@aitne-sh/aitne 0.1.8 → 0.1.9

package/agent-assets/templates/{rules → policies}/management.md

@@ -32,15 +32,15 @@ or the dashboard's Settings → Management page._
 ## C. Active Policies
 
 Auto-maintained by the daemon (do not edit). Source files live under
-`rules/policies/<slug>.md`; capture new policies via the
-`management-policy` skill. Full index: [[rules/policies/_index.md]]
+`policies/management-captures/<slug>.md`; capture new policies via the
+`management-policy` skill. Full index: [[policies/management-captures/_index.md]]
 
 _No active policies yet._
 
 ## Notes
 
 - The agent cannot use `Edit` / `Write` tools on this file — writes go
-  through `/api/context/rules/management` (locked + snapshotted) or the
+  through `/api/context/policies/management` (locked + snapshotted) or the
   managed-tasks / sot-bindings API surfaces.
 - This file is injected into every flow via `policy-files.ts`. Keep it
   concise so prompt assembly stays cheap.

package/agent-assets/templates/{rules → policies}/mcp.md

@@ -16,7 +16,7 @@ This file governs how the agent uses attached Model Context Protocol
   the target with me via DM when the change is visible to others (a new
   issue, a posted message, an edited doc).
 - Failures are loggable events. On repeated MCP call failures, the agent
-  appends to `agent/journal.md` and surfaces the pattern at the next
+  appends to `journal/agent.md` and surfaces the pattern at the next
   hourly check.
 - Scope to the active task. MCP calls unrelated to the current flow's
   stated goal are skipped.

package/agent-assets/templates/{rules → policies}/redaction.md

@@ -22,7 +22,7 @@ redaction is performed in code by `packages/shared/src/secret-redaction.ts`.
 ## Context-specific (journal export)
 
 When exporting `daily/*.md` to an external vault (B-005), additional
-user-defined rules in `rules/journal-export.md` are applied on top.
+user-defined rules in `policies/journal-export.md` are applied on top.
 
 ## Appearance in logs
 

package/agent-assets/templates/{routines → policies/routines}/_index.md

@@ -17,4 +17,4 @@ I've added later via DM). All checks are treated equally.
 | `evening.md` | evening | `routine.evening_review` |
 | `weekly.md` | Friday | `routine.weekly_review` |
 | `monthly.md` | month-end | `routine.monthly_review` |
-| custom/<slug>.md | user-defined cron in `routines/custom/` | `routine.custom.<slug>` |
+| custom/<slug>.md | user-defined cron in `policies/routines/custom/` | `routine.custom.<slug>` |

package/agent-assets/templates/{routines → policies/routines}/evening.md

@@ -10,7 +10,7 @@ template_version: 1
 ## Checks
 
 ### Today → Handoff
-- **Action**: scan `today.md` for open items and summarize them into
+- **Action**: scan `state/today.md` for open items and summarize them into
   `## Handoff` so tomorrow's morning routine can pick them up
 
 ### Tomorrow preview
@@ -18,5 +18,5 @@ template_version: 1
   deadlines into `## Handoff`
 
 ### Journal tail
-- **Action**: append a 1–2 sentence note to `agent/journal.md` describing
+- **Action**: append a 1–2 sentence note to `journal/agent.md` describing
   anything surprising the agent observed today

package/agent-assets/templates/{routines → policies/routines}/hourly.md

@@ -21,7 +21,7 @@ skipping any whose preconditions are not met.
 
 ### Upcoming schedule
 - **Precondition**: always
-- **Action**: scan `today.md` `## Agent Plan` for items in the next 60
+- **Action**: scan `state/today.md` `## Agent Plan` for items in the next 60
   min; ensure each has a `scheduled.task` row.
 
 ## Skip conditions (applied before any check)

package/agent-assets/templates/{routines → policies/routines}/monthly.md

@@ -17,9 +17,9 @@ Fires on the last calendar day of the month. Output target:
   `daily/*.md` items
 
 ### Roadmap delta
-- **Action**: compare current `roadmap.md` against the month's progress;
+- **Action**: compare current `plans/roadmap.md` against the month's progress;
   highlight completed + delayed items
 
 ### Habit + health snapshot
-- **Action**: if the user logged health/habit data in `user/personal.md`,
+- **Action**: if the user logged health/habit data in `identity/personal.md`,
   surface month-over-month changes (opt-in only)

package/bin/aitne.mjs

@@ -8,6 +8,15 @@ import process from "node:process";
 import { fileURLToPath } from "node:url";
 import { ensureBuild } from "../scripts/run-node.mjs";
 import { fetchHttpOk, openBrowser } from "../scripts/browser.mjs";
+// Port defaults live in this plain-ESM module (NOT @aitne/shared, per the
+// pre-build constraint noted below). scripts/lib/ ships in the published
+// `files` list, so this import works in global installs too.
+import {
+  DEFAULT_API_PORT,
+  DEFAULT_DASHBOARD_PORT,
+  resolveApiPort,
+  resolveDashboardPort,
+} from "../scripts/lib/ports.mjs";
 
 const IS_WINDOWS = process.platform === "win32";
 
@@ -55,8 +64,8 @@ const DAEMON_PID_FILE = path.join(PIDS_DIR, "daemon.pid");
 const DASHBOARD_PID_FILE = path.join(PIDS_DIR, "dashboard.pid");
 const DAEMON_LOG_FILE = path.join(DATA_DIR, "logs", "daemon.log");
 const DASHBOARD_LOG_FILE = path.join(DATA_DIR, "logs", "dashboard.log");
-const DAEMON_PORT = parseInt(process.env.PA_API_PORT || "8321", 10);
-const DASHBOARD_PORT = parseInt(process.env.PA_DASHBOARD_PORT || "3000", 10);
+const DAEMON_PORT = resolveApiPort();
+const DASHBOARD_PORT = resolveDashboardPort();
 
 const VERSION = JSON.parse(
   fs.readFileSync(path.join(PROJECT_ROOT, "package.json"), "utf8"),
@@ -1004,8 +1013,8 @@ Options:
 
 Environment:
   PA_DATA_DIR                       Data directory (default: ~/.personal-agent)
-  PA_API_PORT                       Daemon port (default: 8321)
-  PA_DASHBOARD_PORT                 Dashboard port (default: 3000)
+  PA_API_PORT                       Daemon port (default: ${DEFAULT_API_PORT})
+  PA_DASHBOARD_PORT                 Dashboard port (default: ${DEFAULT_DASHBOARD_PORT})
 
 Examples:
   aitne start                       Launch in background

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aitne-sh/aitne",
-  "version": "0.1.8",
+  "version": "0.1.9",
   "description": "Aitne — a local-first, proactive personal AI agent. A long-running TypeScript daemon is the nervous system; Claude Code (or Codex / Gemini CLI) is the brain. All persistent memory lives in local Markdown files.",
   "keywords": [
     "ai",
@@ -43,9 +43,9 @@
     "README.md"
   ],
   "dependencies": {
-    "@aitne/daemon": "0.1.8",
-    "@aitne/dashboard": "0.1.8",
-    "@aitne/shared": "0.1.8"
+    "@aitne/daemon": "0.1.9",
+    "@aitne/dashboard": "0.1.9",
+    "@aitne/shared": "0.1.9"
   },
   "devDependencies": {
     "@typescript-eslint/eslint-plugin": "^8.58.1",
@@ -75,6 +75,7 @@
     "test": "node scripts/check-redaction-coverage.mjs && vitest run --coverage",
     "test:watch": "vitest",
     "check:redaction": "node scripts/check-redaction-coverage.mjs",
+    "check:vault-paths": "node scripts/check-vault-path-drift.mjs",
     "lint": "turbo run lint",
     "typecheck:tests": "turbo run typecheck:tests",
     "clean": "turbo run clean && node scripts/rm-paths.mjs node_modules .buildstamp"

package/scripts/commands/doctor.mjs

@@ -38,7 +38,7 @@ Exit code:
     await checkSecretStore(ctx),
     await checkBackendCli(),
     await checkProcessProbe(),
-    await checkBrowserOpener(),
+    await checkBrowserOpener(ctx.DASHBOARD_PORT),
     await checkDataDirWritable(ctx.DATA_DIR),
     await checkBetterSqlite3(ctx.PROJECT_ROOT),
     await checkAgentAssets(ctx.PROJECT_ROOT),
@@ -127,8 +127,8 @@ async function checkPort(label, port, pidFile, getRunningPid) {
     label,
     detail: `${port} in use by another process`,
     hint: label.startsWith("Daemon")
-      ? `Set PA_API_PORT to an open port (e.g. PA_API_PORT=8322 aitne start), or stop the conflicting process.`
-      : `Set PA_DASHBOARD_PORT to an open port (e.g. PA_DASHBOARD_PORT=3001 aitne start), or stop the conflicting process.`,
+      ? `Set PA_API_PORT to an open port (e.g. PA_API_PORT=8331 aitne start), or stop the conflicting process.`
+      : `Set PA_DASHBOARD_PORT to an open port (e.g. PA_DASHBOARD_PORT=8333 aitne start), or stop the conflicting process.`,
   };
 }
 
@@ -182,11 +182,17 @@ async function checkSecretStore(ctx) {
     }
   }
   if (platform === "win32") {
-    const psBinary = whichSync("powershell.exe") ? "powershell.exe" : "pwsh.exe";
+    // Match the factory's terminal fallback (secret-client-factory.ts:37-41): prefer
+    // in-box powershell.exe, else pwsh.exe, else default to powershell.exe — the exact
+    // binary the daemon will exec — so a both-missing FAIL names the right binary.
+    const psBinary = whichSync("powershell.exe") ? "powershell.exe" : (whichSync("pwsh.exe") ? "pwsh.exe" : "powershell.exe");
     try {
+      // Mirror WindowsDpapiSecretClient's real encrypt path: ConvertTo/From-SecureString
+      // (no -Key => DPAPI). Works on both powershell.exe (5.1) and pwsh.exe (7+); the prior
+      // [ProtectedData] type check false-fails on PowerShell-Core-only hosts that work fine.
       execFileSync(psBinary, [
-        "-NoProfile", "-Command",
-        "[System.Security.Cryptography.ProtectedData] | Out-Null; exit 0",
+        "-NoProfile", "-NonInteractive", "-Command",
+        "$s = ConvertTo-SecureString 'probe' -AsPlainText -Force; $e = ConvertFrom-SecureString $s; if (-not $e) { exit 1 }; exit 0",
       ], { stdio: "pipe", timeout: 5000 });
       return { status: "pass", label: "Secret store", detail: `Windows DPAPI via ${psBinary} reachable` };
     } catch (err) {
@@ -253,7 +259,7 @@ async function checkProcessProbe() {
  * Warn-only: nothing in the daemon depends on this; users can navigate to
  * the dashboard URL by hand if missing.
  */
-async function checkBrowserOpener() {
+async function checkBrowserOpener(dashboardPort) {
   const platform = process.platform;
   const tool =
     platform === "darwin" ? "open"
@@ -268,7 +274,7 @@ async function checkBrowserOpener() {
     detail: `${tool} not on PATH`,
     hint:
       platform === "linux"
-        ? "apt install xdg-utils  · or open http://localhost:3000 manually after `aitne start`."
+        ? `apt install xdg-utils  · or open http://localhost:${dashboardPort} manually after \`aitne start\`.`
         : "Auto-open is a convenience; the dashboard URL works in any browser.",
   };
 }

package/scripts/commands/run-now.mjs

@@ -9,8 +9,10 @@
  *     `docs/design/appendices/evening-review-slimdown.md` §2.2.
  *
  * Implementation:
- *   - Reads the daemon's apiToken from the macOS Keychain (the same
- *     entry the dashboard proxy uses). Bearer-auth required because
+ *   - Reads the daemon's apiToken from the OS secret store (macOS
+ *     Keychain, Windows DPAPI, Linux libsecret, or the encrypted file
+ *     fallback) via the shared cross-platform reader — the same entry
+ *     the dashboard proxy uses. Bearer-auth required because
  *     `POST /api/agent/run-now/*` routes are Approve-tier in the
  *     `risk-classifier`.
  *   - POSTs to `http://127.0.0.1:<PA_API_PORT>/api/agent/run-now/<job>`.
@@ -23,7 +25,7 @@
  *   - 3  daemon not running, not reachable, or 5xx
  *   - 4  result.status === "failed" — the job reported errors[]
  */
-import { execFileSync } from "node:child_process";
+import { readApiToken } from "../lib/read-api-token.mjs";
 
 const SUPPORTED_JOBS = new Set(["roadmap_maintenance"]);
 
@@ -53,7 +55,7 @@ export async function run(args, ctx) {
   const token = readApiToken();
   if (!token) {
     process.stderr.write(
-      "Failed to read daemon API token from the macOS Keychain.\n" +
+      "Failed to read the daemon API token from the OS secret store.\n" +
         "Is the daemon initialized? Run `aitne start` once first.\n",
     );
     process.exit(3);
@@ -125,23 +127,6 @@ function parseArgs(args) {
   return opts;
 }
 
-function readApiToken() {
-  try {
-    return execFileSync(
-      "security",
-      [
-        "find-generic-password",
-        "-s",
-        "com.personal-agent.secret.apiToken",
-        "-w",
-      ],
-      { encoding: "utf-8" },
-    ).trim();
-  } catch {
-    return null;
-  }
-}
-
 function printSummary(job, result) {
   if (job === "roadmap_maintenance") {
     if (!result || typeof result !== "object") {

package/scripts/lib/ports.d.mts

@@ -0,0 +1,27 @@
+/**
+ * Type declarations for the plain-ESM launcher mirror `ports.mjs`.
+ *
+ * `ports.mjs` is hand-written JavaScript (it must run before the TypeScript
+ * build), so it carries no inferred types. This sidecar lets TypeScript
+ * consumers — notably the `packages/shared/src/ports.test.ts` drift guard,
+ * which imports this module to assert it stays in lockstep with the TS
+ * source-of-truth `packages/shared/src/ports.ts` — typecheck the import under
+ * `strict`. Keep these signatures identical to `ports.ts`'s exports (minus
+ * `loopbackOrigins`, which is TS-only and not mirrored here).
+ */
+
+/** Daemon HTTP API port. Overridable via `PA_API_PORT`. */
+export const DEFAULT_API_PORT: number;
+
+/** Dashboard (Next.js) port. Overridable via `PA_DASHBOARD_PORT`. */
+export const DEFAULT_DASHBOARD_PORT: number;
+
+/** Resolve the daemon API port from env, falling back to DEFAULT_API_PORT. */
+export function resolveApiPort(
+  env?: Record<string, string | undefined>,
+): number;
+
+/** Resolve the dashboard port from env, falling back to DEFAULT_DASHBOARD_PORT. */
+export function resolveDashboardPort(
+  env?: Record<string, string | undefined>,
+): number;

package/scripts/lib/ports.mjs

@@ -0,0 +1,36 @@
+/**
+ * Default network ports for the Aitne daemon API and dashboard.
+ *
+ * SINGLE SOURCE OF TRUTH (launcher / plain-ESM side). `bin/aitne.mjs` and the
+ * `scripts/**` launchers cannot import `@aitne/shared`: they run *before* the
+ * TypeScript build that produces it (running `aitne start` is what triggers
+ * that build), and the published package ships only `bin` + `scripts/*.mjs` +
+ * `agent-assets`, never `packages/`. So the defaults are mirrored here in a
+ * build-independent module that lives under the published `scripts/lib/`.
+ *
+ * The TypeScript mirror lives in `packages/shared/src/ports.ts`. The two are
+ * pinned together by `packages/shared/src/ports.test.ts`, which fails CI if
+ * the values ever drift. Change a default in BOTH or the test goes red.
+ */
+
+/** Daemon HTTP API port. Overridable via `PA_API_PORT`. */
+export const DEFAULT_API_PORT = 8321;
+
+/** Dashboard (Next.js) port. Overridable via `PA_DASHBOARD_PORT`. Not 3000 — that collides with most dev servers. */
+export const DEFAULT_DASHBOARD_PORT = 8322;
+
+function parsePort(raw) {
+  if (raw == null || raw === "") return null;
+  const n = Number.parseInt(raw, 10);
+  return Number.isFinite(n) && n > 0 ? n : null;
+}
+
+/** Resolve the daemon API port from env, falling back to DEFAULT_API_PORT. */
+export function resolveApiPort(env = process.env) {
+  return parsePort(env.PA_API_PORT) ?? DEFAULT_API_PORT;
+}
+
+/** Resolve the dashboard port from env, falling back to DEFAULT_DASHBOARD_PORT. */
+export function resolveDashboardPort(env = process.env) {
+  return parsePort(env.PA_DASHBOARD_PORT) ?? DEFAULT_DASHBOARD_PORT;
+}

package/scripts/lib/read-api-token.mjs

@@ -0,0 +1,176 @@
+/**
+ * Cross-platform reader for the daemon's `apiToken` secret.
+ *
+ * CLI scripts (`run-now`, `remint-roadmap-ids`) need the daemon's apiToken to
+ * call Approve-tier `/api/...` routes, but they intentionally must run WITHOUT
+ * a successful `@aitne/shared` build (which only ships `./dist/*.js`). So this
+ * helper re-implements the per-OS read inline, mirroring the secret clients in
+ * `packages/shared/src/`:
+ *
+ *   - darwin → macOS Keychain via `security` (service com.personal-agent.secret.apiToken)
+ *   - win32  → DPAPI: decrypt ~/.personal-agent/secrets/apiToken.dpapi via PowerShell
+ *   - linux  → libsecret (`secret-tool lookup`), else the AES-256-GCM file store
+ *   - WSL / other → the AES-256-GCM file store
+ *
+ * The file-store format/params and the DPAPI script are copied verbatim from
+ * `secret-client-file.ts` / `secret-client-windows.ts` — keep them in sync if
+ * those change. The secret clients hardcode `~/.personal-agent/secrets` (they
+ * do NOT honor PA_DATA_DIR), so this helper uses the same homedir-relative
+ * location to find what the daemon actually wrote.
+ *
+ * Returns the token string, or null when it cannot be read; the caller decides
+ * how to message the failure. Best-effort: never throws (so a CLI never dies
+ * with a raw stack trace on a misconfigured secret store).
+ */
+import { execFileSync } from "node:child_process";
+import { existsSync, readFileSync, statSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { createDecipheriv, scryptSync } from "node:crypto";
+
+const SECRET_NAME = "apiToken";
+const KEYCHAIN_SERVICE = "com.personal-agent.secret.apiToken";
+
+function secretsDir() {
+  return join(homedir(), ".personal-agent", "secrets");
+}
+
+/** @returns {string | null} the daemon apiToken, or null if unreadable. */
+export function readApiToken() {
+  const platform = process.platform;
+  if (platform === "darwin") return readDarwin();
+  if (platform === "win32") return readWindows();
+  if (platform === "linux") {
+    if (!isWsl() && whichSync("secret-tool")) {
+      const fromKeyring = readSecretTool();
+      if (fromKeyring) return fromKeyring;
+    }
+    return readFileStore();
+  }
+  return readFileStore();
+}
+
+function readDarwin() {
+  // Byte-identical to the historical `security` read so macOS cannot regress.
+  try {
+    return execFileSync(
+      "security",
+      ["find-generic-password", "-s", KEYCHAIN_SERVICE, "-w"],
+      { encoding: "utf-8" },
+    ).trim();
+  } catch {
+    return null;
+  }
+}
+
+/** Cross-platform `which`, returning the resolved path or null. */
+function whichSync(cmd) {
+  const tool = process.platform === "win32" ? "where" : "which";
+  try {
+    const out = execFileSync(tool, [cmd], {
+      stdio: ["ignore", "pipe", "ignore"],
+      timeout: 2_000,
+    });
+    return out.toString().split(/\r?\n/)[0]?.trim() || null;
+  } catch {
+    return null;
+  }
+}
+
+function readWindows() {
+  const path = join(secretsDir(), `${SECRET_NAME}.dpapi`);
+  if (!existsSync(path)) return null;
+  const encrypted = readFileSync(path, "utf-8").trim();
+  // Prefer in-box Windows PowerShell 5.1, fall back to PowerShell 7+ (pwsh),
+  // matching the daemon's secret-client-factory resolution order.
+  const psBinary = whichSync("powershell.exe")
+    ? "powershell.exe"
+    : whichSync("pwsh.exe")
+      ? "pwsh.exe"
+      : "powershell.exe";
+  // Mirrors WindowsDpapiSecretClient.get(): DPAPI-decrypt via
+  // ConvertTo-SecureString and marshal back to plaintext. The ciphertext is
+  // passed via stdin, never interpolated into the script, to avoid injection.
+  const script = [
+    "$enc = [System.Console]::In.ReadToEnd().Trim()",
+    "$ss = ConvertTo-SecureString $enc",
+    "$bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($ss)",
+    "try { [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr) }",
+    "finally { [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($bstr) }",
+  ].join("; ");
+  try {
+    const out = execFileSync(
+      psBinary,
+      ["-NoProfile", "-NonInteractive", "-Command", script],
+      { input: encrypted, encoding: "utf-8", timeout: 10_000 },
+    );
+    return out.trimEnd() || null;
+  } catch {
+    return null;
+  }
+}
+
+function readSecretTool() {
+  try {
+    const out = execFileSync(
+      "secret-tool",
+      ["lookup", "service", "personal-agent", "key", SECRET_NAME],
+      { encoding: "utf-8", timeout: 5_000 },
+    );
+    return out.replace(/\n$/, "") || null;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Detect WSL. WSL reports platform "linux" but cannot use `secret-tool`
+ * (D-Bus / GNOME Keyring typically unavailable), so it uses the file store.
+ */
+function isWsl() {
+  try {
+    return /microsoft|wsl/i.test(readFileSync("/proc/version", "utf-8"));
+  } catch {
+    return false;
+  }
+}
+
+// ── AES-256-GCM file store (mirrors secret-client-file.ts) ────────────────
+const FILE_ALGORITHM = "aes-256-gcm";
+const FILE_KEY_LENGTH = 32; // 256 bits
+const FILE_SCRYPT = { N: 16384, r: 8, p: 1 };
+
+/** Resolve the file-store master password (env, then key file); null if none. */
+function resolveMasterPassword() {
+  if (process.env.PA_MASTER_PASSWORD) return process.env.PA_MASTER_PASSWORD;
+  const keyFilePath = join(secretsDir(), ".master-key");
+  if (!existsSync(keyFilePath)) return null;
+  // Refuse to read a key file with insecure permissions (mirrors the daemon's
+  // 0600/0400 gate); degrade to null rather than risk exposing it.
+  const mode = statSync(keyFilePath).mode & 0o777;
+  if (mode !== 0o600 && mode !== 0o400) return null;
+  return readFileSync(keyFilePath, "utf-8").trim();
+}
+
+function readFileStore() {
+  const path = join(secretsDir(), `${SECRET_NAME}.enc`);
+  if (!existsSync(path)) return null;
+  try {
+    const password = resolveMasterPassword();
+    if (!password) return null;
+    const stored = JSON.parse(readFileSync(path, "utf-8"));
+    const salt = Buffer.from(stored.salt, "hex");
+    const iv = Buffer.from(stored.iv, "hex");
+    const authTag = Buffer.from(stored.authTag, "hex");
+    const ciphertext = Buffer.from(stored.ciphertext, "hex");
+    const key = scryptSync(password, salt, FILE_KEY_LENGTH, FILE_SCRYPT);
+    const decipher = createDecipheriv(FILE_ALGORITHM, key, iv);
+    decipher.setAuthTag(authTag);
+    return Buffer.concat([
+      decipher.update(ciphertext),
+      decipher.final(),
+    ]).toString("utf-8");
+  } catch {
+    return null;
+  }
+}

package/scripts/start.mjs

@@ -6,6 +6,7 @@ import path from "node:path";
 import process from "node:process";
 import { ensureBuild, log } from "./run-node.mjs";
 import { openBrowser, waitForHttpReady } from "./browser.mjs";
+import { resolveDashboardPort } from "./lib/ports.mjs";
 
 const IS_WINDOWS = process.platform === "win32";
 const requireFromScript = createRequire(import.meta.url);
@@ -57,7 +58,7 @@ function nextSpawnArgs(dashboardDir, nextBin, userArgs) {
  * 5. Ctrl+C stops both
  */
 
-const DASHBOARD_PORT = parseInt(process.env.PA_DASHBOARD_PORT || "3000", 10);
+const DASHBOARD_PORT = resolveDashboardPort();
 const noOpen = process.argv.slice(2).includes("--no-open");
 const children = [];
 let shuttingDown = false;

package/agent-assets/docs/features/lifestyle/travel-time.md

@@ -1,58 +0,0 @@
----
-schema_version: 1
-slug: features/lifestyle/travel-time
-title: Travel Time
-id: travel-time
-aliases:
-  - door to door
-  - eta
-category: features
-summary: |
-  A skill that estimates door-to-door travel time given an origin
-  and destination — used by schedule-approaching reminders for
-  events with location.
-section: lifestyle
-tags:
-  - lifestyle
-  - travel
-  - skills
-status: stable
-ask_examples:
-  - How long will it take me to get to the airport?
-  - Does the agent know about traffic?
-locale: en-US
-created: 2026-04-25
-updated: 2026-04-25
-keywords:
-  - travel time
-  - departure time
-  - google maps
-  - commute
-  - ETA
-related:
-  - features/lifestyle/travel-bookings
-  - features/operations/schedule-approaching
----
-
-# Travel Time
-
-## In One Sentence
-
-A skill the agent calls to estimate door-to-door travel time before
-a calendar event with a location.
-
-## What It Does
-
-- Reads origin (current location, configured home/work) and
-  destination (event location).
-- Returns a typical-time estimate with mode (drive, transit, walk).
-- Used by `schedule-approaching` reminders to lead-time the alert.
-
-## Where in the Dashboard
-
-There is no operator surface for the travel-time data itself; the
-estimates appear inline in event reminders and morning routines.
-
-## Related
-
-- [Schedule Approaching](../operations/schedule-approaching.md)

package/agent-assets/skills/gmail-lifestyle/references/travel-time-api.md

@@ -1,59 +0,0 @@
----
-kind: reference
-name: travel-time-api
-description: /api/travel-time reference — Google Maps Directions wrapper. Estimate door-to-door duration and compute departure time for a calendar event with location.
----
-
-# `/api/travel-time` reference
-
-Uses the Google Maps Directions API. Prerequisite: `googleMapsApiKey`
-configured in the daemon's secret store, with the Directions API
-enabled.
-
-## GET /api/travel-time
-
-Estimate travel time between two locations.
-
-```bash
-# Transit (default)
-curl -s "http://localhost:8321/api/travel-time?origin=Grand+Central&destination=Times+Square"
-
-# Driving with arrival time
-curl -s "http://localhost:8321/api/travel-time?origin=Brooklyn&destination=Newark&mode=driving&arrival=2026-04-12T14:00:00-04:00"
-```
-
-| Param | Type | Default | Description |
-|-------|------|---------|-------------|
-| `origin` | string | (required) | Origin address or place name |
-| `destination` | string | (required) | Destination address or place name |
-| `mode` | string | transit | driving, transit, walking, bicycling |
-| `arrival` | ISO 8601 | — | Desired arrival time (computes departure time) |
-
-Response:
-
-```json
-{
-  "origin": "Grand Central Terminal, NY",
-  "destination": "Times Square, NY",
-  "mode": "transit",
-  "durationSeconds": 1380,
-  "durationText": "23 mins",
-  "distanceMeters": 8500,
-  "distanceText": "8.5 km",
-  "departBy": "2026-04-12T13:34:00.000Z"
-}
-```
-
-## GET /api/travel-time/for-event/:eventId
-
-```bash
-curl -s "http://localhost:8321/api/travel-time/for-event/abc123?origin=Home&mode=transit"
-```
-
-| Param | Type | Default | Description |
-|-------|------|---------|-------------|
-| `origin` | string | (required) | Your starting location |
-| `mode` | string | transit | Travel mode |
-
-Response includes both `event` and `travelTime` blocks; see the route
-implementation for full shape.