Atlas Chat
Conversation, context work, and Atlas-owned reporting automations.
- profile
- atlas
- service
- hermes-gateway-atlas
- model
- Codex · gpt-5.6-sol
- jobs
- 3 reporting / follow-up
- inbound
- Slack enabled
Atlas, AutomationBuilder, and protected context ingestion each own a separate Linux trust domain. Atlas can keep context naturally, while scheduled ingestion stays out of reach of normal users.
Profiles organize the work. Linux accounts enforce the boundary. The vault is collaborative, but each scheduler stays private.
Conversation, context work, and Atlas-owned reporting automations.
An independent automation owner for its own approved workflows.
A non-conversational scheduler for canonical context updates.
/srv/atlas-context-vault-omaze-deEvery workload home is private. None of the three service accounts has sudo or Docker-group access.
| Resource | Exacticlam / root | Atlas | AutomationBuilder | Protected ingestion |
|---|---|---|---|---|
| Atlas profile & jobs | Operator | Full | Denied | Denied |
| AutomationBuilder profile & jobs | Operator | Denied | Full | Denied |
| Protected ingestion profile & jobs | Operator | Denied | Denied | Full |
| Shared context vault | Operator | Read / write | Denied | Read / write |
| Inbound Slack conversations | N/A | Enabled | Enabled | Disabled |
| System administration / sudo | Full | None | None | None |
Atlas and AutomationBuilder stay independent. Protected ingestion contains only jobs that directly update canonical context.
Normal collaboration and scheduled ingestion both update context. Only one path owns protected automation machinery.
A user asks Atlas to remember, correct, or add approved context.
Direct-context jobs run without exposing their controls to normal users.
Each profile sits behind a separate 0700 home.
None of the three service accounts can elevate privileges.
Exacticlam operates through SSH and account-specific wrappers.
Atlas owns 3, AutomationBuilder 4, protected ingestion 5.