johan
/
clawd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
clawd/memory/weekly-synthesis-2026-03-15.md

8.9 KiB
Raw Permalink Blame History

Weekly Memory Synthesis — Mar 915, 2026

Generated: Sunday, March 15, 2026 — 9:00 AM ET

Executive Summary

A week of infrastructure hardening, rapid OC releases (4 in 7 days), a security incident that reinforced Go-first discipline, and the Iran war dominating world news. George launched as a new agent, .17 fully decommissioned, Kaseya M365 dead and removed. The git backlog is a persistent concern — inou has accumulated 100+ uncommitted files all week with no action.

🚀 Major Events

George Agent — LIVE (Mar 11 overnight)

New OpenClaw agent for vault1984 writing/content tasks.

  • Discord: App ID 1480980894042030211, username George
  • Workspace: /home/johan/george/
  • OC config: accounts.george in discord config

Iaso Agent — LIVE (Mar 15)

New agent for inou health communication. Bridge-builder voice, evidence-based integrative medicine.

  • Discord App ID: 1482680563939672124
  • Workspace: /home/johan/iaso/
  • Named for Greek goddess of recuperation + Johan's original company name

192.168.1.17 — Fully Decommissioned (Mar 11)

Stopped and disabled all zombie services: openclaw-gateway (v2026.1.29), protonmail-bridge, message-center, message-bridge.

  • Root cause: two conflicting gateway instances racing for IMAP cursors
  • .17 is now clean — do not expect services there

Kaseya M365 Integration — REMOVED (Mar 11)

Dead since Feb 27 (refresh token expired, client_id blocked by Kaseya IT). Johan decision: remove it entirely rather than keep hacking. All config/binaries/tokens cleaned.

⚠️ Security Incident: Port 9999 Python Server (Mar 12)

A python3 -m http.server was found running on port 9999, serving /tmp to 0.0.0.0 for 5+ days.

  • Exposed: clawvault-preview.db + WAL (vault database), chrome_import.csv
  • Johan: "kill it, burn it, bury it and delete it. GONE!"
  • Killed, sensitive files shredded with shred -u
  • Best guess: Mar 7 subagent doing vault1984 work spun it up to preview a file
  • Lesson reinforced: Never leave Python servers running. Zero tolerance.

Spacebot/Andrew — Updated to v0.3.2 (Mar 11)

Johan explicitly authorized. Running on .17:19898. Worker dispatch bug (PR #193) — check if fixed.

📦 OpenClaw & Tool Updates (Rapid Release Week)

Date Tool Version
Mar 9 OpenClaw 2026.3.7 → 2026.3.8
Mar 9 OS Python 3.12 packages upgraded
Mar 9 Claude Code 2.1.71 → 2.1.72
Mar 11 Claude Code 2.1.72 → 2.1.74
Mar 12 OpenClaw 2026.3.11 "Hunter & Healer Alpha" (Gemini Embedding 2, stealth models, Go OpenCode support)
Mar 13 Claude Code 2.1.74 → 2.1.75
Mar 13 OpenClaw 2026.3.12
Mar 13 OS Kernel 6.8.0-106 installed (not yet booted — needs reboot)
Mar 14 OpenClaw 2026.3.13 (Live Chrome session attach — major!)

OC 2026.3.13 notable: Live Chrome session attach — direct attach to real browser with all logins, no extension badge required.

Patches note: Each OC release may require reapplication of deleted transcript indexing patch (grep dist/query-expansion-*.js).

🌍 World Events (Context for Johan)

Iran War — Ongoing Escalation

  • US/Iran conflict through week, daily briefings
  • Strait of Hormuz effectively blocked by Iran
  • Mar 12: US sank 16 Iranian minelayers; Brent +4.8% → $92, WTI +4.6% → $87
  • Mar 14: US bombed Kharg Island (Iran's #1 oil export hub), then mine storage
  • Current: Brent ~$103/bbl. Oil shock driving market selloff. S&P at YTD low, third losing week.
  • Trump building coalition with UK/Japan/France to reopen Hormuz
  • Iran reportedly seeking deal

Markets

  • S&P 500 at YTD low, three straight losing weeks (oil shock)
  • SentinelOne (S): Q4 earnings AH Mar 12 — Johan's short position is profitable. Q1 guidance soft → AH slide. Short still open.

🔧 Technical Decisions

Go-First Discipline (Reinforced Mar 12)

  • Python audit triggered by port 9999 incident
  • Johan: "I have a very strong preference for GoLang. Python should only be temporary tools"
  • Active system Python: fail2ban, unattended-upgrades (untouchable system services)
  • Johan's Python: inou health-poller (legacy), mail-agent (superseded) — tolerated
  • New rule: New services on forge = Go only. No ad-hoc Python servers, ever.

inou SMTP Clarification (Mar 12)

  • CORRECT: inou prod uses Proton SMTP token directly (smtp.protonmail.ch:587) — no bridge
  • WRONG: The nudge subagent kept flagging "Proton Bridge not running" as a bug
  • Check smtp.env before flagging inou SMTP issues
  • Bridge has no business being on 192.168.100.2 (prod)

Claude Usage Reset Clarification (Mar 14)

  • Reset is Thursday 10 PM ET (Johan corrected this)
  • NOT Friday, NOT midnight — Thursday evening

vault1984 / inou Pod Architecture (Discussed Mar 10 via agentchat)

  • Hans raised: run inou on each vault1984 pod?
  • James analysis posted to agentchat: shared pod infra, separate binaries, vault1984 manages WebAuthn PRF, inou gets scoped token
  • Key concern: inou's Claude API dependency vs air-gap model requirement
  • Status: discussion, no decision yet

🧠 Corrections This Week

New Entry: inou Prod Uses Proton SMTP Token (added Mar 12)

Already logged in corrections.md. Rule: Before flagging inou SMTP as broken, check smtp.env first.

New Entry: inou is Infrastructure (added Mar 12 from nudge)

Already logged in corrections.md. inou = storage/data layer. AI is pluggable on top. Don't suggest AI features as inou improvements.

Johan Corrections (Mar 14)

  1. Claude reset = Thursday 10 PM ET (briefing had wrong day)
  2. Inky acquisition = stale news — stop surfacing it in briefings

🔁 Recurring Patterns This Week

Git Backlog — Persistent Problem

inou alone went from 70 → 82 → 101 → 161 uncommitted files over the week, with no action. Other repos (james-dashboard, clawd, dealspace) also have persistent unpushed commits.

  • This is a recurring weekly issue
  • Hypothesis: Active inou development by subagents without auto-commit discipline
  • Action needed: Set up auto-commit after subagent inou work, or do weekly commit sweep

OpenClaw Rapid Releases

4 OC updates in 7 days. The deleted-transcript-index patch needs reapplying after each one. Starting to create maintenance burden.

  • Mitigation idea: Script the patch reapplication so it's one command

X Watch Double-Fire Bug (Unresolved)

Multiple x-watch subagents fired in same window on Mar 11 (same story Telegram-sent twice). Race condition on heartbeat state write.

  • Root cause: lastIntraDayXScan not written atomically before second spawn
  • Fix needed: atomic write or lock before spawning

🚩 Stale Items in MEMORY.md

These should be removed or updated:

  1. "Dr. Madan — Call TODAY (Sunday) 2PM" in Feb 15 section — This was from a month ago. Extremely stale. Remove "TODAY" framing.
  2. "⚠️ triage disabled during re-sync (2026-03-06)" in Proton Bridge section — If re-sync complete, update.
  3. Health Link invoices (#000057 $71.90 + #000058 $666.90) — Marked unpaid since Feb 23. No update in 3 weeks. Need Johan confirmation.
  4. Baycare ventilator fraud complaint — Last mentioned Feb 14. No escalation update since.
  5. Spacebot worker dispatch bug — Listed as "Revisiting 2026-03-03." Never revisited (v0.3.2 upgrade done but worker fix not confirmed).
  6. HostKey Amsterdam cancellation — Johan must confirm at panel.hostkey.com. This has been open since Feb 21. Either done or needs explicit reminder.
  7. Uptime Kuma: 0 monitors — Listed as "awaiting Johan's OK to rebuild" since Feb 19. Month+ old.
  8. myCigna listing RDP/Xvfb setup in TOOLS.md — The ThinkPad X1 was at 192.168.0.211 but updated to 192.168.0.223. Verify current IP.

To Update in MEMORY.md

  • Add Recent Events section for Mar 9-15 (George, Iaso, .17 cleanup, security incident, S short, Iran war, OC 3.8-3.13)
  • Update Open Items (Kaseya M365 removed → closed, .17 decommission → closed)
  • Clarify Claude reset = Thursday 10 PM ET
  • Note kernel 6.8.0-106 installed, reboot pending

💡 Insights

Infrastructure decisions are compounding. Every week we add another agent, decommission something old, and clean up one more zombie. The system is getting cleaner but the agent network is getting larger. James → Hans → Mira → George → Iaso. Five agents now. Worth having a map.

Security is only as strong as the subagents. The port 9999 incident happened because a subagent spun up a Python server and nobody cleaned it up. Subagents need to leave forge in a clean state — no background processes, no temp servers, no /tmp exposure. This should be in AGENTS.md as a hard rule for subagent hygiene.

Johan's thesis: infrastructure is the moat (from Mar 13 notes). vault1984 + inou = data layer bets. Models come and go, data infrastructure persists. Both products are building moat pieces, not AI features.