Menu
Private datastore workflow. Activate when writing, saving, archiving, packing, encrypting, committing, or storing sensitive local files under private/ or Dolos encrypted archives.
Brave browser tab URL capture. Activate when the user asks to capture, export, list, archive, save, or recover open Brave tabs, browser tabs, tab URLs, or session files.
Use when working with X/Twitter: x.com feed extraction, tweet/profile checks, following/follower lists, twitterapi.io, browser-agent pulls, or local encrypted X data handling.
Shell scripting, CLI development, Bash, PowerShell, Makefiles, and cross-platform tooling. Activate when working with .sh, .bash, .ps1, Makefile files or discussing shell/CLI patterns.
Use when the user asks to create, draft, write, improve, optimize, or build an inline Pi /goal command, goal prompt file, long-running objective, or goal_prompt_file.md. Triggers: /goal prompt, goal prompt, pi goal, goal_prompt_file.md, write a goal for, turn this into a goal.
Personal development philosophy emphasizing experiment-driven, fail-fast approach. Activate when planning implementations, reviewing code architecture, making design decisions, or when user asks to apply development principles. Guides against over-engineering and towards solving real problems with simple solutions.
Activate when user mentions analyze, review, validate, critique, debug, troubleshoot, red-team, adversarial, or "what could go wrong". Use for code review, debugging, validation, and error investigation.
| name | private-store |
| description | Private datastore workflow. Activate when writing, saving, archiving, packing, encrypting, committing, or storing sensitive local files under private/ or Dolos encrypted archives. |
Auto-activate when: The user asks to write, save, archive, pack, encrypt, commit, or store sensitive local files under private/, or mentions Dolos private archives.
private/ is the local plaintext Obsidian-compatible vault. .dolos/artifacts/private.tar.gz.age is the encrypted commit artifact. Writes to private/ must be intentional, scoped, browsable, and easy to audit without opening raw data.
Use this layout for generated private content:
private/
README.md
_indexes/
browser-tabs.md
handoffs.md
x.md
_attachments/
<domain>/...
<domain>/
.../*.md
Rules:
private/browser-tabs/brave/ or private/handoffs/.private/_attachments/<domain>/... or a domain data directory documented by a README note.private/_indexes/ and should contain path-level metadata only. Do not put secrets, full URLs, cookies, or raw exports in indexes.Every generated Markdown note under private/ should include YAML frontmatter:
---
title: Example private note
created: 2026-06-06T10:45:09-04:00
updated: 2026-06-06T10:45:09-04:00
type: browser-tabs
source: brave
sensitive: true
tags:
- private/browser-tabs
related:
- "[[browser-tabs]]"
attachments:
- "../../_attachments/browser-tabs/brave/20260606-104509/brave-tabs-full.json"
---
Body rules:
title.## Summary near the top.[[browser-tabs]].private/browser-tabs, private/handoff, private/x, and browser/brave.private/._attachments/._indexes/ note with path-level metadata.private/.private/ content into the encrypted artifact..dolos/artifacts/private.tar.gz.age was staged or committed for the private payload.The Dolos pre-commit hook:
Blocks unsafe staged plaintext paths such as private/....
Checks bin/dolos status.
If private/ diverged from the encrypted artifact, runs:
bin/dolos.exe pack private
git add -- .dolos/artifacts/private.tar.gz.age
Scans the staged set again before allowing the commit.
| Domain | Notes | Attachments / Data | Index |
|---|---|---|---|
| Browser tabs | private/browser-tabs/brave/<timestamp>.md | private/_attachments/browser-tabs/brave/<timestamp>/ | private/_indexes/browser-tabs.md |
| Handoffs | private/handoffs/<timestamp>.md | private/_attachments/handoffs/<timestamp>/ | private/_indexes/handoffs.md |
| X data | private/x/README.md and optional notes | private/x/ data files or private/_attachments/x/ exports | private/_indexes/x.md |
| Anti-Pattern | Problem | Fix |
|---|---|---|
Force-adding private/... | Commits plaintext sensitive data | Commit the encrypted Dolos artifact only |
Dumping mixed data into private/ root | Hard to audit and easy to over-include | Use a scoped subdirectory |
| Mixing notes, raw blobs, and indexes in one timestamp folder | Hard to browse in Obsidian and hard to migrate | Put notes in domain folders, raw files in _attachments, indexes in _indexes |
| Writing secrets to tracked docs for convenience | Bypasses private archive protections | Write to private/ and reference the path |
| Assuming all private writes belong in a commit | Can include unrelated private changes | Check bin/dolos.exe status and capture scope before committing |
| Need | Command |
|---|---|
| Check private/archive state | bin/dolos.exe status |
| Manually pack private store | bin/dolos.exe pack private |
| Verify staged safety | bin/dolos.exe scan --staged |
| Inspect private artifact status | git status --short -- .dolos private |
The hook packs automatically during commit when Dolos reports status=diverged. Manual packing remains useful before reviewing a commit or when no other tracked files are staged.