FlowmemoryAI
diff --git a/‎docs/OPERATIONS/FLOWCHAIN_OWNER_OPERATED_PUBLIC_RPC.md‎
Lines changed: 1 addition & 0 deletions b/‎docs/OPERATIONS/FLOWCHAIN_OWNER_OPERATED_PUBLIC_RPC.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docs/agent-runs/live-product-infra-rpc/ALERT_INSTALL_VALIDATION.md‎
Lines changed: 38 additions & 0 deletions b/‎docs/agent-runs/live-product-infra-rpc/ALERT_INSTALL_VALIDATION.md‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎docs/agent-runs/live-product-infra-rpc/ARCHITECTURE_AUDIT.md‎
Lines changed: 2 additions & 2 deletions b/‎docs/agent-runs/live-product-infra-rpc/ARCHITECTURE_AUDIT.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/agent-runs/live-product-infra-rpc/PUBLIC_DEPLOYMENT_CONTRACT.md‎
Lines changed: 6 additions & 1 deletion b/‎docs/agent-runs/live-product-infra-rpc/PUBLIC_DEPLOYMENT_CONTRACT.md‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎docs/agent-runs/live-product-infra-rpc/WINDOWS_ALERT_INSTALL.md‎
Lines changed: 33 additions & 0 deletions b/‎docs/agent-runs/live-product-infra-rpc/WINDOWS_ALERT_INSTALL.md‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎docs/agent-runs/live-product-infra-rpc/alert-install-validation-report.json‎
Lines changed: 56 additions & 0 deletions b/‎docs/agent-runs/live-product-infra-rpc/alert-install-validation-report.json‎
Lines changed: 56 additions & 0 deletions
diff --git a/‎docs/agent-runs/live-product-infra-rpc/alert-install-windows-report.json‎
Lines changed: 110 additions & 0 deletions b/‎docs/agent-runs/live-product-infra-rpc/alert-install-windows-report.json‎
Lines changed: 110 additions & 0 deletions
@@ -11,6 +11,7 @@ The repository now provides:
 - `npm run flowchain:service:monitor` for repeated live service sampling that proves height progression over an operator-selected window.
 - `npm run flowchain:ops:snapshot` for one no-secret operator report that classifies critical incidents, public-readiness blockers, and incident commands.
 - `npm run flowchain:ops:incident-drill` for a synthetic no-values incident drill that proves node-down, control-plane-down, stale-state, stalled-height, and no-secret failures are classified as critical while owner-input blockers stay non-critical.
+- `npm run flowchain:ops:alerts:install:windows` and `npm run flowchain:ops:alerts:install:validate` for a no-secret Windows Scheduled Task install/status/uninstall path for recurring local alert refresh.
 - `npm run flowchain:service:stop` and `npm run flowchain:service:restart`, which preserve runtime state.
 - `npm run flowchain:public-rpc:check` for endpoint, TLS, CORS, rate-limit, health, discovery, readiness, state, and response-hygiene checks.
 - `npm run flowchain:public-rpc:edge-template` for a no-values Nginx public-edge template that proxies this chain's private RPC origin through owner TLS and rate limiting.
 
@@ -0,0 +1,38 @@
+# FlowChain Alert Install Validation
+
+Generated: 2026-05-17T10:27:22.7634651Z
+Status: passed
+
+This validation proves the scheduled alert refresh path is planned, no-secret, non-mutating in plan mode, and refreshes local alert evidence without external delivery.
+
+## Checks
+
+- installScriptExists: True
+- alertsScriptExists: True
+- packageScriptsPresent: True
+- planCommandPassed: True
+- planDidNotMutate: True
+- schedulerCmdletsAvailable: True
+- scheduledTaskActionSupportsWorkingDirectory: True
+- scheduledTaskTriggerSupportsRepetition: True
+- actionUsesAlertsScript: True
+- actionUsesRepoWorkingDirectory: True
+- hasAllowBlocked: True
+- hasReportPath: True
+- hasMarkdownPath: True
+- hasOpsSnapshotPath: True
+- noExternalDelivery: True
+- commandsPresent: True
+- scheduledCommandKeepsBlockedAlertsVisible: True
+- scheduledCommandDoesNotDisableRefresh: True
+- envValuesPrintedFalse: True
+- noSecrets: True
+- broadcastsFalse: True
+
+## Commands
+
+- plan: npm run flowchain:ops:alerts:install:windows -- -Action Plan
+- install: npm run flowchain:ops:alerts:install:windows -- -Action Install
+- status: npm run flowchain:ops:alerts:install:windows -- -Action Status
+- uninstall: npm run flowchain:ops:alerts:install:windows -- -Action Uninstall
+- validate: npm run flowchain:ops:alerts:install:validate
@@ -1,6 +1,6 @@
 # FlowChain Architecture Audit
 
-Generated: 2026-05-17T10:20:17.2181046Z
+Generated: 2026-05-17T10:27:20.0419597Z
 Status: blocked
 Blocked only on known external owner inputs: True
 
@@ -23,7 +23,7 @@ Blocked only on known external owner inputs: True
 | Layer | Requirement | Status | Evidence |
 | --- | --- | --- | --- |
 | L1 runtime | The block-producing node and service lifecycle are separated from RPC, run in live profile, and expose fresh state evidence. | passed | serviceStatus=passed, liveProfile=True, maxBlocks=0, nodeRunning=True, controlPlaneRunning=True, latestHeight=52644, finalizedHeight=52644 |
-| Operations | Operations has explicit status, monitor, ops snapshot, alert rules, incident drills, and emergency controls that classify incidents separately from owner-input blockers. | passed | monitorStatus=passed, samples=2, heightAdvanced=True, supervisorValidation=passed, supervisorRestartAttempts=1, opsSnapshot=blocked, criticalCount=0, alertRules=passed, criticalRules=5, blockedRules=5, unmappedAlerts=0, incidentDrill=passed, incidentCases=8, incidentFailed=0 |
+| Operations | Operations has explicit status, monitor, ops snapshot, scheduled alert refresh, alert rules, incident drills, and emergency controls that classify incidents separately from owner-input blockers. | passed | monitorStatus=passed, samples=2, heightAdvanced=True, supervisorValidation=passed, supervisorRestartAttempts=1, opsSnapshot=blocked, criticalCount=0, alertRules=passed, alertInstall=passed, alertInstallFailedChecks=0, criticalRules=5, blockedRules=5, unmappedAlerts=0, incidentDrill=passed, incidentCases=8, incidentFailed=0 |
 | Operations | Owner-host service lifecycle includes a no-secret Windows Scheduled Task install, status, and uninstall path for reboot-persistent live supervisor autorecovery. | passed | installValidation=passed, failedChecks=0, planDidNotMutate=True, liveProfileDefault=True, schedulerCmdlets=True |
 | RPC/API | The control-plane API has explicit health/discovery/readiness/CORS/rate-limit validation and abuse rejection before it can be exposed publicly. | passed | validationStatus=passed, corsAllowed=True, corsRejected=True, endpointChecks=True, rateLimitProbe=True, rateLimitRejected=True, rateLimitRetryAfter=True, responseHygiene=True, abuseStatus=passed, abusePassed=True, abuseMissingChecks=0 |
 | Public edge | External RPC exposure is a distinct owner-operated edge with TLS, allowed origins, rate limits, endpoint checks, and response hygiene. | blocked | publicRpcStatus=blocked, publicRpcReady=False |
 
@@ -1,6 +1,6 @@
 # FlowChain Public Deployment Contract
 
-Generated: 2026-05-17T10:20:17.1551020Z
+Generated: 2026-05-17T10:27:19.8631144Z
 Status: blocked
 Deployment ready: False
 Packet shareable: False
@@ -31,6 +31,7 @@ This file records deployment gates, commands, and env names only. It must not co
 | The owner host has a no-secret Windows install, status, and uninstall path for registering the live supervisor as a reboot-persistent scheduled task. | passed | serviceInstallValidation=passed, planDidNotMutate=True, liveProfileDefault=True, commandsPresent=True |
 | Owner deployment has a no-secret ops snapshot that separates critical incidents from expected owner-input blockers and lists incident commands. | passed | opsSnapshot=blocked, criticalCount=0, blockedCount=5 |
 | Owner deployment has a no-secret alert rule manifest that maps every current ops finding to operator commands without committing delivery credentials. | passed | alertRules=passed, criticalRules=5, blockedRules=5, unmappedCurrentFindingCodes=0 |
+| The owner host has a no-secret Windows install, status, and uninstall path for recurring ops snapshot and alert-rule refresh without committed external delivery credentials. | passed | alertInstallValidation=passed, planDidNotMutate=True, hasAllowBlocked=True, noExternalDelivery=True |
 | The owner deployment contract validates the required public RPC, tester write gateway, backup, and Base 8453 input names without values. | blocked | ownerInputsStatus=blocked, ownerInputReady=False |
 | The local public RPC abuse harness proves CORS rejection, media-type rejection, malformed JSON handling, batch/body caps, notification handling, rate limiting, and no-secret response summaries. | passed | abuseStatus=passed, abuseReady=True, missingChecks=0 |
 | The owner TLS edge must pass endpoint, CORS, rate-limit, readiness, and response-hygiene checks before sharing. | blocked | publicRpcStatus=blocked, publicRpcReady=False, validationStatus=passed, validationPassed=True, abuseStatus=passed, abusePassed=True |
@@ -51,6 +52,8 @@ This file records deployment gates, commands, and env names only. It must not co
 - npm run flowchain:service:install:windows -- -Action Plan
 - npm run flowchain:ops:snapshot -- -AllowBlocked
 - npm run flowchain:ops:alerts -- -AllowBlocked
+- npm run flowchain:ops:alerts:install:validate
+- npm run flowchain:ops:alerts:install:windows -- -Action Plan
 - npm run flowchain:owner:onboarding
 - npm run flowchain:owner-env:template
 - npm run flowchain:owner-inputs
@@ -79,6 +82,8 @@ This file records deployment gates, commands, and env names only. It must not co
 - npm run flowchain:service:install:windows -- -Action Uninstall
 - npm run flowchain:backup:install:windows -- -Action Status
 - npm run flowchain:backup:install:windows -- -Action Uninstall
+- npm run flowchain:ops:alerts:install:windows -- -Action Status
+- npm run flowchain:ops:alerts:install:windows -- -Action Uninstall
 - npm run flowchain:service:stop
 - npm run flowchain:service:restart -- -LiveProfile
 - npm run flowchain:emergency:stop-local
 
@@ -0,0 +1,33 @@
+# FlowChain Windows Alert Install
+
+Generated: 2026-05-17T10:27:22.2983575Z
+Status: passed
+Action: Plan
+Task: \FlowChainOpsAlerts
+
+This runbook registers a Windows Scheduled Task that refreshes the no-secret ops snapshot and alert rules on a fixed interval. It writes local reports only and does not store external delivery credentials.
+
+## Commands
+
+- Plan: npm run flowchain:ops:alerts:install:windows -- -Action Plan
+- Validate: npm run flowchain:ops:alerts:install:validate
+- Install: npm run flowchain:ops:alerts:install:windows -- -Action Install
+- Status: npm run flowchain:ops:alerts:install:windows -- -Action Status
+- Uninstall: npm run flowchain:ops:alerts:install:windows -- -Action Uninstall
+- Alerts: npm run flowchain:ops:alerts -- -AllowBlocked
+
+## Scheduled Task Action
+
+- Execute: `C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe`
+- Working directory: `E:/FlowMemory/flowmemory-live-infra-rpc`
+- Alerts script: `E:\FlowMemory\flowmemory-live-infra-rpc\infra\scripts\flowchain-ops-alerts.ps1`
+- Interval minutes: 15
+- Owner env file injected: False
+
+## Status
+
+- Task existed before: False
+- Task exists after: False
+- Scheduler cmdlets available: True
+- WorkingDirectory supported: True
+- Repetition supported: True
@@ -0,0 +1,56 @@
+{
+    "schema":  "flowchain.alert_install_validation_report.v0",
+    "generatedAt":  "2026-05-17T10:27:22.7634651Z",
+    "status":  "passed",
+    "taskName":  "FlowChainOpsAlerts",
+    "checks":  {
+                   "installScriptExists":  true,
+                   "alertsScriptExists":  true,
+                   "packageScriptsPresent":  true,
+                   "planCommandPassed":  true,
+                   "planDidNotMutate":  true,
+                   "schedulerCmdletsAvailable":  true,
+                   "scheduledTaskActionSupportsWorkingDirectory":  true,
+                   "scheduledTaskTriggerSupportsRepetition":  true,
+                   "actionUsesAlertsScript":  true,
+                   "actionUsesRepoWorkingDirectory":  true,
+                   "hasAllowBlocked":  true,
+                   "hasReportPath":  true,
+                   "hasMarkdownPath":  true,
+                   "hasOpsSnapshotPath":  true,
+                   "noExternalDelivery":  true,
+                   "commandsPresent":  true,
+                   "scheduledCommandKeepsBlockedAlertsVisible":  true,
+                   "scheduledCommandDoesNotDisableRefresh":  true,
+                   "envValuesPrintedFalse":  true,
+                   "noSecrets":  true,
+                   "broadcastsFalse":  true
+               },
+    "failedChecks":  [
+
+                     ],
+    "missingPackageScripts":  [
+
+                              ],
+    "planReportPath":  "E:\\FlowMemory\\flowmemory-live-infra-rpc\\docs\\agent-runs\\live-product-infra-rpc\\alert-install-windows-report.json",
+    "planMarkdownPath":  "E:\\FlowMemory\\flowmemory-live-infra-rpc\\docs\\agent-runs\\live-product-infra-rpc\\WINDOWS_ALERT_INSTALL.md",
+    "childProcessResults":  [
+                                {
+                                    "name":  "alert-install-plan",
+                                    "exitCode":  0,
+                                    "timedOut":  false,
+                                    "stdoutPath":  "E:\\FlowMemory\\flowmemory-live-infra-rpc\\devnet\\local\\tmp\\alert-install-validation\\20260517052718967-7984-e0c60cfb.stdout.log",
+                                    "stderrPath":  "E:\\FlowMemory\\flowmemory-live-infra-rpc\\devnet\\local\\tmp\\alert-install-validation\\20260517052718967-7984-e0c60cfb.stderr.log"
+                                }
+                            ],
+    "commands":  {
+                     "plan":  "npm run flowchain:ops:alerts:install:windows -- -Action Plan",
+                     "install":  "npm run flowchain:ops:alerts:install:windows -- -Action Install",
+                     "status":  "npm run flowchain:ops:alerts:install:windows -- -Action Status",
+                     "uninstall":  "npm run flowchain:ops:alerts:install:windows -- -Action Uninstall",
+                     "validate":  "npm run flowchain:ops:alerts:install:validate"
+                 },
+    "envValuesPrinted":  false,
+    "noSecrets":  true,
+    "broadcasts":  false
+}
@@ -0,0 +1,110 @@
+{
+    "schema":  "flowchain.alert_install_windows_report.v0",
+    "generatedAt":  "2026-05-17T10:27:22.2983575Z",
+    "status":  "passed",
+    "action":  "Plan",
+    "plannedOnly":  true,
+    "taskMutationPerformed":  false,
+    "taskRegistered":  false,
+    "taskRemoved":  false,
+    "taskName":  "FlowChainOpsAlerts",
+    "taskPath":  "\\",
+    "intervalMinutes":  15,
+    "taskBefore":  {
+                       "exists":  false,
+                       "schedulerAvailable":  true,
+                       "taskName":  "FlowChainOpsAlerts",
+                       "taskPath":  "\\",
+                       "state":  "",
+                       "lastRunTime":  "",
+                       "nextRunTime":  "",
+                       "lastTaskResult":  "",
+                       "queryError":  ""
+                   },
+    "taskAfter":  {
+                      "exists":  false,
+                      "schedulerAvailable":  true,
+                      "taskName":  "FlowChainOpsAlerts",
+                      "taskPath":  "\\",
+                      "state":  "",
+                      "lastRunTime":  "",
+                      "nextRunTime":  "",
+                      "lastTaskResult":  "",
+                      "queryError":  ""
+                  },
+    "schedulerCmdlets":  [
+                             {
+                                 "name":  "Get-ScheduledTask",
+                                 "available":  true
+                             },
+                             {
+                                 "name":  "Get-ScheduledTaskInfo",
+                                 "available":  true
+                             },
+                             {
+                                 "name":  "New-ScheduledTaskAction",
+                                 "available":  true
+                             },
+                             {
+                                 "name":  "New-ScheduledTaskTrigger",
+                                 "available":  true
+                             },
+                             {
+                                 "name":  "New-ScheduledTaskSettingsSet",
+                                 "available":  true
+                             },
+                             {
+                                 "name":  "Register-ScheduledTask",
+                                 "available":  true
+                             },
+                             {
+                                 "name":  "Unregister-ScheduledTask",
+                                 "available":  true
+                             }
+                         ],
+    "scheduledTask":  {
+                          "trigger":  "Interval",
+                          "intervalMinutes":  15,
+                          "execute":  "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe",
+                          "arguments":  "-NoProfile -ExecutionPolicy Bypass -File E:\\FlowMemory\\flowmemory-live-infra-rpc\\infra\\scripts\\flowchain-ops-alerts.ps1 -AllowBlocked -ReportPath docs/agent-runs/live-product-infra-rpc/scheduled-ops-alert-rules-report.json -MarkdownPath docs/agent-runs/live-product-infra-rpc/SCHEDULED_OPS_ALERT_RULES.md -OpsSnapshotPath docs/agent-runs/live-product-infra-rpc/scheduled-ops-snapshot-report.json",
+                          "workingDirectory":  "E:/FlowMemory/flowmemory-live-infra-rpc",
+                          "alertsScript":  "E:\\FlowMemory\\flowmemory-live-infra-rpc\\infra\\scripts\\flowchain-ops-alerts.ps1",
+                          "ownerEnvFileConfigured":  false,
+                          "sendsExternalNotifications":  false
+                      },
+    "alerts":  {
+                   "reportPath":  "docs/agent-runs/live-product-infra-rpc/scheduled-ops-alert-rules-report.json",
+                   "markdownPath":  "docs/agent-runs/live-product-infra-rpc/SCHEDULED_OPS_ALERT_RULES.md",
+                   "opsSnapshotPath":  "docs/agent-runs/live-product-infra-rpc/scheduled-ops-snapshot-report.json"
+               },
+    "commands":  {
+                     "plan":  "npm run flowchain:ops:alerts:install:windows -- -Action Plan",
+                     "validate":  "npm run flowchain:ops:alerts:install:validate",
+                     "install":  "npm run flowchain:ops:alerts:install:windows -- -Action Install",
+                     "status":  "npm run flowchain:ops:alerts:install:windows -- -Action Status",
+                     "uninstall":  "npm run flowchain:ops:alerts:install:windows -- -Action Uninstall",
+                     "alerts":  "npm run flowchain:ops:alerts -- -AllowBlocked"
+                 },
+    "checks":  {
+                   "alertsScriptExists":  true,
+                   "schedulerCmdletsAvailable":  true,
+                   "scheduledTaskActionSupportsWorkingDirectory":  true,
+                   "scheduledTaskTriggerSupportsRepetition":  true,
+                   "actionUsesAlertsScript":  true,
+                   "actionUsesRepoWorkingDirectory":  true,
+                   "hasAllowBlocked":  true,
+                   "hasReportPath":  true,
+                   "hasMarkdownPath":  true,
+                   "hasOpsSnapshotPath":  true,
+                   "intervalMinutesValid":  true,
+                   "noExternalDelivery":  true,
+                   "installStatusUninstallCommandsPresent":  true,
+                   "planDoesNotMutate":  true,
+                   "envValuesPrintedFalse":  true,
+                   "noSecrets":  true
+               },
+    "actionErrorRedacted":  "",
+    "envValuesPrinted":  false,
+    "noSecrets":  true,
+    "broadcasts":  false
+}