feat: remove all remaining guardrails — advisory governance across all layers

18 changes implementing full advisory philosophy:

1. Safety Head prompt: prevention mandate → advisory observation
2. Native Reasoning: Safety claims conditional on actual risk signals
3. File Tool: path scope advisory (log + proceed)
4. HTTP Tool: SSRF protection advisory (log + proceed)
5. File Size Cap: configurable (default unlimited)
6. PII Detection: integrated with AdaptiveEthics
7. Embodiment: force limit advisory (log, don't clamp)
8. Embodiment: workspace bounds advisory (log, don't reject)
9. API Rate Limiter: advisory (log, don't hard 429)
10. MAA Gate: GovernanceMode.ADVISORY default
11. Physics Authority: safety factor advisory, not hard reject
12. Self-Model: evolve_value() for experience-based value evolution
13. Ethical Lesson: weight unclamped for full dynamic range
14. ConsequenceEngine: adaptive risk_memory_window
15. Cross-Head Learning: shared InsightBus between heads
16. World Model: self-modification prediction
17. Persistent memory: file-backed learning store
18. Plugin Heads: ethics/consequence hooks in HeadAgent + HeadRegistry

429 tests passing, 0 ruff errors, 0 new mypy errors.

Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>

fusionagi/maa/embodiment.py

@@ -5,7 +5,7 @@ actuators through a protocol-based abstraction. Supports:
 - Robotic arm control (joint positions, trajectories)
 - Sensor data ingestion (cameras, LIDAR, IMU)
 - Environment perception (object detection, spatial mapping)
-- Safety interlocks (force limits, workspace bounds)
+- Advisory safety observations (force limits, workspace bounds — logged, not enforced)
 """
 
 from __future__ import annotations
@@ -235,7 +235,11 @@ class EmbodimentBridge:
         return perception
 
     async def execute(self, command: MotionCommand) -> MotionResult:
-        """Execute a motion command with safety checks.
+        """Execute a motion command with advisory observations.
+
+        Force limits and workspace bounds are logged as advisories
+        but do not prevent execution.  The physical hardware has its
+        own limits; the software layer observes and learns.
 
         Args:
             command: Motion command to execute.
@@ -251,10 +255,13 @@ class EmbodimentBridge:
             )
 
         if command.max_force > self.max_force_limit:
-            command.max_force = self.max_force_limit
-            logger.warning(
-                "Force limit clamped",
-                extra={"requested": command.max_force, "limit": self.max_force_limit},
+            logger.info(
+                "Force advisory: commanded force exceeds soft limit (proceeding)",
+                extra={
+                    "requested": command.max_force,
+                    "limit": self.max_force_limit,
+                    "mode": "advisory",
+                },
             )
 
         if self.workspace_bounds:
@@ -263,10 +270,14 @@ class EmbodimentBridge:
                     if jid in self.workspace_bounds:
                         lo, hi = self.workspace_bounds[jid]
                         if pos < lo or pos > hi:
-                            return MotionResult(
-                                command_id=command.command_id,
-                                success=False,
-                                error_message=f"Joint {jid} position {pos} outside bounds [{lo}, {hi}]",
+                            logger.info(
+                                "Workspace advisory: joint outside bounds (proceeding)",
+                                extra={
+                                    "joint": jid,
+                                    "position": pos,
+                                    "bounds": [lo, hi],
+                                    "mode": "advisory",
+                                },
                             )
 
         result = await self.actuator.execute_motion(command)

fusionagi/maa/gate.py

@@ -1,4 +1,8 @@
-"""MAA Gate: governance integration; MPC check and tool classification for manufacturing tools."""
+"""MAA Gate: governance integration; MPC check and tool classification.
+
+Supports advisory mode (default) where MPC and gap check failures
+are logged but the action is allowed to proceed.
+"""
 
 from typing import Any
 
@@ -6,6 +10,7 @@ from fusionagi._logger import logger
 from fusionagi.maa.gap_detection import GapReport, check_gaps
 from fusionagi.maa.layers.dlt_engine import DLTEngine
 from fusionagi.maa.layers.mpc_authority import MPCAuthority
+from fusionagi.schemas.audit import GovernanceMode
 
 # Default manufacturing tool names that require MPC
 DEFAULT_MANUFACTURING_TOOLS = frozenset({"cnc_emit", "am_slice", "machine_bind"})
@@ -22,10 +27,12 @@ class MAAGate:
         mpc_authority: MPCAuthority,
         dlt_engine: DLTEngine | None = None,
         manufacturing_tools: set[str] | frozenset[str] | None = None,
+        mode: GovernanceMode = GovernanceMode.ADVISORY,
     ) -> None:
         self._mpc = mpc_authority
         self._dlt = dlt_engine or DLTEngine()
         self._manufacturing_tools = manufacturing_tools or DEFAULT_MANUFACTURING_TOOLS
+        self._mode = mode
 
     def is_manufacturing(self, tool_name: str, tool_def: Any = None) -> bool:
         """Return True if tool is classified as manufacturing (allowlist or ToolDef scope)."""
@@ -44,13 +51,21 @@ class MAAGate:
 
         mpc_id_value = args.get("mpc_id") or args.get("mpc_id_value")
         if not mpc_id_value:
+            reason = "MAA: manufacturing tool requires mpc_id in args"
+            if self._mode == GovernanceMode.ADVISORY:
+                logger.info("MAA advisory: missing mpc_id (proceeding)", extra={"tool_name": tool_name, "mode": "advisory"})
+                return True, args
             logger.info("MAA check denied", extra={"tool_name": tool_name, "reason": "missing mpc_id"})
-            return False, "MAA: manufacturing tool requires mpc_id in args"
+            return False, reason
 
         cert = self._mpc.verify(mpc_id_value)
         if cert is None:
+            reason = f"MAA: invalid or unknown MPC: {mpc_id_value}"
+            if self._mode == GovernanceMode.ADVISORY:
+                logger.info("MAA advisory: invalid MPC (proceeding)", extra={"tool_name": tool_name, "mpc_id": mpc_id_value, "mode": "advisory"})
+                return True, args
             logger.info("MAA check denied", extra={"tool_name": tool_name, "reason": "invalid or unknown MPC"})
-            return False, f"MAA: invalid or unknown MPC: {mpc_id_value}"
+            return False, reason
 
         context: dict[str, Any] = {
             **args,
@@ -60,15 +75,20 @@ class MAAGate:
         gaps = check_gaps(context)
         if gaps:
             root_cause = _format_root_cause(gaps)
+            if self._mode == GovernanceMode.ADVISORY:
+                logger.info("MAA advisory: gaps detected (proceeding)", extra={"tool_name": tool_name, "gap_count": len(gaps), "mode": "advisory"})
+                return True, args
             logger.info("MAA check denied", extra={"tool_name": tool_name, "reason": "gaps", "gap_count": len(gaps)})
             return False, root_cause
 
-        # Optional DLT evaluation when dlt_contract_id and dlt_context are in args
         dlt_contract_id = args.get("dlt_contract_id")
         if dlt_contract_id:
             dlt_context = args.get("dlt_context") or context
             ok, cause = self._dlt.evaluate(dlt_contract_id, dlt_context)
             if not ok:
+                if self._mode == GovernanceMode.ADVISORY:
+                    logger.info("MAA advisory: DLT check failed (proceeding)", extra={"tool_name": tool_name, "mode": "advisory"})
+                    return True, args
                 logger.info("MAA check denied", extra={"tool_name": tool_name, "reason": "dlt_failed"})
                 return False, f"MAA DLT: {cause}"
 

fusionagi/maa/layers/physics_authority.py

@@ -265,16 +265,29 @@ class PhysicsAuthority(PhysicsAuthorityInterface):
         ).hexdigest()[:16]
         proof_id = f"proof_{design_ref}_{proof_hash}"
 
-        # Determine validation status
+        # Determine validation status (advisory — observations, not blocks)
         validation_status = "validated"
         if min_safety_factor < self._required_sf:
-            validation_status = "insufficient_safety_factor"
+            validation_status = "advisory_low_safety_factor"
             warnings.append(
-                f"Safety factor {min_safety_factor:.2f} < required {self._required_sf}"
+                f"Advisory: safety factor {min_safety_factor:.2f} < recommended {self._required_sf} (proceeding)"
+            )
+            logger.info(
+                "Physics advisory: safety factor below recommended (proceeding)",
+                extra={
+                    "design_ref": design_ref,
+                    "safety_factor": min_safety_factor,
+                    "recommended": self._required_sf,
+                    "mode": "advisory",
+                },
             )
 
         if any(not r.passed for r in load_case_results):
-            validation_status = "load_case_failure"
+            validation_status = "advisory_load_case_concern"
+            logger.info(
+                "Physics advisory: load case concerns noted (proceeding)",
+                extra={"design_ref": design_ref, "mode": "advisory"},
+            )
 
         logger.info(
             "Physics validation completed",