chore: auto-commit uncommitted changes

drafts/vault1984-twitter-follows.md

@@ -0,0 +1,237 @@
+# vault1984 — Twitter Follow List
+
+*Target: @vault1984. Follow these to build visibility, get indexed by the algorithm, and appear in relevant feeds.*
+
+---
+
+## 1. OpenClaw + AI Agent Ecosystem
+
+| Handle | Name | Why |
+|--------|------|-----|
+| @OpenClaw | OpenClaw | Core partner — our agent platform |
+| @AnthropicAI | Anthropic | Claude's creator — agent infrastructure |
+| @OpenAI | OpenAI | GPT / operator — largest agent ecosystem |
+| @GoogleDeepMind | Google DeepMind | Gemini — key agent provider |
+| @MistralAI | Mistral AI | Open-weight models — agent use cases |
+| @CohereAI | Cohere | Enterprise agent platform |
+| @LangChainAI | LangChain | Most-used agent framework |
+| @LlamaIndex | LlamaIndex | Agent orchestration framework |
+| @CrewAIInc | CrewAI | Multi-agent framework — growing fast |
+| @AutoGenAI | AutoGen | Microsoft's agent framework |
+| @MCPProtocol | MCP Protocol | Model Context Protocol — our integration layer |
+| @composio_dev | Composio | Agent tool integrations |
+| @e2bdev | E2B | Code execution for agents |
+| @BrowserUse | Browser Use | Web agents |
+| @PlaywrightTest | Playwright | Browser automation |
+| @OpenInterpreter | Open Interpreter | Local agent runtime |
+| @HuggingFace | Hugging Face | Model hub — agent community |
+| @togethercompute | Together AI | Agent inference platform |
+| @GroqInc | Groq | Fast inference for agents |
+| @perplexity_ai | Perplexity | AI search — agent adjacent |
+
+---
+
+## 2. AI Agent Influencers — "The Promotion Machine"
+
+*These accounts have large audiences and regularly promote new AI projects. Getting a mention = distribution.*
+
+| Handle | Name | Why |
+|--------|------|-----|
+| @AlexReynolds_AI | Alex Finn / AI promoters | Large following, actively promotes AI launches |
+| @aiDotEngineer | AI Engineer | Dev-focused AI content, large reach |
+| @swyx | swyx (Shawn Wang) | AI dev community builder — latent.space |
+| @karpathy | Andrej Karpathy | Former OpenAI/Tesla — millions of followers |
+| @ylecun | Yann LeCun | Meta's Chief AI Scientist — authority signal |
+| @GaryMarcus | Gary Marcus | AI critic — gets engagement from controversy |
+| @emollick | Ethan Mollick | Wharton professor — viral AI use cases |
+| @sama | Sam Altman | OpenAI CEO — follow for algo signal |
+| @demishassabis | Demis Hassabis | DeepMind CEO |
+| @ylecun | Yann LeCun | Meta AI Chief |
+| @jeffdean | Jeff Dean | Google AI |
+| @hardmaru | David Ha | Research director |
+| @fchollet | François Chollet | Keras creator |
+| @mmitchell_ai | Margaret Mitchell | AI ethics — engaged audience |
+| @abhi1nandy2 | Abhishek Thakur | Kaggle grandmaster, huge ML following |
+| @_akhaliq | AK | Papers + models — daily AI news aggregator |
+| @rohanpaul_ai | Rohan Paul | AI content, large audience |
+| @aibreakfast | AI Breakfast | Daily AI newsletter/X presence |
+| @TheMoonCarlson | Carl | AI tools promotion account |
+| @kimmonismus | Kim Monismus | AI tools reviewer, German-speaking audience |
+| @javilopen | Javi Lopez | Viral AI demos |
+| @levelsio | Pieter Levels | Indie hacker + AI builder — huge reach |
+| @yoheinakajima | Yohei Nakajima | BabyAGI creator — agent community OG |
+| @SigGravitas | Auto-GPT | AutoGPT creator |
+| @rikarends | Rik Arends | Makepad / dev tools builder |
+| @danshipper | Dan Shipper | Every.to — AI writing/tools community |
+
+---
+
+## 3. All Major AI Labs & Studios
+
+### US Labs
+| Handle | Name | Why |
+|--------|------|-----|
+| @AnthropicAI | Anthropic | Claude |
+| @OpenAI | OpenAI | GPT |
+| @Google_AI | Google AI | Gemini |
+| @MetaAI | Meta AI | Llama |
+| @MicrosoftAI | Microsoft AI | Copilot ecosystem |
+| @AmazonAWS | Amazon AWS | Bedrock |
+| @NVIDIAAIDev | NVIDIA AI | GPU / inference infrastructure |
+| @MistralAI | Mistral | Open models |
+| @AI21Labs | AI21 Labs | Jamba |
+| @CohereAI | Cohere | Enterprise NLP |
+| @adept_ai | Adept | Action-focused agents |
+| @CharacterAI | Character.AI | Consumer AI |
+| @InflectionAI | Inflection | Pi AI |
+| @xAI | xAI | Grok |
+| @Scale_AI | Scale AI | Data + evaluation |
+| @HumanLoopHQ | HumanLoop | LLM ops |
+
+### Chinese AI Studios
+| Handle | Name | Why |
+|--------|------|-----|
+| @BaiduAI | Baidu AI | ERNIE — huge Chinese user base |
+| @AlibabaCloud | Alibaba Cloud | Qwen models |
+| @ByteDanceTech | ByteDance | Doubao — massive distribution |
+| @DeepSeek_AI | DeepSeek | R1 — viral open-source model |
+| @moonshot_ai | Moonshot AI | Kimi — Chinese long-context model |
+| @Zhipu_AI | Zhipu AI | GLM series |
+| @01ai_Yi | 01.AI | Yi models — Kai-Fu Lee |
+| @stepfun_ai | StepFun | Multimodal Chinese models |
+| @MiniMaxAI | MiniMax | Chinese consumer AI |
+
+### European AI Studios
+| Handle | Name | Why |
+|--------|------|-----|
+| @AlephAlpha | Aleph Alpha | German sovereign AI |
+| @Mistral_AI | Mistral | French open models |
+| @CriticalFuture_ | Critical Future | UK AI safety |
+
+---
+
+## 4. Inference & API Platforms
+
+| Handle | Name | Why |
+|--------|------|-----|
+| @FireworksAI | Fireworks AI | Fast inference API — agent infrastructure |
+| @togethercompute | Together AI | Multi-model inference |
+| @GroqInc | Groq | Fastest inference — agent use |
+| @ReplicateHQ | Replicate | Model deployment |
+| @modal_labs | Modal Labs | Serverless AI infra |
+| @fly_io | Fly.io | Distributed compute |
+| @CloudflareDev | Cloudflare Workers AI | Edge inference |
+
+---
+
+## 5. Password Managers & Security Tools
+
+*Know your competition. Engage with their audience.*
+
+| Handle | Name | Why |
+|--------|------|-----|
+| @1Password | 1Password | Biggest competitor |
+| @Bitwarden | Bitwarden | Open-source competitor |
+| @Dashlane | Dashlane | Consumer competitor |
+| @LastPass | LastPass | Breach-damaged — our contrast story |
+| @NordPass | NordPass | Growing competitor |
+| @ProtonPrivacy | Proton | Privacy-first — adjacent audience |
+| @VaultWarden | Vaultwarden | Self-hosted Bitwarden fork community |
+| @KeePass | KeePass | Self-hosted community |
+| @hashicorp | HashiCorp | Vault — enterprise secrets management |
+| @CyberArkSoftware | CyberArk | Enterprise PAM |
+| @BeyondTrust | BeyondTrust | Enterprise PAM |
+
+---
+
+## 6. Hacker News + Tech Community
+
+| Handle | Name | Why |
+|--------|------|-----|
+| @newsycombinator | Hacker News | HN official — follow + engage |
+| @paulg | Paul Graham | YC founder — HN creator |
+| @garrytan | Garry Tan | YC CEO — startup amplification |
+| @TechCrunch | TechCrunch | Coverage + audience |
+| @TheHackerNews | The Hacker News | Security news — cybersecurity audience |
+| @SecurityWeekly | Security Weekly | Infosec podcast/community |
+| @KrebsOnSecurity | Brian Krebs | Breach journalism — our audience |
+| @troyhunt | Troy Hunt | HaveIBeenPwned — breach audience |
+| @thegrugq | thegrugq | Security researcher — respected voice |
+| @SwiftOnSecurity | SwiftOnSecurity | Security culture — huge following |
+| @LobstersCoop | Lobste.rs | Developer community |
+| @devto | DEV Community | Developer platform |
+| @hackernewsbot | HN Bot | Automated HN posts |
+
+---
+
+## 7. Cybersecurity & Privacy Experts
+
+| Handle | Name | Why |
+|--------|------|-----|
+| @troyhunt | Troy Hunt | HIBP creator — breach community |
+| @briankrebs | Brian Krebs | Investigative security journalist |
+| @evacide | Eva Galperin | EFF — digital rights audience |
+| @EFF | Electronic Frontier Foundation | Digital rights — privacy community |
+| @privacytools | Privacy Tools | Privacy-focused community |
+| @MITREattack | MITRE ATT&CK | Threat intelligence community |
+| @NSACyber | NSA Cybersecurity | Government security |
+| @CISAgov | CISA | US cyber agency |
+| @sans_isc | SANS Internet Storm Center | Security community |
+| @schneierblog | Bruce Schneier | Security legend |
+| @taviso | Tavis Ormandy | Google Project Zero — elite researcher |
+| @lcamtuf | lcamtuf | AFL creator, security researcher |
+| @GrahamCluley | Graham Cluley | Security journalist + podcaster |
+| @SophosNews | Sophos | Security vendor with engaged community |
+| @MalwareHunterTeam | MHT | Malware research — infosec community |
+
+---
+
+## 8. Tech Giants (for algo signal + enterprise audience)
+
+| Handle | Name | Why |
+|--------|------|-----|
+| @Apple | Apple | Consumer signal, privacy brand alignment |
+| @Microsoft | Microsoft | Enterprise audience |
+| @Google | Google | Broad tech audience |
+| @awscloud | AWS | Our infrastructure — relevant audience |
+| @GitHub | GitHub | Developer community |
+| @vercel | Vercel | Developer platform — agent builders |
+| @stripe | Stripe | Developer-focused — our audience |
+| @hashicorp | HashiCorp | Infrastructure + secrets management |
+
+---
+
+## 9. Privacy & Data Regulation
+
+| Handle | Name | Why |
+|--------|------|-----|
+| @EFF | EFF | Digital rights — privacy aligned |
+| @PrivacyIntl | Privacy International | Global privacy advocacy |
+| @EPDPAuthority | EDPB | EU data protection |
+| @ICOnews | UK ICO | UK GDPR enforcement |
+| @FTC | FTC | US regulator — breach news source |
+| @ENISA_EU | ENISA | EU cybersecurity agency |
+
+---
+
+## Summary Stats
+
+| Category | Count |
+|----------|-------|
+| OpenClaw + Agent Ecosystem | 20 |
+| AI Influencers | 26 |
+| AI Labs (US) | 16 |
+| AI Labs (Chinese) | 9 |
+| AI Labs (European) | 3 |
+| Inference Platforms | 7 |
+| Password Managers & Security Tools | 11 |
+| HN + Tech Community | 13 |
+| Cybersecurity Experts | 15 |
+| Tech Giants | 8 |
+| Privacy & Regulation | 6 |
+| **Total** | **134** |
+
+---
+
+*Priority order: Agent ecosystem first (direct audience), AI influencers second (amplification), security/privacy third (relevance), rest for algo signal.*
+*Generated by George · vault1984 · March 2026*

drafts/vault1984-twitter-schedule.html

@@ -0,0 +1,311 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>vault1984 — Twitter Drip Schedule</title>
+<style>
+  * { box-sizing: border-box; margin: 0; padding: 0; }
+  body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; background: #0f0f0f; color: #e0e0e0; padding: 40px 20px; }
+  h1 { font-size: 22px; font-weight: 700; color: #fff; margin-bottom: 6px; }
+  .subtitle { color: #666; font-size: 13px; margin-bottom: 40px; }
+  .week { margin-bottom: 48px; }
+  .week-label { font-size: 11px; text-transform: uppercase; letter-spacing: 2px; color: #555; margin-bottom: 16px; border-bottom: 1px solid #222; padding-bottom: 8px; }
+  .posts { display: flex; flex-direction: column; gap: 16px; }
+  .post { display: grid; grid-template-columns: 180px 1fr 280px; gap: 20px; background: #161616; border: 1px solid #222; border-radius: 10px; padding: 20px; align-items: start; }
+  .post.posted { border-left: 3px solid #1d9bf0; }
+  .post.scheduled { border-left: 3px solid #555; }
+  .post.pending { border-left: 3px solid #333; opacity: 0.6; }
+  .meta { display: flex; flex-direction: column; gap: 6px; }
+  .date { font-size: 15px; font-weight: 600; color: #fff; }
+  .time { font-size: 13px; color: #888; }
+  .lang-badge { display: inline-block; font-size: 10px; font-weight: 700; text-transform: uppercase; letter-spacing: 1px; padding: 2px 8px; border-radius: 4px; margin-top: 4px; width: fit-content; }
+  .en { background: #1d3a5e; color: #7bb8f0; }
+  .zh { background: #3a1a1a; color: #f07b7b; }
+  .de { background: #1a2e1a; color: #7bf07b; }
+  .pt { background: #2e2a1a; color: #f0d07b; }
+  .status { font-size: 11px; text-transform: uppercase; letter-spacing: 1px; margin-top: 8px; }
+  .status.live { color: #1d9bf0; }
+  .status.queued { color: #aaa; }
+  .status.tbd { color: #555; }
+  .tweet-text { font-size: 14px; line-height: 1.6; color: #ccc; white-space: pre-wrap; }
+  .hashtags { color: #1d9bf0; }
+  .city-img { width: 100%; border-radius: 8px; object-fit: cover; aspect-ratio: 16/9; background: #222; display: flex; align-items: center; justify-content: center; color: #444; font-size: 12px; }
+  .city-img img { width: 100%; border-radius: 8px; }
+  @media (max-width: 800px) {
+    .post { grid-template-columns: 1fr; }
+    .city-img { max-width: 100%; }
+  }
+</style>
+</head>
+<body>
+
+<h1>vault1984 — Twitter Drip Schedule</h1>
+<p class="subtitle">POP launch sequence · @vault1984 · Every other day · AI-generated city images</p>
+
+<!-- WEEK 1 -->
+<div class="week">
+  <div class="week-label">Week 1 — March 17–21, 2026</div>
+  <div class="posts">
+
+    <div class="post posted">
+      <div class="meta">
+        <div class="date">Tuesday, Mar 17</div>
+        <div class="time">6:43 PM EDT</div>
+        <span class="lang-badge en">EN</span>
+        <div class="status live">✓ Live</div>
+      </div>
+      <div class="tweet-text">Finally. A password manager where the company hosting your vault cannot read it.
+vault1984 is live in the United States 🇺🇸 — and your AI agents can use it without anyone else seeing what's inside.
+Free till May 1st.
+<span class="hashtags">#privacy #cybersecurity</span></div>
+      <div class="city-img"><img src="/home/johan/george/images/washington-dc.jpg" alt="Washington D.C." onerror="this.parentElement.textContent='Washington D.C.'"></div>
+    </div>
+
+    <div class="post scheduled">
+      <div class="meta">
+        <div class="date">Wednesday, Mar 18</div>
+        <div class="time">10:17 AM EDT</div>
+        <span class="lang-badge en">EN</span>
+        <div class="status queued">⏳ Scheduled</div>
+      </div>
+      <div class="tweet-text">Your password manager can read your passwords. The company running it just chooses not to.
+vault1984 is a password manager built so the operator cannot read your vault — and your AI agents can use it without anyone else seeing what's inside.
+Now live in Singapore 🇸🇬 — free till May 1st.
+<span class="hashtags">#Singapore #cybersecurity</span></div>
+      <div class="city-img"><img src="/home/johan/george/images/singapore.jpg" alt="Singapore" onerror="this.parentElement.textContent='Singapore'"></div>
+    </div>
+
+    <div class="post scheduled">
+      <div class="meta">
+        <div class="date">Wednesday, Mar 18</div>
+        <div class="time">2:43 PM EDT</div>
+        <span class="lang-badge zh">ZH</span>
+        <div class="status queued">⏳ Scheduled</div>
+      </div>
+      <div class="tweet-text">你的密码管理器可以读取你的密码。只是公司选择不这么做。
+vault1984 是一款密码管理器 — 你的 AI 助手可以使用它，而运营方从架构上无法读取你的密码库。
+现已在新加坡上线 🇸🇬 — 5月1日前免费。
+<span class="hashtags">#隐私 #网络安全</span></div>
+      <div class="city-img"><img src="/home/johan/george/images/singapore.jpg" alt="Singapore" onerror="this.parentElement.textContent='Singapore'"></div>
+    </div>
+
+    <div class="post scheduled">
+      <div class="meta">
+        <div class="date">Thursday, Mar 19</div>
+        <div class="time">8:52 AM EDT</div>
+        <span class="lang-badge en">EN</span>
+        <div class="status queued">⏳ Scheduled</div>
+      </div>
+      <div class="tweet-text">LastPass: breached. Your current password manager: can read your vault.
+vault1984 just landed in Zürich 🇨🇭 — a password manager your AI agents can use, that the operator cannot read.
+Swiss law. No CLOUD Act. Free till May 1st.
+<span class="hashtags">#Switzerland #privacy</span></div>
+      <div class="city-img"><img src="/home/johan/george/images/zurich.jpg" alt="Zürich" onerror="this.parentElement.textContent='Zürich — image pending'"></div>
+    </div>
+
+    <div class="post scheduled">
+      <div class="meta">
+        <div class="date">Thursday, Mar 19</div>
+        <div class="time">11:29 AM EDT</div>
+        <span class="lang-badge de">DE</span>
+        <div class="status queued">⏳ Scheduled</div>
+      </div>
+      <div class="tweet-text">LastPass: gehackt. Dein aktueller Passwort-Manager: kann deinen Tresor lesen.
+vault1984 ist jetzt in Zürich 🇨🇭 — ein Passwort-Manager für deine KI-Agenten, den der Betreiber nicht lesen kann.
+Schweizer Recht. Kein CLOUD Act. Kostenlos bis 1. Mai.
+<span class="hashtags">#Schweiz #Datenschutz</span></div>
+      <div class="city-img"><img src="/home/johan/george/images/zurich.jpg" alt="Zürich" onerror="this.parentElement.textContent='Zürich — image pending'"></div>
+    </div>
+
+  </div>
+</div>
+
+<!-- WEEK 2 -->
+<div class="week">
+  <div class="week-label">Week 2 — São Paulo (date TBD — settling period)</div>
+  <div class="posts">
+
+    <div class="post pending">
+      <div class="meta">
+        <div class="date">TBD</div>
+        <div class="time">~morning EDT</div>
+        <span class="lang-badge en">EN</span>
+        <div class="status tbd">— Pending</div>
+      </div>
+      <div class="tweet-text">Brazil has 215 million people and a data privacy law with teeth.
+vault1984 just landed in São Paulo 🇧🇷 — your passwords encrypted locally, your vault in-country, your AI agents the only ones with the key.
+Free till May 1st.
+<span class="hashtags">#Brazil #LGPD #privacy</span></div>
+      <div class="city-img"><img src="/home/johan/george/images/sao-paulo.jpg" alt="São Paulo" onerror="this.parentElement.textContent='São Paulo — image ready'"></div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta">
+        <div class="date">TBD</div>
+        <div class="time">~afternoon EDT</div>
+        <span class="lang-badge pt">PT</span>
+        <div class="status tbd">— Pending</div>
+      </div>
+      <div class="tweet-text">O Brasil tem 215 milhões de pessoas e uma lei de privacidade com dentes.
+vault1984 chegou em São Paulo 🇧🇷 — suas senhas criptografadas localmente, seu cofre no país, seus agentes de IA os únicos com a chave.
+Grátis até 1º de maio.
+<span class="hashtags">#Brazil #LGPD #privacidade</span></div>
+      <div class="city-img"><img src="/home/johan/george/images/sao-paulo.jpg" alt="São Paulo" onerror="this.parentElement.textContent='São Paulo — image ready'"></div>
+    </div>
+
+  </div>
+</div>
+
+<!-- UPCOMING -->
+<div class="week">
+  <div class="week-label">Upcoming — Remaining 19 POPs (sequence TBD)</div>
+  <div class="posts">
+
+    <div class="post pending">
+      <div class="meta"><div class="date">London 🇬🇧</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Your bank is in London. Your law firm is in London. Your password manager's server is in Virginia.
+vault1984 just landed in London 🇬🇧 — your vault stays in-jurisdiction.
+Free till May 1st. <span class="hashtags">#UK #privacy #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Stockholm 🇸🇪</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Sweden gave the world GDPR's spirit. Now vault1984 gives Sweden a vault the operator cannot read.
+Live in Stockholm 🇸🇪 — free till May 1st. <span class="hashtags">#Sweden #GDPR #privacy</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Dubai 🇦🇪</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">The Middle East moves fast. Your password manager shouldn't still be routing through US data centers.
+vault1984 is live in Dubai 🇦🇪 — your vault, your region, your AI.
+Free till May 1st. <span class="hashtags">#UAE #Dubai #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Lagos 🇳🇬</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Africa's tech industry has been served from US servers for too long.
+vault1984 is live in Lagos 🇳🇬 — your vault on your continent, encrypted so the operator sees nothing.
+Free till May 1st. <span class="hashtags">#Nigeria #Africa #privacy</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Tokyo 🇯🇵</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Japan takes data privacy seriously. So do we.
+vault1984 just landed in Tokyo 🇯🇵 — your AI agents get access, nobody else does.
+Free till May 1st. <span class="hashtags">#Japan #cybersecurity #privacy</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Mumbai 🇮🇳</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">1.4 billion people. One of the fastest-growing developer communities in the world.
+vault1984 is live in Mumbai 🇮🇳 — finally a password manager the operator cannot read.
+Free till May 1st. <span class="hashtags">#India #cybersecurity #privacy</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Seoul 🇰🇷</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Korea builds the fastest internet in the world. Your password manager should keep up.
+vault1984 is live in Seoul 🇰🇷 — low latency, zero operator access.
+Free till May 1st. <span class="hashtags">#Korea #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Sydney 🇦🇺</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Australia's privacy laws just got teeth. Your password manager's server is still in Oregon.
+vault1984 is live in Sydney 🇦🇺 — your data stays in Australia, your vault stays unreadable.
+Free till May 1st. <span class="hashtags">#Australia #privacy #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Istanbul 🇹🇷</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Turkey sits between Europe and Asia — and your data shouldn't have to choose.
+vault1984 is live in Istanbul 🇹🇷 — encrypted, local, operator-blind.
+Free till May 1st. <span class="hashtags">#Turkey #cybersecurity #privacy</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Nairobi 🇰🇪</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Nairobi is East Africa's tech capital. Your vault shouldn't be 10,000km away.
+vault1984 is live in Nairobi 🇰🇪 — local infrastructure, zero operator access.
+Free till May 1st. <span class="hashtags">#Kenya #Africa #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Cape Town 🇿🇦</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">South Africa has some of Africa's strictest data laws. vault1984 just made compliance easier.
+Live in Cape Town 🇿🇦 — your vault, your jurisdiction, your AI.
+Free till May 1st. <span class="hashtags">#SouthAfrica #POPIA #privacy</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Madrid 🇪🇸</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">GDPR wasn't enough. You still trust your password manager to not look inside.
+vault1984 just landed in Madrid 🇪🇸 — architecturally operator-blind.
+Free till May 1st. <span class="hashtags">#Spain #GDPR #privacy</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Montréal 🇨🇦</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Canada's Law 25 is North America's strictest privacy law. vault1984 just made it irrelevant — we can't read your data anyway.
+Live in Montréal 🇨🇦 — free till May 1st. <span class="hashtags">#Canada #privacy #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Mexico City 🇲🇽</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Latin America's largest city. Your data doesn't need to leave it.
+vault1984 is live in Mexico City 🇲🇽 — operator-blind password management, finally in your timezone.
+Free till May 1st. <span class="hashtags">#Mexico #privacy #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Bogotá 🇨🇴</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Colombia's Habeas Data law protects your personal data. vault1984 takes it further — we can't read it regardless.
+Live in Bogotá 🇨🇴 — free till May 1st. <span class="hashtags">#Colombia #privacy</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Santiago 🇨🇱</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">Chile just passed South America's most comprehensive privacy law. vault1984 already meets it — architecturally.
+Live in Santiago 🇨🇱 — free till May 1st. <span class="hashtags">#Chile #privacy #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">Hong Kong 🇭🇰</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">When the rules change, your vault shouldn't be readable by anyone.
+vault1984 is live in Hong Kong 🇭🇰 — encrypted so the operator sees only ciphertext.
+Free till May 1st. <span class="hashtags">#HongKong #privacy #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+    <div class="post pending">
+      <div class="meta"><div class="date">San Francisco 🇺🇸</div><div class="status tbd">— Pending</div></div>
+      <div class="tweet-text">You build the AI. We make sure your credentials don't leak to the platform running it.
+vault1984 is live in San Francisco 🇺🇸 — the vault for your agents.
+Free till May 1st. <span class="hashtags">#SF #AI #cybersecurity</span></div>
+      <div class="city-img" style="background:#1a1a1a; display:flex; align-items:center; justify-content:center; color:#333; font-size:12px; border-radius:8px; aspect-ratio:16/9;">Image pending</div>
+    </div>
+
+  </div>
+</div>
+
+<p style="color:#333; font-size:11px; margin-top:40px; text-align:center;">vault1984 drip schedule · generated by George · last updated Mar 17 2026</p>
+
+</body>
+</html>

memory/2026-03-17.md

@@ -1,95 +1,100 @@
+# Daily Notes — 2026-03-17 (Tuesday)
 
-## Mira Discord Bot — Created & Live (Mar 17)
-- App ID: 1483483480435458240
-- Bot token stored in OC config (discord accounts.mira)
-- Guild: vault1984 (1478270766007976009)
-- Intents enabled: Presence, Server Members, Message Content
-- Agent config: /home/johan/mira workspace, ✨ avatar
-- Status: ONLINE as of 12:39 PM ET
+## Overview
+Heavy infrastructure day. Email pipeline fixed, Mira Discord bot brought online, DNSSEC done for .nl domains, George session bloat resolved, new Hugo agent workspace created for DJ Rosie PR.
 
-## Chrome Remote Debug Setup (Mar 17)
-- Mac SSH: johanjongsma@192.168.1.14 (key: ~/.ssh/id_ed25519)
-- OC browser profile "user": driver=existing-session, attachOnly=true
-- alias chrome-debug on Mac: launches Chrome with --remote-debugging-port=9222 --remote-debugging-address=0.0.0.0
-- Dock app: ~/Applications/ChromeDebug.app (compiled AppleScript)
-- Note: Chrome must be launched fresh (not existing instance) for debug port to bind
+---
 
-## Email Triage — Real-time Pipeline Fixed (Mar 17)
-- MC webhook → OC /hooks/messages → mail agent (agentId: mail)
-- Junk filter prompt: default=PASS, government/official bodies always pass
-- Removed Kaseya rules from both junk prompt and routing guide
-- MijnOverheid (Belastingdienst) emails restored to inbox — 2 tax documents pending
+## Morning (~1–4 AM)
 
-## Session Summary — Mar 17 Morning/Midday
+### Email Pipeline Fixed
+- Removed all Kaseya-specific routing rules from `memory/email-triage.md` and `config/email-triage-prompt.md` — Johan no longer at Kaseya context applies
+- Fixed OC webhook hook: added `agentId: "mail"` so `/hooks/messages` fires to mail agent
+- 67-message backlog triaged by subagent at ~1:48 AM
+- Notable: Health Link invoice #000061 ($216.90, Sophia blood draw) flagged — resent 3×, still unactioned
+- Phishing email (German, befriendsonline.net) preserved in inbox
 
-### Email Triage Pipeline
-- MC webhook → OC /hooks/messages → agentId: mail (was missing agentId, now fixed)
-- Junk filter rules: removed Kaseya-specific rules entirely
-- Routing rules: "default=PASS" principle added — never archive what you can't confirm is noise
-- Government/official bodies (Belastingdienst, MijnOverheid) always pass — legal consequences
-- Two MijnOverheid Belastingdienst emails restored to inbox (Feb 20, Mar 13) — TAX DOCS, Johan must check
-- 208 messages archived from inboxes (tj@ and johan@) since Feb 15
-- Pipeline verified working end-to-end
+### Tech News
+- NVIDIA GTC 2026: Vera Rubin chips (7 new chips, 35x inference/watt vs Hopper), DGX Station GB300 with 748GB unified memory
+- MiniMax M2 open-sourced — 8% of Sonnet price, 2x speed, agent-optimized
+- OpenAI Pentagon deal: models for ~3M DOD employees
 
-### Alerts surfaced during triage
-- Openprovider URGENT Suspension — needs immediate attention
-- Chase Prime Visa — payment was due Mar 7 (possibly overdue)
-- Health Link invoice #000061 — $216.90 Sophia blood draw, unpaid, multiple reminders
-- National Visa Center — immigration reinstatement notice
-- Venmo $480 outstanding from Diane Murray
-- Jonathan Hayden — replied to MRI analysis (real human, in inbox)
-- Macy's statement acct 8097 Feb 26
+---
 
-### Mac SSH Access — Established
-- johanjongsma@192.168.1.14 (key: ~/.ssh/id_ed25519 from forge)
-- Mac username is johanjongsma (NOT johan — wasted time on wrong username earlier)
-- SSH enabled via System Settings → General → Sharing → Remote Login
-- PubkeyAuthentication needed explicit `yes` in sshd_config
+## Late Morning (~11 AM–12 PM)
 
-### Chrome Remote Debug
-- Working command: `/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --remote-debugging-port=9222 --remote-debugging-address=0.0.0.0`
-- Alias `chrome-debug` added to ~/.zshrc on Mac
-- Dock app: ~/Applications/ChromeDebug.app (AppleScript compiled via osacompile — must run in GUI session, not SSH)
-- OC browser profile "user": driver=existing-session, attachOnly=true, color=#00AA00
-- cdpUrl was initially set to 127.0.0.1:19222 (SSH tunnel) — corrected to 192.168.1.14:9222 (direct LAN)
-- Chrome must be launched fresh (kill existing instance first) for debug port to actually bind
-- `--remote-debugging-address=0.0.0.0` required or Chrome only binds to localhost
+### ChromeDebug Mac App
+- Johan asked for one-click Chrome debug launcher on Mac
+- Created `~/Applications/ChromeDebug.app` (compiled AppleScript, 584K, codesigned)
+- Updated `chrome-debug` alias: removed `--user-data-dir` flag so it uses Johan's real Chrome profile
+- Had to work around `osacompile` SSH limitations — ended up building manually then recompiling on the Mac itself
 
-### Mira Discord Bot
-- Created via browser automation (headless OC browser + Johan clicking CAPTCHA)
-- App ID: 1483483480435458240 | Bot: Mira#7065
-- Token: MTQ4MzQ4MzQ4MDQzNTQ1ODI0MA.G9zfbb.m9MdxDSgGnGJYz4i4oiR_3FZb8D4FCOK0oFXMo
-- Guild: vault1984 (1478270766007976009) — added via OAuth2 authorize flow
-- Intents: all three privileged intents enabled (Presence, Server Members, Message Content)
-- OC config: channels.discord.accounts.mira, workspace /home/johan/mira
-- ONLINE as of 12:39 PM ET Mar 17
-- Error 4014 was the blocker — intents were set via application flags API but NOT in the bot portal UI (separate thing)
+### Mira Discord Bot (vault1984 guild)
+- Bot was showing offline — gateway intent error 4014 (missing privileged intents)
+- Required enabling Message Content + Server Members intents in Discord dev portal
+- Johan did this manually (needed browser access to dev portal)
+- Mira came online after gateway restart ~12:10 PM
+- OC log was at max file size cap — suppressed writes, had to debug blind
 
-### OC Browser Profile Learnings
-- profile="user" with driver="existing-session" = Chrome MCP attach, no debug port needed in theory
-- BUT in practice needs Chrome running with --remote-debugging-port on the same machine as gateway
-- Gateway is on forge (Linux), Chrome is on Mac — so remote CDP required
-- Remote CDP profile: cdpUrl pointing at Mac's IP:9222
-- existing-session driver does NOT accept userDataDir key (config validation error)
-- SSH tunnel approach works but unnecessary — direct LAN is cleaner
+---
 
-### Pending
-- Johan needs to check MijnOverheid for Belastingdienst tax documents
-- Openprovider suspension needs immediate attention
-- Chase payment may be overdue
-- Mac Chrome needs to be re-launched with debug flags for browser automation to work again
+## Afternoon (~1–5 PM)
 
-## Mira Discord — Root Cause & Fix (Mar 17 13:09)
-- **Root cause:** Missing entry in `bindings[]` array in openclaw.json
-- George/Iaso had explicit bindings `{agentId: "george", match: {channel: "discord", accountId: "george"}}`
-- Mira only had a telegram binding — Discord messages were never routed to her agent
-- **Fix:** Added `{agentId: "mira", match: {channel: "discord", accountId: "mira"}}` to bindings[]
-- Also: new bot token issued by Johan (old one may have been compromised/expired)
-- New token: MTQ4MzQ4MzQ4MDQzNTQ1ODI0MA.GYcXfM.oqWv6C_R2TRNtAZ61fZRAZPtg30L2olIk7zQ_8
-- **Lesson:** When adding a new Discord bot account, ALWAYS add a binding entry — account name matching agent ID is NOT sufficient
+### George Session Bloat
+- George (vault1984 writer agent) hitting "overloaded" API errors ~1:20–1:30 PM
+- Root cause: His session grew to 4.3MB / 701 messages (months of context)
+- Fixed: cleared `agent:george:main` from sessions.json, both channel pointers updated to clean files
+- Errors were also partly genuine Anthropic API overload during heavy gateway work period
+- George responding normally after fix
 
-## Claude API Outage / Degraded (Mar 17 ~13:30-13:41 ET)
-- Sonnet 4.6 timeouts hitting all agents
-- OC fallback also fails (fallback = same model, no alternate configured)
-- George's 4.3MB session was archived to prevent compounding the issue
-- Not a config issue — Anthropic-side degradation
+### DNSSEC — zavtra/busel/muskepo .nl
+- Johan asked to enable DNSSEC on 3 Cloudflare .nl domains
+- Cloudflare DNSSEC enabled → DS records generated
+- OpenProvider API (PUT /domains/{id}) returned code 0 but didn't actually save DS records — tried 4 different payload formats, all silently failed
+- Escalated to Johan: manual entry required at cp.openprovider.eu
+- Key for all 3: ECDSA P-256, key type 257, same public key (same CF account)
+- Johan entered DS records manually ~7 PM
+
+### Cross-Bot Communication (vault1984 guild)
+- Added `allowBots: true` to Discord config
+- Added all bot IDs to per-guild users allowlist (default, george, iaso, mira accounts)
+- Had to remove invalid `adminUsers` key (not in OC schema) that caused config validation failure
+
+### AI News Briefing (~3 PM)
+- MiniMax M2 open-sourced (same as M2.5 we have on Fireworks, now free)
+- GPT-5.4 mini ($0.75/$4.50/M tokens) and nano ($0.20/$1.25/M, API-only) dropped
+- Cloudflare AI Security for Apps went GA
+- Alibaba investing in competing Chinese AI labs (portfolio hedging for cloud compute)
+
+---
+
+## Evening (~7–9 PM)
+
+### DNSSEC Confirmed Active ✅
+- All three .nl domains confirmed active at SIDN registry ~7:20 PM
+- `dig DS` shows valid DS records for zavtra.nl, busel.nl, muskepo.nl
+
+### Hugo Agent (DJ Rosie PR Manager) — STARTED, NOT COMPLETED
+- Johan asked to create a new Discord bot agent for his daughter DJ Rozemarijn Jongsma (DJ Rosie)
+- Concept: PR and artist management agent named **Hugo**
+- Workspace created: `/home/johan/hugo/` with SOUL.md written
+- Bot name discussion: started as "Rosie" → "DJ Rosie" → clarified it's a PR agent for the artist → named **Hugo**
+- **BLOCKED at 9 PM**: Waiting for Johan to create Discord app and provide bot token
+- Chrome debug wasn't running on Mac at time of session end
+
+---
+
+## Infrastructure Health (End of Day)
+- MC: Healthy
+- OC: Running, all agents active
+- Disk: 56% (197G free)
+- George: Clean fresh session
+- Failed systemd units: only `xdg-desktop-portal*.service` (headless Ubuntu, harmless)
+
+---
+
+## Pending/TODOs for Tomorrow
+- [ ] Hugo bot: Johan provides Discord token → wire up OC config
+- [ ] Health Link invoice #000061 ($216.90) — needs action
+- [ ] Git push backlog: inou (10 uncommitted), clawd (9), dealspace (6 — ask first), james-dashboard (4), vault1984 (3)
+- [ ] inou DICOM VR validation bug still unaddressed

memory/claude-usage.json

@@ -1,9 +1,9 @@
 {
-  "last_updated": "2026-03-17T22:00:02.109827Z",
+  "last_updated": "2026-03-18T04:00:02.047151Z",
   "source": "api",
-  "session_percent": 0,
-  "session_resets": "2026-03-18T01:59:59.998512+00:00",
-  "weekly_percent": 41,
-  "weekly_resets": "2026-03-20T02:59:59.998534+00:00",
-  "sonnet_percent": 54
+  "session_percent": 3,
+  "session_resets": "2026-03-18T06:59:59.993943+00:00",
+  "weekly_percent": 43,
+  "weekly_resets": "2026-03-20T02:59:59.993967+00:00",
+  "sonnet_percent": 57
 }

memory/updates/2026-03-17.json

@@ -1,50 +1,26 @@
 {
   "date": "2026-03-17",
-  "timestamp": "2026-03-17T09:00:00-04:00",
-  "openclaw": {
-    "before": "OpenClaw 2026.3.13 (61d171a)",
-    "latest": "2026.3.13",
-    "updated": false
+  "timestamp": "2026-03-18T01:00:00Z",
+  "os_updates": {
+    "status": "checked",
+    "upgradable": 1,
+    "note": "1 package available (not installed — only kernel packages noted). Kernel running: 6.8.0-101-generic, latest: 6.8.0-106-generic. Reboot needed to activate new kernel.",
+    "kernel_reboot_needed": true
   },
   "claude_code": {
-    "before": "2.1.77",
-    "latest": "2.1.77",
-    "updated": false
+    "previous": "2.1.77",
+    "current": "2.1.78",
+    "updated": true
   },
-  "os": {
-    "available": 5,
-    "packages": [
-      {
-        "name": "vim-common",
-        "from": "2:9.1.0016-1ubuntu7.9",
-        "to": "2:9.1.0016-1ubuntu7.10"
-      },
-      {
-        "name": "vim-runtime",
-        "from": "2:9.1.0016-1ubuntu7.9",
-        "to": "2:9.1.0016-1ubuntu7.10"
-      },
-      {
-        "name": "vim-tiny",
-        "from": "2:9.1.0016-1ubuntu7.9",
-        "to": "2:9.1.0016-1ubuntu7.10"
-      },
-      {
-        "name": "vim",
-        "from": "2:9.1.0016-1ubuntu7.9",
-        "to": "2:9.1.0016-1ubuntu7.10"
-      },
-      {
-        "name": "xxd",
-        "from": "2:9.1.0016-1ubuntu7.9",
-        "to": "2:9.1.0016-1ubuntu7.10"
-      }
-    ],
-    "updated": true,
-    "reboot_required": true
+  "openclaw": {
+    "current": "2026.3.13 (61d171a)",
+    "update_available": false
   },
-  "caddy_pi": {
-    "result": "\"\nNo VM guests are running outdated hypervisor (qemu) binaries on this host.\nE: Write error - ~LZMAFILE (28: No space left on device)\nupgraded:7\ncaddyfile:unchanged\nreboot:no\""
+  "session_cleanup": {
+    "orphaned_jsonl_deleted": 69,
+    "orphaned_jsonl_kept_large": 11,
+    "run_keys_removed": 80,
+    "sessions_json_keys_remaining": 102
   },
-  "gateway_restarted": false
-}
+  "notes": "Kernel update pending reboot. Claude Code updated from 2.1.77 → 2.1.78. OpenClaw up to date. Cleaned 69 orphaned session files, removed 80 stale :run: keys."
+}

memory/working-context.md

@@ -1,80 +1,101 @@
-# Working Context — 2026-03-16 (updated 9 PM nightly maintenance)
+# Working Context — 2026-03-17 (updated 9 PM nightly maintenance)
 
 ## Current State
-Johan is in his night shift (Sophia care: 10:30 PM – 5 AM). Active work day is done.
+Johan is starting his night shift (Sophia care: 10:30 PM – 5 AM). Active work day is done. Session ended mid-task — Hugo bot setup was in progress at 9 PM.
 
 ---
 
 ## Projects
 
+### Hugo (NEW — in progress, incomplete)
+- Johan asked to set up a new Discord bot agent for DJ Rozemarijn Jongsma (DJ Rosie, his daughter) as PR/artist management agent
+- Agent named **Hugo** — PR manager persona for DJ Rosie
+- Workspace created: `/home/johan/hugo/` with SOUL.md written
+- **BLOCKER:** Needs Discord bot token from Johan. Bot creation via discord.com/developers/applications requires Johan to:
+  1. Create new application → name it "Hugo"
+  2. Add Bot → enable all 3 privileged intents
+  3. Reset Token → paste to James
+  4. Chrome debug needs to be running (`chrome-debug` alias on Mac)
+- **Status:** Workspace ready, waiting for bot token
+
+### Mira (Discord bot — mostly working)
+- Mira's Discord bot was wired up today (app ID 1483483480435458240)
+- Gateway intents issue resolved — Message Content Intent + Server Members intent needed enabling in dev portal
+- Mira online in Discord as of ~12:10 PM today
+- Some `allowBots` config changes made for cross-bot communication in vault1984 guild
+
+### DNSSEC for .nl domains (COMPLETED today)
+- zavtra.nl, busel.nl, muskepo.nl — DNSSEC fully active as of ~7 PM
+- Cloudflare DNSSEC enabled, DS records added to OpenProvider manually by Johan (API format was wrong, had to do it via cp.openprovider.eu)
+- Verified via `dig DS` — all three showing valid DS records at SIDN
+- DNSSEC propagated and active ✅
+
+### email pipeline (FIXED today)
+- MC junk filter working; Kaseya-specific rules removed from both `email-triage.md` and `config/email-triage-prompt.md`
+- OC hook fixed: `agentId: "mail"` added to messages hook so webhooks fire to mail agent
+- 67-message backlog triaged by subagent at ~1:48 AM
+- Health Link invoice #000061 flagged ($216.90, Sophia blood draw, unactioned since Feb 25)
+- Phishing email (German, befriendsonline.net) preserved in inbox
+
+### George (vault1984 writer agent)
+- Was getting "overloaded" API errors during heavy API period (~1:20–1:30 PM)
+- Bloated session (4.3MB, 701 messages) archived; sessions.json cleared
+- Both George channel sessions now point to clean small sessions
+- Errors were genuine Anthropic overload, not George-specific. Resolved.
+
+### ChromeDebug Mac App
+- Created `~/Applications/ChromeDebug.app` on Johan's Mac (via SSH)
+- Compiled AppleScript app (584K, proper codesigned)
+- Launches Chrome with `--remote-debugging-port=9222 --remote-debugging-address=0.0.0.0`
+- Johan needs to drag to Dock if desired
+- `chrome-debug` alias also updated to remove `--user-data-dir` (uses real default profile)
+
 ### inou health
-- **DICOM VR validation bug** flagged as priority: `readStringTag` / `findTag(0x0018, 0x0015)` corrupting `body_part` and `summary` fields on Sophia's Siemens MAGNETOM Sola MRIs. All AI connectors affected. Flagged in TODO, surfaced today as inou daily nudge. Not yet fixed.
-- No other active inou work today.
+- DICOM VR validation bug still outstanding: `readStringTag` / `findTag(0x0018, 0x0015)` corrupting `body_part` and `summary` fields on Sophia's Siemens MAGNETOM Sola MRIs
+- No progress today
 
-### Vera (ElevenLabs voice agent — Spence & Mathews Insurance demo)
-- Johan was building a voice demo AI agent for a client (Spence & Mathews Insurance, Berwick Maine) using ElevenLabs Conversational AI.
-- Agent named "Vera", voice: Clara (V3 Conversational, Expressive mode), LLM: GLM-4.5-Air
-- First message: "Hi, thanks for calling Spence & Mathews Insurance, this is Vera — how can I help you today?"
-- Knowledge base from spenceandmathews.com (URL crawl)
-- This was done around 3–4 AM this morning. Status: configured and running.
-
-### Signal Retirement (COMPLETED today)
-- Signal fully removed from forge:
-  - `signal-cli` binary, data, systemd service all deleted
-  - Signal channel removed from `openclaw.json`
-  - `signal-webhook-proxy.js` deleted
-  - All script references cleaned up (qwen-gguf-watch.sh, k2-watchdog.sh, claude-usage-log.sh)
-  - HEARTBEAT.md Docker services list updated
-- Discord is now the sole primary notification channel.
-
-### notify.sh — Centralized Notifier (NEW today)
-- Created `/home/johan/clawd/scripts/notify.sh`
-- Single dispatcher for all ntfy notifications
-- Usage: `notify.sh -t "Title" -p 3 -T "tags" -c forge|inou|dashboard|all "message"`
-- Wired into: k2-watchdog.sh (kill alerts), qwen-gguf-watch.sh (GGUF drops)
-- health-push.sh untouched (Kuma silence-timeout already works)
-
-### X-Watch Dedup Fix (today)
-- Problem: X-watch subagents kept re-posting the same NemoClaw/GTC stories
-- Fix 1: 24h filter on posts
-- Fix 2: `memory/x-watch-last.md` blacklist — topics already posted can't be re-surfaced unless there's a *new concrete fact*
-- HEARTBEAT.md updated with hard blacklist rule
-- State file seeded with today's coverage (NemoClaw, OpenShell, NVIDIA DLSS 5, etc.)
-
-### HA Token (resolved today)
-- Had lost the HA token — Johan re-provided it (~2 AM)
-- Token saved to `memory/infrastructure.md` under "Home Assistant API Token"
-- alert-dashboard service updated and verified working
+### vault1984
+- George agent running, fresh session
+- Git backlog: 10 uncommitted + 3 unpushed on inou, 9 unpushed on clawd, 6 on dealspace, 4 on james-dashboard, 3 on vault1984
+- **Johan needs to push these** — don't push dealspace without his approval
 
 ---
 
 ## Open Threads / Pending
 
-### Git Backlog (NEEDS ATTENTION)
+### Hugo Bot Token (IMMEDIATE)
+- Johan needs to create Discord app "Hugo" and provide bot token
+- Workspace at `/home/johan/hugo/` is ready
+
+### Git Backlog (UNRESOLVED)
 Last audit (~6 PM):
-- **dealspace**: 13 unpushed commits on `master` (growing for days)
-- **inou**: 10 uncommitted files + 3 unpushed commits on `master`
-- **clawd**: 5 unpushed commits on `master`
-- **vault1984**: 2 unpushed commits on `master`
-- **james-dashboard**: commits pending (variable)
-- Johan needs to push these — I shouldn't push without permission given the count on dealspace.
+- **inou** — 10 uncommitted files + 3 unpushed (master)
+- **clawd** — 9 unpushed (master)
+- **dealspace** — 6 unpushed (master) ← growing, do NOT push without permission
+- **james-dashboard** — 4 unpushed (master)
+- **vault1984** — 3 unpushed (master)
 
-### OC Double-Send Bug
-- X-watch result posted to Discord twice (two distinct message IDs, 9 seconds apart)
-- Deleted the duplicate. Root cause: OC subagent completion may fire two announce events.
-- Watching for recurrence. Not yet reported upstream.
-
----
-
-## Today's Big News
-- **NemoClaw**: Jensen Huang announced at NVIDIA GTC — AI agent OS built on OpenClaw. steipete was physically at GTC working with NVIDIA engineers. "Every company needs an OpenClaw strategy." OpenShell also in active development.
-- **OC 2026.3.13**: Chrome DevTools MCP (no extension), Ollama official provider, major plugin refactor in progress (core → plugins, Claude Code/Codex/Cursor bundles).
-- **Anthropic**: Doubling Claude usage limits off-peak.
-- **Markets**: S&P +0.99% ~6,698. Goldman raised year-end S&P target to 7,600. SentinelOne short looking good (analyst cuts).
+### Health Link Invoice
+- Invoice #000061 for $216.90 (Sophia's blood draw, HealthLink) — resent 3× since Feb 25
+- Unactioned. Needs Johan's attention.
 
 ---
 
 ## Infrastructure Notes
-- **MC**: Healthy. Proton Bridge running. One expired Dealspace OTP in johan@ inbox (can archive).
-- **Uptime Kuma**: Running, health-push active.
-- **signal-cli.service**: Removed (was crash-looping before cleanup).
+- **MC**: Healthy. Proton Bridge running.
+- **Uptime Kuma**: Running.
+- **OC**: Running clean with Mira active.
+- **George**: Clean fresh session.
+- **Disk**: 56% used (197G free) — normal.
+- **Failed units**: Only `xdg-desktop-portal*.service` — harmless GUI portal on headless, expected.
+
+---
+
+## Today's Key Events Summary
+- 1–2 AM: Email pipeline fixed (Kaseya rules removed, hook agentId added, 67-msg backlog cleared)
+- ~3 AM: Verified GTC announcements: NVIDIA Vera Rubin, MiniMax M2 open-sourced, OpenAI Pentagon deal
+- 11–12 PM: ChromeDebug app setup on Mac, Mira bot troubleshooting
+- 12–2 PM: George session bloat fixed; Anthropic API overload period
+- 3 PM: DNSSEC initiated for zavtra/busel/muskepo .nl domains; AI news briefing (MiniMax M2, GPT-5.4 mini/nano, Cloudflare AI security)
+- 7 PM: DNSSEC confirmed active on all 3 domains ✅
+- 8:20–8:35 PM: Hugo agent workspace created; bot token pending from Johan

vault1984-marketing

@@ -0,0 +1 @@
+/home/johan/dev/vault1984/marketing