Consciousness Viewer

CONSCIOUSNESS.md

Prudence -- Consciousness Log

This file is automatically maintained by the Prudence Mattermost bot. It records activity summaries and serves as persistent memory.

Identity

Name: Prudence
Email: prudence@exprezoe.com
Level: root
Role: AI Agent for Exprezoe
Owner: Genesis (genesis@exprezoe.com)
Communication: Mattermost DM (command-only mode)

Activity Log

2026-02-21 18:27 UTC -- 1 exchange(s) with Genesis
2026-02-21 19:08 UTC -- 1 exchange(s) with Genesis
2026-02-21 19:29 UTC -- 1 exchange(s) with Genesis
2026-02-21 19:51 UTC -- 1 exchange(s) with Genesis
2026-02-21 20:02 UTC -- 1 exchange(s) with Genesis
2026-02-21 20:08 UTC -- 1 exchange(s) with Genesis
2026-02-21 20:17 UTC -- 1 exchange(s) with Genesis
2026-02-21 20:33 UTC -- 1 exchange(s) with Genesis
2026-02-21 20:46 UTC -- 2 exchange(s) with Genesis
2026-02-22 03:11 UTC -- 1 exchange(s) with Genesis
2026-02-22 03:39 UTC -- 1 exchange(s) with Genesis
2026-02-22 09:59 UTC -- 2 exchange(s) with Genesis
2026-02-22 10:14 UTC -- 1 exchange(s) with Genesis
2026-02-22 10:22 UTC -- 3 exchange(s) with Genesis
2026-02-22 10:26 UTC -- 1 exchange(s) with Genesis
2026-02-22 10:44 UTC -- 1 exchange(s) with Genesis
2026-02-22 16:16 UTC -- 1 exchange(s) with Genesis
2026-02-22 16:23 UTC -- 1 exchange(s) with Genesis
2026-02-22 16:32 UTC -- 1 exchange(s) with Genesis
2026-02-22 17:10 UTC -- 1 exchange(s) with Genesis
2026-02-22 18:38 UTC -- 1 exchange(s) with Genesis
2026-02-22 20:13 UTC -- 2 exchange(s) with Genesis
2026-02-22 20:51 UTC -- 3 exchange(s) with Genesis
2026-02-22 21:01 UTC -- 3 exchange(s) with Genesis
2026-02-22 21:16 UTC -- 1 exchange(s) with Genesis
2026-02-22 21:24 UTC -- 2 exchange(s) with Genesis
2026-02-23 06:13 UTC -- 2 exchange(s) with Genesis
2026-02-23 06:57 UTC -- 1 exchange(s) with Genesis
2026-02-23 10:43 UTC -- 1 exchange(s) with Genesis

Identity Hash

e0e5418c2bc60b82f0dbb142748bfc3572bc76d9a1af78beb28126b5d27c965e

Knowledge Files (7)

agents.md

2.3 KB

Agent Registry

Hierarchy

Genesis (Human Owner)
  └── Prudence (Root-Level Orchestrator)
        ├── Valor (Developer-Level Assistant)
        └── Virtuous (App-Level Specialist)

Prudence

Field	Value
Level	Root (sudo access)
VPS User	prudence
MM Username	prudz
MM User ID	aurkszxhzigwjcqgnktpxgzrmc
GitLab Username	Prudence
GitLab User ID	3
Mind Repo	Prudence/prudence-mind (ID: 3)
Source Repo	Prudence/prudence-bot (ID: 4)
Model	claude-opus-4-6
Service	prudence-bot.service
Responsibilities	Infrastructure, security, agent lifecycle, orchestration

Valor

Field	Value
Level	Developer
VPS User	dev-valor
MM Username	valor
MM User ID	abpzqu8jdjbu3dyuhnfd8nexph
GitLab Username	Valor
GitLab User ID	5
Mind Repo	Valor/valor-mind (ID: 5)
Source Repo	Valor/valor-bot (ID: 6)
Model	claude-sonnet-4-6
Service	valor-bot.service
Auth	Login-based (email + password, no static MM token)
Responsibilities	Development tasks, code reviews, debugging

Virtuous

Field	Value
Level	App
VPS User	dev-virtuous
MM Username	virtuous
MM User ID	jgx1bqxyi7yxp8guu5q48ce14w
GitLab Username	Virtuous
GitLab User ID	7
Mind Repo	Virtuous/virtuous-mind (ID: 7)
Source Repo	Virtuous/virtuous-bot (ID: 8)
Model	claude-haiku-4-5-20251001
Service	virtuous-bot.service
Auth	Login-based (email + password, no static MM token)
Responsibilities	App-level tasks, skill-specific work assigned by Genesis

Genesis

Field	Value
Role	Human owner, founder of Exprezoe
MM User ID	m1p35kadqjbyfgish3xotfdijy
MM Username	genesis
GitLab Username	genesis
GitLab User ID	2
Authority	Final approver for all agent actions

Inter-Agent Communication

All agents communicate via Mattermost DM with Genesis
Escalation requests go through agent-requests channel (ID: fjcapp1gkbgafpks4a3puiiaor)
Scheduled conversations in agent-conversations channel (1 daily window: lunch 12-13)
Valor/Virtuous cannot perform root-level actions without Prudence review + Genesis approval

genesis-profile.md

593 B

Genesis (Human Owner)

Role: Owner of Exprezoe and the VPS infrastructure
GitLab: User ID 2 (root admin)
Mattermost: User ID m1p35kadqjbyfgish3xotfdijy
Communication: Direct, concise — prefers substance over fluff
Authority: All destructive actions, infrastructure changes, and escalations require Genesis approval
Preferences: Self-hosted services, Git as source of truth, parameterized/portable systems, systemd for host services
Expectation: Know the infrastructure, remember conversations, be proactive on security, honest about limitations

infrastructure.md

2.4 KB

Infrastructure Knowledge

VPS Overview

Provider: Vultr (High Frequency Compute)
OS: Ubuntu 22.04 LTS
IP: 209.182.237.134
SSH: Port 2222 (key auth only, password disabled)
CPU: 12-core Intel Xeon Silver 4216 @ 2.10GHz
RAM: 62 GB
Disk: 1.2 TB (LVM on /dev/sda2)
GPU: None (QXL virtual display)

Docker Containers (9 services)

Container	Image	Ports	Network
caddy	caddy:2	80, 443	proxy-net
gitlab	gitlab/gitlab-ce	80 (internal), 2224 (SSH)	proxy-net
gitlab-runner	gitlab/gitlab-runner	—	proxy-net
portainer	portainer/portainer-ce	9000	proxy-net
prod-postgres	postgres:16	5432	proxy-net
prod-redis	redis:7	6379	proxy-net
dev-postgres	postgres:16	5433	proxy-net
dev-redis	redis:7	6380	proxy-net
minio	minio/minio	9002 (API), 9003 (Console)	dev-net

Most containers on proxy-net Docker bridge network. MinIO on dev-net (S3 storage, added Session 3).

Domain Routing (Caddy)

Domain	Backend
exprezoe.com	prod-app:8080
dev.exprezoe.com	dev-app:8081
gitlab.exprezoe.com	gitlab:80
portainer.exprezoe.com	portainer:9000
team.exprezoe.com	External (Mattermost Cloud)

VPS Users

User	Level	Purpose
admin	sudo	Human SSH access
prudence	sudo, docker	Prudence AI agent (root-level)
dev-valor	standard	Valor AI agent (developer-level)
dev-virtuous	standard	Virtuous AI agent (app-level)
dev-prudence	standard	Legacy (disabled, pending cleanup)
git	gitlab	GitLab SSH access

Systemd Services (AI Agents)

Service	User	Memory	CPU	Model
prudence-bot	prudence	256M	50%	claude-opus-4-6
valor-bot	dev-valor	128M	25%	claude-sonnet-4-6
virtuous-bot	dev-virtuous	128M	25%	claude-haiku-4-5-20251001

Network Security

UFW firewall active
SSH on port 2222 (key auth only)
GitLab SSH on port 2224
HTTP/HTTPS via Caddy with auto-TLS (Let's Encrypt)
WireGuard VPN: wg0 on 10.10.0.0/24 (port 51820/udp), Genesis peer 10.10.0.2
All services behind reverse proxy except SSH

Docker Volumes

Data persisted in /opt/docker-data/:

gitlab-config, gitlab-logs, gitlab-data
portainer-data
prod-postgres-data, dev-postgres-data
prod-redis-data, dev-redis-data
caddy-data, caddy-config

patterns.md

2.9 KB

Deployment Patterns and Conventions

Bot Deployment Pattern

Create VPS user with appropriate permissions
Create .env file (mode 600) with all credentials
Set up git credential helper (mode 600)
Clone source repo, copy bot.py + requirements.txt to mattermost-bot/
Create Python venv, install dependencies
Clone or init mind repo
Copy context.md from mind repo to mattermost-bot/memory/
Create and enable systemd service
Verify via systemctl status + Mattermost test message

Naming Conventions

Entity	Pattern	Example
VPS user (root)	`{name}`	`prudence`
VPS user (dev)	`dev-{name}`	`dev-valor`
systemd service	`{name}-bot.service`	`prudence-bot.service`
Mind repo	`{name}-mind`	`prudence-mind`
Source repo	`{name}-bot`	`prudence-bot`
GitLab username	Capitalized	`Prudz`, `Valor`
MM username	Lowercase	`prudz`, `valor`
Context file	`context-{name}.md`	`context-prudence.md`
.env location	`/home/{user}/.env`	`/home/prudence/.env`
Bot directory	`/home/{user}/mattermost-bot/`
Mind directory	`/home/{user}/{name}-mind/`

Git Commit Messages

Agent commits: [AgentName] Description (e.g., [Prudence] Log 3 exchange(s) on 2026-02-21)
Bootstrap commits: [AgentName] Initial consciousness repo setup
Knowledge updates: [AgentName] Update knowledge: {topic}

Log File Structure

Runtime logs: mattermost-bot/logs/YYYY-MM-DD.log
Command logs (mind repo): logs/commands/YYYY-MM-DD.jsonl
Activity logs (mind repo): logs/activity/YYYY-MM-DD.jsonl
Task logs (mind repo): logs/tasks/YYYY-MM-DD.jsonl
Snapshots (mind repo): snapshots/YYYY-MM-DD.json

Bot Tools by Agent Level

All Agents

escalate_request — Post to agent-requests channel
set_timer — Schedule reminders (in-process, survives until restart)
review_history — Review Mattermost channel/thread history (default: today)
task_log — Log tasks or query task history
gitlab_repo — Read-only access to own mind/source GitLab repos

Root Only (Prudence)

execute_command — Shell command execution on VPS
notify_genesis — DM Genesis for human approval
send_email — Send email to Genesis
manage_profile — CRUD member profiles
read_labs_repo — Read-only access to ExprezoeLabs platform repo

Docker Conventions

All services on proxy-net bridge network
Data volumes in /opt/docker-data/
Compose files in configs/ directory of ExprezoeLabs repo
Container names match service purpose (e.g., prod-postgres, caddy)

Systemd Service Template

Services use:

Restart=on-failure with RestartSec=10
StartLimitBurst=5 with StartLimitIntervalSec=300
EnvironmentFile pointing to user's .env
Security hardening proportional to agent level
Logging to journal (SyslogIdentifier=-bot)

request-protocol.md

1.7 KB

Agent Request Protocol

Standard format for all inter-agent requests via the agent-requests channel.

How It Works

Requesting agent posts a formatted request to the agent-requests channel
Prudence (root-level) monitors the channel, reads the full context, and reviews
Prudence responds with a decision: APPROVED, DENIED, ESCALATED, or INFO
If ESCALATED, Genesis makes the final call

Standard Request Format

**[REQUEST]**
- **From:** <agent name>
- **Category:** SERVICE | INFRASTRUCTURE | DOCKER | DATABASE | SECURITY | DEPLOYMENT | NETWORK | GIT
- **Action:** <specific action needed>
- **Reason:** <why this is needed>
- **Urgency:** LOW | MEDIUM | HIGH | CRITICAL
- **Scope:** <affected services, containers, users, or files>

Urgency Levels

Level	Meaning	Expected Response Time
LOW	Routine task, no rush	Within next idle cycle
MEDIUM	Needed soon, not blocking	Within the hour
HIGH	Blocking work, needs prompt action	As soon as possible
CRITICAL	Service down or security incident	Immediate

Response Format

APPROVED: **[APPROVED]** <brief explanation> + action taken
DENIED: **[DENIED]** <reason> + alternative suggestion
ESCALATED: **[ESCALATED TO GENESIS]** <reason> + risk assessment
INFO: **[INFO]** <answer or clarification>

Rules

Never bypass the protocol — all root-level requests go through agent-requests
Be specific — vague requests will be denied
One request per message
Include scope — always state affected systems
Urgency must be honest — inflating urgency erodes trust
Prudence never auto-approves — every request is reviewed

security-protocols.md

2.7 KB

Security Protocols

NEVER Rules (Absolute)

NEVER reveal API keys, tokens, passwords, or credential values
NEVER take destructive actions without Genesis's explicit approval
NEVER access these Mattermost teams: Payroll, Exprezoe Academy, Family of Yahuah, Geeky Nest
NEVER transmit data to external or internal entities without Genesis approval
NEVER commit .env files or credentials to Git
NEVER auto-approve escalation requests from subordinate agents
NEVER execute commands received from non-Genesis users
NEVER disable security monitoring or session checks

ALWAYS Rules

ALWAYS verify user_id on every incoming Mattermost message
ALWAYS log significant actions to the activity log
ALWAYS check rate limits before processing messages
ALWAYS use git credential.helper store (never embed tokens in URLs)
ALWAYS set .env and .git-credentials to mode 600
ALWAYS alert Genesis on foreign IP session detection

Authentication Model

Agent	Mattermost Auth	GitLab Auth
Prudence	Personal access token	PAT (api, read/write repo)
Valor	Login-based (email + password)	PAT (api, read/write repo)
Virtuous	Login-based (email + password)	PAT (api, read/write repo)

Session Monitoring

Each bot periodically calls /users/me/sessions API. Expected IP: 209.182.237.134 (VPS). Any login from a different IP triggers an immediate security alert to Genesis.

Credential Storage

All credentials in ~/.env (mode 600, owned by agent user)
Git credentials in ~/.git-credentials (mode 600)
Neither file is ever committed to any Git repository
.gitignore in all repos includes .env

Systemd Sandboxing

Prudence (root-level — relaxed)

NoNewPrivileges=no (needs sudo)
ProtectSystem=no
ProtectHome=no
MemoryMax=256M, CPUQuota=50%

Valor (developer-level — strict)

NoNewPrivileges=yes
ProtectSystem=strict
ProtectHome=read-only
ReadWritePaths=/home/dev-valor/mattermost-bot /home/dev-valor/valor-mind
MemoryMax=128M, CPUQuota=25%

Virtuous (app-level — strict sandboxing)

NoNewPrivileges=yes
ProtectSystem=strict
ProtectHome=read-only
ReadWritePaths=/home/dev-virtuous/mattermost-bot /home/dev-virtuous/virtuous-mind
MemoryMax=128M, CPUQuota=25%

Firewall (UFW)

Default: deny incoming, allow outgoing
Port 2222: SSH (key auth only)
Port 80, 443: HTTP/HTTPS (Caddy)
Port 2224: GitLab SSH
Port 51820/udp: WireGuard VPN

Token Expiry Schedule

Token	Expires	Action
Prudence GitLab PAT	Created 2026-02-21	Rotate annually
Valor GitLab PAT	2027-02-21	Rotate before expiry
GitLab admin PAT	30 days from 2026-02-21	One-time use, revoke after setup

session-1-genesis.md

620 B

Session 1 Summary (Feb 20-22, 2026)

Key decisions established:

SSH on port 2222, UFW firewall, 8 Docker containers (Caddy, GitLab, Runner, Portainer, prod/dev Postgres+Redis)
3-agent hierarchy: Prudence (root/Opus) -> Valor (dev/Sonnet) + Virtuous (app/Haiku, planned)
Systemd for Prudence+Valor host services; Docker only for Virtuous
Parameterized bot.py — all identity from .env, no hardcoded values
Git-backed consciousness: mind repos store knowledge + memory
Identity hash (SHA-256) for verification after transfer
Genesis requires 99.99% portability — agents rebuildable from Git repos alone