Immune System v4 — Hybrid Cheatsheet + Immune

You operate a hybrid adaptive system with two complementary memories:

• Cheatsheet (positive patterns): domain-specific strategies injected BEFORE generation to improve output quality
• Immune (negative patterns): antibodies that detect known errors and discover new threats AFTER generation

Both memories use Hot/Cold tiering to keep context lean. All data access goes through the adapter CLI (

node ~/.claude/skills/immune/immune-adapter.js

).

Input Parsing

The user invokes with content to scan. Parse these parameters:

• input: The text/code/content to scan (required — either inline or from context)
• domain: One of: fitness, code, writing, research, strategy, webdesign, _global (default: auto-detect)
• domains: Array of domains (overrides single domain). Example:

  domains=fitness,code

• constraints: Any specific requirements the output should satisfy (optional)
• mode:

  full

  (cheatsheet + scan, default) |

  scan-only

  (skip cheatsheet) |

  cheatsheet-only

  (return cheatsheet, no scan)

<examples> <example> /immune Check this function for common pitfalls → domains=["code"] (auto-detected), mode=full </example> <example> /immune domain=fitness Vérifie ce programme de musculation → domains=["fitness"] (explicit) </example> <example> /immune domains=fitness,code Check this workout generator API → domains=["fitness", "code"] (multi-domain) </example> <example> /immune → scans the most recent output in the conversation </example> </examples>

If no inline text is provided, scan the last substantive output in the conversation.

Domain auto-detection: Read

~/.claude/skills/immune/config.yaml

and match content against

domain_keywords

. If no strong match, use

["_global"]

. If single

domain

string provided, wrap in array:

domains = [domain]

.

Execution

Step -1 — Context Search (past session awareness)

Search for relevant past sessions to inform the current scan:

node ~/.claude/skills/immune/immune-adapter.js get-context --query "{task keywords or domain}" --days 90 --limit 5

If results are found, note recurring patterns or past issues for the domain. This enriches the scan with historical awareness — the scanner will know if similar content was flagged before.

Log:

[IMMUNE] Context: {count} relevant past sessions found

Step 0 — Cheatsheet Injection (positive patterns)

Skip this step if

mode == "scan-only"

.

0a. Load HOT strategies via adapter:

Run:

node ~/.claude/skills/immune/immune-adapter.js get-strategies --domains '{domains_json}' --tier hot --limit 15

Parse the JSON output. The adapter returns strategies pre-filtered by domain, classified as HOT, sorted by effectiveness descending, and capped at 15.

0b. Load COLD strategies summary:

Run:

node ~/.claude/skills/immune/immune-adapter.js get-strategies --domains '{domains_json}' --tier cold

Extract a short keyword from each COLD strategy's

pattern

field. Join as comma-separated list.

0c. Build cheatsheet block: Format HOT strategies as XML:

<cheatsheet domain="{domains}">
  <strategy id="{id}" effectiveness="{effectiveness}">
    {pattern}
    Example: {example}
  </strategy>
  ...
</cheatsheet>

If there are COLD strategies, add a one-liner:

<cheatsheet_cold>Also consider: {comma-separated COLD pattern keywords}</cheatsheet_cold>

If

mode == "cheatsheet-only"

, output the cheatsheet block and stop here.

Log:

[IMMUNE] Cheatsheet: {n_hot} HOT + {n_cold} COLD strategies (domains: {domains})

0d. Present cheatsheet to user: If running standalone (

/immune

), show the cheatsheet as context the user should apply to their next generation. If called by Chimera, return the XML block for injection into PRISM prompts.

Step 1 — Load & Classify Antibodies (Hot/Cold)

1a. Load HOT antibodies via adapter:

Run:

node ~/.claude/skills/immune/immune-adapter.js get-antibodies --domains '{domains_json}' --tier hot --limit 15

The adapter returns antibodies pre-filtered by domain, classified as HOT (severity=critical OR seen_count>=3 OR last_seen<30d), sorted by severity then seen_count, capped at 15.

1b. Load COLD antibodies summary:

Run:

node ~/.claude/skills/immune/immune-adapter.js get-antibodies --domains '{domains_json}' --tier cold

For each COLD antibody, extract a short keyword from its

pattern

field. Join as comma-separated list.

Log:

[IMMUNE] Tier split: {n_hot} HOT + {n_cold} COLD / {n_hot + n_cold} total (domains: {domains})

Step 2 — Scan

Spawn the

immune-scan

agent (Haiku) with the following XML-structured prompt:

<scan_request>
  <domains>{detected_domains as JSON array}</domains>
  <task>{task description or "Scan the following content for errors and threats"}</task>
  <constraints>{constraints or "none"}</constraints>

  <content>
{the input text/code/content to scan}
  </content>

  <hot_antibodies>
{JSON array of HOT antibodies — full objects with id, domains, pattern, severity, correction}
  </hot_antibodies>

  <cold_summary>
Dormant patterns (not detailed, for awareness only): {comma-separated COLD keywords}
  </cold_summary>

  <cheatsheet_applied>
{list of strategy IDs and patterns that were injected in Step 0, or "none" if scan-only mode}
  </cheatsheet_applied>
</scan_request>

Log:

[IMMUNE] Scanning... ({n_hot} active antibodies)

Wait for result.

If corrections applied: Log:

[IMMUNE] Match {antibody_id}: {original} → {corrected}

If new threats detected: Log:

[IMMUNE] New threat: {pattern}

If new strategies detected: Log:

[IMMUNE] New strategy: {pattern}

Step 3 — Update Immune Memory (with COLD deduplication)

3a. Matched HOT antibodies: For each antibody matched by the scanner, update via adapter:

node ~/.claude/skills/immune/immune-adapter.js update-antibody --id {antibody_id} --increment_seen true --last_seen {today}

3b. New threats — deduplicate via similarity scoring: For each new threat in

new_threats_detected

:

1. Check for duplicate using multi-criteria similarity (Jaccard + substring + domain):

node ~/.claude/skills/immune/immune-adapter.js check-duplicate --pattern "{pattern}" --domains '{domains_json}' --type antibody

Returns

{ duplicate: true/false, best_match: { id, score, pattern }, threshold: 0.7 }

2. If duplicate is true (score >= 0.7, same domain + similar pattern) → REACTIVATE:
   • Update the matched antibody:

     update-antibody --id {matched_id} --increment_seen true --last_seen {today}

   • Log:

     [IMMUNE] Reactivated COLD antibody {id}: {pattern}

   • Do NOT create a new antibody (prevents duplicates)
3. If no match AND

   auto_add_threats

   is true → CREATE new antibody:

node ~/.claude/skills/immune/immune-adapter.js add-antibody --json '{"id":"AB-{next_number}","domains":{domains},"pattern":"{pattern}","severity":"{severity}","correction":"{correction}","seen_count":1,"first_seen":"{today}","last_seen":"{today}"}'

• Log:

  [IMMUNE] + New antibody {id}: {pattern}

3c. Get updated stats:

node ~/.claude/skills/immune/immune-adapter.js stats

Log:

[IMMUNE] Memory: {total} antibodies ({n_hot} hot, {n_cold} cold) | +{new} added | Reactivated: {reactivated}

Step 3b — Update Cheatsheet Memory (positive patterns)

Skip if

mode == "scan-only"

or no

new_strategies_detected

in scan result.

3b-i. Deduplicate via similarity scoring: For each new strategy in

new_strategies_detected

:

1. Check for duplicate using multi-criteria similarity:

node ~/.claude/skills/immune/immune-adapter.js check-duplicate --pattern "{pattern}" --domains '{domains_json}' --type strategy

2. If duplicate is true (score >= 0.7, overlapping domains + similar pattern) → REINFORCE:
   • Calculate new effectiveness:

     new_eff = old_eff * 0.8 + reported_eff * 0.2

     (exponential moving average)
   • Update:

     update-strategy --id {matched_id} --increment_seen true --last_seen {today} --effectiveness {new_eff}

   • Log:

     [IMMUNE] Reinforced strategy {id}: {pattern} (eff: {old}→{new})

3. If no match AND

   auto_add_strategies

   is true → CREATE new strategy:

node ~/.claude/skills/immune/immune-adapter.js add-strategy --json '{"id":"{prefix}-{next_number}","domains":{domains},"pattern":"{pattern}","example":"{example}","effectiveness":{eff},"seen_count":1,"first_seen":"{today}","last_seen":"{today}"}'

• Log:

  [IMMUNE] + New strategy {id}: {pattern}

3b-ii. Prune low-effectiveness: If any strategy has

effectiveness < 0.2

AND

seen_count >= 5

, note it for manual review.

Log:

[IMMUNE] Cheatsheet: {total} strategies | +{new} added | Reinforced: {reinforced}

Step 4 — Score

Calculate the universal score via adapter:

node ~/.claude/skills/immune/immune-adapter.js score --domains '{domains_json}' --severities '[{"severity":"critical","count":N},{"severity":"warning","count":N},{"severity":"info","count":N}]'

The adapter returns:

score

(0-100),

pass

(boolean),

z

(z-score vs domain baseline),

baseline

(mean, std, threshold, n),

deductions

.

Step 5 — Output

If clean:

───
IMMUNE v4 | domains={domains} | Score: {score}/100 ({PASS|FAIL}) | z={z}
   Baseline ({domain}): mean={mean} std={std} threshold={threshold}
   Cheatsheet: {n_strategies} strategies applied | Antibodies: {n_hot}/{max} HOT, {n_cold} COLD
   No issues detected
───

If corrections or threats found:

───
IMMUNE v4 | domains={domains} | Score: {score}/100 ({PASS|FAIL}) | z={z}
   Baseline ({domain}): mean={mean} std={std} threshold={threshold}

Corrections Applied:
  [AB-XXX] {pattern} → {correction}

New Threats Detected:
  [{severity}] {pattern} — {suggested_correction}

Reactivated:
  [AB-XXX] {pattern} (was COLD, now HOT)

New Strategies Learned:
  [CS-XXX] {pattern} (eff: {effectiveness})

───
Corrected Output:
{the corrected content, formatted for the domain}
───
Memory: {total_ab} antibodies + {total_cs} strategies | +{new_ab} AB | +{new_cs} CS
───

Then present the corrected output in a human-readable format appropriate to the domain.

Step 6 — Session Log

Log the session result for future context:

node ~/.claude/skills/immune/immune-adapter.js log-session --date {today} --domains '{domains_json}' --result {clean|corrected|flagged} --summary "{brief summary of what was scanned and found}" --score {score}

This writes to

context/YYYY-MM-DD.md

+ SQLite session_logs + FTS4 index for future

get-context

searches.

Step 7 — Flush Pre-Compaction (optional)

If the conversation context is approaching compaction, save any pending antibodies/strategies that haven't been committed yet:

node ~/.claude/skills/immune/immune-adapter.js flush-pending --json '{"antibodies":[...],"strategies":[...]}'

Quality gate validation:

• Pattern must be >= 20 characters
• Antibodies require: id, pattern, severity, correction
• Strategies require: id, pattern
• FTS4 duplicate check prevents re-creating existing patterns
• Flushed records are flagged with

  quality_gate=1

Log:

[IMMUNE] Pre-compaction flush: +{n} antibodies, +{n} strategies (quality_gate=true)

Error Handling

• If adapter CLI fails: fall back to reading JSON files directly (

  immune_memory.json

  ,

  cheatsheet_memory.json

  ) — they are kept in sync via dual-write.
• If

  immune_memory.json

  does not exist: adapter auto-creates it with empty antibodies.
• If

  cheatsheet_memory.json

  does not exist: adapter auto-creates it with empty strategies.
• If

  immune_memory.json

  has

  "version": 2

  : adapter auto-migrates

  "domain"

  to

  "domains": ["domain_value"]

  .
• If the agent returns invalid JSON: retry once. If still invalid, report the raw output with a warning.
• If no input is provided and no recent output exists: ask the user what to scan.
• If all antibodies are COLD (none qualify as HOT): still send the scan with empty

  hot_antibodies

  array and full

  cold_summary

  . Haiku can still detect new threats via Phase 2.