MrSphay/intelligence-terminal
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

chore: apply agent kit project structure

Browse Source
This commit is contained in:
MrSphay
2026-05-16 21:18:17 +02:00
parent 7a5015e430
commit 7e85a54c32
6 changed files with 105 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
.codex/project.md Normal file
View File

@@ -0,0 +1,36 @@
# Intelligence Terminal Project Notes
## Purpose
Production-ready Crucix fork for Docker, Dockge, Pangolin, local OSINT sweeps, source health diagnostics, and configurable LLM analysis.
## Stack
- Node.js 22 ESM
- Express 5
- Native `fetch`
- Optional `discord.js`
- Docker image published to Gitea Registry
## Authoritative Commands
- `npm start`
- `npm run test:unit`
- `npm test`
- `docker compose config`
- `docker build -t git.wilkensxl.de/mrsphay/intelligence-terminal:latest .`
Heavy install/build/audit/release work should run on Gitea Ubuntu runners where possible. Local work should stay limited to targeted verification and Docker checks required for this deployment.
## Runtime State
- `runs/latest.json` stores the latest raw sweep.
- `runs/memory/` stores hot/cold delta memory.
- `runs/intelligence.db` stores phase-1 memory when `node:sqlite` is available.
- `.env` is operator-owned and must not be committed.
## Security
- Never log API keys or bot tokens.
- Manual remote sweeps require `SWEEP_TOKEN`; without it `POST /api/sweep` is local-only.
- Missing source keys must degrade visibly rather than silently falling back to demo data.

1
.gitignore vendored
View File

@@ -24,7 +24,6 @@ desktop.ini
# Claude Code # Claude Code
.claude/ .claude/
CLAUDE.md CLAUDE.md
AGENTS.md
# Playwright # Playwright

25
AGENTS.md Normal file
View File

@@ -0,0 +1,25 @@
# Agent Instructions
## Project
Intelligence Terminal is a Docker-first Crucix fork for home-server OSINT, market, LLM, Telegram, and Discord workflows.
## Rules
- Preserve the existing ESM Node structure unless a change is needed for reliability.
- Do not commit `.env`, tokens, generated `runs/` data, registry credentials, or private logs.
- Keep Docker and Dockge operation first-class: `AUTO_OPEN_BROWSER=false`, persistent `/app/runs`, and health checks must remain working.
- Use the Gitea Ubuntu runners for heavy builds, dependency installs, audits, release jobs, and package publishing when available.
- Lightweight local checks are allowed: `git status`, `rg`, syntax checks, `git diff --check`, and targeted unit tests.
## Commands
- Start: `npm start`
- Unit tests: `npm run test:unit`
- Full tests: `npm test`
- Compose validation: `docker compose config`
- Docker image: `docker build -t git.wilkensxl.de/mrsphay/intelligence-terminal:latest .`
## Release Target
Push source to `https://git.wilkensxl.de/MrSphay/intelligence-terminal.git` and publish the Docker image to `git.wilkensxl.de/mrsphay/intelligence-terminal`.

18
docs/agent-handoff.md Normal file
View File

@@ -0,0 +1,18 @@
# Agent Handoff
## Current Release Goal
Source branch: `codex/production-intelligence-terminal`
Registry image:
```text
git.wilkensxl.de/mrsphay/intelligence-terminal:latest
```
## Notes
- The repository is Docker-first and should stay suitable for Dockge/Pangolin.
- Use `.env.example` as the operator-facing source of truth for configuration.
- Source health and network metrics are available through `/api/health` and `/api/metrics`.
- If Gitea Registry authentication is unavailable locally, build and push with the commands documented in `README.md`.

10
docs/release-checklist.md Normal file
View File

@@ -0,0 +1,10 @@
# Release Checklist
1. Confirm `.env.example`, README compose sample, and registry image name match.
2. Run `npm run test:unit`.
3. Run `docker compose config`.
4. Build `git.wilkensxl.de/mrsphay/intelligence-terminal:latest`.
5. Start the image and verify `/api/health`.
6. Push branch to Gitea.
7. Push `latest` and a dated image tag to the Gitea Registry.
8. Pull the image on a clean Docker host or through Dockge and verify startup.

16
docs/security-review.md Normal file
View File

@@ -0,0 +1,16 @@
# Security Review
## Checked Areas
- Shell execution: browser auto-open is gated by `AUTO_OPEN_BROWSER` and defaults to false.
- Secrets: `.env` remains ignored; `.env.example` contains no real keys.
- External network calls: source fetches use timeout/retry diagnostics and expose degraded state.
- Manual actions: `/api/sweep` is local-only unless `SWEEP_TOKEN` is configured.
- File writes: runtime writes are limited to `runs/`.
- HTML injection: dashboard data is JSON-injected only by the CLI path; server mode serves data through API/SSE.
## Residual Risk
- External feeds can return malformed, stale, or adversarial content. UI rendering should continue to sanitize titles and URLs.
- LLM outputs are advisory only and must not be treated as financial advice.
- `node:sqlite` availability depends on the Node 22 build; when unavailable the memory database degrades to a no-op placeholder.