inter-hub is retired (Haskell/IHP build-chain problems), superseded by core-hub (Python/FastAPI/Postgres). Its capability entry was updated directly in ~/inter-hub (commit cffdf9e): D3/A1/C1/R0 -> D5/A1/C3/R0, status: deprecated, relations.related_to -> capability.infotech.core-hub. core-hub itself is not yet added to reuse-surface's roster/federation sources -- it postdates the WP-0017 coverage sweep; noted as a follow-up. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
19 KiB
REUSE-WP-0017-T04 review summary
Update 2026-07-07:
inter-hubhas been retired (Haskell/IHP build-chain problems) and superseded bycore-hub(Python/FastAPI/Postgres). Its capability entry was reassessed and markeddeprecated— seehistory/2026-07-07-inter-hub-retirement.md. The D3/A1/C1/R0 vector in the table below is now stale for that one row; current vector is D5/A1/C3/R0.
Prepared for the T05 human-review-and-publish-pass checkpoint. Everything below is generated from the actual files committed in each sibling repo (not from drafting notes), so it reflects what would actually get pushed and published.
Coverage: 61/61. 48 repos have a capability entry, 13 have an explicit
registry/NO_CAPABILITIES.md marker, 0 remain unclassified.
What's new this session (T02–T04): 30 sibling repos got a first commit —
13 no-capability markers (T03) and 17 newly drafted capability entries
(the first two T04 cohorts + this final cohort — see per-cohort commit
messages in workplans/REUSE-WP-0017-capability-coverage-campaign.md for
the exact 10/10/17 split). The other 18 has rows below already existed
before this workplan (activity-core, audit-core, config-atlas,
feature-control, flex-auth, identity-canon, ops-warden, repo-seed,
reuse-surface, shard-wiki, state-hub, plus the ones drafted in cohorts
1–2 — see the table for the full picture; cohort provenance is in the
workplan file, not repeated here).
Everything below is committed locally only. Nothing has been pushed to
any sibling repo's remote. T05 is where you review, then push +
publish-check + hub refresh + federation compose happen.
How to review a single entry
cd ~/<repo-slug>
git log -1 --stat # see exactly what was added
git show HEAD # full diff
cat registry/capabilities/<id>.md # or registry/NO_CAPABILITIES.md
To push everything after review (per-repo, once you're satisfied):
git -C ~/<repo-slug> push origin main
Things worth a closer look before pushing
the-custodian— the repo root carries an NDA/confidentiality notice. The entry (capability.agents.custodian-runtime-tooling) is deliberately scoped to only the non-confidentialruntime/agent framework andtools/repo-classification scripts; canon/memory content is explicitly excluded indiscovery.excludesandconsumer_guidance.not_recommended_for. Please double-check this scoping is exactly right before pushing — this is the one entry where getting the boundary wrong has real consequences.vergabe-teilnahme— its ownSCOPE.mdis an unfilled template, so the entry is honestly low (D1/A1/C0/R0) with a limitation note that filling in SCOPE.md should happen before further promotion.markitect-main— registered as a superseded legacy platform, withconsumer_guidance.not_recommended_forpointing new consumers at its three successors (markitect-tool,infospace-bench,kontextual-engine). Worth confirming that's the framing you want on the record.issue-core— migrated its own pre-existingCAPABILITY-issue-tracking.yaml(a rich, non-standard capability manifest with 109 tests / 61% coverage documented) into the standardregistry/capabilities/location, rather than drafting fresh. Worth confirming nothing was lost in translation.- Stale repo-seed-template READMEs —
inter-hub,open-reuse, andvantage-pointall still show the genericrepo-seedbootstrap README at their repo root; I used each repo'sSCOPE.md/INTENT.mdinstead (noted in each entry's discovery rationale) since those are accurate. The stale READMEs themselves are a small, separate cleanup — not fixed here, out of scope for this workplan. - Forgejo-transition tooling surfaced along the way —
railiance-enablement(tools/promote-repo-to-forgejo.sh),railiance-apps(tools/forgejo-smoke.sh), andthe-custodian(tools/patch-forgejo-remote-urls.sh) all ship tooling directly relevant to REUSE-WP-0019's host-migration inventory (T01) — worth cross-referencing when that workplan starts. - Two pre-existing roster rows had a stale
seed_capability_ids: []despite having real, already-published entries:activity-core(capability.activity.event-coordinate) andops-warden(capability.security.ssh-certificate-issuance). Fixed as a small incidental correction in the roster — not new drafts, just a bookkeeping gap from before this workplan. config-atlasremainspublish_check: fail(303 error) — tracked separately as REUSE-WP-0017-T06, likely related to the Gitea→Forgejo transition (REUSE-WP-0019-T01).
All 48 capability entries
| Repo | Capability ID | Vector (D/A/C/R) | Summary |
|---|---|---|---|
activity-core |
capability.activity.event-coordinate |
D3/A1/C1/R0 | Coordinate structured responses to cross-domain events through activity workflows and automation. |
artifact-store |
capability.infotech.artifact-store |
D3/A1/C1/R0 | Generic artifact registry and storage gateway for generated outputs, evidence packages, reports, logs, snapshots, exports, and release artifacts. |
audit-core |
capability.audit.event-retain |
D4/A2/C2/R1 | Collect, normalize, retain, and search audit events with integrity evidence across tenants. |
can-you-assist |
capability.agents.cli-assistant |
D2/A2/C1/R0 | Console-native, backend-agnostic assistant CLI that expresses user intent in natural language and returns safe, explainable, context-aware help. |
citation-engine |
capability.infotech.citation-engine |
D3/A1/C1/R0 | Core domain model and engine services for the citation-evidence ecosystem — shared vocabulary, in-memory repositories, orchestration services, event bus, and citation card renderers. |
citation-evidence |
capability.infotech.citation-evidence-workspace |
D4/A1/C1/R0 | Document-centered evidence workspace for capturing, managing, presenting, and re-opening citations — the umbrella application over the citation-evidence six-package design. |
config-atlas |
capability.infotech.config-surface-atlas |
D5/A0/C2/R2 | Read-first, cross-kind map and evidence layer for configuration surfaces — what configures a system, who owns it, its scope, and where the source of truth lives. |
email-connect |
capability.infotech.email-connector |
D2/A1/C1/R0 | Headless, provider-neutral email communication and evidence service; first slice scans a mailbox or fixture directory and produces timestamped CSV evidence reports. |
feature-control |
capability.feature-control.evaluate |
D5/A4/C3/R3 | Evaluate whether a feature is active, hidden, disabled, or unavailable for a subject in context. |
flex-auth |
capability.authorization.policy-evaluate |
D4/A2/C2/R1 | Evaluate access decisions from policy-as-code rules for subjects, resources, and actions. |
guide-board |
capability.communication.compliance-evidence-framework |
D2/A2/C1/R0 | Framework that turns standards, conformance, regulatory, and repository-quality claims into structured, reviewable, repeatable, comparable evidence via a pluggable extension architecture. |
hub-core |
capability.infotech.hub-core-library |
D2/A1/C1/R1 | Reusable FastAPI, SQLAlchemy, and MCP primitives extracted from the State Hub for use by other FOS (Federation of Services) hubs. |
identity-canon |
capability.identity.subject-resolution |
D3/A0/C1/R0 | Resolve who or what is acting in a context by mapping principals, accounts, actors, and identifiers to a stable subject model. |
info-tech-canon |
capability.infotech.canon-service |
D2/A2/C1/R0 | Concrete service surface (CLI, importable functions, read-only local HTTP API) over the InfoTechCanon information-processing infospace, backed by infospace-bench. |
infospace-bench |
capability.communication.infospace-workspace |
D3/A1/C2/R1 | Workspace and service for creating, developing, evaluating, and inspecting structured knowledge spaces (infospaces); application-layer successor to the infospace work begun in markitect-main. |
inter-hub |
capability.infotech.interaction-hub-framework |
D3/A1/C1/R0 | Specification and reference implementation of a governed, observable interaction substrate connecting rendered UI widgets to structured feedback, requirements, decisions, implementation changes, and observed outcomes. |
issue-core |
capability.infotech.issue-tracking |
D4/A2/C2/R1 | Unified Python/CLI interface for issue tracking across Gitea, GitHub, and GitLab, preventing direct platform API usage and credential sprawl for coordinating agents. |
kaizen-agentic |
capability.agents.kaizen-framework |
D3/A2/C1/R0 | AI agency framework providing 18 specialized deployable agent instruction sets plus persistent, project-scoped memory and cross-agent coordination via a Coach meta-agent. |
key-cape |
capability.iam.key-cape |
D4/A2/C2/R1 | Lightweight-mode implementation of the NetKingdom IAM Profile (versioned OIDC/PKCE contract), orchestrating Authelia, LLDAP, and privacyIDEA so applications integrate against the profile, not against implementation internals. |
kontextual-engine |
capability.communication.context-engine |
D4/A1/C1/R0 | Headless knowledge-operations engine turning heterogeneous information assets into persistent, contextual, governed, retrievable, transformable, and agent-operable knowledge. |
llm-connect |
capability.agents.llm-connector |
D3/A2/C2/R1 | Provider-neutral Python/CLI LLM adapter library supporting OpenRouter, Gemini, OpenAI, and the Claude Code CLI out of the box, with a clean abstract interface for adding new providers. |
markitect-filter |
capability.communication.markitect-source-adapters |
D2/A1/C1/R0 | Concrete source-format adapters (EPUB3, PDF) converting external document formats into canonical Markitect Markdown, implementing the markitect-tool source adapter contract. |
markitect-main |
capability.communication.markitect-legacy-platform |
D3/A1/C1/R0 | Intelligent markdown engine and information-management platform treating documents as structured, queryable information spaces with schema validation, transclusion, and LLM-driven evaluation; the legacy umbrella now being split into markitect-tool, infospace-bench, and kontextual-engine. |
markitect-quarkdown |
capability.communication.markitect-quarkdown-adapter |
D3/A1/C1/R0 | Concrete Quarkdown render/export adapter for Markitect, mapping Markitect profiles to Quarkdown profiles and running controlled Quarkdown CLI execution plans without forking or reimplementing Quarkdown. |
markitect-tool |
capability.communication.markitect-toolkit |
D4/A2/C2/R1 | Markdown-native toolkit and CLI (mkt) for turning semi-structured Markdown into structured, queryable, reusable knowledge artifacts; syntax-layer successor to markitect-main. |
net-kingdom |
capability.security.iam-tooling-suite |
D3/A2/C1/R1 | Dynamic, self-optimizing security platform for Kubernetes-deployed IT infrastructure; owns canonical IAM/security standards and executable conformance tooling (IAM profile conformance, playbook capability contract validation, security bootstrap console). |
open-cmis-tck |
capability.cmis.tck |
D2/A1/C1/R0 | CMIS conformance-preparation extension for guide-board, keeping CMIS-specific runner code, profiles, capability mappings, and workplans outside the generic compliance framework. |
open-reuse |
capability.infotech.oss-integration-continuity |
D2/A1/C1/R0 | Turns proven open-source integrations into structured, maintainable, continuously managed assets with clear boundaries and update loops, so they remain robust and transparent as upstream evolves. |
ops-bridge |
capability.ops.tunnel-bridge |
D3/A2/C2/R1 | CLI that manages named SSH reverse tunnels keeping remote execution environments connected to the local Custodian State Hub, with auto-reconnect, health checks, and structured audit events. |
ops-warden |
capability.security.ssh-certificate-issuance |
D4/A3/C3/R2 | Issue short-lived CA-signed SSH certificates for adm, agt, and atm actors through a stable cert_command CLI interface; steward operational access routing across NetKingdom security lanes. |
phase-memory |
capability.memory.phase-planning |
D3/A1/C1/R0 | Interprets Markitect memory profiles as runtime plans, modeling memory phases and producing deterministic dry-run actions for retention, refresh, compaction, stabilization, and activation. |
railiance-apps |
capability.railiance.workload-deployment-tooling |
D3/A2/C1/R1 | S5 Workloads and Experience Endpoints layer of the Railiance OAS Stack — application Helm releases, Kubernetes workload manifests, deployment guardrails, and smoke-test/check tooling for user-facing services. |
railiance-cluster |
capability.railiance.cluster-bootstrap |
D3/A2/C1/R0 | Cluster runtime entry point of the Railiance Infrastructure-as-Code framework: from two bare Linux servers, a Git repo, and credentials, rebuilds a fully automated Kubernetes-based environment. |
railiance-enablement |
capability.railiance.ci-enablement |
D3/A2/C2/R1 | S4 Developer Enablement layer of the Railiance OAS Stack — reusable CI/CD workflow templates, developer portal paths, platform templates, SDKs, and buildpacks, using forge capabilities without owning forge runtime. |
railiance-fabric |
capability.railiance.fabric-graph |
D3/A1/C1/R0 | Models the durable infrastructure-responsibility graph of the Railiance netkingdom: schemas, discovery tools, registry services, graph queries, and State Hub export contracts for services, machines, repos, deployables, endpoints, ownership, dependencies, and bindings. |
railiance-forge |
capability.railiance.forge-infrastructure |
D3/A1/C1/R0 | Source forge, registry, and automation-runner infrastructure for Railiance, separated out from railiance-apps/railiance-enablement; covers current Gitea operation, the Forgejo migration, container/package registries, and Actions runner substrate. |
railiance-infra |
capability.railiance.infra-provisioning |
D4/A2/C2/R1 | Git-driven server provisioning and convergence for Hosteurope/Hetzner Cloud using Terraform, cloud-init, and Ansible, with SOPS+age encrypted in-repo secrets and a servers.yaml inventory as source of truth. |
railiance-platform |
capability.railiance.platform-services |
D3/A2/C1/R0 | S3 Platform Services layer of the Railiance OAS Stack — shared cluster services: PostgreSQL HA, Valkey cache, secret management, identity integration, and object storage. |
repo-scoping |
capability.agents.repo-scoping-service |
D2/A2/C1/R0 | Maps repositories from usefulness to implementation (Ability -> Capability -> Feature -> Evidence -> Code location) via a Python registry core, FastAPI HTTP API, and curator UI. |
repo-seed |
capability.infotech.repo-template |
D3/A3/C2/R2 | Bootstrap new git repositories with agent instructions, registry scaffold, and State Hub onboarding conventions. |
reuse-surface |
capability.registry.register |
D3/A4/C2/R3 | Register a new capability so it becomes visible for planning and implementation reuse. |
shard-wiki |
capability.wiki.shard-orchestration |
D5/A2/C2/R1 | Present a union of pages across heterogeneous wiki-shaped shards while preserving each shard's provenance, capabilities, and history. |
state-hub |
capability.statehub.progress-log |
D4/A4/C3/R3 | Record progress events, decisions, and session notes against workstreams and tasks in State Hub. |
the-custodian |
capability.agents.custodian-runtime-tooling |
D2/A1/C1/R0 | Generic tooling from The Custodian's runtime and ecosystem-management surface: an agent runtime framework (context, actions, tool adapters, policies) and repo-classification batch tooling used across the workstation's 61 repos. |
user-engine |
capability.identity.user-engine |
D4/A1/C2/R0 | Headless, multi-application, multi-tenant user management engine covering registration, identity/factor models, entitlement claims, hats/realms/services/assets access profiles, and onboarding journeys. |
vantage-point |
capability.graph.nbgm-spec |
D2/A0/C1/R0 | Generic system and versioned protocol specification for exploring dependency structures as network-based graph models (NBGM), unifying entity/relationship inspection and reasoning across arbitrary domains. |
vergabe-teilnahme |
capability.procurement.vergabe-teilnahme |
D1/A1/C0/R0 | Django application (with a Vite/Tailwind frontend) for managing German public-procurement (Vergabe) tender participation — Ausschreibungs- und Teilnahme-Management-System. |
whynot-design |
capability.design.whynot-system |
D3/A2/C2/R1 | Framework-agnostic visual language for whynot prototype/market-signal artefacts: design tokens, drop-in CSS, Lit-based web components usable from React/Django/Vue/plain HTML, and Django template adapters. |
All 13 explicit no-capability markers
| Repo | Reason |
|---|---|
agentic-resources |
INTENT/SCOPE are aspirational HR-for-agents vision prose; no src/, no package manifest — vision-stage only, nothing implemented to reuse. |
citation-work |
Only INTENT/SCOPE/registry/workplans describing a review workbench; no source implementing it yet. |
coordination-engine |
Ambitious coordination-framework prose in INTENT, but only history/spec/registry dirs exist — no runtime code yet. |
domain-tree |
Only registry/workplans; SCOPE explicitly defers ownership of implementation to State Hub. |
evidence-anchor |
Only INTENT/SCOPE/registry/workplans; the anchoring/highlighting layer is described but not implemented. |
evidence-binder |
Only INTENT/SCOPE/registry/workplans; the binding model is described but not implemented. |
evidence-source |
Only INTENT/SCOPE/registry/workplans; the ingestion/extraction layer is described but not implemented. |
helix-forge |
Draft-status (intent_version 0.1.0) capability-ecosystem vision; only design assets and standards docs exist, no packaged implementation. |
human-resources |
Aspirational HR-for-humans intent prose plus registry/workplans; no implementation. |
ihp-railiance-probe |
Self-described in its own INTENT as a probe, not a product — a pipeline-validation canary app, not intended for reuse. |
ops-hub |
Only a single diagnostic bootstrap-API probe script exists; the described operational-truth surface (hosts/services/incidents/runbooks) isn't implemented yet. |
tegwick-control |
Personal life/company planning notes (areas/, agent-tasks/) — a private portfolio-tracking meta-repo, not a reusable product component. |
whynot-control |
Business-signal/beta-tracking scaffolding (betas/, prototypes/, offers/, signals/) with only README stubs — no independent reusable component. |
Next steps (T05)
- Review the flagged items above, especially #1 (the-custodian confidentiality scoping).
- Spot-check a sample of entries against the actual repos if you want deeper confidence beyond this summary.
- Push the sibling-repo commits (30 repos have new commits this session; see
git log --oneline -1in each). establish --publish-checkper repo where the raw URL needs confirming.reuse-surface federation compose+ catalog + graph regeneration in this repo.- Then T06 (config-atlas 303 fix) can proceed independently.