Full-Stack Diagnostic — 2026-06-10

Seven audit arms (Jimmy Neutron · Canary · Itachi · Meruem · Orochimaru · Erwin Smith · L) over Z2, Sandpit, and hinata-v2, including staged Telegram container logs. Read-only audit: no fixes applied. Findings ranked by Michael's growth × impact × feasibility. Triage owner: Michael.

Related: reference_evolution-assessment-2026-06-08 · reference_z2-service-catalog · supreme-court/runtime/audit-system · supreme-court/runtime/security-privacy-doctrine · reference_zoot-log-w23-2026

---

Verdict

The federation is architecturally sophisticated and operationally inverted. The data plane is dead, the security plane is leaking, and 65% of tracked work feeds the system rather than Michael's six priorities. Priority 1 (£80k job) receives 4% of task volume and has zero vault knowledge mass. The single human-telemetry stream that exists (zoot smoking log) trends the wrong way during the system's busiest infrastructure week. Hinata is intelligent; it is not yet pointed at Michael.

---

Blockers

B1 [BLOCKER] SECURITY — Telegram bot token is compromised-grade

• Impact: full bot takeover possible (read/send as Minato, the single federation gateway).
• Evidence: token logged 41,615× across Z2 logs/transcripts (python-telegram-bot httpx INFO logs full bot[token]/method URLs); present 3× in git-tracked .claude/settings.local.json; reproduced in staged audit logs and terminal output during this audit.
• Root cause: default httpx logging never silenced; token committed in settings permissions strings.
• Fix (S): Michael rotates via BotFather (authorisation required — never auto-rotate); deploy new token to CT106 env only; add logging.getLogger("httpx").setLevel(WARNING) to bot; purge token strings from settings.local.json and git history (Itachi 8-step plan, staged in session log).
• Owner: Michael (rotation) → Itachi (verification) → Jimmy Neutron (deploy). Dependencies: none. Do first.

B2 [BLOCKER] INFRA — 1.8TB data plane unmounted; transcript layer dead since 2026-06-08

• Impact: every CLI transcript write silently failing >48h (permanent history loss against a permanent-retention doctrine); CT106/CT107 bind mounts empty; fold timer firing into void every 10 min (144 no-op invocations/day); 12 vault docs point at a dead path.
• Evidence: /opt/hinata-transcripts → /mnt/data/transcripts dangling symlink; sda1 "hinata-data" present, fstab UUID correct (49794dda), not mounted; per-turn hook buffering to /tmp/hinata-transcript-buffer.log with no flush; flagged by audits on 06-08 and 06-09 — finding→fix conversion 0%.
• Root cause: mount failed silently post-event (no systemd mount unit, no alert); || true in fold service masks every failure.
• Fix (S–M): mount -a + dmesg check; convert to systemd .mount + .automount with failure alerting (Madara hook); flush /tmp buffer into archive; retire fold-to-vault step per deprecation-policy — archives are append-only, extraction is /chat-audit's job.
• Owner: Jimmy Neutron (Michael authorises host-level mount). Dependencies: none. Gates task-016.

B3 [BLOCKER] SECURITY — rm -rf auto-approval patterns in settings.local.json

• Impact: vault-wipe class commands pre-approved under autonomous acceptEdits mode; one bad glob = unrecoverable loss; backup coverage UNVERIFIED.
• Evidence: settings.local.json lines 365–369 contain broad rm -rf allow patterns covering vault-adjacent paths.
• Root cause: convenience approvals accreted during infra sprints; never re-reviewed.
• Fix (S, 10 min): Michael deletes the five lines (CLI settings are read-only to CLIs by law); verify Time Machine/restic actually covers vault + Sandpit before next infra session.
• Owner: Michael. Dependencies: none.

B4 [BLOCKER] STRATEGY — System-building has displaced goal-work

• Impact: the system absorbs Michael's sharpest hours and returns infrastructure, not advancement.
• Evidence: 23 tasks — SYSTEM+ORPHAN 65%, Priority 1 4% (one backlog task), P4/P5/P6 0%; 0 job applications sent through the system; kpi-thresholds/ contains zero human KPIs (all telemetry measures Hinata's token economy); zoot log W23 trends up 2→5→12→14 across the infra-failure week; Atomic Habits mined 06-08, zero behaviour-change deliverables since.
• Root cause: the reward loop closes on system completeness (audits, schemas, commanders) — nothing gates system work behind priority work.
• Fix (S): freeze SYSTEM tasks until 3 job applications sent + dbt question bank live; create reference_human-kpi-dashboard.md (6 rows: applications sent · dbt mock score · £ saved · piano hours · social events · days smoke-free) populated weekly; add "human outcome produced" to commander maturity scoring at ≥30% weight.
• Owner: Michael (gate decision) → Hinata (enforcement) → Erwin (dashboard design). Dependencies: none.

---

High

H1 [HIGH] CAPTURE — Telegram live conversion was 0%

• Impact: captures acknowledged then dropped; trust in the single gateway breaks. Evidence: Jun 2–5 logs — every capture became a task only retroactively in CLI sessions; Canary recovered a MISSED CAPTURES list; Jun 6–8 coverage unrecoverable (B2). Root cause: bot acknowledges without writing inbox files; conversion depends on a later CLI session noticing.
• Fix (M): bot writes inbox file at receipt (CT106-local path, synced) + nightly Canary conversion check. Owner: Canary + Jimmy Neutron. Depends: B2 for durable paths.

H2 [HIGH] INFRA — CT106 bot config drift and statelessness

• Impact: session state (Active Topic / Turn Budget) lost on every restart; silent write failures. Evidence: VAULT_WRITE=/Users/nnamdi/hinata-v2 does not exist inside CT106 (telegram-bot.py:53 writes to a phantom path); 5 divergent bot copies across Mac/Z2; no watchdog on the poller. Root cause: Mac-era code lifted into container without path audit; no single source of truth for bot code.
• Fix (M): one canonical bot repo path on Z2; container-valid env paths; persist session state to disk; systemd watchdog. Owner: Jimmy Neutron. Depends: B2.

H3 [HIGH] SECURITY — 0.0.0.0 binds violate Tailscale-only doctrine

• Impact: services reachable beyond tailnet if any firewall layer slips. Evidence: multiple Z2 services bound to 0.0.0.0 (Jimmy arm, service census) vs security-privacy-doctrine. Fix (S): rebind to tailscale0/127.0.0.1; add bind-address check to z2-service-catalog verification. Owner: Jimmy Neutron.

H4 [HIGH] INFRA — 16 failed systemd units, zero alerting

• Impact: silent rot; includes doctrine-forbidden flashcard-sync timer still installed; 288 wasted timer invocations/day. Root cause: no failure → notification path (Madara surveillance gap). Fix (S): disable/remove dead units incl. flashcard-sync; OnFailure= alert hook to Telegram. Owner: Jimmy Neutron + Madara.

H5 [HIGH] ORCHESTRATION — Delegation metric is a measurement artifact driving noise

• Impact: SEVERE banner every prompt for 90 sessions, zero behaviour change — alert fatigue masks real signals. Evidence: check-delegation-ratio.py:309-310 attributes subagent output to main thread (95.8% "main" across 7.65B tokens is arithmetically impossible given dispatch volume); law says 7-day window, script runs 14. Root cause: JSONL attribution model counts the Agent-invoking message only. Fix (M): fix attribution to use sidechain sessions; demote banner to weekly digest; align window to law. Owner: Orochimaru (metric) + Jimmy Neutron (script).

H6 [HIGH] TOKENS — ~24.5M tokens/month fixed orchestration overhead

• Impact: cost without cognition. Evidence: ~10,400 tokens per session boot (CLAUDE.md + imports + memory + hooks); ~16,125 per cold spawn (incl. 10k thinking floor); chat-audit alone 8 spawns/day ≈ 5.88M/month; 19 Python processes serially at every session end. Root cause: eager context loading; audit cadence set without token budget. Fix (M): lazy-load doctrine (route, don't import); batch audit spawns; cut session-end scripts to ≤5; cache shared context. Owner: Orochimaru + Jimmy Neutron.

H7 [HIGH] AGENTS — 21 of 44 agent files are empty stubs

• Impact: half the federation dispatches blind (no context route, no tool grants, no model) — output quality is luck. Evidence: Meruem census; Toph has context but no agent file; WebSearch grants contradict CLAUDE.md in 3 places. Root cause: registration sprint created shells; no definition-of-done for an agent. Fix (M): apply Meruem's GAS template (Goal · Authority · Skills: context route + tool list + output contract) to all 44; delete or merge the never-dispatched. Owner: Meruem. Depends: KILL list decisions.

H8 [HIGH] KNOWLEDGE — Wikilink graph rot at the head of the distribution

• Impact: navigation and recall fail exactly where traffic is highest; violates the-government's own no-dead-links rule. Evidence: 986 wikilinks; 9 of the top-30 targets do not exist (~80+ broken refs: vault-equals-root ×14, true-bottleneck-halt-only ×12, delegation-composition ×9, cloud-doctrine ×9, concurrent-cloud-handover-protective-form ×8, _mentorship-log ×7, routing-doctrine ×6, credential-guardrails ×6, no-vendor-names ×5); 10 malformed trailing-backslash links; 41× fragile ../context relatives. Fix (S): link-checker script (Jimmy, weekly) + one pass creating or repointing the 9 head targets. Owner: L (map) + Jimmy Neutron (script).

H9 [HIGH] KNOWLEDGE — CLAUDE.md routes five doctrines to a non-canonical mirror

• Impact: the most-routed doctrine target (16 inbound links) is a self-declared ideal-state document. Evidence: runtime_workflow.md:16 — "These are reference / ideal-workflow versions. They do not replace the live canonical files"; it still describes lieutenants, a model-rank ladder (superseded), and colonel dispatch (ceremonial — no mechanism exists). Dedicated canonical files exist alongside (security-privacy-doctrine.md, calendar-architecture.md, infrastructure-access.md, hinata-architecture.md). Root cause: hub written as target-state spec, then load-bearing routes pointed at it. Fix (S): repoint CLAUDE.md's five doctrine routes to the dedicated files; mark runtime_workflow.md as design-intent explanation. Owner: Hinata (CLAUDE.md edit is single-file; interview not required).

H10 [HIGH] KNOWLEDGE — Session-injected registry carries deprecated doctrine

• Impact: every session pays tokens to inject stale law. Evidence: domain-registry.md (@imported twice in CLAUDE.md) has 9 deprecated-concept hits (simba/war-council/splinter/flashcard) post-deprecation-sweep commit d95804b; supreme-court/index.md counts drift (runtime says 34, actual 31; preferences/ path renamed preferences-styles/ — index link broken); the-government/index.md still locates transcripts at information_reference/reference_transcripts/ contradicting Z2 architecture. Fix (S): registry + index scrub pass. Owner: Hinata.

H11 [HIGH] KNOWLEDGE — Priority knowledge mass is inverted

• Impact: the vault knows football and geography games better than Michael's job hunt. Evidence (vault-wide globs): P1 — no CV file, no application tracker, no scorecard/activity-visibility docs (only dbt-cert federation context); P2 — no budget file; P4 — kakashi context only, named VMO2 projects have zero knowledge files; P6 — no smoking plan (one week of zoot log) — while information_reference/ holds 91 files including football-raw-lake, geography-game, entertainment-ranking. Fix (M): commission the six missing knowledge bases as the next six substantive outputs, starting P1 (application tracker + CV reference + dbt error-log). Owner: Zuko/Bulma/Kakashi/Allmight via Hinata.

H12 [HIGH] INFRA — Recruiter-facing studio site runs on a Mac dev server

• Impact: P1-adjacent surface is down whenever the Mac sleeps; violates Apple-independence doctrine. Evidence: studio served via local dev process + tunnel; _middleware.js carries hardcoded TEMP_PASSWORD/DEVICE_PASSWORD (rotation requires code change — see credential-model). Fix (M): static build → Cloudflare Pages or Z2 nginx; move secrets to env; rotation Michael-authorised only. Owner: Trunks + Jimmy Neutron.

H13 [HIGH] SECURITY — Jun 5 incident never logged

• Impact: "Password changed to onigiri illegally" discussed in Telegram chat, no incident record, no follow-up, no root-cause. A security event flowed through the system and evaporated. Fix (S): create incident log reference file; Itachi 30-min retro; add incident-capture to /chat-audit extraction targets. Owner: Itachi.

H14 [HIGH] ORCHESTRATION — No dispatch contract = research runs die without reporting

• Impact: this audit proved it — 4 of 7 first-wave arms ended on working notes (research complete, report never emitted); two re-runs repeated it; rescues required explicit budgets and output contracts. Root cause: dispatch prompts define scope but not tool budget, stop condition, or final-message schema. Fix (S): codify the dispatch contract every research/audit spawn carries — {objective · seed evidence · ≤N tool calls · stop-gathering-at-80% rule · exact output schema · "no report = failed run"} — as the per-agent research pipeline standard in naming-conventions §Subagent Dispatch. Owner: Hinata (drafts) → Meruem (folds).

H15 [HIGH] PROCESS — Audits re-discover; nothing converts

• Impact: three consecutive audits flagged the dead transcript layer; none produced a fix task. Finding→fix conversion ≈ 0%. Evidence: audit outputs land as reports in information_reference/ with no tasks.json emission; 8 audit skills overlap scope. Root cause: audit output contract ends at "report written". Fix (S): every audit finding of severity ≥HIGH must emit a tasks.json entry with owner + deadline, else the audit run fails its own contract; merge the 8 skills to 4. Owner: Orochimaru + Meruem.

---

Medium

#	Area	Finding	Fix (effort)	Owner
M1	Capture	Keyword map covers 21/44 commanders; unmapped domains misroute or drop — no default-to-Hinata fallback	Extend map + fallback route (S)	Canary
M2	Knowledge	Reference entropy: reference_api-gateway.md says STALE banner + status: LIVE in same file; reference_api-router.md DEPRECATED but shelved as live reference; reference_audio-pipeline-spec.md is 1 line beside reference_audio-pipeline.md; live-state files (deployment-status, brook-watchlist, allmight-fap-log) + 5 report dirs inside "timeless" reference	Deprecation-policy pass over information_reference/ (M)	Hinata
M3	Strategy	Text-mine digest pipeline inert — primary behaviour-change vehicle produced zero implementation intentions since 06-08	One intention/vow/week via Telegram; no new mines until one behaviour change ships (S)	Allmight + Kurapika
M4	Infra	No verified off-host backup for Postgres + vault mirrors on Z2 (UNVERIFIED — assume absent)	Verify restic/borg to off-host target (M)	Jimmy Neutron
M5	Governance	VOW-0003 carries explicit closure condition; registry law says vows never close	Michael 1-min decision: reclassify as Squidward goal OR amend law for milestone-gated vows	Michael
M6	Governance	model-policy law still sonnet-fixed and forbids opus; steady state is Opus 4.6 max (fable-5 was a one-session audit override)	Meruem/Orochimaru fold law to Opus-4.6-steady-state; single source of truth = CLAUDE_CODE_SUBAGENT_MODEL env, not 44 frontmatter values (S)	Meruem
M7	Agents	Colonels + lieutenants exist in doctrine, not in dispatch — ceremonial layers inflate routing rules	Decide: implement colonel synthesis or strip ranks from doctrine (interview)	Michael + Meruem
M8	Tokens	19-script serial session-end gauntlet adds minutes of exit latency	Cut to ≤5, parallelise rest (S)	Jimmy Neutron
M9	Capture	95 voice memos (2018–19) + 1,326-msg chat export unprocessed in iCloud inbox	Erwin verdict: KILL backlog (sunk cost); keep going-forward capture only	Michael
M10	Data	tasks.json is a single unvalidated JSON file; .bak JSONL sweep-events drifts uncommitted	JSON-schema check in session-start hook (S)	Jimmy Neutron
M11	Infra	Telegram 7-day auto-delete (task-016) pending while archive layer is dead — would convert UX expiry into permanent loss	Hold task-016 until B2 closes (gate, not work)	Hinata
M12	Memory	Three overlapping memory stores (hinata-state.md, memory_claude-code.md, auto-memory MEMORY.md) with no ownership boundaries	Define store boundaries one-pager (S)	Hinata
M13	Capture	Done-folder staging violations — processed inbox files lingering post-assimilation	Enforce done-delete in task-audit (S)	Canary
M14	Security	.env files plaintext on disk (untracked, correctly ignored) and Bitwarden migration incomplete (transitional JSONs remain)	Complete Bitwarden migration, delete JSONs (M)	Itachi
M15	Knowledge	12 vault docs reference the dead /opt/hinata-transcripts path with no canary note	Single source: z2-service-catalog owns the path; others link (S)	L

Low

#	Finding	Disposition
L1	Entertainment infra (football lake, brook ballot URL-recovery tasks, geography game) consuming task slots	PAUSE per KILL list
L2	glossary.md vs naming-register.md split terminology ownership	Merge direction note in naming-conventions
L3	../context relative links (41×) fragile to any move	Convert to vault-absolute on touch
L4	Staged audit logs in Sandpit contain the bot token 9,482×	Deleted at audit close (this session) — Z2 originals remain for rotation forensics

---

Numbers

Metric	Value
Findings	38 (4 blocker · 15 high · 15 medium · 4 low)
Token overhead	~10,400/session boot · ~16,125/cold spawn · ~24.5M/month fixed
Delegation metric	95.8% "main" over 90 sessions / 7.65B tokens — measurement artifact
Transcript loss window	2026-06-08 → present (per-turn writes failing silently)
Bot token exposure	41,615 logged occurrences + 3 in git-tracked settings
Task split	P1 4% · P2 9% · P3 9% · P4–P6 0% · SYSTEM 43% · ORPHAN 22% · lost 13%
Agent integrity	21/44 empty stubs · 21/44 Telegram-reachable · colonels ceremonial
Wikilinks	986 total · 9 of top-30 targets missing (~80+ broken refs)
Zoot log W23	2→5→12→14→10 (trending up through infra-failure week)
Audit conversion	finding→fix ≈ 0% across 3 consecutive audits

Kill list (Erwin)

• KILL: football-pl/ucl · weather API · pilates-researcher dead code · hinata-ging bot (rebuild when reading habit is live) · 95-memo voice backlog
• PAUSE: immich · brook ballot (3 open tasks for entertainment ratings) · MusicMastery infra
• KEEP: housing flask + zepile collector (P2) · shogi-quiz (conditional: dbt bank ships this week)

Minimum viable Hinata

Canary (capture→route) + Jimmy Neutron (infra) + Zuko (P1 pipeline) + Allmight (only commander with real human telemetry — promote from DORMANT) + Bulma (once savings-rate tracked) + Shikamaru (dbt via Shogi, conditional). Everything else earns its place back by producing a measurable human outcome.

---

Remediation roadmap

High-cognition items (dbt bank, application pipeline, dispatch-contract law) belong in morning slots. Burnout flag: this roadmap removes maintenance before adding anything — if a week adds load without removing more, stop.

gantt
    dateFormat  YYYY-MM-DD
    title Remediation — blockers first, subtract before adding
    section Week 1 (stop the bleeding)
    B1 token rotation + httpx silence + git purge       :crit, b1, 2026-06-11, 1d
    B2 mount data plane + flush buffer + retire fold    :crit, b2, 2026-06-11, 1d
    B3 remove rm-rf approvals + verify backups          :crit, b3, 2026-06-11, 1d
    B4 priority gate + human-KPI dashboard v0           :crit, b4, 2026-06-12, 2d
    section Week 2 (convert + secure)
    H1/M1 bot inbox-write + keyword fallback            :h1, 2026-06-15, 2d
    H3/H4 binds + dead units + OnFailure alerts         :h3, 2026-06-15, 2d
    H9/H10 repoint doctrine routes + registry scrub     :h9, 2026-06-17, 1d
    H14 dispatch-contract law (morning slot)            :h14, 2026-06-18, 1d
    section Weeks 3–4 (compound)
    H7 GAS pass on 44 agents + kill list                :h7, 2026-06-22, 4d
    H6/M8 token diet + session-end cut                  :h6, 2026-06-22, 2d
    H11 P1 knowledge base (morning slots)               :h11, 2026-06-24, 3d
    H15 audit→task conversion contract                  :h15, 2026-06-26, 1d

Open decisions for Michael (interview items)

1. task-010 / Admiral call (ref 2002003454) — orphan task, no priority link: act, delegate, or drop?
2. task-016 Telegram 7-day auto-delete — held behind B2; confirm the gate (auto-delete with a dead archive = permanent loss).
3. VOW-0003 closure clause vs vows-never-close — reclassify as Squidward goal, or amend the law to allow milestone-gated vows?

---

Method note: 7 arms dispatched under the session-only fable-5 override (steady state Opus 4.6 max, Michael toggles manually). Four first-wave runs died on working notes; rescues succeeded only with explicit tool budgets + output contracts — that pattern is itself finding H14. L's arm was completed inline by the General after three subagent failures.