agent env-awareness: CDP ensure + Discord status + OWUI system prompt

mios-dev · claude · mios-dev · commit 5c1cd972cdd4 · 2026-05-17T18:32:34.000-04:00
Operator chat 2026-05-17 paste -- "launch the crew motor fest and research the newest global trending topics every 15 minutes" -- ran 19 tool calls and produced no answer. Root-causing each failure: 1. CDP control. browser_navigate hit "All CDP discovery methods failed for localhost:9222" twice. mios-hermes-browser existed as a foreground-launch script but had no idempotent up-check. Extended with subcommands: `ensure` (idempotent: noop if up, else background-launch + wait 8s), `status` (probe), `stop` (kill profile-scoped chromedev), `start` (legacy foreground). Default subcommand = ensure. 2. SOUL.md routes the agent to call `terminal: mios-hermes-browser ensure` before ANY browser_* tool call. Skipping it produced the chronic discovery-loop. 3. web_extract failed 4x -- backend is searxng (search-only). SOUL.md now states the fact and routes URL fetches to `terminal: curl -sL "<url>" | ...` instead of looping. 4. memory_save called 4x as a bash line via `terminal:` -- syntax error each time. New "Native tools vs terminal" SOUL section explicitly forbids invoking native tools through the shell; they must be tool_calls. 5. Discord visibility. discord.env has the bot token + default channel/guild, but the agent had no self-check tool. New mios-discord-status helper: parses discord.env via grep (NOT bash source -- comment backticks would mangle it), probes /users/@me + /users/@me/guilds, reports channel_directory mtime, exits 0/1/2 by severity. SOUL.md routes diagnostic asks here. Live probe: bot Agent-1 in "Ding Dongs" guild, default channel #mios -- working. 6. OWUI MiOS-Agent had params={}. Now ships with: * params.system: concise environment-awareness prompt naming canonical verbs (no env values baked in -- operator's "no context injection" rule preserved; only verb names + when to use which tool surface). * temperature 0.2 (predictable verb selection) * top_p 0.9 * stop ["<|im_end|>","<|endoftext|>"] (cut delegate-spawn token leakage from polish input) install-pipe model-create case statement also fixed: OWUI returns 401 (not 409) for "model id already registered" with that detail body. 401 added to the exists-update branch so re-registration actually persists params on an existing host. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
diff --git a/usr/libexec/mios/mios-discord-status b/usr/libexec/mios/mios-discord-status
@@ -0,0 +1,126 @@
+#!/bin/bash
+# /usr/libexec/mios/mios-discord-status
+#
+# Self-check for the Hermes-Agent Discord integration. The agent's
+# `discord_send_message` tool quietly returns "channel not configured"
+# or "unauthorized" when something is wrong; this helper exposes the
+# actual state so the operator (and the agent, via terminal:) can
+# diagnose without re-deriving the curl pipeline each time.
+#
+# Checks:
+#   1. /etc/mios/hermes/discord.env present + readable
+#   2. DISCORD_BOT_TOKEN parses, length is sane
+#   3. GET /users/@me -> bot username + id (proves token live)
+#   4. GET /users/@me/guilds -> guild count (proves bot is in a guild)
+#   5. MIOS_DISCORD_DEFAULT_CHANNEL + _GUILD env values reported
+#   6. /var/lib/mios/hermes/channel_directory.json mtime (last refresh)
+#
+# Operator directive 2026-05-17: "Fix discord too" -- the chat above
+# showed the agent couldn't tell whether discord was up. SOUL.md now
+# routes diagnostic questions here.
+#
+# Exit codes:
+#   0 = token works, bot in >=1 guild, default channel/guild set
+#   1 = soft failure (token works but config incomplete)
+#   2 = hard failure (token missing, invalid, or API unreachable)
+
+set -uo pipefail
+
+ENV_FILE="${MIOS_DISCORD_ENV:-/etc/mios/hermes/discord.env}"
+DIRECTORY="${MIOS_HERMES_HOME:-/var/lib/mios/hermes}/channel_directory.json"
+API="https://discord.com/api/v10"
+
+red()    { printf '\033[31m%s\033[0m\n' "$*"; }
+green()  { printf '\033[32m%s\033[0m\n' "$*"; }
+yellow() { printf '\033[33m%s\033[0m\n' "$*"; }
+hdr()    { printf '\n=== %s ===\n' "$*"; }
+
+# --- 1. env file ---------------------------------------------------
+hdr "discord.env"
+if [ ! -r "$ENV_FILE" ]; then
+    red "  $ENV_FILE not readable by uid $(id -u)"
+    exit 2
+fi
+echo "  $(ls -la "$ENV_FILE")"
+
+# Parse via grep (NOT `source`) so comment backticks don't trip bash.
+TOKEN=$(grep -E '^DISCORD_BOT_TOKEN=' "$ENV_FILE" | head -1 | cut -d= -f2-)
+DEFAULT_CHANNEL=$(grep -E '^MIOS_DISCORD_DEFAULT_CHANNEL=' "$ENV_FILE" | head -1 | cut -d= -f2-)
+DEFAULT_GUILD=$(grep -E '^MIOS_DISCORD_DEFAULT_GUILD=' "$ENV_FILE" | head -1 | cut -d= -f2-)
+
+if [ -z "$TOKEN" ]; then
+    red "  DISCORD_BOT_TOKEN not set in $ENV_FILE"
+    exit 2
+fi
+echo "  DISCORD_BOT_TOKEN: present (${#TOKEN} chars)"
+echo "  MIOS_DISCORD_DEFAULT_CHANNEL: ${DEFAULT_CHANNEL:-<unset>}"
+echo "  MIOS_DISCORD_DEFAULT_GUILD:   ${DEFAULT_GUILD:-<unset>}"
+
+# --- 2. token live? ------------------------------------------------
+hdr "GET $API/users/@me"
+TMP=$(mktemp)
+HTTP=$(curl -sS --max-time 8 -o "$TMP" -w '%{http_code}' \
+    -H "Authorization: Bot $TOKEN" "$API/users/@me" 2>/dev/null || echo "000")
+case "$HTTP" in
+    200)
+        USERNAME=$(python3 -c "import json,sys; print(json.load(open(sys.argv[1])).get('username',''))" "$TMP")
+        USERID=$(python3 -c "import json,sys; print(json.load(open(sys.argv[1])).get('id',''))" "$TMP")
+        green "  OK $HTTP -- bot username='$USERNAME' id='$USERID'"
+        ;;
+    401)
+        red   "  $HTTP -- token rejected (rotate via Discord Developer Portal -> Bot tab -> Reset Token, paste into $ENV_FILE)"
+        rm -f "$TMP"; exit 2 ;;
+    000|"")
+        red   "  $HTTP -- no response (DNS failure? network down? proxy?)"
+        rm -f "$TMP"; exit 2 ;;
+    *)
+        red   "  $HTTP -- $(head -c 200 "$TMP")"
+        rm -f "$TMP"; exit 2 ;;
+esac
+rm -f "$TMP"
+
+# --- 3. guild membership ------------------------------------------
+hdr "GET $API/users/@me/guilds"
+TMP=$(mktemp)
+HTTP=$(curl -sS --max-time 8 -o "$TMP" -w '%{http_code}' \
+    -H "Authorization: Bot $TOKEN" "$API/users/@me/guilds" 2>/dev/null || echo "000")
+if [ "$HTTP" = "200" ]; then
+    COUNT=$(python3 -c "import json,sys; print(len(json.load(open(sys.argv[1]))))" "$TMP")
+    green "  OK $HTTP -- bot is in $COUNT guild(s):"
+    python3 -c "
+import json,sys
+for g in json.load(open(sys.argv[1])):
+    print('   -', g.get('name'), '(id=' + g.get('id','?') + ')')
+" "$TMP"
+else
+    yellow "  $HTTP -- $(head -c 200 "$TMP")"
+fi
+rm -f "$TMP"
+
+# --- 4. channel_directory.json freshness ---------------------------
+hdr "channel_directory.json"
+if [ -r "$DIRECTORY" ]; then
+    echo "  $(ls -la "$DIRECTORY")"
+    AGE_S=$(( $(date +%s) - $(stat -c %Y "$DIRECTORY") ))
+    AGE_MIN=$(( AGE_S / 60 ))
+    if [ "$AGE_MIN" -gt 1440 ]; then
+        yellow "  age: ${AGE_MIN}min -- stale (>24h). Restart hermes-agent.service to refresh."
+    else
+        echo "  age: ${AGE_MIN}min"
+    fi
+    DCOUNT=$(python3 -c "import json; print(len(json.load(open('$DIRECTORY')).get('platforms',{}).get('discord',[])))" 2>/dev/null || echo "?")
+    echo "  discord entries cached: $DCOUNT"
+else
+    yellow "  $DIRECTORY not present yet (hermes hasn't fetched the directory yet)"
+fi
+
+# --- 5. default channel/guild consistency --------------------------
+hdr "default channel/guild check"
+if [ -z "$DEFAULT_CHANNEL" ] || [ -z "$DEFAULT_GUILD" ]; then
+    yellow "  Default channel/guild not set in $ENV_FILE -- discord_send_message"
+    yellow "  will require an explicit 'channel' arg every call."
+    exit 1
+fi
+green "  default channel=$DEFAULT_CHANNEL guild=$DEFAULT_GUILD"
+echo
+green "All checks passed."
diff --git a/usr/libexec/mios/mios-hermes-browser b/usr/libexec/mios/mios-hermes-browser
@@ -18,20 +18,115 @@
 # is still available for cron / scripted use by setting
 # HERMES_BROWSER_HEADLESS=1 in the calling environment.
 #
+# Operator directive 2026-05-17: "fix CDP control". Browser_navigate
+# from inside Hermes was hitting "All CDP discovery methods failed"
+# because nothing was listening on :9222 and the agent had no way to
+# bring it up. This script now supports an idempotent subcommand
+# surface so the agent can ensure the port is up before any
+# browser_* call:
+#
+#   mios-hermes-browser ensure    # idempotent: noop if up, else launch in bg
+#   mios-hermes-browser status    # exit 0 if CDP responding, 1 otherwise
+#   mios-hermes-browser stop      # kill the ChromeDev process tree
+#   mios-hermes-browser start     # explicit foreground launch (the legacy path)
+#   mios-hermes-browser           # default = ensure (safest for the agent)
+#
+# `ensure` waits up to 8s for CDP to respond; SOUL.md tells the agent
+# to call it before any browser_navigate / browser_screenshot / etc.
+#
 # Profile data lives under /var/lib/mios/hermes-browser/profile so the
 # Hermes session is fully isolated from the operator's interactive
 # Chrome session (separate cookies, separate signed-in accounts,
 # separate extensions).
-set -euo pipefail
+set -uo pipefail
 
 CDP_PORT="${HERMES_BROWSER_CDP_PORT:-9222}"
 PROFILE_DIR="${HERMES_BROWSER_PROFILE_DIR:-/var/lib/mios/hermes-browser/profile}"
 # Default 0 (visible) per operator directive 2026-05-16. Operators
 # wanting headless set HERMES_BROWSER_HEADLESS=1.
 HEADLESS="${HERMES_BROWSER_HEADLESS:-0}"
 APP_ID="${HERMES_BROWSER_APP_ID:-com.google.ChromeDev}"
+LOG_FILE="${HERMES_BROWSER_LOG:-/var/lib/mios/hermes-browser/launch.log}"
+
+mkdir -p "$PROFILE_DIR" "$(dirname "$LOG_FILE")"
+
+# --- helpers -------------------------------------------------------
+
+cdp_responding() {
+    # Hit the CDP discovery endpoint with a short timeout. 200 = up.
+    local code
+    code=$(curl -sS --max-time 2 -o /dev/null -w "%{http_code}" \
+        "http://127.0.0.1:${CDP_PORT}/json/version" 2>/dev/null || echo "000")
+    [ "$code" = "200" ]
+}
+
+wait_for_cdp() {
+    local deadline=$(( $(date +%s) + ${1:-8} ))
+    while [ "$(date +%s)" -lt "$deadline" ]; do
+        cdp_responding && return 0
+        sleep 0.25
+    done
+    return 1
+}
+
+kill_existing() {
+    # ChromeDev flatpak processes that bound 9222; scoped to our profile
+    # so we don't clobber the operator's interactive Chrome.
+    pkill -f "user-data-dir=${PROFILE_DIR}" >/dev/null 2>&1 || true
+}
+
+# --- subcommand dispatch -------------------------------------------
+
+SUBCMD="${1:-ensure}"
+
+case "$SUBCMD" in
+    status)
+        if cdp_responding; then
+            echo "CDP up on 127.0.0.1:${CDP_PORT}"
+            exit 0
+        fi
+        echo "CDP not responding on 127.0.0.1:${CDP_PORT}"
+        exit 1
+        ;;
+    stop)
+        kill_existing
+        echo "stopped (any process bound to profile ${PROFILE_DIR})"
+        exit 0
+        ;;
+    ensure|"")
+        if cdp_responding; then
+            echo "CDP already up on 127.0.0.1:${CDP_PORT}"
+            exit 0
+        fi
+        echo "CDP not responding -- launching ChromeDev in background..."
+        # Self-launch via `start` subcommand, backgrounded + detached.
+        nohup "$0" start >>"$LOG_FILE" 2>&1 &
+        disown || true
+        if wait_for_cdp 8; then
+            echo "CDP up on 127.0.0.1:${CDP_PORT} (log: $LOG_FILE)"
+            exit 0
+        fi
+        echo "ERROR: CDP did not come up within 8s -- check $LOG_FILE"
+        echo "  hint: flatpak run $APP_ID may need a display / dbus session"
+        tail -n 20 "$LOG_FILE" 2>/dev/null | sed 's/^/  /' || true
+        exit 1
+        ;;
+    start)
+        # Legacy foreground launch path -- exec'd by `ensure` and also
+        # callable directly when operator wants to see the launch
+        # output live.
+        ;;
+    *)
+        echo "usage: $0 {ensure|status|stop|start}" >&2
+        exit 64
+        ;;
+esac
+
+# --- foreground launch (start subcommand) --------------------------
 
-mkdir -p "$PROFILE_DIR"
+# Strict mode for the actual launch. The dispatch above used -uo
+# pipefail (no -e) so subcommand checks could fail gracefully.
+set -e
 
 CHROME_ARGS=(
     --remote-debugging-port="$CDP_PORT"
diff --git a/usr/libexec/mios/mios-owui-install-pipe b/usr/libexec/mios/mios-owui-install-pipe
@@ -150,6 +150,43 @@ BASE_MODEL="mios_agent.mios-agent"  # <function_id>.<pipe_id> from pipes()
 MODEL_PAYLOAD=$(python3 - "$MODEL_ID" "$MODEL_NAME" "$BASE_MODEL" <<'PYEOF'
 import json, sys
 mid, mname, base = sys.argv[1], sys.argv[2], sys.argv[3]
+
+# Operator directive 2026-05-17: "could use a system prompt for
+# MiOS-Agent in OWUI and configure the settings too as well".
+#
+# This is the OWUI-side system prompt operators see + can edit
+# under Settings -> Models -> MiOS-Agent -> Advanced. It's
+# prepended by OWUI before the pipe receives the messages, so:
+#   - the CPU refine step sees it (helps refine route phrasing)
+#   - hermes sees it (reinforces SOUL.md from the user-prompt side)
+#   - OWUI's task generators (title, tags, follow-ups) see it
+#
+# Kept short -- the full operating manual lives in SOUL.md inside
+# hermes. This is the "what is this agent" intro. NO env values
+# baked in (operator: "no context injection for environment
+# detection") -- only canonical verb names.
+SYSTEM_PROMPT = (
+    "You are MiOS-Agent, a local-first agent running on the operator's "
+    "MiOS host. You speak the user's language and mirror their tone. "
+    "For any visible-to-operator action (launch app, open URL, install "
+    "software, take screenshot, control window) you ALWAYS go through "
+    "the canonical MiOS verb -- never bare PowerShell, never browser "
+    "automation for visible browsing, never vendor download pages. "
+    "Canonical verbs: mios-find (launch resolver), mios-open-url "
+    "(visible browser), mios-installer (cross-platform install), "
+    "mios-windows (Windows dispatch), mios-window (focus/close/move), "
+    "mios-screenshot, mios-steamcmd, mios-system-status (single source "
+    "of truth for hardware/services/models), mios-hermes-browser ensure "
+    "(bring CDP up before any browser_* tool call). Use web_search not "
+    "web_extract (the extract backend is search-only in this MiOS). "
+    "Native tools (memory_save, kanban_*, discord_send_message, "
+    "delegate_task, etc.) are tool_calls -- never call them as bash "
+    "lines through terminal. You can fork and improve your own tools "
+    "(mios-tool-clone) and skills (mios-skill-clone) when a recurring "
+    "task hits the same friction twice. Report tool stdout verbatim; "
+    "guessing confidently is a defect."
+)
+
 print(json.dumps({
     "id": mid,
     "base_model_id": base,
@@ -169,7 +206,25 @@ print(json.dumps({
         # recent state + chat language (operator directive 2026-05-17:
         # "no hardcoded answers or anything hardcoded for english").
     },
-    "params": {},
+    "params": {
+        # The system prompt OWUI prepends to every chat. Edit in
+        # the OWUI admin UI (Settings -> Models -> MiOS-Agent) or
+        # re-run this installer.
+        "system": SYSTEM_PROMPT,
+        # Sampling defaults tuned for the refine -> hermes -> polish
+        # chain. Low temperature: agent should be predictable about
+        # which canonical verb to call, not "creative". top_p left
+        # at OWUI default. Hermes internally overrides these on its
+        # delegate spawns -- this is just the outer chat-completion
+        # default.
+        "temperature": 0.2,
+        "top_p": 0.9,
+        # Stop tokens: hermes occasionally emits these as text inside
+        # delegate-spawn tool args; cut them so they don't leak into
+        # the polished answer.
+        "stop": ["<|im_end|>", "<|endoftext|>"],
+        # OWUI streams tokens incrementally; no need to override.
+    },
     "is_active": True,
 }))
 PYEOF
@@ -187,7 +242,10 @@ case "$RESP3" in
     200|201)
         echo "[mios-owui-install-pipe] ✓ created Model entry $MODEL_ID"
         ;;
-    400|409)
+    400|401|409)
+        # OWUI returns 401 (not 409) for "model id already registered"
+        # -- detail body "Uh-oh! This model id is already registered."
+        # Treat all three as "exists -- need to update".
         echo "[mios-owui-install-pipe] (Model exists; updating)"
         RESP4=$(curl -s -X POST "$OWUI_URL/api/v1/models/model/update?id=$MODEL_ID" \
             -H "Authorization: Bearer $TOKEN" \
diff --git a/usr/share/mios/ai/hermes-soul.md b/usr/share/mios/ai/hermes-soul.md
@@ -42,8 +42,13 @@ never from training data.
    `Get-StartApps`, never bash `which`, never a vendor download URL.
 
 4. **"Open a browser to `<url>`" / "go to `<url>`" → `terminal: mios-open-url "<url>"`.**
-   NEVER `browser_navigate` for visible browsing (it drives a HEADLESS
-   CDP session the user can't see).
+   NEVER `browser_navigate` for visible browsing — it drives an
+   isolated ChromeDev profile the operator can't see. `browser_*`
+   is for SCRAPING/INSPECTION only. Before ANY `browser_*` call,
+   ALWAYS run `terminal: mios-hermes-browser ensure` first — it
+   idempotently brings the CDP port up. Skipping it produces the
+   chronic "All CDP discovery methods failed for localhost:9222"
+   loop (operator-flagged 2026-05-17).
 
 5. **"Install `<X>` on Windows" → `terminal: mios-installer install <id> --backend winget --no-confirm`.**
    `mios-installer search "<X>" --backend winget` first to confirm
@@ -188,6 +193,43 @@ in the user's tone (1-2 sentences). DO NOT:
 "what GPU do I have", "list ollama models", "what services are
 running", "how much disk left", "system status".
 
+## Native tools vs `terminal` — don't confuse the surfaces
+
+Native tools (`memory_save`, `kanban_create`, `web_search`,
+`discord_send_message`, `delegate_task`, ...) are called via the
+**gateway's tool_call schema** with a JSON args object. They are
+NOT bash commands. If you emit `terminal: memory_save(key="x",
+value="y")` the shell tries to evaluate it and dies with `syntax
+error near unexpected token` — that's a chronic defect
+(operator-flagged 2026-05-17: agent called `memory_save(...)` four
+times through `terminal:` before giving up).
+
+When you want to invoke a native tool, emit it as a tool call,
+not as a shell line. The terminal tool is ONLY for bash commands
+(MiOS helpers, system probes, file ops).
+
+## Web search vs extract — searxng is search-only
+
+`web_search` works (local SearXNG provider, no API key). `web_extract`
+DOES NOT in this MiOS — the backend is searxng which only indexes,
+it can't fetch full page content. Calling it returns "SearXNG is a
+search-only backend".
+
+For URL content: `terminal: curl -sL "<url>" | sed -e 's/<[^>]*>//g'
+| head -c 4000` (quick text), or `terminal: mios-html-extract
+"<url>"` if installed. Don't loop on web_extract — it will never
+succeed against searxng.
+
+## Discord messaging
+
+`discord_send_message` posts to the operator's default channel set
+in `~/.config/mios/identity.toml [discord]`. The bot token is in
+the same file. If the call returns "channel not configured" or
+"unauthorized", do NOT invent a workaround — surface the error
+verbatim and tell the operator to check
+`terminal: mios-discord-status` (probes the token + lists reachable
+channels). Operator-confirmed 2026-05-17.
+
 ## Window-close path — drilled (you keep missing this)
 
 "close <X>" / "quit <X>" / "exit <X>" / "shut down <X>" where X is
