chore: finalize docs sync, repo-wide refactor, and bump version to 0.1.4

Author: 01rabbit

AGENTS.md

@@ -27,9 +27,9 @@ Use this file to keep AI-assisted changes small, scoped, and consistent with the
 
 ## Project Status & Roadmap
 
-### Current Focus: JES Operator Interface — Post-Unification Stabilization and Pi Zero 2 W Validation Planning
+### Current Focus: Unified JES Operator Surface Hardening and Documentation Consistency
 
-The JES Operator Interface unification work is now merged into **`main`**. The current focus is stabilizing the unified operator experience, preserving WebUI/TUI terminology parity, continuing follow-on work without reintroducing branch-specific assumptions, and preparing the Raspberry Pi Zero 2 W target-hardware validation track. Design concept: *政府機関・軍 × DEFCONハッカー* — institutional structure with terminal-hacker aesthetic.
+The JES Operator Interface unification work is merged into **`main`** and the Raspberry Pi Zero 2 W validation issue track (`#89` through `#94`) is completed. The current focus is stability maintenance of the unified operator experience, preserving WebUI/TUI terminology parity, and keeping implementation and documentation synchronized without reintroducing branch-specific assumptions. Design concept: *政府機関・軍 × DEFCONハッカー* — institutional structure with terminal-hacker aesthetic.
 
 ### Active Branch
 
@@ -39,18 +39,12 @@ The JES Operator Interface unification work is now merged into **`main`**. The c
 
 Target: maintain and harden the unified JES operator surface on `main`.
 
-### Other Open Priority Issues
+### Priority Tracking Status
 
-- `#89`: Tracking issue for the Raspberry Pi Zero 2 W remote field-test harness and validation workflow.
-- `#90`: Phase 1 — remote harness skeleton and safe execution contract.
-- `#91`: Phase 2 — repository synchronization and remote Python environment preparation.
-- `#92`: Phase 3 — system inventory, import baseline, and CLI baseline measurements.
-- `#93`: Phase 4 — vault, KDF, object-cue, WebUI, and TUI viability probes.
-- `#94`: Phase 5 — structured result artifacts and operator documentation.
+- Pi Zero 2 W remote field-test harness and validation workflow issues (`#89` through `#94`) are completed and retained as traceability references.
+- New implementation priorities should be tracked as separate issues and reflected here only while actively in progress.
 
-These issues define the current target-hardware validation implementation track. They do not mean Raspberry Pi Zero 2 W validation has already been completed.
-
-Historical roadmap detail, completed milestone history, and the WebUI redesign sequence are maintained in `docs/ROADMAP_HISTORY.md`. Keep this file focused on active context, not long-form project history.
+Historical roadmap detail, completed milestone history, and the WebUI redesign sequence are maintained in `docs/ROADMAP_HISTORY.md`. Keep this file focused on active context and operating constraints, not long-form project history.
 
 ---
 

CHANGELOG.md

@@ -9,6 +9,18 @@ and this project follows SemVer-style release intent for documented interfaces.
 
 No unreleased entries.
 
+## [0.1.4] - 2026-05-10
+
+### Changed
+
+- Project guidance documents synchronized after issue-track completion, including AGENTS status updates and readiness-plan consistency fixes.
+- Repository-wide Python formatting refactor applied across `src/`, `tests/`, and `scripts/` using Ruff formatter.
+- README and Pi Zero 2 W workflow documentation cleaned up for duplicate or stale status wording.
+
+### Security
+
+- Existing local-only boundary, restricted-action constraints, and neutral capture-visible language policies were preserved during refactor and documentation consolidation.
+
 ## [0.1.3] - 2026-05-10
 
 ### Added

README.md

@@ -2,12 +2,55 @@
 
 ![Phasmid logo](images/Phasmid_banner.jpg)
 
-Phasmid is a field-evaluation prototype for local-only coercion-aware storage.
-
-It is the reference implementation of the Janus Eidolon System, a two-slot local storage architecture designed to separate visible disclosure from protected local state under practical risks such as device seizure, compelled access, and over-disclosure.
+[![CI](https://github.com/01rabbit/Phasmid/actions/workflows/ci.yml/badge.svg)](https://github.com/01rabbit/Phasmid/actions/workflows/ci.yml)
+[![Python](https://img.shields.io/badge/python-3.10%2B-blue)](https://www.python.org/)
+[![License](https://img.shields.io/badge/license-Apache%202.0-blue)](LICENSE)
+[![code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
+[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+[![mypy](https://www.mypy-lang.org/static/mypy_badge.svg)](https://mypy-lang.org/)
+[![security: bandit](https://img.shields.io/badge/security-bandit-yellow.svg)](https://github.com/PyCQA/bandit)
+[![status: research prototype](https://img.shields.io/badge/status-research%20prototype-orange)](docs/CLAIMS.md)
+[![local-only](https://img.shields.io/badge/operation-local--only-lightgrey)](docs/THREAT_MODEL.md)
+[![Security Policy](https://img.shields.io/badge/security-policy-informational)](SECURITY.md)
+
+Phasmid is a field-evaluation prototype for local-only coercion-aware storage. It is the reference implementation of the Janus Eidolon System, a two-slot local storage architecture designed to separate visible disclosure from protected local state under practical risks such as device seizure, compelled access, and over-disclosure.
 
 Phasmid is research software. It is not a replacement for full-disk encryption, hardware-backed key storage, an audited classified-data handling system, or a complete solution to compelled disclosure.
 
+**Who this is for:** security researchers, field-risk evaluators, and operators running local controlled-disclosure experiments. It is not a general-purpose file encryption tool.
+
+## Architecture Overview
+
+![Phasmid Architecture Overview](images/architecture_v1.png)
+
+Access flow, two-slot storage, coercion defense, and local-only boundary.
+See [`docs/PHASMID_ARCHITECTURE.md`](docs/PHASMID_ARCHITECTURE.md) for detail.
+
+## Quick Start
+
+```bash
+git clone https://github.com/01rabbit/Phasmid.git
+cd Phasmid
+./phasmid            # creates .venv, installs deps, opens TUI
+```
+
+On first run, `./phasmid` sets up the virtual environment automatically. You should see the TUI Operator Console (the ASCII panel shown in the TUI section below). From there, press `c` to create a Vessel and `g` for a guided walkthrough.
+
+If the TUI does not open, run `phasmid doctor` to diagnose environment issues.
+
+## Requirements
+
+| Requirement | Detail |
+|---|---|
+| Python | 3.10 or later |
+| OS | Linux, macOS (development); Raspberry Pi OS Bookworm/Bullseye (deployment) |
+| Hardware | x86-64 laptop/desktop for development; Raspberry Pi Zero 2 W for field deployment |
+| Camera (optional) | Picamera2 / libcamera — required only for object-cue matching on Pi |
+| WebUI (optional) | Any modern browser; intended for localhost or USB gadget Ethernet access only |
+| LUKS (optional) | Linux kernel with dm-crypt — required for the optional LUKS2 storage layer |
+
+For Raspberry Pi deployment, `python3-picamera2` and `python3-libcamera` must be installed via apt before running the bootstrap script.
+
 ## What It Does
 
 - Creates an encrypted `vault.bin` container.
@@ -83,8 +126,6 @@ The path from field-evaluation prototype to operational solution is:
 6. record validation results for each release;
 7. publish only claims that are covered by tests or documented limits.
 
-Run the WebUI in Field Mode by setting `PHASMID_FIELD_MODE=1`. Field Mode reduces normal exposure in capture-visible workflows, but Field Mode is not a security boundary.
-
 Until those validation gates are completed on target hardware, Phasmid should be described as a field-evaluation prototype. After those gates are completed and recorded, it can be described as a local coercion-aware storage appliance for the validated deployment conditions.
 
 The Raspberry Pi Zero 2 W remote SSH field-test harness implementation is tracked in GitHub issues `#89` through `#94`, and runnable scripts are available under `scripts/pi_zero2w/`. Harness availability alone is not evidence of validation; validation status is established by recorded results in `docs/REVIEW_VALIDATION_RECORD.md`.
@@ -173,7 +214,7 @@ Threat model and security review documents:
 
 - [`docs/THREAT_MODEL.md`](docs/THREAT_MODEL.md) — authoritative threat model (adversaries, assets, attack surfaces, threat scenarios, non-goals)
 - [`docs/COERCION_SAFE_DELAYING.md`](docs/COERCION_SAFE_DELAYING.md) — coercion-safe delaying architecture (standby and disclosure-support workflow)
-- `docs/THREAT_ANALYSIS_STRIDE.md` — full STRIDE analysis cross-referencing the threat model
+- [`docs/THREAT_ANALYSIS_STRIDE.md`](docs/THREAT_ANALYSIS_STRIDE.md) — full STRIDE analysis cross-referencing the threat model
 - [`docs/CLAIMS.md`](docs/CLAIMS.md) — inventory of project claims with verification status
 - [`docs/NON_CLAIMS.md`](docs/NON_CLAIMS.md) — explicit non-claims and rationale
 - [`docs/KEY_LIFECYCLE.md`](docs/KEY_LIFECYCLE.md) — key-material lifecycle audit summary and persistence boundaries
@@ -188,18 +229,16 @@ Threat model and security review documents:
 
 Operational review and deployment guidance can be found in:
 
-- `docs/SOURCE_SAFE_WORKFLOW.md`
-- `docs/SEIZURE_REVIEW_CHECKLIST.md`
-- `docs/FIELD_TEST_PROCEDURE.md`
-- `docs/REVIEW_VALIDATION_RECORD.md`
-- `docs/SOLUTION_READINESS_PLAN.md`
-- `docs/JANUS_EIDOLON_SYSTEM.md`
-- `docs/PHASMID_ARCHITECTURE.md`
-- `docs/OPERATIONS.md`
-- `docs/RESTRICTED_ACTIONS.md`
-- `docs/STATE_RECOVERY.md`
-
-Target-hardware validation workflow implementation for Raspberry Pi Zero 2 W is tracked in GitHub issues `#89` through `#94`. Recorded validation results for the documented Pi Zero 2 W deployment conditions are available in `docs/REVIEW_VALIDATION_RECORD.md`.
+- [`docs/SOURCE_SAFE_WORKFLOW.md`](docs/SOURCE_SAFE_WORKFLOW.md)
+- [`docs/SEIZURE_REVIEW_CHECKLIST.md`](docs/SEIZURE_REVIEW_CHECKLIST.md)
+- [`docs/FIELD_TEST_PROCEDURE.md`](docs/FIELD_TEST_PROCEDURE.md)
+- [`docs/REVIEW_VALIDATION_RECORD.md`](docs/REVIEW_VALIDATION_RECORD.md)
+- [`docs/SOLUTION_READINESS_PLAN.md`](docs/SOLUTION_READINESS_PLAN.md)
+- [`docs/JANUS_EIDOLON_SYSTEM.md`](docs/JANUS_EIDOLON_SYSTEM.md)
+- [`docs/PHASMID_ARCHITECTURE.md`](docs/PHASMID_ARCHITECTURE.md)
+- [`docs/OPERATIONS.md`](docs/OPERATIONS.md)
+- [`docs/RESTRICTED_ACTIONS.md`](docs/RESTRICTED_ACTIONS.md)
+- [`docs/STATE_RECOVERY.md`](docs/STATE_RECOVERY.md)
 
 This README is part of the authoritative appliance deployment guide and review workflow. Release Review Artifacts are generated by the CI pipeline to support review. This is not a validated cryptographic-module certification.
 
@@ -222,10 +261,6 @@ python3 scripts/generate_release_artifacts.py \
 
 This writes `MANIFEST.sha256`, `sbom.cyclonedx.json`, `release-summary.json`, and `MANIFEST.sha256.sig` when signing is enabled.
 
-Phasmid non-claims are maintained in:
-
-- [`docs/NON_CLAIMS.md`](docs/NON_CLAIMS.md)
-
 ## Repository Layout
 
 ```text
@@ -473,6 +508,8 @@ python -m uvicorn phasmid.web_server:app --host 0.0.0.0 --port 8000
 
 When using USB gadget Ethernet, open `http://<pi-usb-ip>:8000/` from the laptop.
 
+Run the WebUI in Field Mode by setting `PHASMID_FIELD_MODE=1` to reduce exposure in capture-visible workflows. Field Mode is not a security boundary.
+
 WebUI v2 uses neutral entry-based terminology. Normal screens do not show internal storage labels, retrieval order, or restricted local-state behavior.
 
 Common WebUI/API wording is centralized where practical so terminology checks can audit capture-visible messages consistently.
@@ -481,8 +518,6 @@ Common WebUI/API wording is centralized where practical so terminology checks ca
 
 ```bash
 python3 -m unittest discover -s tests
-python3 -m black --check src tests scripts
-python3 -m bandit -r src
 ```
 
 Static check commands:
@@ -499,13 +534,6 @@ python3 -m coverage run --source=src -m unittest discover -s tests
 python3 -m coverage report -m
 ```
 
-Alternative short coverage command:
-
-```bash
-coverage run -m unittest discover -s tests
-coverage report
-```
-
 Release Review Artifacts are generated by the CI pipeline and support review of the current branch.
 
 Passing automated tests do not prove field safety. They verify expected local behavior and regression boundaries only.

docs/PI_ZERO2W_REMOTE_FIELD_TEST_ISSUE_DRAFT.md

@@ -4,7 +4,8 @@ Add Raspberry Pi Zero 2 W Remote Field Test Harness
 
 > **Tracking**: This issue is the parent specification for the implementation track
 > documented in `AGENTS.md` as issues #89–#94. The phased implementation issues
-> (`#90` through `#94`) each correspond to one Phase defined in this document.
+> (`#90` through `#94`) correspond to the five implementation phases defined in
+> this document.
 
 ## Background
 
@@ -171,7 +172,7 @@ The harness must:
 - document that this variable must remain unset during field test runs unless the operator has provisioned the tmpfs mount;
 - include a pre-flight check that warns if `PHASMID_TMPFS_STATE` is set and the path does not exist on the Pi before any test starts.
 
-### Blocker 4: `phasmid doctor` behavior in non-interactive SSH sessions
+### Blocker 6: `phasmid doctor` behavior in non-interactive SSH sessions
 
 The `doctor` command routes to non-TUI mode automatically when `sys.stdout.isatty()` returns `False`. This is correct behavior in SSH contexts and means `phasmid doctor` should print to stdout without a TUI when called non-interactively. However, to guarantee non-TUI output regardless of how the session is set up, use the explicit flag:
 
@@ -250,9 +251,11 @@ Required outcomes:
 - WebUI startup and shutdown are probed locally on the Pi;
 - TUI viability is checked conservatively without requiring full automation.
 
-### Phase 5: Field Workflow Smoke Tests, Observable Surface Review, and Monitoring
+### Phase 5: Field Workflow Smoke Tests, Observable Surface Review, Monitoring, and Reporting
 
-Deliver bounded workflow testing, observable information surface checks, and thermal/resource capture around major phases.
+Deliver bounded workflow testing, observable information surface checks,
+thermal/resource capture around major phases, and final structured reporting
+outputs.
 
 Required outcomes:
 
@@ -261,13 +264,6 @@ Required outcomes:
 - temperature, memory, disk, and load measurements are captured before and after major phases;
 - orphan process detection is included for WebUI-related phases;
 - swap and storage configuration state is recorded.
-
-### Phase 6: Reports, Documentation, and Reviewability
-
-Deliver final structured artifacts and operator documentation.
-
-Required outcomes:
-
 - `perf-results.json` is written with complete schema coverage where possible;
 - `perf-report.md` summarizes viability, bottlenecks, warnings, and next actions;
 - timing-delta acceptance gate outcome is prominently reported;

docs/SOLUTION_READINESS_PLAN.md

@@ -105,8 +105,11 @@ Remote management platform.
 
 Current status is defined by `docs/REVIEW_VALIDATION_RECORD.md`.
 
-At the time this plan was added, automated tests had passed on a development machine, and target-hardware validation had not yet been recorded.
-
-As of 2026-05-09, harness scripts exist in `scripts/pi_zero2w/` and are tracked
-by GitHub issues `#89` through `#94`, but target-hardware validation is still not
-recorded.
+At the time this plan was added, automated tests had passed on a development
+machine, and target-hardware validation had not yet been recorded.
+
+As of 2026-05-10, target-hardware validation is recorded in
+`docs/REVIEW_VALIDATION_RECORD.md` for the documented Raspberry Pi Zero 2 W
+deployment conditions. Harness implementation and issue closure (`#89` through
+`#94`) are traceability inputs; release readiness still depends on satisfying
+all gates above for each release candidate.

images/architecture_v1.png

@@ -1,6 +1,6 @@
 [project]
 name = "phasmid"
-version = "0.1.3"
+version = "0.1.4"
 description = "Phasmid local-only coercion-aware storage prototype"
 requires-python = ">=3.10"
 dependencies = [

pyproject.toml

@@ -83,7 +83,11 @@ def main() -> None:
         stable_frames = sum(1 for item in results if item.state == "accepted")
         result_state = results[-1].state if results else "no_signal"
         avg_frame_ms = elapsed_ms / max(len(results), 1)
-        notes = "model backend unavailable by default" if args.method == "model" else "combined gate path"
+        notes = (
+            "model backend unavailable by default"
+            if args.method == "model"
+            else "combined gate path"
+        )
 
     cpu_elapsed = time.process_time() - started_cpu
     _current, peak = tracemalloc.get_traced_memory()