@aitne/daemon 0.1.9 → 0.1.10

package/dist/core/today-direct-writer.d.ts

@@ -1,9 +1,15 @@
 /**
- * Daemon-direct writer that appends a single bullet to today.md
- * `## Agent Log` without going through the agent at all. Used by the
- * three-stage hourly_check gate (cost-reduction-structural §B) on the
- * stage0_silent / stage2_log_only paths so a "no-op" cron tick still
- * leaves an audit trail in today.md without paying for an LLM session.
+ * Daemon-direct, lock-aware writes to today.md that run *before* (or
+ * instead of) an agent session — bypassing `/api/context/*` because there
+ * is no subprocess to issue the curl call from. Two operations live here:
+ *
+ *   1. {@link appendAgentLogLine} — append a single `## Agent Log` bullet.
+ *      Used by the three-stage hourly_check gate (cost-reduction-structural
+ *      §B) on the stage0_silent / stage2_log_only paths so a "no-op" cron
+ *      tick still leaves an audit trail without paying for an LLM session.
+ *   2. {@link ensureTodaySkeleton} — seed the canonical empty skeleton when
+ *      today.md is **absent**, so a section-only refresh routine has a valid
+ *      PATCH target instead of 404-ing and budget-burning on full-file PUTs.
  *
  * Why this lives in the daemon (not /api/context/* via curl):
  *   - These paths run *before* the agent is spawned. There is no
@@ -12,15 +18,16 @@
  *     `context-staleness.ts`) — the same tier the PATCH route already
  *     classifies for `## Agent Log` appends. Bypassing the route is
  *     fine because we never touch the prompt-context-changed hook here.
- *   - The today-write-lock invariant is preserved: we acquire it before
- *     mutating the file, so morning_routine and direct writes never
- *     interleave.
+ *   - The today-write-lock invariant is preserved: both functions acquire
+ *     it before mutating the file, so morning_routine and direct writes
+ *     never interleave.
  *
- * Failure mode: when today.md is missing, malformed, or lacks the
- * `## Agent Log` heading, the writer logs a warning and returns false
- * rather than synthesizing the structure — that is the morning routine's
- * job. The gate caller treats false as "log not appended; consume
- * observations regardless".
+ * Synthesis boundary: `appendAgentLogLine` NEVER synthesizes structure —
+ * a missing / malformed / heading-less file returns false and the gate
+ * caller proceeds. `ensureTodaySkeleton` synthesizes ONLY the empty
+ * skeleton, ONLY when the file is entirely absent, and never touches a
+ * present file. Neither populates today.md — full creation and repair stay
+ * the morning routine's job.
  */
 import type { TodayWriteLockManager } from "./today-write-lock.js";
 export interface AppendAgentLogLineInput {
@@ -61,6 +68,45 @@ export interface AppendAgentLogLineResult {
  * writers cleanly.
  */
 export declare function appendAgentLogLine(input: AppendAgentLogLineInput): Promise<AppendAgentLogLineResult>;
+export interface EnsureTodaySkeletonInput {
+    contextDir: string;
+    todayWriteLock: TodayWriteLockManager;
+}
+export interface EnsureTodaySkeletonResult {
+    seeded: boolean;
+    reason?: "already_present" | "lock_unavailable" | "io_error";
+}
+/**
+ * Guarantee a `today.md` working surface exists before a section-only
+ * refresh routine (`routine.today_refresh`) assumes it.
+ *
+ * `rotateDayFiles()` intentionally renames `today.md` → `yesterday.md` at
+ * the day boundary and relies on the morning routine to recreate the
+ * dated file. When the morning routine has not run yet — or failed (e.g.
+ * a quota/budget death with no fallback backend) — `today.md` is absent
+ * and the refresh task flow's `PATCH section=user_schedule` 404s. The
+ * agent then improvises full-file `PUT`s, which the strict
+ * `validateTodayContent` schema rejects line-by-line; on a single-backend
+ * binding with a tight per-turn budget that loop tips into
+ * `BackendQuotaError(max_budget_usd)` and the refresh dies without ever
+ * writing the file — the "Refresh Today does nothing" symptom.
+ *
+ * This deterministic pre-step removes that whole failure mode: when the
+ * file is **entirely absent** we seed the canonical empty skeleton so the
+ * agent's section PATCH always has a valid target. A file that already
+ * exists is left byte-untouched — a valid dated file OR the legacy
+ * `# Today` bridge stub both accept the section PATCH (the route's
+ * `allowLegacyToday` branch). We never repair a malformed-but-present
+ * file and never overwrite user content; full creation/repair stays the
+ * morning routine's job. The seeded skeleton is dateless (`# Today`), so
+ * it does NOT satisfy `hasCurrentAgentDayTodayMd()` and the pending
+ * morning-routine retry still fires and upgrades it.
+ *
+ * Lock-aware exactly like {@link appendAgentLogLine}: if the morning
+ * routine holds the today-write-lock (mid-creation) we skip and let it
+ * win — the refresh session then 409-defers on its own PATCH.
+ */
+export declare function ensureTodaySkeleton(input: EnsureTodaySkeletonInput): Promise<EnsureTodaySkeletonResult>;
 /**
  * Splice a new bullet line into the `## Agent Log` section, immediately
  * before the next `## ` heading or end-of-file. Returns null when the

package/dist/core/today-direct-writer.js

@@ -1,9 +1,15 @@
 /**
- * Daemon-direct writer that appends a single bullet to today.md
- * `## Agent Log` without going through the agent at all. Used by the
- * three-stage hourly_check gate (cost-reduction-structural §B) on the
- * stage0_silent / stage2_log_only paths so a "no-op" cron tick still
- * leaves an audit trail in today.md without paying for an LLM session.
+ * Daemon-direct, lock-aware writes to today.md that run *before* (or
+ * instead of) an agent session — bypassing `/api/context/*` because there
+ * is no subprocess to issue the curl call from. Two operations live here:
+ *
+ *   1. {@link appendAgentLogLine} — append a single `## Agent Log` bullet.
+ *      Used by the three-stage hourly_check gate (cost-reduction-structural
+ *      §B) on the stage0_silent / stage2_log_only paths so a "no-op" cron
+ *      tick still leaves an audit trail without paying for an LLM session.
+ *   2. {@link ensureTodaySkeleton} — seed the canonical empty skeleton when
+ *      today.md is **absent**, so a section-only refresh routine has a valid
+ *      PATCH target instead of 404-ing and budget-burning on full-file PUTs.
  *
  * Why this lives in the daemon (not /api/context/* via curl):
  *   - These paths run *before* the agent is spawned. There is no
@@ -12,20 +18,22 @@
  *     `context-staleness.ts`) — the same tier the PATCH route already
  *     classifies for `## Agent Log` appends. Bypassing the route is
  *     fine because we never touch the prompt-context-changed hook here.
- *   - The today-write-lock invariant is preserved: we acquire it before
- *     mutating the file, so morning_routine and direct writes never
- *     interleave.
+ *   - The today-write-lock invariant is preserved: both functions acquire
+ *     it before mutating the file, so morning_routine and direct writes
+ *     never interleave.
  *
- * Failure mode: when today.md is missing, malformed, or lacks the
- * `## Agent Log` heading, the writer logs a warning and returns false
- * rather than synthesizing the structure — that is the morning routine's
- * job. The gate caller treats false as "log not appended; consume
- * observations regardless".
+ * Synthesis boundary: `appendAgentLogLine` NEVER synthesizes structure —
+ * a missing / malformed / heading-less file returns false and the gate
+ * caller proceeds. `ensureTodaySkeleton` synthesizes ONLY the empty
+ * skeleton, ONLY when the file is entirely absent, and never touches a
+ * present file. Neither populates today.md — full creation and repair stay
+ * the morning routine's job.
  */
 import { existsSync, readFileSync } from "node:fs";
 import { writeFileAtomically } from "./atomic-write.js";
 import { serializeContextFileWrite } from "./context-file-serializer.js";
 import { fullPath, CONTEXT_RELATIVE_PATHS } from "./context-paths.js";
+import { FALLBACK_PLACEHOLDERS } from "./skeleton.js";
 import { createLogger } from "../logging.js";
 const logger = createLogger("today-direct-writer");
 const AGENT_LOG_HEADER = "## Agent Log";
@@ -87,6 +95,75 @@ export async function appendAgentLogLine(input) {
         input.todayWriteLock.release(lock.lockId);
     }
 }
+/**
+ * Canonical empty `today.md` skeleton, reused byte-for-byte from the
+ * boot-time seeder (`skeleton.ts`) so a refresh-path seed and a
+ * fresh-install seed produce identical structure. `skeleton.test.ts`
+ * asserts this placeholder matches `agent-assets/templates/state/today.md`
+ * byte-for-byte, so the two definitions never drift. The non-null
+ * assertion is safe: the key is a literal entry of `FALLBACK_PLACEHOLDERS`.
+ */
+const TODAY_SKELETON = FALLBACK_PLACEHOLDERS[CONTEXT_RELATIVE_PATHS.today];
+/**
+ * Guarantee a `today.md` working surface exists before a section-only
+ * refresh routine (`routine.today_refresh`) assumes it.
+ *
+ * `rotateDayFiles()` intentionally renames `today.md` → `yesterday.md` at
+ * the day boundary and relies on the morning routine to recreate the
+ * dated file. When the morning routine has not run yet — or failed (e.g.
+ * a quota/budget death with no fallback backend) — `today.md` is absent
+ * and the refresh task flow's `PATCH section=user_schedule` 404s. The
+ * agent then improvises full-file `PUT`s, which the strict
+ * `validateTodayContent` schema rejects line-by-line; on a single-backend
+ * binding with a tight per-turn budget that loop tips into
+ * `BackendQuotaError(max_budget_usd)` and the refresh dies without ever
+ * writing the file — the "Refresh Today does nothing" symptom.
+ *
+ * This deterministic pre-step removes that whole failure mode: when the
+ * file is **entirely absent** we seed the canonical empty skeleton so the
+ * agent's section PATCH always has a valid target. A file that already
+ * exists is left byte-untouched — a valid dated file OR the legacy
+ * `# Today` bridge stub both accept the section PATCH (the route's
+ * `allowLegacyToday` branch). We never repair a malformed-but-present
+ * file and never overwrite user content; full creation/repair stays the
+ * morning routine's job. The seeded skeleton is dateless (`# Today`), so
+ * it does NOT satisfy `hasCurrentAgentDayTodayMd()` and the pending
+ * morning-routine retry still fires and upgrades it.
+ *
+ * Lock-aware exactly like {@link appendAgentLogLine}: if the morning
+ * routine holds the today-write-lock (mid-creation) we skip and let it
+ * win — the refresh session then 409-defers on its own PATCH.
+ */
+export async function ensureTodaySkeleton(input) {
+    const lock = input.todayWriteLock.acquire();
+    if (!lock.ok) {
+        logger.info({ holder: lock.holder }, "Skipping today.md skeleton seed — today-write-lock held");
+        return { seeded: false, reason: "lock_unavailable" };
+    }
+    try {
+        const path = fullPath(input.contextDir, CONTEXT_RELATIVE_PATHS.today);
+        return await serializeContextFileWrite(path, () => {
+            if (existsSync(path)) {
+                return {
+                    seeded: false,
+                    reason: "already_present",
+                };
+            }
+            try {
+                writeFileAtomically(path, TODAY_SKELETON);
+                logger.info({ path }, "Seeded today.md skeleton for refresh — file was absent (morning routine not yet run for the agent-day)");
+                return { seeded: true };
+            }
+            catch (err) {
+                logger.error({ err, path }, "Failed to seed today.md skeleton");
+                return { seeded: false, reason: "io_error" };
+            }
+        });
+    }
+    finally {
+        input.todayWriteLock.release(lock.lockId);
+    }
+}
 /**
  * Splice a new bullet line into the `## Agent Log` section, immediately
  * before the next `## ` heading or end-of-file. Returns null when the

package/dist/core/wiki/wiki-fts.js

@@ -110,15 +110,22 @@ function extractTitleAndBody(content) {
     return { title, body };
 }
 function stripFrontmatter(content) {
-    if (!content.startsWith("---\n")) {
-        return { frontmatterKeys: {}, body: content };
+    // Obsidian vaults authored/synced on Windows (or checked out under
+    // git core.autocrlf=true) are CRLF. The frontmatter fence gate below is
+    // LF-only, so without this normalize a `---\r\n…---\r\n` block leaks into
+    // the indexed body and the title fallback never populates. Indexed
+    // body/title are search tokens only and never round-trip to disk, so
+    // collapsing interior CRLF to LF is harmless (LF input is unchanged).
+    const normalized = content.replace(/\r\n/g, "\n");
+    if (!normalized.startsWith("---\n")) {
+        return { frontmatterKeys: {}, body: normalized };
     }
-    const end = content.indexOf("\n---\n", 4);
+    const end = normalized.indexOf("\n---\n", 4);
     if (end < 0) {
-        return { frontmatterKeys: {}, body: content };
+        return { frontmatterKeys: {}, body: normalized };
     }
-    const frontmatter = content.slice(4, end);
-    const body = content.slice(end + 5);
+    const frontmatter = normalized.slice(4, end);
+    const body = normalized.slice(end + 5);
     const keys = {};
     for (const line of frontmatter.split("\n")) {
         const match = line.match(/^title:\s*(.*?)\s*$/);

package/dist/db/feedback-signals-store.d.ts

@@ -0,0 +1,77 @@
+import type Database from "better-sqlite3";
+export type FeedbackSignalSource = "behavioral" | "explicit" | "self_critique";
+export type FeedbackSignalValence = "positive" | "negative" | "neutral" | "correction";
+export type FeedbackScopeType = "user" | "agent" | "agent_slug" | "channel" | "task" | "integration";
+export type FeedbackActionKind = "notification" | "agent_execution" | "vault_write" | "dm_reply";
+export interface FeedbackSignalRow {
+    id: number;
+    created_at: string;
+    source: FeedbackSignalSource;
+    valence: FeedbackSignalValence | null;
+    scope_type: FeedbackScopeType;
+    scope_ref: string | null;
+    action_kind: FeedbackActionKind | null;
+    action_ref: string | null;
+    agent_id: string | null;
+    summary: string;
+    evidence_json: string | null;
+    consumed_at: string | null;
+    lesson_ref: string | null;
+}
+export interface RecordFeedbackSignalParams {
+    source: FeedbackSignalSource;
+    valence?: FeedbackSignalValence | null;
+    scopeType: FeedbackScopeType;
+    scopeRef?: string | null;
+    actionKind?: FeedbackActionKind | null;
+    actionRef?: string | null;
+    agentId?: string | null;
+    summary: string;
+    evidence?: unknown;
+}
+export interface RecentFeedbackSignalLookup {
+    scopeType: FeedbackScopeType;
+    scopeRef?: string | null;
+    summary: string;
+    withinSeconds: number;
+}
+export declare function recordFeedbackSignal(db: Database.Database, params: RecordFeedbackSignalParams): number;
+export declare function findRecentFeedbackSignal(db: Database.Database, params: RecentFeedbackSignalLookup): FeedbackSignalRow | null;
+export declare function hasFeedbackSignalForAction(db: Database.Database, params: {
+    source: FeedbackSignalSource;
+    actionKind: FeedbackActionKind;
+    actionRef: string;
+    valence?: FeedbackSignalValence | null;
+    userReaction?: string;
+}): boolean;
+export declare function getPendingFeedbackSignals(db: Database.Database, params?: {
+    scopeType?: FeedbackScopeType;
+    scopeRef?: string | null;
+    limit?: number;
+    offset?: number;
+}): FeedbackSignalRow[];
+/**
+ * Count unconsumed signals, optionally narrowed to one scope type. Drives the
+ * `GET /api/feedback/lessons` "N signals awaiting tonight's consolidation"
+ * health figure (FEEDBACK_LEARNING_LOOP_DESIGN.md §9 Phase 5) without loading
+ * the rows. Uses the same `consumed_at IS NULL` partial index as
+ * {@link getPendingFeedbackSignals}.
+ */
+export declare function countPendingFeedbackSignals(db: Database.Database, params?: {
+    scopeType?: FeedbackScopeType;
+}): number;
+export declare function consumeFeedbackSignals(db: Database.Database, ids: number[], lessonRef?: string | null): {
+    consumed: number;
+    notFound: number[];
+};
+export declare function sweepConsumedFeedbackSignals(db: Database.Database, cutoff: string): number;
+/**
+ * Compute the retention cutoff ISO timestamp for
+ * {@link sweepConsumedFeedbackSignals} from the `feedbackSignalRetentionDays`
+ * knob. Returns `null` when the knob is missing or non-finite (NaN / Infinity),
+ * so the caller degrades to "skip the sweep" instead of throwing on
+ * `new Date(NaN).toISOString()` and abandoning the whole nightly consolidation
+ * (FEEDBACK_LEARNING_LOOP_DESIGN.md §11 v1.3 robustness). `nowMs` is injected so
+ * the math is deterministically testable.
+ */
+export declare function feedbackRetentionCutoff(retentionDays: number | undefined, nowMs: number): string | null;

package/dist/db/feedback-signals-store.js

@@ -0,0 +1,144 @@
+export function recordFeedbackSignal(db, params) {
+    const evidenceJson = params.evidence === undefined ? "{}" : JSON.stringify(params.evidence);
+    const row = db
+        .prepare(`INSERT INTO feedback_signals (
+         source,
+         valence,
+         scope_type,
+         scope_ref,
+         action_kind,
+         action_ref,
+         agent_id,
+         summary,
+         evidence_json
+       )
+       VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+       RETURNING id`)
+        .get(params.source, params.valence ?? null, params.scopeType, params.scopeRef ?? null, params.actionKind ?? null, params.actionRef ?? null, params.agentId ?? null, params.summary, evidenceJson);
+    return row.id;
+}
+export function findRecentFeedbackSignal(db, params) {
+    const row = db
+        .prepare(`SELECT *
+       FROM feedback_signals
+       WHERE scope_type = ?
+         AND COALESCE(scope_ref, '') = COALESCE(?, '')
+         AND summary = ?
+         AND datetime(created_at) >= datetime('now', '-' || ? || ' seconds')
+       ORDER BY datetime(created_at) DESC, id DESC
+       LIMIT 1`)
+        .get(params.scopeType, params.scopeRef ?? null, params.summary, Math.max(0, Math.floor(params.withinSeconds)));
+    return row ?? null;
+}
+export function hasFeedbackSignalForAction(db, params) {
+    const where = [
+        "source = ?",
+        "action_kind = ?",
+        "action_ref = ?",
+    ];
+    const values = [params.source, params.actionKind, params.actionRef];
+    if (params.valence !== undefined) {
+        where.push(params.valence === null ? "valence IS NULL" : "valence = ?");
+        if (params.valence !== null)
+            values.push(params.valence);
+    }
+    if (params.userReaction !== undefined) {
+        where.push("json_extract(evidence_json, '$.userReaction') = ?");
+        values.push(params.userReaction);
+    }
+    const row = db
+        .prepare(`SELECT 1 AS present
+       FROM feedback_signals
+       WHERE ${where.join(" AND ")}
+       LIMIT 1`)
+        .get(...values);
+    return row !== undefined;
+}
+export function getPendingFeedbackSignals(db, params = {}) {
+    const where = ["consumed_at IS NULL"];
+    const values = [];
+    if (params.scopeType !== undefined) {
+        where.push("scope_type = ?");
+        values.push(params.scopeType);
+    }
+    if (params.scopeRef !== undefined) {
+        where.push("COALESCE(scope_ref, '') = COALESCE(?, '')");
+        values.push(params.scopeRef);
+    }
+    const limit = Math.min(Math.max(params.limit ?? 100, 1), 500);
+    const offset = Math.max(params.offset ?? 0, 0);
+    values.push(limit, offset);
+    return db
+        .prepare(`SELECT *
+       FROM feedback_signals
+       WHERE ${where.join(" AND ")}
+       ORDER BY datetime(created_at) ASC, id ASC
+       LIMIT ? OFFSET ?`)
+        .all(...values);
+}
+/**
+ * Count unconsumed signals, optionally narrowed to one scope type. Drives the
+ * `GET /api/feedback/lessons` "N signals awaiting tonight's consolidation"
+ * health figure (FEEDBACK_LEARNING_LOOP_DESIGN.md §9 Phase 5) without loading
+ * the rows. Uses the same `consumed_at IS NULL` partial index as
+ * {@link getPendingFeedbackSignals}.
+ */
+export function countPendingFeedbackSignals(db, params = {}) {
+    const where = ["consumed_at IS NULL"];
+    const values = [];
+    if (params.scopeType !== undefined) {
+        where.push("scope_type = ?");
+        values.push(params.scopeType);
+    }
+    const row = db
+        .prepare(`SELECT COUNT(*) AS n
+       FROM feedback_signals
+       WHERE ${where.join(" AND ")}`)
+        .get(...values);
+    return row.n;
+}
+export function consumeFeedbackSignals(db, ids, lessonRef) {
+    if (ids.length === 0)
+        return { consumed: 0, notFound: [] };
+    const placeholders = ids.map(() => "?").join(",");
+    const existing = db
+        .prepare(`SELECT id
+       FROM feedback_signals
+       WHERE id IN (${placeholders}) AND consumed_at IS NULL`)
+        .all(...ids);
+    const existingIds = new Set(existing.map((row) => row.id));
+    const notFound = ids.filter((id) => !existingIds.has(id));
+    if (existingIds.size === 0)
+        return { consumed: 0, notFound };
+    const updateIds = Array.from(existingIds);
+    const updatePlaceholders = updateIds.map(() => "?").join(",");
+    const consumed = db
+        .prepare(`UPDATE feedback_signals
+       SET consumed_at = CURRENT_TIMESTAMP, lesson_ref = COALESCE(?, lesson_ref)
+       WHERE id IN (${updatePlaceholders}) AND consumed_at IS NULL`)
+        .run(lessonRef ?? null, ...updateIds).changes;
+    return { consumed, notFound };
+}
+export function sweepConsumedFeedbackSignals(db, cutoff) {
+    return db
+        .prepare(`DELETE FROM feedback_signals
+       WHERE consumed_at IS NOT NULL
+         AND datetime(consumed_at) < datetime(?)`)
+        .run(cutoff).changes;
+}
+/**
+ * Compute the retention cutoff ISO timestamp for
+ * {@link sweepConsumedFeedbackSignals} from the `feedbackSignalRetentionDays`
+ * knob. Returns `null` when the knob is missing or non-finite (NaN / Infinity),
+ * so the caller degrades to "skip the sweep" instead of throwing on
+ * `new Date(NaN).toISOString()` and abandoning the whole nightly consolidation
+ * (FEEDBACK_LEARNING_LOOP_DESIGN.md §11 v1.3 robustness). `nowMs` is injected so
+ * the math is deterministically testable.
+ */
+export function feedbackRetentionCutoff(retentionDays, nowMs) {
+    if (typeof retentionDays !== "number" || !Number.isFinite(retentionDays)) {
+        return null;
+    }
+    const retentionMs = retentionDays * 24 * 60 * 60 * 1000;
+    return new Date(nowMs - retentionMs).toISOString();
+}

package/dist/db/migrations.js

@@ -379,6 +379,56 @@ export const MIGRATIONS = [
             db.exec("UPDATE agent_schedule SET task_prompt = task_description WHERE task_prompt IS NULL");
         },
     },
+    {
+        id: "0009-today-refresh-budget-bump",
+        description: "(v0.1.9→next) — raise the routine.today_refresh per-turn budget "
+            + "ceiling from the seeded $0.30 to $0.50 for upgrading installs still "
+            + "on the seeded default. The drift-triggered today.md ## User Schedule "
+            + "refresh reads up to 200 pending calendar observations and retries the "
+            + "section PATCH up to 3x with 30s backoffs when the morning-routine lock "
+            + "is held; a busy-calendar drift compounded by that retry loop tipped a "
+            + "real run past $0.30 and surfaced BackendQuotaError(max_budget_usd) with "
+            + "no fallback (claude is the only binding) — the prior $0.10→$0.30 bump "
+            + "did not hold. Backend-aware: applyDefaultPresets stores the post-hoc-"
+            + "scaled budget (codex/gemini medium x1.5), so the OLD default is $0.30 "
+            + "on claude/opencode and $0.45 on codex/gemini, and the NEW default is "
+            + "the $0.50 base scaled the same way -> $0.50 / $0.75. Fresh installs "
+            + "already get the new value from the schema seed + the per-process "
+            + "envelope-overrides map; this migration only touches pre-existing "
+            + "installs. Gated so it ONLY moves preset rows still at the OLD per-"
+            + "backend default — operator-pinned rows (updated_by='user') and rows "
+            + "already at a custom value are left untouched. Idempotent: after the "
+            + "bump no row sits in the old band, and the recorded id short-circuits a "
+            + "re-run anyway.",
+        up(db) {
+            // Empty-DB safety (e.g. the runner's own unit tests run on a bare
+            // :memory: db): if applySchema never ran, the table is absent — the
+            // runner still records the id so a later boot does not re-evaluate.
+            if (!tableExists(db, "process_backend_config"))
+                return;
+            // The NEW per-backend value mirrors what `resolveDefaultBindingFor`
+            // now produces for routine.today_refresh: the $0.50 base x the medium
+            // post-hoc factor (1.5 for codex/gemini, 1.0 for claude/opencode). The
+            // 0.75 literal is that product at migration time — a migration is a
+            // point-in-time snapshot, so the literal is correct even if the factor
+            // later changes. The old-default bands ([0.29,0.31] / [0.44,0.46]) keep
+            // us from clobbering a row already moved to a custom value while still
+            // tolerating float dust.
+            db.prepare(`UPDATE process_backend_config
+            SET max_budget_usd = CASE
+              WHEN main_backend IN ('codex', 'gemini') THEN 0.75
+              ELSE 0.5
+            END
+          WHERE process_key = 'routine.today_refresh'
+            AND updated_by = 'preset'
+            AND (
+              (main_backend IN ('codex', 'gemini')
+                 AND max_budget_usd >= 0.44 AND max_budget_usd <= 0.46)
+              OR (main_backend NOT IN ('codex', 'gemini')
+                 AND max_budget_usd >= 0.29 AND max_budget_usd <= 0.31)
+            )`).run();
+        },
+    },
 ];
 /**
  * Ensure the `schema_migrations` bookkeeping table exists, then apply every

package/dist/db/schema.js

@@ -382,6 +382,34 @@ CREATE TABLE IF NOT EXISTS notification_log (
 CREATE INDEX IF NOT EXISTS idx_notification_dispatch
     ON notification_log(dispatch_id, platform);
 
+-- ── Feedback Learning Loop (FEEDBACK_LEARNING_LOOP_DESIGN.md Phase 1) ────────
+--
+-- Typed, append-only raw feedback signals. This is the structured sibling of
+-- identity/profile.md "Raw Signals": behavioral notification outcomes, explicit
+-- owner directives, and review-routine self-critique all land here before the
+-- nightly consolidation pass promotes them into scoped lessons.
+CREATE TABLE IF NOT EXISTS feedback_signals (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    source TEXT NOT NULL
+        CHECK (source IN ('behavioral', 'explicit', 'self_critique')),
+    valence TEXT
+        CHECK (valence IN ('positive', 'negative', 'neutral', 'correction')),
+    scope_type TEXT NOT NULL
+        CHECK (scope_type IN ('user', 'agent', 'agent_slug', 'channel', 'task', 'integration')),
+    scope_ref TEXT,
+    action_kind TEXT,
+    action_ref TEXT,
+    agent_id TEXT,
+    summary TEXT NOT NULL,
+    evidence_json JSON DEFAULT '{}',
+    consumed_at TIMESTAMP,
+    lesson_ref TEXT
+);
+CREATE INDEX IF NOT EXISTS idx_feedback_unconsumed
+    ON feedback_signals(consumed_at, scope_type, scope_ref)
+    WHERE consumed_at IS NULL;
+
 CREATE TABLE IF NOT EXISTS owner_channels (
     platform TEXT PRIMARY KEY,
     sender_id TEXT,
@@ -2137,12 +2165,21 @@ VALUES
     ('routine.morning_routine_today',   'claude', '${DEFAULT_CLAUDE_MEDIUM_MODEL}', 50, 1.50, 'preset'),
     ('routine.morning_routine_journal', 'claude', '${DEFAULT_CLAUDE_LITE_MODEL}',   20, 0.30, 'preset'),
     ('routine.hourly_check',    'claude', '${DEFAULT_CLAUDE_MEDIUM_MODEL}',  50,  1.00, 'preset'),
-    -- $0.30 budget: a typical drift-triggered refresh on Sonnet runs ~$0.10
-    -- in 4 turns; the previous $0.10 cap left zero headroom and any larger
-    -- today.md / longer drift summary tipped over the SDK max_budget guard
-    -- and surfaced as BackendQuotaError(max_budget_usd). 3x observed cost
-    -- matches the headroom convention used by dashboard.docs_qa.
-    ('routine.today_refresh',   'claude', '${DEFAULT_CLAUDE_MEDIUM_MODEL}',  20,  0.30, 'preset'),
+    -- $0.50 budget: a typical drift-triggered refresh on Sonnet runs ~$0.10
+    -- in 4 turns, but a busy-calendar drift (many/large pending calendar
+    -- observations read via the task-flow GET limit=200) compounded by a
+    -- 409 morning-lock retry loop (3x with 30s backoffs) tipped a real run
+    -- past the prior $0.30 cap and surfaced as BackendQuotaError(max_budget_usd)
+    -- with no fallback (claude is the only binding). The previous $0.10→$0.30
+    -- bump did not hold. Realigned to $0.50 — the medium-tier 20-turn peer
+    -- dashboard.docs_qa value, and well under the superset
+    -- routine.morning_routine_today ($1.50), which writes the full today.md
+    -- from the same calendar data. A third trip should drive a
+    -- work-reduction fix (tighter GET limit / cheaper 409 backoff), not
+    -- another blind bump. Bumped for upgrading installs by migration 0009.
+    -- Keep in lock-step with ENVELOPE_OVERRIDES_BY_PROCESS_KEY in
+    -- plan-presets.ts.
+    ('routine.today_refresh',   'claude', '${DEFAULT_CLAUDE_MEDIUM_MODEL}',  20,  0.50, 'preset'),
     ('routine.evening_review',  'claude', '${DEFAULT_CLAUDE_MEDIUM_MODEL}',  50,  1.00, 'preset'),
     ('routine.weekly_review',   'claude', '${DEFAULT_CLAUDE_MEDIUM_MODEL}',  50,  1.00, 'preset'),
     -- routine.monthly_review: row seeded but the routine is gated OFF by

package/dist/safety/always-disallowed.d.ts

@@ -36,7 +36,7 @@
  * are matched as shell-command globs, Read/Write/Edit arguments as path
  * globs.
  */
-export declare const ALWAYS_DISALLOWED_TOOLS: readonly ["Bash(rm -rf *)", "Bash(rm -rf /*)", "Bash(rm -rf ~*)", "Bash(rm -rf .*)", "Bash(rm -r *)", "Bash(rm -rf*)", "Bash(rm -rv*)", "Bash(rm -ri*)", "Bash(rm -rd*)", "Bash(rm -rI*)", "Bash(rm -fr*)", "Bash(rm -vr*)", "Bash(rm -ir*)", "Bash(rm -dr*)", "Bash(rm -Ir*)", "Bash(rm -R*)", "Bash(rm -fR*)", "Bash(rm -vR*)", "Bash(rm -iR*)", "Bash(rm -dR*)", "Bash(rm -IR*)", "Bash(rm --recursive*)", "Bash(rm --force --recursive*)", "Bash(rm --recursive --force*)", "Bash(sudo *)", "Bash(doas *)", "Bash(su *)", "Bash(curl * | sh*)", "Bash(curl * | bash*)", "Bash(wget * | sh*)", "Bash(wget * | bash*)", "Bash(bash <(*)*)", "Bash(sh <(*)*)", "Bash(bash<*)", "Bash(sh<*)", "Bash(eval *)", "Bash(source *)", "Bash(security *)", "Bash(secret-tool *)", "Bash(cmdkey *)", "Bash(certutil *)", "Bash(rundll32.exe *)", "Read(.env)", "Read(.env.*)", "Read(**/.env)", "Read(**/.env.*)", "Read(id_rsa*)", "Read(id_ed25519*)", "Read(~/.ssh/**)", "Read(~/.gnupg/**)", "Read(~/.aws/**)", "Read(~/.config/gcloud/**)", "Read(~/.config/gh/hosts.yml)", "Read(~/.netrc)", "Read(~/Library/Keychains/**)", "Read(~/.local/share/keyrings/**)", "Read(~/.personal-agent/backups/**)", "Read(~/.personal-agent/whatsapp/auth/**)", "Read(~/.personal-agent/secrets/**)", "Write(.env)", "Edit(.env)", "Write(.env.*)", "Edit(.env.*)", "Write(**/.env)", "Edit(**/.env)", "Write(**/.env.*)", "Edit(**/.env.*)", "Write(id_rsa*)", "Edit(id_rsa*)", "Write(id_ed25519*)", "Edit(id_ed25519*)", "Write(~/.ssh/**)", "Edit(~/.ssh/**)", "Write(~/.gnupg/**)", "Edit(~/.gnupg/**)", "Write(~/.aws/**)", "Edit(~/.aws/**)", "Write(~/.config/gcloud/**)", "Edit(~/.config/gcloud/**)", "Write(~/.config/gh/hosts.yml)", "Edit(~/.config/gh/hosts.yml)", "Write(~/.netrc)", "Edit(~/.netrc)", "Write(~/Library/Keychains/**)", "Edit(~/Library/Keychains/**)", "Write(~/.local/share/keyrings/**)", "Edit(~/.local/share/keyrings/**)", "Write(~/.personal-agent/backups/**)", "Edit(~/.personal-agent/backups/**)", "Write(~/.personal-agent/whatsapp/auth/**)", "Edit(~/.personal-agent/whatsapp/auth/**)", "Write(~/.personal-agent/secrets/**)", "Edit(~/.personal-agent/secrets/**)", "Bash(sqlite3 *)", "Bash(cp ~/Library/Application Support/Google/Chrome/*)", "Bash(cp ~/Library/Application Support/Chromium/*)", "Bash(cp ~/Library/Application Support/Microsoft Edge/*)", "Bash(cp ~/Library/Application Support/BraveSoftware/*)", "Bash(cp ~/Library/Application Support/Comet/*)", "Bash(cp ~/Library/Application Support/Perplexity Comet/*)", "Bash(cp ~/Library/Application Support/com.openai.atlas/*)", "Bash(cp ~/.config/google-chrome/*)", "Bash(cp ~/.config/chromium/*)", "Bash(cp ~/.config/microsoft-edge/*)", "Bash(cp ~/.config/BraveSoftware/*)", "Bash(cp ~/.config/Comet/*)", "Bash(cp ~/.var/app/com.google.Chrome/*)", "Bash(cp /mnt/c/Users/*)", "Bash(curl file://*)", "Read(~/Library/Application Support/Google/Chrome/**)", "Read(~/Library/Application Support/Chromium/**)", "Read(~/Library/Application Support/Microsoft Edge/**)", "Read(~/Library/Application Support/BraveSoftware/**)", "Read(~/Library/Application Support/Comet/**)", "Read(~/Library/Application Support/Perplexity Comet/**)", "Read(~/Library/Application Support/com.openai.atlas/**)", "Read(~/.config/google-chrome/**)", "Read(~/.config/chromium/**)", "Read(~/.config/microsoft-edge/**)", "Read(~/.config/BraveSoftware/**)", "Read(~/.config/Comet/**)", "Read(~/.var/app/com.google.Chrome/**)", "Read(/mnt/c/Users/**)", "Write(~/Library/Application Support/Google/Chrome/**)", "Edit(~/Library/Application Support/Google/Chrome/**)", "Write(~/Library/Application Support/Chromium/**)", "Edit(~/Library/Application Support/Chromium/**)", "Write(~/Library/Application Support/Microsoft Edge/**)", "Edit(~/Library/Application Support/Microsoft Edge/**)", "Write(~/Library/Application Support/BraveSoftware/**)", "Edit(~/Library/Application Support/BraveSoftware/**)", "Write(~/Library/Application Support/Comet/**)", "Edit(~/Library/Application Support/Comet/**)", "Write(~/Library/Application Support/Perplexity Comet/**)", "Edit(~/Library/Application Support/Perplexity Comet/**)", "Write(~/Library/Application Support/com.openai.atlas/**)", "Edit(~/Library/Application Support/com.openai.atlas/**)", "Write(~/.config/google-chrome/**)", "Edit(~/.config/google-chrome/**)", "Write(~/.config/chromium/**)", "Edit(~/.config/chromium/**)", "Write(~/.config/microsoft-edge/**)", "Edit(~/.config/microsoft-edge/**)", "Write(~/.config/BraveSoftware/**)", "Edit(~/.config/BraveSoftware/**)", "Write(~/.config/Comet/**)", "Edit(~/.config/Comet/**)", "Write(~/.var/app/com.google.Chrome/**)", "Edit(~/.var/app/com.google.Chrome/**)", "Write(/mnt/c/Users/**)", "Edit(/mnt/c/Users/**)", "Bash(cp ~/.personal-agent/chromium-*)", "Bash(mv ~/.personal-agent/chromium-*)", "Bash(tar ~/.personal-agent/chromium-*)", "Bash(zip ~/.personal-agent/chromium-*)", "Bash(rsync ~/.personal-agent/chromium-*)", "Bash(cp $HOME/.personal-agent/chromium-*)", "Bash(mv $HOME/.personal-agent/chromium-*)", "Bash(tar $HOME/.personal-agent/chromium-*)", "Bash(zip $HOME/.personal-agent/chromium-*)", "Bash(rsync $HOME/.personal-agent/chromium-*)", "Read(~/.personal-agent/chromium-sync/**)", "Read(~/.personal-agent/chromium-automation/**)", "Read(~/.personal-agent/chromium-automation-anon/**)", "Read(~/.personal-agent/chromium-automation-auth/**)", "Read(~/.personal-agent/chromium-automation-purchase/**)", "Write(~/.personal-agent/chromium-sync/**)", "Edit(~/.personal-agent/chromium-sync/**)", "Write(~/.personal-agent/chromium-automation/**)", "Edit(~/.personal-agent/chromium-automation/**)", "Write(~/.personal-agent/chromium-automation-anon/**)", "Edit(~/.personal-agent/chromium-automation-anon/**)", "Write(~/.personal-agent/chromium-automation-auth/**)", "Edit(~/.personal-agent/chromium-automation-auth/**)", "Write(~/.personal-agent/chromium-automation-purchase/**)", "Edit(~/.personal-agent/chromium-automation-purchase/**)", "CronCreate", "CronList", "CronDelete", "RemoteTrigger", "PushNotification"];
+export declare const ALWAYS_DISALLOWED_TOOLS: readonly ["Bash(rm -rf *)", "Bash(rm -rf /*)", "Bash(rm -rf ~*)", "Bash(rm -rf .*)", "Bash(rm -r *)", "Bash(rm -rf*)", "Bash(rm -rv*)", "Bash(rm -ri*)", "Bash(rm -rd*)", "Bash(rm -rI*)", "Bash(rm -fr*)", "Bash(rm -vr*)", "Bash(rm -ir*)", "Bash(rm -dr*)", "Bash(rm -Ir*)", "Bash(rm -R*)", "Bash(rm -fR*)", "Bash(rm -vR*)", "Bash(rm -iR*)", "Bash(rm -dR*)", "Bash(rm -IR*)", "Bash(rm --recursive*)", "Bash(rm --force --recursive*)", "Bash(rm --recursive --force*)", "Bash(sudo *)", "Bash(doas *)", "Bash(su *)", "Bash(curl * | sh*)", "Bash(curl * | bash*)", "Bash(wget * | sh*)", "Bash(wget * | bash*)", "Bash(bash <(*)*)", "Bash(sh <(*)*)", "Bash(bash<*)", "Bash(sh<*)", "Bash(eval *)", "Bash(source *)", "Bash(security *)", "Bash(secret-tool *)", "Bash(cmdkey *)", "Bash(certutil *)", "Bash(rundll32.exe *)", "Read(.env)", "Read(.env.*)", "Read(**/.env)", "Read(**/.env.*)", "Read(id_rsa*)", "Read(id_ed25519*)", "Read(~/.ssh/**)", "Read(~/.gnupg/**)", "Read(~/.aws/**)", "Read(~/.config/gcloud/**)", "Read(~/.config/gh/hosts.yml)", "Read(~/.netrc)", "Read(~/Library/Keychains/**)", "Read(~/.local/share/keyrings/**)", "Read(~/.personal-agent/backups/**)", "Read(~/.personal-agent/whatsapp/auth/**)", "Read(~/.personal-agent/secrets/**)", "Read(~/.claude/.credentials.json)", "Read(~/.claude.json)", "Read(~/.codex/auth.json)", "Read(~/.gemini/gemini-credentials.json)", "Read(~/.gemini/oauth_creds.json)", "Read(~/.config/anthropic/**)", "Write(.env)", "Edit(.env)", "Write(.env.*)", "Edit(.env.*)", "Write(**/.env)", "Edit(**/.env)", "Write(**/.env.*)", "Edit(**/.env.*)", "Write(id_rsa*)", "Edit(id_rsa*)", "Write(id_ed25519*)", "Edit(id_ed25519*)", "Write(~/.ssh/**)", "Edit(~/.ssh/**)", "Write(~/.gnupg/**)", "Edit(~/.gnupg/**)", "Write(~/.aws/**)", "Edit(~/.aws/**)", "Write(~/.config/gcloud/**)", "Edit(~/.config/gcloud/**)", "Write(~/.config/gh/hosts.yml)", "Edit(~/.config/gh/hosts.yml)", "Write(~/.netrc)", "Edit(~/.netrc)", "Write(~/Library/Keychains/**)", "Edit(~/Library/Keychains/**)", "Write(~/.local/share/keyrings/**)", "Edit(~/.local/share/keyrings/**)", "Write(~/.personal-agent/backups/**)", "Edit(~/.personal-agent/backups/**)", "Write(~/.personal-agent/whatsapp/auth/**)", "Edit(~/.personal-agent/whatsapp/auth/**)", "Write(~/.personal-agent/secrets/**)", "Edit(~/.personal-agent/secrets/**)", "Write(~/.claude/.credentials.json)", "Edit(~/.claude/.credentials.json)", "Write(~/.claude.json)", "Edit(~/.claude.json)", "Write(~/.codex/auth.json)", "Edit(~/.codex/auth.json)", "Write(~/.gemini/gemini-credentials.json)", "Edit(~/.gemini/gemini-credentials.json)", "Write(~/.gemini/oauth_creds.json)", "Edit(~/.gemini/oauth_creds.json)", "Write(~/.config/anthropic/**)", "Edit(~/.config/anthropic/**)", "Bash(sqlite3 *)", "Bash(cp ~/Library/Application Support/Google/Chrome/*)", "Bash(cp ~/Library/Application Support/Chromium/*)", "Bash(cp ~/Library/Application Support/Microsoft Edge/*)", "Bash(cp ~/Library/Application Support/BraveSoftware/*)", "Bash(cp ~/Library/Application Support/Comet/*)", "Bash(cp ~/Library/Application Support/Perplexity Comet/*)", "Bash(cp ~/Library/Application Support/com.openai.atlas/*)", "Bash(cp ~/.config/google-chrome/*)", "Bash(cp ~/.config/chromium/*)", "Bash(cp ~/.config/microsoft-edge/*)", "Bash(cp ~/.config/BraveSoftware/*)", "Bash(cp ~/.config/Comet/*)", "Bash(cp ~/.var/app/com.google.Chrome/*)", "Bash(cp /mnt/c/Users/*)", "Bash(curl file://*)", "Read(~/Library/Application Support/Google/Chrome/**)", "Read(~/Library/Application Support/Chromium/**)", "Read(~/Library/Application Support/Microsoft Edge/**)", "Read(~/Library/Application Support/BraveSoftware/**)", "Read(~/Library/Application Support/Comet/**)", "Read(~/Library/Application Support/Perplexity Comet/**)", "Read(~/Library/Application Support/com.openai.atlas/**)", "Read(~/.config/google-chrome/**)", "Read(~/.config/chromium/**)", "Read(~/.config/microsoft-edge/**)", "Read(~/.config/BraveSoftware/**)", "Read(~/.config/Comet/**)", "Read(~/.var/app/com.google.Chrome/**)", "Read(/mnt/c/Users/**)", "Write(~/Library/Application Support/Google/Chrome/**)", "Edit(~/Library/Application Support/Google/Chrome/**)", "Write(~/Library/Application Support/Chromium/**)", "Edit(~/Library/Application Support/Chromium/**)", "Write(~/Library/Application Support/Microsoft Edge/**)", "Edit(~/Library/Application Support/Microsoft Edge/**)", "Write(~/Library/Application Support/BraveSoftware/**)", "Edit(~/Library/Application Support/BraveSoftware/**)", "Write(~/Library/Application Support/Comet/**)", "Edit(~/Library/Application Support/Comet/**)", "Write(~/Library/Application Support/Perplexity Comet/**)", "Edit(~/Library/Application Support/Perplexity Comet/**)", "Write(~/Library/Application Support/com.openai.atlas/**)", "Edit(~/Library/Application Support/com.openai.atlas/**)", "Write(~/.config/google-chrome/**)", "Edit(~/.config/google-chrome/**)", "Write(~/.config/chromium/**)", "Edit(~/.config/chromium/**)", "Write(~/.config/microsoft-edge/**)", "Edit(~/.config/microsoft-edge/**)", "Write(~/.config/BraveSoftware/**)", "Edit(~/.config/BraveSoftware/**)", "Write(~/.config/Comet/**)", "Edit(~/.config/Comet/**)", "Write(~/.var/app/com.google.Chrome/**)", "Edit(~/.var/app/com.google.Chrome/**)", "Write(/mnt/c/Users/**)", "Edit(/mnt/c/Users/**)", "Bash(cp ~/.personal-agent/chromium-*)", "Bash(mv ~/.personal-agent/chromium-*)", "Bash(tar ~/.personal-agent/chromium-*)", "Bash(zip ~/.personal-agent/chromium-*)", "Bash(rsync ~/.personal-agent/chromium-*)", "Bash(cp $HOME/.personal-agent/chromium-*)", "Bash(mv $HOME/.personal-agent/chromium-*)", "Bash(tar $HOME/.personal-agent/chromium-*)", "Bash(zip $HOME/.personal-agent/chromium-*)", "Bash(rsync $HOME/.personal-agent/chromium-*)", "Read(~/.personal-agent/chromium-sync/**)", "Read(~/.personal-agent/chromium-automation/**)", "Read(~/.personal-agent/chromium-automation-anon/**)", "Read(~/.personal-agent/chromium-automation-auth/**)", "Read(~/.personal-agent/chromium-automation-purchase/**)", "Write(~/.personal-agent/chromium-sync/**)", "Edit(~/.personal-agent/chromium-sync/**)", "Write(~/.personal-agent/chromium-automation/**)", "Edit(~/.personal-agent/chromium-automation/**)", "Write(~/.personal-agent/chromium-automation-anon/**)", "Edit(~/.personal-agent/chromium-automation-anon/**)", "Write(~/.personal-agent/chromium-automation-auth/**)", "Edit(~/.personal-agent/chromium-automation-auth/**)", "Write(~/.personal-agent/chromium-automation-purchase/**)", "Edit(~/.personal-agent/chromium-automation-purchase/**)", "CronCreate", "CronList", "CronDelete", "RemoteTrigger", "PushNotification"];
 /**
  * Structured classification of an attempted command or path against the
  * absolute-block list, used by the §6.3 audit path.