Drop unresolved Clawdie service staging from USB (Sam & Codex)

Keeps service clawdie as a deployed-system contract only, removes the old mini-binary FEATURE_CLAWDIE staging lane from the ISO build, and adds explicit Linux-vs-FreeBSD proof boundaries for provider/runtime claims.\n\nChecks: ./scripts/check-format.sh; git diff --check; sh -n over scripts/ firstboot/ live/operator-session/ executables
2026-06-13 12:12:34 +02:00 · 2026-06-13 12:12:34 +02:00 · 0e6d8cbe53
commit 0e6d8cbe53
parent 6d0290d07e
11 changed files with 49 additions and 279 deletions
--- a/BUILD.md
+++ b/BUILD.md
@ -110,10 +110,10 @@ Installed/deployed system
           credentials, and Colibri-backed orchestration
 ```
-`FEATURE_CLAWDIE` is therefore not a legacy toggle. It is the opt-in staging
+No current ISO build flag stages `service clawdie`. That name is reserved for
-path for images that are validating the deployed-system `service clawdie` lane.
+installed/deployed systems until the real persistent host service is chosen. The
-The baseline live USB should use Colibri directly unless that deploy lane is the
+baseline live USB uses Colibri directly and must not ship the old mini-binary as
-explicit test target.
+if it were the final deployed service.
 ---
--- a/FIRSTBOOT.md
+++ b/FIRSTBOOT.md
@ -661,9 +661,9 @@ cat /etc/pkg/repos/Clawdie-USB.conf
 sysctl hw.pci.dump | grep -i vga
 grep kld_list /etc/rc.conf
-# After clawdie module
+# After deploy module
 jls -N                    # list jails
-service clawdie status
+# service clawdie status  # future deployed-system service acceptance
 ```
 ---
--- a/build.cfg
+++ b/build.cfg
@ -99,23 +99,10 @@ COLIBRI_ARTIFACT_DIR="${COLIBRI_ARTIFACT_DIR:-}"
 COLIBRI_DAEMON_ENABLE="${COLIBRI_DAEMON_ENABLE:-YES}"
 COLIBRI_COST_MODE="${COLIBRI_COST_MODE:-smart}"
-# Clawdie deployed-system service lane.
+# `service clawdie` is reserved for installed disk/server systems. The current
-# `service clawdie` is the target service name for installed disk/server systems.
+# live USB does not stage a clawdie rc.d service or mini-binary; it uses the
-# The live USB uses the lightweight `colibri_daemon` service directly; this lane
+# lightweight `colibri_daemon` control plane directly. Add deployed-system
-# is opt-in (default NO) for builds that explicitly validate deployed-system
+# service packaging only after that implementation is chosen.
 # behavior. The binary is built from the same /home/clawdie/ai/colibri checkout.
 # The two credentials are normally baked into the binary at build time:
 #   (cd /home/clawdie/ai/colibri && CLAWDIE_TG_TOKEN=... CLAWDIE_DEEPSEEK_KEY=... \
 #       cargo build --release -p clawdie)
 # Leave them blank to ship a "bring your own key" binary configured via the
 # rc.d env file (/usr/local/etc/clawdie/clawdie.env) at runtime instead.
 # CLAWDIE_ENABLE defaults NO for live-USB builds: stage the binary + rc.d for
 # explicit deploy-lane tests without making `service clawdie` the live control
 # plane. Deployed disk/server images should flip this to YES once the target
 # host is meant to boot into the persistent Clawdie service.
 FEATURE_CLAWDIE="${FEATURE_CLAWDIE:-NO}"
 CLAWDIE_ARTIFACT_DIR="${CLAWDIE_ARTIFACT_DIR:-}"
 CLAWDIE_ENABLE="${CLAWDIE_ENABLE:-NO}"
 # zot agent harness (the consolidation target — see colibri ADR
 # docs/ADR-agent-harness-consolidation.md). zot is a single static Go binary
--- a/build.sh
+++ b/build.sh
@ -122,7 +122,6 @@ echo "    GPU     : ${GPU_DRIVER:-auto-detect}"
 echo "    NVIDIA universal : ${NVIDIA_UNIVERSAL:-NO}"
 echo "    Target  : ${TARGET:-baremetal}"
 echo "    Colibri : ${FEATURE_COLIBRI:-NO}"
 echo "    Clawdie agent : ${FEATURE_CLAWDIE:-NO}"
 echo "    zot agent     : ${FEATURE_ZOT:-NO} (${ZOT_VERSION:-})"
 echo ""
@ -337,41 +336,6 @@ preflight_colibri_artifacts() {
    done
 }
 # clawdie shares the /home/clawdie/ai/colibri checkout; CLAWDIE_ARTIFACT_DIR overrides where
 # the prebuilt `clawdie` binary is found.
 resolve_clawdie_paths() {
    resolve_colibri_paths
    _resolved_clawdie_repo="${_resolved_colibri_repo}"
    if [ -n "${CLAWDIE_ARTIFACT_DIR:-}" ]; then
        _resolved_clawdie_artifact_dir="${CLAWDIE_ARTIFACT_DIR}"
        case "${_resolved_clawdie_artifact_dir}" in
            /*) ;;
            *) _resolved_clawdie_artifact_dir="${SCRIPT_DIR}/${_resolved_clawdie_artifact_dir}" ;;
        esac
    else
        _resolved_clawdie_artifact_dir="${_resolved_clawdie_repo}/target/release"
    fi
 }
 preflight_clawdie_artifacts() {
    [ "${FEATURE_CLAWDIE:-NO}" = "YES" ] || return 0
    [ "${FETCH_ONLY:-0}" -eq 0 ] || return 0
    resolve_clawdie_paths
    _clawdie_rc="${_resolved_clawdie_repo}/packaging/freebsd/clawdie.in"
    if [ ! -f "${_clawdie_rc}" ]; then
        echo "ERROR: clawdie rc.d source missing: ${_clawdie_rc}"
        echo "       Set COLIBRI_REPO=/path/to/colibri or FEATURE_CLAWDIE=NO."
        exit 1
    fi
    if [ ! -x "${_resolved_clawdie_artifact_dir}/clawdie" ]; then
        echo "ERROR: clawdie release binary missing: ${_resolved_clawdie_artifact_dir}/clawdie"
        echo "       Build first: (cd ${_resolved_clawdie_repo} && cargo build --release -p clawdie)"
        echo "       Or set FEATURE_CLAWDIE=NO to skip clawdie staging."
        exit 1
    fi
 }
 resolve_zot_paths() {
    _resolved_zot_repo="${ZOT_REPO:-${SCRIPT_DIR}/../zot}"
    case "${_resolved_zot_repo}" in
@ -869,10 +833,10 @@ install_colibri_service() {
            ('$(uuidgen || echo 00000000-0000-0000-0000-000000000002)', 'colibri-smoke', 'Colibri daemon smoke test and validation', 'colibri', '${_now}'),
            ('$(uuidgen || echo 00000000-0000-0000-0000-000000000003)', 'iso-build', 'Clawdie ISO build and staging workflow', 'iso', '${_now}'),
            ('$(uuidgen || echo 00000000-0000-0000-0000-000000000004)', 'tailscale-join', 'Tailscale mesh join procedure for operator USB', 'networking', '${_now}'),
-            ('$(uuidgen || echo 00000000-0000-0000-0000-000000000005)', 'disk-deploy', 'Deploy Clawdie from USB live to permanent disk install. Provisions ZFS pool, installs FreeBSD boot environment, migrates config, and sets up clawdie service for persistent operation.', 'clawdie', '${_now}'),
+            ('$(uuidgen || echo 00000000-0000-0000-0000-000000000005)', 'disk-deploy', 'Deploy from USB live to permanent disk install. Provisions ZFS pool, installs FreeBSD boot environment, migrates config, and prepares for the future deployed-system clawdie service.', 'clawdie', '${_now}'),
-            ('$(uuidgen || echo 00000000-0000-0000-0000-000000000006)', 'clawdie-health', 'Run clawdie service health check — verifies colibri daemon, skills catalog, Glasspane, and runtime inventory. Use for post-deploy validation.', 'clawdie', '${_now}');" 2>/dev/null || true
+            ('$(uuidgen || echo 00000000-0000-0000-0000-000000000006)', 'deployed-clawdie-health', 'Future post-deploy health check for service clawdie once the deployed-system service implementation lands.', 'clawdie', '${_now}');" 2>/dev/null || true
        chroot "${MOUNT_POINT}" chown colibri:colibri /var/db/colibri/colibri.sqlite 2>/dev/null || true
-        echo "      colibri skills seeded: 4 entries"
+        echo "      colibri skills seeded: 6 entries"
    fi
    # Import clawdie-ai skill definitions into the catalog.
@ -913,68 +877,6 @@ install_zot_agent() {
    fi
 }
 install_clawdie_service() {
    [ "${FEATURE_CLAWDIE:-NO}" = "YES" ] || {
        echo "    Clawdie agent staging disabled (FEATURE_CLAWDIE=${FEATURE_CLAWDIE:-NO})"
        return 0
    }
    echo "    Staging Clawdie agent..."
    resolve_clawdie_paths
    env \
        COLIBRI_REPO="${_resolved_clawdie_repo}" \
        CLAWDIE_ARTIFACT_DIR="${_resolved_clawdie_artifact_dir}" \
        CLAWDIE_STAGE_ENABLE="${CLAWDIE_ENABLE:-NO}" \
        "${SCRIPT_DIR}/scripts/stage-clawdie-iso.sh" "${MOUNT_POINT}"
    # The clawdie agent runs as the operator `clawdie` account (same pattern as
    # Clawdie-AI). configure_live_operator_session() creates that user/group
    # earlier in the build, so we reuse it rather than re-creating a conflicting
    # nologin account here. Assert it exists instead of silently diverging.
    if ! /usr/sbin/pw -R "${MOUNT_POINT}" usershow clawdie >/dev/null 2>&1; then
        echo "ERROR: clawdie user missing — configure_live_operator_session must run before install_clawdie_service"
        exit 1
    fi
    mkdir -p \
        "${MOUNT_POINT}/var/db/clawdie" \
        "${MOUNT_POINT}/var/run/clawdie" \
        "${MOUNT_POINT}/var/log/clawdie"
    chroot "${MOUNT_POINT}" chown -R clawdie:clawdie \
        /var/db/clawdie \
        /var/run/clawdie \
        /var/log/clawdie
    chmod 0750 \
        "${MOUNT_POINT}/var/db/clawdie" \
        "${MOUNT_POINT}/var/run/clawdie" \
        "${MOUNT_POINT}/var/log/clawdie"
    set_config_line "${MOUNT_POINT}/etc/rc.conf" "clawdie_enable=\"${CLAWDIE_ENABLE:-NO}\""
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'clawdie_user="clawdie"'
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'clawdie_group="clawdie"'
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'clawdie_data_dir="/var/db/clawdie"'
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'clawdie_run_dir="/var/run/clawdie"'
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'clawdie_socket="/var/run/clawdie/clawdie.sock"'
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'clawdie_db_path="/var/db/clawdie/clawdie.sqlite"'
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'clawdie_logfile="/var/log/clawdie/clawdie.log"'
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'clawdie_host="$(hostname)"'
    if [ ! -x "${MOUNT_POINT}/usr/local/bin/clawdie" ]; then
        echo "ERROR: clawdie binary missing from live image"
        exit 1
    fi
    if [ ! -x "${MOUNT_POINT}/usr/local/etc/rc.d/clawdie" ]; then
        echo "ERROR: clawdie rc.d script missing from live image"
        exit 1
    fi
    if ! /usr/sbin/pw -R "${MOUNT_POINT}" usershow clawdie >/dev/null 2>&1; then
        echo "ERROR: clawdie service user missing from live image"
        exit 1
    fi
 }
 # Stage an on-image NVIDIA pkg repo (all branches) so clawdie_live_gpu can
 # `pkg install` the detected branch at boot (NVIDIA_UNIVERSAL lane).
 #
@ -1887,7 +1789,6 @@ EOF
 }
 preflight_colibri_artifacts
 preflight_clawdie_artifacts
 preflight_zot_artifacts
 # --- step 1: fetch FreeBSD memstick ---
@ -2279,7 +2180,6 @@ rm -f "${MOUNT_POINT}/etc/installerconfig"
 install_live_runtime_packages
 configure_live_operator_session
 install_colibri_service
 install_clawdie_service
 install_zot_agent
 install_nvidia_universal_repo
--- a/doc/LLM-PROVIDER-HARNESS.md
+++ b/doc/LLM-PROVIDER-HARNESS.md
@ -15,6 +15,16 @@ A provider working in one harness does **not** prove it works in another. For
 Colibri, the preferred proof is a `pi --mode json` JSONL capture because that is
 what the current parser and runtime seam consume.
 ## Platform proof boundaries
 - Linux-side smokes prove only provider transport, JSONL shape, and integration
  direction on that Linux host.
 - FreeBSD runtime claims require a FreeBSD host or mounted/booted live image.
 - Live-USB claims require Codex ISO Builder evidence from the FreeBSD build host
  and, for GUI/input/audio, real hardware evidence.
 - A dashboard/control-fabric result is never provider proof by itself; capture
  the harness command, provider/model, platform, and output shape.
 ## Agent Harness Matrix
 | Harness             | Where observed / target                | Provider/model lanes known here                                                              | Status / caveat                                                                                                                 |
--- a/doc/NVIDIA-UNIVERSAL-HANDOFF.md
+++ b/doc/NVIDIA-UNIVERSAL-HANDOFF.md
@ -48,10 +48,8 @@ cargo build --workspace --release
 # universal image (set COLIBRI_REPO explicitly if building from a tmp worktree)
 cd /home/clawdie/ai/clawdie-iso && git fetch origin && git reset --hard origin/main
 sudo env NVIDIA_UNIVERSAL=YES \
  FEATURE_CLAWDIE=YES CLAWDIE_ENABLE=NO COLIBRI_DAEMON_ENABLE=NO \
  CLAWDIE_AI_REPO=/home/clawdie/ai/clawdie-ai \
  COLIBRI_REPO=/home/clawdie/ai/colibri \
  CLAWDIE_ARTIFACT_DIR=/home/clawdie/ai/colibri/target/release \
  ./build.sh --skip-memstick-fetch --live-default-password
 ```
--- a/docs/ISO-DEPLOYMENT-TARGET-ZFS.md
+++ b/docs/ISO-DEPLOYMENT-TARGET-ZFS.md
@ -66,9 +66,12 @@ Once the ISO boots on the server hardware:
 1. Server gets DHCP on its LAN port (visible in ARP)
 2. `colibri-daemon` starts, skills catalog loaded
-3. `service clawdie health` passes
+3. `colibri status` / `colibri list-skills` passes from the live USB
 4. `tailscale up` for mesh access (if auth key available)
 `service clawdie` is the deployed-system target service name, not a live-USB
 service in the current baseline image.
 ### Phase 3 — disk survey + ZFS pool create
 ```sh
@ -81,11 +84,12 @@ zpool create -o ashift=12 zroot /dev/ada0
 zfs create -o mountpoint=/ zroot/ROOT/default
 ```
-### Phase 4 — install FreeBSD to ZFS + clawdie
+### Phase 4 — install FreeBSD to ZFS + deployed service
 ```sh
 # Bootstrap FreeBSD base system onto ZFS
-# Install clawdie service + colibri-daemon
+# Install the future deployed-system clawdie service once its implementation lands
 # Keep colibri-daemon as the control-plane core
 # Copy config, skills DB, pi sessions from USB
 # Set boot environment
 ```
@ -94,8 +98,9 @@ zfs create -o mountpoint=/ zroot/ROOT/default
 ```sh
 # On reboot, server boots from local ZFS
-service clawdie health    # daemon ✓, skills ✓, glasspane ✓
+# Future deployed-service acceptance, once implemented:
-service clawdie inventory # runtime manifest
+# service clawdie health    # daemon ✓, skills ✓, glasspane ✓
 # service clawdie inventory # runtime manifest
 colibri list-skills         # catalog intact
 # Tailscale mesh active, operator can SSH in
 ```
--- a/docs/POUDRIERE-BUILD-SERVER.md
+++ b/docs/POUDRIERE-BUILD-SERVER.md
@ -111,7 +111,7 @@ zfs create -o mountpoint=/usr/local/poudriere zroot/poudriere/root
 ```sh
 # Install FreeBSD 15 base + kernel to zroot
-# Set up /boot, /etc, clawdie service
+# Set up /boot, /etc, and the future deployed-system service hook
 # Configure network (DHCP, tailscale)
 ```
@ -236,10 +236,11 @@ All with proper pkg metadata, upgradeable, with dependencies tracked.
 ## Phase 5 — self-hosted clawdie
-Once the server builds itself:
+Once the deployed-system service implementation lands and the server builds
 itself:
 ```sh
-# The ml350p runs its own clawdie agent
+# The ml350p runs its own deployed-system clawdie service
 service clawdie enable
 service clawdie start
@ -247,6 +248,9 @@ service clawdie start
 # clawdie skills include "rebuild-colibri" and "poudriere-status"
 ```
 The current live USB does not stage `service clawdie`; it runs
 `colibri_daemon` directly.
 ## Phase 6 — bhyve test VMs
 ### 6.1 Enable bhyve kernel module
--- a/scripts/stage-clawdie-iso.sh
+++ b/scripts/stage-clawdie-iso.sh
@ -1,111 +0,0 @@
 #!/bin/sh
 # Stage the prebuilt `clawdie` FreeBSD binary + rc.d service into an image root.
 #
 # `clawdie` is the deployed-system service lane for installed disk/server hosts.
 # The live USB uses `colibri_daemon` directly; stage this binary only when the
 # image is validating the persistent `service clawdie` target. This script does
 # NOT build it — build or provide the artifact first, optionally with baked
 # credentials:
 #
 #   (cd /home/clawdie/ai/colibri && CLAWDIE_TG_TOKEN=... CLAWDIE_DEEPSEEK_KEY=... \
 #       cargo build --release -p clawdie)
 #
 # Usage:
 #   COLIBRI_REPO=/home/clawdie/ai/colibri scripts/stage-clawdie-iso.sh /path/to/image-root
 #   CLAWDIE_ARTIFACT_DIR=/path/to/release scripts/stage-clawdie-iso.sh /path/to/image-root
 set -eu
 if [ "${1:-}" = "" ]; then
    echo "usage: $0 DESTDIR" >&2
    exit 64
 fi
 DESTDIR=$1
 SCRIPT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd)
 REPO_ROOT=$(CDPATH= cd -- "${SCRIPT_DIR}/.." && pwd)
 COLIBRI_REPO=${COLIBRI_REPO:-"/home/clawdie/ai/colibri"}
 CLAWDIE_ARTIFACT_DIR=${CLAWDIE_ARTIFACT_DIR:-"${COLIBRI_REPO}/target/release"}
 CLAWDIE_STAGE_ENABLE=${CLAWDIE_STAGE_ENABLE:-YES}
 BIN_DIR="${DESTDIR}/usr/local/bin"
 RC_DIR="${DESTDIR}/usr/local/etc/rc.d"
 ETC_DIR="${DESTDIR}/usr/local/etc/clawdie"
 DB_DIR="${DESTDIR}/var/db/clawdie"
 RUN_DIR="${DESTDIR}/var/run/clawdie"
 LOG_DIR="${DESTDIR}/var/log/clawdie"
 RC_SOURCE="${COLIBRI_REPO}/packaging/freebsd/clawdie.in"
 require_file() {
    if [ ! -f "$1" ]; then
        echo "missing required clawdie artifact: $1" >&2
        exit 66
    fi
 }
 require_exec() {
    if [ ! -x "$1" ]; then
        echo "missing executable clawdie artifact: $1" >&2
        echo "hint: (cd ${COLIBRI_REPO} && cargo build --release -p clawdie)" >&2
        exit 66
    fi
 }
 require_file "${RC_SOURCE}"
 require_exec "${CLAWDIE_ARTIFACT_DIR}/clawdie"
 mkdir -p "${BIN_DIR}" "${RC_DIR}" "${ETC_DIR}" "${DB_DIR}" "${RUN_DIR}" "${LOG_DIR}"
 install -m 0555 "${CLAWDIE_ARTIFACT_DIR}/clawdie" "${BIN_DIR}/clawdie"
 install -m 0555 "${RC_SOURCE}" "${RC_DIR}/clawdie"
 cat > "${ETC_DIR}/rc.conf.sample" <<EOF
 # Clawdie deployed-system service defaults.
 # Merge into /etc/rc.conf or /etc/rc.conf.d/clawdie on disk/server targets.
 clawdie_enable="${CLAWDIE_STAGE_ENABLE}"
 clawdie_user="clawdie"
 clawdie_group="clawdie"
 clawdie_data_dir="/var/db/clawdie"
 clawdie_run_dir="/var/run/clawdie"
 clawdie_socket="/var/run/clawdie/clawdie.sock"
 clawdie_db_path="/var/db/clawdie/clawdie.sqlite"
 clawdie_logfile="/var/log/clawdie/clawdie.log"
 clawdie_host="\$(hostname)"
 clawdie_env_file="/usr/local/etc/clawdie/clawdie.env"
 EOF
 # Per-host credential override template (binary keeps its baked build-flag
 # defaults; this file is optional and only read if present + readable).
 if [ ! -f "${ETC_DIR}/clawdie.env" ]; then
    cat > "${ETC_DIR}/clawdie.env.sample" <<'EOF'
 # Optional per-host credential overrides for clawdie.
 # Copy to clawdie.env (chmod 0600) to override the baked build-flag values.
 # CLAWDIE_TG_TOKEN=123456:telegram-bot-token
 # CLAWDIE_DEEPSEEK_KEY=sk-deepseek-key
 EOF
 fi
 cat > "${ETC_DIR}/README.iso" <<'EOF'
 Clawdie deployed-system service staging notes
 =============================================
 The ISO build creates the clawdie user/group and enables the rc.d service
 according to build.cfg. On the live USB, Colibri is the lightweight control
 plane. On deployed disk/server hosts, `service clawdie` is the target operator
 service name and owns persistent host duties. Runtime validation:
  service clawdie start
  service clawdie status
  service clawdie health      # verifies the Colibri socket path
  service clawdie stop
 Lifted on purpose: cost modes, quotas, multi-provider fallback, per-user limits.
 EOF
 chmod 0750 "${DB_DIR}" "${RUN_DIR}" "${LOG_DIR}"
 cat <<EOF
 Staged clawdie into ${DESTDIR}
  artifact : ${CLAWDIE_ARTIFACT_DIR}/clawdie
  rc.d     : ${RC_SOURCE}
  enable   : ${CLAWDIE_STAGE_ENABLE}
 EOF
--- a/skills/iso-build/SKILL.md
+++ b/skills/iso-build/SKILL.md
@ -186,36 +186,13 @@ rm -rf /tmp/colibri-*
 `colibri-tui` is optional in the staging script, but desired for this operator
 USB target and should be verified with the other three binaries.
-### Deployed-system Clawdie service preflight
+### Deployed-system Clawdie service boundary
-`FEATURE_CLAWDIE` (default `NO`) stages the `clawdie` binary and rc.d service
+`service clawdie` is reserved for installed disk/server targets, but the current
-for installed disk/server targets. This is not the live-USB control plane; the
+operator USB does not stage a `clawdie` rc.d service or mini-binary. The live USB
-USB uses `colibri_daemon` directly. Enable this lane only when the build is
+uses `colibri_daemon` directly. Add deployed-system service packaging only after
-explicitly validating the deployed-system `service clawdie` target. The two
+the real persistent host service implementation is chosen; do not repurpose the
-credentials are normally baked at build time:
+old Colibri-side mini-binary as the final service by default.
 ```sh
 cd /home/clawdie/ai/colibri
 CLAWDIE_TG_TOKEN="<telegram-bot-token>" \
 CLAWDIE_DEEPSEEK_KEY="<deepseek-key>" \
  cargo build --release -p clawdie
 ls -lh target/release/clawdie
 file target/release/clawdie
 ```
 Leave the flags unset to ship a "bring your own key" binary configured via the
 rc.d env file (`/usr/local/etc/clawdie/clawdie.env`) at runtime. Same cleanup
 invariant as Colibri: do **not** `cargo clean` until the ISO build has consumed
 `/home/clawdie/ai/colibri/target/release/clawdie`. ISO-repo preflight:
 ```sh
 cd /home/clawdie/ai/clawdie-iso
 sh -n build.sh
 sh -n scripts/stage-clawdie-iso.sh
 ```
 See `/home/clawdie/ai/colibri/docs/CLAWDIE-BUILD.md` and `/home/clawdie/ai/colibri/docs/CLAWDIE-AGENT-WIKI.md`.
 ### Next build: carry the XFCE operator-USB fixes
--- a/skills/iso-validate-image/SKILL.md
+++ b/skills/iso-validate-image/SKILL.md
@ -54,8 +54,8 @@ Record each item as a named check in the manifest:
 - XFCE panel/session assets referenced by the live session are present.
 - Colibri binaries and `colibri_daemon` rc.d script are present and enabled for
  the live USB.
- `/usr/local/etc/rc.d/clawdie` is absent unless the build explicitly enabled
+- `/usr/local/etc/rc.d/clawdie` is absent on the baseline live USB; the Clawdie
-  the deployed-system `FEATURE_CLAWDIE` lane.
+  rc.d service name is reserved for installed/deployed systems.
 ## Suggested inspection commands