Covers authentication (TOTP, WebAuthn, mTLS, OAuth), authorization
(RBAC, resource permissions), transport security, secrets management,
audit logging, prompt injection defense, and rate limiting.
Includes open questions and implementation checklist.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Defines the GUI-agnostic API for monitoring and controlling the organism:
- REST endpoints for queries and control
- WebSocket for real-time push events
- Data models for agents, messages, threads
- Example usage for 3D office GUI
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Documents the trust model for context and prompt management:
- Platform as trusted orchestration layer
- Context buffer: pure message history, keyed by UUID, auto-GC
- Prompt registry: immutable, invisible to agents
- LLM call assembly: platform controls, agents request
- Handler sandbox: what agents can/cannot do
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When detached, console changes prompt from '>' to '#' and rejects
@messages while still accepting /commands. Simpler than the ring
buffer approach - operator can still check status and re-attach.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Minimal, universal base for all capabilities
- Required listens_to class attribute
- Async handle() with convo_id preservation rule
- make_response() helper for thread continuity
- Explicit name, config, per-instance logger
- Clear documentation and NotImplementedError guard
This is the true substrate the entire organism will build on.
