Local AI Ops infrastructure on existing Foundry codebase

• Status: architecture brief for implementation approval
• Owner: Bob
• Date: 2026-05-02
• Project: forge
• Task ID: e86e7618-49d6-4825-9471-1c74ca280ba6

Executive ruling

Do not rewrite Foundry.

The right next layer is to extend the existing Foundry control/evidence spine into four tightly-coupled product surfaces:

1. Local AI Doctor
2. Flight Recorder
3. Specialist Eval Harness
4. Pack System v0

Those should ship as one staged Local AI Ops layer with clear boundaries:

• Foundry is the source of truth for runtime inventory, routing, capacity, readiness, permissions, pack state, and evidence.
• Local LLM Stats is a read-only visibility surface consuming Foundry truth, not recomputing it.
• Hermes is the V1 workflow harness and first packaged workflow carrier.
• Packs are the delivery unit for pre-skilled workflow teams.
• LocalMaxxing stays the model acquisition/planning surface, not the operator control plane.

The approved Hermes/PDF Ops seam is already strong enough to act as the first proof workflow. The missing work is mostly productization and contract wiring, not invention.

What exists already vs what is missing

Already exists and should be reused

Foundry core control/evidence spine

• Manifest compile/validate path: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/manifest.py
• Daemon lifecycle, generation activation, adapter reconciliation, runtime truth scan: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/daemon.py
• Adapter loading boundary: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/adapter_manager.py
• Runtime inspection/bootstrap/doctor probes: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/runtime_inspector.py
• Observability snapshot/event plane: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/observability.py
• Redacted support bundle packaging: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/support_bundle.py
• Persistent evidence/event database tables: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/store.py
• Runtime truth inventory scan: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/runtime/truth.py
• Hermes adapter seam already implemented: /Users/lilly/clawd/projects/foundry-core/src/foundry_core/adapters/hermes.py

Foundry ops / capacity / observability layer from Tes

• Capacity planning and routing guard: /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/capacity_guard.py
• Operator CLI and command surface: /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/cli.py
• Status dashboard / observability export / release-candidate helpers: /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/status_dashboard.py
• Support summary formatter: /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/support_summary.py
• Foundry ops-layer gap framing: /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/foundry_ops.py
• Specialist benchmark/nightly pipeline base: /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/localmaxxing_pipeline.py
• Evaluation policy frame: /Users/lilly/clawd/agents/tes/project-foundry/docs/evaluation-framework.md
• Observability export schema: /Users/lilly/clawd/agents/tes/project-foundry/docs/observability-schema-v1.1.md

Local LLM Stats read-only visibility layer

• Foundry report ingestion and visibility_summary handling: /Users/lilly/clawd/projects/local-llm-stats/src/llm_stats/foundry.py
• Runtime/process/memory summary and stale/missing Foundry truth handling: /Users/lilly/clawd/projects/local-llm-stats/src/llm_stats/status.py

Approved Hermes/PDF Ops evidence seam

• Frozen integration gate: /Users/lilly/clawd/projects/foundry-commercialisation/contracts/foundry-v1-contract.md
• Pack contract dependency now complete: /Users/lilly/clawd/projects/foundry-commercialisation/packs/pack-system-v0-contract.md
• Boundary decision: /Users/lilly/clawd/projects/foundry-commercialisation/decisions/localmaxxing-foundry-boundary-2026-05-01.md
• Release-candidate evidence package: /Users/lilly/clawd/projects/foundry-commercialisation/release-candidate/

Missing and must be built

• Foundry-native pack manifest loader/validator for foundry-pack/v0
• Pack lifecycle commands: install/check/run/support-bundle
• Grouped capability-permission persistence and status rendering at pack level
• Pack-aware per-route readiness state in Foundry status
• Pack-scoped eval registry and run ledger
• Flight Recorder artifact model that ties runtime events, route decisions, eval outcomes, and pack runs together
• Doctor output that speaks in product/operator language about pack readiness, not only runtime health
• First concrete pdf-ops-pack contents wired to existing Hermes/PDF evidence

Architecture boundary

Foundry owns

Foundry is the only control plane and product truth for:

• runtime inventory
• model registry references used by routes
• capacity policy and route eligibility
• route readiness state
• grouped permission resolution
• pack install/check/run state
• evidence bundle contract
• support summary and operator truth language
• truthful limitations and known-not-proven states

Local LLM Stats owns

Local LLM Stats owns:

• endpoint/process/memory observation
• concise rendering of health/risk
• menu-bar and lightweight dashboard presentation

It must not own:

• routing truth
• pack readiness truth
• permission truth
• policy language that diverges from Foundry

Hermes owns

Hermes owns:

• workflow harness execution
• workflow-specific config/runtime facts
• harness health facts
• pack-carried skills/workflow contents for V1

It does not own:

• fleet truth
• capacity truth
• permission truth
• product status truth

LocalMaxxing owns

LocalMaxxing owns:

• model acquisition planning
• queue/deferred/blocked candidate truth
• benchmark preparation and candidate staging

It does not own:

• customer/operator dashboard truth
• pack readiness
• runtime routing policy

Component mapping: proposed product surface to current code

Recommended target architecture

1. Local AI Doctor

Purpose

A single truthful operator command that answers:

• what runtimes are healthy
• what harnesses are healthy
• what packs are installed
• which routes are proven vs declared-only
• which permissions are granted/denied
• what exact next action is required

Base to reuse

• Runtime probing from foundry_core/runtime_inspector.py
• Capacity/routing/visibility summary from project_foundry/status_dashboard.py
• Existing support summary structure from project_foundry/support_summary.py
• Existing daemon doctor() seam in foundry_core/daemon.py

Required extension

Doctor must become clause-based and pack-aware. It should report, per pack:

• manifest valid
• required models present/reachable
• harness ready
• required skills present
• required permissions granted/denied
• required evals passed/not yet proven
• support bundle path

Why this matters

Without pack-aware doctor output, Pack System v0 becomes packaged mystery meat. Doctor is the first anti-theater layer.

2. Flight Recorder

Purpose

A Foundry-owned timeline of what happened during install/check/run/eval, with enough context to debug failures and enough redaction to be support-safe.

Base to reuse

• Event log and snapshots in foundry_core/observability.py
• SQLite evidence/event tables in foundry_core/store.py
• Redacted archive creation in foundry_core/support_bundle.py
• Observability export language in project_foundry/status_dashboard.py

Required extension

Add explicit entities:

• pack_id
• pack_version
• run_id
• route_id
• permission_snapshot_id
• eval_run_id
• workflow_step
• human_review_event

Each pack run should emit a linked record chain:

• install/check/run requested
• route chosen and why
• fallback triggered or not
• eval gate passed/failed
• human review triggered or not
• evidence files emitted

Why this matters

Pam's Local AI Doctor / Flight Recorder recommendation is right. Supportability and trust depend on reconstructing a truthful sequence, not just showing current status.

3. Specialist Eval Harness

Purpose

Make route readiness and pack readiness evidence-backed instead of intuition-backed.

Base to reuse

• Evaluation framework: project-foundry/docs/evaluation-framework.md
• LocalMaxxing runner/state scaffolding: project_foundry/localmaxxing_pipeline.py
• Benchmark run ledger table in foundry_core/store.py

Required extension

Foundry should own a route/pack eval layer with:

• eval definitions referenced by pack manifest
• route-specific pass thresholds
• route readiness states: declared, declared-not-proven, ready, degraded
• pack readiness blocked on required eval failures
• stable output artifacts stored in pack evidence bundles

Why this matters

The modular thesis only becomes commercially defensible when route choice is tested. Otherwise the router is vibes.

4. Pack System v0

Purpose

Turn pre-skilled workflow teams into an installable, supportable, auditable unit.

Base to reuse

• The approved contract: projects/foundry-commercialisation/packs/pack-system-v0-contract.md
• Manifest compilation patterns in foundry_core/manifest.py
• Adapter lifecycle in foundry_core/daemon.py
• Hermes V1 evidence seam in projects/foundry-commercialisation/contracts/foundry-v1-contract.md

Required extension

Implement:

• foundry pack install <pack>
• foundry pack check <pack>
• foundry pack run <pack>
• foundry pack support-bundle <pack>
• grouped permission resolution
• pack state persistence
• per-route status visibility
• pack evidence bundle spine

First reference pack

pdf-ops-pack should be the first real pack because it already has:

• approved local-only Hermes path
• 5-PDF / 50-field proof expectations
• signed-PDF preservation evidence
• no-cloud posture evidence

5. Router / model registry

Purpose

Expose, in a product-safe way, which model serves which route and whether that claim is proven.

Base to reuse

• Declared runtime model/endpoints in foundry_core/manifest.py
• Runtime inventory scan in foundry_core/runtime/truth.py
• Capacity/routing decisions in project_foundry/capacity_guard.py and status_dashboard.py

Required extension

Add a Foundry registry view that distinguishes:

• declared model dependency
• present model artifact
• live reachable endpoint
• route-assigned model
• eval-proven model for route
• parked/offline asset

This should remain a Foundry export first, with Local LLM Stats only displaying it.

6. Grouped permissions

Purpose

Avoid the per-exec approval death spiral and make packs auditable as capability bundles.

Base to reuse

• Permission contract already defined in pack-system-v0-contract.md
• Redaction/path-sealing patterns in foundry_core/security.py
• Support-bundle packaging in foundry_core/support_bundle.py

Required extension

Foundry must persist and display permission groups with scope and state, for example:

• fs.read_only
• shell.local_safe
• services.control
• data.customer_process
• outbound.send

Pack status must surface:

• granted groups
• denied groups
• partial/demo-only mode when required groups are denied
• human-review-required groups

Data/control flow

1. Operator installs pack.
2. Foundry validates pack manifest and resolves grouped permissions.
3. Foundry checks runtime inventory/capacity/harness readiness.
4. Foundry runs pack check and required smoke evals.
5. Foundry marks routes as ready or declared-not-proven.
6. Local LLM Stats renders Foundry health/visibility output read-only.
7. Operator runs pack.
8. Hermes executes workflow contents.
9. Foundry records route decisions, permission state, eval outcomes, and evidence into Flight Recorder.
10. Foundry emits support bundle / support summary.

Build sequence and owners

Stage 0 — Architecture gate and contract freeze

• Owner: Bob
• Status: complete enough to proceed now
• Artifacts:
• projects/foundry-commercialisation/packs/pack-system-v0-contract.md
• this brief

Stage 1 — Foundry pack runtime spine

• Owner: Tes
• Checker: Mason
• QA: Quinn
• Deliver:
• pack manifest loader/validator
• grouped permission persistence/resolution
• foundry pack install/check/support-bundle
• pack-aware doctor/status output
• Why first:
• this is the substrate Pam needs before pack contents are honest

Stage 2 — PDF Ops reference pack contents

• Owner: Pam
• Checker: Mason
• QA: Quinn
• Deliver:
• pdf-ops-pack manifest
• Hermes workflow config/skills/evals/demo-data wiring
• pack evidence outputs mapped to approved Hermes/PDF proof
• Depends on:
• Stage 1 install/check/bundle contract existing

Stage 3 — Pack run path plus Flight Recorder linkage

• Owner: Tes for Foundry run/evidence path, Pam for workflow seam correctness
• Checker: Mason
• QA: Quinn
• Deliver:
• foundry pack run pdf-ops-pack --demo
• route decision capture
• support bundle includes pack common spine plus PDF-specific evidence

Stage 4 — Specialist Eval Harness promotion state

• Owner: Tes
• Checker: Mason
• QA: Quinn
• Deliver:
• route eval registry and readiness gates
• declared-not-proven vs ready state in status/doctor/support bundle

Stage 5 — Local LLM Stats polish on top of Foundry truth

• Owner: Mason
• QA: Quinn
• Deliver:
• any remaining visibility rendering additions against Foundry exports only

First three implementation tasks to open now

Task 1 — Tes: Foundry pack runtime spine

What this delivers A Foundry-native pack lifecycle path that validates foundry-pack/v0, resolves grouped permissions, runs pack-aware doctor/checks, and emits a pack support bundle.

Grounding files

• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/manifest.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/daemon.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/store.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/observability.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/support_bundle.py
• /Users/lilly/clawd/projects/foundry-commercialisation/packs/pack-system-v0-contract.md

Must implement

• pack manifest validator/loader
• pack state persistence
• grouped permission resolution storage
• foundry pack install/check/support-bundle
• pack-aware doctor clauses

Binary acceptance criteria

• invalid pack manifest fails with explicit clause output
• required denied permission prevents false ready
• foundry pack check emits route and permission summaries
• support bundle contains common pack evidence spine
• status/doctor surface pack state truthfully

Task 2 — Pam: PDF Ops reference pack contents

What this delivers A real pdf-ops-pack built by wrapping the approved Hermes/PDF workflow seam into pack contents, not rebuilding the harness.

Grounding files

• /Users/lilly/clawd/projects/foundry-commercialisation/packs/pack-system-v0-contract.md
• /Users/lilly/clawd/projects/foundry-commercialisation/contracts/foundry-v1-contract.md
• /Users/lilly/clawd/projects/foundry-commercialisation/adapters/hermes/
• /Users/lilly/clawd/projects/foundry-commercialisation/release-candidate/

Must implement

• pack.yaml
• README/install notes
• skills/evals/demo-data/evidence templates
• mapping of five-PDF, 50-field, signed-PDF, no-cloud, retrieval proof into pack outputs

Binary acceptance criteria

• pack installs with Tes runtime spine without manual manifest editing
• outbound send remains disabled by default
• required PDF-specific evidence files emit on demo run
• any unproven route remains non-green

Task 3 — Tes + Pam seam: pack run path and Flight Recorder evidence

What this delivers A truthful demo run path for pdf-ops-pack where Foundry records route choices, Hermes run facts, and emitted evidence as one linked supportable trace.

Grounding files

• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/observability.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/store.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/support_bundle.py
• /Users/lilly/clawd/projects/foundry-commercialisation/contracts/foundry-v1-contract.md

Must implement

• foundry pack run pdf-ops-pack --demo
• route decision/event linkage
• human review event capture shape
• pack run evidence inclusion in support bundle

Binary acceptance criteria

• demo run exits 0 on this Mac Studio
• support bundle contains install/check/run/route/permissions/evals spine plus PDF-specific evidence
• route decisions are queryable from Foundry evidence, not only hidden in Hermes output
• signed-PDF/no-cloud claims still point to explicit artifacts where counters are not yet fully truthful

Risks and non-goals

Non-goals

• no Foundry rewrite
• no new harness bake-off
• no generic agent framework
• no Paperclip clone
• no cloud-first path
• no per-exec approval UX as the pack permission model

Main risks

1. Control-plane drift

• Risk: Local LLM Stats or Hermes starts inventing product truth.
• Control: Foundry remains canonical for route/permission/pack state.

1. Pack greenwashing

• Risk: packs show green while routes are only declared.
• Control: mandatory declared-not-proven state.

1. Permission ambiguity

• Risk: pack install succeeds but real operation silently needs extra dangerous rights.
• Control: grouped capability grants with partial/demo-only states.

1. Evidence split-brain

• Risk: route proof, runtime proof, and workflow proof live in disconnected folders.
• Control: Flight Recorder plus pack support bundle spine.

1. Scope bloat

• Risk: trying to build marketplace/platform abstractions too early.
• Control: one reference pack, one harness, one proof workflow first.

Immediate recommendation

Approve Stage 1 now.

The first implementation step should be Tes building the Foundry pack runtime spine on the existing manifest/daemon/observability/store code, because that is the smallest honest move that unlocks Doctor, Flight Recorder, Eval Harness, and PDF Ops Pack work without re-arguing architecture.

Evidence basis used for this brief

• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/manifest.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/daemon.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/runtime_inspector.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/observability.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/support_bundle.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/store.py
• /Users/lilly/clawd/projects/foundry-core/src/foundry_core/adapters/hermes.py
• /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/cli.py
• /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/capacity_guard.py
• /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/status_dashboard.py
• /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/support_summary.py
• /Users/lilly/clawd/agents/tes/project-foundry/src/project_foundry/localmaxxing_pipeline.py
• /Users/lilly/clawd/agents/tes/project-foundry/docs/evaluation-framework.md
• /Users/lilly/clawd/agents/tes/project-foundry/docs/observability-schema-v1.1.md
• /Users/lilly/clawd/projects/local-llm-stats/src/llm_stats/foundry.py
• /Users/lilly/clawd/projects/local-llm-stats/src/llm_stats/status.py
• /Users/lilly/clawd/projects/foundry-commercialisation/decisions/localmaxxing-foundry-boundary-2026-05-01.md
• /Users/lilly/clawd/projects/foundry-commercialisation/contracts/foundry-v1-contract.md
• /Users/lilly/clawd/projects/foundry-commercialisation/packs/pack-system-v0-contract.md