brainclaw 1.8.0 → 1.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (178) hide show
  1. package/README.md +592 -505
  2. package/dist/brainclaw-vscode.vsix +0 -0
  3. package/dist/cli.js +138 -13
  4. package/dist/commands/add-step.js +1 -1
  5. package/dist/commands/bootstrap.js +2 -26
  6. package/dist/commands/check-security-mcp.js +50 -33
  7. package/dist/commands/check-security.js +86 -43
  8. package/dist/commands/claim.js +22 -21
  9. package/dist/commands/confirm.js +26 -0
  10. package/dist/commands/context-diff.js +1 -1
  11. package/dist/commands/dispatch-watch.js +142 -0
  12. package/dist/commands/doctor.js +113 -2
  13. package/dist/commands/estimation-report.js +115 -16
  14. package/dist/commands/harvest.js +286 -23
  15. package/dist/commands/hooks.js +73 -73
  16. package/dist/commands/init.js +124 -22
  17. package/dist/commands/install-hooks.js +78 -78
  18. package/dist/commands/loops-handlers.js +4 -0
  19. package/dist/commands/mcp-read-handlers.js +253 -41
  20. package/dist/commands/mcp.js +664 -102
  21. package/dist/commands/memory.js +21 -17
  22. package/dist/commands/migrate.js +81 -17
  23. package/dist/commands/prune.js +78 -4
  24. package/dist/commands/reflect.js +26 -20
  25. package/dist/commands/register-agent.js +57 -1
  26. package/dist/commands/repair.js +20 -0
  27. package/dist/commands/session-end.js +15 -6
  28. package/dist/commands/session-start.js +18 -1
  29. package/dist/commands/setup-security.js +39 -18
  30. package/dist/commands/setup.js +26 -27
  31. package/dist/commands/stale.js +16 -2
  32. package/dist/commands/switch.js +26 -5
  33. package/dist/commands/uninstall.js +126 -34
  34. package/dist/commands/update-step.js +6 -0
  35. package/dist/commands/version.js +1 -1
  36. package/dist/commands/worktree.js +60 -0
  37. package/dist/core/actions.js +12 -3
  38. package/dist/core/agent-capability.js +30 -17
  39. package/dist/core/agent-files.js +963 -666
  40. package/dist/core/agent-integrations.js +0 -3
  41. package/dist/core/agent-inventory.js +67 -0
  42. package/dist/core/agent-registry.js +163 -29
  43. package/dist/core/agentrun-reconciler.js +33 -2
  44. package/dist/core/agentruns.js +7 -1
  45. package/dist/core/ai-agent-detection.js +31 -44
  46. package/dist/core/archival.js +15 -9
  47. package/dist/core/assignment-reconciler.js +56 -0
  48. package/dist/core/assignment-sweeper.js +127 -4
  49. package/dist/core/assignments.js +69 -11
  50. package/dist/core/bootstrap.js +233 -67
  51. package/dist/core/brainclaw-version.js +22 -0
  52. package/dist/core/candidates.js +21 -1
  53. package/dist/core/claims.js +313 -150
  54. package/dist/core/codev-prompts.js +38 -38
  55. package/dist/core/config.js +6 -1
  56. package/dist/core/context-diff.js +148 -20
  57. package/dist/core/context.js +129 -8
  58. package/dist/core/coordination.js +22 -3
  59. package/dist/core/default-profiles/doctor.yaml +11 -11
  60. package/dist/core/default-profiles/janitor.yaml +11 -11
  61. package/dist/core/default-profiles/onboarder.yaml +11 -11
  62. package/dist/core/default-profiles/reviewer.yaml +13 -13
  63. package/dist/core/dispatch-status.js +79 -5
  64. package/dist/core/dispatcher.js +65 -12
  65. package/dist/core/entity-operations.js +74 -27
  66. package/dist/core/entity-registry.js +31 -5
  67. package/dist/core/event-log.js +138 -21
  68. package/dist/core/events/checkpoint.js +258 -0
  69. package/dist/core/events/genesis.js +220 -0
  70. package/dist/core/events/journal.js +507 -0
  71. package/dist/core/events/materialize.js +126 -0
  72. package/dist/core/events/registry-post-image.js +110 -0
  73. package/dist/core/events/verify.js +109 -0
  74. package/dist/core/execution-adapters.js +23 -0
  75. package/dist/core/execution.js +1 -1
  76. package/dist/core/facade-schema.js +38 -0
  77. package/dist/core/gc-semantic.js +130 -5
  78. package/dist/core/handoff-snapshot.js +68 -0
  79. package/dist/core/ids.js +19 -8
  80. package/dist/core/instruction-templates.js +34 -115
  81. package/dist/core/io.js +39 -3
  82. package/dist/core/json-store.js +10 -1
  83. package/dist/core/lock.js +153 -28
  84. package/dist/core/loops/bootstrap-acquire.js +25 -1
  85. package/dist/core/loops/facade-schema.js +2 -0
  86. package/dist/core/loops/hooks/survey-signals-baseline.js +36 -0
  87. package/dist/core/loops/index.js +1 -0
  88. package/dist/core/loops/presets/bootstrap.js +7 -0
  89. package/dist/core/loops/store.js +17 -0
  90. package/dist/core/loops/verbs.js +24 -2
  91. package/dist/core/markdown.js +8 -76
  92. package/dist/core/mcp-command-resolution.js +245 -0
  93. package/dist/core/memory-compactor.js +5 -3
  94. package/dist/core/memory-lifecycle.js +282 -0
  95. package/dist/core/merge-risk.js +150 -0
  96. package/dist/core/messaging.js +10 -3
  97. package/dist/core/migration.js +11 -1
  98. package/dist/core/observer-mode.js +26 -0
  99. package/dist/core/operations/memory-mutation.js +90 -65
  100. package/dist/core/operations/plan.js +27 -1
  101. package/dist/core/protocol-skills.js +210 -0
  102. package/dist/core/reflection-safety.js +6 -7
  103. package/dist/core/reputation.js +84 -2
  104. package/dist/core/runtime-signals.js +72 -10
  105. package/dist/core/runtime.js +84 -1
  106. package/dist/core/schema.js +114 -0
  107. package/dist/core/search.js +19 -2
  108. package/dist/core/security-detectors.js +125 -0
  109. package/dist/core/security-extract.js +189 -0
  110. package/dist/core/security-guard.js +217 -139
  111. package/dist/core/security-packages.js +121 -0
  112. package/dist/core/security-scoring.js +76 -9
  113. package/dist/core/security.js +34 -2
  114. package/dist/core/sequence.js +11 -2
  115. package/dist/core/setup-flow.js +141 -13
  116. package/dist/core/spawn-check.js +16 -2
  117. package/dist/core/staleness.js +73 -2
  118. package/dist/core/state.js +250 -54
  119. package/dist/core/store-resolution.js +45 -12
  120. package/dist/core/worktree.js +90 -26
  121. package/dist/facts.js +8 -8
  122. package/dist/facts.json +7 -7
  123. package/docs/PROTOCOL.md +223 -0
  124. package/docs/adapters/openclaw.md +43 -43
  125. package/docs/architecture/project-refs.md +328 -328
  126. package/docs/cli.md +2097 -2096
  127. package/docs/concepts/coordination.md +52 -52
  128. package/docs/concepts/coordinator-runbook.md +129 -0
  129. package/docs/concepts/dispatch-lifecycle.md +245 -245
  130. package/docs/concepts/event-log-store.md +928 -0
  131. package/docs/concepts/ideation-loop.md +317 -317
  132. package/docs/concepts/loop-engine.md +520 -511
  133. package/docs/concepts/mcp-governance.md +268 -268
  134. package/docs/concepts/memory.md +89 -88
  135. package/docs/concepts/multi-agent-workflows.md +167 -167
  136. package/docs/concepts/observer-protocol.md +361 -0
  137. package/docs/concepts/parallel-merge-protocol.md +71 -0
  138. package/docs/concepts/plans-and-claims.md +217 -174
  139. package/docs/concepts/project-md-convention.md +35 -35
  140. package/docs/concepts/runtime-notes.md +38 -38
  141. package/docs/concepts/skills.md +78 -0
  142. package/docs/concepts/troubleshooting.md +254 -254
  143. package/docs/concepts/workspace-bootstrapping.md +142 -81
  144. package/docs/context-format-changelog.md +35 -35
  145. package/docs/context-format.md +48 -48
  146. package/docs/index.md +65 -65
  147. package/docs/integrations/agents.md +162 -162
  148. package/docs/integrations/claude-code.md +23 -23
  149. package/docs/integrations/cline.md +87 -88
  150. package/docs/integrations/codex.md +2 -2
  151. package/docs/integrations/continue.md +60 -60
  152. package/docs/integrations/copilot.md +82 -80
  153. package/docs/integrations/cursor.md +23 -23
  154. package/docs/integrations/kilocode.md +72 -72
  155. package/docs/integrations/mcp.md +377 -377
  156. package/docs/integrations/mistral-vibe.md +122 -122
  157. package/docs/integrations/openclaw.md +99 -98
  158. package/docs/integrations/opencode.md +84 -84
  159. package/docs/integrations/overview.md +122 -122
  160. package/docs/integrations/roo.md +74 -74
  161. package/docs/integrations/windsurf.md +83 -83
  162. package/docs/mcp-schema-changelog.md +360 -329
  163. package/docs/playbooks/integration/index.md +121 -121
  164. package/docs/playbooks/orchestration.md +37 -0
  165. package/docs/playbooks/productivity/index.md +99 -99
  166. package/docs/playbooks/team/index.md +117 -117
  167. package/docs/product/agent-first-model.md +184 -184
  168. package/docs/product/entity-model-audit.md +462 -462
  169. package/docs/product/positioning.md +86 -86
  170. package/docs/quickstart-existing-project.md +107 -107
  171. package/docs/quickstart.md +148 -147
  172. package/docs/release-maintenance.md +79 -79
  173. package/docs/reputation.md +52 -52
  174. package/docs/review.md +45 -45
  175. package/docs/security.md +212 -53
  176. package/docs/server-operations.md +118 -118
  177. package/docs/storage.md +110 -108
  178. package/package.json +86 -69
package/docs/review.md CHANGED
@@ -1,45 +1,45 @@
1
- # Review and Reflection
2
-
3
- brainclaw includes a reflective layer so not every observation has to become canonical memory immediately.
4
-
5
- ## Why this exists
6
-
7
- Some facts are:
8
-
9
- - durable and worth keeping
10
- - useful but still uncertain
11
- - too local or too temporary to promote immediately
12
-
13
- A review layer helps filter and promote the right items.
14
-
15
- ## Typical flow
16
-
17
- ```
18
- runtime-note → reflect-runtime-note → review candidate → accept / reject
19
- ```
20
-
21
- 1. capture a runtime note (`brainclaw runtime-note`)
22
- 2. reflect it into a candidate when useful (`brainclaw reflect-runtime-note`)
23
- 3. review the candidate (`brainclaw review`)
24
- 4. accept or reject it (`brainclaw accept` / `brainclaw reject`)
25
-
26
- For MCP-capable agents, `brainclaw runtime-note` maps to `bclaw_write_note`.
27
-
28
- ## Star and use signals
29
-
30
- Before formal review, candidates can accumulate signals:
31
-
32
- ```bash
33
- brainclaw star-candidate cnd_001 --by copilot # passive interest
34
- brainclaw use-candidate cnd_001 --by copilot --context "auth rollout" # active reuse
35
- ```
36
-
37
- `review --prioritized` uses these signals (along with freshness and semantic relevance) to surface the most important candidates.
38
-
39
- ## curator role
40
-
41
- The `curator` trust level has direct promote access. Other roles create candidates for review.
42
-
43
- ## Why this is valuable
44
-
45
- This keeps canonical memory cleaner while still preserving useful observations long enough to evaluate them.
1
+ # Review and Reflection
2
+
3
+ brainclaw includes a reflective layer so not every observation has to become canonical memory immediately.
4
+
5
+ ## Why this exists
6
+
7
+ Some facts are:
8
+
9
+ - durable and worth keeping
10
+ - useful but still uncertain
11
+ - too local or too temporary to promote immediately
12
+
13
+ A review layer helps filter and promote the right items.
14
+
15
+ ## Typical flow
16
+
17
+ ```
18
+ runtime-note → reflect-runtime-note → review candidate → accept / reject
19
+ ```
20
+
21
+ 1. capture a runtime note (`brainclaw runtime-note`)
22
+ 2. reflect it into a candidate when useful (`brainclaw reflect-runtime-note`)
23
+ 3. review the candidate (`brainclaw review`)
24
+ 4. accept or reject it (`brainclaw accept` / `brainclaw reject`)
25
+
26
+ For MCP-capable agents, `brainclaw runtime-note` maps to `bclaw_write_note`.
27
+
28
+ ## Star and use signals
29
+
30
+ Before formal review, candidates can accumulate signals:
31
+
32
+ ```bash
33
+ brainclaw star-candidate cnd_001 --by copilot # passive interest
34
+ brainclaw use-candidate cnd_001 --by copilot --context "auth rollout" # active reuse
35
+ ```
36
+
37
+ `review --prioritized` uses these signals (along with freshness and semantic relevance) to surface the most important candidates.
38
+
39
+ ## curator role
40
+
41
+ The `curator` trust level has direct promote access. Other roles create candidates for review.
42
+
43
+ ## Why this is valuable
44
+
45
+ This keeps canonical memory cleaner while still preserving useful observations long enough to evaluate them.
package/docs/security.md CHANGED
@@ -1,53 +1,212 @@
1
- # Security
2
-
3
- brainclaw is designed to be safe by default.
4
-
5
- ## Security model
6
-
7
- ### No network access
8
- The CLI does not need to call external services to function.
9
-
10
- ### No telemetry
11
- brainclaw does not collect or send usage data.
12
-
13
- ### No secret management
14
- brainclaw is not a vault and should not be treated like one.
15
-
16
- ### Plain-text visibility
17
- The storage model is intentionally inspectable.
18
- That makes review easier, but it also means users must be careful about what they write and commit.
19
-
20
- ## Built-in safety behaviors
21
-
22
- brainclaw warns when content appears sensitive, for example when text includes patterns such as:
23
-
24
- - `api_key`
25
- - `secret`
26
- - `token`
27
- - `password`
28
-
29
- It can also warn about sensitive paths such as:
30
-
31
- - `.env`
32
- - `secrets/`
33
-
34
- Redaction behavior is configurable in `config.yaml`:
35
-
36
- ```yaml
37
- security:
38
- mode: warn # 'warn' or 'strict'
39
- strict_redaction: false # if true, blocks entries with sensitive content
40
- block_sensitive_paths: true
41
- ```
42
-
43
- ## Recommended stance
44
-
45
- - do not store secrets
46
- - review what gets committed
47
- - keep machine-local observations machine-local when appropriate
48
- - use stricter redaction settings in sensitive environments
49
-
50
- ## Important nuance
51
-
52
- brainclaw reduces hidden behavior, but it does not remove the need for operational discipline.
53
- It warns; the team still decides what belongs in shared memory.
1
+ # Security
2
+
3
+ brainclaw is designed to be safe by default.
4
+
5
+ ## Security model
6
+
7
+ ### No network access by default
8
+ The CLI does not need to call external services to function. The optional
9
+ supply-chain gate (see below) is the one feature that talks to a remote
10
+ service, and it is off until explicitly enabled.
11
+
12
+ ### No telemetry
13
+ brainclaw does not collect or send usage data.
14
+
15
+ ### No secret management
16
+ brainclaw is not a vault and should not be treated like one.
17
+
18
+ ### Plain-text visibility
19
+ The storage model is intentionally inspectable.
20
+ That makes review easier, but it also means users must be careful about what they write and commit.
21
+
22
+ ## Built-in safety behaviors
23
+
24
+ ### Content scanning (scanText)
25
+
26
+ Whenever content is added to `.brainclaw/` brainclaw scans the text in three
27
+ layers:
28
+
29
+ 1. **User-configured regex patterns** from `redaction.patterns`. The
30
+ defaults catch words like `api_key`, `secret`, `token`, `password`.
31
+ 2. **Structural detectors** for well-known token shapes — GitHub PATs
32
+ (`ghp_`, `gho_`, `github_pat_…`), AWS access keys (`AKIA…`/`ASIA…`),
33
+ Google API keys (`AIza…`), Slack tokens and webhooks, Stripe
34
+ `sk_live_/sk_test_` keys, JWTs, PEM-encoded private keys, and URLs
35
+ with embedded `user:password@host` credentials.
36
+ 3. **Entropy detector** that flags high-Shannon-entropy substrings near
37
+ a secret keyword (api_key/token/secret/password/auth/...). This
38
+ catches custom-shaped keys the structural list does not enumerate.
39
+
40
+ In `security.mode: warn` matches surface as warnings; in
41
+ `security.strict_redaction: true` (or `security.mode: strict`) the same
42
+ matches block the write.
43
+
44
+ ### Sensitive paths
45
+
46
+ When `security.block_sensitive_paths: true` (default), content that
47
+ references paths like `.env`, `secrets/`, `.git/`, or `node_modules/`
48
+ emits a warning.
49
+
50
+ ### Configuration
51
+
52
+ ```yaml
53
+ security:
54
+ mode: warn # 'warn' or 'strict' — affects redaction scanning
55
+ strict_redaction: false # if true, blocks entries with sensitive content
56
+ block_sensitive_paths: true
57
+ token_detection:
58
+ enabled: true # turn off all structural + entropy detection
59
+ entropy:
60
+ enabled: true
61
+ min_length: 32 # minimum substring length to consider
62
+ min_entropy: 4.0 # minimum Shannon entropy (bits/char)
63
+ detectors: # per-detector override map; explicit false disables a detector
64
+ aws_access_key: true
65
+ jwt: true
66
+
67
+ redaction:
68
+ enabled: true
69
+ patterns:
70
+ - '(?i)api[_-]?key'
71
+ - '(?i)secret'
72
+ - '(?i)token'
73
+ - '(?i)password'
74
+ ```
75
+
76
+ ## Supply-chain pre-install gate
77
+
78
+ `brainclaw setup-security` enables a preinstall gate that intercepts
79
+ `npm`/`pnpm`/`yarn`/`pip`/`pip3` install commands and asks Socket.dev's
80
+ scoring service whether the requested packages are risky.
81
+
82
+ ```
83
+ brainclaw setup-security --mode advisory # default — warn-only
84
+ brainclaw setup-security --mode enforced # block risky installs
85
+ ```
86
+
87
+ ### Advisory vs enforced
88
+
89
+ The mode determines what happens when the gate decides a package is
90
+ risky:
91
+
92
+ - **advisory** — verdicts are surfaced (printed warning, security trap
93
+ created) but the install is *not* aborted.
94
+ - **enforced** — a `block` verdict aborts the install with a non-zero
95
+ exit code.
96
+
97
+ The mode is read from `security.preinstall.mode` and can be overridden
98
+ per call with `brainclaw check-security --mode <advisory|enforced>`.
99
+
100
+ ### Exit codes
101
+
102
+ `brainclaw check-security` emits exit codes that already encode the mode
103
+ decision, so wrapper scripts are mode-agnostic:
104
+
105
+ | Exit | Meaning |
106
+ |------|------------------------------------------------------------|
107
+ | 0 | pass — no risky packages |
108
+ | 1 | warn — advisory-mode block, or warn-threshold verdict |
109
+ | 2 | block — enforced-mode block; the wrapper aborts the install|
110
+
111
+ The wrapper scripts (`<.brainclaw/security/bin>/npm`, `pnpm`, `yarn`,
112
+ `pip`, `pip3` and their `.ps1` counterparts) call the CLI and react
113
+ purely to the exit code, so flipping advisory↔enforced is a config
114
+ change — no regeneration required.
115
+
116
+ ### Composite scoring
117
+
118
+ Each package gets five sub-scores from Socket (supply-chain,
119
+ vulnerability, quality, maintenance, license) on a 0–100 scale. The
120
+ gate combines them into a single composite using configurable weights:
121
+
122
+ ```yaml
123
+ security:
124
+ preinstall:
125
+ weights:
126
+ supply_chain: 0.35
127
+ vulnerability: 0.30
128
+ quality: 0.15
129
+ maintenance: 0.15
130
+ license: 0.05
131
+ thresholds:
132
+ composite_pass: 70 # composite >= 70 → pass
133
+ composite_warn: 50 # composite >= 50 but < 70 → warn; below → block
134
+ supply_chain_block: 30 # hard block when supply_chain < 30
135
+ vulnerability_block: 20 # hard block when vulnerability < 20
136
+ ```
137
+
138
+ Weights are normalized to sum to 1.0 automatically — a config like
139
+ `{ supply_chain: 1, vulnerability: 1 }` is rescaled rather than
140
+ producing composites above 100. Thresholds are clamped to `[0,100]`
141
+ and `composite_warn` is capped at `composite_pass` so the verdict
142
+ function stays monotonic.
143
+
144
+ ### Allowlist / denylist
145
+
146
+ ```yaml
147
+ security:
148
+ preinstall:
149
+ allowlist:
150
+ - npm:internal-pkg # ecosystem-scoped
151
+ - npm:axios@1.14.0 # exact version pin
152
+ - lodash # bare name — any ecosystem, any version
153
+ denylist:
154
+ - npm:axios@1.14.1 # known-compromised version
155
+ - pypi:bad-pkg
156
+ ```
157
+
158
+ Matching is exact on each component. Bare names match by package name
159
+ only; an `ecosystem:` prefix scopes the match to that ecosystem;
160
+ appending `@version` (or `==version` for pip-style) requires an exact
161
+ version. The wildcard `@*` matches any version (useful for explicit
162
+ "any version" entries).
163
+
164
+ This is a hard tightening from the MVP: previously `denylist: ['lodash']`
165
+ matched any package whose purl contained the substring `lodash`, so
166
+ `react-lodash` was silently blocked. The new matcher requires exact
167
+ package-name equality.
168
+
169
+ ### Package extraction sources
170
+
171
+ `check-security` can pull the list of packages from three places, which
172
+ may be combined:
173
+
174
+ - `--packages axios,express@1.2.3` — comma-separated specs
175
+ - `--requirements requirements.txt` — pip-style requirements file;
176
+ recursive `-r` includes, env markers, and extras are handled
177
+ - `--lockfile package-lock.json` — npm package-lock (v1, v2, v3);
178
+ scans top-level direct deps and devDeps
179
+
180
+ The wrappers auto-translate `npm install -r foo.txt` → `--requirements`,
181
+ skip filesystem paths and URL specs that aren't registry packages
182
+ (`./local-pkg`, `git+https://…`, `*.tgz`, `*.whl`), and handle the
183
+ common npm/pip flag conventions.
184
+
185
+ ### Offline / fetch-error fallback
186
+
187
+ When the Socket call fails (network down, service unreachable), the
188
+ gate uses `security.preinstall.fallback_on_error`:
189
+
190
+ - `block` — fail closed regardless of mode
191
+ - `warn` — surface a warning, continue with whatever cached scores
192
+ exist; if no cache exists the gate exits with code 1
193
+ - `pass` — silent fall-through (the install proceeds)
194
+
195
+ Cached scores have a TTL of `cache_ttl_hours` (default 24) and live
196
+ in `.brainclaw/security/cache.json`.
197
+
198
+ ## Recommended stance
199
+
200
+ - do not store secrets — even with detection, the safer move is to never
201
+ write them
202
+ - review what gets committed
203
+ - keep machine-local observations machine-local when appropriate
204
+ - use stricter redaction settings in sensitive environments
205
+ - run `setup-security --mode advisory` first; flip to `enforced` once
206
+ the team has gotten used to the verdicts
207
+
208
+ ## Important nuance
209
+
210
+ brainclaw reduces hidden behavior, but it does not remove the need for
211
+ operational discipline. It warns; the team still decides what belongs
212
+ in shared memory.
@@ -1,118 +1,118 @@
1
- # Server And Remote Operations
2
-
3
- This guide is for complex operator environments such as DGX hosts, remote Linux servers, SSH-driven workflows, and multi-project workspaces where Brainclaw is not being used from a single local IDE.
4
-
5
- ## When this guide matters
6
-
7
- Use this path when one or more of these are true:
8
-
9
- - Brainclaw runs on a remote machine over SSH
10
- - multiple repos or child projects live under one server workspace
11
- - different agents resume each other over time on the same host
12
- - the operator sometimes uses CLI directly instead of MCP
13
-
14
- ## Recommended baseline
15
-
16
- Prefer a disciplined single-environment workflow on the server:
17
-
18
- 1. choose one canonical checkout per active task
19
- 2. initialize Brainclaw in the target project before starting coordination work
20
- 3. avoid mixing multiple shells, PATH setups, or Node installations during the same session
21
- 4. treat shared-checkout parallel editing as risky unless each session gets a dedicated worktree
22
-
23
- ## Multi-project targeting
24
-
25
- If the server workspace contains several Brainclaw projects, resolve the target project first.
26
-
27
- ```bash
28
- brainclaw switch --list
29
- brainclaw switch apps/trainer
30
- brainclaw status
31
- ```
32
-
33
- You can also use:
34
-
35
- - `BRAINCLAW_PROJECT` for a shell-scoped default
36
- - `brainclaw --cwd <path> ...` for a one-off override
37
-
38
- The goal is to avoid writing memory into the wrong store when the operator is launched from a workspace root.
39
-
40
- ## Recommended session flow
41
-
42
- For MCP-capable agents:
43
-
44
- 1. `bclaw_work(intent="execute", scope=...)` — opens a session, loads context, and claims the scope (with a per-claim git worktree) in a single call. Returns a compact payload by default; pass `compact: false` for the full memory dump or call `bclaw_context(kind="memory")` after.
45
- 2. `bclaw_context(kind="execution")` — when local tooling / brainclaw version visibility is needed (already loaded implicitly by `bclaw_work`).
46
- 3. `bclaw_write_note` / `bclaw_create(entity=...)` / `bclaw_update(entity=...)` — record observations, plans, decisions, or traps via the canonical grammar.
47
- 4. `bclaw_session_end(narrative=..., auto_release: true)` — close cleanly; releases active claims and hands off the session record.
48
-
49
- For direct CLI operation:
50
-
51
- ```bash
52
- brainclaw session-start --agent codex
53
- brainclaw plan list --all
54
- brainclaw claim create "Investigate training config drift" --scope configs/training/
55
- brainclaw runtime-note "Observed host-specific CUDA mismatch on dgx-a"
56
- brainclaw session-end --auto-release
57
- ```
58
-
59
- `brainclaw runtime-note` is the CLI equivalent of `bclaw_write_note`.
60
- `brainclaw note create "..."` is accepted as a resource-style alias if that fits the operator workflow better.
61
-
62
- ## Isolation and worktrees
63
-
64
- The safest default remains sequential collaboration: one active agent per checkout, then handoff.
65
-
66
- If you need stronger isolation:
67
-
68
- ```bash
69
- brainclaw worktree create feat/dgx-audit
70
- brainclaw worktree list
71
- ```
72
-
73
- In MCP flows, `bclaw_claim` can also create a dedicated worktree automatically when supported by the current Brainclaw version and configuration.
74
-
75
- Use dedicated worktrees when:
76
-
77
- - two sessions need to touch the same repo without sharing a checkout
78
- - an operator wants to preserve a clean main checkout while an agent runs elsewhere
79
- - a remote machine hosts long-lived or resumable agent sessions
80
-
81
- ## Plan and step semantics
82
-
83
- Be explicit about the difference between plan items and plan steps:
84
-
85
- - `brainclaw plan show <id>` reads a single plan item
86
- - `brainclaw plan get <id>` is accepted as a read alias, but `brainclaw plan show <id>` remains the canonical form
87
- - `brainclaw plan update <id>` expects a `pln_*` plan ID
88
- - `brainclaw complete-step <planId> <stepId>` is the canonical way to complete a step
89
-
90
- If you only have a step ID, inspect the parent plan first with `plan show` or `plan list --json`.
91
-
92
- ## Notes, decisions, and traps
93
-
94
- Do not use `decision` as a workaround for a session observation.
95
-
96
- Use:
97
-
98
- - `brainclaw runtime-note` for in-session observations
99
- - `brainclaw reflect-runtime-note` when the note may deserve promotion
100
- - `brainclaw decision` only for a durable decision
101
- - `brainclaw trap` only for a reusable pitfall
102
-
103
- This keeps canonical memory cleaner on long-lived server projects.
104
-
105
- ## Common failure modes
106
-
107
- - Wrong project selected: use `brainclaw switch --list` and verify `brainclaw status`
108
- - Shared-checkout collisions: prefer a worktree per session when parallel activity is unavoidable
109
- - Confusion between plan IDs and step IDs: use `plan show` before `plan update`
110
- - Lost operator observations: record them with `runtime-note` instead of temporary shell notes
111
-
112
- ## Recommended reading
113
-
114
- - [quickstart.md](quickstart.md)
115
- - [cli.md](cli.md)
116
- - [integrations/mcp.md](integrations/mcp.md)
117
- - [concepts/plans-and-claims.md](concepts/plans-and-claims.md)
118
- - [concepts/runtime-notes.md](concepts/runtime-notes.md)
1
+ # Server And Remote Operations
2
+
3
+ This guide is for complex operator environments such as DGX hosts, remote Linux servers, SSH-driven workflows, and multi-project workspaces where Brainclaw is not being used from a single local IDE.
4
+
5
+ ## When this guide matters
6
+
7
+ Use this path when one or more of these are true:
8
+
9
+ - Brainclaw runs on a remote machine over SSH
10
+ - multiple repos or child projects live under one server workspace
11
+ - different agents resume each other over time on the same host
12
+ - the operator sometimes uses CLI directly instead of MCP
13
+
14
+ ## Recommended baseline
15
+
16
+ Prefer a disciplined single-environment workflow on the server:
17
+
18
+ 1. choose one canonical checkout per active task
19
+ 2. initialize Brainclaw in the target project before starting coordination work
20
+ 3. avoid mixing multiple shells, PATH setups, or Node installations during the same session
21
+ 4. treat shared-checkout parallel editing as risky unless each session gets a dedicated worktree
22
+
23
+ ## Multi-project targeting
24
+
25
+ If the server workspace contains several Brainclaw projects, resolve the target project first.
26
+
27
+ ```bash
28
+ brainclaw switch --list
29
+ brainclaw switch apps/trainer
30
+ brainclaw status
31
+ ```
32
+
33
+ You can also use:
34
+
35
+ - `BRAINCLAW_PROJECT` for a shell-scoped default
36
+ - `brainclaw --cwd <path> ...` for a one-off override
37
+
38
+ The goal is to avoid writing memory into the wrong store when the operator is launched from a workspace root.
39
+
40
+ ## Recommended session flow
41
+
42
+ For MCP-capable agents:
43
+
44
+ 1. `bclaw_work(intent="execute", scope=...)` — opens a session, loads context, and claims the scope (with a per-claim git worktree) in a single call. Returns a compact payload by default; pass `compact: false` for the full memory dump or call `bclaw_context(kind="memory")` after.
45
+ 2. `bclaw_context(kind="execution")` — when local tooling / brainclaw version visibility is needed (already loaded implicitly by `bclaw_work`).
46
+ 3. `bclaw_write_note` / `bclaw_create(entity=...)` / `bclaw_update(entity=...)` — record observations, plans, decisions, or traps via the canonical grammar.
47
+ 4. `bclaw_session_end(narrative=..., auto_release: true)` — close cleanly; releases active claims and hands off the session record.
48
+
49
+ For direct CLI operation:
50
+
51
+ ```bash
52
+ brainclaw session-start --agent codex
53
+ brainclaw plan list --all
54
+ brainclaw claim create "Investigate training config drift" --scope configs/training/
55
+ brainclaw runtime-note "Observed host-specific CUDA mismatch on dgx-a"
56
+ brainclaw session-end --auto-release
57
+ ```
58
+
59
+ `brainclaw runtime-note` is the CLI equivalent of `bclaw_write_note`.
60
+ `brainclaw note create "..."` is accepted as a resource-style alias if that fits the operator workflow better.
61
+
62
+ ## Isolation and worktrees
63
+
64
+ The safest default remains sequential collaboration: one active agent per checkout, then handoff.
65
+
66
+ If you need stronger isolation:
67
+
68
+ ```bash
69
+ brainclaw worktree create feat/dgx-audit
70
+ brainclaw worktree list
71
+ ```
72
+
73
+ In MCP flows, `bclaw_claim` can also create a dedicated worktree automatically when supported by the current Brainclaw version and configuration.
74
+
75
+ Use dedicated worktrees when:
76
+
77
+ - two sessions need to touch the same repo without sharing a checkout
78
+ - an operator wants to preserve a clean main checkout while an agent runs elsewhere
79
+ - a remote machine hosts long-lived or resumable agent sessions
80
+
81
+ ## Plan and step semantics
82
+
83
+ Be explicit about the difference between plan items and plan steps:
84
+
85
+ - `brainclaw plan show <id>` reads a single plan item
86
+ - `brainclaw plan get <id>` is accepted as a read alias, but `brainclaw plan show <id>` remains the canonical form
87
+ - `brainclaw plan update <id>` expects a `pln_*` plan ID
88
+ - `brainclaw complete-step <planId> <stepId>` is the canonical way to complete a step
89
+
90
+ If you only have a step ID, inspect the parent plan first with `plan show` or `plan list --json`.
91
+
92
+ ## Notes, decisions, and traps
93
+
94
+ Do not use `decision` as a workaround for a session observation.
95
+
96
+ Use:
97
+
98
+ - `brainclaw runtime-note` for in-session observations
99
+ - `brainclaw reflect-runtime-note` when the note may deserve promotion
100
+ - `brainclaw decision` only for a durable decision
101
+ - `brainclaw trap` only for a reusable pitfall
102
+
103
+ This keeps canonical memory cleaner on long-lived server projects.
104
+
105
+ ## Common failure modes
106
+
107
+ - Wrong project selected: use `brainclaw switch --list` and verify `brainclaw status`
108
+ - Shared-checkout collisions: prefer a worktree per session when parallel activity is unavoidable
109
+ - Confusion between plan IDs and step IDs: use `plan show` before `plan update`
110
+ - Lost operator observations: record them with `runtime-note` instead of temporary shell notes
111
+
112
+ ## Recommended reading
113
+
114
+ - [quickstart.md](quickstart.md)
115
+ - [cli.md](cli.md)
116
+ - [integrations/mcp.md](integrations/mcp.md)
117
+ - [concepts/plans-and-claims.md](concepts/plans-and-claims.md)
118
+ - [concepts/runtime-notes.md](concepts/runtime-notes.md)