PAI
Research Standard

Daemon

Manage the public daemon profile — a digital representation of what you're working on.

04
Workflows
00
References
08
Triggers
medium
Effort

The Problem

Your PAI system holds a lot of personal context — missions, goals, active projects, recent ideas — but none of it is visible to the outside world. If you want a public presence that reflects what you're actually working on and thinking about, you're either writing it by hand (which goes stale fast) or publishing raw private data (which leaks things you never meant to share). There's no clean path from private life OS to public digital profile without manual curation at every step.

How This Skill Approaches It

Daemon automates that bridge with a two-repo pattern and deterministic security filtering. The DaemonAggregator.ts tool reads from your PAI sources — TELOS goals, KNOWLEDGE ideas, active projects, recent work themes, public bio — then passes everything through SecurityFilter.ts, which strips names, paths, credentials, and internal refs via pattern matching (not an LLM judgment call). The output is a daemon-data.json file that gets deployed to a public Cloudflare Pages site via a deploy.sh script that copies data in at build time and cleans up, so personal data never lands in the public repo. Four workflows cover the full lifecycle: UpdateDaemon aggregates and previews before any write, ReadDaemon shows the current state, PreviewDaemon runs a diff without committing, and DeployDaemon ships the static site. The whole thing is forkable — public framework repo for the site, private content repo for your data.

  • DaemonAggregator reads PAI sources (TELOS, KNOWLEDGE, PROJECTS, MEMORY/WORK, identity) → daemon-data.json
  • SecurityFilter strips names/paths/credentials via deterministic patterns (NOT LLM)
  • Workflows: UpdateDaemon, ReadDaemon, PreviewDaemon, DeployDaemon
Not for PAI system management

In Action

What you say to your DA, and what the Daemon skill actually does.

  • You say "update my daemon profile"
    Runs UpdateDaemon: aggregates from TELOS, KNOWLEDGE, PROJECTS, and MEMORY/WORK via DaemonAggregator.ts, applies SecurityFilter.ts to strip anything private, shows a diff for your review, then writes daemon-data.json to your private content repo and deploys the static site.
  • You say "preview what my daemon would look like with current data"
    Runs PreviewDaemon in dry-run mode — aggregates your PAI sources and shows the diff against the live daemon-data.json without writing or deploying anything.
  • You say "check my current daemon status"
    Runs ReadDaemon: reads the current daemon-data.json and displays a section-by-section breakdown of what's published on your public profile right now.

Inside the Skill

The thinking, frameworks, and architecture that distinguish this skill from a generic version of the same task.

What It Does

Manages your public daemon profile — a living page of what you're working on, thinking about, reading, and building. It pulls data from your PAI system, runs it through a deterministic security filter so only publicly safe content survives, and deploys a static site. Workflows cover update, read, preview, and deploy.

The Problem

You want a public presence that stays current without hand-editing a profile page every week, and without ever leaking private data. Your real context lives in PAI — goals, projects, ideas, identity — mixed with things that must never go public: contacts, finances, health, names, paths, credentials. Manually copying the safe parts is slow and one slip publishes something you can't take back. This skill aggregates the safe sources, blocks the sensitive ones at the code level, and gives you a preview-then-approve gate before anything ships.

How It Works

The DaemonAggregator reads PAI sources and merges them into daemon-data.json; a deterministic SecurityFilter (pattern matching, not an LLM) strips names, paths, credentials, and internal refs; the deploy step builds a fully static site. Sensitive files are never opened by the aggregator at all.

Architecture

Two-repo pattern: public framework + private content.

PAI SOURCES (private, read-only)
  TELOS/ (missions, goals, books, movies, wisdom)
  KNOWLEDGE/Ideas/ (title + thesis only)
  PROJECTS.md (public projects only)
  MEMORY/WORK/ (abstracted to topic themes)
  PRINCIPAL_IDENTITY.md (public bio data)
    │
    ├──[DaemonAggregator.ts]──→ Reads sources, merges with existing data
    │
    ├──[SecurityFilter.ts]──→ Deterministic code-level allowlist filter
    │                          Strips names, paths, credentials, internal refs
    │                          NOT an LLM filter — enforced by pattern matching
    │
    └──→ daemon-data.json → ~/Projects/daemon-dm/ (PRIVATE repo)
              │
              └──[deploy.sh]──→ Copies JSON into framework → VitePress build → Cloudflare Pages
                                    │
                              ~/Projects/daemon/ (PUBLIC repo — forkable framework)

    STRUCTURALLY EXCLUDED (never read):
          CONTACTS.md, FINANCES/, HEALTH/, TRAUMAS.md,
          KNOWLEDGE/People/, KNOWLEDGE/Companies/,

Skill Structure

skills/Daemon/
├── SKILL.md              (this file)
├── Tools/
│   ├── DaemonAggregator.ts   (reads PAI sources → daemon-data.json)
│   └── SecurityFilter.ts     (deterministic content sanitizer)
├── Workflows/
│   ├── UpdateDaemon.md       (aggregate → preview → approve → deploy)
│   ├── ReadDaemon.md         (read current daemon-data.json)
│   ├── PreviewDaemon.md      (show diff without deploying)
│   └── DeployDaemon.md       (bash deploy.sh from daemon-dm)
└── Docs/
    └── SecurityClassification.md  (public/private data categories)

Important Paths

Purpose Path
Private data repo ~/Projects/daemon-dm/
daemon-data.json ~/Projects/daemon-dm/daemon-data.json
Deploy script ~/Projects/daemon-dm/deploy.sh
Public framework repo ~/Projects/daemon/
Security classification ${CLAUDE_SKILL_DIR}/Docs/SecurityClassification.md
Security overrides ${PAI_USER_DIR}/SKILLCUSTOMIZATIONS/Daemon/SecurityOverrides.md

Live Endpoints

Endpoint Purpose
daemon.example.com Public website (Cloudflare Pages, fully static)

Security Philosophy

  1. Private by default: All data is private until explicitly classified as public
  2. Code-level enforcement: SecurityFilter.ts is deterministic pattern matching, NOT LLM judgment
  3. Structural exclusion: Sensitive files (CONTACTS, FINANCES, HEALTH) are never opened by the aggregator
  4. Defense in depth: Aggregator filter + SecurityFilter + pre-commit hook + manual approval
  5. Fail closed: If uncertain, exclude the content

Data Sources

The DaemonAggregator reads from these PAI sources:

Source What's Extracted Section
TELOS/MISSION.md M1, M2 (public missions) [MISSION]
TELOS/GOALS.md Public project goals [TELOS]
TELOS/BOOKS.md Book titles [FAVORITE_BOOKS]
TELOS/MOVIES.md Movie titles [FAVORITE_MOVIES]
TELOS/WISDOM.md Top 5 quotes [WISDOM]
KNOWLEDGE/Ideas/_index.md 10 recent Ideas (title + thesis) [RECENT_IDEAS]
PROJECTS.md Public repos and sites Projects integration
MEMORY/WORK/ Topic themes (last 14 days) [CURRENTLY_WORKING_ON]
PRINCIPAL_IDENTITY.md Public bio, role, focus [ABOUT]
Existing daemon.md Preserved sections (predictions, routine, podcasts, preferences) Various

For Community Forks

This skill is designed to be generic:

  1. Fork the public Daemon repo
  2. Create your own private data repo with daemon-data.json
  3. Configure with your own blocked names/paths
  4. The aggregator reads from standard PAI directory structure
  5. Use deploy.sh to build and deploy to your own Cloudflare Pages

Examples

Example 1: Full update cycle

User: "update daemon"
→ Aggregates PAI data sources
→ Applies security filter (deterministic)
→ Shows preview diff to user
→ User approves
→ Writes daemon-data.json to daemon-dm → deploys static site

Example 2: Check what's current

User: "check daemon"
→ Reads daemon-data.json from daemon-dm
→ Shows section-by-section status

Example 3: Preview before committing

User: "preview daemon"
→ Runs aggregator in preview mode
→ Shows diff against current daemon-data.json
→ No writes, no deploys

Gotchas

  • Two repos: Public framework (~/Projects/daemon/) and private content (~/Projects/daemon-dm/). The framework is forkable. The content is yours.
  • deploy.sh copies data into the framework at build time, then cleans up. Personal data never gets committed to the public repo.
  • SecurityFilter is code, not prompts. If you need to add new blocked patterns, edit SecurityFilter.ts, not the workflow markdown.
  • Site is fully static. Data is embedded at build time. Changes require running deploy.sh.

Workflows · 4

  1. 01
    UpdateDaemon Workflows/UpdateDaemon.md

    update daemon, refresh daemon

  2. 02
    ReadDaemon Workflows/ReadDaemon.md

    read daemon, check daemon, daemon status

  3. 03
    PreviewDaemon Workflows/PreviewDaemon.md

    preview daemon, daemon diff

  4. 04
    DeployDaemon Workflows/DeployDaemon.md

    deploy daemon, push daemon, ship daemon

How to Invoke

Say any of these to your DA and PAI activates the Daemon skill automatically:

  • "daemon"
  • "update daemon"
  • "daemon profile"
  • "deploy daemon"
  • "preview daemon"
  • "read daemon"
  • "public profile"
  • "digital presence"

Or invoke explicitly:

Skill("Daemon")

Related Skills

Aphorisms
Curated aphorism collection with CRUD — content-based matching, themed search, thinker research, DB …
Apify
Scrape social media platforms, business data, and e-commerce via Apify actors — Instagram profiles/p…
ArXiv
Search and retrieve arXiv academic papers by topic, category, or paper ID — with AlphaXiv-enriched A…

Want PAI to do this for you?

Install PAI on your machine — your DA gets the Daemon skill plus 44 others, all hooked into one Life OS.

Install PAI View on GitHub