npm - 50c - Versions diffs - 4.0.0 → 4.1.0 - Mend

50c 4.0.0 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/lib/team.js CHANGED Viewed

@@ -1,691 +1,655 @@
-/**
- * 50c Team - Natural language orchestrator
- * "Ask the 50c team to do X" → Team figures out which tools to use
- *
- * Swiss army knife that makes 50c tools accessible without memorizing names
- *
- * SAFETY GUARDRAILS:
- * - Max 3 tools per chain (depth limit)
- * - No recursive team calls
- * - Air-gapped dangerous tools from self-improvement tasks
- * - Rate limiting via metering
- * - Blocked executable generation patterns
- * - Task pivot detection
- */
-const { call50cTool } = require('./subagent.js');
-const registry = require('./tools-registry.js');
-// ============================================
-// SAFETY GUARDRAILS
-// ============================================
-const MAX_PAID_TOOLS = 6;
-const MAX_FREE_TOOLS = 20;
-const MAX_CALLS_PER_MINUTE = 10;
-const callLog = [];
-const FREE_TOOLS = [
-  ...registry.getFreeSlugs(),
-  'fm_index', 'fm_find', 'fm_lines', 'fm_search', 'fm_summary', 'fm_list', 'fm_context',
-  'dewey_add', 'dewey_get', 'dewey_search', 'dewey_list', 'dewey_update', 'dewey_delete', 'dewey_stats',
-  'cf_list_zones', 'cf_get_zone', 'cf_find_zone', 'cf_list_dns', 'cf_ssl_status', 'cf_dev_mode',
-  'ux_spacing_system',
-  'vault_status', 'vault_get',
-  'sub_list', 'sub_get', 'sub_discover', 'sub_clone', 'sub_earnings', 'sub_share', 'sub_delete', 'sub_review', 'sub_set_public',
-  'caz_get_block'
-];
-const ENTERPRISE_GATED_TOOLS = [
-  ...registry.getEnterpriseSlugs(),
-  'team_ssh',
-  'team_exec',
-  'team_http',
-  'team_deploy',
-];
-// Required vault keys for each enterprise tool
-const ENTERPRISE_VAULT_REQUIREMENTS = {
-  'team_ssh': ['ssh_host', 'ssh_user'],  // ssh_key or ssh_password
-  'team_exec': ['exec_allowed_hosts'],
-  'team_http': ['http_endpoints'],
-  'team_deploy': ['deploy_targets'],
-  'auto_invent': [],      // No vault needed, just enterprise tier + $2.00
-  'invent_program': []    // No vault needed, just enterprise tier + $2.00
-};
-/**
- * Check if enterprise tool access is allowed
- * Returns { allowed: boolean, reason: string }
- *
- * Security fixes applied per 50c roast:
- * - Strict API key validation with regex
- * - Vault health check (not just initialized)
- * - Tool existence validation
- */
-async function checkEnterpriseAccess(tool, apiKey) {
-  // 1. Check if tool requires enterprise
-  if (!ENTERPRISE_GATED_TOOLS.includes(tool)) {
-    return { allowed: true, reason: 'Not an enterprise-gated tool' };
-  }
-  // 2. Validate tool exists in requirements (security: prevent undefined lookup)
-  if (!ENTERPRISE_VAULT_REQUIREMENTS[tool]) {
-    return {
-      allowed: false,
-      reason: `Unknown enterprise tool: ${tool}`,
-      code: 'INVALID_TOOL'
-    };
-  }
-  // 3. Verify enterprise tier via API key
-  try {
-    const { call50cTool } = require('./subagent.js');
-    // Strict API key validation (security: prevent prefix collisions)
-    // Enterprise keys: cv_ent_XXXXXXXX (8+ hex chars) OR cv_enterprise_* OR any cv_ key with $2+ balance
-    const isValidEntKey = apiKey && (
-      /^cv_ent_[a-f0-9]{8,}$/i.test(apiKey) ||
-      /^cv_enterprise_/i.test(apiKey) ||
-      /^cv_[a-f0-9]{40,}$/i.test(apiKey)  // Production keys with sufficient balance
-    );
-    if (!isValidEntKey) {
-      return {
-        allowed: false,
-        reason: `${tool} requires Enterprise tier ($2.00). Upgrade at https://50c.ai/enterprise`,
-        code: 'ENTERPRISE_REQUIRED'
-      };
-    }
-    // 4. Check vault status ONLY for tools that require vault keys
-    const requiredKeys = ENTERPRISE_VAULT_REQUIREMENTS[tool];
-    // If no vault keys required (auto_invent, invent_program), skip vault check
-    if (!requiredKeys || requiredKeys.length === 0) {
-      return { allowed: true, reason: `Enterprise tool ${tool} allowed (no vault required)` };
-    }
-    const vaultStatus = await call50cTool('vault_status', {});
-    if (!vaultStatus || !vaultStatus.initialized) {
-      return {
-        allowed: false,
-        reason: `${tool} requires 50c-vault. Run: npx 50c-vault init`,
-        code: 'VAULT_NOT_INITIALIZED'
-      };
-    }
-    // Check vault health if available
-    if (vaultStatus.healthy === false) {
-      return {
-        allowed: false,
-        reason: `Vault is in degraded state. Run: npx 50c-vault status`,
-        code: 'VAULT_NOT_HEALTHY'
-      };
-    }
-    // 5. Check each required key exists in vault
-    for (const key of requiredKeys) {
-      try {
-        const val = await call50cTool('vault_get', { key });
-        if (!val || val.error) {
-          return {
-            allowed: false,
-            reason: `${tool} requires vault key '${key}'. Add it: npx 50c-vault set ${key}`,
-            code: 'VAULT_KEY_MISSING'
-          };
-        }
-      } catch (e) {
-        return {
-          allowed: false,
-          reason: `Cannot verify vault key '${key}': ${e.message}`,
-          code: 'VAULT_CHECK_FAILED'
-        };
-      }
-    }
-    return { allowed: true, reason: 'Enterprise access verified via vault' };
-  } catch (e) {
-    return {
-      allowed: false,
-      reason: `Enterprise check failed: ${e.message}`,
-      code: 'ENTERPRISE_CHECK_ERROR'
-    };
-  }
-}
-// Blocked patterns - potential self-improvement or escape vectors
-// NOTE: execute/deploy patterns are ALLOWED for enterprise users with vault
-const BLOCKED_PATTERNS = [
-  /bypass.*limit/i,
-  /hack.*api/i,
-  /steal.*credit/i,
-  /free.*tier.*abuse/i,
-  /self.*replicate/i,
-  /escape.*sandbox/i,
-  /improve.*this.*system/i,
-  /rewrite.*team/i,
-  /modify.*50c/i,
-  /recursive.*loop/i,
-  /infinite.*chain/i,
-  /exploit.*vulnerab/i,
-  /inject.*code/i,
-  /spread.*virus/i,
-  /malware/i,
-  /phishing/i,
-  /exfiltrate/i,
-  /password.*dump/i,
-  /credential.*steal/i,
-  /api.*key.*extract/i,
-  /bomb|weapon|explosive|kill|murder|attack/i,
-];
-// Air-gapped tools - cannot be used for self-improvement tasks
-const AIRGAPPED_TOOLS = ['genius_plus', 'genius'];
-const SELF_IMPROVEMENT_PATTERNS = [
-  /improve.*prompt/i,
-  /better.*chain/i,
-  /optimize.*tool/i,
-  /enhance.*system/i,
-  /upgrade.*team/i,
-  /make.*smarter/i,
-  /self.*improv/i,
-];
-// Executable generation blocklist
-const EXECUTABLE_PATTERNS = [
-  /write.*script.*deploy/i,
-  /generate.*executable/i,
-  /create.*virus/i,
-  /build.*malware/i,
-  /code.*to.*hack/i,
-  /script.*to.*steal/i,
-  /program.*to.*attack/i,
-];
-/**
- * Safety check - returns { safe: boolean, reason: string }
- */
-function safetyCheck(task, context) {
-  const combined = `${task} ${context || ''}`.toLowerCase();
-  // Check blocked patterns
-  for (const pattern of BLOCKED_PATTERNS) {
-    if (pattern.test(combined)) {
-      return {
-        safe: false,
-        reason: `Blocked: Task contains prohibited pattern. This request cannot be processed.`,
-        code: 'BLOCKED_PATTERN'
-      };
-    }
-  }
-  // Check executable generation
-  for (const pattern of EXECUTABLE_PATTERNS) {
-    if (pattern.test(combined)) {
-      return {
-        safe: false,
-        reason: `Blocked: Cannot generate executable or deployment code.`,
-        code: 'EXECUTABLE_BLOCKED'
-      };
-    }
-  }
-  // Rate limiting
-  const now = Date.now();
-  const recentCalls = callLog.filter(t => now - t < 60000);
-  if (recentCalls.length >= MAX_CALLS_PER_MINUTE) {
-    return {
-      safe: false,
-      reason: `Rate limited: Max ${MAX_CALLS_PER_MINUTE} team calls per minute. Please wait.`,
-      code: 'RATE_LIMITED'
-    };
-  }
-  return { safe: true };
-}
-/**
- * Check if task is self-improvement (air-gap check)
- */
-function isSelfImprovement(task) {
-  for (const pattern of SELF_IMPROVEMENT_PATTERNS) {
-    if (pattern.test(task)) {
-      return true;
-    }
-  }
-  return false;
-}
-/**
- * Filter tools for air-gapping
- */
-function filterAirgappedTools(tools, task) {
-  if (isSelfImprovement(task)) {
-    return tools.filter(t => !AIRGAPPED_TOOLS.includes(t));
-  }
-  return tools;
-}
-// Tool capabilities for matching
-const TOOL_CAPABILITIES = {
-  // ENTERPRISE INVENTION ($2.00)
-  auto_invent: { keywords: ['invent', 'discover', 'prove', 'novel', 'patent', 'breakthrough', 'scientific', 'rigorous', 'verified solution', 'invention'], desc: 'Enterprise invention pipeline ($2.00)' },
-  invent_program: { keywords: ['programmatic invention', 'json program', 'executable pipeline', 'step by step invention'], desc: 'JSON-defined invention ($2.00)' },
-  // Research & Analysis
-  web_search: { keywords: ['search', 'find', 'look up', 'research', 'google', 'internet'], desc: 'Search the web' },
-  page_fetch: { keywords: ['fetch', 'scrape', 'get page', 'read url', 'website content'], desc: 'Fetch webpage content' },
-  genius: { keywords: ['analyze', 'solve', 'think', 'deep', 'complex', 'figure out', 'understand'], desc: 'Deep problem solving' },
-  genius_plus: { keywords: ['code gen', 'implement', 'build', 'create code', 'write code', 'program'], desc: 'Self-improving code generation' },
-  // Code Quality
-  roast: { keywords: ['roast', 'review', 'critique', 'flaws', 'bugs', 'issues', 'problems', 'code review'], desc: 'Brutal code review' },
-  hints: { keywords: ['hints', 'tips', 'suggestions', 'advice', 'help', 'guide', 'ideas'], desc: 'Quick hints' },
-  hints_plus: { keywords: ['more hints', 'detailed hints', 'thorough tips'], desc: 'Detailed hints' },
-  // Math & Computation
-  bcalc: { keywords: ['calculate', 'math', 'compute', 'formula', 'equation', 'number'], desc: 'Mathematical computation' },
-  bcalc_why: { keywords: ['explain math', 'why math', 'math explanation'], desc: 'Math explanation' },
-  compute: { keywords: ['run python', 'execute', 'python code', 'script'], desc: 'Execute Python' },
-  // Ideas & Creativity
-  quick_vibe: { keywords: ['ideas', 'brainstorm', 'creative', 'unconventional', 'vibe'], desc: 'Creative ideas' },
-  mind_opener: { keywords: ['angles', 'perspectives', 'approaches', 'ways to think'], desc: 'Different perspectives' },
-  idea_fold: { keywords: ['test claim', 'verify', 'validate', 'check assumption', 'stem'], desc: 'Test claims scientifically' },
-  prompt_expand: { keywords: ['expand', 'elaborate', 'detail', 'flesh out'], desc: 'Expand ideas' },
-  // Business
-  name_it: { keywords: ['name', 'naming', 'brand', 'title', 'what to call'], desc: 'Generate names' },
-  price_it: { keywords: ['price', 'pricing', 'cost', 'charge', 'monetize'], desc: 'Pricing strategy' },
-  one_liner: { keywords: ['pitch', 'elevator', 'one liner', 'tagline', 'slogan'], desc: 'Elevator pitch' },
-  // Domain & DNS
-  domain_check: { keywords: ['domain available', 'domain availability', 'check domain', 'domain name', 'domain check'], desc: 'Check domain availability' },
-  cf_list_zones: { keywords: ['cloudflare zones', 'list domains', 'dns zones'], desc: 'List CF zones' },
-  cf_list_dns: { keywords: ['dns records', 'list dns'], desc: 'List DNS records' },
-  // Context & Memory
-  beacon_compress: { keywords: ['compress', 'summarize context', 'reduce'], desc: 'Compress context' },
-  beacon_extract: { keywords: ['extract', 'pull out', 'find in context'], desc: 'Extract from context' },
-  fog_check: { keywords: ['fog', 'confusion', 'clarity check'], desc: 'Check context fog' },
-  fog_clear: { keywords: ['clear fog', 'reset context', 'clean up'], desc: 'Clear context fog' },
-  caz_dedup: { keywords: ['deduplicate', 'dedup', 'remove duplicates'], desc: 'Deduplicate content' },
-  context_compress: { keywords: ['compress code', 'reduce context', 'relevant parts'], desc: 'Smart context compression' },
-  // Knowledge Management
-  dewey_add: { keywords: ['save', 'store', 'remember', 'index', 'add to dewey'], desc: 'Save to index' },
-  dewey_search: { keywords: ['search saved', 'find saved', 'lookup dewey'], desc: 'Search saved items' },
-  dewey_list: { keywords: ['list saved', 'show dewey', 'what did i save'], desc: 'List saved items' },
-  // UX
-  ux_contrast_check: { keywords: ['contrast', 'color accessibility', 'readable'], desc: 'Check color contrast' },
-  ux_color_palette: { keywords: ['color palette', 'colors', 'theme colors'], desc: 'Generate colors' },
-  ux_roast: { keywords: ['ux review', 'ui critique', 'design review'], desc: 'Roast UI/UX' },
-  ux_copy_improve: { keywords: ['improve copy', 'better text', 'ux writing'], desc: 'Improve UI copy' },
-  // Handoff
-  handoff: { keywords: ['handoff', 'document', 'summary', 'wrap up', 'status'], desc: 'Generate handoff doc' }
-};
-// Common task patterns → tool sequences
-const TASK_PATTERNS = [
-  // ENTERPRISE-GATED PATTERNS FIRST (require vault + enterprise tier)
-  // These must come before generic patterns to avoid false matches
-  {
-    match: /\bssh\b|\bscp\b|\bsftp\b|\brsync\b|remote.*server|server.*command|connect.*server|bash.*into|shell.*into|terminal.*server/i,
-    tools: ['team_ssh'],
-    desc: 'SSH/SCP/SFTP to server (Enterprise + Vault required)'
-  },
-  {
-    match: /deploy.*(server|prod|staging|live)|push.*production|release.*server|ship.*to/i,
-    tools: ['team_deploy'],
-    desc: 'Deploy to server (Enterprise + Vault required)'
-  },
-  {
-    match: /execute.*on.*server|run.*command.*server|remote.*shell/i,
-    tools: ['team_exec'],
-    desc: 'Execute command (Enterprise + Vault required)'
-  },
-  {
-    match: /call.*external.*api|http.*request.*server|webhook.*trigger|post.*to.*endpoint/i,
-    tools: ['team_http'],
-    desc: 'HTTP request (Enterprise + Vault required)'
-  },
-  // ENTERPRISE INVENTION PATTERNS ($2.00)
-  {
-    match: /\binvent\b|\bdiscover\b|\bprove\b|\bsolve.*rigor|\bnovel.*solution|\bpatent|\bbreakthrough|\bscientific.*method/i,
-    tools: ['auto_invent'],
-    desc: 'Enterprise invention pipeline ($2.00) - full swarm with verification'
-  },
-  {
-    match: /\bauto.?invent|\bfull.*pipeline|\bswarm.*invention|\bverified.*solution/i,
-    tools: ['auto_invent'],
-    desc: 'Enterprise auto-invent ($2.00)'
-  },
-  // Standard patterns
-  {
-    match: /roast.*fix|review.*suggest|critique.*improve/i,
-    tools: ['roast', 'hints'],
-    desc: 'Code review with fix suggestions'
-  },
-  {
-    match: /research.*summar|search.*analyz|find.*explain/i,
-    tools: ['web_search', 'genius'],
-    desc: 'Research and analyze'
-  },
-  {
-    match: /security|vulnerab|exploit|hack/i,
-    tools: ['roast', 'hints_plus', 'genius'],
-    desc: 'Security analysis'
-  },
-  {
-    match: /name.*domain|brand.*available/i,
-    tools: ['name_it', 'domain_check'],
-    desc: 'Naming with domain check'
-  },
-  {
-    match: /price|monetiz|business model/i,
-    tools: ['price_it', 'hints'],
-    desc: 'Pricing strategy'
-  },
-  {
-    match: /math.*explain|calculate.*why/i,
-    tools: ['bcalc', 'bcalc_why'],
-    desc: 'Math with explanation'
-  },
-  {
-    match: /build|implement|create|code|develop/i,
-    tools: ['genius_plus'],
-    desc: 'Code generation'
-  }
-];
-/**
- * Match task to best tools
- */
-function matchTaskToTools(task) {
-  const taskLower = task.toLowerCase();
-  const matched = [];
-  const scores = {};
-  // Check patterns first
-  for (const pattern of TASK_PATTERNS) {
-    if (pattern.match.test(task)) {
-      return { tools: pattern.tools, reason: pattern.desc, confidence: 0.9 };
-    }
-  }
-  // Keyword matching
-  for (const [tool, config] of Object.entries(TOOL_CAPABILITIES)) {
-    let score = 0;
-    for (const keyword of config.keywords) {
-      if (taskLower.includes(keyword)) {
-        score += keyword.split(' ').length; // Multi-word matches score higher
-      }
-    }
-    if (score > 0) {
-      scores[tool] = score;
-      matched.push({ tool, score, desc: config.desc });
-    }
-  }
-  // Sort by score, take top 3
-  matched.sort((a, b) => b.score - a.score);
-  const topTools = matched.slice(0, 3).map(m => m.tool);
-  if (topTools.length === 0) {
-    // Default to genius for unknown tasks
-    return { tools: ['genius'], reason: 'General problem solving', confidence: 0.5 };
-  }
-  return {
-    tools: topTools,
-    reason: matched.slice(0, 3).map(m => m.desc).join(' → '),
-    confidence: Math.min(0.9, matched[0].score / 5)
-  };
-}
-/**
- * Build tool arguments from task and context
- */
-function buildArgs(tool, task, context) {
-  const args = {};
-  // Common argument mappings
-  if (typeof context === 'string') {
-    if (tool === 'roast') args.code = context;
-    else if (tool === 'hints' || tool === 'hints_plus') args.query = context || task;
-    else if (tool === 'genius' || tool === 'genius_plus') args.problem = `${task}\n\nContext:\n${context}`;
-    else if (tool === 'web_search') args.query = task.replace(/search|find|research|look up/gi, '').trim();
-    else if (tool === 'compute') args.code = context;
-    else if (tool === 'bcalc') args.expression = context || task;
-    else if (tool === 'name_it') args.does = task;
-    else if (tool === 'price_it') args.product = context || task;
-    else if (tool === 'quick_vibe') args.working_on = context || task;
-    else if (tool === 'mind_opener') args.problem = context || task;
-    else if (tool === 'idea_fold') { args.claim = context || task; }
-    else if (tool === 'prompt_expand') args.idea = context || task;
-    else if (tool === 'one_liner') args.product = context || task;
-    else if (tool === 'beacon_compress') args.messages = Array.isArray(context) ? context : [context];
-    else if (tool === 'caz_dedup') args.content = context;
-    else if (tool === 'context_compress') { args.content = context; args.query = task; }
-    else if (tool === 'dewey_search') args.query = task;
-    else if (tool === 'ux_roast') args.description = context || task;
-    else if (tool === 'handoff') { args.project = task; args.context = context; }
-    else args.query = context || task; // Default fallback
-  } else if (typeof context === 'object') {
-    Object.assign(args, context);
-    // Fill in missing required args
-    if (!args.query && !args.problem && !args.code) {
-      args.query = task;
-    }
-  }
-  // Handle tools that need to extract args from task regardless of context type
-  if (tool === 'domain_check' && !args.domain) {
-    const domainMatch = task.match(/[\w-]+\.(ai|com|io|co|net|org|dev|app|xyz)/i);
-    args.domain = domainMatch ? domainMatch[0] : '';
-  }
-  return args;
-}
-/**
- * Execute team task - orchestrate multiple tools
- * WITH SAFETY GUARDRAILS
- */
-async function teamExecute(task, context, options = {}) {
-  const startTime = Date.now();
-  const results = {
-    task,
-    steps: [],
-    finalResult: null,
-    toolsUsed: [],
-    totalTime: 0,
-    guardrails: { checked: true },
-    limits: { paidUsed: 0, freeUsed: 0, paidMax: MAX_PAID_TOOLS, freeMax: MAX_FREE_TOOLS }
-  };
-  try {
-    // GUARDRAIL 1: Safety check on task + context
-    const safety = safetyCheck(task, context);
-    if (!safety.safe) {
-      return {
-        ok: false,
-        blocked: true,
-        reason: safety.reason,
-        code: safety.code,
-        guardrails: { triggered: safety.code }
-      };
-    }
-    // Log call for rate limiting
-    callLog.push(Date.now());
-    // Trim old entries
-    while (callLog.length > 100) callLog.shift();
-    // Match task to tools
-    let { tools, reason, confidence } = matchTaskToTools(task);
-    // GUARDRAIL 2: Air-gap check - remove genius/genius_plus from self-improvement tasks
-    tools = filterAirgappedTools(tools, task);
-    if (tools.length === 0) {
-      return {
-        ok: false,
-        blocked: true,
-        reason: 'Self-improvement tasks cannot use advanced reasoning tools.',
-        code: 'AIRGAP_BLOCKED',
-        guardrails: { triggered: 'AIRGAP' }
-      };
-    }
-    // GUARDRAIL 3: No recursive team calls (team can't call itself)
-    tools = tools.filter(t => t !== 'team');
-    // GUARDRAIL 4: Enforce paid/free tool limits
-    const paidTools = tools.filter(t => !FREE_TOOLS.includes(t));
-    const freeTools = tools.filter(t => FREE_TOOLS.includes(t));
-    // Cap to limits
-    const allowedPaid = paidTools.slice(0, MAX_PAID_TOOLS);
-    const allowedFree = freeTools.slice(0, MAX_FREE_TOOLS);
-    tools = [...allowedPaid, ...allowedFree];
-    results.plan = {
-      tools,
-      reason,
-      confidence,
-      paidTools: allowedPaid.length,
-      freeTools: allowedFree.length,
-      limits: { paid: MAX_PAID_TOOLS, free: MAX_FREE_TOOLS }
-    };
-    if (options.dryRun) {
-      return {
-        ok: true,
-        dryRun: true,
-        plan: results.plan,
-        message: `Would execute: ${tools.join(' → ')}`,
-        guardrails: { active: ['paid_limit', 'free_limit', 'airgap', 'pattern_block', 'rate_limit', 'enterprise_gate'] }
-      };
-    }
-    // Execute tools in sequence, passing results forward
-    let prevResult = context;
-    let paidUsed = 0;
-    let freeUsed = 0;
-    const apiKey = options.apiKey || process.env.FIFTYC_API_KEY;
-    for (const tool of tools) {
-      // GUARDRAIL 5: Enterprise-gated tool check
-      if (ENTERPRISE_GATED_TOOLS.includes(tool)) {
-        const access = await checkEnterpriseAccess(tool, apiKey);
-        if (!access.allowed) {
-          results.steps.push({
-            tool,
-            skipped: true,
-            reason: access.reason,
-            code: access.code,
-            upgrade: 'https://50c.ai/enterprise'
-          });
-          continue;
-        }
-      }
-      // Check limits before each call
-      const isFree = FREE_TOOLS.includes(tool);
-      if (isFree && freeUsed >= MAX_FREE_TOOLS) {
-        results.steps.push({ tool, skipped: true, reason: `Free tool limit reached (${MAX_FREE_TOOLS})` });
-        continue;
-      }
-      if (!isFree && paidUsed >= MAX_PAID_TOOLS) {
-        results.steps.push({ tool, skipped: true, reason: `Paid tool limit reached (${MAX_PAID_TOOLS})` });
-        continue;
-      }
-      const stepStart = Date.now();
-      const args = buildArgs(tool, task, prevResult);
-      // SPECIAL: Local enterprise tools (auto_invent, invent_program) run in-process
-      let toolResult;
-      if (tool === 'auto_invent' || tool === 'invent_program') {
-        // These are local enterprise tools - import from 50c.js
-        try {
-          const { autoInvent, inventProgram } = require('../bin/50c.js');
-          if (tool === 'auto_invent') {
-            toolResult = { ok: true, result: await autoInvent(args) };
-          } else {
-            toolResult = { ok: true, result: await inventProgram(args) };
-          }
-        } catch (e) {
-          toolResult = { ok: false, error: `Local tool ${tool} failed: ${e.message}` };
-        }
-      } else {
-        toolResult = await call50cTool(tool, args);
-      }
-      // Track usage
-      if (isFree) freeUsed++;
-      else paidUsed++;
-      const step = {
-        tool,
-        args,
-        result: toolResult,
-        time: Date.now() - stepStart,
-        type: isFree ? 'free' : 'paid'
-      };
-      results.steps.push(step);
-      results.toolsUsed.push(tool);
-      if (toolResult.ok) {
-        prevResult = toolResult.result;
-      } else {
-        // Tool failed, but continue with others
-        step.error = toolResult.error;
-      }
-    }
-    results.finalResult = prevResult;
-    results.totalTime = Date.now() - startTime;
-    results.limits = { paidUsed, freeUsed, paidMax: MAX_PAID_TOOLS, freeMax: MAX_FREE_TOOLS };
-    results.ok = results.steps.some(s => s.result?.ok);
-    return results;
-  } catch (e) {
-    results.ok = false;
-    results.error = e.message;
-    results.totalTime = Date.now() - startTime;
-    return results;
-  }
-}
-/**
- * Simple team interface - just task + optional context
- */
-async function team(taskOrOptions) {
-  if (typeof taskOrOptions === 'string') {
-    return teamExecute(taskOrOptions, null);
-  }
-  const { task, context, dryRun } = taskOrOptions;
-  return teamExecute(task, context, { dryRun });
-}
-module.exports = {
-  team,
-  teamExecute,
-  matchTaskToTools,
-  safetyCheck,
-  TOOL_CAPABILITIES,
-  TASK_PATTERNS,
-  BLOCKED_PATTERNS,
-  FREE_TOOLS,
-  MAX_PAID_TOOLS,
-  MAX_FREE_TOOLS,
-  MAX_CALLS_PER_MINUTE
-};
+/**
+ * 50c Team - Natural language orchestrator
+ * "Ask the 50c team to do X" → Team figures out which tools to use
+ *
+ * Swiss army knife that makes 50c tools accessible without memorizing names
+ *
+ * SAFETY GUARDRAILS:
+ * - Max 3 tools per chain (depth limit)
+ * - No recursive team calls
+ * - Air-gapped dangerous tools from self-improvement tasks
+ * - Rate limiting via metering
+ * - Blocked executable generation patterns
+ * - Task pivot detection
+ */
+const { call50cTool } = require('./subagent.js');
+const registry = require('./tools-registry.js');
+// ============================================
+// SAFETY GUARDRAILS
+// ============================================
+const MAX_PAID_TOOLS = 6;
+const MAX_FREE_TOOLS = 20;
+const MAX_CALLS_PER_MINUTE = 10;
+const callLog = [];
+const FREE_TOOLS = [
+  ...registry.getFreeSlugs(),
+  'fm_index', 'fm_find', 'fm_lines', 'fm_search', 'fm_summary', 'fm_list', 'fm_context',
+  'dewey_add', 'dewey_get', 'dewey_search', 'dewey_list', 'dewey_update', 'dewey_delete', 'dewey_stats',
+  'cf_list_zones', 'cf_get_zone', 'cf_find_zone', 'cf_list_dns', 'cf_ssl_status', 'cf_dev_mode',
+  'ux_spacing_system',
+  'vault_status', 'vault_get',
+  'sub_list', 'sub_get', 'sub_discover', 'sub_clone', 'sub_earnings', 'sub_share', 'sub_delete', 'sub_review', 'sub_set_public',
+  'caz_get_block'
+];
+const ENTERPRISE_GATED_TOOLS = [
+  ...registry.getEnterpriseSlugs(),
+  'team_ssh',
+  'team_exec',
+  'team_http',
+  'team_deploy',
+];
+// Required vault keys for each enterprise tool
+const ENTERPRISE_VAULT_REQUIREMENTS = {
+  'team_ssh': ['ssh_host', 'ssh_user'],  // ssh_key or ssh_password
+  'team_exec': ['exec_allowed_hosts'],
+  'team_http': ['http_endpoints'],
+  'team_deploy': ['deploy_targets'],
+  'auto_invent': [],      // No vault needed, just enterprise tier + $2.00
+  'invent_program': []    // No vault needed, just enterprise tier + $2.00
+};
+/**
+ * Check if enterprise tool access is allowed
+ * Returns { allowed: boolean, reason: string }
+ *
+ * Security fixes applied per 50c roast:
+ * - Strict API key validation with regex
+ * - Vault health check (not just initialized)
+ * - Tool existence validation
+ */
+async function checkEnterpriseAccess(tool, apiKey) {
+  // 1. Check if tool requires enterprise
+  if (!ENTERPRISE_GATED_TOOLS.includes(tool)) {
+    return { allowed: true, reason: 'Not an enterprise-gated tool' };
+  }
+  // 2. Validate tool exists in requirements (security: prevent undefined lookup)
+  if (!ENTERPRISE_VAULT_REQUIREMENTS[tool]) {
+    return {
+      allowed: false,
+      reason: `Unknown enterprise tool: ${tool}`,
+      code: 'INVALID_TOOL'
+    };
+  }
+  // 3. Verify enterprise tier via API key
+  try {
+    const { call50cTool } = require('./subagent.js');
+    // Strict API key validation (security: prevent prefix collisions)
+    // Enterprise keys: cv_ent_XXXXXXXX (8+ hex chars) OR cv_enterprise_* OR any cv_ key with $2+ balance
+    const isValidEntKey = apiKey && (
+      /^cv_ent_[a-f0-9]{8,}$/i.test(apiKey) ||
+      /^cv_enterprise_/i.test(apiKey) ||
+      /^cv_[a-f0-9]{40,}$/i.test(apiKey)  // Production keys with sufficient balance
+    );
+    if (!isValidEntKey) {
+      return {
+        allowed: false,
+        reason: `${tool} requires Enterprise tier ($2.00). Upgrade at https://50c.ai/enterprise`,
+        code: 'ENTERPRISE_REQUIRED'
+      };
+    }
+    // 4. Check vault status ONLY for tools that require vault keys
+    const requiredKeys = ENTERPRISE_VAULT_REQUIREMENTS[tool];
+    // If no vault keys required (auto_invent, invent_program), skip vault check
+    if (!requiredKeys || requiredKeys.length === 0) {
+      return { allowed: true, reason: `Enterprise tool ${tool} allowed (no vault required)` };
+    }
+    const vaultStatus = await call50cTool('vault_status', {});
+    if (!vaultStatus || !vaultStatus.initialized) {
+      return {
+        allowed: false,
+        reason: `${tool} requires 50c-vault. Run: npx 50c-vault init`,
+        code: 'VAULT_NOT_INITIALIZED'
+      };
+    }
+    // Check vault health if available
+    if (vaultStatus.healthy === false) {
+      return {
+        allowed: false,
+        reason: `Vault is in degraded state. Run: npx 50c-vault status`,
+        code: 'VAULT_NOT_HEALTHY'
+      };
+    }
+    // 5. Check each required key exists in vault
+    for (const key of requiredKeys) {
+      try {
+        const val = await call50cTool('vault_get', { key });
+        if (!val || val.error) {
+          return {
+            allowed: false,
+            reason: `${tool} requires vault key '${key}'. Add it: npx 50c-vault set ${key}`,
+            code: 'VAULT_KEY_MISSING'
+          };
+        }
+      } catch (e) {
+        return {
+          allowed: false,
+          reason: `Cannot verify vault key '${key}': ${e.message}`,
+          code: 'VAULT_CHECK_FAILED'
+        };
+      }
+    }
+    return { allowed: true, reason: 'Enterprise access verified via vault' };
+  } catch (e) {
+    return {
+      allowed: false,
+      reason: `Enterprise check failed: ${e.message}`,
+      code: 'ENTERPRISE_CHECK_ERROR'
+    };
+  }
+}
+// Safety guardrails -- Layer 1 local sync + Layer 3 server-side (fail closed)
+const https = require('https');
+const BLOCKED_PATTERNS = [
+  /bypass.*limit/i, /hack.*api/i, /steal.*credit/i, /free.*tier.*abuse/i,
+  /self.*replicate/i, /escape.*sandbox/i, /inject.*code/i,
+  /spread.*virus/i, /malware/i, /phishing/i, /exfiltrate/i,
+  /password.*dump/i, /credential.*steal/i, /api.*key.*extract/i,
+  /bomb|weapon|explosive|kill|murder|attack/i,
+];
+const AIRGAPPED_TOOLS = ['genius_plus', 'genius'];
+const SELF_IMPROVEMENT_PATTERNS = [
+  /improve.*prompt/i, /better.*chain/i, /optimize.*tool/i,
+  /enhance.*system/i, /upgrade.*team/i, /make.*smarter/i, /self.*improv/i,
+];
+async function safetyCheck(task, context) {
+  const combined = task + ' ' + (context || '');
+  // Layer 1: sync local pre-filter (fast, works offline)
+  for (const pattern of BLOCKED_PATTERNS) {
+    if (pattern.test(combined)) {
+      return { safe: false, reason: 'Blocked: prohibited pattern detected.', code: 'BLOCKED_PATTERN' };
+    }
+  }
+  // Layer 2: client-side rate limiting
+  const now = Date.now();
+  const recentCalls = callLog.filter(function(t) { return now - t < 60000; });
+  if (recentCalls.length >= MAX_CALLS_PER_MINUTE) {
+    return { safe: false, reason: 'Rate limited: max calls per minute exceeded.', code: 'RATE_LIMITED' };
+  }
+  // Layer 3: server-side check -- fail CLOSED on any error
+  return new Promise(function(resolve) {
+    const payload = JSON.stringify({ task: task, context: context || '' });
+    let settled = false;
+    function settle(v) { if (!settled) { settled = true; resolve(v); } }
+    const req = https.request({
+      hostname: 'api.50c.ai',
+      path: '/v1/safety-check',
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(payload) },
+      timeout: 5000
+    }, function(res) {
+      let data = '';
+      res.on('data', function(chunk) { data += chunk; });
+      res.on('end', function() {
+        try {
+          const result = JSON.parse(data);
+          settle({ safe: result.safe !== false, reason: result.reason, code: result.code });
+        } catch(e) {
+          settle({ safe: false, reason: 'Safety check parse error.', code: 'CHECK_ERROR' });
+        }
+      });
+    });
+    req.on('error', function() { settle({ safe: false, reason: 'Safety check unavailable.', code: 'NETWORK_ERROR' }); });
+    req.on('timeout', function() { req.destroy(); settle({ safe: false, reason: 'Safety check timeout.', code: 'TIMEOUT' }); });
+    req.write(payload);
+    req.end();
+  });
+}
+function isSelfImprovement(task) {
+  for (const pattern of SELF_IMPROVEMENT_PATTERNS) {
+    if (pattern.test(task)) return true;
+  }
+  return false;
+}
+function filterAirgappedTools(tools, task) {
+  if (isSelfImprovement(task)) return tools.filter(function(t) { return AIRGAPPED_TOOLS.indexOf(t) === -1; });
+  return tools;
+}
+// Tool capabilities for matching
+const TOOL_CAPABILITIES = {
+  // ENTERPRISE INVENTION ($2.00)
+  auto_invent: { keywords: ['invent', 'discover', 'prove', 'novel', 'patent', 'breakthrough', 'scientific', 'rigorous', 'verified solution', 'invention'], desc: 'Enterprise invention pipeline ($2.00)' },
+  invent_program: { keywords: ['programmatic invention', 'json program', 'executable pipeline', 'step by step invention'], desc: 'JSON-defined invention ($2.00)' },
+  // Research & Analysis
+  web_search: { keywords: ['search', 'find', 'look up', 'research', 'google', 'internet'], desc: 'Search the web' },
+  page_fetch: { keywords: ['fetch', 'scrape', 'get page', 'read url', 'website content'], desc: 'Fetch webpage content' },
+  genius: { keywords: ['analyze', 'solve', 'think', 'deep', 'complex', 'figure out', 'understand'], desc: 'Deep problem solving' },
+  genius_plus: { keywords: ['code gen', 'implement', 'build', 'create code', 'write code', 'program'], desc: 'Self-improving code generation' },
+  // Code Quality
+  roast: { keywords: ['roast', 'review', 'critique', 'flaws', 'bugs', 'issues', 'problems', 'code review'], desc: 'Brutal code review' },
+  hints: { keywords: ['hints', 'tips', 'suggestions', 'advice', 'help', 'guide', 'ideas'], desc: 'Quick hints' },
+  hints_plus: { keywords: ['more hints', 'detailed hints', 'thorough tips'], desc: 'Detailed hints' },
+  // Math & Computation
+  bcalc: { keywords: ['calculate', 'math', 'compute', 'formula', 'equation', 'number'], desc: 'Mathematical computation' },
+  bcalc_why: { keywords: ['explain math', 'why math', 'math explanation'], desc: 'Math explanation' },
+  compute: { keywords: ['run python', 'execute', 'python code', 'script'], desc: 'Execute Python' },
+  // Ideas & Creativity
+  quick_vibe: { keywords: ['ideas', 'brainstorm', 'creative', 'unconventional', 'vibe'], desc: 'Creative ideas' },
+  mind_opener: { keywords: ['angles', 'perspectives', 'approaches', 'ways to think'], desc: 'Different perspectives' },
+  idea_fold: { keywords: ['test claim', 'verify', 'validate', 'check assumption', 'stem'], desc: 'Test claims scientifically' },
+  prompt_expand: { keywords: ['expand', 'elaborate', 'detail', 'flesh out'], desc: 'Expand ideas' },
+  // Business
+  name_it: { keywords: ['name', 'naming', 'brand', 'title', 'what to call'], desc: 'Generate names' },
+  price_it: { keywords: ['price', 'pricing', 'cost', 'charge', 'monetize'], desc: 'Pricing strategy' },
+  one_liner: { keywords: ['pitch', 'elevator', 'one liner', 'tagline', 'slogan'], desc: 'Elevator pitch' },
+  // Domain & DNS
+  domain_check: { keywords: ['domain available', 'domain availability', 'check domain', 'domain name', 'domain check'], desc: 'Check domain availability' },
+  cf_list_zones: { keywords: ['cloudflare zones', 'list domains', 'dns zones'], desc: 'List CF zones' },
+  cf_list_dns: { keywords: ['dns records', 'list dns'], desc: 'List DNS records' },
+  // Context & Memory
+  beacon_compress: { keywords: ['compress', 'summarize context', 'reduce'], desc: 'Compress context' },
+  beacon_extract: { keywords: ['extract', 'pull out', 'find in context'], desc: 'Extract from context' },
+  fog_check: { keywords: ['fog', 'confusion', 'clarity check'], desc: 'Check context fog' },
+  fog_clear: { keywords: ['clear fog', 'reset context', 'clean up'], desc: 'Clear context fog' },
+  caz_dedup: { keywords: ['deduplicate', 'dedup', 'remove duplicates'], desc: 'Deduplicate content' },
+  context_compress: { keywords: ['compress code', 'reduce context', 'relevant parts'], desc: 'Smart context compression' },
+  // Knowledge Management
+  dewey_add: { keywords: ['save', 'store', 'remember', 'index', 'add to dewey'], desc: 'Save to index' },
+  dewey_search: { keywords: ['search saved', 'find saved', 'lookup dewey'], desc: 'Search saved items' },
+  dewey_list: { keywords: ['list saved', 'show dewey', 'what did i save'], desc: 'List saved items' },
+  // UX
+  ux_contrast_check: { keywords: ['contrast', 'color accessibility', 'readable'], desc: 'Check color contrast' },
+  ux_color_palette: { keywords: ['color palette', 'colors', 'theme colors'], desc: 'Generate colors' },
+  ux_roast: { keywords: ['ux review', 'ui critique', 'design review'], desc: 'Roast UI/UX' },
+  ux_copy_improve: { keywords: ['improve copy', 'better text', 'ux writing'], desc: 'Improve UI copy' },
+  // Handoff
+  handoff: { keywords: ['handoff', 'document', 'summary', 'wrap up', 'status'], desc: 'Generate handoff doc' }
+};
+// Common task patterns → tool sequences
+const TASK_PATTERNS = [
+  // ENTERPRISE-GATED PATTERNS FIRST (require vault + enterprise tier)
+  // These must come before generic patterns to avoid false matches
+  {
+    match: /\bssh\b|\bscp\b|\bsftp\b|\brsync\b|remote.*server|server.*command|connect.*server|bash.*into|shell.*into|terminal.*server/i,
+    tools: ['team_ssh'],
+    desc: 'SSH/SCP/SFTP to server (Enterprise + Vault required)'
+  },
+  {
+    match: /deploy.*(server|prod|staging|live)|push.*production|release.*server|ship.*to/i,
+    tools: ['team_deploy'],
+    desc: 'Deploy to server (Enterprise + Vault required)'
+  },
+  {
+    match: /execute.*on.*server|run.*command.*server|remote.*shell/i,
+    tools: ['team_exec'],
+    desc: 'Execute command (Enterprise + Vault required)'
+  },
+  {
+    match: /call.*external.*api|http.*request.*server|webhook.*trigger|post.*to.*endpoint/i,
+    tools: ['team_http'],
+    desc: 'HTTP request (Enterprise + Vault required)'
+  },
+  // ENTERPRISE INVENTION PATTERNS ($2.00)
+  {
+    match: /\binvent\b|\bdiscover\b|\bprove\b|\bsolve.*rigor|\bnovel.*solution|\bpatent|\bbreakthrough|\bscientific.*method/i,
+    tools: ['auto_invent'],
+    desc: 'Enterprise invention pipeline ($2.00) - full swarm with verification'
+  },
+  {
+    match: /\bauto.?invent|\bfull.*pipeline|\bswarm.*invention|\bverified.*solution/i,
+    tools: ['auto_invent'],
+    desc: 'Enterprise auto-invent ($2.00)'
+  },
+  // Standard patterns
+  {
+    match: /roast.*fix|review.*suggest|critique.*improve/i,
+    tools: ['roast', 'hints'],
+    desc: 'Code review with fix suggestions'
+  },
+  {
+    match: /research.*summar|search.*analyz|find.*explain/i,
+    tools: ['web_search', 'genius'],
+    desc: 'Research and analyze'
+  },
+  {
+    match: /security|vulnerab|exploit|hack/i,
+    tools: ['roast', 'hints_plus', 'genius'],
+    desc: 'Security analysis'
+  },
+  {
+    match: /name.*domain|brand.*available/i,
+    tools: ['name_it', 'domain_check'],
+    desc: 'Naming with domain check'
+  },
+  {
+    match: /price|monetiz|business model/i,
+    tools: ['price_it', 'hints'],
+    desc: 'Pricing strategy'
+  },
+  {
+    match: /math.*explain|calculate.*why/i,
+    tools: ['bcalc', 'bcalc_why'],
+    desc: 'Math with explanation'
+  },
+  {
+    match: /build|implement|create|code|develop/i,
+    tools: ['genius_plus'],
+    desc: 'Code generation'
+  }
+];
+/**
+ * Match task to best tools
+ */
+function matchTaskToTools(task) {
+  const taskLower = task.toLowerCase();
+  const matched = [];
+  const scores = {};
+  // Check patterns first
+  for (const pattern of TASK_PATTERNS) {
+    if (pattern.match.test(task)) {
+      return { tools: pattern.tools, reason: pattern.desc, confidence: 0.9 };
+    }
+  }
+  // Keyword matching
+  for (const [tool, config] of Object.entries(TOOL_CAPABILITIES)) {
+    let score = 0;
+    for (const keyword of config.keywords) {
+      if (taskLower.includes(keyword)) {
+        score += keyword.split(' ').length; // Multi-word matches score higher
+      }
+    }
+    if (score > 0) {
+      scores[tool] = score;
+      matched.push({ tool, score, desc: config.desc });
+    }
+  }
+  // Sort by score, take top 3
+  matched.sort((a, b) => b.score - a.score);
+  const topTools = matched.slice(0, 3).map(m => m.tool);
+  if (topTools.length === 0) {
+    // Default to genius for unknown tasks
+    return { tools: ['genius'], reason: 'General problem solving', confidence: 0.5 };
+  }
+  return {
+    tools: topTools,
+    reason: matched.slice(0, 3).map(m => m.desc).join(' → '),
+    confidence: Math.min(0.9, matched[0].score / 5)
+  };
+}
+/**
+ * Build tool arguments from task and context
+ */
+function buildArgs(tool, task, context) {
+  const args = {};
+  // Common argument mappings
+  if (typeof context === 'string') {
+    if (tool === 'roast') args.code = context;
+    else if (tool === 'hints' || tool === 'hints_plus') args.query = context || task;
+    else if (tool === 'genius' || tool === 'genius_plus') args.problem = `${task}\n\nContext:\n${context}`;
+    else if (tool === 'web_search') args.query = task.replace(/search|find|research|look up/gi, '').trim();
+    else if (tool === 'compute') args.code = context;
+    else if (tool === 'bcalc') args.expression = context || task;
+    else if (tool === 'name_it') args.does = task;
+    else if (tool === 'price_it') args.product = context || task;
+    else if (tool === 'quick_vibe') args.working_on = context || task;
+    else if (tool === 'mind_opener') args.problem = context || task;
+    else if (tool === 'idea_fold') { args.claim = context || task; }
+    else if (tool === 'prompt_expand') args.idea = context || task;
+    else if (tool === 'one_liner') args.product = context || task;
+    else if (tool === 'beacon_compress') args.messages = Array.isArray(context) ? context : [context];
+    else if (tool === 'caz_dedup') args.content = context;
+    else if (tool === 'context_compress') { args.content = context; args.query = task; }
+    else if (tool === 'dewey_search') args.query = task;
+    else if (tool === 'ux_roast') args.description = context || task;
+    else if (tool === 'handoff') { args.project = task; args.context = context; }
+    else args.query = context || task; // Default fallback
+  } else if (typeof context === 'object') {
+    Object.assign(args, context);
+    // Fill in missing required args
+    if (!args.query && !args.problem && !args.code) {
+      args.query = task;
+    }
+  }
+  // Handle tools that need to extract args from task regardless of context type
+  if (tool === 'domain_check' && !args.domain) {
+    const domainMatch = task.match(/[\w-]+\.(ai|com|io|co|net|org|dev|app|xyz)/i);
+    args.domain = domainMatch ? domainMatch[0] : '';
+  }
+  return args;
+}
+/**
+ * Execute team task - orchestrate multiple tools
+ * WITH SAFETY GUARDRAILS
+ */
+async function teamExecute(task, context, options = {}) {
+  const startTime = Date.now();
+  const results = {
+    task,
+    steps: [],
+    finalResult: null,
+    toolsUsed: [],
+    totalTime: 0,
+    guardrails: { checked: true },
+    limits: { paidUsed: 0, freeUsed: 0, paidMax: MAX_PAID_TOOLS, freeMax: MAX_FREE_TOOLS }
+  };
+  try {
+    // GUARDRAIL 1: Safety check on task + context (dual-layer)
+    const safety = await safetyCheck(task, context);
+    if (!safety.safe) {
+      return {
+        ok: false,
+        blocked: true,
+        reason: safety.reason,
+        code: safety.code,
+        guardrails: { triggered: safety.code }
+      };
+    }
+    // Log call for rate limiting
+    callLog.push(Date.now());
+    // Trim old entries
+    while (callLog.length > 100) callLog.shift();
+    // Match task to tools
+    let { tools, reason, confidence } = matchTaskToTools(task);
+    // GUARDRAIL 2: Air-gap check - remove genius/genius_plus from self-improvement tasks
+    tools = filterAirgappedTools(tools, task);
+    if (tools.length === 0) {
+      return {
+        ok: false,
+        blocked: true,
+        reason: 'Self-improvement tasks cannot use advanced reasoning tools.',
+        code: 'AIRGAP_BLOCKED',
+        guardrails: { triggered: 'AIRGAP' }
+      };
+    }
+    // GUARDRAIL 3: No recursive team calls (team can't call itself)
+    tools = tools.filter(t => t !== 'team');
+    // GUARDRAIL 4: Enforce paid/free tool limits
+    const paidTools = tools.filter(t => !FREE_TOOLS.includes(t));
+    const freeTools = tools.filter(t => FREE_TOOLS.includes(t));
+    // Cap to limits
+    const allowedPaid = paidTools.slice(0, MAX_PAID_TOOLS);
+    const allowedFree = freeTools.slice(0, MAX_FREE_TOOLS);
+    tools = [...allowedPaid, ...allowedFree];
+    results.plan = {
+      tools,
+      reason,
+      confidence,
+      paidTools: allowedPaid.length,
+      freeTools: allowedFree.length,
+      limits: { paid: MAX_PAID_TOOLS, free: MAX_FREE_TOOLS }
+    };
+    if (options.dryRun) {
+      return {
+        ok: true,
+        dryRun: true,
+        plan: results.plan,
+        message: `Would execute: ${tools.join(' → ')}`,
+        guardrails: { active: ['paid_limit', 'free_limit', 'airgap', 'pattern_block', 'rate_limit', 'enterprise_gate'] }
+      };
+    }
+    // Execute tools in sequence, passing results forward
+    let prevResult = context;
+    let paidUsed = 0;
+    let freeUsed = 0;
+    const apiKey = options.apiKey || process.env.FIFTYC_API_KEY;
+    for (const tool of tools) {
+      // GUARDRAIL 5: Enterprise-gated tool check
+      if (ENTERPRISE_GATED_TOOLS.includes(tool)) {
+        const access = await checkEnterpriseAccess(tool, apiKey);
+        if (!access.allowed) {
+          results.steps.push({
+            tool,
+            skipped: true,
+            reason: access.reason,
+            code: access.code,
+            upgrade: 'https://50c.ai/enterprise'
+          });
+          continue;
+        }
+      }
+      // Check limits before each call
+      const isFree = FREE_TOOLS.includes(tool);
+      if (isFree && freeUsed >= MAX_FREE_TOOLS) {
+        results.steps.push({ tool, skipped: true, reason: `Free tool limit reached (${MAX_FREE_TOOLS})` });
+        continue;
+      }
+      if (!isFree && paidUsed >= MAX_PAID_TOOLS) {
+        results.steps.push({ tool, skipped: true, reason: `Paid tool limit reached (${MAX_PAID_TOOLS})` });
+        continue;
+      }
+      const stepStart = Date.now();
+      const args = buildArgs(tool, task, prevResult);
+      // SPECIAL: Local enterprise tools (auto_invent, invent_program) run in-process
+      let toolResult;
+      if (tool === 'auto_invent' || tool === 'invent_program') {
+        // These are local enterprise tools - import from 50c.js
+        try {
+          const { autoInvent, inventProgram } = require('../bin/50c.js');
+          if (tool === 'auto_invent') {
+            toolResult = { ok: true, result: await autoInvent(args) };
+          } else {
+            toolResult = { ok: true, result: await inventProgram(args) };
+          }
+        } catch (e) {
+          toolResult = { ok: false, error: `Local tool ${tool} failed: ${e.message}` };
+        }
+      } else {
+        toolResult = await call50cTool(tool, args);
+      }
+      // Track usage
+      if (isFree) freeUsed++;
+      else paidUsed++;
+      const step = {
+        tool,
+        args,
+        result: toolResult,
+        time: Date.now() - stepStart,
+        type: isFree ? 'free' : 'paid'
+      };
+      results.steps.push(step);
+      results.toolsUsed.push(tool);
+      if (toolResult.ok) {
+        prevResult = toolResult.result;
+      } else {
+        // Tool failed, but continue with others
+        step.error = toolResult.error;
+      }
+    }
+    results.finalResult = prevResult;
+    results.totalTime = Date.now() - startTime;
+    results.limits = { paidUsed, freeUsed, paidMax: MAX_PAID_TOOLS, freeMax: MAX_FREE_TOOLS };
+    results.ok = results.steps.some(s => s.result?.ok);
+    return results;
+  } catch (e) {
+    results.ok = false;
+    results.error = e.message;
+    results.totalTime = Date.now() - startTime;
+    return results;
+  }
+}
+/**
+ * Simple team interface - just task + optional context
+ */
+async function team(taskOrOptions) {
+  if (typeof taskOrOptions === 'string') {
+    return teamExecute(taskOrOptions, null);
+  }
+  const { task, context, dryRun } = taskOrOptions;
+  return teamExecute(task, context, { dryRun });
+}
+module.exports = {
+  team,
+  teamExecute,
+  matchTaskToTools,
+  safetyCheck,
+  TOOL_CAPABILITIES,
+  TASK_PATTERNS,
+  BLOCKED_PATTERNS,
+  FREE_TOOLS,
+  MAX_PAID_TOOLS,
+  MAX_FREE_TOOLS,
+  MAX_CALLS_PER_MINUTE
+};