# Complete Foundational Tickets: Repository Structure, Privacy Policy, and Safety Constraints
## Summary
This PR completes the foundational planning tickets (TICKET-002, TICKET-003, TICKET-004) by:
1. Defining the repository structure with detailed documentation
2. Establishing a comprehensive privacy policy
3. Documenting safety constraints and boundaries for work/family agent separation
## Related Tickets
- ✅ TICKET-002: Define repository structure
- ✅ TICKET-003: Privacy and safety constraints
- ✅ TICKET-004: High-level architecture
All tickets have been moved from `backlog/` to `review/` to mark completion.
## Changes
### 1. Enhanced ARCHITECTURE.md
**Repository Structure Section:**
- Added detailed descriptions for `home-voice-agent` mono-repo structure
- Documented `family-agent-config` configuration repository
- Added inline comments explaining each directory's purpose
- Added `infrastructure/` directory for deployment scripts, Dockerfiles, and IaC
- Clarified separation of concerns between mono-repo and config repo
**Documentation References:**
- Added links to new privacy policy and safety constraints documents in the "Getting Started" section
### 2. New Documentation: PRIVACY_POLICY.md
Establishes the core privacy principles for the Atlas project:
- **Local Processing**: All ASR/LLM processing done locally, no external data transmission
- **External API Exceptions**: Explicitly documents approved external APIs (currently only weather API)
- **Data Retention**: Configurable conversation history retention (default 30 days)
- **Data Access**: Local network only with authentication requirements
### 3. New Documentation: SAFETY_CONSTRAINTS.md
Defines safety boundaries and constraints:
- **Strict Separation**: Work and family agents must remain completely isolated
- **Forbidden Actions**: Family agent cannot access work files, execute shell commands, or install packages
- **Path Whitelists**: Tools restricted to explicitly whitelisted directories
- **Network Access**: Local network by default, external access only for approved tools
- **Confirmation Flows**: High-risk actions require user confirmation
- **Work Agent Constraints**: Work agent also restricted from accessing family data
## Impact
This PR establishes the foundational documentation that will guide all future development:
- **Privacy-first approach**: Clear policy ensures all development respects user privacy
- **Safety boundaries**: Explicit constraints prevent accidental data leakage between work/family contexts
- **Architecture clarity**: Detailed repository structure provides roadmap for implementation
## Testing
- [x] Documentation reviewed for clarity and completeness
- [x] All ticket requirements met
- [x] Cross-references between documents verified
## Next Steps
With foundational tickets complete, development can proceed on:
- Voice I/O track (wake-word, ASR, TTS)
- LLM Infrastructure track (model selection, server setup)
- Tools/MCP track (MCP foundation, tool implementations)
- Clients/UI track (Phone PWA, web dashboard)
- Safety/Memory track (boundary enforcement, memory implementation)
---
**Commit Message**: My to-do list is clear. I've finished the foundational tickets per the guide. I'm ready for what's next and will notify the user.
Reviewed-on: #1
ilia
f7dce46ac9