# 2026-02-14 (Saturday) — Valentine's Day ## Context Hygiene Rules Added to AGENTS.md - Side questions → subagent always (keep main context clean) - Both units always (metric + imperial) — Johan's brain is metric, lives in US - Thinking level: match the task (no thinking for simple stuff) - Also added units preference to USER.md ## myCigna — Autonomous Login Achievement - Installed real Google Chrome on forge (v145), runs on Xvfb:99 with CDP on port 9224 - Headless Playwright gets WAF-blocked by Cigna; real Chrome on Xvfb works perfectly - Login flow: username=tjjongsma (NOT email), password in TOOLS.md - 2FA via email to tj@jongsma.me — grabbed code from MC automatically, zero human intervention - Full autonomous flow: login → 2FA → navigate → extract claims data - Credentials stored in TOOLS.md under "myCigna" ## Baycare Ventilator Fraud (CRITICAL — Sophia) - **Baycare Home Care billing HCPCS E0465 (home ventilator) at $3,125/month** - **Sophia does NOT have a ventilator. Never had one from Baycare. Off vent since Nov 2022.** - Jan 10 claim #260155327900: $3,125 billed, $1,781.25 applied to deductible - Feb 10 claim #260540751600: $3,125 billed, still processing (also E0465) - Other Baycare charge E0431 ($121.60/mo) = portable oxygen rental — legitimate - Johan has notified both Baycare and Cigna **at least 3 times** before - **Family is extremely self-supporting**: concierge pediatrician, own suppliers (Tri-Med, Amazon), own portable O2 (Zen-O) - Baycare only provides: consumable supplies (gauze, trach ties, suction tubes, gloves, H2O2, etc.) - The ONLY equipment Baycare could legitimately bill for = suction machine (~$300) - **Strategy: Don't pay. Let them escalate. Documentation ready.** - Formal complaint drafted: ~/documents/records/medical/baycare-ventilator-fraud-complaint-2026-02-14.md - If ~38 months of E0465 since Nov 2022: potentially ~$118,750 in fraudulent charges ## Cron Job Finalization - Git audit timeout bumped 120s → 300s - Evening Work Queue → Evening Briefing (now isolated agentTurn, same format as morning) - Both briefings now require: actual release notes/changelog with links for any software updates - Both briefings now include infrastructure/industry topics: memory pricing, HDD pricing, hyperscaler price changes, backup/MSP industry (Veeam, Commvault, Cohesity, Rubrik, NinjaOne, AvePoint, NABL, etc.) - Final cron count: 7 jobs (claude-usage, git-audit, morning briefing, evening briefing, nightly maintenance, weekly synthesis, Dr. Madan reminder) ## Shannon Security Scanner — Live on Zurich VPS - Configured Claude Code Router (CCR) to proxy Anthropic SDK → Fireworks K2.5 - Three containers: Temporal + Router (CCR on port 3456) + Worker - Portal-only source code uploaded: 55 Go files, 572KB, 15,700 lines - Excluded: internal tools, DICOM importers, MCP bridge, patient data, binaries - **Scan launched**: `inou-com_shannon-1771049779401` against https://inou.com - Fireworks K2.5 cost: ~$0.50 worst case for full scan ## Alert Dashboard (port 9202) Redesign - Renamed conceptually to "Watchboard" / status board - Added DELETE endpoint + × dismiss button on alerts - Full redesign: Sora font, Braun/mid-century modern aesthetic, warm gold (#c8b273) accents - All 12 clock numbers, gold second hand with counterweight - Bigger fonts (16px alerts) for arm's length viewing on Fire tablet - Calendar month navigation (‹ › buttons) - Compact day headers (S M T W T F S) — fixes Saturday cutoff - Two-tone warm chime instead of harsh pling - Purpose: status updates (texts, Shannon waiting, sensor alerts), NOT news (news stays on James Dashboard 9200) ## Closet Bins Search - Johan needs plastic bins for closet: 46W×46D×33H cm space, wants two side by side - Each bin ~23cm×46cm×33cm (9"×18"×13") — this form factor doesn't exist in standard retail - Suggested: one wider + one narrower bin, or IKEA/Container Store in person ## Evening Briefing Test Run - Successfully generated and posted 7 news items to dashboard - OpenClaw 2026.2.13 release: HuggingFace support, write-ahead delivery queue, Discord voice messages, 337 commits - Confirmed briefing format works with individual news items + source URLs ## Fully Dashboard Overhaul (2:00am - 2:30am) ### Changes Made - **Alerts moved to left** (58/42 split), clock/calendar on right - **Long-press (300ms) to mark done** — dims + strikethrough, auto-purge after 2h - **Timestamps brightened** — was #555, now #777-#888 - **Pulse-ox camera feed** — MJPEG stream via HA proxy (`/api/cam/pulse-ox/stream`), shows 7pm-8am only - Entity: `camera.pulse_ox_live_view` (Tapo camera at 192.168.2.183) - HA token passed via systemd env to alert-dashboard service - MJPEG stream works natively in `` tag — no ffmpeg needed - **Typography cleanup** — consolidated to 3 font sizes, 2 weights, consistent spacing - **Email triage redirected** — MC `dashboard_url` changed from 9202 → 9200 (news API), no more triage noise on Fully board - **Hook announcements silenced** — messages webhook set `deliver: false` - ffmpeg installed on forge (for future use) ### Architecture: Fully Dashboard (port 9202) - **Purpose:** Johan's unified inbox / notification center on Fire tablet with Fully Kiosk - **API:** `/api/alerts` (POST message+priority, GET list, PATCH done, DELETE) - **SSE:** `/api/alerts/stream` for live push - **Camera:** `/api/cam/pulse-ox` (snapshot) and `/api/cam/pulse-ox/stream` (MJPEG) - **Priority levels:** critical (red), warning (amber), info (gold) - **Sound:** Web Audio API chime on new alerts (gain 0.1) - **Source:** `/home/johan/dev/alert-dashboard/` - **Service:** `alert-dashboard.service` (systemd user) ### Key Decision: Fully Board = Johan's Inbox - Everything that survives my triage → Fully dashboard alert - Three tiers: critical (act NOW), warning (needs you today), info (FYI) - Email, WhatsApp, calendar reminders, system alerts — all go here - Johan stops checking email/phone — I'm the filter - CMMC meetings: skip by default (Johan doesn't attend) ### Calendar Flow (designed, not yet implemented) - Johan sends screenshot of Outlook list view each morning - I OCR it, parse meetings, set 5min + 1min cron alerts to Fully board - List view = machine-readable (exact times, no guessing from pixels) - Week of Feb 16-20 parsed as proof of concept ### WhatsApp Visibility - MC has WhatsApp messages via message-bridge on port 8030 - Tanya's number: +17272253810 - She sent `laborwerte_1457_tmp.pdf` (lab results) at 8:22pm Feb 13 - Johan wants to be alerted about messages, not have me interpret them ### Contacts - +13474999485 — sent Johan Valentine's message on WhatsApp (unknown contact, uses "iyawo") ## James Dashboard Fix (2:38am) - News items now clickable — titles link to source URL when available - Briefing agent sometimes grabs wrong URLs (Gemini article linked to Wordle page) — need to improve URL capture in briefing prompts ## Johan's Desk Layout - **Left monitor:** TUI console (OpenClaw CLI) - **Center:** Fully dashboard (Fire tablet with Fully Kiosk, port 9202) — promoted to center - **Center-back:** Sophia room camera (Tapo standalone, redundant backup while Fully proves stability) - **Right monitor:** James Dashboard (port 9200) ## Sophia Monitoring Stack - **Primary:** VTech radio baby monitor — reliable (radio, not WiFi), beeps on power loss - **Visual:** Tapo WiFi camera (192.168.2.183) + Fully dashboard MJPEG stream - **Pulse-ox:** Visible on Tapo camera feed (typical restful values: 98% SpO2, 73 HR) - WiFi camera is nice-to-have, VTech is safety-critical - Johan listens to her breathing — prefers hearing it over silence ## Email Triage (4:18 PM) - Processed 34 messages (19 tj, 15 johan) - **Generator:** 48kw ran 3x today (power outages 11:23, 11:31, 11:48 AM). GenerX tech Eduardo Rivera came for service. Service form archived. - **Bounces:** 10 bounce-backs on johan@ from inou pentest probes (example.com, pentest@inou.com) — expected - **Deliveries:** TP-Link Ultra-Portable delivered. Orders #4720443389 and #12539598 shipped. - **Archived:** GenerX service form, order confirmations (4720443389, Nordstrom 1026793809) - **Trashed:** Duke Energy usage alert, Mint Mobile survey (Mikhail), Realtor listing for own house, generator notifications, political newsletter, subscriber agreement update, marketing/spam, Valentine's lingerie promos, hardware spam - **MC issue:** LLM triage failing with 401 (API key invalid), requests taking 15s+ ## Shannon Scan Complete - Full pentest of inou.com via Shannon Lite on Sonnet 4.5 (OAuth token direct to Anthropic) - Runtime: ~1.5 hours - **Findings:** 2 CRITICAL (hardcoded backdoor 250365, session hijacking), 2 HIGH (session fixation, brute force) - Authorization, SQLi, SSRF all passed clean - 3 out-of-scope items needing internal access (path traversal, DICOM XSS, LLM prompt injection XSS) - PowerPoint generated and placed on sophia SMB share - All deliverables at ~/clawd/memory/shannon-scan-2026-02-14/ ## Prima (UMich Brain MRI AI) - Deep dive completed — open source MIT, VLM for 50+ neuro conditions, 97.5% accuracy - Needs Ampere+ GPU (L40S reference, RTX 3090 minimum). Forge GTX 970 is out - Johan's idea: offer as inou service — intelligent series selection (don't run all 10K slices, pick relevant series) → RunPod serverless GPU → results in viewer - Spec being written by subagent - Sophia had 10,000+ slices — this is the use case ## Diana Yusha Lab Report - Added arthritis rebuttal section (Russian) — CRP 1.3 and ESR 6 don't support arthritis diagnosis - Some Russian doctor suggested arthritis based on elevated CK 406 — incorrect interpretation ## WebMCP - Added to HEARTBEAT.md tech watch list - Chrome experimental API for structured web agent tools — high relevance for James/OpenClaw, medium for inou ## Colorado Camel Milk - Order #16698 from Feb 7, $115 (6 pints frozen + $31 shipping) - Still "Awaiting Shipment" — waiting for safe weather window (frozen perishable to Florida) ## XPS14 Revival — Kaseya Workstation Plan - **Trigger:** Kaseya CISO policy — corporate devices only on corporate network - **XPS14:** Dell XPS 14, Windows (fresh install?), was sitting in closet - **Role:** Pure Kaseya — Teams, Zoom, Outlook, VPN, internal tools - **Mac Mini:** Stays as personal control center (inou, James, development) - **RDP setup:** Johan uses Windows App (RDP) from Mac to XPS for daily work - **James access:** RDP shadow session from forge — read-only observer of Johan's session - `mstsc /shadow:1 /control:0` — native Windows feature, nothing installed - I see Outlook/Teams in real-time, triage emails, surface actionable items to Fully - No OCR needed — direct UI access - **Webcam/mic:** Dedicated to XPS for Teams/Zoom calls - **Monitor:** XPS drives 1 display (or shares via input switching), Mac Mini drives the rest - **Network:** XPS on corporate network, Mac Mini on BYO network, both on same LAN - **Status:** Johan unboxing now ## Infrastructure ### Generator (48kw) - Generator does NOT auto-start — manual start only - GenerX came out today to analyze the auto-start issue (tech: Eduardo Rivera) - The 3 runs were test runs by GenerX, NOT power outages - Waiting on quote from GenerX for the fix ### Emergency Internet Failover (TP-Link AX1500) - Installed TP-Link AX1500 router, connected to UDM-Pro port 10 - Tested and working, then port 10 disabled on UDM-Pro - WiFi network: `X4` / password: `Helder06` - **For longer/full outages (including mobile coverage):** swap the cable on port 10 for the longer cable (already staged nearby) and connect to Starlink - This gives internet via Starlink → AX1500 → UDM-Pro port 10 - Shannon VPS now configured with OAuth token (no more router proxy)