Shared memory and context tools for agentic work.
Code Rooms
---
Protocol: L1GHT/1.0
Node: M1ND_AGENT_OPERATING_LAYER
State: strategic_prd
Color: amber
Glyph: mission
Completeness: draft
Proof: docs/internal/M1ND-AGENT-OPERATING-LAYER-PRD.md
Depends on:
- M1ND_MISSION_CONTROL_V0
- M1ND_L1GHT_DOCUMENT_LANE
- M1ND_BENCHMARK_GYM
- M1ND_RECOVERY_OS
Next:
- MISSION_KERNEL_V1_BOUNDARY
# m1nd Agent Operating Layer
## North Star
The [β entity: AgentOperatingLayer] turns `m1nd` from graph memory plus tools
into a local nervous system for software agents.
[β state: strategic_prd]
[π» confidence: medium]
[π» evidence: docs/internal/M1ND-AGENT-OPERATING-LAYER-PRD.md]
## Core Thesis
Agents do not only need better retrieval. They need a mission runtime that
knows workspace truth, tool policy, evidence status, handoff continuity, and
recovery state.
[β entity: MissionRuntime]
[β depends_on: ContextGuardV1]
[β depends_on: EvidenceLedger]
[β depends_on: ToolPolicyRouter]
[β depends_on: AgentFlightRecorder]
[β depends_on: BenchmarkGym]
## Current Evidence
The latest internal p-limit bug-hunt sweep showed `m1nd-mission-control` at
10/10 seeded recall, while `direct` and `m1nd-trained` each reached 9/10.
[β event: MC0DirectSweepBenchmarkSignal]
[β binds_to: docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-mc0-sweep-20260517T211556Z/ROUND-NOTES.md]
[AMBER warning: internal product learning, not public benchmark copy]
This PRD session also showed that `trust_selftest` can detect a wrong workspace
before retrieval, while semantic `seek` can still return blocked after ingest.
That makes self-explaining degraded intelligence a product requirement.
[β event: PRDSessionRecoveryObservation]
[β depends_on: recovery_playbook]
[β depends_on: doctor]
[AMBER warning: populated graph plus blocked seek should trigger recovery, not silent shell fallback]
## Primary Modules
### Mission Kernel V1
[β entity: MissionKernelV1]
[β state: implementation_boundary]
[β depends_on: M1ND_MISSION_CONTROL_V0]
[β tests: start_event_next_verify_handoff_close_tests]
Mission Kernel V1 extends the current four-tool mission loop into
start/event/next/claim-or-verify/handoff/close.
### Context Guard V1
[β entity: ContextGuardV1]
[β state: pattern]
[β binds_to: trust_selftest]
[β binds_to: session_handshake]
[β binds_to: recovery_playbook]
Context Guard V1 binds each mission to repo, workspace root, ingest roots,
runtime root, binary version, and graph generation.
### Evidence Ledger
[β entity: EvidenceLedger]
[β state: planned]
[β depends_on: MissionKernelV1]
[β binds_to: W3C_PROV_DONOR]
Evidence Ledger records mission events, direct evidence classes, graph-only
evidence, claim references, non-claims, gaps, and event digests.
### Agent Flight Recorder
[β entity: AgentFlightRecorder]
[β binds_to: OPEN_TELEMETRY_DONOR]
Agent Flight Recorder writes local JSONL mission traces with phase, tool family,
target, duration, outcome, confidence, graph call count, direct evidence count,
and loop warnings.
### Tool Policy Router
[β entity: ToolPolicyRouter]
[β state: signal]
[β binds_to: mission_next]
Tool Policy Router emits allowed tools, preferred next move, do-not guardrails,
stop conditions, fallback, evidence requirement, and budget remaining.
### L1GHT Knowledge Synthesizer
[β entity: L1GHTKnowledgeSynthesizer]
[β binds_to: m1nd-ingest/src/l1ght_adapter.rs]
[β depends_on: M1ND_L1GHT_DOCUMENT_LANE]
L1GHT Knowledge Synthesizer turns strategy docs, PRDs, donor maps, benchmark
lessons, and operating doctrine into graph-native knowledge.
### Benchmark Gym
[β entity: BenchmarkGym]
[β binds_to: scripts/benchmark/bug_hunt_round.py]
Benchmark Gym measures seeded recall, first-good-finding time, graph call count,
direct evidence count, repeated search count, claim rejection rate, false close
rate, drift catch rate, and handoff resumability.
### Recovery OS
[β entity: RecoveryOS]
[β binds_to: npm/lib/cli.js]
[β binds_to: doctor]
Recovery OS diagnoses stale npm package, stale native runtime, stale host tool
surface, wrong workspace, dead MCP transport, missing recovery tools, and graph
retrieval split-brain.
## Donor Concepts
[β entity: LANGGRAPH_DONOR]
[β binds_to: durable_execution]
[β binds_to: persistence]
[β entity: TEMPORAL_DONOR]
[β binds_to: deterministic_replay]
[β binds_to: workflow_history]
[β entity: OPEN_TELEMETRY_DONOR]
[β binds_to: traces]
[β binds_to: spans]
[β entity: W3C_PROV_DONOR]
[β binds_to: provenance_entities_activities_agents]
[β entity: REACT_DONOR]
[β binds_to: reasoning_acting_loop]
[β entity: REFLEXION_DONOR]
[β binds_to: feedback_memory]
[β entity: VOYAGER_DONOR]
[β binds_to: skill_library]
[β entity: DSPY_DONOR]
[β binds_to: metric_driven_optimization]
## Blockers
[AMBER warning: MissionKernelV1 has an initial implementation boundary, not repeated benchmark proof]
[AMBER warning: EvidenceLedger event digest exists as local hash64, not signed sha256 provenance]
[AMBER warning: semantic seek can be blocked even after populated ingest]
[AMBER warning: benchmark evidence is internal and fixture-limited]
[AMBER warning: host rebind cannot be claimed without fresh host handshake]
## Non Claims
This L1GHT node does not claim the full Agent Operating Layer exists, public
benchmark superiority is proven, semantic retrieval is always reliable, host
rebind can be inferred, event digests are signed cryptographic provenance, or
tests and source reads can be replaced.
[π» ambiguity: strategic direction, not implementation proof]
## Next
Build [β entity: MISSION_KERNEL_V1_BOUNDARY] as a proof-grown construction:
extend mission state with event, handoff, event digest, direct evidence classes,
and Context Guard envelope.
[β tests: cargo_test_mission_handlers]
[β tests: benchmark_smoke_mc0]