Skip to content

v0.13: Insights, Packaging, And Public Trust [COMPLETED]

Implementation Status

  • [x] docs/release-notes/checklist.md exists.
  • [x] docs/security.md documents the current sandbox, policy, and secret-handling surfaces.
  • [x] docs/install-matrix.md exists for Linux, macOS, and Windows/WSL setup paths.
  • [x] InsightsEngine exists for session/model/platform/tool overview.
  • [x] Provider stats, failed-call parsing, skill usage, and guest-enforcement changes are implemented.
  • [x] Dedicated tests cover provider stats, failed-call parsing, skill usage formatting, guest enforcement, and default profile setup.

Goal

Make the project installable, inspectable, and safe enough for users outside the founder setup.

Scope

  • Add insights for sessions, channels, tools, skills, models, providers, tokens, cost estimates, and failed calls.
  • Clean install matrix for Linux, macOS, and Windows/WSL.
  • Separate owner profile vs guest/default profile.
  • Add release checklist for backend, bridge, Web UI, docs, service files, and config migration.
  • Expand security docs for sandbox, trusted roots, channel allowlists, tool approval policy, secrets, service environment, and memory/profile review.
  • Keep docs focused on product surfaces; workflow reports stay under department/report docs.

Module Targets

  • backend/agent/g_agent/observability/insights.py
  • backend/agent/g_agent/observability/
  • deploy/
  • docs/install-matrix.md
  • docs/security.md
  • docs/operations.md
  • docs/release-notes/

Acceptance Criteria

  • [x] Owner can inspect runtime activity without reading raw logs.
  • [x] Install docs are simple across Linux, macOS, and Windows/WSL.
  • [x] Release checklist exists before tags.
  • [x] Security docs describe the current code behavior.
  • [x] Guest/default profile is clearly separated from owner profile in code.
  • [x] Provider, skill, and failed-call insights are covered by focused tests.

References

  • hermes-agent-ref/agent/insights.py

Agent Handoff

Current G-Agent State

  • observability/metrics.py already records LLM calls, tool calls, memory recall, and cron runs.
  • observability/http_server.py exists.
  • observability/insights.py exists.
  • Deploy scripts live under deploy/.
  • Docs already include install matrix, configuration, operations, troubleshooting, security, release notes, release checklist, and MkDocs navigation.
  • Security tests already exist.
  • v0.13 coverage now includes insights, profile separation, guest tool enforcement, and public trust docs.

Implementation Strategy

Turn existing metrics and docs into public trust surfaces.

Recommended shape:

  • insights.py: aggregate sessions + metrics + channel status.
  • /status and future Web UI should consume insights.
  • Release checklist should live in docs and be used before tags.

Implementation Slices

  1. Add insights aggregator.
  2. session counts from v0.2 store
  3. channel activity
  4. tool usage
  5. provider/model usage
  6. failed calls
  7. Add /insights or enrich /status.
  8. Clean install matrix.
  9. Linux, macOS, Windows/WSL only.
  10. Avoid distro-specific noise unless genuinely required.
  11. Add release checklist.
  12. backend checks
  13. bridge checks
  14. docs build
  15. security/dependabot review
  16. config migration notes
  17. Audit docs against code before release.

Tests

  • test_insights.py
  • test_install_docs_links.py if docs link checking exists later.
  • Existing mkdocs strict build.

Guardrails

  • Do not claim features not implemented.
  • Do not let internal department reports appear in public nav unless intended.
  • Do not duplicate setup detail in README when MkDocs owns it.
  • Keep security docs matched to actual code behavior.

First PR Boundary

Insights aggregator + /status enrichment + release checklist doc.