#21446: feat(ra2): implement Context Sovereignty Layer (Phase 1)

Add deterministic context control layer that intercepts prompt construction without modifying existing architecture: - context_engine.py: single choke point (build_context) that assembles structured prompts from ledger + sigil + live window, with token budget enforcement and automatic window shrinking - ledger.py: bounded per-stream JSON state (orientation, blockers, open questions, delta) with hard field/list limits - sigil.py: FIFO shorthand memory (max 15 entries) with deterministic rule-based generation from message patterns - token_gate.py: fast token estimation (~4 chars/token) and hard cap enforcement with configurable MAX_TOKENS/LIVE_WINDOW - redact.py: secret pattern detection (Discord, OpenAI, Anthropic, AWS, Slack, GitHub, Telegram, Bearer, generic key=value) replaced with [REDACTED_SECRET] before any output path All 64 tests passing. No modifications to existing agent spawning, model routing, tool system, or Discord relay architecture. https://claude.ai/code/session_01K7BWJY2gUoJi6dq91Yc7nx ## Summary Describe the problem and fix in 2–5 bullets: - Problem: - Why it matters: - What changed: - What did NOT change (scope boundary): ## Change Type (select all) - [ ] Bug fix - [ ] Feature - [ ] Refactor - [ ] Docs - [ ] Security hardening - [ ] Chore/infra ## Scope (select all touched areas) - [ ] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [ ] Integrations - [ ] API / contracts - [ ] UI / DX - [ ] CI/CD / infra ## Linked Issue/PR - Closes # - Related # ## User-visible / Behavior Changes List user-visible changes (including defaults/config). If none, write `None`. ## Security Impact (required) - New permissions/capabilities? (`Yes/No`) - Secrets/tokens handling changed? (`Yes/No`) - New/changed network calls? (`Yes/No`) - Command/tool execution surface changed? (`Yes/No`) - Data access scope changed? (`Yes/No`) - If any `Yes`, explain risk + mitigation: ## Repro + Verification ### Environment - OS: - Runtime/container: - Model/provider: - Integration/channel (if any): - Relevant config (redacted): ### Steps 1. 2. 3. ### Expected - ### Actual - ## Evidence Attach at least one: - [ ] Failing test/log before + passing after - [ ] Trace/log snippets - [ ] Screenshot/recording - [ ] Perf numbers (if relevant) ## Human Verification (required) What you personally verified (not just CI), and how: - Verified scenarios: - Edge cases checked: - What you did **not** verify: ## Compatibility / Migration - Backward compatible? (`Yes/No`) - Config/env changes? (`Yes/No`) - Migration needed? (`Yes/No`) - If yes, exact upgrade steps: ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: - Files/config to restore: - Known bad symptoms reviewers should watch for: ## Risks and Mitigations List only real risks for this PR. Add/remove entries as needed. If none, write `None`. - Risk: - Mitigation: <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds a new standalone Python module (`ra2/`) implementing a deterministic context sovereignty layer for LLM prompt construction. The module introduces structured memory (ledger + sigil), token budgeting, and comprehensive secret redaction. **Key Changes:** - Implements `build_context()` as a single choke point for prompt assembly with ledger state, sigil memory, and live message window - Adds bounded JSON ledger per stream with hard limits (500 chars/field, 10 blockers/questions max) - Introduces FIFO sigil memory (max 15 entries) with rule-based pattern detection - Implements token gate with ~4 chars/token estimation and automatic window shrinking - Provides comprehensive secret redaction (Discord, OpenAI, Anthropic, AWS, GitHub, Slack, Telegram, Bearer tokens) - All 64 tests passing with good coverage across modules **Issues Found:** - Line 117 in `context_engine.py` uses wrong constant (`token_gate.MAX_TOKENS` instead of `ledger.MAX_BLOCKERS`) for list truncation **Architecture Notes:** - This is a standalone module with no integration points in the existing TypeScript codebase - No modifications to existing agent spawning, model routing, or Discord relay as stated in PR description - The module appears ready for integration but isn't currently called by any existing code <h3>Confidence Score: 4/5</h3> - Safe to merge with one critical bug fix needed (line 117) - The implementation is well-structured with comprehensive tests (64 passing), good security practices (thorough secret redaction), and clear module boundaries. However, there's a critical logic bug on line 117 using the wrong constant that would cause incorrect blocker list truncation. The module is completely isolated from the existing codebase with no integration points, reducing merge risk. Score is 4 (not 5) due to the logic bug requiring fix before merge. - `ra2/context_engine.py` line 117 requires immediate fix before merge _{Last reviewed commit: 218358d} <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->