菜单
Plan safe external-drive ingests into repo-aligned storage such as /mnt/ace: read-only mounts, manifests, staged rsync, dedupe-merge gates, GitHub issue traceability, and governance/execution split.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | external-drive-ingest-planning |
| description | Plan safe external-drive ingests into repo-aligned storage such as /mnt/ace: read-only mounts, manifests, staged rsync, dedupe-merge gates, GitHub issue traceability, and governance/execution split. |
| version | 1.0.0 |
| author | Hermes Agent |
| category | workspace-hub |
| tags | ["external-drive","ntfs","data-ingest","rsync","github-issues","governance","mnt-ace"] |
| triggers | ["User asks to ingest, consolidate, copy, or organize an external drive into /mnt/ace or another long-lived data mount","External NTFS/USB drive data must be copied while preserving source provenance","A data migration needs destination mapping, manifests, dedupe, and GitHub issue tracking before file operations","Source folders need mapping into repo-aligned buckets and execution must be gated by planning approval"] |
| related_skills | ["diagnose-and-mount-dirty-ntfs-drives","diagnose-dirty-ntfs-mount-errors","github-issues","gh-work-planning","issue-planning-mode"] |
Use this when planning a safe ingest from an external drive into /mnt/ace or another persistent data mount. The class of task is not just "mount the drive"; it is source-preserving, provenance-tracked data migration with staged copy and dedupe/merge risk controls.
A drive or mounted folder contains legacy/project/reference data that must be mapped into durable repo-aligned destinations, copied safely, and tracked through GitHub before any destructive or ambiguous operation.
_from_<source-label>/ staging folders; dedupe-merge into the parent only as a second reviewed phase.status:plan-review until the user approves.Run live system checks rather than relying on prior device names:
lsblk -o NAME,SIZE,FSTYPE,LABEL,MOUNTPOINT
If NTFS, use a non-mutating check first:
sudo ntfsfix --no-action /dev/sdXY
Do not run mutating ntfsfix, force, or a writable mount for archival/ingest work without explicit user approval.
After confirming the device node and source label:
sudo mkdir -p /mnt/<source-label-lower>
sudo ntfs-3g -o ro,big_writes,uid=$(id -u),gid=$(id -g),umask=022 /dev/sdXY /mnt/<source-label-lower>
Verify the effective mount mode before any inventory or mapping work:
findmnt /mnt/<source-label-lower> -o TARGET,SOURCE,FSTYPE,OPTIONS
For source-preserving ingest workflows, treat rw as a blocker even if ownership/perms look correct (uid/gid, umask=022) and even if big_writes is enabled. big_writes is useful for later approved high-volume copy performance, but it does not satisfy the source-immutability requirement. If the drive is already mounted read-write, remount read-only before full manifests/checksums:
sudo umount /mnt/<source-label-lower>
sudo ntfs-3g -o ro,big_writes,uid=$(id -u),gid=$(id -g),umask=022 /dev/sdXY /mnt/<source-label-lower>
If the drive is not visible, stop and ask the user to reconnect it. Do not fabricate source inventory.
Build a source-to-destination table before copying. For /mnt/ace, prefer repo-aligned buckets:
/mnt/ace/<repo-name>/<domain>/...
Clarify whether ambiguous buckets are real repos or category folders. In the ACE workspace, examples include:
workspace-hub = governance/planning/orchestration, not bulk data dumpingclient-c = real repo bucket for legacy client project material when appropriatemkt-a = mkt-a project/client-number materialassethold = asset-holding / real-estate datadigitalmodel = engineering workflow/reference/tooling datalng-a = lng-a project/training/codes materialmkt-a-codes = standards/regulatory corpus; verify before duplicating codes/regulationsFor a non-trivial ingest, draft issues before copying:
workspace-hub): exact source-to-destination map, mount policy, manifest plan, rsync/dedupe gates, acceptance criteria.Before creating issues:
gh issue create --body-fileCreate a durable planning/intel area, for example:
.planning/intel/<source-label>-ingest/
lsblk-before-mount.txt
ntfsfix-no-action.txt
mount-command.txt
source-top-level-inventory.tsv
source-file-size-manifest.tsv
source-sha256-under-100mb.txt
destination-preexisting-inventory/
rsync-dry-run-logs/
rsync-final-logs/
post-copy-verification/
Typical pre-copy commands:
find /mnt/<source> -type f -printf '%P\t%s\n' > .planning/intel/<source>-ingest/source-file-size-manifest.tsv
find /mnt/<source> -type f -size -100M -print0 \
| sort -z \
| xargs -0 sha256sum > .planning/intel/<source>-ingest/source-sha256-under-100mb.txt
Dry-run first:
rsync -aHAXn --info=progress2 --stats \
/mnt/<source>/<folder>/ \
/mnt/ace/<repo>/<domain>/_from_<source-label>/
Final copy only after dry-run review and plan approval:
rsync -aHAX --info=progress2 --stats \
/mnt/<source>/<folder>/ \
/mnt/ace/<repo>/<domain>/_from_<source-label>/
Use --link-dest only after validating the parent destination and confirming the option points to the intended existing corpus.
Each destination bucket should record provenance:
## <source-drive-label> ingest
- Source drive label:
- Source filesystem:
- Source device node at ingest:
- Source path:
- Destination staging path:
- Final destination path:
- Ingest date:
- Operator/agent:
- File count:
- Byte count:
- Manifest path:
- Checksum policy:
- Rsync dry-run log:
- Rsync final log:
- Dedupe/merge status:
- Retention decision:
- Related GitHub issue:
If the repo enforces planning:
Issue → Resource Intel → Plan → Adversarial Review → status:plan-review → USER APPROVES → status:plan-approved → Execute
Do not mount/copy/rsync as implementation until the approved plan gate is satisfied if the task has been scoped as execution work. Discovery commands like lsblk are fine; source mutation and destination writes are not.
/dev/sdXY from a prior session as stable; USB device nodes change.findmnt and require ro unless the user explicitly overrides source immutability.ntfsfix before source-preservation decisions are approved._inbox when per-destination staging better preserves destination ownership./mnt/ace layout.$RECYCLE.BIN and System Volume Information as project data; include them in top-level inventory but normally classify as skip/metadata unless the user asks otherwise.cat > /tmp/prompt.txt <<'EOF' ... EOF or nano, then running Codex -p "$(cat /tmp/prompt.txt)".Before finalizing issue creation or handoff, verify:
Elements or other source drive remains read-only / untouched until the plan is approvedConventions for creating consistent Mermaid diagrams including decision node layout, edge ordering, and flowchart direction rules.
Generate interactive validation reports with quality scoring, missing data analysis, and type checking. Combines Pandas validation, Plotly visualization, and YAML configuration for comprehensive data quality reporting.
Class-level Hermes local configuration and setup workflows, including config audit gotchas and Windows installation.
Guide AI model selection based on task complexity, cost constraints, and latency requirements
Sub-skill of modular-architecture-documentation: 1. Module Definition Framework (+9).
Sub-skill of modular-architecture-documentation: Overview (+6).