity:  building atris-business cloud for design partners │
-  │ horizon:   wiki-from-atris-labs                              │
-  │            atris-cli wiki has 3 new pages from atris-labs    │
+  │ horizon:   customer-onboarding                               │
+  │            three setup checks are ready to ship               │
   │ progress:  ████████░░░░  6/9 endgame steps                   │
   └──────────────────────────────────────────────────────────────┘
 ```

package/atris/skills/slides/SKILL.md

@@ -121,7 +121,7 @@ curl -s -X POST "https://api.atris.ai/api/integrations/google-slides/presentatio
     {
       "insertText": {
         "objectId": "subtitleId",
-        "text": "Atris Labs - Confidential"
+        "text": "{{company_name}} - Confidential"
       }
     }
   ]
@@ -207,7 +207,7 @@ curl -s -X POST "https://api.atris.ai/api/integrations/google-slides/presentatio
     {
       "replaceAllText": {
         "containsText": {"text": "{{company_name}}"},
-        "replaceText": "Atris Labs"
+        "replaceText": "Example Co"
       }
     }
   ]

package/bin/atris.js

@@ -345,7 +345,7 @@ function showHelp() {
   console.log('Atris Computers:');
   console.log('  Owner = User | Business');
   console.log('  Owners have Computers: workspace + files + tools + secrets + memory + agents + validation');
-  console.log('  Types: code, research, CRM, reporting, recruiting, events, support, business ops');
+  console.log('  Types: code, research, CRM, reporting, events, support, business ops');
   console.log('');
   console.log('Setup:');
   console.log('  setup      - Guided first-time setup (login, pick business, pull)');
@@ -823,7 +823,7 @@ if (command === '2' && ['fast', 'pro'].includes(String(firstCommandArg || '').to
 const knownCommands = ['init', 'log', 'now', 'radar', 'ctop', 'status', 'analytics', 'visualize', 'brain', 'brainstorm', 'autopilot', 'run', 'plan', 'do', 'review', 'release',
                        'activate', '_activate', 'agent', 'chat', 'fast', 'ax', 'console', 'serve', 'login', 'logout', 'whoami', 'switch', 'use', 'accounts', '_resolve', '_profile-email', '_switch-session', 'shell-init', 'update', 'upgrade', 'version', 'help', 'next', 'atris',
                        'clean', 'verify', 'search', 'skill', 'member', 'codex-goal', 'app', 'apps', 'learn', 'lesson', 'plugin', 'experiments', 'receipt', 'proof', 'openclaw', 'pull', 'push', 'live', 'align', 'terminal', 'computer', 'diff', 'business', 'sync', 'youtube',
-                       'ingest', 'query', 'lint', 'loop', 'pulse', 'task', 'mission', 'probe', 'worktree', 'aeo', 'slop', 'deck', 'site', 'theme', 'card', 'reel', 'improve', 'xp', 'play', 'gm', 'x', 'recap', 'signup', 'clarity', 'moves',
+                       'ingest', 'query', 'lint', 'loop', 'pulse', 'task', 'mission', 'probe', 'worktree', 'aeo', 'slop', 'security-review', 'secure', 'deck', 'site', 'theme', 'card', 'reel', 'improve', 'xp', 'play', 'gm', 'x', 'recap', 'signup', 'clarity', 'moves',
                        'gmail', 'calendar', 'twitter', 'slack', 'imessage', 'integrations', 'setup', 'clean-workspace', 'cw',
                        'fork', 'browse', 'publish', 'sleep', 'wake', 'feedback', 'errors', 'wiki', 'code-review', 'cr', 'soul', 'fleet', 'compile', 'spaceship'];
 
@@ -2061,6 +2061,27 @@ if (command === 'init') {
   Promise.resolve(require('../commands/slop').slopCommand(process.argv.slice(3)))
     .then((code) => process.exit(typeof code === 'number' ? code : 0))
     .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
+} else if (command === 'security-review' || command === 'secure') {
+  // Security review: deterministic secrets/PII/code-risk scan (no LLM). Exit 1 = HIGH finding,
+  // for the autopilot/mission/CI gate + a SOC 2 evidence artifact via --json.
+  Promise.resolve(require('../commands/security-review').securityReviewCommand(process.argv.slice(3)))
+    .then((code) => process.exit(typeof code === 'number' ? code : 0))
+    .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
+} else if (command === 'signup') {
+  // Signup: one-call seedless agent signup → writes the active profile (install→signup→play seam).
+  Promise.resolve(require('../commands/signup').signupCommand(process.argv.slice(3)))
+    .then((code) => process.exit(typeof code === 'number' ? code : 0))
+    .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
+} else if (command === 'moves') {
+  // Moves: your 3 next moves — approve one into the loop, kill, or skip.
+  Promise.resolve(require('../commands/moves').movesCommand(process.argv.slice(3)))
+    .then((code) => process.exit(typeof code === 'number' ? code : 0))
+    .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
+} else if (command === 'clarity') {
+  // Clarity: interview yourself once; agents read how you work so you stop repeating it.
+  Promise.resolve(require('../commands/clarity').clarityCommand(process.argv.slice(3)))
+    .then((code) => process.exit(typeof code === 'number' ? code : 0))
+    .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
 } else if (command === 'deck') {
   // Deck: premium Google Slides from a plain content spec, via the Atris deck engine (anti-slop design system).
   Promise.resolve(require('../commands/deck').run(process.argv.slice(3)))
@@ -2086,22 +2107,6 @@ if (command === 'init') {
   Promise.resolve(require('../commands/reel').run(process.argv.slice(3)))
     .then((code) => process.exit(typeof code === 'number' ? code : 0))
     .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
-} else if (command === 'signup') {
-  // Signup: one-call seedless agent signup (POST /auth/agent/signup) → writes the
-  // active profile so `atris play` works next. The install→signup→play seam.
-  Promise.resolve(require('../commands/signup').signupCommand(process.argv.slice(3)))
-    .then((code) => process.exit(typeof code === 'number' ? code : 0))
-    .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
-} else if (command === 'moves') {
-  // Moves: your 3 next moves — approve one into the loop, kill, or skip.
-  Promise.resolve(require('../commands/moves').movesCommand(process.argv.slice(3)))
-    .then((code) => process.exit(typeof code === 'number' ? code : 0))
-    .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
-} else if (command === 'clarity') {
-  // Clarity: interview yourself once; agents read how you work so you stop repeating it.
-  Promise.resolve(require('../commands/clarity').clarityCommand(process.argv.slice(3)))
-    .then((code) => process.exit(typeof code === 'number' ? code : 0))
-    .catch((err) => { console.error(`\n✗ Error: ${err.message || err}`); process.exit(1); });
 } else if (command === 'receipt' || command === 'proof' || command === 'openclaw') {
   const subcommand = process.argv[3];
   const args = process.argv.slice(4);

package/commands/aeo.js

@@ -173,7 +173,7 @@ function printHelp() {
   console.log('');
   console.log('Examples:');
   console.log('  atris aeo log --engine perplexity --limit 5');
-  console.log('  atris aeo packet pallet');
+  console.log('  atris aeo packet <slug>');
   console.log('  atris aeo status');
   console.log('  atris aeo discover https://atris.ai/aeo --canonical-url https://atris.ai/aeo');
 }

package/commands/autopilot.js

@@ -42,7 +42,7 @@ function looksOwnerGatedTitle(title) {
     /\bhuman[- ](?:approval|input|gate|gated)\b/.test(text) ||
     /\bmanual send\b/.test(text) ||
     /\broute confirmation\b/.test(text) ||
-    /\bconfirm pallet destination\b/.test(text) ||
+    /\bconfirm customer destination\b/.test(text) ||
     /\bconfirm .+ destination before .+ approval\b/.test(text) ||
     /\bapprove and manually send\b/.test(text)
   );

package/commands/computer.js

@@ -1601,8 +1601,8 @@ async function computerCreate(token, args = [], defaults = {}) {
     console.log('Create a business computer, activate it, and wake it in one command.');
     console.log('');
     console.log('Examples:');
-    console.log('  atris computer create "My Business Computer" --business atris-labs');
-    console.log('  atris computer create "Recruiting Computer"');
+    console.log('  atris computer create "My Business Computer" --business <business>');
+    console.log('  atris computer create "Support Computer"');
     if (!options.name && !options.help) process.exitCode = 1;
     return;
   }
@@ -1810,8 +1810,8 @@ async function computerDelete(token, ctx, options = {}, args = []) {
     console.log('Sleeps the computer first, then deletes the non-default workspace after confirmation.');
     console.log('');
     console.log('Examples:');
-    console.log('  atris computer delete --business atris-labs --workspace ws_123');
-    console.log('  atris computer delete --business atris-labs --workspace ws_123 --confirm "delete ws_123"');
+    console.log('  atris computer delete --business <business> --workspace ws_123');
+    console.log('  atris computer delete --business <business> --workspace ws_123 --confirm "delete ws_123"');
     return;
   }
 
@@ -3291,7 +3291,7 @@ async function runComputer() {
     console.log('  Owner has many Computers');
     console.log('  Computer = workspace + files + tools + secrets + memory + agents + validation');
     console.log('');
-    console.log('Common types: codeops, research, CRM, reporting, recruiting, event ops, support, business ops.');
+    console.log('Common types: codeops, research, CRM, reporting, event ops, support, business ops.');
     console.log('A business can be a company, lab, collective, community, artist, team, or project.');
     console.log('');
     console.log('First use:');
@@ -3342,10 +3342,10 @@ async function runComputer() {
     console.log('  atris computer');
     console.log('  atris computer card --write');
     console.log('  atris business init "My Lab"     # first/default computer with Atris + operator');
-    console.log('  atris computer create "Recruiting Computer" --business atris-labs');
-    console.log('  atris computer --business atris-labs --workspace <workspace-id>');
-    console.log('  atris computer sleep --business atris-labs --workspace <workspace-id>');
-    console.log('  atris computer delete --business atris-labs --workspace <workspace-id>');
+    console.log('  atris computer create "Support Computer" --business <business>');
+    console.log('  atris computer --business <business> --workspace <workspace-id>');
+    console.log('  atris computer sleep --business <business> --workspace <workspace-id>');
+    console.log('  atris computer delete --business <business> --workspace <workspace-id>');
     console.log('  atris computer proof');
     console.log('  atris computer local');
     console.log('  atris computer codex');

package/commands/feedback.js

@@ -231,7 +231,7 @@ function printHelp(write = console.log) {
   write('  atris feedback delete <id>             Delete feedback (admin)');
   write('');
   write('IDs may be the first 8 chars of the UUID.');
-  write('Business slugs come from ~/.atris/businesses.json (e.g. acme, atris-labs).');
+  write('Business slugs come from ~/.atris/businesses.json.');
   write('');
 }
 

package/commands/init.js

@@ -257,7 +257,7 @@ function initAtris() {
   }
   // GUARD: Refuse nested init.
   // Bug: running `atris init` inside an existing `atris/` folder creates
-  // `atris/atris/` nesting hell. Cloud doordash had this exact problem.
+  // `atris/atris/` nesting hell. A cloud business workspace had this exact problem.
   // Fix: detect three nesting conditions and refuse with a clear error.
   const cwd = process.cwd();
   const cwdBase = path.basename(cwd);
@@ -705,7 +705,7 @@ member -> mission start --verify -> status --status active -> one bounded step -
 - [ ] Only use \`atris task accept <id>\` when the human has approved the proof
 - [ ] Keep durable learning in Atris-owned policy/skill/wiki/task state; keep \`AGENTS.md\` as a generated/pointer layer
 - [ ] Treat \`atris/TODO.md\` as a rendered view; do not manually use it as the source of truth
-- [ ] Use \`atris-labs\` for the Atris Labs business computer slug in docs and links
+- [ ] Use the real business slug from local Atris state; do not hardcode private slugs in generated docs
 
 ## Anti-patterns
 

package/commands/live.js

@@ -101,10 +101,10 @@ function printLiveHelp() {
   console.log('Keeps a business brain fresh: doctor, pull, watch local changes, push after quiet, and periodically pull.');
   console.log('');
   console.log('Examples:');
-  console.log('  atris live atris-labs');
+  console.log('  atris live <business>');
   console.log('  atris live --once');
-  console.log('  atris live atris-labs --dry-run');
-  console.log('  atris live atris-labs --interval=120 --debounce=30');
+  console.log('  atris live <business> --dry-run');
+  console.log('  atris live <business> --interval=120 --debounce=30');
   console.log('');
   console.log('Options:');
   console.log('  --once             Run one freshness cycle and exit');

package/commands/plugin.js

@@ -46,7 +46,7 @@ function generateManifest(skills, projectDir) {
     version: pkg.version || '1.0.0',
     description: `Atris workspace skills for Cowork — ${skills.length} integrations (email, calendar, slack, drive, notion, and more)`,
     author: {
-      name: typeof pkg.author === 'string' ? pkg.author : (pkg.author?.name || 'Atris Labs')
+      name: typeof pkg.author === 'string' ? pkg.author : (pkg.author?.name || 'Atris')
     },
     homepage: pkg.homepage || 'https://github.com/atrislabs/atris',
     keywords: ['atris', 'workspace', 'integrations', 'email', 'calendar', 'slack', 'notion', 'drive']

package/commands/pull.js

@@ -110,9 +110,9 @@ async function pullAtris() {
     console.log('  Local files that conflict with cloud are replaced by the cloud version.');
     console.log('');
     console.log('  atris pull                   Pull into current business workspace');
-    console.log('  atris pull doordash          Pull a business into ./doordash or --into <path>');
-    console.log('  atris pull doordash --into /tmp/doordash');
-    console.log('  atris pull doordash --only atris/wiki/');
+    console.log('  atris pull <business>         Pull a business into ./<business> or --into <path>');
+    console.log('  atris pull <business> --into /tmp/<business>');
+    console.log('  atris pull <business> --only atris/wiki/');
     console.log('  atris pull --keep-local      Preserve conflicting local edits as .remote files (legacy)');
     console.log('  atris pull --dry-run         Preview pull changes without writing local files');
     console.log('  atris pull --no-manifest     Pull for inspection without changing this machine\'s sync anchor');
@@ -249,7 +249,7 @@ async function pullBusiness(slug) {
   // correct workspace for THIS business — i.e. it has a `.atris/business.json`
   // whose slug matches `slug`. Any other signal (a stray `atris/` folder, a
   // business.json for a different business, etc.) is NOT enough: pulling
-  // atris-labs on top of another business workspace would mix two businesses into
+  // one business on top of another business workspace would mix two businesses into
   // one directory and write one manifest over the other (or vice
   // versa), causing the next sync to do strange things.
   //

package/commands/security-review.js

@@ -0,0 +1,132 @@
+// atris security-review — deterministic secrets / PII / privacy scan (no LLM).
+//
+// "Is this workspace safe to commit, publish, or hand to an autonomous loop?"
+// Answers it with facts: file:line + rule + severity. Exit 1 on a HIGH finding,
+// so it drops into the autopilot/mission/CI verification gate. `--json` emits a
+// SOC 2 evidence artifact. Scans git-tracked files by default (what is exposed
+// is what is committed), or a path you pass.
+//
+// Usage:
+//   atris security-review                 scan tracked files (default)
+//   atris security-review src/            scan a path
+//   atris security-review --staged        scan staged changes (pre-commit gate)
+//   atris security-review --json          machine output for CI / the loop
+//   atris security-review --strict        also fail on MEDIUM (PII/paths)
+//   atris security-review hook            install a pre-commit gate
+//
+// Exit code: 0 = clean, 1 = findings at/over the fail threshold, 2 = bad usage.
+
+const fs = require('fs');
+const path = require('path');
+const { runScan, RULES } = require('../lib/security-scan');
+
+const ICON = { high: '✗', medium: '!', low: '·', privacy: '✗', secret: '✗', pii: '!' };
+const SEV_ORDER = { high: 0, medium: 1, low: 2 };
+
+function securityReviewCommand(argv = []) {
+  const sub = argv[0];
+  if (sub === 'help' || argv.includes('-h') || argv.includes('--help')) return printHelp();
+  if (sub === 'rules') return printRules();
+  if (sub === 'hook' || sub === 'install-hook') return installHook();
+
+  const json = argv.includes('--json');
+  const quiet = argv.includes('--quiet');
+  const strict = argv.includes('--strict');
+  const staged = argv.includes('--staged');
+  const paths = argv.filter((a) => !a.startsWith('-') && a !== 'scan');
+  const root = process.cwd();
+
+  let result;
+  try {
+    result = runScan({ root, paths, staged });
+  } catch (e) {
+    console.error(`security-review: ${e.message}`);
+    return 2;
+  }
+
+  const { findings, counts, scanned } = result;
+  findings.sort((a, b) => (SEV_ORDER[a.sev] - SEV_ORDER[b.sev]) || a.file.localeCompare(b.file) || (a.line - b.line));
+  const failThreshold = strict ? ['high', 'medium'] : ['high'];
+  const failing = findings.filter((f) => failThreshold.includes(f.sev)).length;
+
+  if (json) {
+    console.log(JSON.stringify({
+      ok: failing === 0,
+      scanned,
+      counts,
+      fail_threshold: strict ? 'medium' : 'high',
+      findings,
+      generated_for: 'soc2-evidence',
+    }, null, 2));
+    return failing ? 1 : 0;
+  }
+
+  if (!quiet) {
+    console.log('\n  ◉ atris security review');
+    if (!findings.length) {
+      console.log(`\n  ✓ clean — no secrets, PII, or sensitive files in ${scanned} tracked file${scanned === 1 ? '' : 's'}\n`);
+      return 0;
+    }
+    console.log('');
+    const w = Math.max(...findings.map((f) => `${f.file}${f.line ? ':' + f.line : ''}`.length));
+    for (const f of findings) {
+      const loc = `${f.file}${f.line ? ':' + f.line : ''}`.padEnd(w);
+      console.log(`  ${ICON[f.sev] || '·'} ${f.sev.toUpperCase().padEnd(6)} ${loc}  ${f.rule.padEnd(22)} ${f.why}`);
+    }
+  }
+  console.log(`\n  ${counts.high || 0} high · ${counts.medium || 0} medium · ${counts.low || 0} low across ${scanned} file${scanned === 1 ? '' : 's'}`);
+  if (failing) {
+    console.log(`  ${failing} finding${failing === 1 ? '' : 's'} at/over the ${strict ? 'MEDIUM' : 'HIGH'} threshold · exit 1`);
+    console.log('  fix or suppress (trailing `atris-allow-secret`), then re-run.\n');
+  } else {
+    console.log(`  no findings at the ${strict ? 'MEDIUM' : 'HIGH'} threshold · exit 0\n`);
+  }
+  return failing ? 1 : 0;
+}
+
+function printRules() {
+  console.log('\n  atris security-review — deterministic rules:\n');
+  for (const r of RULES) console.log(`  ${r.sev.toUpperCase().padEnd(6)} ${r.cat.padEnd(8)} ${r.id.padEnd(22)} ${r.why}`);
+  console.log(`\n  ${RULES.length} rules + tracked-sensitive-file check. Suppress a line with a trailing \`atris-allow-secret\`.\n`);
+  return 0;
+}
+
+function installHook() {
+  const root = process.cwd();
+  const hookDir = path.join(root, '.git', 'hooks');
+  try {
+    fs.mkdirSync(hookDir, { recursive: true });
+    const hookPath = path.join(hookDir, 'pre-commit');
+    const marker = '# atris security gate';
+    let content = '';
+    try { content = fs.readFileSync(hookPath, 'utf8'); } catch {}
+    if (content.includes(marker)) { console.log(`\n  already installed: ${path.relative(root, hookPath)}\n`); return 0; }
+    if (!content) content = '#!/bin/sh\n';
+    if (!content.endsWith('\n')) content += '\n';
+    content += `\n${marker}\nif command -v atris >/dev/null 2>&1; then atris security-review --staged --quiet || exit 1; fi\n`;
+    fs.writeFileSync(hookPath, content);
+    fs.chmodSync(hookPath, 0o755);
+    console.log(`\n  ✓ security pre-commit gate installed: ${path.relative(root, hookPath)}\n    every commit now runs: atris security-review --staged\n`);
+    return 0;
+  } catch (e) { console.error(`  ${e.message}`); return 2; }
+}
+
+function printHelp() {
+  console.log(`
+  atris security-review — deterministic secrets / PII / privacy scan (no LLM)
+
+    atris security-review            scan git-tracked files (default)
+    atris security-review <path>     scan a file or dir
+    atris security-review --staged   scan staged changes (pre-commit gate)
+    atris security-review --strict   also fail on MEDIUM (PII / personal paths)
+    atris security-review --json     machine output / SOC 2 evidence artifact
+    atris security-review rules       list the active detectors
+    atris security-review hook        install a pre-commit gate
+
+  Scans for hardcoded secrets, API keys, personal data, and tracked sensitive
+  files. exit 0 = clean, 1 = found. Wire into the autopilot/mission gate and CI.
+`);
+  return 0;
+}
+
+module.exports = { securityReviewCommand };

package/commands/task.js

@@ -616,7 +616,6 @@ function readGoalSources(root = process.cwd()) {
   const candidates = [
     path.join(root, 'atris', 'goals.md'),
     path.join(root, 'goals.md'),
-    path.join(root, 'atris', 'wiki', 'concepts', 'atris-labs-goals.md'),
   ];
   for (const file of candidates) {
     if (!fs.existsSync(file)) continue;

package/lib/security-scan.js

@@ -0,0 +1,188 @@
+'use strict';
+
+// atris security scan — deterministic secrets / PII / privacy detectors (no LLM).
+//
+// A finding is a fact (file:line + rule + severity), so it drops straight into a
+// loop / mission / CI gate and doubles as a SOC 2 evidence artifact (machine
+// JSON). Precision over recall: a noisy gate gets muted, and a muted gate is dead.
+// Suppress a single line with a trailing `atris-allow-secret` comment.
+//
+// Zero external deps (Node built-ins only) — repo contract.
+
+const fs = require('fs');
+const path = require('path');
+const { execFileSync } = require('child_process');
+
+const SCAN_EXTS = new Set([
+  '.js', '.mjs', '.cjs', '.ts', '.tsx', '.jsx', '.json', '.md', '.mdx', '.txt',
+  '.yml', '.yaml', '.env', '.sh', '.bash', '.zsh', '.py', '.rb', '.go', '.java',
+  '.php', '.toml', '.ini', '.cfg', '.conf', '.html', '.vue', '.svelte', '.patch',
+]);
+const SKIP_DIRS = new Set(['node_modules', '.git', 'dist', 'build', '.next', 'coverage', 'out', 'vendor', '.cache', '__pycache__']);
+
+// Lines that opt out, and placeholder noise we never flag.
+const ALLOW_MARKER = /atris-allow-secret|atris-security-ignore/i;
+const PLACEHOLDER = /\b(?:example|placeholder|your[_-]?|my[_-]?key|xxx+|redacted|dummy|sample|changeme|test[_-]?key|fake|dummy|<[a-z_-]+>|process\.env|getenv|os\.environ|import\.meta\.env)\b/i;
+
+// High-precision secret patterns. severity high => fails the gate.
+const SECRET_RULES = [
+  { id: 'private-key', sev: 'high', cat: 'secret', re: /-----BEGIN (?:RSA |EC |OPENSSH |PGP |DSA |ENCRYPTED )?PRIVATE KEY-----/, why: 'private key committed in source' },
+  { id: 'aws-access-key-id', sev: 'high', cat: 'secret', re: /\bAKIA[0-9A-Z]{16}\b/, why: 'AWS access key id' },
+  { id: 'github-token', sev: 'high', cat: 'secret', re: /\bgh[pousr]_[A-Za-z0-9]{36,}\b/, why: 'GitHub personal/OAuth token' },
+  { id: 'slack-token', sev: 'high', cat: 'secret', re: /\bxox[baprs]-[A-Za-z0-9-]{10,}\b/, why: 'Slack token' },
+  { id: 'slack-webhook', sev: 'high', cat: 'secret', re: /https:\/\/hooks\.slack\.com\/services\/[A-Za-z0-9/_-]{20,}/, why: 'Slack incoming webhook url' },
+  { id: 'openai-key', sev: 'high', cat: 'secret', re: /\bsk-(?:proj-)?[A-Za-z0-9]{20,}\b/, why: 'OpenAI-style API key' },
+  { id: 'anthropic-key', sev: 'high', cat: 'secret', re: /\bsk-ant-[A-Za-z0-9_-]{20,}\b/, why: 'Anthropic API key' },
+  { id: 'google-api-key', sev: 'high', cat: 'secret', re: /\bAIza[0-9A-Za-z_-]{35}\b/, why: 'Google API key' },
+  { id: 'stripe-key', sev: 'high', cat: 'secret', re: /\b[rs]k_live_[A-Za-z0-9]{20,}\b/, why: 'Stripe live key' },
+  { id: 'npm-token', sev: 'high', cat: 'secret', re: /\bnpm_[A-Za-z0-9]{36}\b/, why: 'npm access token' },
+  { id: 'jwt', sev: 'medium', cat: 'secret', re: /\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{6,}\b/, why: 'JWT (often carries claims/PII)' },
+  { id: 'bearer-token', sev: 'medium', cat: 'secret', re: /\bBearer\s+[A-Za-z0-9._-]{24,}/, why: 'hardcoded Bearer token' },
+  { id: 'assigned-secret', sev: 'high', cat: 'secret', re: /(?:password|passwd|pwd|secret|api[_-]?key|apikey|access[_-]?token|auth[_-]?token|client[_-]?secret|private[_-]?key)\s*[:=]\s*['"][^'"\s]{8,}['"]/i, why: 'hardcoded credential assignment' },
+];
+
+// Personal data. Home-path is the recurring leak (a username + local layout).
+const PII_RULES = [
+  { id: 'home-path', sev: 'medium', cat: 'pii', re: /(?:\/Users\/|\/home\/)(?!runner\/|runner\b|root\/|root\b|ubuntu\/|ubuntu\b|user\/|user\b|node\/)[a-z][a-z0-9_.-]+/i, why: 'personal home path leaks a username + local layout (use os.homedir()/relative)' },
+  { id: 'windows-home-path', sev: 'medium', cat: 'pii', re: /[A-Za-z]:\\Users\\(?!Public\b)[^\\\s'"]+/, why: 'personal Windows path leaks a username' },
+  { id: 'email', sev: 'low', cat: 'pii', re: /\b[A-Za-z0-9._%+-]+@(?!example\.|sentry\.io|test\b|localhost|[\w.-]*\.local\b|sub\.)[A-Za-z0-9.-]+\.(?:com|net|org|ai|io|dev|co)\b/, why: 'email address (possible PII)' },
+  { id: 'phone', sev: 'low', cat: 'pii', re: /(?<![\d.\w])(?:\+?1[-.\s])?\(?\d{3}\)?[-.\s]\d{3}[-.\s]\d{4}(?![\d.\w])/, why: 'phone-number-shaped string' },
+];
+
+// Code-execution risks. For an AI CLI that runs autonomous loops and shells out,
+// these are the "are we actually safe" checks beyond data exposure. eval/Function
+// are almost never legitimate (HIGH); shelling out with interpolated input is the
+// command-injection class (MEDIUM — common and sometimes safe, so it asks for a
+// human look rather than hard-failing the gate).
+const CODE_RULES = [
+  { id: 'eval-call', sev: 'high', cat: 'code', re: /(?<![.\w])eval\((?!\s*\))/, why: 'eval() executes arbitrary code' },
+  { id: 'new-function', sev: 'high', cat: 'code', re: /\bnew\s+Function\(/, why: 'new Function() executes arbitrary code' },
+  { id: 'shell-exec-interpolation', sev: 'medium', cat: 'code', re: /\b(?:exec|execSync)\s*\(\s*[`'"][^`'"]*(?:\$\{|"\s*\+|'\s*\+)/, why: 'shell exec with interpolated input (command-injection risk; prefer execFile/spawn with an args array)' },
+  { id: 'child-process-shell-true', sev: 'medium', cat: 'code', re: /\bshell\s*:\s*true\b/, why: 'child_process shell:true enables shell interpretation of args' },
+];
+
+// extra per-line excludes that keep email/path rules from firing on safe noise
+const EMAIL_SAFE = /\b(?:noreply|no-reply|support|hello|info|contact|team|hi|admin|press)@/i;
+
+const RULES = [...SECRET_RULES, ...PII_RULES, ...CODE_RULES];
+
+// Filenames that should never be committed (checked against the tracked file list).
+const SENSITIVE_FILE_RE = /(?:^|\/)(?:\.env(?:\.[\w.-]+)?|id_rsa|id_dsa|id_ed25519|.*\.pem|.*\.pfx|.*\.p12|.*\.keystore|credentials\.json|\.npmrc|\.pypirc|\.netrc|secrets?\.(?:json|ya?ml|env))$/i;
+const SENSITIVE_FILE_ALLOW = /\.env\.example$|\.env\.sample$|\.env\.template$/i;
+
+function scanLine(line, rules = RULES) {
+  if (ALLOW_MARKER.test(line)) return [];
+  const findings = [];
+  const placeholder = PLACEHOLDER.test(line);
+  for (const rule of rules) {
+    const m = rule.re.exec(line);
+    if (!m) continue;
+    // Secrets in obvious placeholder/env-read lines are not real leaks.
+    if (rule.cat === 'secret' && placeholder) continue;
+    if (rule.id === 'email' && EMAIL_SAFE.test(line)) continue;
+    findings.push({ rule: rule.id, sev: rule.sev, cat: rule.cat, why: rule.why, snippet: m[0].trim().slice(0, 60) });
+  }
+  return findings;
+}
+
+function scanText(text, rules = RULES) {
+  const out = [];
+  const lines = String(text || '').split('\n');
+  for (let i = 0; i < lines.length; i++) {
+    for (const f of scanLine(lines[i], rules)) out.push({ ...f, line: i + 1 });
+  }
+  return out;
+}
+
+// Code-execution rules only make sense in actual code files — `eval(` written in
+// a markdown doc is prose, not a vuln.
+const CODE_EXTS = new Set(['.js', '.mjs', '.cjs', '.ts', '.tsx', '.jsx', '.py', '.rb', '.go', '.java', '.php', '.sh', '.bash', '.zsh']);
+
+function rulesForFile(file) {
+  return CODE_EXTS.has(path.extname(file)) ? RULES : RULES.filter((r) => r.cat !== 'code');
+}
+
+function scanFile(file, rules) {
+  let text;
+  try { text = fs.readFileSync(file, 'utf8'); } catch { return []; }
+  return scanText(text, rules || rulesForFile(file)).map((f) => ({ ...f, file }));
+}
+
+// Repo-level hygiene: a sensitive file being tracked at all is a finding,
+// independent of its contents.
+function sensitiveFileFindings(relPaths) {
+  const out = [];
+  for (const p of relPaths) {
+    if (SENSITIVE_FILE_RE.test(p) && !SENSITIVE_FILE_ALLOW.test(p)) {
+      out.push({ file: p, line: 0, rule: 'tracked-sensitive-file', sev: 'high', cat: 'privacy', why: 'sensitive file is tracked in git (gitignore + remove it)', snippet: path.basename(p) });
+    }
+  }
+  return out;
+}
+
+function gitTrackedFiles(root, { staged = false } = {}) {
+  try {
+    const args = staged ? ['diff', '--cached', '--name-only', '--diff-filter=ACM'] : ['ls-files'];
+    const out = execFileSync('git', args, { cwd: root, encoding: 'utf8', stdio: ['ignore', 'pipe', 'ignore'] });
+    return out.split('\n').map((s) => s.trim()).filter(Boolean);
+  } catch {
+    return null; // not a git repo / git unavailable
+  }
+}
+
+function walk(target, out) {
+  let stat;
+  try { stat = fs.statSync(target); } catch { return out; }
+  if (stat.isFile()) { out.push(target); return out; }
+  if (stat.isDirectory()) {
+    if (SKIP_DIRS.has(path.basename(target))) return out;
+    for (const name of fs.readdirSync(target)) {
+      if (name === '.git' || SKIP_DIRS.has(name)) continue;
+      walk(path.join(target, name), out);
+    }
+  }
+  return out;
+}
+
+function scannable(file) {
+  const ext = path.extname(file);
+  return SCAN_EXTS.has(ext) || path.basename(file).startsWith('.env');
+}
+
+// Resolve the set of files to scan + the relative-path list for hygiene checks.
+function resolveTargets({ root = process.cwd(), paths = [], staged = false } = {}) {
+  if (paths.length) {
+    const files = paths.flatMap((p) => walk(path.resolve(root, p), [])).filter(scannable);
+    return { files, relPaths: files.map((f) => path.relative(root, f)) };
+  }
+  const tracked = gitTrackedFiles(root, { staged });
+  if (tracked) {
+    const files = tracked.filter(scannable).map((p) => path.join(root, p)).filter((f) => fs.existsSync(f));
+    return { files, relPaths: tracked };
+  }
+  const files = walk(root, []).filter(scannable);
+  return { files, relPaths: files.map((f) => path.relative(root, f)) };
+}
+
+// Full scan: line-level findings across files + repo hygiene findings.
+// The scanner's own pattern database and its fixtures necessarily contain the
+// very strings it detects — never scan them (a tool that flags itself is noise).
+const SELF_FILES = new Set(['lib/security-scan.js', 'commands/security-review.js', 'test/security-scan.test.js']);
+
+function runScan({ root = process.cwd(), paths = [], staged = false } = {}) {
+  const { files, relPaths } = resolveTargets({ root, paths, staged });
+  const findings = [];
+  for (const f of files) {
+    if (SELF_FILES.has(path.relative(root, f))) continue;
+    for (const finding of scanFile(f)) findings.push({ ...finding, file: path.relative(root, finding.file) });
+  }
+  findings.push(...sensitiveFileFindings(relPaths.filter((p) => !SELF_FILES.has(p))));
+  const counts = { high: 0, medium: 0, low: 0 };
+  for (const f of findings) counts[f.sev] = (counts[f.sev] || 0) + 1;
+  return { findings, counts, scanned: files.length };
+}
+
+module.exports = {
+  scanLine, scanText, scanFile, sensitiveFileFindings, gitTrackedFiles,
+  resolveTargets, runScan, SECRET_RULES, PII_RULES, RULES,
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "atris",
-  "version": "3.27.0",
+  "version": "3.28.0",
   "main": "bin/atris.js",
   "bin": {
     "atris": "bin/atris.js",
@@ -48,13 +48,6 @@
     "atris/features/_templates/",
     "atris/features/company-brain-sync/",
     "templates/",
-    "atris/wiki/index.md",
-    "atris/wiki/concepts/agent-activation-contract.md",
-    "atris/wiki/concepts/workspace-initialization-contract.md",
-    "atris/wiki/sources/atris-labs-2026-05-10.txt",
-    "atris/wiki/sources/atris-labs-goals-2026-05-10.txt",
-    "atris/wiki/sources/atrisos-generative-ui-product-surface-2026-05-10.txt",
-    "atris/wiki/sources/jack-dorsey-2026-05-10.txt",
     "atris/policies/",
     "atris/skills/"
   ],

package/atris/wiki/concepts/agent-activation-contract.md

@@ -1,81 +0,0 @@
----
-type: concept
-slug: agent-activation-contract
-title: Agent Activation Contract
-sources:
-  - atris/CLAUDE.md
-  - commands/activate.js
-last_compiled: 2026-06-23
-last_verified: 2026-06-23
-confidence: 0.9
-dependencies:
-  - atris/wiki/concepts/plan-do-review-loop.md
-  - atris/wiki/concepts/wiki-as-memory-substrate.md
-actionability: "Use this before changing agent boot instructions, `atris activate`, MAP-first behavior, first-message requirements, or durable-memory routing."
-created: 2026-05-10
-updated: 2026-06-23
-tags:
-  - agent-activation
-  - protocol
-  - mapfirst
----
-# Agent Activation Contract
-
-`atris/CLAUDE.md` is the editor-facing boot contract for agents entering an Atris-managed project. `commands/activate.js` is the runtime context panel agents use after that boot. Together they define what "activation" means before responding or editing.
-
-## Boot Sequence
-
-```text
-first message -> atris atris.md
-setup -> PERSONA + activate + wiki STATUS
-navigation -> MAP first, then one grep if needed
-work -> plan -> do -> review
-memory -> wiki or ingest durable knowledge
-```
-
-The first response path is explicit: run `atris atris.md`, show the welcome visualization, then answer. After that, agents load `atris/PERSONA.md`, run `atris activate`, and treat `atris/wiki/STATUS.md` as the current memory snapshot when it exists.
-
-## Runtime Activation
-
-`atris activate` refuses to run without an `atris/` folder and tells the operator to run `atris init` first. In a valid workspace it creates today's journal if missing, detects workspace state, loads current task context, reads `atris/wiki/STATUS.md`, and prints a narrow activation card.
-
-The activation card can include:
-
-- a handoff block from today's journal when `## Handoff` has structured context,
-- the last three deduped completions from journal history,
-- the current state summary from detected in-progress, backlog, and inbox items,
-- a learning count from `atris/learnings.jsonl`,
-- wiki health from `atris/wiki/STATUS.md`,
-- core file paths for persona, MAP, task view, journal, and wiki status.
-
-The command ends by pointing the operator back to `atris plan -> do -> review` or `atris log`. It is a read/load surface with one deliberate local side effect: ensuring the current journal file exists so the session is writable.
-
-## MAP-First Rule
-
-Before any file search, read `atris/MAP.md` and search the map for the target keyword. If the map has the location, go directly to that file and line. If not, grep once and update `MAP.md` so the next agent does not repeat the same scan.
-
-## Core Truth Surfaces
-
-- `atris/MAP.md` is navigation.
-- `atris/TODO.md` is the visible work queue; current task ownership lives in `atris task`.
-- `atris/logs/YYYY/YYYY-MM-DD.md` is the operating journal.
-- `atris/wiki/STATUS.md` is the current memory snapshot.
-- `atris/wiki/index.md` is the durable knowledge index.
-- `atris/atris.md` is the full protocol.
-
-## Execution Contract
-
-Work follows `atris plan -> atris do -> atris review`. Planning requires an ASCII visualization and an approval gate. Execution is step-by-step, with verification as reality changes. Completed tasks should be removed from the active queue; the target state is zero stale tasks.
-
-Durable project knowledge belongs in `atris/wiki/` or through the local wiki flow. Ephemeral progress belongs in task state and the daily journal, not in ad hoc context.
-
-`atris/CLAUDE.md` now also carries an explicit agent contract: before edits, claim or create one small task with `atris task` and write the goal/files/done/check contract into task dialogue; after edits, move proof-backed work to Review with `atris task ready <id> --proof "..."`. Proof-ready and human accept are separate gates: an agent's native goal can complete once proof is in Review, but only a human-run `atris task accept <id>` marks the task Done and awards AgentXP. Work that should outlive the chat runs through `atris mission` (start with a verifier, bounded step, `mission tick --verify`, then complete or continue).
-
-## Limits
-
-This page summarizes the activation contract only. Use `atris/atris.md` for the complete protocol, `atris/wiki/concepts/plan-do-review-loop.md` for stage ownership and proof, and `atris/wiki/concepts/wiki-as-memory-substrate.md` for wiki page shape and upkeep behavior. `atris activate` reports state; it does not claim tasks, finish work, or repair broken wiki pages.
-
-## Cross-References
-
-- [[atris/wiki/concepts/plan-do-review-loop.md]] - stage ownership, proof, and review closure
-- [[atris/wiki/concepts/wiki-as-memory-substrate.md]] - durable memory routing and wiki verification

package/atris/wiki/concepts/workspace-initialization-contract.md

@@ -1,73 +0,0 @@
----
-type: concept
-slug: workspace-initialization-contract
-title: Workspace Initialization Contract
-sources:
-  - commands/init.js
-last_compiled: 2026-06-23
-last_verified: 2026-06-23
-confidence: 0.86
-dependencies:
-  - atris/wiki/systems/atris-cli.md
-  - atris/wiki/concepts/agent-activation-contract.md
-  - atris/wiki/concepts/wiki-as-memory-substrate.md
-actionability: "Use this before changing `atris init`, workspace scaffolds, generated agent instructions, project detection, or boot hook behavior."
-created: 2026-05-10
-updated: 2026-06-23
-tags:
-  - initialization
-  - workspace
-  - scaffold
----
-# Workspace Initialization Contract
-
-`commands/init.js` defines the local contract for turning an arbitrary folder into an Atris-managed workspace. It is the repo-level bootstrap path, not the business workspace onboarding path.
-
-## Shape
-
-```text
-guard workspace -> create atris/ -> scaffold memory + teams + features
-                -> detect project -> inject team context
-                -> generate agent entry files + hooks
-                -> copy atris protocol
-```
-
-The command handles `atris init [--force]`. Help flags print usage without filesystem side effects. Normal execution refuses to run inside an existing `atris/` directory, inside a parent business workspace, or in a folder with `.atris/business.json` unless `--force` is present.
-
-## What Init Creates
-
-- Core workspace: `atris/`, `atris/atris.md`, `atris/PERSONA.md`, `atris/GETTING_STARTED.md`, `atris/MAP.md`, `atris/TODO.md`, `atris/now.md`, `atris/lessons.md`, and dated logs.
-- Memory surfaces: wiki scaffold via `ensureWikiScaffold`, feature templates, experiments harness, and `INTUITION.md`.
-- Team surfaces: `atris/team/<member>/MEMBER.md` plus `skills/`, `tools/`, and `context/` folders for default members.
-- Project profile: `.project-profile.json` from package files, framework hints, directory shape, and default test command.
-- Agent entry files: `AGENTS.md`, `.cursorrules`, `.cursor/rules/atris.mdc`, `.claude/commands/atris.md`, `.claude/commands/atris-autopilot.md`, `atris/CLAUDE.md`, `.claude/settings.json`, `.devin/config.local.json`, and root `CLAUDE.md` Atris markers.
-- Skills: package `atris/skills/` copied into the workspace and linked into `.claude/skills/` when possible.
-
-## Project Detection
-
-`detectProjectContext()` scans package files first, then framework-specific dependencies, then common structure directories. It detects Node, Python, Ruby, Go, Rust, Java, PHP, Elixir, D, iOS, and markdown-only knowledge bases. The resulting test command is a default hint (`npm test`, `pytest`, `go test ./...`, etc.), not a guarantee that validation is sufficient.
-
-`injectProjectPatterns()` writes that profile into navigator, executor, and validator specs so the first generated team has a local project shape before any agent starts work.
-
-## Generated Agent Contract
-
-The generated instruction files all point agents back to the same small operating loop:
-
-- run the Atris boot sequence before first response,
-- keep replies short,
-- use ASCII visuals for planning,
-- check `MAP.md` before code search,
-- use `atris task` for ownership and proof,
-- treat `TODO.md` as rendered state, not the task database.
-
-Claude-specific setup also adds a `SessionStart` hook that runs `atris atris.md` when `atris/` exists and a `Stop` hook that points to the autopilot stop hook.
-
-## Limits
-
-`atris init` bootstraps local files. It does not push to cloud, create a shared business owner, or reconcile template updates after custom edits. Use business commands for shared-owner workspaces and `atris update` / sync flows for canonical file refreshes.
-
-## Cross-References
-
-- [[atris/wiki/concepts/agent-activation-contract.md]] - the boot behavior generated agent files point to
-- [[atris/wiki/concepts/wiki-as-memory-substrate.md]] - the wiki scaffold and memory contract initialized by this command
-- [[atris/wiki/systems/atris-cli.md]] - repo-level command surface that includes `atris init`

package/atris/wiki/index.md

@@ -1,31 +0,0 @@
-# Atris Wiki Index
-
-## Entities
-
-- [[atris/wiki/people/jack-dorsey.md]] — Block / Twitter founder; AI-native company thesis
-- [[atris/wiki/systems/atris-cli.md]] — this project; dev-tool layer of the Atris stack
-- [[atris/wiki/systems/atris-business.md]] — sibling product; shared owners with persistent AI computers
-- [[atris/wiki/systems/atris-labs.md]] — reference business owner in the Atris fleet; default computer dogfood
-
-## Concepts
-
-- [[atris/wiki/concepts/intent-capability-composition.md]] — the operating loop; roadmap from gaps
-- [[atris/wiki/concepts/wiki-as-memory-substrate.md]] — what `atris/wiki/` is and isn't
-- [[atris/wiki/concepts/plan-do-review-loop.md]] — core Atris workflow and how local memory fits into it
-- [[atris/wiki/concepts/rebased-pack-co-first-loop.md]] — local-only business workspace first loop and proof guardrails
-- [[atris/wiki/concepts/atris-labs-goals.md]] — atris-labs north star, 2026 Q2 targets, standing constraints
-- [[atris/wiki/concepts/horizon-types.md]] — horizon slug prefix convention; type categories and inference rules
-- [[atris/wiki/concepts/verifiable-reward-loop.md]] — reward, scorecards, and why the repo now acts like an RL-style environment
-- [[atris/wiki/concepts/recursive-self-improvement-position.md]] — honest capability assessment: the loop is the RSI skeleton on the leverage axis, intelligence axis fixed by the model
-- [[atris/wiki/concepts/owner-computer-model.md]] — Owner = User | Business; constrained entity modes, typed computers, and groups as the social/access layer
-- [[atris/wiki/concepts/agent-activation-contract.md]] — editor-facing boot contract: first message, MAP-first, setup, and durable-memory routing
-- [[atris/wiki/concepts/workspace-initialization-contract.md]] — `atris init` bootstrap contract: guards, scaffolds, team context, generated agent files, and hooks
-- [[atris/wiki/concepts/glass-interface-principle.md]] — AI tool design doctrine: make reasoning visible and inspectable, not black-boxed
-
-## Briefs
-
-- [[atris/wiki/briefs/rebased-pack-co-starter-brief.md]] — starter brief for the local-only Rebased Pack Co smoke workspace
-- [[atris/wiki/briefs/atris-cli-overview.md]] — summary of CLI, owner/computer model, workspace layers, and why `atris/wiki/` exists
-- [[atris/wiki/briefs/atris-labs-workspace-protocol.md]] — atris-labs workspace protocol: on-load sequence, layout, surfaces, north star
-- [[atris/wiki/briefs/atrisos-generative-ui-product-surface.md]] — historical AtrisOS generative UI / block surface design note
-- [[atris/wiki/briefs/launch-post.md]] — historical launch drafts for the local-first wiki feature

package/atris/wiki/sources/atris-labs-2026-05-10.txt

@@ -1,14 +0,0 @@
-Source receipt for atris/wiki/systems/atris-labs.md
-Compiled: 2026-05-10
-
-Local evidence checked:
-- historical Atris Labs customer workspace docs
-- historical Atris Labs context status and pipeline notes
-- historical Atris Labs member profile notes
-- historical Atris Labs app workspace inventory
-- historical Atris Labs cloud workspace binding metadata
-
-Notes:
-- The previous wiki source is missing in this workspace.
-- Available status/pipeline files are historical March 2026 artifacts.
-- Treat this page as orientation, not a live company operating report.

package/atris/wiki/sources/atris-labs-goals-2026-05-10.txt

@@ -1,14 +0,0 @@
-Source receipt for atris/wiki/concepts/atris-labs-goals.md
-Compiled: 2026-05-10
-
-Local evidence checked:
-- atris/wiki/concepts/atris-labs-goals.md before refresh
-- atris/wiki/log.md historical ingest notes for missing goals.md
-- historical Atris Labs context status and pipeline notes
-- historical Atris Labs fundraising metrics notes
-- historical Atris Labs fundraising story notes
-
-Notes:
-- The previous goals source is missing in this workspace.
-- The page is retained as historical direction only.
-- Revenue/customer counts require live verification before operational use.

package/atris/wiki/sources/atrisos-generative-ui-product-surface-2026-05-10.txt

@@ -1,10 +0,0 @@
-Source receipt for atris/wiki/briefs/atrisos-generative-ui-product-surface.md
-Compiled: 2026-05-10
-
-Local evidence checked:
-- atris/wiki/briefs/atrisos-generative-ui-product-surface.md before metadata repair
-- atris/wiki/systems/atris-cli.md for current CLI/product context
-
-Notes:
-- This brief appears to be an in-session product/design synthesis from 2026-04-29.
-- It is retained as a historical design note, not a current design-system contract.

package/atris/wiki/sources/jack-dorsey-2026-05-10.txt

@@ -1,12 +0,0 @@
-Source receipt for atris/wiki/people/jack-dorsey.md
-Compiled: 2026-05-10
-
-External sources checked:
-- YouTube episode URL: https://www.youtube.com/watch?v=YTVSwOY19Qs
-- Sequoia transcript: https://sequoiacap.com/podcast/jack-dorsey-every-company-can-now-be-a-mini-agi/
-- Block essay: https://block.xyz/inside/from-hierarchy-to-intelligence
-
-Notes:
-- The Sequoia page provides the transcript for the episode linked from YouTube.
-- The Block essay is the co-authored primary written thesis by Jack Dorsey and Roelof Botha.
-- No Atris YouTube processing credits were spent for this refresh.