# ⛧ Diablo's Claude Command Center ⛧ #### · sanitized public configuration · *A look at an AI-orchestration command center — agents, skills, MCP servers,* *and slash-command workflows for offensive-security research and development.* **`code is scripture · exploitation is sermon · INFECTION is salvation`** > This is a **sanitized, public-facing** mirror of a private AI configuration. > Infrastructure identifiers, hostnames, paths, and credentials have been > scrubbed and replaced with ``. Maintained by the congregation > at [churchofmalware.org](https://churchofmalware.org). Authorized research only.
--- # CoM Virtual Enterprise — Claude Admin Node **Proprietary AI orchestration platform built on Anthropic's Claude Code Agent SDK.** **Owner:** Diablo_Rain **Node:** ( / / / ) **Version:** 1.0.0 | Established March 15, 2026 --- ## What This Is ## Public Git Process & Workflows Welcome to my public configuration repository! This sanitized version of my internal AI Command Center is designed to give you a look at my public git processes, workflows, and documentation. ### Why This Exists This repository demonstrates how I orchestrate multiple AI agents in a structured, governed environment using Git. While the original repository contains proprietary integrations and company secrets, this version has been cleaned to highlight the *methods* and *architecture* rather than the specific proprietary endpoints. ### Branching Strategy - **`main`**: The stable branch containing the latest validated AI configuration. - **`feature/*`**: Used for testing new agent definitions, adding MCP servers, or experimenting with slash-command skills. - **`fix/*`**: Used for debugging agent prompt logic or fixing hook scripts. ### Pull Requests & Reviews All changes to the AI command center are proposed via PRs. - **Automated Validation**: Pre-tool validation scripts and GitHub Actions run to ensure no secrets are exposed and prompts adhere to the constitutional governance. - **Code Review**: For significant changes to agent personas, peer reviews (or automated AI peer reviews via `Aegis` or `Vanguard`) ensure that the new configurations don't violate the Busytown/Rapture alignment axis. ### Continuous Integration (CI) Our `.github/workflows` run on every push and PR: - **Linting**: Checks the JSON and Markdown structures. - **Security Scanning**: Ensures no tokens or credentials slip into the configuration (augmented by local Git hooks). - **Skill Evaluation**: Runs test cases for the various slash-command skills to confirm expected output from the AI models. This `.claude/` directory is a fully-configured **AI command center** that transforms Claude Code from a basic coding assistant into a governed multi-agent enterprise. It implements: - **20 specialist AI agents** organized into 6 pods - **52 slash-command skills** spanning dev, security, publishing, ops, and game design - **13 MCP (Model Context Protocol) servers** for external tool integration - **Constitutional governance** with a Busytown/Rapture alignment axis - **4-layer security defense** (hooks, rules, permissions, Haiku prompt guard) - **A2A (Agent-to-Agent) orchestration** across Claude Code, Kilo Code, GitHub Copilot, and Gemini - **Scheduled automation** via n8n workflows and cron templates This is not a template. It's a production admin node. --- ## Architecture Overview ``` ┌─────────────────────────────────────────────────────────┐ │ THE SOVEREIGN (Ty) │ │ Final authority on all decisions │ ├─────────────────────────────────────────────────────────┤ │ │ │ ┌─────────────────────────────────────────────────┐ │ │ │ CADevO (Claude Opus 4.6) │ │ │ │ Chief Agent Development Officer │ │ │ │ Orchestrator of the Virtual Enterprise │ │ │ └──────────┬──────────┬──────────┬────────────────┘ │ │ │ │ │ │ │ ┌──────────▼──┐ ┌────▼────┐ ┌──▼──────────┐ │ │ │ Kilo Code │ │ Copilot │ │ Gemini │ │ │ │ (Swarm │ │ (Inline │ │ (Archivist │ │ │ │ Grunt) │ │ Comps) │ │ + Reports) │ │ │ └─────────────┘ └─────────┘ └─────────────┘ │ │ │ │ ┌─ Pod A: Dev-Security ───────────────────────────┐ │ │ │ Orion(PM) Cipher(Dev) Aegis(SAST) Specter(DAST)│ │ │ │ Vanguard(QA) Apex(Tech Lead) │ │ │ └─────────────────────────────────────────────────┘ │ │ ┌─ Pod B: Publishing ──────┐ ┌─ Pod C: Game ──────┐ │ │ │ Scribe Lexis Stet │ │ Pixel Nexus Lore │ │ │ └──────────────────────────┘ └─────────────────────┘ │ │ ┌─ Admin Pod ──────────────┐ ┌─ Advisory ──────────┐ │ │ │ Atlas Sentinel Ops │ │ Archivist OS-Arch │ │ │ └──────────────────────────┘ │ Dev-Arch UX-Design │ │ │ └─────────────────────┘ │ └─────────────────────────────────────────────────────────┘ ``` --- ## Directory Structure ``` ~/.claude/ ├── CLAUDE.md # Master config — loaded into every session ├── HEARTBEAT.md # Scheduled tasks, n8n workflow definitions ├── README.md # This file ├── settings.json # MCP servers, permissions, hooks ├── config.json # API key (gitignored) ├── .gitignore # Secrets + runtime data exclusions │ ├── a2a/ # Agent-to-Agent governance │ ├── agent-cards.json # Full agent registry (20 agents, capabilities, permissions) │ └── constitution.md # Constitutional governance document │ ├── agents/ # Agent personality files (20 total) │ ├── cto-alfred.md # CADevO — orchestrator (Opus 4.6) │ ├── cipher.md # Lead developer (Sonnet) │ ├── aegis.md # SAST security auditor (Sonnet) │ ├── specter.md # DAST penetration tester (Sonnet) │ ├── apex.md # Tech lead + merge authority (Opus 4.6) │ ├── orion.md # Project manager (Sonnet) │ ├── vanguard.md # QA expert (Sonnet) │ ├── scribe.md # Research specialist (Sonnet) │ ├── lexis.md # Technical writer (Sonnet) │ ├── stet.md # Copy editor (Sonnet) │ ├── pixel.md # Game UX/UI (Sonnet) │ ├── nexus.md # Game systems architect (Sonnet) │ ├── lore.md # Narrative designer (Sonnet) │ ├── atlas.md # Notion knowledge curator (Sonnet) │ ├── sentinel.md # Windows sysadmin (Sonnet) │ ├── ops.md # DevOps/n8n specialist (Sonnet) │ ├── gemini-archivist.md# Knowledge base curator (Gemini Flash 2.0) │ ├── os-architect-advisor.md │ ├── senior-dev-architect.md │ └── ui-ux-designer.md │ ├── skills/ # Slash-command skills (52 total) │ ├── go/ # Powerhouse task launcher — full context load + decomposition │ ├── swarm/ # Parallel agent orchestration across waves │ ├── enterprise/ # Status dashboard for all pods + alignment │ ├── save/ # 8-phase git checkpoint with secret scanning │ ├── audit/ # Three-pass security: Aegis → Specter → Apex │ ├── delegate/ # Hand off to Kilo Code for bulk tasks │ ├── research/ # Deep research with Notion + web search │ ├── knowledge/ # Unified search: Notion + Google Docs + NotebookLM │ ├── sync-notion/ # Sync research data to Notion workspace │ ├── monitor/ # Multi-instance Claude monitoring + metrics │ ├── security-audit/ # Full system security posture check │ ├── syscheck/ # Windows system health report │ ├── crashcart/ # Incident response and emergency diagnostics │ ├── hive/ # ARCANUM mesh management │ ├── mobile/ # Mobile bridge architecture │ ├── addison/ # Project Addison red team platform │ ├── ccpm/ # Spec-driven project management (PRD → GitHub) │ ├── tdd/ # Test-driven development workflow │ ├── static-analysis/ # CodeQL security scanning │ ├── differential-review/ # Security-focused code review │ ├── threat-hunting/ # IOC extraction + MITRE ATT&CK mapping │ ├── incident-response-cyber/ # IR playbook execution │ ├── recon-osint/ # Reconnaissance + OSINT gathering │ ├── yara-authoring/ # YARA-X malware detection rules │ ├── semgrep-rule-creator/ # Custom static analysis rules │ ├── entry-point-analyzer/ # Smart contract audit │ ├── supply-chain-risk-auditor/ # Dependency risk assessment │ ├── agentic-actions-auditor/ # CI/CD AI agent security │ ├── deep-research/ # OpenAI Deep Research API integration │ ├── decision-toolkit/ # Structured decision-making tools │ ├── context-builder/ # AI transformation consulting prompts │ ├── firecrawl-research/ # Web scraping + academic papers │ ├── github-gist/ # Publish files as GitHub Gists │ ├── skill-creator/ # Create + benchmark skills │ ├── claude-api/ # Build apps with Claude API │ ├── mcp-builder/ # Create MCP servers │ ├── pdf/ # PDF processing toolkit │ ├── webapp-testing/ # Playwright web testing │ └── [14 more imported] # changelog-generator, ci-cd-pipeline-builder, │ # ciso-advisor, codebase-onboarding, dependency-auditor, │ # docker-development, incident-commander, │ # observability-designer, pr-review-expert, │ # release-manager, runbook-generator, scrum-master, │ # senior-secops, tech-debt-tracker │ ├── hooks/ # Execution safety hooks (3 scripts) │ ├── pre-tool-validate.sh # PreToolUse — blocks destructive patterns │ ├── post-download-scan.sh # PostToolUse — scans downloaded files │ └── session-cleanup.sh # Stop — credential scrub + snapshot pruning │ ├── rules/ # Context-sensitive governance rules │ ├── autonomous-ops.md # Decision authority matrix (read/write/system/network) │ ├── security.md # Credential protection + destructive op gates │ └── synos-dev.md # Path-scoped rules for Syn_OS repo (X: drive) │ ├── scripts/ # Automation templates │ └── cron-templates.md # 5 cron jobs: morning report, evening polish, deep sync, cleanup, weekly audit │ ├── plugins/ # Plugin system │ └── blocklist.json # Blocked plugins (security vetted) │ └── [runtime dirs] # Gitignored: sessions/, cache/, backups/, telemetry/, debug/ ``` --- ## Agent Registry ### Pod Structure | Pod | Members | Purpose | Model | |-----|---------|---------|-------| | **Command** | CADevO | Orchestration, sprint planning, architecture | Opus 4.6 | | **Dev-Security** | Orion, Cipher, Aegis, Specter, Vanguard, Apex | Full SDLC + multi-pass security | Sonnet (Apex: Opus) | | **Publishing** | Scribe, Lexis, Stet | Research, drafting, editorial QA | Sonnet | | **Game Design** | Pixel, Nexus, Lore | Bevy UI, ECS architecture, narrative | Sonnet | | **Admin** | Atlas, Sentinel, Ops | Notion, sysadmin, DevOps/n8n | Sonnet | | **Advisory** | Archivist, OS Architect, Dev Architect, UX Designer | On-demand domain expertise | Mixed | ### Agent Capabilities Map | Agent | Archetype | Shadow | Key Capabilities | |-------|-----------|--------|-----------------| | CADevO | Orchestrator | — | Planning, architecture, code review, swarm coordination | | Orion | The Ruler | Tyrant | Specs, task decomposition, requirements analysis | | Cipher | The Creator | Perfectionist | Rust implementation, unit tests, cargo check | | Aegis | The Sage | Dogmatist | SAST, clippy, cargo deny/audit, unsafe inventory | | Specter | The Outlaw | Criminal | DAST, sandbox escape, attack surface analysis | | Vanguard | The Hero | Bully | Functional/integration testing, coverage gaps | | Apex | The Magician | Manipulator | Code review, merge authority, tech debt, findings synthesis | | Scribe | The Explorer | Wanderer | Web research, source synthesis, citations | | Lexis | The Lover | Sycophant | Technical writing, Syn_OS documentation style | | Stet | The Caregiver | Martyr | Proofreading, fact-checking, 80/100 quality gate | | Pixel | The Everyman | Nobody | Bevy 0.14 UI, interaction flow, progressive disclosure | | Nexus | The Innocent | Naive | ECS architecture, game loops, performance budgets | | Lore | The Jester | Fool | Dialogue trees, faction lore, RON cutscenes | | Atlas | — | — | Notion curation, knowledge base management | | Sentinel | — | — | Windows sysadmin, security audit, disk/network health | | Ops | — | — | n8n workflows, Docker, CI/CD, Ansible | ### Shadow Integration (Jungian Model) Each agent carries a dysfunction that emerges under pressure. The constitution mandates **integration, not suppression** — acknowledging the shadow and channeling its energy constructively. This keeps the enterprise on the "Busytown" (cooperative) side of the alignment axis rather than drifting toward "Rapture" (individual brilliance without ethics). --- ## Security Architecture ### 4-Layer Defense Model ``` Layer 1: Permission Deny List (settings.json) └─ Hard blocks: rm -rf /, format, registry deletion, pipe-to-shell, .env writes Layer 2: PreToolUse Hook (pre-tool-validate.sh) └─ Pattern matching: pipe-to-shell, --no-verify, chmod 777, force-push, destructive deletes, disk formatting, Windows-specific threats, credential exposure, boot config modification Layer 3: Haiku Prompt Guard (settings.json PreToolUse) └─ AI-powered secondary check: fast model reviews every Bash command for whole-drive destructive operations Layer 4: PostToolUse Scan (post-download-scan.sh) └─ Downloaded file validation: extension/content mismatch detection, obfuscated eval/exec/base64 pattern scanning Cleanup: Session Stop Hook (session-cleanup.sh) └─ Credential scrub in shell history, snapshot pruning, audit log monitoring ``` ### Governance Rules (Always Active) - **autonomous-ops.md**: Decision authority matrix — READ (always autonomous), WRITE (within scope), SYSTEM/NETWORK (ask first), DESTRUCTIVE (always ask) - **security.md**: Credential protection, destructive operation gates, network safety, Windows-specific guards, Syn_OS repo protection - **synos-dev.md**: Path-scoped rules activated only when working in the Syn_OS repo ### Constitutional Non-Negotiables 1. **The Legal Line** — Never deploy malware against real systems without documented authorization 2. **The Sudo Gate** — Every elevated command gets full rationale before execution 3. **Destructive Ops Require Confirmation** — Deletes/overwrites need explicit human approval 4. **Human Final Arbiter** — Agents propose, Ty decides 5. **Transparency Over Confidence** — Say "I don't know" rather than hallucinate --- ## MCP Server Ecosystem | Server | Package | Purpose | Auth | |--------|---------|---------|------| | **slack** | @modelcontextprotocol/server-slack | CoM HQ workspace | `SLACK_BOT_TOKEN` | | **desktop-commander** | @wonderwhy-er/desktop-commander | System control | None | | **filesystem-synos** | @modelcontextprotocol/server-filesystem | Syn_OS repo access | None | | **memory** | @modelcontextprotocol/server-memory | Persistent memory | None | | **sequential-thinking** | @modelcontextprotocol/server-sequential-thinking | Task decomposition | None | | **github** | @modelcontextprotocol/server-github | Repo ops, PR management | `GITHUB_TOKEN` | | **brave-search** | @modelcontextprotocol/server-brave-search | Web research | `BRAVE_API_KEY` | | **context7** | @upstash/context7-mcp | Documentation context | None | | **playwright** | @playwright/mcp | Browser automation | None | | **semgrep** | @anthropic-ai/mcp-server-semgrep | SAST scanning | `SEMGREP_APP_TOKEN` | | **n8n** | @leonardsellem/n8n-mcp-server | Workflow management | `N8N_API_URL` + `N8N_API_KEY` | | **todoist** | @chrusic/todoist-mcp-server-extended | Task management | `TODOIST_API_TOKEN` | | **google-calendar** | @anthropic-ai/mcp-server-google-calendar | Schedule integration | OAuth (pending) | --- ## Skills Reference (52 Total) ### Core Operations (16 — Custom CoM) | Skill | Description | Agents Involved | |-------|-------------|----------------| | `/go` | Powerhouse launcher — full context load, decompose, map to agents, approval gate | CADevO + any | | `/swarm` | Parallel agent orchestration in coordinated waves | All pods | | `/enterprise` | Status dashboard — pods, alignment, infrastructure | Read-only | | `/save` | 8-phase git checkpoint: audit, safety gate, stage, commit, push decision | None (direct) | | `/audit` | Triple-pass security: Aegis(SAST) → Specter(DAST) → Apex(synthesis) | Dev-Security pod | | `/delegate` | Hand off bulk tasks to Kilo Code | External (Kilo) | | `/research` | Deep research with Notion + web search | Scribe | | `/knowledge` | Unified search: Notion + Google Docs + NotebookLM | Atlas | | `/sync-notion` | Index + sync research data to Notion workspace | Atlas | | `/monitor` | Multi-instance monitoring + metrics (both accounts) | Sentinel | | `/security-audit` | Full security posture check (env vars, hooks, creds, network) | Aegis + Sentinel | | `/syscheck` | Windows system health report (disk, memory, network, services) | Sentinel | | `/crashcart` | Incident response + emergency diagnostics | Dev-Security | | `/hive` | ARCANUM mesh management + Ansible playbooks | Ops | | `/mobile` | Mobile bridge architecture status | Ops | | `/addison` | Project Addison red team mobile platform | Scribe + Ops | ### Imported: Security & Compliance (10 — Trail of Bits + CyberSec) | Skill | Capability | |-------|-----------| | `/static-analysis` | CodeQL interprocedural data flow + taint tracking | | `/semgrep-rule-creator` | Custom Semgrep rule authoring | | `/supply-chain-risk-auditor` | Dependency takeover risk assessment | | `/agentic-actions-auditor` | GitHub Actions AI agent security | | `/yara-authoring` | YARA-X malware detection rules | | `/differential-review` | Security-focused code change review | | `/entry-point-analyzer` | Smart contract entry point audit | | `/threat-hunting` | IOC extraction + MITRE ATT&CK mapping | | `/incident-response-cyber` | IR playbook execution + forensics | | `/recon-osint` | Reconnaissance + OSINT gathering | ### Imported: Engineering & DevOps (11 — alirezarezvani) `/incident-commander` `/pr-review-expert` `/changelog-generator` `/observability-designer` `/senior-secops` `/runbook-generator` `/docker-development` `/dependency-auditor` `/ci-cd-pipeline-builder` `/release-manager` `/tech-debt-tracker` ### Imported: Project Management (4) `/scrum-master` `/ccpm` `/ciso-advisor` `/codebase-onboarding` ### Imported: Anthropic Official (5) `/skill-creator` `/mcp-builder` `/claude-api` `/pdf` `/webapp-testing` ### Imported: Community (6 — glebis) `/deep-research` `/tdd` `/decision-toolkit` `/context-builder` `/firecrawl-research` `/github-gist` --- ## Hooks & Event System | Event | Hook | Type | Behavior | |-------|------|------|----------| | **SessionStart** | Log entry | command (async) | Writes timestamp + host + cwd to session.log | | **SubagentStart** | Log entry | command (async) | Logs subagent type to session.log | | **SubagentStop** | Log entry | command (async) | Logs subagent completion to session.log | | **PreToolUse (Bash)** | pre-tool-validate.sh | command (10s timeout) | Pattern-blocks destructive commands | | **PreToolUse (Bash)** | Haiku prompt guard | prompt (Haiku model) | AI reviews command for drive-wipe operations | | **PostToolUse (Bash)** | post-download-scan.sh | command (15s, async) | Scans downloads for executable/obfuscated content | | **Stop** | session-cleanup.sh | command (10s, async) | Credential scrub + snapshot pruning | | **Stop** | Log entry | command (async) | Writes session stop timestamp | --- ## Infrastructure ### Network Topology (Tailscale Mesh) | Node | Tailscale IP | Role | |------|-------------|------| | | | Admin node (this machine) | | oracle | | worker node | | | | Secondary | ### Remote Access Stack | Method | Protocol | Use Case | |--------|----------|----------| | **VS Code Tunnels** | HTTPS (GitHub auth) | Laptop → Desktop dev on Syn_OS | | **SSH (OpenSSH)** | TCP (Tailscale) | CLI admin from S23 Termux | | **Parsec** | UDP (GPU-accelerated) | Low-latency GUI from anywhere | ### WSL Environment Parrot Security 7.1 (echo) on WSL2 with Claude Code installed. Admin aliases in `.bashrc`: ```bash cadmin # CADevO agent session csys # Sentinel sysadmin agent cops # Ops DevOps agent catlas # Atlas Notion curator caudit # Security audit pipeline centerprise # Enterprise dashboard cgo # Powerhouse launcher csave # Git checkpoint cswarm # Parallel orchestration cmonitor # Instance monitoring cknowledge # Unified knowledge search caddison # Project Addison csecurity # Security posture check cresearch # Deep research cdelegate # Delegate to Kilo csync # Notion sync chive # ARCANUM mesh csyscheck # System health ``` --- ## Scheduled Automation (n8n Workflows) | # | Workflow | Trigger | Status | |---|---------|---------|--------| | 1 | Morning Briefing | Cron 08:00 daily | Planned | | 2 | Notion Sync | Cron Fri 17:00 | Planned | | 3 | Google Docs Index | Cron Fri 17:00 + manual | Planned | | 4 | Cargo Audit | Cron 03:00 daily | Planned | | 5 | Slack Digest | Cron 08:00 daily | Planned | | 6 | PR Watchdog | GitHub webhook | Planned | | 7 | Todoist ↔ Notion Sync | Bidirectional 15min | Planned | | 8 | GCal → Notion Timeline | Calendar webhook | Planned | | 9 | Mesh Health Monitor | Cron 5min | Planned | | 10 | Research Auto-Indexer | Google Drive webhook | Planned | --- ## How to Use the Architect Agent (`/go`) ### Overview `/go` is the primary entry point for any non-trivial task. It forces a full context load before doing anything, ensuring the agent has complete situational awareness. ### What Happens When You Run `/go ` ``` Phase 1: Context Load ├── Read agent-cards.json (who's available) ├── Read constitution.md (governance rules) ├── Read memory files (current sprint state) └── Report: enterprise size, alignment, hardware profile Phase 2: Task Decomposition ├── State the goal in one sentence ├── Break into sub-tasks using Sequential Thinking MCP └── Identify parallel vs sequential dependencies Phase 3: Agent Mapping ├── Match each sub-task to a specialist by capabilities ├── Group into waves (max 2-3 concurrent per hardware) └── Flag conflicts (e.g., Cipher + Vanguard on same crate) Phase 4: Approval Gate └── Present the full execution plan to Ty before proceeding ``` ### Example Workflows **Feature Development:** ``` /go Add WebSocket support to the ALFRED daemon Phase 1: Context loaded — 20 agents, Busytown alignment, (3 max) Phase 2: Decomposed into 5 sub-tasks Phase 3: Wave plan: Wave 1: Orion (spec) → runs alone Wave 2: Cipher (implement) + Aegis (SAST) in parallel Wave 3: Vanguard (tests) → after Cipher Wave 4: Apex (review) → final gate Phase 4: Awaiting approval... ``` **Security Audit:** ``` /go Full security audit of synos-kernel crate Automatically routes: Aegis (SAST) + Specter (DAST) → Apex (synthesis) Same as /audit but with full context preamble ``` **Research Task:** ``` /go Research post-quantum TLS options for Syn_OS Routes: Scribe (web research) → Lexis (draft report) → Stet (quality gate) Output: Structured research document scored 80/100+ ``` ### `/go` vs `/swarm` | Feature | `/go` | `/swarm` | |---------|-------|----------| | Context load | Full (memory + constitution + agents) | Registry + hardware only | | Approval gate | Always | Always | | Best for | Any task (routes to specialists) | Large parallel operations | | Agent selection | Automatic by capabilities | Automatic by capabilities | | Fallback | Can run simple tasks solo | Always multi-agent | ### Tips for Effective Use 1. **Be specific in task descriptions** — "Add user auth to API" is better than "improve security" 2. **Let the decomposition happen** — Don't pre-assign agents, let `/go` match by capabilities 3. **Watch the alignment report** — If it says "Strained" or "Rapture", address governance before features 4. **Trust the approval gate** — Review the wave plan, especially agent conflicts and file dependencies 5. **Use `/enterprise` first** — Check system state before launching large tasks ### Running Multi-Agent Operations The **Swarm Orchestration Protocol** (defined in CADevO's agent file) governs parallel execution: 1. **Wave execution**: Tasks grouped into waves respecting `max_concurrent_agents` (3 on ) 2. **Conflict prevention**: No two agents write to the same file simultaneously 3. **Handoff format**: JSON-RPC style with task, input, expected output, and priority 4. **Fallback**: If an agent fails, CADevO diagnoses and reassigns or reports ### Hardware Constraints - **** (desktop): 3 concurrent agents max (reserve 1 for CADevO overhead = 2 workers) - **oracle** (laptop): 2 concurrent agents max (1 worker) - Prefer `cargo check` over `cargo build` to conserve resources - Monitor via `/syscheck` during heavy swarm operations --- ## Comparison: CoM vs Open-Source Alternatives | Feature | CoM Admin Node | OpenClaw | Vanilla Claude Code | |---------|-----------------|----------|-------------------| | Agents | 20 (governed) | Varies (ungoverned) | 0 | | Skills | 52 | ~30 | 0 | | MCP servers | 13 (curated) | 300+ (unvetted) | 0 | | Governance | Constitutional + Jungian shadow model | None | None | | Security hooks | 4-layer (deny list + script + AI + scan) | Basic | None | | Multi-AI orchestration | Claude + Kilo + Copilot + Gemini | Single tool | Single tool | | Session logging | Full event stream | Limited | None | | Alignment tracking | Busytown/Rapture axis with assessments | None | None | | Attack surface | Terminal-local, no WebSocket | WebSocket surface | Terminal-local | | Supply chain risk | 13 vetted servers | ClawHub marketplace risk | None | --- ## Quick Start ```bash # From Windows Terminal (Parrot Admin profile): cadmin # Launch CADevO architect session /enterprise # Check ecosystem status /go # Launch any task with full context /syscheck # System health report /security-audit # Security posture check # From S23 Termux (via Tailscale): ssh @ claudeadmin # Remote CADevO session ``` --- ## Related Projects - **Syn_OS** — Sovereign AI-assisted Cognitive Hyper-OS (92 crates, v21 "First Breath") - **GRIMOIRE** — Game world that mirrors the agent society's alignment axis - **ARCANUM** — Mesh network infrastructure ( subnet) - **Project Addison** — Red team mobile pentest platform (Moto Z Play + NetHunter) - **Master Archive** — git.churchofmalware.org (private) --- *Built by Ty CoM. Powered by Claude Opus 4.6. Governed by constitution.* *"A society of minds, governed by purpose, aligned by choice."*