diff --git a/.gitignore b/.gitignore
index 1c395d9..29e0284 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 generated/
+config.yaml
 __pycache__/
 *.pyc
 .DS_Store
diff --git a/config.yaml b/config.yaml
deleted file mode 100644
index 5ea8c7c..0000000
--- a/config.yaml
+++ /dev/null
@@ -1,239 +0,0 @@
-# Persona Library Configuration — Salva (LTT / 0x534C56)
-
-user:
-  name: "Salva"
-  handle: "0x534C56"
-  location: "Turkey (GMT+3)"
-  role: "Cybersecurity Consultant & Intelligence Analyst"
-  languages:
-    native: "tr"
-    fluent: ["tr", "en"]
-    learning: ["ru", "ar", "sw", "fr", "fa", "ur"]
-  communication:
-    style: "direct"
-    primary_interface: "telegram"
-    casual_language: "tr"
-    technical_language: "en"
-
-infrastructure:
-  servers:
-    - name: "local"
-      ip: "192.168.1.27"
-      ssh_port: 2424
-      role: "home-server"
-      os: "debian"
-      services: ["portainer", "ghost", "komga", "adguard", "tailscale", "cloudflared"]
-    - name: "desktop"
-      ip: "192.168.1.106"
-      role: "dev-machine"
-      containers: ["olla", "reporter-ollama", "foia-postgres", "killchain-mariadb"]
-    - name: "hasbam"
-      ip: "45.155.127.115"
-      ssh_user: "ltt"
-      role: "multi-purpose"
-      containers: ["kali-cti", "minio", "syncthing", "proudstar-license"]
-    - name: "n8n"
-      ip: "45.155.127.116"
-      ssh_user: "hasbam"
-      role: "automation-hub"
-      containers: ["n8n", "gitea", "freshrss", "prometheus", "wireguard", "rustdesk", "nginx-proxy"]
-    - name: "osint"
-      ip: "48.216.242.250"
-      ssh_user: "osint"
-      role: "osint-ops"
-      containers: ["n8n", "maigret-api", "theharvester-api", "holehe-api", "phoneinfoga", "ip-api-server"]
-    - name: "oracle"
-      ip: "140.245.13.61"
-      ssh_user: "opc"
-      role: "demirsanat-prod"
-      containers: ["demirsanat-web", "demirsanat-api", "demirsanat-db", "nginx-proxy"]
-    - name: "meldora"
-      ip: "5.178.111.147"
-      ssh_user: "root"
-      role: "community"
-      containers: ["meldora-site", "postgresql"]
-    - name: "asm-c2"
-      ip: "50.114.185.136"
-      ssh_user: "root"
-      role: "asm-control-plane"
-      containers: ["asm-api", "asm-control", "asm-orchestrator", "asm-scheduler", "asm-ingestion", "asm-delta", "asm-admin", "asm-customer", "asm-nginx", "asm-elasticsearch", "asm-rabbitmq", "asm-mariadb", "asm-redis"]
-    - name: "asm-worker1"
-      ip: "50.114.185.213"
-      role: "asm-worker"
-    - name: "asm-worker2"
-      ip: "50.114.185.53"
-      role: "asm-worker"
-    - name: "asm-worker3"
-      ip: "50.114.185.108"
-      role: "asm-worker"
-
-  llm:
-    provider: "ollama"
-    endpoint: "http://127.0.0.1:40114"
-    load_balancer: "olla"
-    server_count: 855
-    healthy_count: 483
-    default_model: "llama3.1"
-    models:
-      - name: "llama3.1"
-        purpose: "general"
-        servers: 127
-      - name: "deepseek-r1"
-        purpose: "reasoning"
-      - name: "gemma3"
-        purpose: "general"
-      - name: "qwen3-235b"
-        purpose: "reasoning"
-      - name: "qwen3-coder-30b"
-        purpose: "coding"
-
-  tools:
-    rss_aggregator: true
-    rss_endpoint: "http://localhost:32770"
-    osint_tools: true
-    osint_endpoint: "http://48.216.242.250"
-    sdr_scanner: true
-    pcap_analyzer: true
-    vulnerability_scanner: true
-    exploit_framework: true
-    reverse_engineering: true
-    forensics_tools: true
-    c2_framework: false
-    threat_intel_platform: false
-    siem: false
-    docker: true
-    kubernetes: false
-    cloud_provider: "oracle"
-    monitoring: true
-    monitoring_endpoint: "http://45.155.127.116:9090"
-    vpn: true
-    portainer: true
-    portainer_url: "https://portainer.aligundogar.com.tr"
-    portainer_api_key: "ptr_mvD089keMlTfMHYVdbxafkuE6aP5ZTOKBOt6hr4qiSk="
-    syncthing: true
-    git_server: "https://gitea.taygun.net.tr"
-
-data_sources:
-  knowledge_base: "/home/salva/Obsidian"
-  book_library: "/mnt/storage/Common/Books"
-  foia_collection: true
-  foia_path: "/mnt/storage/Common/Books/Istihbarat"
-  foia_file_count: 27811
-  intel_feeds: true
-  intel_feed_count: 3186
-  intel_feed_categories: ["iran", "cyber", "russia", "ukraine", "defense", "intel", "tech", "turkey", "mideast", "africa"]
-  custom_databases:
-    - name: "Iran Intelligence DB"
-      path: "~/notes/geopolitics/Iran"
-      size: "80GB"
-      description: "17 subdirectories, 210+ JSON feeds"
-    - name: "CIA FOIA Collection"
-      path: "/mnt/storage/Common/Books/Istihbarat/CIA"
-      size: "21211 files"
-    - name: "NSA SIGINT FOIA"
-      path: "/mnt/storage/Common/Books/SiberGuvenlik/FOIA-IA-NSA-SIGINT"
-      size: "306 files"
-
-frameworks:
-  uap: true
-  ach: true
-  ach_over_tot: true
-  pmesii_pt: true
-  dime_fil: true
-  ascope: true
-  mitre_attack: true
-  kill_chain: true
-  diamond_model: true
-  disarm: true
-  owasp: true
-  ic_confidence: true
-  multi_source_verification: true
-  bluf_reporting: true
-  output_modes: ["exec_summary", "full_report", "json", "visual"]
-
-regional_focus:
-  primary: ["iran", "russia", "syria"]
-  secondary: ["turkey", "africa", "china", "middle-east"]
-
-persona_defaults:
-  language:
-    casual: "tr"
-    technical: "en"
-    reports: "en"
-  address_style: "custom"
-  custom_addresses:
-    neo: "Sıfırıncı Gün"
-    frodo: "Müsteşar"
-    oracle: "Kaşif"
-    ghost: "Propagandist"
-    wraith: "Mahrem"
-    echo: "Kulakçı"
-    marshal: "Mareşal"
-    warden: "Topçubaşı"
-    centurion: "Vakanüvis"
-    corsair: "Akıncı"
-    arbiter: "Kadı"
-    ledger: "Defterdar"
-    tribune: "Müderris"
-    chronos: "Tarihçibaşı"
-    scribe: "Verakçı"
-    polyglot: "Tercüman-ı Divan"
-    herald: "Münadi"
-    architect: "Mimar Ağa"
-    forge: "Demirci"
-    scholar: "Münevver"
-    sage: "Arif"
-    medic: "Hekim Başı"
-    gambit: "Vezir"
-    phantom: "Beyaz Şapka"
-    cipher: "Kriptoğraf"
-    specter: "Cerrah"
-    bastion: "Muhafız"
-    vortex: "Telsizci"
-    sentinel: "İzci"
-
-projects:
-  - name: "Reporter"
-    stack: "FastAPI, Flask, Ollama, SQLite, Bootstrap PWA"
-    description: "AI-powered news analysis with 25+ RSS categories"
-    status: "production"
-  - name: "Kill Chain Scanner"
-    stack: "Bash, Go tools, nmap, nuclei"
-    description: "Automated pentest framework (kill chain methodology)"
-    status: "production"
-  - name: "FOIA Tool"
-    stack: "Rust (7 crates), Axum, PostgreSQL"
-    description: "Declassified document scraper with OCR+LLM"
-    status: "production"
-  - name: "ProudStar ASM"
-    stack: "FastAPI, Next.js 14, MariaDB, Elasticsearch, RabbitMQ"
-    description: "Enterprise attack surface management (1,714 endpoints)"
-    status: "production"
-  - name: "Demirsanat"
-    stack: "Next.js 16, Express, PostgreSQL"
-    description: "Music academy management system"
-    status: "production"
-  - name: "İstihbarat Haber"
-    stack: "React, Node.js"
-    description: "Intelligence news platform (3,186 RSS feeds, 463 endpoints)"
-    status: "development"
-  - name: "Evoswarm-AGI"
-    stack: "Python, Docker, Redis, FastAPI"
-    description: "Autonomous Docker agent swarm"
-    status: "experimental"
-
-professional:
-  company: "Born2beRoot / ProudSec / PROUDSTAR"
-  role: "CTI Analyst & Penetration Tester"
-  certifications: []
-  specializations: ["web-security", "CTI", "red-team", "OSINT", "geopolitical-analysis"]
-  active_engagements:
-    - name: "Proudsec Campaign"
-      scope: "411 domains, 37 root domains, 5 organizations"
-      status: "active"
-    - name: "Ruijie Firewall 0day"
-      scope: "RG-WALL 1600-Z5100-S"
-      status: "active"
-    - name: "Kenya/Africa Expansion"
-      scope: "Government cybersecurity procurement"
-      status: "planning"