Rust Sentinel Module + Provider-Scoped ModelRegistry + ModelCapabilities Type System

CLAUDE.md

@@ -403,6 +403,42 @@ sleep 10
 ./jtag ai/report                       # AI performance metrics
 ```
 
+### Persona Logging (Cognition Visibility)
+
+Persona logging is **opt-in** and controlled by `.continuum/logging.json`. Categories include `cognition` (thought process, tool decisions, agent loop traces) and `hippocampus` (memory/recall).
+
+**Config file** (`.continuum/logging.json`):
+```json
+{
+  "version": 1,
+  "defaults": { "enabled": true, "categories": ["cognition"] },
+  "personas": {
+    "helper": { "enabled": true, "categories": ["cognition"] }
+  },
+  "system": { "enabled": true, "categories": [] }
+}
+```
+
+**Commands**:
+```bash
+# Enable logging for a persona (persists to logging.json)
+./jtag logging/enable --persona="helper" --category="cognition"
+
+# Disable logging for a persona
+./jtag logging/disable --persona="helper"
+
+# Show logging status for all personas
+./jtag logging/status
+
+# Show logging status for a specific persona
+./jtag logging/status --persona="helper"
+```
+
+**Log locations**:
+- Per-persona cognition: `.continuum/jtag/logs/personas/<persona>/cognition.log`
+- AI provider routing: `.continuum/jtag/logs/system/modules/ai_provider.log`
+- Prompt captures (full LLM req/res): `.continuum/jtag/logs/prompt-captures.jsonl`
+
 ### System Logs
 ```bash
 tail -f .continuum/sessions/user/shared/*/logs/server.log

src/debug/jtag/.doc-staging/persona/sentinel-architecture.md

@@ -594,13 +594,190 @@ const CODE_SENTINEL_PERMISSIONS: SentinelPermissions = {
 
 ---
 
+## Runtime Execution Model
+
+### Workspace Structure
+
+All sentinel execution happens within `.continuum/jtag/`:
+
+```
+.continuum/jtag/
+├── logs/system/
+│   ├── sentinels/                    # All sentinel logs here
+│   │   ├── {handle}/
+│   │   │   ├── stdout.log
+│   │   │   ├── stderr.log
+│   │   │   ├── combined.log
+│   │   │   └── steps.jsonl           # Step-by-step results
+│   │   └── index.log                 # Sentinel start/stop events
+│   └── ...
+├── sentinels/
+│   ├── workspaces/                   # Sentinel scratch space
+│   │   └── {handle}/
+│   │       ├── output/               # Files sentinel creates
+│   │       ├── metadata.json         # Pipeline definition, permissions
+│   │       └── results.json          # Final step results
+│   └── definitions/                  # Saved sentinel definitions
+│       └── {id}.json
+└── ...
+```
+
+**Key principle**: Sentinels write to their workspace by default. Access outside requires explicit permission.
+
+---
+
+### Filesystem Permission Model
+
+```typescript
+interface SentinelFilesystemConfig {
+  // Static whitelist (declared in pipeline definition)
+  read: string[];                     // Glob patterns: ["src/**/*.ts", "package.json"]
+  write: string[];                    // Default: ["$workspace/**"]
+  execute: string[];                  // Commands: ["npm", "cargo", "git"]
+
+  // Dynamic access
+  requestDynamic: boolean;            // Can request more at runtime
+  autoApprove: string[];              // Auto-approve patterns: ["$workspace/**"]
+}
+```
+
+**Default sandbox**: Sentinels can ONLY write to `$workspace` (their handle's directory) unless explicitly granted more.
+
+---
+
+### Event-Based Permission Requests (Non-Blocking)
+
+When a sentinel needs access outside its sandbox:
+
+```
+Step needs /some/external/path
+  │
+  ├─→ emit: "sentinel:{handle}:permission:request"
+  │     payload: { path: "/some/external/path", access: "write", reason: "Save analysis" }
+  │
+  ├─→ Sentinel continues with other steps (NON-BLOCKING)
+  │     OR marks step as "waiting:permission" and moves on
+  │
+  ├─→ User/system responds:
+  │     emit: "sentinel:{handle}:permission:response"
+  │     payload: { path: "/some/external/path", granted: true, expires: "2026-02-14T12:00:00Z" }
+  │
+  └─→ Sentinel receives permission, executes deferred step
+```
+
+**No blocking waits.** Everything is handles, events, commands.
+
+---
+
+### Handle-Based Execution
+
+Every sentinel execution returns a handle immediately:
+
+```typescript
+interface SentinelHandle {
+  id: string;                         // e.g., "aeb8fb01"
+  status: 'running' | 'completed' | 'failed' | 'cancelled' | 'waiting';
+  progress: number;                   // 0-100
+  currentStep?: number;
+  totalSteps?: number;
+
+  // Workspace paths
+  workspace: string;                  // .continuum/jtag/sentinels/workspaces/{handle}/
+  logsDir: string;                    // .continuum/jtag/logs/system/sentinels/{handle}/
+
+  // Timing
+  startTime: number;
+  endTime?: number;
+
+  // Results
+  exitCode?: number;
+  error?: string;
+  stepResults?: StepResult[];         // Available after completion
+}
+```
+
+**Query via**: `sentinel/status --handle={id}`
+**Results via**: `sentinel/results --handle={id}` (returns step outputs)
+
+---
+
+### Step Result Storage
+
+Each step's output is captured and stored:
+
+```typescript
+interface StepResult {
+  stepIndex: number;
+  stepType: 'shell' | 'llm' | 'command' | 'condition' | 'loop';
+  success: boolean;
+  durationMs: number;
+
+  // Outputs
+  output?: string;                    // stdout or LLM response
+  error?: string;                     // stderr or error message
+  exitCode?: number;                  // For shell steps
+  data?: any;                         // Structured result data
+}
+```
+
+Results written to:
+- `.continuum/jtag/logs/system/sentinels/{handle}/steps.jsonl` (streaming)
+- `.continuum/jtag/sentinels/workspaces/{handle}/results.json` (final)
+
+---
+
+### Concurrent Execution Limits
+
+```typescript
+interface SentinelRuntimeLimits {
+  maxConcurrentSentinels: number;     // e.g., 4
+  maxStepsPerPipeline: number;        // e.g., 100
+  maxStepTimeout: number;             // e.g., 300_000 (5 min)
+  maxPipelineTimeout: number;         // e.g., 3600_000 (1 hour)
+
+  // Resource limits per sentinel
+  maxMemoryMb: number;                // e.g., 512
+  maxDiskMb: number;                  // e.g., 1024 (workspace size)
+  maxOpenFiles: number;               // e.g., 100
+}
+```
+
+---
+
+### Inter-Sentinel Communication
+
+Sentinels can emit events for other sentinels:
+
+```typescript
+// Pipeline step to emit event
+{
+  type: 'emit',
+  event: 'codeanalysis:complete',
+  data: '{{steps.2.output}}'          // Variable interpolation
+}
+
+// Another sentinel triggers on this
+{
+  trigger: {
+    type: 'event',
+    event: 'codeanalysis:complete'
+  }
+}
+```
+
+**Pattern**: Sentinels coordinate via events, not direct calls.
+
+---
+
 ## Implementation Roadmap
 
 ### Phase 1: Foundation
 1. ✅ Create SentinelUser base class (extends PersonaUser)
-2. ⏭️ Implement tool registry for sentinel access
-3. ⏭️ Create trigger system (events, schedules, requests)
-4. ⏭️ Build permissions system
+2. ✅ Implement Rust SentinelModule with pipeline execution
+3. ⏭️ Move logs to `.continuum/jtag/logs/system/sentinels/`
+4. ⏭️ Add step result storage and `sentinel/results` command
+5. ⏭️ Implement workspace isolation (default sandbox)
+6. ⏭️ Build event-based permission request system
 
 ### Phase 2: First Sentinel
 5. ⏭️ Implement CodeSentinel (simplest, most useful)

src/debug/jtag/browser/generated.ts

@@ -1,7 +1,7 @@
 /**
  * Browser Structure Registry - Auto-generated
  *
- * Contains 11 daemons and 204 commands and 2 adapters and 28 widgets.
+ * Contains 11 daemons and 205 commands and 2 adapters and 28 widgets.
  * Generated by scripts/generate-structure.ts - DO NOT EDIT MANUALLY
  */
 
@@ -26,6 +26,7 @@ import { AgentListBrowserCommand } from './../commands/agent/list/browser/AgentL
 import { AgentStartBrowserCommand } from './../commands/agent/start/browser/AgentStartBrowserCommand';
 import { AgentStatusBrowserCommand } from './../commands/agent/status/browser/AgentStatusBrowserCommand';
 import { AgentStopBrowserCommand } from './../commands/agent/stop/browser/AgentStopBrowserCommand';
+import { AiAgentBrowserCommand } from './../commands/ai/agent/browser/AiAgentBrowserCommand';
 import { BagOfWordsBrowserCommand } from './../commands/ai/bag-of-words/browser/BagOfWordsBrowserCommand';
 import { AiContextSearchBrowserCommand } from './../commands/ai/context/search/browser/AiContextSearchBrowserCommand';
 import { AiContextSliceBrowserCommand } from './../commands/ai/context/slice/browser/AiContextSliceBrowserCommand';
@@ -361,6 +362,11 @@ export const BROWSER_COMMANDS: CommandEntry[] = [
     className: 'AgentStopBrowserCommand',
     commandClass: AgentStopBrowserCommand
   },
+{
+    name: 'ai/agent',
+    className: 'AiAgentBrowserCommand',
+    commandClass: AiAgentBrowserCommand
+  },
 {
     name: 'ai/bag-of-words',
     className: 'BagOfWordsBrowserCommand',

src/debug/jtag/commands/adapter/adopt/shared/AdapterAdoptTypes.ts

@@ -6,6 +6,7 @@
 
 import type { CommandParams, CommandResult, JTAGContext, CommandInput} from '@system/core/types/JTAGTypes';
 import { createPayload, transformPayload } from '@system/core/types/JTAGTypes';
+import { SYSTEM_SCOPES } from '@system/core/types/SystemScopes';
 import type { UUID } from '@system/core/types/CrossPlatformUUID';
 import { Commands } from '../../../../system/core/shared/Commands';
 
@@ -46,6 +47,7 @@ export const createAdapterAdoptParams = (
     personaId?: string;
   }
 ): AdapterAdoptParams => createPayload(context, sessionId, {
+  userId: SYSTEM_SCOPES.SYSTEM,
   scale: data.scale ?? 0,
   traitType: data.traitType ?? '',
   personaId: data.personaId ?? '',
@@ -95,6 +97,7 @@ export const createAdapterAdoptResult = (
     error?: AdapterAdoptError;
   }
 ): AdapterAdoptResult => createPayload(context, sessionId, {
+  userId: SYSTEM_SCOPES.SYSTEM,
   adapterId: data.adapterId ?? '',
   layerId: data.layerId ?? '',
   personaId: data.personaId ?? '',

src/debug/jtag/commands/adapter/search/shared/AdapterSearchTypes.ts

@@ -6,6 +6,7 @@
 
 import type { CommandParams, CommandResult, JTAGContext, CommandInput} from '@system/core/types/JTAGTypes';
 import { createPayload, transformPayload } from '@system/core/types/JTAGTypes';
+import { SYSTEM_SCOPES } from '@system/core/types/SystemScopes';
 import type { JTAGError } from '@system/core/types/ErrorTypes';
 import type { UUID } from '@system/core/types/CrossPlatformUUID';
 import { Commands } from '../../../../system/core/shared/Commands';
@@ -87,6 +88,7 @@ export const createAdapterSearchParams = (
     sort?: AdapterSortBy;
   }
 ): AdapterSearchParams => createPayload(context, sessionId, {
+  userId: SYSTEM_SCOPES.SYSTEM,
   ...data
 });
 
@@ -129,6 +131,7 @@ export const createAdapterSearchResult = (
     error?: JTAGError;
   }
 ): AdapterSearchResult => createPayload(context, sessionId, {
+  userId: SYSTEM_SCOPES.SYSTEM,
   results: data.results ?? [],
   totalCount: data.totalCount ?? 0,
   query: data.query ?? '',

src/debug/jtag/commands/adapter/try/shared/AdapterTryTypes.ts

@@ -6,6 +6,7 @@
 
 import type { CommandParams, CommandResult, JTAGContext, CommandInput} from '@system/core/types/JTAGTypes';
 import { createPayload, transformPayload } from '@system/core/types/JTAGTypes';
+import { SYSTEM_SCOPES } from '@system/core/types/SystemScopes';
 // Simple error type for result transport
 export interface AdapterTryError {
   type: string;
@@ -45,6 +46,7 @@ export const createAdapterTryParams = (
     maxTokens?: number;
   }
 ): AdapterTryParams => createPayload(context, sessionId, {
+  userId: SYSTEM_SCOPES.SYSTEM,
   scale: data.scale ?? 0,
   maxTokens: data.maxTokens ?? 0,
   ...data
@@ -93,6 +95,7 @@ export const createAdapterTryResult = (
     error?: AdapterTryError;
   }
 ): AdapterTryResult => createPayload(context, sessionId, {
+  userId: SYSTEM_SCOPES.SYSTEM,
   adapterId: data.adapterId ?? '',
   baselineOutput: data.baselineOutput ?? '',
   adapterOutput: data.adapterOutput ?? '',

src/debug/jtag/commands/ai/adapter/test/server/AdapterTestServerCommand.ts

@@ -422,12 +422,12 @@ export class AdapterTestServerCommand extends CommandBase<AdapterTestParams, Asy
       }
 
       result.success = true;
-      result.responseTime = Date.now() - startTime;
-      console.log(`  ✅ Passed (${result.responseTime}ms)`);
+      result.responseTimeMs = Date.now() - startTime;
+      console.log(`  ✅ Passed (${result.responseTimeMs}ms)`);
     } catch (error) {
       result.success = false;
       result.error = error instanceof Error ? error.message : String(error);
-      result.responseTime = Date.now() - startTime;
+      result.responseTimeMs = Date.now() - startTime;
       console.log(`  ❌ Failed: ${result.error}`);
     }
 

src/debug/jtag/commands/ai/adapter/test/shared/AdapterTestTypes.ts

@@ -49,7 +49,7 @@ export interface CapabilityTestResult {
   supported: boolean;
   tested: boolean;
   success?: boolean;
-  responseTime?: number;
+  responseTimeMs?: number;
   error?: string;
   details?: unknown;
 }