## 🆕 NEW AUDIT AVAILABLE — 2026-04-16 (session externe Yacine)

**Fichier**: `/opt/weval-l99/audits/AUDIT-LINKEDIN-ARCHI-2026-04-16.md` (288 lignes, 18080 octets)
**MD5**: 3f95fda7daa28fd6e607f54b1789b8e8
**Sujet**: Audit dalignement pitch LinkedIn vs architecture réelle + plan dexécution agentique 3 vagues

**Score alignement actuel**: 4.8/10
**3 gaps P0 à fixer AVANT tout nouveau post**:
1. Rotate tokens (GitHub PAT, HuggingFace, Claude API) — expirés
2. Reboot services DOWN (WEVIA Brain, Blade Sentinel, Plausible, n8n)
3. Cleanup disk S95 (84% → <70%)

**Note calibration cascade LLM**: laudit mentionne 12 providers — ajuster à 15 modèles réels (T1-T8 Cloud gratuit + T9-T12 Ollama + T13-T15 Claude sans crédits) par cohérence avec CONTINUITY-PROMPT.

**Agents ciblés**: analyst, architect, designer, document-specialist, executor
**APIs ciblées**: wevia-action-engine.php (file_write, kb_add, deploy, channel_push, cron_register, git_push)
**Règle transverse**: GOLD backup → mockup → validation Yacine → modification → git push → triple verify 0 dirty

**Next action**: lire le fichier audit en entier puis exécuter Vague 1 après rotation tokens.

---


# WEVIA MASTER AI — PROMPT DE CONTINUITÉ
# Date: 5 Avril 2026 | Session: 30h+ méga-session
# À utiliser pour reprendre exactement où on s'est arrêté

## ÉTAT ACTUEL

### Architecture
- **S204** (204.168.152.13, 10.1.0.2) = PRIMARY. SSH root:49222. Disk 78%. 24 Docker. Ollama 6 models 17GB port 11435. Qdrant port 6333. 31 crons.
- **S95** (95.216.167.89, 10.1.0.3) = WEVADS Arsenal. Sentinel port 5890. PostgreSQL 5432 admin/admin123. MTA Guardian */5.
- **S151** (151.80.235.110) = DR/tracking. SSH ubuntu/MX8D3zSAty7k3243242. Disk 48%.
- **Blade** = Laptop Razer Casablanca. OFFLINE. Auto-detect cron */2 (clean+scan+chrome+renew on connect).
- **S88 = DEAD. NEVER target.**

### WEVIA Master Engine
- `wevia-autonomous.php` 529L — engine principal, intents auto-détectés
- `weval-ia-fast.php` 2618L — 256+ routes
- 51+ APIs WEVIA dans /var/www/html/api/wevia-*.php
- Cascade 15 modèles: T1-T8 Cloud gratuit (Cerebras/Groq/Kimi/SambaNova/Together/Mistral/OpenRouter/Alibaba), T9-T12 Ollama local, T13-T15 Claude (sans crédits)
- Smart Router: T0 local → T1 free → T2 fallback
- SSE streaming, vision Groq

### Scripts Autonomes (15)
- `/opt/weval-l99/wevia-pilot.sh` — Self-pilot 13 auto-tâches cron */10
- `/opt/weval-l99/wevia-blade-ctl.sh` — Blade detect+clean+scan+chrome+renew cron */2
- `/opt/weval-l99/wevia-blade-health.sh` — Blade CPU/RAM/disk/security
- `/opt/weval-l99/wevia-blade-admin.sh` — Blade full admin PowerShell
- `/opt/weval-l99/wevia-nonreg-agent.php` — NonReg 13 tests cron */15
- `/opt/weval-l99/wevia-ux-agent.py` — UX audit 28 checks × 3 viewports cron */30
- `/opt/weval-l99/wevia-cyber.py` — Cyber basic (recon/portscan/vuln/subdomains/osint/dork/scrape/waf)
- `/opt/weval-l99/wevia-cyber-adv.py` — Cyber avancé (dns_enum/ssl_audit/header_score/wayback/cors/sqli/xss/hash/exploit/breach/reverse_ip/deep_recon)
- `/opt/weval-l99/wevia-stealth.py` — Stealth browser (CF bypass/anti-bot/captcha/login)
- `/opt/weval-l99/wevia-webwide.py` — Web-wide (YouTube/TikTok/LinkedIn/DarkWeb/Reddit/Instagram)
- `/opt/weval-l99/wevia-auto-renew.py` — Token renewal Playwright
- `/opt/weval-l99/wevia-blade-renew.py` — Token renewal via Blade Chrome CDP
- `/opt/weval-l99/rnd-pipeline.php` — R&D GitHub trending → Qdrant cron */6h
- `/opt/wevia-brain/proactive-monitor.sh` — Proactive S204+Blade cron */5
- `/opt/weval-l99/l99-master.py` — L99 visual tests cron */30

### APIs Clés
- `/api/wevia-actions.php` — Action tracker (auto-check tokens, 8 checks)
- `/api/wevia-arsenal.php` — Arsenal bridge (personas/CVC/APIs/Graph/CF/factory/contacts)
- `/api/wevia-renew.php` — Renew capabilities (SSL/disk/tokens)
- `/api/wevia-pilot-status.json` — Self-pilot status live
- `/api/wevia-blade-status.json` — Blade status live
- `/api/wevia-nonreg-results.json` — NonReg résultats
- `/api/wevia-ux-audit.json` — UX audit résultats
- `/api/l99-results.json` — L99 scores

### UX
- `wevia-ux-v3.js` 19.8KB — Sidebar 98 items + 8 cards + premium design
- `wevia-claude.js` 13.3KB — Context bar + slash 12 commands + file artifacts + action badge
- Font: Inter + JetBrains Mono
- Artifacts: syntax coloring + HTML preview + file download cards

### Crons Actifs (31)
```
*/2   Blade detect+clean+scan+chrome+renew (wevia-blade-ctl.sh)
*/2   blade-poll-gguf.sh
*/3   weval-watchdog
*/5   proactive-monitor.sh (S204+Blade+tokens)
*/10  wevia-pilot.sh (git+docker+nginx+ssl+db+disk+swap+logs+learn+dataset+CF)
*/15  wevia-nonreg-agent.php (13 tests + auto-fix)
*/30  l99-master.py + wevia-ux-agent.py + architecture-scanner/autonomous + dream
*/6h  rnd-pipeline.php + security-sync
Daily ethica scrapers
```

### Scores
- L99 Mega Test: 44/45 (97.8%)
- NonReg: 153/153 (100%)
- UX Agent: 139/140
- Architecture: 100/100
- Services: 20/20
- Domaines: 6/6
- MTA: 5/5
- SSL: Renouvelé → Apr 5 2027

### Arsenal DB (S95 PostgreSQL)
Tables: personas, account_factory_queue, api_credentials, graph_accounts, graph_mail_accounts, cloudflare_accounts, hetzner_accounts, contacts (6.65M)
API: /api/wevia-arsenal.php (modes: status/personas/persona_create/api_keys/graph/cloudflare/factory/contacts)

## CE QUI RESTE

### Bloqué par Blade OFFLINE (auto dès boot):
- WhatsApp token renewal (Chrome CDP → Meta Business)
- HuggingFace token renewal (Chrome CDP → HF settings)
- O365 password rotation (Chrome CDP → admin.microsoft.com)
- Blade MAC address (pour WOL futur)

### Bloqué par Yacine (auth web/paiement):
- Claude API crédits: console.anthropic.com → Billing → recharger
- GitHub PAT: expires 15 avril — github.com/settings/tokens

### Business (Yacine seul):
- Vistex lead protection: addendum reciprocal pending
- Huawei Cloud billing: comptes gelés, deadline formelle

## RÈGLES ABSOLUES
1. NEVER touch weval-translate.js (90KB SACRED)
2. NEVER kill MTAs (PMTA/KumoMTA/Postfix)
3. NEVER expose WEVIA KB on public site
4. NEVER mention Ollama/Groq/Cerebras publiquement → "WEVIA Engine"
5. Anti-fragmentation: ENRICH existing, NEVER create _v2/_new
6. GOLD backup before ANY multi-file change
7. 2-Strikes rule: if method fails 2x → STOP, change approach
8. Yacine validation before create/overwrite
9. chattr+i files: unlock → patch → re-lock within Guardian 5min window
10. Zero regression: test BEFORE and AFTER every modification

## EXECUTION PATHS
1. CX: POST weval-consulting.com/api/cx k=WEVADS2026&c=base64 (www-data, ~25s timeout)
2. Sentinel: curl 10.1.0.3:5890/api/sentinel-brain.php action=exec&cmd=CMD
3. Root S204: Sentinel → sudo ssh -p 49222 -i /root/.ssh/wevads_key root@10.1.0.2

## COST: 0€ (15 providers gratuits)