Mission
Integrate the SourceOS shell runtime with OpsHistory as a governed shell receipt producer for local-first multi-chat agentic operations.
This keeps the shell runtime aligned with AgentTerm, AgentPlane, Policy Fabric, Agent Registry, Memory Mesh, BearBrowser, and TurtleTerm without turning shell history into an ambient transcript source.
Scope
- Define shell receipt event classes:
- session start/end metadata;
- command request metadata;
- execution start/complete/fail metadata;
- summarized result refs;
- artifact/evidence refs;
- agent delegation metadata;
- policy decision refs;
- redaction/tombstone metadata;
- cloud/fog attach/detach metadata.
- Define export posture into OpsHistory:
- content capture disabled by default;
- result summaries allowed only through policy;
- large results represented by artifact refs/hashes;
- sensitive events routed through redaction/tombstone policy;
- terminal receipts remain evidence-forward.
- Add Linux service/runtime mapping:
- user-scoped activatable service/socket or D-Bus boundary where appropriate;
- idle-safe restartable behavior;
- durable local receipt store;
- network-aware push/replication posture for cloud/fog sessions.
- Define cross-plane integration:
- AgentTerm displays shell receipt events and approval state;
- AgentPlane receives context-pack refs and emits evidence;
- Policy Fabric decides execution, export, memory writeback, and redaction;
- Agent Registry grants determine which agents may request or observe shell events;
- Memory Mesh receives context packs rather than raw shell material.
Acceptance criteria
- Docs define the SourceOS shell receipt bridge and its relationship to OpsHistory.
- Machine-readable shell receipt examples exist.
- Content capture is disabled by default.
- Result material is capped, summarized, or ref-only by policy.
- Redaction/tombstone propagation is modeled.
- Agent delegation and direct operator attach are both represented as receipt events.
- Cloud/fog attach/detach metadata is represented.
- Examples contain no secrets or private operational material.
Non-goals
- Do not replace SourceOS shell runtime boundaries.
- Do not implement unrestricted terminal recording.
- Do not let agents observe human terminal sessions without explicit authority and policy admission.
- Do not expand beyond the repo's current sequencing unless the first pass is strictly docs/schemas/examples.
Suggested files
docs/ops-history-shell-receipts.mdschemas/shell-receipt-event.v1.jsonexamples/ops-history/shell-command-receipt.example.jsonexamples/ops-history/shell-redaction-receipt.example.jsonexamples/ops-history/cloudfog-attach.example.json- validation script/test following repo conventions.
Agent note
@copilot @codex Keep the first PR contract-first: docs, schemas, examples, validators. Do not add live terminal capture behavior in the first pass.
Mission
Integrate the SourceOS shell runtime with OpsHistory as a governed shell receipt producer for local-first multi-chat agentic operations.
This keeps the shell runtime aligned with AgentTerm, AgentPlane, Policy Fabric, Agent Registry, Memory Mesh, BearBrowser, and TurtleTerm without turning shell history into an ambient transcript source.
Scope
Acceptance criteria
Non-goals
Suggested files
docs/ops-history-shell-receipts.mdschemas/shell-receipt-event.v1.jsonexamples/ops-history/shell-command-receipt.example.jsonexamples/ops-history/shell-redaction-receipt.example.jsonexamples/ops-history/cloudfog-attach.example.jsonAgent note
@copilot @codex Keep the first PR contract-first: docs, schemas, examples, validators. Do not add live terminal capture behavior in the first pass.