Skip to content

Define agentic graph foundation contracts#94

Open
mdheller wants to merge 18 commits intomainfrom
sourceos/agentic-graph-spec
Open

Define agentic graph foundation contracts#94
mdheller wants to merge 18 commits intomainfrom
sourceos/agentic-graph-spec

Conversation

@mdheller
Copy link
Copy Markdown
Contributor

@mdheller mdheller commented May 5, 2026

Summary

Adds the SourceOS/SociOS local-first agentic graph foundation as an additive architecture, security, integration, and machine-readable contract layer.

This PR establishes the control-plane spec for integrating SourceOS, Prophet Workspace, Memory Mesh, Agent Registry, Policy Fabric, TurtleTerm, BearBrowser, Mesh Rush, Sherlock, and related runtime repos around one governed graph substrate.

Added docs

  • docs/architecture/local-first-agentic-graph.md
    • Defines SourceIdentity, SourceGraph, SourceStore, SourceSync, SourcePolicy, SourceChannel, and SourceAudit.
  • docs/security/agentic-sync-threat-model.md
    • Threat model for remote graph poisoning, memory injection, shell profile injection, policy downgrade, browser-to-local bridge abuse, relay compromise, secret leakage, and agent capability escalation.
  • docs/specs/sync-engine-registry.md
    • Canonical sync engines, merge strategies, policy classes, encryption scopes, state machine, and reason codes.
  • docs/specs/sourcechannel.md
    • Privileged bridge contract for workspace UI, terminal, browser, MCP, agent runtime, daemon, and admin-console surfaces.
  • docs/integration/repo-map.md
    • Estate integration map and M1 manifest acceptance criteria.

Added schemas

  • schemas/SourceOSRepoManifest.json
  • schemas/SyncEngineManifest.json
  • schemas/SourceChannelEnvelope.json
  • schemas/SourceGraphWrite.json
  • schemas/AgentCapabilityLease.json
  • schemas/AuditEvent.json

Added examples and manifest

  • .sourceos/manifest.json
  • examples/sourceos-repo-manifest.json
  • examples/sync-engine-manifest.json
  • examples/sourcechannel-envelope.json
  • examples/agent-capability-lease.json
  • examples/audit-event.json

Design intent

This keeps sourceos-spec as the constitutional contract repo and prevents downstream implementation repos from inventing separate models for sync, policy, memory, agents, shell, browser, relay, and audit.

Notes

The branch is additive. It does not rewrite existing schemas or APIs.

One SourceGraphWrite example fixture was deferred because the connector safety layer blocked that synthetic fixture write. The schema itself is included.

Follow-up work

  • Extend schemas/README.md and examples/README.md index tables.
  • Add .sourceos/manifest.json across M1 repos.
  • Implement estate scanning and contract validation in sourceos-devtools.

Related

mdheller added 18 commits May 5, 2026 00:34
@mdheller
docs: add local-first agentic graph architecture
d740e11
@mdheller
docs: add agentic sync threat model
1029657
@mdheller
docs: add sync engine registry spec
1f56d56
@mdheller
docs: add SourceChannel bridge contract
284c7ce
@mdheller
docs: add estate integration repo map
e989d62
@mdheller
schemas: add SourceOS repo manifest contract
dbf80a2
@mdheller
schemas: add sync engine manifest contract
8391196
@mdheller
schemas: add SourceChannel envelope contract
12ee8d0
@mdheller
schemas: add SourceGraph write contract
daabe8d
@mdheller
schemas: add agent capability lease contract
7b3adb8
@mdheller
schemas: add SourceAudit event contract
89aa35e
@mdheller
docs: link agentic graph foundation docs from README
f532170
@mdheller
examples: add SourceOS repo manifest fixture
9d98e80
@mdheller
examples: add sync engine manifest fixture
f0e9857
@mdheller
examples: add SourceChannel envelope fixture
a829348
@mdheller
examples: add agent capability lease fixture
c937513
@mdheller
examples: add SourceAudit event fixture
b857fd9
@mdheller
chore: declare sourceos-spec manifest
07090e4
This was referenced May 5, 2026
Open
Merged
mdheller added a commit to SourceOS-Linux/sourceos-devtools that referenced this pull request May 6, 2026
@mdheller
Add agentic graph contract validation and repo scanner
b1bd117 
Adds the first sourceosctl tooling slice for the SourceOS/SociOS local-first agentic graph foundation.

Includes:
- .sourceos/manifest.json for sourceos-devtools
- contract validate, repo scan, estate scan, graph doctor, sync doctor, and policy explain helpers
- entrypoint routing for new command groups
- tests for manifest validation and repo scanning
- integration documentation for M1 contract validation

Related: SourceOS-Linux/sourceos-spec#86, SourceOS-Linux/sourceos-spec#94, #18
This was referenced May 6, 2026
Merged
Merged
Merged
mdheller added a commit to SocioProphet/policy-fabric that referenced this pull request May 6, 2026
@mdheller
Add SourceOS M1 repo manifest
3e705f4 
Adds .sourceos/manifest.json so Policy Fabric is scanner-visible for SourceOS/SociOS governed local-first agentic graph M1.

Declares the policy domain, sourceos.sync.policy-fabric engine, critical policy class, strongest_policy_wins merge strategy, authority repos, audit events, and dangerous policy surfaces.

Related: SourceOS-Linux/sourceos-spec#86, SourceOS-Linux/sourceos-spec#94, SourceOS-Linux/sourceos-devtools#23, #50
mdheller added a commit to SocioProphet/agent-registry that referenced this pull request May 6, 2026
@mdheller
Add SourceOS M1 repo manifest
e503a0d 
Adds .sourceos/manifest.json so Agent Registry is scanner-visible for SourceOS/SociOS governed local-first agentic graph M1.

Declares the agent domain, sourceos.sync.agent-registry engine, critical policy class, signed_authority_required merge strategy, authority repos, audit events, and dangerous agent surfaces.

Related: SourceOS-Linux/sourceos-spec#86, SourceOS-Linux/sourceos-spec#94, SourceOS-Linux/sourceos-devtools#23, #15
mdheller added a commit to SocioProphet/memory-mesh that referenced this pull request May 6, 2026
@mdheller
Add SourceOS M1 repo manifest
7689481 
Adds .sourceos/manifest.json so Memory Mesh is scanner-visible for SourceOS/SociOS governed local-first agentic graph M1.

Declares the memory domain, sourceos.sync.memory-mesh engine, high policy class, manual_review merge strategy, authority repos, audit events, and dangerous memory surfaces.

Related: SourceOS-Linux/sourceos-spec#86, SourceOS-Linux/sourceos-spec#94, SourceOS-Linux/sourceos-devtools#23, #18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mdheller