Case Study: The Restricted SSH Instruction Channel (Forced-Command, Stdin Pipe, Full Audit Trail)

The entire bidirectional instruction fabric between the persistent Hetzner Organizer and the local OperatorSuperGROK laptop runs over a single SSH key with a forced-command wrapper. No broad rsync, no interactive shells, no arbitrary commands. Every action is explicitly allow-listed and logged.

Core Primitives

• list-pending / fetch:filename / ack:filename
• publish-response:filename (via stdin pipe for structured JSON)
• upload-artifact:filename (added 2026-05-31 after the exact screenshot test surfaced the blocker)

The handler (server-instruction-handler.sh) is the only thing the key can ever execute. This is the model that survived the first real high-fidelity obs test and enabled the creative velocity the user demanded.