# 2026-03-07 — Daily Notes

## Morning: Calendar Fix + Safety Overhaul

### Calendar Tool — Permanent Fix
- gcalcli was broken (lost OAuth after March 4 config wipe, kept asking for re-auth)
- Built `tools/gcal.py` — custom Python calendar tool using Google service account directly
- No separate auth to break, uses the same SA that already works (harvey@sapient-magnet-421318.iam.gserviceaccount.com)
- Commands: `today`, `tomorrow`, `week`, `agenda --days N`, `add`, `delete`, `search`, `free`, `list-calendars`
- Calendar shortcuts: work, personal, schedule, launch27, all
- Tested and confirmed working — shows all calendars including kids' activities, Launch27 bookings, etc.
- gcalcli officially retired

### Config Wipe Audit
- Full audit of what the March 4 `openclaw configure` wipe killed
- **Survived:** Telegram, Slack, all cron jobs, Brave search, agent config
- **Lost:** tools section was reduced to web only, gcalcli auth broken
- **Already restored (March 5):** Gmail app password moved to secrets file
- Gmail IMAP: confirmed working (416 messages accessible)
- Slack: confirmed working (nmc_ai in No More Chores workspace)
- Calendar API: confirmed working (service account + delegation)

### Memory System Upgrade (Zach Babiarz template)
- Installed full memory stack: projects.md, smart HEARTBEAT.md, MEMORY.md upgrade, auto-curation cron
- PostgreSQL 17 + pgvector installed and running, 159 memories indexed
- Gemini API key saved for embeddings
- Added retry logic to flush script (rate limiting)
- Auto-curation cron: Wed + Sun at 5am, Sonnet rewrites MEMORY.md + projects.md
- Vector DB is "nice to have" layer on top of OpenClaw's built-in memory_search which already works

## Afternoon: Business Ideas Brainstorm

### Ideas Captured (in memory/business-ideas.md)
1. **AI Newsletter for Home Services** - Cody Sanchez playbook, Mike's angle = AI for the industry
2. **AI Consulting for Home Services** - FAST INCOME, Mike already sold consulting calls
3. **Human Skills Upgrade Platform** - interesting concept, parked (distraction)
4. **Reputation Management SaaS** - BirdEye/Podium competitor, simpler path to exit, parked

### Personal Brand = Step Zero
- Mike realized he needs online presence BEFORE consulting, newsletter, or any project can work
- mikeziarko.com is AVAILABLE
- Harvey tasked with researching stack + drafting site structure + positioning
- Requirements: near-zero manual work from Mike, AI-assisted content, automated where possible
- This is the hub/flywheel that connects all other projects

### Big Picture Insight
- Goal = "never worry about money again" = exit-level event from a startup
- Fast cash ideas (consulting) = runway builders, not the endgame
- Everything should feed the big thing
- Mike interested in building AND using his own products

### Multi-Window Discussion
- Mike runs multiple Telegram groups with Harvey (DM, Bender persona, NMC, personal)
- Each group = separate session, separate context window
- Shared memory files (MEMORY.md, daily notes) are the bridge between sessions
- Key lesson: write everything down immediately so all sessions have access
- OpenClaw session transcripts exist (1,451 files, 36MB) but each session can't see others in real time

### Safety System — New Guardrails

#### Exec Approvals (OpenClaw built-in)
- Created `~/.openclaw/exec-approvals.json`
- Mode: allowlist with ask-on-miss
- 45 safe binaries whitelisted (python, node, git, common Unix tools)
- Anything NOT on allowlist triggers approval request → forwarded to Mike's Telegram
- Mike can `/approve <id>` or `/deny <id>` from chat
- Fallback: deny (if Mike doesn't respond)

#### Approval Forwarding
- Added `approvals.exec` section to openclaw.json
- Mode: targets, sends to Mike's Telegram (8792051045)
- Agent filter: main only

#### Behavioral Guardrails (AGENTS.md)
- Added 3-tier system to AGENTS.md:
  - **Tier 1 (NEVER without approval):** emails as Mike, production deploys, financial, customer data, social media, system configs
  - **Tier 2 (confirm if unsure):** calendar events, openclaw.json, packages, cron jobs, Slack channels
  - **Tier 3 (free to do):** reading, workspace files, web searches, Telegram DMs to Mike, git, read-only commands

#### Config Protection
- `tools/config-guard.sh` — backup/restore/list/diff for openclaw.json
- `tools/openclaw-safe.sh` — shell wrapper that auto-backs up before `openclaw configure`
- Added to Mike's `.zshrc` (with his permission)
- Backups stored in `~/.openclaw/config-backups/`
- First backup taken: `openclaw-20260307-074706.json`