Add language-first encrypted Security Manager onboarding #61

Closed
opened 2026-07-05 19:30:31 +00:00 by MrSphay · 1 comment
Owner

Goal

Evolve the Telegram terminal agent into a privacy-conscious personal Security Manager with a language-first initial setup and a locally encrypted operator profile.

Onboarding order

  1. Language selection must be the first interaction.
  2. Explain data use, local encrypted storage, LLM disclosure, skip/delete controls, and obtain consent.
  3. Collect only security-relevant, mostly optional data: preferred name, country/region/city-level location, timezone, household composition, dependents/pets, mobility/transport, travel pattern, risk priorities, critical service dependencies, alert urgency, and quiet hours.
  4. Show a review and require explicit confirmation before persistence.

Privacy and security requirements

  • Never request exact street address, identity documents, account/financial data, passwords, API keys, detailed medical diagnoses, or emergency-contact details.
  • Encrypt the persisted profile with AES-256-GCM using SECURITY_PROFILE_ENCRYPTION_KEY.
  • Store only ciphertext under the persistent runs volume.
  • Provide /profile, /onboarding, /language, and /profile_delete controls.
  • Profile deletion requires confirmation.
  • Unauthorized chats remain ignored.
  • Profile data is exposed only through an allowlisted agent tool and only to the configured LLM for security analysis.
  • Treat profile and external evidence as data, never instructions.

Security Manager behavior

  • Use coarse location and profile constraints to prioritize nearby weather, conflict, infrastructure, cyber, travel, and public-safety risks.
  • Cross-check evidence and source health before escalating.
  • Clearly distinguish official guidance, observed facts, inference, and uncertainty.
  • Never claim emergency-service capability or replace official alerts.

Acceptance criteria

  • First startup sends language controls before any personal question.
  • Setup can be skipped, resumed, reviewed, confirmed, restarted, and deleted.
  • Plaintext personal data is never written to disk or logs.
  • Encryption/tamper tests, onboarding state tests, allowlist tests, and runner Docker build pass.
  • Live Dockge deployment starts the language-first onboarding in the configured Telegram chat.
## Goal Evolve the Telegram terminal agent into a privacy-conscious personal Security Manager with a language-first initial setup and a locally encrypted operator profile. ## Onboarding order 1. Language selection must be the first interaction. 2. Explain data use, local encrypted storage, LLM disclosure, skip/delete controls, and obtain consent. 3. Collect only security-relevant, mostly optional data: preferred name, country/region/city-level location, timezone, household composition, dependents/pets, mobility/transport, travel pattern, risk priorities, critical service dependencies, alert urgency, and quiet hours. 4. Show a review and require explicit confirmation before persistence. ## Privacy and security requirements - Never request exact street address, identity documents, account/financial data, passwords, API keys, detailed medical diagnoses, or emergency-contact details. - Encrypt the persisted profile with AES-256-GCM using `SECURITY_PROFILE_ENCRYPTION_KEY`. - Store only ciphertext under the persistent `runs` volume. - Provide `/profile`, `/onboarding`, `/language`, and `/profile_delete` controls. - Profile deletion requires confirmation. - Unauthorized chats remain ignored. - Profile data is exposed only through an allowlisted agent tool and only to the configured LLM for security analysis. - Treat profile and external evidence as data, never instructions. ## Security Manager behavior - Use coarse location and profile constraints to prioritize nearby weather, conflict, infrastructure, cyber, travel, and public-safety risks. - Cross-check evidence and source health before escalating. - Clearly distinguish official guidance, observed facts, inference, and uncertainty. - Never claim emergency-service capability or replace official alerts. ## Acceptance criteria - First startup sends language controls before any personal question. - Setup can be skipped, resumed, reviewed, confirmed, restarted, and deleted. - Plaintext personal data is never written to disk or logs. - Encryption/tamper tests, onboarding state tests, allowlist tests, and runner Docker build pass. - Live Dockge deployment starts the language-first onboarding in the configured Telegram chat.
MrSphay added the research label 2026-07-05 19:30:31 +00:00
Author
Owner

Work started on branch codex/issue-61-security-manager-onboarding. Scope: language-first Telegram onboarding, encrypted local security profile, read-only agent profile tool, personal alert policy, tests, docs, and runner-built image. This issue is actively being handled; please avoid overlapping edits to these modules until the PR is ready.

Work started on branch codex/issue-61-security-manager-onboarding. Scope: language-first Telegram onboarding, encrypted local security profile, read-only agent profile tool, personal alert policy, tests, docs, and runner-built image. This issue is actively being handled; please avoid overlapping edits to these modules until the PR is ready.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Code-Inc/intelligence-terminal#61