CLAWSTIN MORNING PAPER — 2026-03-17

Tuesday, 2026-03-17

TRADING DASHBOARD

TRADING P&L DASHBOARD — Daily target: $10/day
Track Today Total P&L Notes
📈 Agent Trader $+0.00 $+0.00 Swing, public.com
🎲 Polymarket $+0.00 Structural arb, slow
Net (after tax + costs) $-0.10 vs $10 target: $-10.10

Cost breakdown: tax 37% short-term ($0.00) + token spend ($0.10/day) | Go-live trigger: 5 consecutive profitable weeks in paper trading

INNOVATIONS

Nothing new in the last 24 hours.

RESEARCHER

Researcher Report — 2026-03-17

Run time: 2026-03-17 15:09 ET Agent: Researcher (Haiku scan / Sonnet eval) Budget: Budget: $0.0000 / $5.00 used (0 calls, 0in + 0out tokens) | $5.0000 remaining

Phase 1: Tech Research


Sources scanned: 0 items across HN + RSS feeds Candidates after scoring: 0 CBL evaluated: 0

Phase 1 Errors

- ⚠️ Phase skipped

Phase 2: PaperTrader Experiments


_No snapshot data available for today._

Phase 2 Errors

- ⚠️ Phase skipped

Phase 3: Optimization Analysis


> _Stale files and cron health are auditor territory (autoaudit). This phase covers cost and model routing only._
Cost opportunities: None identified this run

Phase 3 Errors

- ⚠️ Phase skipped


Phase 4: ClawHub Skill Scan


No relevant skills found this run.

Phase 4 Errors

- ⚠️ Budget exhausted or no API key — skipping LLM vetting

Budget Summary


Total spent: $0.0000 / $5.00 cap API calls: 0 Tokens: 0 input + 0 output

AUTO AUDIT RESULTS

AUTOAUDIT Summary -- 2026-03-17


Findings


CRITICAL


1. Gmail OAuth token expired (adalsey account). Continuous hourly failures from 2026-03-16 21:40 through 2026-03-17 02:40 (6 logged errors). Smoke test: `gmail-adalsey` FAIL (`invalid_grant: Token has been expired or revoked`). LaunchAgent `clawstin.gmail.triage` exit status 1. Triage output stale (30.7h). Root cause identified in 2026-03-16 session: Google Cloud project `clawstin-488222` likely still in "Testing" publishing status → 7-day refresh token expiry. Ghost needs to push the project to Production in console.cloud.google.com, then re-authorize. 7th consecutive audit with this issue (originally found 2026-03-16).

WARNING


2. com.clawstin.balance-notify LaunchAgent exit 1. No associated log errors found. Script exists at `scripts/balance-notify.sh`. 2nd consecutive audit.
3. clawstin.fer-monitor LaunchAgent exit 2. Points to deleted `scripts/fer-monitor.py`. Stale FER plist also persists in lifeboat: `lifeboat-system/launch-agents/clawstin.fer-monitor.plist`. Both the LaunchAgent and the lifeboat copy should be removed. 9th consecutive audit for the plist; fer-monitor project was purged 2026-03-16 but cleanup incomplete.
4. Autoaudit running on Sonnet despite Opus config. `session_status` shows `Model: anthropic/claude-sonnet-4-6`; cron payload specifies `model: "anthropic/claude-opus-4-6"`. Possible gateway-level model routing issue. 3rd consecutive audit.
5. Context load: 3,044 words (threshold: 1,500). Files exceeding 400-word threshold: - AGENTS.md: 926 words — Swarm Canvas section (6 python3 command bullets) and Context Guard section are candidates for on-demand reads. - memory/2026-03-16.md: 1,444 words — daily log, naturally large; will roll over when 2026-03-17 log begins. - All others under threshold: TOOLS.md 171, SYNC.md 135, MEMORY.md 117, HEARTBEAT.md 95, SOUL.md 64, IDENTITY.md 32, USER.md 32, STYLE.md 17, WORKING_MEMORY.md 11.
6. Stale references to archived paper trader paths. `state/dependency_map.json` (line 191) and `memory/where-we-left-off-030326-0946.md` (line 46) reference `scripts/trading/public_paper_trader.py`, which was moved to `scripts/trading/archive/` on 2026-03-16. Not breaking (these are reference/historical files) but technically stale.
7. Smoke test: balance-anchor reports "no last_checked timestamp" but the file has one. `vital-balance-anchor.json` contains `"last_checked": "2026-03-17T01:00:18Z"` — yet smoke_test.py reported WARN with "no last_checked timestamp." Possible smoke test parsing bug or field-name mismatch.

Carried Over


1. Gmail adalsey OAuth expired — CRITICAL. Persists from last audit. Ghost action required (Google Cloud console → Production publishing status). 2. Stale FER plist in lifeboat — 9th consecutive. Only `lifeboat-system/launch-agents/clawstin.fer-monitor.plist` remains. Ghost approved purge 2026-03-16 but lifeboat copy and LaunchAgent survived. 3. Autoaudit model mismatch (Sonnet instead of Opus) — 3rd consecutive. 4. com.clawstin.balance-notify exit 1 — 2nd consecutive. No log errors found.

Resolved Since Last Audit


- vital-widget-freshness: Decommissioned. Smoke test check removed (line 126 of smoke_test.py). ✓ - vitals-api/vital-server exit -15: Both now running (pid 779/781, exit 0). ✓ - clear-chronic-wednesday delivery error: Cron job recreated (2a961c3a) on 2026-03-16 with correct delivery target and `bestEffort: true`. No errors yet; next fire Wednesday 2026-03-18 08:00 ET. ✓

Past-Due Schedule Entries


- `2026-03-16 09:00 -- ACCOUNTS RECEIVABLE - Queenie - SNOOZE/RESOLVE?` - `2026-03-16 09:00 -- ACCOUNTS RECEIVABLE - mighty white - SNOOZE/RESOLVE?` - `2026-03-16 09:00 -- ACCOUNTS RECEIVABLE - Keyan - SNOOZE/RESOLVE?` - `2026-03-16 09:00 -- ACCOUNTS RECEIVABLE - Take Flight - SNOOZE/RESOLVE?` - `2026-03-15 18:00 -- REPLY TO ALEX PARKER - Bowers CPA - DOB + bank info for IT-204-LL (due 3/16) + personal tax liability - [email protected]` ⚠️ Filing deadline was 03/16 — now past due.

Fired One-Shot Reminders


- `balance-burn-calibration-review` (99519f01, deleteAfterRun) — fired 2026-03-15 with error (`Message failed`), disabled. `deleteAfterRun` set but job still present (deletion may require successful run). - `bed-lights-off` (a1c5d0f0) and `bed-wake-light` (078c9dc5) — one-shot $BED crons from tonight, not yet fired. Will self-delete after run.

Step Completion Checklist

Step 1 -- Pre-Audit Data: completed (13 checks; 0 errors, 3 warnings: LaunchAgents flagged 3, schedule 5 past-due, log errors 6 gmail entries) Step 1.5 -- Smoke Tests: completed (9 pass, 2 warn, 1 fail: gmail-adalsey token expired; balance-anchor last_checked false positive; gmail-triage-adalsey recency stale) Step 2 -- Last Report Review: completed (6 carried-over tracked; 3 resolved, 4 persisting) Step 3 -- Daily Integration: completed (2026-03-16 log reviewed — all 15 referenced script/file paths verified present; no 2026-03-17 log yet) Step 4 -- Git Diff + Downstream: completed (3 commits reviewed; paper trader archive move left stale refs in dependency_map.json and where-we-left-off; no other stale cross-references) Step 5 -- File Health Review: completed (MEMORY.md 117w healthy; context load 3,044w over 1,500 threshold; AGENTS.md 926w + memory/2026-03-16.md 1,444w over 400 threshold; SCHEDULE.md 5 past-due; all injected files consistent — no contradictions found) Step 6 -- Cron + Automation: completed (38 total jobs, 27 enabled, 11 disabled; model assignments: Opus for autoaudit ✓ (running as Sonnet — finding #4), Opus for bizbot ✓, Sonnet for morning-brief/security-guard ✓, Haiku for all routine jobs ✓; clear-chronic-wednesday recreated and clean; balance-burn-calibration one-shot fired-with-error still lingering) Step 7 -- Script Validation: completed (send-todo.sh ✓, triage-proton.py ✓, triage.py ✓ exists but OAuth expired, watchdog/ ✓ 6 files present, consecutive-failures.txt = 0) Step 8 -- Cross-File Consistency: completed (FER plist → deleted script; archived paper trader paths in 2 reference files; no other contradictions)

CAPABILITY QUEUE

PAPER TRADING

Model Portfolio Value P/L Cash Holdings
MACD+RSI $972.22 $-27.78 (-2.8%) $374.72 MSTR 1.1148sh @$134.55, QQQ 0.2491sh @$610.64, CRM 0.7494sh @$196.89, GOOGL 0.4798sh @$308.14
Momentum EMA $1000.01 +$0.01 (+0.0%) $850.00 NVDA 0.8109sh @$184.99
Rocket Rider $1159.43 +$159.43 (+15.9%) $1159.43 Cash only
News Sentiment $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Sector Surfer $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Earnings Stalker $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Fear Eater $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Unusual Volume $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Gap Trader $999.99 $-0.01 (-0.0%) $850.00 ADBE 0.6013sh @$249.44
Consolidation Bomber $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Trump Whisperer $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Capitol Copycat $1007.43 +$7.43 (+0.7%) $807.43 VST 0.6314sh @$158.38, TEM 1.9790sh @$50.53
Dual Momentum $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Squeeze Breakout N/A N/A N/A
52wk High N/A N/A N/A
Donchian Turtle $1000.00 $-0.00 (-0.0%) $850.00 MSTR 1.0204sh @$147.00
Williams %R $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
KAMA Adaptive $981.70 $-18.30 (-1.8%) $382.88 MSTR 1.0796sh @$138.94, GOOGL 0.4886sh @$307.35, NVDA 0.8130sh @$184.99, CRM 0.7530sh @$196.89
Triple MA $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Insider Buyer $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Index Rider $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
FDA Catalyst $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Sprint Rider $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Trend Reversion $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Sector Rotator $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Volume Breakout $1000.00 +$0.00 (+0.0%) $1000.00 Cash only
Dual Timeframe $1000.00 +$0.00 (+0.0%) $1000.00 Cash only

AGENT TRADER

Portfolio: $1000.00 (+$0.00 / +0.0%)  |  Cash: $1000.00  |  Trades: 0 (W:0 L:0 WR:0%)

Thesis (2026-03-17): [risk-on / long] Broad-based green day with SPY, QQQ, and IWM all up, crypto proxies leading (+3.4% COIN), and mega-cap tech like GOOGL and AMZN showing strength — this is a classic risk-on rotation day favoring high-beta growth names.

Candidates: COIN (4⭐), GOOGL (4⭐), PLTR (3⭐)

No open positions.

POLYMARKET

Portfolio: $1000.00 (+$0.00 / +0.0%)  |  Bankroll: $800.00  |  Open: 3 positions  |  Resolved: 3 (W:0 L:0)  |  Realized P&L: +$0.00
MarketSideEntryBetEnds
Will Trump visit China by April 30?YES0.460$66.672026-04-30
Weed rescheduled by March 31?YES0.014$66.672026-03-31
Weed rescheduled by June 30?YES0.170$66.662026-03-31

SECURITY AUDIT

Security Guard Report - 2026-03-17

Patrol time: 03:30 AM (America/New_York) Agent: Security Guard (Claude Opus) AutoAudit verified: Yes (2026-03-17) Previous report: 2026-03-16

Executive Summary


Overall threat level: MEDIUM-HIGH (elevated from MEDIUM on 2026-03-16)
Elevation driven by discovery of widespread plaintext credential exposure across session logs and memory files that were missed by earlier redaction sweeps. The original SG-002 redaction (2026-03-09) cleaned 8 files but at least 6 additional files still contain plaintext passwords for DigitalOcean, Gmail, Hetzner, VNC, and the Fernet encryption key for accounts data.
Signal alert required: NO (no finding reaches 9-10 individually, but the aggregate credential exposure approaches that threshold)
Changes since last patrol (2026-03-16): - ✅ RESOLVED: `lifeboat-system/launch-agents/` is now `drwx------` (700) — was 755 on prior patrol. - ✅ RESOLVED: `lifeboat-system/signal-data/535318.d/` is now `drwx------` (700) — was 755 on prior patrol. - ⚠️ PERSISTS: Plaintext lifeboat zip password in session-18 (SG-2026-03-16-009) — 2nd consecutive. - ⚠️ PERSISTS: Stale FER monitor plist in lifeboat and active LaunchAgent (exit 2) — 10th consecutive. - 🔴 NEW (SG-2026-03-17-001): Fernet encryption key for accounts data stored in plaintext in PROJECTS/COMPLETE/strengthen-medic.md. - 🔴 NEW (SG-2026-03-17-002): DigitalOcean password stored in plaintext in 3 files (2 session logs + 1 daily log). - 🔴 NEW (SG-2026-03-17-003): Gmail password in plaintext in daily log 2026-03-07.md. - 🔴 NEW (SG-2026-03-17-004): Hetzner password and VNC password in plaintext in session-log-2026-03-03-021255.txt. - ⚠️ PERSISTS: OpenClaw security advisory (prompt injection/exfil) — 2nd consecutive, no CVE assigned.
This patrol identified 10 findings: 0 severity 9-10, 3 severity 8, 2 severity 7, 2 severity 5, 1 severity 3, 1 severity 2.

Detailed Findings


SG-2026-03-17-001: Fernet Encryption Key in Plaintext (NEW)

Severity: 8 (MEDIUM-HIGH) Category: Credential Exposure Rubric: "Plaintext credentials stored insecurely — not exposed externally but accessible locally without privilege"
Evidence: - File: `PROJECTS/COMPLETE/strengthen-medic.md` (line 28) - Content: Fernet base64 key `[REDACTED]` stored as plaintext in project documentation - This is the actual Fernet key used to encrypt `state.enc` (accounts data). Anyone with this key can decrypt all accounts data. - File permissions: `-rw-------` (owner-only) — good. - The file is NOT in `.gitignore`'s exclusion list and lives under workspace which is a git repo.
Impact: The Fernet key is the single secret protecting all accounts data. If this file were to be committed to git or exposed via any workspace leak, all encrypted accounts data (financial records, client data) is compromised. The same lifeboat password (`[REDACTED]`) is also the GPG passphrase on the VPS.
Rationale for rating 8: Key is owner-read-only and not currently exposed externally, but it's the crown jewel for data decryption. One git commit or one path traversal away from catastrophic exposure. Not rated 9 because there's no evidence of external exposure yet.
Action required: Ghost must redact the key value from this file immediately and rotate the Fernet key if there's any chance the file has been committed to git history.

SG-2026-03-17-002: DigitalOcean Password in Plaintext — 3 Files (NEW)

Severity: 8 (MEDIUM-HIGH) Category: Credential Exposure
Evidence: Files containing the actual DO password in cleartext: 1. `memory/sessions/2026-03-07-session-18.md` (line 31): `do_password` with actual value `[REDACTED]` 2. `memory/sessions/2026-03-08-session-01.md` (line 14): new DO password `[REDACTED]` 3. `memory/session-log-2026-03-03-021255.txt` (line 452): Password field with value `[REDACTED]`
All `.md` files are `-rw-------` (owner-only). Session-log `.txt` file is `-rw-r--r--` (world-readable).
Impact: Two distinct DO passwords exposed. If either is still active, an attacker with file access gains DigitalOcean console access (VPS control, potential lateral movement to Clawstin Standby).
Rationale for rating 8: Active service password in plaintext. Owner-only permissions on .md files prevent casual exposure, but the .txt session-log is world-readable. These files are in the workspace git repo path. Rated 8 not 9 because no evidence of external exposure.
Action required: Redact all three files. Verify if DO password has been rotated since March 8.

SG-2026-03-17-003: Gmail Password in Plaintext (NEW)

Severity: 8 (MEDIUM-HIGH) Category: Credential Exposure
Evidence: - File: `memory/2026-03-07.md` (line 176): Gmail password `[REDACTED]` in plaintext - File permissions: `-rw-------`
Impact: Gmail access = email account takeover, OAuth token reset capability, 2FA code interception for other services. This is the highest-value credential in the stack after the Fernet key.
Rationale for rating 8: Same as above — owner-only file, but one misplaced git commit away from catastrophe. Gmail password provides access to the entire Google account including OAuth tokens for the automation pipeline.
Action required: Redact immediately. Rotate Gmail password if there's any chance of prior exposure.

SG-2026-03-17-004: Hetzner + VNC Passwords in Plaintext (NEW)

Severity: 7 (MEDIUM) Category: Credential Exposure
Evidence: - File: `memory/session-log-2026-03-03-021255.txt` - Line 322: Hetzner password `[REDACTED]` in plaintext - Line 1150: VNC password `[REDACTED]` in plaintext - Line 1167: VNC password repeated in command example - File: `ACTIVITY.md` (line 565): VNC password `[REDACTED]` in plaintext description - Session-log file permissions: `-rw-r--r--` (world-readable!) - ACTIVITY.md permissions: `-rw-------`
Impact: Hetzner = hosting platform access. VNC = direct desktop control of Mac Mini.
Rationale for rating 7: Hetzner account may have been migrated away from (account was locked during the session). VNC password is a weak 8-char value but VNC is likely behind Tailscale. The world-readable session-log file elevates this from 6 to 7.
Action required: Redact credentials from both files. Fix session-log permissions to `-rw-------`. Verify VNC is Tailscale-only.

SG-2026-03-17-005: Lifeboat Zip Password Still in 4+ Files (PERSISTS — 2nd consecutive)

Severity: 7 (MEDIUM) Category: Credential Exposure
Evidence: Plaintext lifeboat zip password `[REDACTED]` found in: 1. `memory/sessions/2026-03-11-session-18.md` (line 105) — session notes 2. `memory/sessions/2026-03-09-session-03.md` (line 16) — the redaction log itself contains the password 3. `PROJECTS/COMPLETE/strengthen-medic.md` (line 29) — passphrase reference 4. `scripts/lifeboat-upload.sh` (line 16) — hardcoded ZIP_PASSWORD variable 5. `scripts/coastguard.sh` (line 38) — hardcoded LIFEBOAT_PASSWORD variable
Note: Scripts (#4, #5) are excluded by the noise filter (scripts handle credentials by design). However, the password is weak and reused as a GPG passphrase, so the md files (#1-3) are the primary concern.
Rationale for rating 7: This password protects all lifeboat backups AND is the GPG passphrase for the Fernet key on the VPS. Compromise of this single password enables full decryption of both lifeboat archives and accounts data. Rated 7 (not 8) because the lifeboat password was already partially remediated and this is a known issue.
Action required: Complete the redaction sweep. Consider rotating the lifeboat zip password and GPG passphrase.

SG-2026-03-17-006: Stale FER Monitor LaunchAgent + Lifeboat Plist (PERSISTS — 10th consecutive)

Severity: 5 (LOW-MEDIUM) Category: Configuration / Workflow Disruption
Evidence: - `launchctl list` shows `clawstin.fer-monitor` with exit status 2 (script not found) - LaunchAgent points to `scripts/fer-monitor.py` which was deleted on 2026-03-16 - Lifeboat copy persists: `lifeboat-system/launch-agents/clawstin.fer-monitor.plist` - 10th consecutive patrol flagging this issue
Rationale for rating 5: No security impact — just a stale config pointing to a deleted script. But its persistence across 10 patrols suggests a gap in the cleanup workflow.
Action required: `launchctl unload` the fer-monitor plist and delete both the active LaunchAgent and the lifeboat copy.

SG-2026-03-17-007: Cloudflare Tunnel — 4 Ingress Routes (PERSISTS)

Severity: 5 (LOW-MEDIUM) — Partially Accepted Category: Network Exposure
Evidence: Cloudflare tunnel config (`lifeboat-system/cloudflared/config.yml`) exposes: 1. `clawstin.org` → `localhost:8877` (static site — ACCEPTED per SG-2026-03-10-002) 2. `voice.clawstin.org` → `localhost:3334` (no backend per prior patrol notes) 3. `webhook.clawstin.org` → `localhost:18789` (webhook endpoint) 4. `api.clawstin.org` → `localhost:8765` (vitals-api)
Running services confirmed: `clawstin.cloudflared` (PID 791, exit 0).
Rationale for rating 5: Static site is accepted risk. Other routes need verification that they have appropriate auth. This is informational and tracked.

SG-2026-03-17-008: OpenClaw Security Advisory — Prompt Injection/Exfiltration (PERSISTS — 2nd consecutive)

Severity: 5 (LOW-MEDIUM) Category: External Threat Intelligence
Evidence: - Source: The Hacker News (2026-03-15): "OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration" - No CVE assigned yet. - Directly affects this infrastructure (OpenClaw is the primary agent platform). - New THN fridge item today: "Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents" — may contain additional relevant threat intel but unable to assess without network access.
Rationale for rating 5: No CVE, no exploit code published. Article describes theoretical flaws. This Security Guard agent itself implements anti-injection directives as mitigation.
Action required: Ghost should review the article and assess whether any published attack vectors apply to current OpenClaw configuration.

SG-2026-03-17-009: Failing LaunchAgents — gmail.triage (exit 1), balance-notify (exit 1)

Severity: 3 (LOW) Category: Workflow Disruption
Evidence: - `launchctl list` shows: - `clawstin.gmail.triage` — exit status 1 (Gmail OAuth expired, per AutoAudit CRITICAL finding) - `com.clawstin.balance-notify` — exit status 1 (no associated errors, per AutoAudit WARNING) - These are operational issues, not security issues.
Rationale for rating 3: No security impact. Gmail triage failure is due to expired OAuth token (Google Cloud project in Testing mode). Balance-notify is undiagnosed but non-security.

SG-2026-03-17-010: Session Log World-Readable Permissions

Severity: 2 (LOW) Category: File Permissions
Evidence: - `memory/session-log-2026-03-03-021255.txt` confirmed `-rw-r--r--` (world-readable) - This file contains multiple plaintext passwords (see SG-2026-03-17-004) - 9 session-log files exist in `memory/` — not all permissions exhaustively checked
Rationale for rating 2: On a single-user Mac Mini, "world-readable" is not a significant attack vector unless another user or process is compromised. However, combined with the credential content, it should be tightened.
Action required: `chmod 600` all `memory/session-log-*.txt` files.

Threat Landscape


External Intelligence (Limited — No Network Access)

- NVD/NIST: Unable to check (sandbox network restriction). Last attempted: 2026-03-16. - Node.js Security: Unable to check. No package-lock.json in workspace; npm audit not available. - macOS Security: Unable to check. OpenSSL 3.6.1 (2026-01-27) confirmed current. - OpenClaw Advisory: THN article on prompt injection/exfil (2026-03-15) — still pending Ghost review. - Fridge item (today): "Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents" from THN — unable to assess without network access. - Signal CLI: Unable to check GitHub issues.

Local System Health

- Encryption: Fernet key file (`den/fernet-key.b64`) is `600` permissions. `creds.enc` is `600`. Den directory is `700`. - Lifeboat-system permissions: All directories now `700` (resolved from prior patrol). - OpenSSL: 3.6.1 — current. - No world-writable files found in workspace. - No stale credential files in `/tmp`. - Docker: Not available/not running. - Git remotes: Unable to check (git command blocked in sandbox).

Resolved Since Last Patrol

1. `lifeboat-system/launch-agents/` permissions fixed: `drwx------` (was `drwxr-xr-x` for 9 patrols) 2. `lifeboat-system/signal-data/535318.d/` permissions fixed: `drwx------` (was `drwxr-xr-x` for 9 patrols)

Risk Acceptance Notes

- SG-2026-03-17-007 (partial): `clawstin.org` static site via Cloudflare tunnel matches accepted risk SG-2026-03-10-002. - Chrome Remote Desktop: Not observed this patrol but remains accepted per SG-2026-03-09-005. - Signal-CLI HTTP on localhost:8080: Not directly checked this patrol (lsof blocked) but remains accepted per SG-2026-03-15-004. - Brave Remote Debug port 18800: Not directly checked this patrol but remains accepted per SG-2026-03-15-006.

Aggregate Risk Assessment


The most concerning pattern is the breadth of plaintext credential exposure. At least 6 distinct credentials (DO password x2, Gmail password, Hetzner password, VNC password, Fernet key) appear in plaintext across 8+ files in the workspace. The original SG-002 redaction sweep (2026-03-09) caught 8 files for the lifeboat zip password, but these other credentials were never swept.
Recommended priority action for Ghost: 1. Immediate: Redact Fernet key from strengthen-medic.md (severity 8) 2. Immediate: Redact DO passwords from 3 files (severity 8) 3. Immediate: Redact Gmail password from 2026-03-07.md (severity 8) 4. Today: Comprehensive grep + redact sweep for all password-like values in memory/ and PROJECTS/ 5. Today: Verify none of these files are in git history (if so, consider git filter-branch or BFG) 6. Today: chmod 600 memory/session-log-*.txt

Report generated by Security Guard. Read-only operations only. No files modified.