AI Research System / Runtime Requirements

Runtime Requirements

Runtime setup does not grant write authority. Python, Node.js, Playwright, and local tools support inspection and validation only inside authorized scope.

Animated runtime scope and authority boundary map Read tools, governed workflow, validators, browser QA, local retrieval, and derivative tooling orbit a central boundary that separates capability from permission.
Runtime capability depends on available tools, permission boundaries, validators, and the live control record for the current job.

Runtime evidence does not prove physics, promote source laws, bypass AgentJob allowlists, or authorize upstream writes. Capability and permission are separate facts.

Static diagram

Keep tool capability separate from authorization.

The technical tiers diagram shows Node, Python, validators, browser checks, build tools, and the boundary that tool availability does not grant permission.

The diagram illustrates technical tool tiers across inspection tools, validation tools, browser QA, TeX/PDF tooling, and tool-availability boundaries.
Diagram showing inspection tools, validation tools, Astro browser QA, TeX/PDF tools, and tool availability boundary.

The diagram illustrates technical tool tiers across inspection tools, validation tools, browser QA, TeX/PDF tooling, and tool-availability boundaries.

Runtime tiers

Tools are grouped by what they can safely support.

The runtime page is a map of capability, not an instruction to widen scope. Each tier needs its own authority context before it changes files.

TierToolsSafe scope
Read and inspectGit, editor, shell, browser, and tracked source files.Inspect repository state, source text, diffs, and rendered pages without changing authority.
Governed workflowCodex app context, repo-local skills, prompts, task records, allowlists, completions, and handoffs.Execute bounded packets only when live records authorize the work.
Validator and memoryPython `.venv`, Python tests, requirements files, PyMuPDF where PDF text extraction is in scope, and memory scripts.Validate behavior, inspect memory state, and produce operational evidence.
Web and browser QANode.js, npm, Astro, Mermaid-related site dependencies where present, and Playwright.Build static pages, check links and policies, and inspect desktop/mobile rendering.
Optional local retrievalObsidian reader, semantic extracts, SQLite indexes, and `.local/` retrieval caches.Support lookup and local inspection only; not citation authority.
LaTeX and PDFTeX/PDF tooling only when derivative generation or PDF QA is explicitly in scope.Produce or inspect derivatives while registered sources remain authority.

Command scope

Every command needs a validates and does-not-validate field.

Command references should teach interpretation. A command can pass and still leave authority, proof, deployment, or acceptance undecided.

CommandValidatesDoes not validate
npm run buildAstro static build and route compilation for the website state under test.Scientific correctness, source promotion, owner acceptance, or deployment.
npm run validate:svgWebsite SVG artwork policy, including animation and no visible embedded SVG text.The accuracy of nearby scientific or operational claims.
npm run validate:implementation-controlStructural consistency of implementation-control records.Source authority, deployment approval, or upstream write permission.
.venv/bin/python -m pytestPython tests for the checked test suite.Physics proof, benchmark promotion, or untested workflow behavior.

Permission boundary

Availability is not authorization.

This is the central runtime discipline: an operator can have tools installed and still lack authority to use them for a mutating packet.

CapabilityUnsafe inferenceSafe interpretation
Installed runtimeRuntime setup authorizes a packet.Runtime setup does not grant write authority. Live task and job records decide scope.
Passing validatorsGreen checks prove the claim.A check says only that the named validator accepted its checked surface.
Browser screenshotVisual QA makes page copy authoritative.Screenshots show rendered behavior; they do not prove physics or workflow claims.
Local cache accessA cache hit can be cited.Local retrieval can guide inspection, but tracked sources and registries remain authority.

Source basis

The source basis defines what the tools mean.

This page summarizes stable command families and runtime tiers without copying script internals or changing dependency policy.

Source areaUsed here forAuthority boundary
Tooling and runtime PRDRuntime tiers, command-scope structure, and validator-versus-proof requirements.PRD requirements plan website content; they do not change commands.
Package, Makefile, scripts, and testsObserved website commands, build tooling, validation scripts, and Python test entry points.Command availability is capability, not permission.
Technical requirements dossierTool authority tiers, safe and unsafe summaries, and local-cache boundaries.Dossier content is implementation guidance, not source promotion.

Source authority