Skip to content

Oracle Visibility

Oracle is the AncientOS kernel service for read-only evidence synthesis, operational visibility, and review. It aggregates governed artifacts, bounded documentation surfaces, runtime summaries, Rubick capability/repository evidence, Beastmaster host/runtime evidence when supplied, and architectural awareness records into structured reports for human inspection.

Oracle does not execute tools, mutate runtime state, stage files, commit, select providers, route around Lich, satisfy Zeus evidence by itself, orchestrate runtime services, launch background loops, or approve remediation. Existing deterministic paths remain authoritative.

The canonical Objective to Loop lifecycle and Oracle's lifecycle review boundary are defined in Governance Kernel.

The service surface lives in app/oracle/*:

  • app/oracle/service.py: read-only service entrypoint
  • app/oracle/reports.py: typed Oracle report models
  • app/oracle/evidence_loader.py: bounded evidence collection
  • app/oracle/evidence_index.py: deterministic evidence indexing
  • app/oracle/state_model.py: canonical operational state snapshot
  • app/oracle/readiness_graph.py: dependency/readiness graph
  • app/oracle/narration.py: evidence-backed operational narration
  • app/oracle/dashboard.py: layout-neutral report schema layer
  • app/oracle/situational_awareness.py: topology, temporal lineage, propagation, risk, bottleneck, drift, stable-state, and Zeus advisory surfaces
  • app/oracle/synthesis.py: deterministic report synthesis
  • app/oracle/rendering.py: human-readable rendering
  • app/oracle/policy.py: authority contract and fail-closed rules

Inputs

Oracle may consume already-produced governed artifacts and bounded surfaces:

  • governance previews
  • governed cognition rendering metadata surfaced beside governance previews
  • TrollWarlord execution artifacts
  • documentation drift reports
  • Keeper continuity surfaces
  • Roshan validation artifacts
  • checkpoint and reflected session state
  • operational awareness summaries
  • governed memory summaries
  • live system summaries
  • current task surfaces
  • governed architectural awareness registries
  • governed capability ontology
  • capability arbitration reports supplied by callers
  • provider contracts and readiness evidence
  • validation and replay artifacts
  • subsystem health evidence
  • topology artifacts
  • readiness history
  • degradation lineage
  • validation lineage
  • governance-event lineage
  • replay lineage
  • capability-state transitions
  • provider-state transitions
  • inference role readiness
  • provider arbitration lineage
  • blocked paid-escalation events

Output

Oracle emits oracle_visibility_report_v1, a deterministic JSON-safe report with:

  • authority contract
  • bounded observations
  • human review recommendations
  • replay hash
  • audit notes confirming no execution and no mutation

Governed cognition rendering in Discord preview output is display-only. It may show governance interpretation, advisory-only planner posture, disabled execution/routing/memory influence, replay and boundary status, fail-closed state, and chain-of-thought disclosure status. It does not create buttons, approvals, routes, executor choices, write permissions, confirmation payloads, or task rows.

Oracle recommendations are observational. Remediation remains routed through human review, Lich approval, Kunkka/Tinker execution paths, Roshan validation, and Underlord only when paid escalation is explicitly requested.

The standalone Oracle service also emits human-readable reports with separated sections:

  • verified facts
  • inferred readiness
  • warnings
  • advisory recommendations

Objective Lifecycle Review

Oracle Objective Lifecycle Review is a separate, narrower review surface for a single governed objective. It answers objective-specific lifecycle questions such as why an objective is blocked, what evidence is missing, what approval is missing, what capabilities are missing, and whether lifecycle completeness is high enough to proceed.

Unlike Oracle Visibility Review, which summarizes broad operational posture, Objective Lifecycle Review walks the objective through the canonical chain: User Intent, Objective Context Resolution, Keeper Objective, Strategy Selection, Loop Manifest, Loop Proposal, Lifecycle Inspection, Oracle Review, Zeus Evidence, Lich Approval, optional Clockwerk Scheduling, optional LegionCommander / Creep Dispatch, Loop Trace, and optional LifeVault Retention.

The surface is advisory only. It can inspect, summarize, score, and recommend next inspections. It cannot execute, schedule, approve, dispatch, mutate, retain memory, repair artifacts, or create approval packets.

Lifecycle completeness is deterministic. The canonical stages are scored in a fixed order, with complete, explicitly not-required, none, disabled, and not-applicable stages contributing one point. Missing, invalid, blocked, pending, unavailable, unsafe, denied, and changes-required stages contribute zero points. The percentage uses integer floor division.

Report Types

Oracle can render:

  • current capability summary
  • roadmap readiness report
  • architectural debt report
  • runtime coupling report
  • governance layer inventory
  • subsystem topology summary
  • current operational state summary
  • safest next roadmap direction
  • recently added capability summary
  • unresolved blockers and risks
  • operational readiness graph
  • degradation summary
  • constitutional visibility summary
  • execution-boundary summary
  • transport-neutral dashboard schema surface
  • operational situation report
  • topology health report
  • governance risk report
  • dependency propagation report
  • operational narrative report
  • readiness drift report
  • stable-state comparison report
  • bottleneck analysis report
  • workflow-state report
  • dependency coordination report
  • coordination proposal report
  • capability composition report
  • coordination simulation report
  • governance friction report
  • operational recovery report
  • coordination risk report
  • governed inference readiness report

The dashboard schema is not a frontend. It defines layout-neutral cards, panels, metrics, and visualization contracts. Interfaces render those contracts; they do not own readiness semantics, governance interpretation, or operational cognition.

Authority Contract

Oracle is not a source of truth and is not an executor. It is a visibility plane over bounded evidence.

Forbidden Oracle actions include:

  • tool execution
  • runtime state mutation
  • file writes, staging, or commits
  • confirmation approval
  • Lich bypass
  • background loops
  • autonomous scheduling
  • automatic drift reconciliation

Missing or ambiguous evidence produces warnings. It does not produce guesses, silent roadmap updates, repaired docs, or promoted capability claims.

Relationship To Architectural Awareness

The Governed Architectural Awareness layer supplies capability, roadmap, dependency, subsystem, coupling, governance, debt, and drift evidence. Oracle uses that layer as an input source and renders it for operators. Oracle does not own the registries and cannot mutate them.

Relationship To Capability Arbitration

Oracle can interpret governed capability contracts, provider bindings, degradation semantics, approval requirements, safety classes, simulation eligibility, replayability metadata, constitutional risk hooks, and inference arbitration surfaces. It may answer which inference roles are available, which providers are degraded, whether frontier inference is currently allowed, which roles require Underlord approval, why a provider was selected or denied, and which fallback path exists.

When a caller supplies a capability arbitration report, Oracle can explain why a capability was allowed, blocked, degraded, denied, or redirected to a safer alternative. Oracle cannot select a provider, approve paid escalation, invoke a model, promote model output to truth, bypass deterministic routing, perform arbitration side effects, or turn an advisory explanation into execution authority.

Relationship To Runtime Cognitive State

Runtime Cognitive State remains the bounded operational continuity layer. Oracle may summarize current operational state, but runtime state is not execution authority and Oracle cannot use it to approve work, continue work, or bypass clarification-before-action semantics.

Relationship To Coordination Cognition

Oracle can inspect the governed coordination cognition substrate in app/coordination/*. It may render workflow-state synthesis, dependency coordination findings, coordination proposals, capability-composition findings, simulation comparisons, governance-friction reports, operational recovery proposals, replay continuity risks, and constitutional coordination-risk warnings.

Oracle remains advisory-only and non-executing. Coordination reports do not grant Oracle approval authority, remediation authority, scheduling authority, transport ownership, provider ownership, or workflow execution authority.

Governed Situational Awareness

Late-stage Era 7 upgrades Oracle from operational reporting into a bounded operational-awareness substrate. The awareness surfaces are deterministic reports, not authority sources:

  • OperationalTopology models subsystems, providers, transports, capability domains, governance domains, execution lanes, readiness dependencies, continuity dependencies, replay dependencies, validation dependencies, and escalation boundaries as inspectable graph nodes and edges.
  • OperationalSituationReport summarizes current readiness, governance posture, replay posture, and stable-state availability.
  • TopologyHealthReport validates topology integrity and fails closed on missing dependency nodes.
  • DependencyPropagationReport explains cascading degradation, replay invalidation, provider impact, governance-boundary blockage, execution-lane degradation, and validation-health degradation paths.
  • OperationalNarrativeReport reconstructs bounded event lineage from supplied snapshots and evidence artifacts. It does not depend on transcript memory.
  • GovernanceRiskReport surfaces transport-cognition leakage, provider-authority drift, autonomy creep, governance bypass risk, replayability violations, capability-contract violations, hidden-state accumulation, unsafe dependency coupling, authority-boundary erosion, and deterministic-boundary violations as warnings only.
  • BottleneckAnalysisReport identifies blocked workflows, approval bottlenecks, degraded providers, missing validation artifacts, dependency congestion, unresolved continuity chains, execution-lane saturation, and governance friction points. It may propose safe inspections only.
  • ReadinessDriftReport and StableStateComparisonReport compare current state to replay-safe baselines and last known healthy snapshots.

All awareness reports include replay hashes and explicit advisory-only fields. They do not execute, approve, repair, schedule, mutate, or transfer authority to Zeus, Underlord, transports, providers, or execution lanes.

Future Zeus Advisory Inputs

Oracle can prepare Zeus advisory hooks for constitutional risk surfaces, topology drift warnings, readiness degradation chains, operational bottleneck analysis, governance-boundary erosion warnings, provider-overreach analysis, and replayability integrity warnings.

Coordination cognition also prepares future Zeus advisory hooks for unsafe coordination chains, recursive coordination warnings, governance erosion, unstable sequencing, replay instability, and dependency-collapse warnings.

These hooks are metadata only. They set authority_transfer=false and execution_coupling=false; Zeus remains responsible for any future governed supervision workflow and cannot derive execution authority from Oracle output.

Runtime Routing

Plain-English requests such as "Oracle, what is our current state?", "What should we focus on next?", "What is blocking the roadmap?", "What architectural debt remains?", and "What changed recently?" route to Oracle read-only reports. Discord remains only an adapter; the runtime kernel returns render payloads.

Operational cognition routing also recognizes Luna operator-console requests such as "What is the current operational posture?", "What workflows are blocked?", "Show replay continuity", "What capabilities are available?", and "What governance boundaries exist?". These render through the operational console surface and Oracle reports rather than governance preview staging.

Anti-Patterns Avoided

  • Oracle as hidden executive authority.
  • Oracle as source of truth.
  • Docs-only claims promoted to capabilities.
  • Roadmap cognition mutating roadmap state.
  • Visibility reports approving confirmations.
  • Runtime summaries launching remediation.
  • Discord-owned Oracle logic.
  • Coordination proposals promoted into execution without separate human authorization.