Weekly memory synthesis: Feb 9-15 insights + session recovery rule

AGENTS.md

@@ -258,6 +258,7 @@ Enter plan mode for ANY non-trivial task:
 - **If you summarized it, you had it** — if you reported something to Johan, you have the context to act on it. Don't ask "who is X?" about something you already triaged.
 - **Actionable emails stay in inbox** — archiving = losing reply capability. Keep emails needing follow-up in inbox until resolved.
 - **Recover context yourself after compaction** — When compaction/context loss happens: check session history, search memory files, search transcripts via memory_search. NEVER ask the user for info you already had. The data is in your files — find it.
+- **Exhaust self-recovery before escalation** — Always try: (1) `sessions_history` for recent tool calls/context, (2) search memory files, (3) `memory_search` transcripts, (4) reconstruct from available data. Only ask human for info that genuinely isn't in your systems.
 
 **Plan includes verification:** Use plan mode for verification steps too, not just building. "How will I prove this works?" is part of the plan.
 

MEMORY.md

@@ -400,6 +400,55 @@ Automated document processing pipeline for scanned paperwork.
 - MC performance issue: queries taking 15-16s (needs investigation)
 - OCR service: works but slow on full-page docs (~90s per page at 150dpi)
 
+---
+
+## Weekly Insights (Feb 9-15, 2026)
+
+### 🧠 Architectural Maturity (Feb 13 Breakthrough)
+The major infrastructure overhaul on Feb 13 marks a significant maturation in our operational model:
+
+**Key Insight:** Johan's principle "attack problems at their source" drove systemic changes rather than band-aid fixes:
+- Email triage moved from polluting main session → embedded in Message Center (K2.5 direct calls)
+- Session management aligned to Johan's actual schedule (9pm reset vs 4am)
+- Context pruning enabled to prevent compaction pressure
+- Cron job rationalization (350 sessions/day → 43)
+
+**This represents a shift from reactive firefighting to proactive system design.**
+
+### 🔍 Pattern: Corporate Policy Adaptation
+Kaseya's "corporate devices only" policy (Feb 13) triggered immediate technical adaptation rather than workflow disruption:
+- M365 API integration built within hours
+- OAuth token flow bypassing browser/device restrictions
+- Separation of personal/corporate network access
+
+**Lesson:** Regulatory/policy changes are technical problems with technical solutions, not business process disruptions.
+
+### 💡 Memory Recovery Principles (Feb 15 Correction)
+Major correction on session recovery discipline: When context is lost, **always exhaust self-recovery before asking Johan for info**:
+1. Check session history (`sessions_history`)
+2. Search memory files  
+3. Search transcripts via `memory_search`
+4. Reconstruct from available data
+
+**This correction reflects the core COS responsibility: memory protection is job #1.**
+
+### 🏥 Medical Case Management Evolution
+Two critical developments show the medical advocacy infrastructure maturing:
+1. **Baycare fraud discovery** — systematic claim analysis revealing $118K+ in fraudulent ventilator billing
+2. **Dr. Madan engagement** — hydrocephalus expert review process advancing toward definitive treatment
+
+**Pattern:** Detailed documentation + expert network access = advocacy infrastructure working as designed.
+
+### 🛡️ Security Posture Integration
+Shannon's successful deployment and scan completion demonstrates security tooling becoming routine rather than exceptional:
+- Automated pentest against inou.com portal
+- Cost-effective (K2.5 @ ~$0.50 vs traditional pentest costs)  
+- Findings properly categorized and documented
+
+**Evolution:** Security scanning transitioning from external service to integrated capability.
+
+---
+
 ## Access URLs
 
 - Web UI: `https://james.jongsma.me/?token=<gateway_token>`

memory/2026-02-15.md

@@ -11,6 +11,25 @@
 
 **Never say "I lost context, what was the IP?" — find it yourself.**
 
+## DocSys Agent Fix (Two Issues Found)
+
+### Issue 1: Missing session file
+- **Problem:** docsys sessions.json referenced `c871166f-...` but the .jsonl file was deleted by nightly cleanup
+- **Fix:** Reset `~/.openclaw/agents/docsys/sessions/sessions.json` to `{}` → fresh session on next access
+
+### Issue 2: "missing scope: operator.read" — TUI needs restart
+- **Root cause:** Nightly maintenance updated OpenClaw from 2026.2.13 → 2026.2.14. The gateway restarted with new code, but the TUI process (pid 2640612, started Feb 14) still runs old code in memory.
+- **The new 2026.2.14 gateway requires device auth for `operator.read` scope.** Without it, connections get zero scopes → node.list, chat.history, sessions.list all fail.
+- **Fix:** Restart the TUI: close it (Ctrl+C in pts/3) and relaunch `openclaw`. The new binary on disk (2026.2.14) will connect with proper device auth and get `operator.admin` scope.
+- **Note:** K2.5/fireworks is NOT the issue. docsys uses Opus. The scope error affects ALL agents in the TUI, not just docsys.
+- **Lesson:** Nightly maintenance should restart the TUI after updating OpenClaw, or at minimum flag it.
+
+## Correction: Don't archive flagged emails
+- Johan caught that the mail agent was archiving emails after flagging them to Fully
+- **Rule:** If you sent a Fully alert for a message, do NOT archive it. Leave in inbox for follow-up.
+- Updated the mail hook messageTemplate in openclaw.json with explicit rule #4
+- This was already in AGENTS.md ("Actionable emails stay in inbox") but the hook prompt didn't enforce it
+
 ## ThinkPad X1 RDP Session
 - **IP:** 192.168.0.211
 - **User:** johan@jongsma.me
@@ -38,6 +57,17 @@
 - **Forge (James):** M365 monitoring via API. MC polls every 60s, alerts Johan via Signal on new items.
 - **Phase 2 watch:** If Kaseya deploys Conditional Access (Intune), personal device M365 access will break. Watch for phone enrollment emails.
 
+## Document Inbox (08:02 EST)
+- 2 PDFs re-appeared in inbox: ERS-21tb listing agreement + Seller Disclosure Residential
+- Already processed earlier (in master.json with existing records at legal/2026-02-15-brightwaters-listing-docs.md)
+- Duplicate copies — moved to inbox/processed/
+- Stored new hashes (2dffc8a18978f225, 60b2f4c73753f60e) to ~/documents/store/ as backup copies
+
+## Email Triage (08:02 EST)
+- **Macy's shipping** (tj@): Nautica pants shipped, tracking 9200190118753474664007, ETA Feb 19 → deliveries upsert → archived
+- **Amazon delivered** (tj@): Taylors of Harrogate tea delivered → deliveries updated to delivered → archived
+- **Trending Kickstarters** (johan@): Marketing newsletter (titanium carry-on) → archived (should've been junked by MC)
+
 ## MC M365 Connector (building)
 - Subagent spawned (Opus) to build connector_m365.go
 - Three pollers on 60s tick: email (unread), Teams chat (new messages), calendar (diff)

memory/claude-usage.json

@@ -1,9 +1,9 @@
 {
-  "last_updated": "2026-02-15T11:00:05.568254Z",
+  "last_updated": "2026-02-15T13:00:08.342033Z",
   "source": "api",
-  "session_percent": 27,
-  "session_resets": "2026-02-15T12:00:00.532726+00:00",
-  "weekly_percent": 9,
-  "weekly_resets": "2026-02-21T19:00:00.532749+00:00",
+  "session_percent": 4,
+  "session_resets": "2026-02-15T17:00:00.292537+00:00",
+  "weekly_percent": 10,
+  "weekly_resets": "2026-02-21T19:00:00.292559+00:00",
   "sonnet_percent": 5
 }