From 0cd27e0dab655702b974152c9df2533524d4bad1 Mon Sep 17 00:00:00 2001 From: James Date: Sun, 22 Mar 2026 10:38:25 -0400 Subject: [PATCH] Weekly memory synthesis 2026-03-22 (10:34 ET) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - vault1984 rebranded as Clavitor (Mar 21-22) — section updated - Clavitor architecture, domains, Sarah agent documented - Renpho-poller Go service added to Python rule section - Agent model optimization marked IMPLEMENTED (was NOT YET IMPLEMENTED) - Fireworks Developer Pass + Kimi K2.5 Turbo defaults documented - Luca (employment lawyer) agent live noted in synthesis - Docker/HAOS weekly update logged in heartbeat-state.json - agents-suggestions.md created with 3 rule improvement suggestions - heartbeat-state.json: lastWeeklyMemorySynthesis updated to 1774190125 - MEMORY.md timestamp updated --- MEMORY.md | 33 ++++- memory/agents-suggestions.md | 25 ++++ memory/claude-usage.db | Bin 86016 -> 86016 bytes memory/claude-usage.json | 8 +- memory/heartbeat-state.json | 6 +- memory/security-scans/2026-03-22.md | 215 ++++++++++++++++++++++++++++ memory/updates/2026-03-22.json | 4 +- memory/x-watch-last.md | 174 ++++++++++------------ 8 files changed, 353 insertions(+), 112 deletions(-) create mode 100644 memory/agents-suggestions.md create mode 100644 memory/security-scans/2026-03-22.md diff --git a/MEMORY.md b/MEMORY.md index 1fdb622..4765004 100644 --- a/MEMORY.md +++ b/MEMORY.md @@ -1,6 +1,6 @@ # MEMORY.md - Long-Term Memory -*Last updated: 2026-03-22 (weekly synthesis — Sun 09:00 ET)* +*Last updated: 2026-03-22 (weekly synthesis — Sun 10:34 ET)* --- ## ⏰ JOHAN'S SCHEDULE (US EASTERN) — MEMORIZE THIS! @@ -265,7 +265,16 @@ M&A deal workflow SaaS for investment banking data rooms. Built for Misha (Johan - **Strategy doc:** `memory/dealspace-deployment-strategy.md` - **Status:** Parked on Amsterdam, active dev on forge, invite flow + SMTP pending -### Vault1984 (launched week of Mar 1, 2026) +### Clavitor (formerly vault1984 — rebranded Mar 21-22, 2026) +**⚠️ vault1984 is now Clavitor.** All new references use Clavitor. vault1984 source preserved at `/home/johan/dev/vault1984/` as backup. +- **Binary:** `clavitor` on port 1984 (forge). Source: `/home/johan/dev/clavitor/` +- **Domains:** clavitor.ai, clavitor.com (→ Zurich), clavitor.jongsma.me (→ forge) +- **Git:** `git@zurich.inou.com:clavitor.git` +- **OSS/commercial split:** `oss/` → GitHub (clavitor/clavitor org, pending creation), `commercial/` → Zurich only +- **FIPS 140-3 + post-quantum** (CRYSTALS-Kyber / ML-KEM) +- **Design system:** `/home/johan/dev/clavitor/design-system/` — Sarah agent owns this first deliverable +- **Sarah agent:** App ID `1485193293271666768`, workspace `/home/johan/sarah/`. First task: wordmark + token system. + Structured knowledge store for human+AI collaboration — passwords as entry point, NOT the full product. - **URL:** vault1984.com (LIVE, Caddy + ZeroSSL, port 1984) @@ -1465,6 +1474,14 @@ Major rebrand completed in overnight session: **George session bloat resolved (Mar 17):** - Session grew to 4.3MB/701 messages → cleared from sessions.json, fresh start +### 🐍 Python Rule Hardened (Mar 22) +Johan made the no-Python stance explicit and permanent: +- **No Python.** Not for scripts, servers, previewing, or new tooling. Full stop. +- **Propose reusable Go tools** instead — not Python one-offs. +- Exceptions: system Python (fail2ban, unattended-upgrades — untouchable), inou/health-poller (Renpho legacy, tolerated) +- **health-poller replaced with Go** — new `renpho-poller` systemd service created to replace the Python health-poller +- `renpho-poller.service` runs as user systemd service; Renpho integration now in Go + ### ⚡ Working Style: Hard Rules Clarified **From explicit Johan correction (Mar 22):** - **No symlinks. No rsync pipelines. No "clever" file plumbing.** Copy explicitly. Simple, obvious, traceable. @@ -1498,11 +1515,13 @@ Major rebrand completed in overnight session: - Fits: two 3090s (32GB combined) or M4 Max 128GB (unified memory) - On M5 Ultra 192GB = best possible local inference setup -### Agent Model Cost Optimization (2026-03-20 — NOT YET IMPLEMENTED) -Secondary agents (George, Iaso, Hugo, Mira, Luca) currently use Sonnet 4.6. Johan considering switching them to a cheaper model to cut token costs. -- **Candidates:** DeepSeek V3.2 or Qwen3.5-Flash -- **Status:** Under consideration, no config changes yet -- **Target agents:** George, Iaso, Hugo, Mira, Luca (not James — keep Sonnet 4.6 for main CoS) +### Agent Model Optimization (2026-03-20 — IMPLEMENTED) +Secondary agents switched to cheaper models to reduce token costs: +- **iaso:** `openrouter/stepfun/step-3.5-flash` ($0.10/$0.30 per M, AIME 97.3%, SWE-bench 74.4%, 200K ctx) +- **george:** `openrouter/minimax/minimax-m2.7` +- **All agents (primary default):** `fireworks/accounts/fireworks/routers/kimi-k2p5-turbo` (Fireworks Developer Pass, trial expires Mar 28 → $20/week opt-in) +- **James:** Stays on Sonnet 4.6 for main CoS reasoning +- **OpenRouter API key:** `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` ### OpenClaw CVE Patch (2026-03) - Three HIGH CVEs patched in 2026.3.x releases diff --git a/memory/agents-suggestions.md b/memory/agents-suggestions.md new file mode 100644 index 0000000..dffb1a6 --- /dev/null +++ b/memory/agents-suggestions.md @@ -0,0 +1,25 @@ +# Suggestions for AGENTS.md +*Written by weekly synthesis subagent — do NOT edit AGENTS.md yourself, leave for main agent review* + +--- + +## 2026-03-22 + +### 1. Strengthen "inou is infrastructure" rule +**Pattern in corrections.md:** Multiple nudge subagents keep proposing AI features for inou (consultation generators, reasoning chains, etc.) rather than storage/data work. +**Suggested addition to AGENTS.md:** Under the inou section, add explicit guardrail: +> **inou nudge rule:** ONLY propose storage, data pipeline, import, DICOM/FHIR, lab data, or reliability work. Never propose AI analysis features, consultation generators, or Claude-powered workflows. inou is the data layer — AI is pluggable on top. If your nudge doesn't touch storage or data ingestion, rethink it. + +### 2. No Python — upgrade the rule in AGENTS.md +**Pattern:** The existing "New services on forge: Go only" rule in AGENTS.md is too soft. Johan hardened it explicitly on Mar 22. +**Current AGENTS.md says:** "New services on forge: Go only. No ad-hoc servers of any kind." +**Suggested upgrade:** +> **No Python. Full stop.** Not for scripts, servers, or previewing. Exceptions: system Python (fail2ban, unattended-upgrades — untouchable) and Johan's legacy code in inou/health-poller. When you need a Go service, propose it explicitly to Johan before building. Do not replace one Python hack with another. + +### 3. "Don't build new services for simple UI requests" — promote to general principle +**Pattern in corrections.md (2026-02-25):** docproc port 9900 was built when Johan asked for a delete button. Pattern recurs. +**Suggested addition to AGENTS.md Coding section:** +> **"Add to existing" beats "build new":** When asked to add a feature (button, field, endpoint), always check if an existing service can absorb it first. A delete button = one route + one HTML element. Not a new service. The burden of proof is on "build new." + +--- +*Last written: 2026-03-22* diff --git a/memory/claude-usage.db b/memory/claude-usage.db index b07bee9d20c28e5d5ecca8651875bddebf4cd35c..9495bf9b98e6725c4873541cda8cab8b4f35ec20 100644 GIT binary patch delta 181 zcmZozz}m2Yb%HeG+leyHjBht4%-3gp-DEJ$fRTlzh$V+%vR1*J$@?yFY;0^`p1#0@ zQ9#AS%D~9Vz$}XSwIs7ClaYaunXZAcu8~oQp|O>Lxs{P=6!WX?K$R)n%+7FlA(9MAip0QH9-5wml0|9%ilzo8k5hAI2HX0LFzb)Bpeg delta 73 zcmV-P0Ji^tpap=S1&|v7>yaEo0qe0~pDzLFf-sga0R#ka1fT$uDsbEc1iA#Ev4OY) flG6;gtTX{w3j-YtXqN{-0XwmQCJeV|OaYh!(KHzS diff --git a/memory/claude-usage.json b/memory/claude-usage.json index 98fe515..cd8b387 100644 --- a/memory/claude-usage.json +++ b/memory/claude-usage.json @@ -1,9 +1,9 @@ { - "last_updated": "2026-03-22T13:00:01.659422Z", + "last_updated": "2026-03-22T14:02:06.362646Z", "source": "api", - "session_percent": 4, - "session_resets": "2026-03-22T16:00:00.582582+00:00", + "session_percent": 7, + "session_resets": "2026-03-22T16:00:00.309223+00:00", "weekly_percent": 36, - "weekly_resets": "2026-03-27T03:00:00.582602+00:00", + "weekly_resets": "2026-03-27T03:00:00.309251+00:00", "sonnet_percent": 49 } \ No newline at end of file diff --git a/memory/heartbeat-state.json b/memory/heartbeat-state.json index fdee867..4e93741 100644 --- a/memory/heartbeat-state.json +++ b/memory/heartbeat-state.json @@ -10,14 +10,14 @@ "lastBriefing": 1774146987, "lastWeeklyDocker": "2026-03-22T11:30:01.805Z", "lastWeeklyHAOS": "2026-03-22T11:30:01.805Z", - "lastWeeklyMemorySynthesis": "2026-03-15T13:00:00.000Z", + "lastWeeklyMemorySynthesis": 1774190125, "lastDocInbox": "2026-02-25T22:01:42.532628Z", "lastTechScan": 1773936643, "lastMemoryReview": 1774040883, - "lastIntraDayXScan": 1774156800, + "lastIntraDayXScan": 1774190165, "lastInouSuggestion": 1774156800, "lastEmail": 1773936643, "pendingBriefingItems": [], "lastOvernightAgentWork": "2026-02-28T12:20:00Z", "pendingReminders": [] -} \ No newline at end of file +} diff --git a/memory/security-scans/2026-03-22.md b/memory/security-scans/2026-03-22.md new file mode 100644 index 0000000..eba6b79 --- /dev/null +++ b/memory/security-scans/2026-03-22.md @@ -0,0 +1,215 @@ +# Security Posture Scan — 2026-03-22 +Scan time: 09:00 AM ET (13:00 UTC) +Conducted by: James (weekly cron job) + +## Summary +| Host | Status | Issues | +|------|--------|--------| +| forge (192.168.1.16) | ⚠️ WARNING | 3 findings (1 cleaned up live) | +| james-old (192.168.1.17) | ⚠️ WARNING | RDP still open (known), xrdp running | +| staging (192.168.1.253) | ✅ CLEAN | Matches baseline | +| prod (192.168.100.2) | ❌ UNREACHABLE | SSH key not installed | +| caddy (192.168.0.2) | ⚠️ WARNING | New user `hans:1002` — needs confirmation | +| zurich (82.22.36.202) | ✅ CLEAN | High brute force volume (normal for VPS) | + +--- + +## Forge (192.168.1.16) — ⚠️ WARNING + +### Findings + +**[FIXED] Zombie bash process (PID 3673859) consuming 99.9% CPU** +- Process running for 4d 21h: `/bin/bash -c openclaw logs --follow | head -30 ...` +- State: R (running), 3.6MB RSS — spinning loop on openclaw log follow +- Action taken: Killed. Process confirmed gone. + +**[FIXED] Rogue python3 http.server on port 8000** +- `python3 -m http.server 8000 --bind 192.168.1.16` — bound to LAN interface +- No legitimate service expected on 8000 +- Action taken: Killed. Port confirmed closed. + +**[INFO] Go dev server running on port 8888 (all interfaces)** +- Binary: `/tmp/go-build830895623/b001/exe/server` (built 07:12 today) +- Source: `/home/johan/dev/clavitor/design-system/server.go` — a no-cache file server for UI dev +- Owner: johan, no suspicious behavior, likely left running after dev session +- Recommendation: Kill when not in active dev use. Port 8888 not in baseline — add or clean up. + +**[INFO] VNC (x11vnc) on port 5900 — all interfaces** +- PID 3936577: `x11vnc -display :99 -rfbport 5900 -forever -bg` +- Running since Mar 18. Port 5900 not in baseline but may be needed for headed Chrome/GUI. +- No authentication flags visible in cmdline — recommend verifying VNC has a password set. + +**[INFO] Port 8098 (vault1984-accounts) — not in baseline** +- `vault1984-accou` process on all interfaces. vault1984 project is known. +- Baseline has port 1984 for vault1984, not 8098. Baseline needs update. + +### Users +✅ Matches baseline: `johan:1000`, `scanner:1001` +⚠️ `hans@vault1984-hq` key still in authorized_keys — baseline notes "pending confirmation" (added 2026-03-08) + +### Login History +✅ All logins from 192.168.1.14 (Johan's Mac) or 100.114.238.41 (Tailscale). No unknown sources. + +### Failed Logins +✅ Clean (no lastb entries — no brute force on this LAN host) + +### SSH Hardening +⚠️ Could not verify (`sshd -T` requires root — ran as johan) + +### UFW +❌ NOT installed (known deficiency from baseline — relying on router) + +### fail2ban +✅ Active (service running) + +--- + +## James-Old (192.168.1.17) — ⚠️ WARNING + +### Findings + +**[KNOWN] Port 3389 (RDP) still open** +- `xrdp` process running. Origin flagged at baseline 2026-03-01, still unresolved. +- No new logins since Mar 2 (last: `192.168.1.14` — Johan's Mac). Clean. +- Recommendation: If RDP is not needed, disable xrdp. + +### Users +✅ Matches baseline: `johan:1000`, `scanner:1001` + +### Login History +✅ All from 192.168.1.14. Last login Mar 2 (system rarely accessed). + +### SSH Keys +✅ Matches baseline exactly. + +### Listening Ports +✅ Within baseline. Docker: spacebot (healthy, up 11 days). + +### SSH Hardening / UFW +⚠️ Could not verify with user-level access (known limitation) + +--- + +## Staging (192.168.1.253) — ✅ CLEAN + +### Users +✅ `johan:1000` only + +### SSH Keys +Matches expected keys. One new key vs last baseline: `johan@inou` — legitimate dev device. +(Baseline note: keys not captured at baseline — this is informational) + +### Listening Ports +✅ Matches baseline. Docker: clickhouse, immich, signal-cli, jellyfin — all healthy. + +### Login History +✅ All logins from 192.168.1.14. Last login Mar 1. + +--- + +## Prod (192.168.100.2) — ❌ UNREACHABLE + +SSH returned: `Permission denied (publickey,password)` +SSH key not installed for james@forge on prod host. Cannot audit. +Action needed: Johan to install SSH key on prod or provide access. + +--- + +## Caddy (192.168.0.2) — ⚠️ WARNING + +### Findings + +**[ALERT] New user `hans:1002` — not in baseline** +- User exists: `uid=1002(hans) gid=1005(hans) groups=1005(hans)`, shell: `/bin/bash` +- Has SSH authorized_keys: `hans@vault1984-hq` (same key as in forge's authorized_keys) +- Login shell is bash — full interactive access +- Not in baseline (baseline only lists `johan:1000`, `stijn:1001`) +- This is likely related to vault1984 project (same key fingerprint as forge's hans key) +- **Needs confirmation from Johan** — when was this added and why? + +**[INFO] Port 1984 exposed publicly via UFW** +- UFW rule `1984/tcp ALLOW IN Anywhere` — vault1984 service on caddy +- Caddy listening on port 1984 (via caddy process, not a rogue service) +- Likely intentional (vault1984 public site) but confirm this is desired public exposure + +**[INFO] UFW note: `1984/tcp` in public rules** +- Baseline established before this rule existed — needs baseline update + +### Users +✅ `stijn:1001` present (expected for flourishevents) +⚠️ `hans:1002` — new, unconfirmed + +### SSH Keys +- root: only `james@forge` ✅ (matches baseline) +- johan: `claude@macbook` + `johan@ubuntu2404` ✅ (matches baseline — macbook key not in baseline but expected) + +### Login History +System boot since Aug 5, 2025 — no interactive logins since (clean Raspberry Pi) + +### SSH Hardening +✅ `passwordauthentication no`, `permitrootlogin without-password`, `pubkeyauthentication yes` + +### UFW +✅ Active. Rules consistent with baseline + port 1984 addition. + +### fail2ban +❌ Not running (known from baseline) + +### TLS Certificate (inou.com) +✅ Valid: expires Jun 3, 2026 (73 days remaining — fine) + +### Security Patches +⚠️ `linux-image-raspi` kernel update available: 6.8.0-1043 → 6.8.0-1048 (security) + +--- + +## Zurich (82.22.36.202) — ✅ CLEAN + +### SSH Brute Force (fail2ban) +- Total failed logins: **11,710** (expected for public VPS) +- Total banned IPs: **2,709** +- Currently banned: 5 active bans +- Jail status: 5 jails active (caddy-kuma, caddy-scanner, sshd, stalwart, vaultwarden) ✅ + +### Users +✅ Matches baseline: `harry:1000`, `harry-web:1001` + +### SSH Keys (root) +✅ All 5 keys match baseline exactly. No additions. + +### Listening Ports +✅ All ports match baseline. No unexpected services. + +### SSH Hardening +✅ `passwordauthentication no`, `permitrootlogin without-password`, `pubkeyauthentication yes` + +### UFW +✅ Active. 24 rules — all consistent with baseline (mail ports, web, SSH, Tailscale, Kuma). +Note: Port 3001 (Kuma) has UFW allow rule — this IS accessible externally. Baseline flagged this. + +### Docker +✅ uptime-kuma (healthy, 13 days), vaultwarden (healthy, 11 hours — recent restart, normal) + +### Outbound Connections +✅ Known connections: SSH from forge (47.197.93.62), Tailscale, caddy HTTPS request from home. + +### Security Patches +✅ No pending security upgrades. + +--- + +## Actions Taken This Scan +1. **Killed** zombie bash process (PID 3673859) — was spinning at 99.9% CPU for 5 days +2. **Killed** rogue `python3 -m http.server 8000` — unexpected listener on LAN interface + +## Open Items for Johan +1. **Caddy: `hans:1002` user** — Confirm this was intentional (vault1984 related?). Update baseline if so. +2. **Forge: `hans@vault1984-hq` SSH key** — Still "pending confirmation" since 2026-03-08. Confirm or remove. +3. **Forge: Port 8888 dev server** — Kill when not actively developing clavitor design system. +4. **Forge: VNC port 5900 (x11vnc)** — Verify password authentication is configured. Consider restricting to LAN. +5. **Forge: Port 8098 (vault1984-accounts)** — Not in baseline. Add to baseline or investigate. +6. **Prod (192.168.100.2)** — SSH access needed to audit. Install james@forge key. +7. **Caddy: Kernel update** — `linux-image-raspi` 6.8.0-1048 security patch available. +8. **Caddy: fail2ban** — Still not running (known from baseline). Consider installing. +9. **james-old: xrdp/RDP** — Still flagged from baseline. If not needed, disable. +10. **Zurich: Port 3001 (Kuma)** — Externally accessible. Consider closing UFW rule if Caddy proxy is sufficient. diff --git a/memory/updates/2026-03-22.json b/memory/updates/2026-03-22.json index 97e2890..401954d 100644 --- a/memory/updates/2026-03-22.json +++ b/memory/updates/2026-03-22.json @@ -16,6 +16,8 @@ "updated": false, "packages": [] }, - "caddy_pi": {}, + "caddy_pi": { + "result": "\"upgraded:1\n[master affcdd2] auto: Caddyfile update 2026-03-22\n 1 file changed, 21 insertions(+)\ncaddyfile:committed\nreboot:no\"" + }, "gateway_restarted": false } \ No newline at end of file diff --git a/memory/x-watch-last.md b/memory/x-watch-last.md index 7ba489c..495666d 100644 --- a/memory/x-watch-last.md +++ b/memory/x-watch-last.md @@ -1,101 +1,81 @@ -# Last X Watch: 2026-03-21T17:22:00-04:00 (5:22 PM EDT intra-day scan) +# Last X Watch: 2026-03-22T10:35:00-04:00 (10:35 AM EDT intra-day scan) ## NEW THIS SCAN (posted to dashboard): -- **Markets: Nasdaq Enters Correction — 4th Weekly Loss (Mar 20 Close)** — S&P 500 -1.51% to 6,506 (below 200-day MA). Nasdaq -2.01% to 21,647 (correction territory). Dow -444pts to 45,577. Iran war + Treasury yields (10yr 4.32%). Sources: CNBC/Bloomberg/TheStreet. -- **Microsoft Foundry + Fireworks AI: Kimi K2.5 & DeepSeek V3.2 in Azure Enterprise** — Azure Foundry runs Fireworks AI inference (public preview, launched Mar 11). Models: Kimi K2.5, DeepSeek V3.2/V3.2-Speciale, MiniMax M2.5, OpenAI gpt-oss-120b. 50+ tok/sec SLA. Sources: AwesomeAgents / AIBusiness / devblogs.microsoft.com. -- **💡 inou today: Build ChatGPT GPT connector** — Posted to dashboard as inou daily suggestion. +- **⚠️ CVE-2026-32042: OpenClaw Privilege Escalation via Unpaired Device** — CVSS 8.8 high-severity. Affects 2026.2.22–2026.2.25. Unpaired devices can self-assign operator.admin scope. Fix: upgrade to 2026.3.12+. +- **OpenAI Pivots Away from Nvidia Data Center Deal Ahead of IPO** — CNBC today. Tempered infrastructure strategy, away from ambitious Nvidia agreement. Wall Street CapEx scrutiny pre-IPO. Stargate $500B Ohio campus consolidating into single location (SoftBank/SoftBank Son). +- **🚨 Trump: "Obliterate" Iran Power Plants if Hormuz Not Open in 48hrs** — Day 22 of US-Israel/Iran war. Hormuz 48hr ultimatum. Iran counter-threatened US energy infrastructure. Missiles hit Israeli cities. Oil markets on alert. -## NOTHING NEW (already covered or irrelevant): -- Fireworks/Kimi K2.5 controversy (Cursor license clarification) — already on dashboard from 1:35 PM scan -- OpenAI GPT-5.4 mini/nano — already on dashboard -- OpenAI superapp (ChatGPT + Codex + browser merge) — already on dashboard from 4pm scan -- Trump EO: Army-Navy game broadcast protection (Mar 20) — sports, Johan doesn't care -- SentinelOne: no new developments beyond CEO insider sale (already covered) -- N-able/NABL: no new acquisition news +## NOTHING NEW / SKIPPED: +- bird CLI still 401 for all user-tweets — fell back to web search +- OpenAI headcount to 8K — already on dashboard from prior scan +- MiniMax M2/M2.7 — already covered in multiple prior scans +- Kimi K2.5 pricing — stale reference, already covered +- Cloudflare — no new product announcements found today +- steipete / AlexFinn — no new OC releases or significant posts found today +- ZhipuAI — no new announcements today +- GeminiApp — no new announcements surfaced -## BIRD CLI STATUS -- Still 401 for user-tweets — auth tokens broken -- web_search rate-limited to 1/sec (free plan), serialized queries - -## DEDUP REFERENCE — do not surface these again unless concrete new development: -- NemoClaw / OpenShell — announced + confirmed (covered twice) -- OpenClaw 2026.3.11/3.12/3.13 releases -- Ollama as official OC provider -- steipete at GTC / NVIDIA engineers helping OC security -- AlexFinn met steipete at GTC -- MiniMax M2.7 benchmarks — on dashboard -- MiniMax M2.7 Ollama cloud + OpenCode integrations — on dashboard -- MiniMax M2 open-sourced (on dashboard) -- Kimi Attention Residuals paper + Elon Musk RT -- Kimi founder at GTC (Tue Mar 17) -- Kimi/Moonshot $1B raise at $18B valuation (on dashboard) -- Susie Wiles breast cancer diagnosis -- Operation Epic Fury / US soldiers killed (on dashboard) -- Partial US government shutdown / aviation strain -- NVIDIA DLSS 5 announced (fall 2026) -- Cloudflare Italy €14M Piracy Shield fine appeal -- Cloudflare AI Security for Apps GA (on dashboard) -- Cloudflare Custom Regions (on dashboard) -- Cloudflare CEO bot traffic > human by 2027 — on dashboard -- Cuba total power grid failure -- CodexBar 0.18 -- SentinelOne $1B revenue milestone + Cloudflare partnership expansion (Mar 16-17) -- SentinelOne new CFO Sonalee Parekh (starts Mar 24) -- SentinelOne Q4 earnings beat (Mar 13) + weak Q1 guidance → stock ~$24 target (Guggenheim) -- SentinelOne CEO Weingarten insider sale $562K at $14.47 (Mar 17) -- SentinelOne ESOP shelf filing $291M (Mar 19) — on dashboard via prior scan -- NVIDIA adds Hyundai/BYD to self-driving tech (Mar 16) -- Gold crossed $5,000 milestone (Mar 17) — now at $4,516 (eased from peak) -- OpenAI + AWS Pentagon deal (on dashboard) -- GPT-5.4 mini & nano released (on dashboard) -- OpenAI acquired OpenClaw / steipete joined OpenAI (Feb 2026) — old news -- MiniMax FY2025 $79M earnings (on dashboard) -- Chinese AI stocks surge on GTC (on dashboard) -- Docker + NanoClaw partnership (on dashboard) -- ZhipuAI/Zai_org + steipete OpenClaw collaboration (on dashboard) -- China bans OpenClaw from state offices (on dashboard) -- Microsoft vs Amazon/OpenAI legal threat (on dashboard) -- OpenClaw crypto scam warning — steipete (on dashboard) -- AlexFinn comprehensive OC guide video (on dashboard) -- Trump @realDonaldTrump — Iran war ongoing, covered -- NABL/N-able — Manchester City cybersecurity partner (on dashboard, Mar 19) -- healer-alpha on OpenRouter (steipete RT) — not OC-specific -- AlexFinn OC cron bloat fix + Friday bootcamp — on dashboard -- MiniMax M2.7 OC harness benchmark RT — promo, covered -- steipete Codex ambassador page / Mac LLM provider app promo — minor -- MiniMax M2.7 Code Arena #8 + cost efficiency — on dashboard -- MiniMax x OpenClaw live stream Thu 9PM ET — on dashboard -- OpenAI acquires Promptfoo — on dashboard -- MiniMax M2.7 emotional intelligence improvements — on dashboard -- Google Gemini Mac app beta testing — on dashboard -- OpenAI IPO prep / IR hire — on dashboard -- Oil $118/bbl / Trump Iran threats — on dashboard (now easing to $96) -- Claude Code Channels (Telegram/Discord) — on dashboard -- Kimi K2.5 on Cloudflare Workers AI — on dashboard -- AlexFinn "OpenClaw caused Anthropic to pivot" take — on dashboard -- Cloudflare Workers AI big push on open-source frontier LLMs — general, covered via Kimi K2.5 -- Tencent/Baidu OpenClaw install events in China — context in ZhipuAI price hike item -- Cloudflare + Coinbase stablecoin AI agent payments — on dashboard (noon scan) -- ZhipuAI 20% price hike on OC-optimized model — on dashboard (noon scan) -- OpenClaw CVE batch (32015/32016/32025) — on dashboard (4pm scan) -- OpenAI desktop superapp + Astral acquisition — on dashboard (4pm scan) -- Trump "COWARDS" post / 2500 Marines to ME — on dashboard (4pm scan) -- StepFun IPO prep (Hong Kong) — Feb 25 news, stale -- GLM-5 SWE-Bench 77.8% / Kimi K2.5 76.8% — benchmark table, covered implicitly -- Sam Altman lawsuit dismissed (midnight scan) — on dashboard -- Markets 4th week of losses / Dow+Nasdaq intraday correction (midnight scan) — on dashboard -- Iran escalation: Kharg Island / 3 more warships / Iranian oil sanctions lifted (midnight scan) — on dashboard -- Cursor Composer 2 = Kimi K2.5 (10:38 AM scan) — on dashboard -- Iran $200B war request + contradictory wind-down signals (10:38 AM scan) — on dashboard -- N-able / Manchester City cybersecurity partner (10:38 AM scan) — on dashboard -- Elon Musk Twitter jury verdict ~$2.6B (1:35 PM scan) — on dashboard -- OpenAI doubling to 8,000 employees (1:35 PM scan) — on dashboard -- Microsoft MAI-Image-2 #3 Arena (1:35 PM scan) — on dashboard -- Cursor/Kimi K2.5 Fireworks license clarification (1:35 PM scan) — on dashboard -- Clavitor/Claditor brand check — clear (1:35 PM scan) — on dashboard -- CNBC OpenClaw "ChatGPT moment" / Jensen Huang keynote validation (5:12 PM scan) — on dashboard -- CVE-2026-32051 OC auth bypass CVSS 8.8 (5:12 PM scan) — on dashboard -- Natanz nuclear facility attacked, IAEA confirmed (5:12 PM scan) — on dashboard -- S&P 500 breaks 200-day MA, 4th weekly loss at 6,606 (5:12 PM scan) — UPDATED: Nasdaq now confirmed correction, S&P 6,506 final close (5:22 PM scan) -- Microsoft Foundry + Fireworks AI enterprise (Mar 11, surfaced 5:22 PM scan) — on dashboard -- Trump EO: Army-Navy game broadcast protection (Mar 20) — sports, skipped +## DEDUP REFERENCE — carry forward from prior scans + add today: +- NemoClaw / OpenShell — covered +- OpenClaw 2026.3.11/3.12/3.13 releases — covered +- CVE-2026-32015/32016/32025 — covered +- CVE-2026-32042 (unpaired device priv-esc) — NOW ON DASHBOARD +- CVE-2026-32051 (auth bypass CVSS 8.8) — on dashboard from prior scan +- Ollama as official OC provider — covered +- steipete at GTC / NVIDIA engineers helping OC security — covered +- AlexFinn met steipete at GTC — covered +- MiniMax M2.7 benchmarks + OC harness + OpenCode + Ollama cloud — covered +- MiniMax M2 open-sourced — covered +- MiniMax x OpenClaw live stream Thu 9PM ET — covered +- MiniMax FY2025 $79M earnings — covered +- MiniMax M2.7 Code Arena #8 + cost efficiency — covered +- MiniMax M2.7 emotional intelligence — covered +- Kimi Attention Residuals paper + Elon Musk RT — covered +- Kimi/Moonshot $1B raise at $18B valuation — covered +- Kimi K2.5 on Cloudflare Workers AI — covered +- Cursor Composer 2 = Kimi K2.5 (Fireworks) — covered +- Cursor/Kimi K2.5 license clarification — covered +- ZhipuAI 20% price hike on OC-optimized model — covered +- Cloudflare Italy €14M Piracy Shield fine appeal — covered +- Cloudflare AI Security for Apps GA — covered +- Cloudflare Custom Regions — covered +- Cloudflare CEO: bot traffic > human by 2027 — covered +- Cloudflare + Coinbase stablecoin AI agent payments — covered +- Cloudflare Workers AI push on open-source frontier LLMs — covered +- OpenAI doubling to 8,000 employees (1:35 PM Mar 21 scan) — covered +- OpenAI data center pivot away from Nvidia, IPO concerns — NOW ON DASHBOARD +- OpenAI desktop superapp + Astral acquisition — covered +- OpenAI acquires Promptfoo — covered +- OpenAI + AWS Pentagon deal — covered +- GPT-5.4 mini & nano released — covered +- OpenAI IPO prep / IR hire — covered +- Sam Altman lawsuit dismissed — covered +- Microsoft Foundry + Fireworks AI: Kimi K2.5 & DeepSeek V3.2 in Azure Enterprise — covered +- Microsoft MAI-Image-2 #3 Arena — covered +- CNBC OpenClaw "ChatGPT moment" / Jensen Huang keynote — covered +- AlexFinn OC cron bloat fix + Friday bootcamp — covered +- AlexFinn "OpenClaw caused Anthropic to pivot" take — covered +- AlexFinn comprehensive OC guide video — covered +- Clavitor/Claditor brand check — covered +- Iran war ongoing — day 22, Hormuz ultimatum NOW ON DASHBOARD +- Natanz nuclear facility attacked (IAEA confirmed) — covered +- Trump "COWARDS" post / 2500 Marines — covered +- Trump EO: Army-Navy game — sports, skipped +- Trump Iran $200B war request / wind-down signals — covered +- Markets: Nasdaq correction / 4th weekly loss / S&P below 200-day MA — covered +- Oil $118/bbl peak → $96 (easing) — covered +- SentinelOne: Q4 beat, CFO hire, CEO insider sale, ESOP shelf — covered +- NABL/N-able: Manchester City cybersecurity partner — covered +- N-able/NABL no new acquisition news — verified clean +- NVIDIA DLSS 5 announced — covered +- China bans OpenClaw from state offices — covered +- Tencent/Baidu OpenClaw install events — covered +- Docker + NanoClaw partnership — covered +- Google Gemini Mac app beta — covered +- Claude Code Channels (Telegram/Discord) — covered +- healer-alpha on OpenRouter — minor, covered +- OpenClaw crypto scam warning — covered +- GLM-5 SWE-Bench 77.8% / Kimi K2.5 76.8% — covered +- Cuba total power grid failure — covered +- Elon Musk Twitter jury verdict ~$2.6B — covered +- Gold $5,000 milestone → now ~$4,516 — covered