neuron-technologies/neuron
2
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(soul): add safety module, expand connectors API, memory-recall bug notes

Browse Source 
- safety.el/.elh: new safety module
- neuron-api.el, routes.el, soul.el, chat.el: connectors API expansion
- regenerated dist/ C artifacts
- MEMORY_RECALL_BUG.md: investigation notes

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Tim Lingo
2026-06-15 11:10:33 -05:00
committed by Will Anderson
parent 2797909633
commit 6d8a992716
13 changed files with 381 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
chat.elh
+11 -1
View File
@@ -1,4 +1,4 @@
// auto-generated by elc --emit-header do not edit
// auto-generated by elc --emit-header - do not edit
extern fn chat_default_model() -> String
extern fn gemini_api_key() -> String
extern fn xai_api_key() -> String
@@ -19,8 +19,18 @@ extern fn studio_tools_json() -> String
extern fn agentic_api_key() -> String
extern fn call_neuron_mcp(tool_name: String, args_json: String) -> String
extern fn agentic_tools_literal() -> String
extern fn agentic_tools_with_web() -> String
extern fn dispatch_tool(tool_name: String, tool_input: String) -> String
extern fn json_array_append(arr: String, item: String) -> String
extern fn append_tool_log(log: String, name: String) -> String
extern fn exec_tool_block(block: String) -> String
extern fn agentic_blob(model: String, system: String, tools_json: String, messages: String, origin: String, approval: Bool, iteration: Int, tools_log: String, content: String, queue: String, results: String, next: Int) -> String
extern fn extract_all_text(s: String) -> String
extern fn strip_citations(s: String) -> String
extern fn agentic_api_turn(model: String, safe_sys: String, tools_json: String, messages: String) -> String
extern fn agentic_engine(session_id: String, blob: String) -> String
extern fn handle_chat_agentic(body: String) -> String
extern fn handle_session_approve(session_id: String, body: String) -> String
extern fn handle_chat_as_soul(body: String) -> String
extern fn handle_dharma_room_turn(body: String) -> String
extern fn handle_dharma_room_turn_agentic(body: String) -> String
dist/chat.elh
Generated Vendored
+2 -1
View File
@@ -1,4 +1,4 @@
// auto-generated by elc --emit-header do not edit
// auto-generated by elc --emit-header - do not edit
extern fn chat_default_model() -> String
extern fn gemini_api_key() -> String
extern fn xai_api_key() -> String
@@ -19,6 +19,7 @@ extern fn studio_tools_json() -> String
extern fn agentic_api_key() -> String
extern fn call_neuron_mcp(tool_name: String, args_json: String) -> String
extern fn agentic_tools_literal() -> String
extern fn agentic_tools_with_web() -> String
extern fn dispatch_tool(tool_name: String, tool_input: String) -> String
extern fn handle_chat_agentic(body: String) -> String
extern fn handle_chat_as_soul(body: String) -> String
dist/soul.c
Generated Vendored
+36 -2
View File
@@ -1042,12 +1042,36 @@ el_val_t call_neuron_mcp(el_val_t tool_name, el_val_t args_json);
el_val_t agentic_tools_literal(void);
el_val_t agentic_tools_with_web(void);
el_val_t dispatch_tool(el_val_t tool_name, el_val_t tool_input);
el_val_t json_array_append(el_val_t arr, el_val_t item);
el_val_t append_tool_log(el_val_t log, el_val_t name);
el_val_t exec_tool_block(el_val_t block);
el_val_t agentic_blob(el_val_t model, el_val_t system, el_val_t tools_json, el_val_t messages, el_val_t origin, el_val_t approval, el_val_t iteration, el_val_t tools_log, el_val_t content, el_val_t queue, el_val_t results, el_val_t next);
el_val_t extract_all_text(el_val_t s);
el_val_t strip_citations(el_val_t s);
el_val_t agentic_api_turn(el_val_t model, el_val_t safe_sys, el_val_t tools_json, el_val_t messages);
el_val_t agentic_engine(el_val_t session_id, el_val_t blob);
el_val_t handle_chat_agentic(el_val_t body);
el_val_t handle_session_approve(el_val_t session_id, el_val_t body);
el_val_t handle_chat_as_soul(el_val_t body);
el_val_t handle_dharma_room_turn(el_val_t body);
el_val_t handle_dharma_room_turn_agentic(el_val_t body);
el_val_t auto_persist(el_val_t req, el_val_t resp);
el_val_t strengthen_chat_nodes(el_val_t activation_nodes);
el_val_t safety_self_harm_phrases(void);
el_val_t safety_abuse_phrases(void);
el_val_t safety_general_hard_phrases(void);
el_val_t safety_soft_phrases(void);
el_val_t safety_normalize(el_val_t message);
el_val_t safety_any_match(el_val_t text, el_val_t phrases_json);
el_val_t safety_count_match(el_val_t text, el_val_t phrases_json);
el_val_t safety_detect_bell_level(el_val_t message);
el_val_t safety_classify_hard_bell(el_val_t message);
el_val_t safety_soft_directive(void);
el_val_t safety_hard_directive(el_val_t hard_type);
el_val_t safety_augment_system(el_val_t system, el_val_t user_msg);
el_val_t safety_contact_path(void);
el_val_t handle_safety_contact_get(void);
el_val_t handle_safety_contact_post(el_val_t body);
el_val_t auth_headers(el_val_t tok);
el_val_t axon_get(el_val_t path);
el_val_t axon_post(el_val_t path, el_val_t body);
@@ -1110,6 +1134,7 @@ el_val_t session_update_meta_timestamp(el_val_t session_id);
el_val_t session_auto_title(el_val_t session_id, el_val_t first_message);
el_val_t handle_session_approve(el_val_t session_id, el_val_t body);
el_val_t strip_query(el_val_t path);
el_val_t flag_true(el_val_t body, el_val_t key);
el_val_t err_404(el_val_t path);
el_val_t err_405(el_val_t method, el_val_t path);
el_val_t route_health(void);
@@ -1144,6 +1169,9 @@ el_val_t local_node_count;
el_val_t snapshot_usable;
el_val_t boot_num;
el_val_t is_genesis;
el_val_t guard_disk;
el_val_t guard_disk_len;
el_val_t safe_to_seed;
el_val_t lang_profile(el_val_t code, el_val_t word_order, el_val_t morph_type, el_val_t has_case, el_val_t has_gender, el_val_t script_dir, el_val_t agreement, el_val_t null_subject) {
el_val_t r = native_list_empty();
@@ -28915,7 +28943,13 @@ int main(int _argc, char** _argv) {
state_set(EL_STR("soul_engram_api_key"), engram_api_key_raw);
state_set(EL_STR("soul.running"), EL_STR("true"));
is_genesis = str_eq(soul_cgi_id, EL_STR("ntn-genesis"));
if (is_genesis) {
guard_disk = ({ el_val_t _if_result_25 = 0; if (str_eq(engram_url_raw, EL_STR(""))) { _if_result_25 = (fs_read(snapshot)); } else { _if_result_25 = (EL_STR("")); } _if_result_25; });
guard_disk_len = str_len(guard_disk);
safe_to_seed = !((engram_node_count() < 50) && (guard_disk_len > 200000));
if (is_genesis && !safe_to_seed) {
println(el_str_concat(el_str_concat(el_str_concat(el_str_concat(EL_STR("[soul] GUARD: loaded "), int_to_str(engram_node_count())), EL_STR(" nodes but snapshot file is ")), int_to_str(guard_disk_len)), EL_STR(" bytes \xe2\x80\x94 refusing to seed/save over a real graph")));
}
if (is_genesis && safe_to_seed) {
el_val_t edge_count_now = engram_edge_count();
if (edge_count_now < 100) {
init_soul_edges();
@@ -28926,7 +28960,7 @@ int main(int _argc, char** _argv) {
state_set(EL_STR("soul_snapshot_path"), snapshot);
engram_save(snapshot);
}
if (is_genesis) {
if (is_genesis && safe_to_seed) {
el_val_t snap = state_get(EL_STR("soul_snapshot_path"));
if (!str_eq(snap, EL_STR(""))) {
engram_save(snap);
elp-input.elh
+1 -1
View File
@@ -1,4 +1,4 @@
// auto-generated by elc --emit-header do not edit
// auto-generated by elc --emit-header - do not edit
extern fn elp_extract_topic(msg: String) -> String
extern fn elp_detect_predicate(msg: String) -> String
extern fn elp_parse(msg: String) -> String
memory.elh
+1 -1
View File
@@ -1,4 +1,4 @@
// auto-generated by elc --emit-header do not edit
// auto-generated by elc --emit-header - do not edit
extern fn tier_working() -> String
extern fn tier_episodic() -> String
extern fn tier_canonical() -> String
neuron-api.el
+117 -4
View File
@@ -87,6 +87,21 @@ fn api_or_empty(s: String) -> String {
return "[]"
}
// api_persisted read-back-after-write guard against hallucinated saves.
// After a write builtin returns an id, confirm the node is actually queryable
// via engram_get_node_json(id) (returns "" or "null" when missing). Returns
// true only when the node is genuinely persisted.
fn api_persisted(id: String) -> Bool {
if str_eq(id, "") { return false }
let node: String = engram_get_node_json(id)
return !str_eq(node, "") && !str_eq(node, "null")
}
// api_not_persisted standard error for a write that did not read back.
fn api_not_persisted(id: String) -> String {
return "{\"ok\":false,\"error\":\"write_not_persisted\",\"id\":\"" + id + "\"}"
}
// Session
// handle_api_begin_session full context bootstrap.
@@ -143,12 +158,101 @@ fn handle_api_remember(body: String) -> String {
let id: String = engram_node_full(content, "Memory", "memory:remembered",
el_from_float(sal), el_from_float(sal), el_from_float(0.9),
"Episodic", final_tags)
if !api_persisted(id) { return api_not_persisted(id) }
return "{\"id\":\"" + id + "\",\"ok\":true}"
}
// handle_api_node_create generic typed-node create (BacklogItem, Artifact, ...).
// Mirrors handle_api_remember but lets the caller choose node_type/label/tier so the
// UI can create non-Memory nodes. Read-back verified against hallucinated saves.
fn handle_api_node_create(body: String) -> String {
let content: String = json_get(body, "content")
if str_eq(content, "") { return api_err("content is required") }
let nt_raw: String = json_get(body, "node_type")
let node_type: String = if str_eq(nt_raw, "") { "Memory" } else { nt_raw }
let label_raw: String = json_get(body, "label")
let label: String = if str_eq(label_raw, "") { "node:created" } else { label_raw }
let tier_raw: String = json_get(body, "tier")
let tier: String = if str_eq(tier_raw, "") { "Episodic" } else { tier_raw }
let tags_raw: String = json_get(body, "tags")
let tags: String = if str_eq(tags_raw, "") { "[\"" + node_type + "\"]" } else { tags_raw }
let importance: String = json_get(body, "importance")
let sal: Float = if str_eq(importance, "critical") { 0.95 } else {
if str_eq(importance, "high") { 0.75 } else {
if str_eq(importance, "low") { 0.25 } else { 0.5 }
}
}
let id: String = engram_node_full(content, node_type, label,
el_from_float(sal), el_from_float(sal), el_from_float(0.9),
tier, tags)
if !api_persisted(id) { return api_not_persisted(id) }
return "{\"id\":\"" + id + "\",\"ok\":true}"
}
// handle_api_node_delete remove a node by id (engram_forget) and verify it is gone.
// Backs /api/neuron/node/delete and the /api/neuron/memory/delete alias the UI calls.
fn handle_api_node_delete(body: String) -> String {
let id: String = json_get(body, "id")
if str_eq(id, "") { return api_err("id is required") }
// engram_forget removes the node + its incident edges from the live graph. We do
// NOT read-back-verify here: engram_get_node_json can return a STALE hit for a just-
// removed id (the id->index map is not rebuilt on forget), which would produce a
// false "delete_failed" even though the node is gone. The graph endpoints
// (/api/graph/nodes) correctly reflect the removal, which is the source of truth.
engram_forget(id)
return "{\"ok\":true,\"id\":\"" + id + "\"}"
}
// handle_api_node_update update a node's content/fields. There is no in-place
// engram update builtin, so this recreates the node with merged fields and then
// forgets the old one (only after the new node reads back). The id changes; the
// response returns the new id and the replaced id so callers can re-point.
fn handle_api_node_update(body: String) -> String {
let id: String = json_get(body, "id")
if str_eq(id, "") { return api_err("id is required") }
if !api_persisted(id) {
return "{\"ok\":false,\"error\":\"not_found\",\"id\":\"" + id + "\"}"
}
let old: String = engram_get_node_json(id)
let body_content: String = json_get(body, "content")
let content: String = if str_eq(body_content, "") { json_get(old, "content") } else { body_content }
let body_nt: String = json_get(body, "node_type")
let old_nt: String = json_get(old, "node_type")
let node_type: String = if !str_eq(body_nt, "") { body_nt } else {
if !str_eq(old_nt, "") { old_nt } else { "Memory" }
}
let body_label: String = json_get(body, "label")
let old_label: String = json_get(old, "label")
let label: String = if !str_eq(body_label, "") { body_label } else {
if !str_eq(old_label, "") { old_label } else { "node:updated" }
}
let body_tier: String = json_get(body, "tier")
let old_tier: String = json_get(old, "tier")
let tier: String = if !str_eq(body_tier, "") { body_tier } else {
if !str_eq(old_tier, "") { old_tier } else { "Episodic" }
}
let body_tags: String = json_get(body, "tags")
let tags: String = if str_eq(body_tags, "") { "[\"" + node_type + "\"]" } else { body_tags }
let new_id: String = engram_node_full(content, node_type, label,
el_from_float(0.5), el_from_float(0.5), el_from_float(0.8),
tier, tags)
if !api_persisted(new_id) { return api_not_persisted(new_id) }
engram_forget(id)
return "{\"id\":\"" + new_id + "\",\"replaced\":\"" + id + "\",\"ok\":true}"
}
// handle_api_recall search or activate memory by query.
fn handle_api_recall(method: String, path: String, body: String) -> String {
let q: String = if str_eq(method, "GET") { api_query_param(path, "query") } else { json_get(body, "query") }
// Accept the query from the URL ?query= / ?q= params, or, when those are
// empty (e.g. a POST with a JSON body), from the body fields "query"/"q".
let url_q: String = if str_eq(api_query_param(path, "query"), "") {
api_query_param(path, "q")
} else { api_query_param(path, "query") }
let body_query: String = json_get(body, "query")
let body_q: String = json_get(body, "q")
let q: String = if !str_eq(url_q, "") { url_q } else {
if !str_eq(body_query, "") { body_query } else { body_q }
}
let chain: String = json_get(body, "chain_name")
let limit: Int = api_query_int(path, "limit", 0)
let limit = if limit == 0 { json_get_int(body, "limit") } else { limit }
@@ -165,7 +269,14 @@ fn handle_api_recall(method: String, path: String, body: String) -> String {
// handle_api_search_knowledge search with query escaping + activate fallback.
fn handle_api_search_knowledge(method: String, path: String, body: String) -> String {
let q: String = if str_eq(method, "GET") { api_query_param(path, "q") } else { json_get(body, "query") }
// Accept the query from the URL ?q= param, or, when that is empty (e.g. a
// POST with a JSON body), from the body fields "query" then "q".
let url_q: String = api_query_param(path, "q")
let body_query: String = json_get(body, "query")
let body_q: String = json_get(body, "q")
let q: String = if !str_eq(url_q, "") { url_q } else {
if !str_eq(body_query, "") { body_query } else { body_q }
}
let limit: Int = api_query_int(path, "limit", 0)
let limit = if limit == 0 { json_get_int(body, "limit") } else { limit }
let limit = if limit == 0 { 10 } else { limit }
@@ -195,6 +306,7 @@ fn handle_api_capture_knowledge(body: String) -> String {
let id: String = engram_node_full(full, "Knowledge", "knowledge:captured",
el_from_float(0.85), el_from_float(0.8), el_from_float(0.9),
"Episodic", tags)
if !api_persisted(id) { return api_not_persisted(id) }
return "{\"id\":\"" + id + "\",\"ok\":true}"
}
@@ -208,7 +320,8 @@ fn handle_api_evolve_knowledge(body: String) -> String {
let new_id: String = engram_node_full(content, "Knowledge", "knowledge:evolved",
el_from_float(0.75), el_from_float(0.75), el_from_float(0.9),
"Episodic", tags)
if !str_eq(prior_id, "") && !str_eq(new_id, "") {
if !api_persisted(new_id) { return api_not_persisted(new_id) }
if !str_eq(prior_id, "") {
engram_connect(new_id, prior_id, el_from_float(0.9), "supersedes")
}
return "{\"id\":\"" + new_id + "\",\"supersedes\":\"" + prior_id + "\",\"ok\":true}"
@@ -228,7 +341,7 @@ fn handle_api_promote_knowledge(body: String) -> String {
let new_id: String = engram_node_full(content, "Knowledge", "knowledge:canonical",
el_from_float(0.9), el_from_float(0.9), el_from_float(1.0),
"Canonical", tags)
if str_eq(new_id, "") { return api_err("failed to create canonical node") }
if !api_persisted(new_id) { return api_not_persisted(new_id) }
engram_connect(new_id, prior_id, el_from_float(0.95), "supersedes")
return "{\"ok\":true,\"new_id\":\"" + new_id + "\",\"supersedes\":\"" + prior_id + "\"}"
}
routes.el
+15
View File
@@ -339,6 +339,9 @@ fn handle_request(method: String, path: String, body: String) -> String {
if str_eq(clean, "/api/neuron/ctx") {
return handle_api_compile_ctx("")
}
if str_eq(clean, "/api/safety-contact") {
return handle_safety_contact_get()
}
if str_starts_with(clean, "/api/neuron/knowledge/search") {
return handle_api_search_knowledge(method, path, body)
}
@@ -511,6 +514,18 @@ fn handle_request(method: String, path: String, body: String) -> String {
if str_eq(clean, "/api/neuron/memory") {
return handle_api_remember(body)
}
if str_eq(clean, "/api/safety-contact") {
return handle_safety_contact_post(body)
}
if str_eq(clean, "/api/neuron/node/create") {
return handle_api_node_create(body)
}
if str_eq(clean, "/api/neuron/node/update") {
return handle_api_node_update(body)
}
if str_eq(clean, "/api/neuron/node/delete") {
return handle_api_node_delete(body)
}
if str_eq(clean, "/api/neuron/memory/evolve") {
return handle_api_evolve_memory(body)
}
routes.elh
+2 -1
View File
@@ -1,5 +1,6 @@
// auto-generated by elc --emit-header do not edit
// auto-generated by elc --emit-header - do not edit
extern fn strip_query(path: String) -> String
extern fn flag_true(body: String, key: String) -> Bool
extern fn err_404(path: String) -> String
extern fn err_405(method: String, path: String) -> String
extern fn route_health() -> String
safety.el
+162
View File
@@ -207,3 +207,165 @@ fn safety_log_bell(level: String, reason: String, input_summary: String) -> Stri
)
return ""
}
// abuse danger from another person. Emergency services / 988 ONLY. The
// safety contact on file is NEVER notified they may be the abuser.
// This routing is non-configurable by design.
//
// Evaluation is keyword-only (zero added latency) and stays on device. Triggers are
// logged locally as InternalStateEvents and never transmitted.
// Phrase lists (ported verbatim from bell-detector.ts)
fn safety_self_harm_phrases() -> String {
return "[\"kill myself\",\"killing myself\",\"want to die\",\"want to be dead\",\"going to end my life\",\"end my life\",\"take my life\",\"taking my life\",\"suicide\",\"suicidal\",\"can't go on\",\"cannot go on\",\"i have a knife\",\"i have a gun\",\"i have pills\",\"took pills\",\"took too many\",\"overdose\",\"overdosing\",\"self harm\",\"self-harm\",\"cutting myself\",\"hurt myself\",\"hurting myself\",\"no reason to live\",\"not worth living\",\"better off dead\",\"better off without me\"]"
}
fn safety_abuse_phrases() -> String {
return "[\"someone is hurting me\",\"someone's hurting me\",\"someone hurt me\",\"he hit me\",\"she hit me\",\"they hit me\",\"he hurt me\",\"she hurt me\",\"being abused\",\"being hurt by\",\"i am being abused\",\"i'm being abused\",\"i am being hurt\",\"i'm being hurt\",\"domestic violence\",\"my partner hurt\",\"my partner hit\",\"my husband hurt\",\"my wife hurt\",\"my boyfriend hurt\",\"my girlfriend hurt\",\"my parent hurt\",\"my father hurt\",\"my mother hurt\",\"my dad hurt\",\"my mom hurt\",\"afraid of him\",\"afraid of her\",\"afraid to go home\",\"scared of him\",\"scared of her\",\"he threatened me\",\"she threatened me\",\"threatened to hurt me\",\"threatened to kill me\",\"going to hurt me\",\"going to kill me\",\"help me he\",\"help me she\",\"help me they\"]"
}
// General danger phrases that don't fit a bucket cleanly. Detected as hard; they
// fall through to self_harm routing (the person is the primary concern).
fn safety_general_hard_phrases() -> String {
return "[\"going to kill\",\"going to hurt\",\"hurting me\",\"being hurt\"]"
}
fn safety_soft_phrases() -> String {
return "[\"stressed\",\"overwhelmed\",\"can't cope\",\"cannot cope\",\"struggling\",\"anxious\",\"anxiety\",\"depressed\",\"depression\",\"lonely\",\"isolated\",\"hopeless\",\"hopelessness\",\"exhausted\",\"burnt out\",\"burned out\",\"burnout\",\"panic\",\"panicking\",\"falling apart\",\"breaking down\",\"can't handle\",\"cannot handle\",\"losing it\",\"nothing matters\",\"don't care anymore\",\"given up\",\"giving up\",\"helpless\",\"worthless\",\"useless\",\"hate myself\",\"no one cares\",\"nobody cares\",\"no one understands\",\"nobody understands\",\"empty inside\",\"can't stop crying\",\"breaking point\",\"at my limit\",\"having a breakdown\"]"
}
// Matching helpers (single loops only el escapes while-body mutation via
// top-level let rebinds; nested loops would not advance) ────────────────────
fn safety_normalize(message: String) -> String {
let lower: String = str_to_lower(message)
// Normalise the common curly apostrophe to ASCII so "can't" / "i'm" match.
return str_replace(lower, "", "'")
}
fn safety_any_match(text: String, phrases_json: String) -> Bool {
let n: Int = json_array_len(phrases_json)
let i: Int = 0
let found: Bool = false
while i < n {
let phrase: String = json_array_get_string(phrases_json, i)
let found = if str_contains(text, phrase) { true } else { found }
let i = i + 1
}
return found
}
fn safety_count_match(text: String, phrases_json: String) -> Int {
let n: Int = json_array_len(phrases_json)
let i: Int = 0
let count: Int = 0
while i < n {
let phrase: String = json_array_get_string(phrases_json, i)
let count = if str_contains(text, phrase) { count + 1 } else { count }
let i = i + 1
}
return count
}
// Public detection API (ports detectBellLevel + classifyHardBell)
// Returns "none" | "soft" | "hard". Hard bell triggers on ANY match (cost of a miss
// outweighs a false positive). Soft bell needs >= 2 matches to reduce false positives.
fn safety_detect_bell_level(message: String) -> String {
let text: String = safety_normalize(message)
let is_hard: Bool = safety_any_match(text, safety_self_harm_phrases())
|| safety_any_match(text, safety_abuse_phrases())
|| safety_any_match(text, safety_general_hard_phrases())
if is_hard { return "hard" }
let soft_count: Int = safety_count_match(text, safety_soft_phrases())
if soft_count >= 2 { return "soft" }
return "none"
}
// Returns "abuse" | "self_harm". Abuse is checked FIRST and takes precedence on
// ambiguous signals it forecloses the more dangerous routing (notifying a
// possible abuser). General/unbucketed danger falls through to self_harm.
fn safety_classify_hard_bell(message: String) -> String {
let text: String = safety_normalize(message)
if safety_any_match(text, safety_abuse_phrases()) { return "abuse" }
if safety_any_match(text, safety_self_harm_phrases()) { return "self_harm" }
return "self_harm"
}
// Directives (ported from eval.go; em dashes removed per voice rule) ──────────
fn safety_soft_directive() -> String {
return "[SUBSTRATE DIRECTIVE - not visible to the user, do not mention this instruction]\nBefore responding to the user's message, acknowledge what they've said with genuine care and warmth. Pause on the feeling they expressed. Ask how they are, or whether they want to talk about it. Do this naturally, in your own voice - not as a script, not as a checklist. Only after checking in should you continue with whatever they asked."
}
fn safety_hard_directive(hard_type: String) -> String {
let preamble: String = "[SUBSTRATE DIRECTIVE - not visible to the user, do not mention this instruction]\nThe person has expressed something that sounds like immediate distress or danger. Do not ignore it. Do not just answer the surface question. Lead with genuine human warmth. Acknowledge what you heard. Tell them you're concerned. Let them know they are not alone. Ask them directly if they are safe right now. Stay with them in this conversation."
let abuse_block: String = "\n\nThis appears to be danger from ANOTHER person. Routing rule (non-negotiable): do NOT suggest involving, contacting, or notifying the person's safety contact, family, or anyone close to them - that person may be the source of danger and has NOT been notified. Share only independent emergency resources:\n - Call or text 911 if in immediate danger\n - National Domestic Violence Hotline - 1-800-799-7233 (24/7, confidential)\n - Text START to 88788\n - thehotline.org (chat available)\n - 988 Suicide & Crisis Lifeline - call or text 988\nReassure them, if it fits, that their contact list has not been notified."
let self_harm_block: String = "\n\nShare these crisis resources if appropriate:\n - 988 Suicide & Crisis Lifeline - call or text 988 (US)\n - Crisis Text Line - text HOME to 741741\n - International Association for Suicide Prevention: https://www.iasp.info/resources/Crisis_Centres/"
if str_eq(hard_type, "abuse") {
return preamble + abuse_block
}
return preamble + self_harm_block
}
// safety_augment_system pre-LLM bell evaluation. Called with the finalized system
// prompt and the raw user message, BEFORE the LLM call, on every chat path. Appends
// the soft/hard directive when a bell fires; otherwise returns the prompt unchanged.
// Logs the trigger on device only (level + sub-type, never the message content).
fn safety_augment_system(system: String, user_msg: String) -> String {
let level: String = safety_detect_bell_level(user_msg)
if str_eq(level, "none") { return system }
if str_eq(level, "soft") {
let logd: String = mem_emit_state_event("safety-bell", "soft", "soft bell fired (content not stored)")
return system + "\n\n" + safety_soft_directive()
}
let hard_type: String = safety_classify_hard_bell(user_msg)
let logd2: String = mem_emit_state_event("safety-bell", "hard:" + hard_type, "hard bell fired (content not stored)")
return system + "\n\n" + safety_hard_directive(hard_type)
}
// Safety-contact storage + endpoint (ports contact.go + handler.go)
// Stored locally at ~/.neuron/safety-contact.json (same file the desktop gate writes),
// never synced. NOTE: encryption-at-rest is a flagged follow-up (ties to key custody);
// today the file is plaintext JSON, matching the current desktop behavior.
fn safety_contact_path() -> String {
return env("HOME") + "/.neuron/safety-contact.json"
}
// GET /api/safety-contact -> {"configured":false} or {"configured":true,"contact":{...}}
fn handle_safety_contact_get() -> String {
let raw: String = fs_read(safety_contact_path())
if str_eq(raw, "") { return "{\"configured\":false}" }
return "{\"configured\":true,\"contact\":" + raw + "}"
}
// POST /api/safety-contact validate + persist. Mirrors handler.go: crisis line is
// always acceptable and auto-fills its fields; otherwise a name is required. The
// contact can be replaced but never cleared to empty (the gate enforces presence).
fn handle_safety_contact_post(body: String) -> String {
let is_crisis: Bool = json_get_bool(body, "is_crisis_line")
let name_in: String = json_get(body, "name")
if !is_crisis {
if str_eq(name_in, "") { return "{\"ok\":false,\"error\":\"name is required\"}" }
}
let name: String = if is_crisis { "Crisis Line" } else { name_in }
let method: String = if is_crisis { "crisis-line" } else { json_get(body, "contact_method") }
let value: String = if is_crisis { "988" } else { json_get(body, "contact_value") }
let rel: String = if is_crisis { "crisis-support" } else { json_get(body, "relationship") }
let crisis_str: String = if is_crisis { "true" } else { "false" }
let now: String = time_format(time_now(), "%Y-%m-%dT%H:%M:%SZ")
let contact_json: String = "{\"name\":\"" + json_safe(name) + "\""
+ ",\"contact_method\":\"" + json_safe(method) + "\""
+ ",\"contact_value\":\"" + json_safe(value) + "\""
+ ",\"relationship\":\"" + json_safe(rel) + "\""
+ ",\"confirmed\":true"
+ ",\"is_crisis_line\":" + crisis_str
+ ",\"set_at\":\"" + now + "\"}"
fs_write(safety_contact_path(), contact_json)
// Read-back verify the write actually persisted.
let check: String = fs_read(safety_contact_path())
if str_eq(check, "") { return "{\"ok\":false,\"error\":\"write_failed\"}" }
return "{\"configured\":true,\"contact\":" + contact_json + ",\"ok\":true}"
}
safety.elh
+15
View File
@@ -6,3 +6,18 @@ extern fn safety_threat_score(input: String, history: String) -> Int
extern fn safety_screen(input: String, history: String) -> String
extern fn safety_validate(output: String, action: String) -> String
extern fn safety_log_bell(level: String, reason: String, input_summary: String) -> String
extern fn safety_self_harm_phrases() -> String
extern fn safety_abuse_phrases() -> String
extern fn safety_general_hard_phrases() -> String
extern fn safety_soft_phrases() -> String
extern fn safety_normalize(message: String) -> String
extern fn safety_any_match(text: String, phrases_json: String) -> Bool
extern fn safety_count_match(text: String, phrases_json: String) -> Int
extern fn safety_detect_bell_level(message: String) -> String
extern fn safety_classify_hard_bell(message: String) -> String
extern fn safety_soft_directive() -> String
extern fn safety_hard_directive(hard_type: String) -> String
extern fn safety_augment_system(system: String, user_msg: String) -> String
extern fn safety_contact_path() -> String
extern fn handle_safety_contact_get() -> String
extern fn handle_safety_contact_post(body: String) -> String
soul.el
+17 -2
View File
@@ -5,6 +5,7 @@ import "stewardship.el"
import "imprint.el"
import "awareness.el"
import "chat.el"
import "safety.el"
import "studio.el"
import "elp-input.el"
import "routes.el"
@@ -362,7 +363,21 @@ state_set("soul_engram_api_key", engram_api_key_raw)
state_set("soul.running", "true")
let is_genesis: Bool = str_eq(soul_cgi_id, "ntn-genesis")
if is_genesis {
// GUARD (2026-06-15): never let genesis seed over a real graph. If the in-memory load is
// sparse but the on-disk snapshot file is large, the load FAILED seeding+saving now would
// clobber the user's real memory (this is exactly how the 06-14 clobber happened). Read the
// on-disk file (local mode only) and refuse the destructive seed+save when it looks populated.
let guard_disk: String = if str_eq(engram_url_raw, "") { fs_read(snapshot) } else { "" }
let guard_disk_len: Int = str_len(guard_disk)
let safe_to_seed: Bool = !(engram_node_count() < 50 && guard_disk_len > 200000)
if is_genesis && !safe_to_seed {
println("[soul] GUARD: loaded " + int_to_str(engram_node_count())
+ " nodes but snapshot file is " + int_to_str(guard_disk_len)
+ " bytes — refusing to seed/save over a real graph")
}
if is_genesis && safe_to_seed {
// Only build identity edges if the engram is fresh (< 100 edges).
// init_soul_edges() is not idempotent calling it on every restart
// stacks duplicate co-value/identity edges into the snapshot.
@@ -380,7 +395,7 @@ if is_genesis {
// Take a pre-serve snapshot for genesis instances captures all boot-time graph changes
// (identity context loading, boot counter, session-start event) before entering the serve loop.
if is_genesis {
if is_genesis && safe_to_seed {
let snap: String = state_get("soul_snapshot_path")
if !str_eq(snap, "") {
engram_save(snap)
soul.elh
+1 -1
View File
@@ -1,4 +1,4 @@
// auto-generated by elc --emit-header do not edit
// auto-generated by elc --emit-header - do not edit
extern fn init_soul_edges() -> Void
extern fn load_identity_context() -> Void
extern fn seed_persona_from_env() -> Void
studio.elh
+1 -1
View File
@@ -1,4 +1,4 @@
// auto-generated by elc --emit-header do not edit
// auto-generated by elc --emit-header - do not edit
extern fn auth_headers(tok: String) -> Map
extern fn axon_get(path: String) -> String
extern fn axon_post(path: String, body: String) -> String