@algosuite/vo-mcp 0.1.0 → 0.2.0-beta.1

package/dist/runner-cli.js

@@ -0,0 +1,1940 @@
+#!/usr/bin/env node
+import { createRequire as __cr } from 'module'; const require = __cr(import.meta.url);
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res, err) => function __init() {
+  if (err) throw err[0];
+  try {
+    return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+  } catch (e) {
+    throw err = [e], e;
+  }
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+
+// src/runner/control-plane-auth-stub.mjs
+var control_plane_auth_stub_exports = {};
+__export(control_plane_auth_stub_exports, {
+  getFirebaseAuth: () => getFirebaseAuth
+});
+async function getFirebaseAuth() {
+  throw new Error(
+    "vo-mcp runner: no control-plane credential. Run `vo-mcp login` first \u2014 the runner authenticates with your stored vo_credential (or set VO_CONTROL_PLANE_ADMIN_TOKEN)."
+  );
+}
+var init_control_plane_auth_stub = __esm({
+  "src/runner/control-plane-auth-stub.mjs"() {
+  }
+});
+
+// src/cloud/credential-store.ts
+import { homedir } from "node:os";
+import { join, dirname } from "node:path";
+import {
+  existsSync,
+  mkdirSync,
+  readFileSync,
+  writeFileSync,
+  chmodSync,
+  rmSync
+} from "node:fs";
+
+// src/cloud/keychain.ts
+import { createRequire } from "node:module";
+var SERVICE = "vo-mcp";
+var ACCOUNT = "refresh-credential";
+var cached;
+function loadKeyring() {
+  if (cached !== void 0) return cached;
+  try {
+    const req = createRequire(import.meta.url);
+    const mod = req("@napi-rs/keyring");
+    cached = mod && typeof mod.Entry === "function" ? mod : null;
+  } catch {
+    cached = null;
+  }
+  return cached;
+}
+function keychainAvailable() {
+  return loadKeyring() !== null;
+}
+function keychainGet() {
+  const k = loadKeyring();
+  if (!k) return null;
+  try {
+    return new k.Entry(SERVICE, ACCOUNT).getPassword();
+  } catch {
+    return null;
+  }
+}
+function keychainSet(secret) {
+  const k = loadKeyring();
+  if (!k) return false;
+  try {
+    new k.Entry(SERVICE, ACCOUNT).setPassword(secret);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function keychainDelete() {
+  const k = loadKeyring();
+  if (!k) return false;
+  try {
+    return new k.Entry(SERVICE, ACCOUNT).deletePassword();
+  } catch {
+    return false;
+  }
+}
+
+// src/cloud/credential-store.ts
+var realKeychain = {
+  available: keychainAvailable,
+  get: keychainGet,
+  set: keychainSet,
+  delete: keychainDelete
+};
+function credentialPath(env2 = process.env) {
+  const override = env2["VO_MCP_CREDENTIALS_PATH"]?.trim();
+  if (override) return override;
+  return join(homedir(), ".config", "vo-mcp", "credentials.json");
+}
+function keychainEnabled(env2, keychain) {
+  const disabled = (env2["VO_MCP_DISABLE_KEYCHAIN"] ?? "").trim().toLowerCase();
+  if (disabled === "1" || disabled === "true" || disabled === "yes") return false;
+  return keychain.available();
+}
+function deserialize(raw) {
+  try {
+    const parsed = JSON.parse(raw);
+    const refresh = typeof parsed.refresh_token === "string" ? parsed.refresh_token.trim() : "";
+    const apiKey = typeof parsed.api_key === "string" ? parsed.api_key.trim() : "";
+    const voCred = typeof parsed.vo_credential === "string" ? parsed.vo_credential.trim() : "";
+    if (!voCred && (!refresh || !apiKey)) return null;
+    return {
+      ...refresh ? { refresh_token: refresh } : {},
+      ...apiKey ? { api_key: apiKey } : {},
+      ...voCred ? { vo_credential: voCred } : {},
+      ...typeof parsed.vo_credential_expires_at === "string" ? { vo_credential_expires_at: parsed.vo_credential_expires_at } : {},
+      ...typeof parsed.email === "string" ? { email: parsed.email } : {},
+      ...typeof parsed.stored_at === "string" ? { stored_at: parsed.stored_at } : {}
+    };
+  } catch {
+    return null;
+  }
+}
+function readFromFile(env2) {
+  try {
+    const p = credentialPath(env2);
+    if (!existsSync(p)) return null;
+    return deserialize(readFileSync(p, "utf8"));
+  } catch {
+    return null;
+  }
+}
+function readStoredCredential(env2 = process.env, keychain = realKeychain) {
+  if (keychainEnabled(env2, keychain)) {
+    const raw = keychain.get();
+    const fromKeychain = raw ? deserialize(raw) : null;
+    if (fromKeychain) return fromKeychain;
+  }
+  return readFromFile(env2);
+}
+
+// ../../scripts/virtual-office/code-runner-daemon.mjs
+import os from "node:os";
+import { fileURLToPath as fileURLToPath2 } from "node:url";
+
+// src/runner/worktree-helper.mjs
+import { spawnSync } from "node:child_process";
+import path from "node:path";
+import fs from "node:fs";
+function repoRoot() {
+  return process.env.VO_CODE_RUNNER_REPO || process.cwd();
+}
+function sanitize(value, fallback) {
+  const cleaned = String(value || "").trim().toLowerCase().replace(/[^a-z0-9._-]+/g, "-").replace(/^-+|-+$/g, "");
+  return cleaned || fallback;
+}
+function createFixWorktree(kind, error = {}) {
+  const root = repoRoot();
+  const safeKind = sanitize(kind, "task");
+  const safeTarget = sanitize(error.source || error.tester || "run", "run").slice(0, 24);
+  const stamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
+  const worktreeName = `${safeKind}-${safeTarget}-${stamp}`;
+  const branchName = `vo/${worktreeName}`;
+  const worktreeDir = path.join(root, ".agent-worktrees", worktreeName);
+  spawnSync("git", ["fetch", "origin", "main"], { cwd: root, timeout: 12e4 });
+  const add = spawnSync(
+    "git",
+    ["worktree", "add", "-B", branchName, worktreeDir, "origin/main"],
+    { cwd: root, encoding: "utf8", timeout: 12e4 }
+  );
+  if (add.status === 0 && fs.existsSync(worktreeDir)) {
+    return { worktreeDir, worktreeName };
+  }
+  console.error(
+    `[vo-mcp runner] worktree isolation unavailable: ${String(add.stderr || add.error || "").slice(0, 200)}`
+  );
+  return { worktreeDir: root, worktreeName: "" };
+}
+function cleanupFixWorktree(worktreeName) {
+  if (!worktreeName) return;
+  const root = repoRoot();
+  const worktreeDir = path.join(root, ".agent-worktrees", worktreeName);
+  spawnSync("git", ["worktree", "remove", "--force", worktreeDir], { cwd: root, timeout: 12e4 });
+}
+
+// src/runner/spend-cap-shim.mjs
+function resolveSpendCapUsd(value = process.env.VO_SPEND_CAP_USD ?? process.env.VO_CODE_DISPATCH_CAP_USD) {
+  const parsed = Number.parseFloat(String(value ?? ""));
+  if (!Number.isFinite(parsed) || parsed < 0) return 0;
+  return parsed;
+}
+
+// ../../scripts/virtual-office/code-runner/control-plane-client.mjs
+var cachedFirebaseToken = null;
+async function resolveBearer(env2) {
+  const adminToken = env2.VO_CONTROL_PLANE_ADMIN_TOKEN;
+  if (adminToken) return adminToken;
+  if (cachedFirebaseToken) return cachedFirebaseToken;
+  const { getFirebaseAuth: getFirebaseAuth2 } = await Promise.resolve().then(() => (init_control_plane_auth_stub(), control_plane_auth_stub_exports));
+  const auth = await getFirebaseAuth2({ env: env2 });
+  if (!auth || !auth.idToken) {
+    throw new Error(
+      "no control-plane credential: set VO_CONTROL_PLANE_ADMIN_TOKEN, or SMOKE_EMAIL/SMOKE_PASSWORD/SMOKE_API_KEY"
+    );
+  }
+  cachedFirebaseToken = auth.idToken;
+  return cachedFirebaseToken;
+}
+function createControlPlaneClient({
+  baseUrl = process.env.VO_CONTROL_PLANE_URL || "",
+  env: env2 = process.env,
+  fetchImpl = fetch
+} = {}) {
+  if (!baseUrl) {
+    throw new Error("VO_CONTROL_PLANE_URL is required for the code-runner daemon");
+  }
+  const root = baseUrl.replace(/\/+$/, "");
+  async function req(method, path3, body) {
+    const bearer = await resolveBearer(env2);
+    return fetchImpl(`${root}${path3}`, {
+      method,
+      headers: {
+        "content-type": "application/json",
+        authorization: `Bearer ${bearer}`
+      },
+      body: body === void 0 ? void 0 : JSON.stringify(body)
+    });
+  }
+  return {
+    /**
+     * Claim the next pending task. Returns the task or null (empty queue).
+     * `repos` (optional `owner/name` list) and `operatorIds` (optional
+     * `operator_id` list) scope the claim so this daemon only picks up tasks it
+     * serves — the control-plane filters by both (logical AND), so another
+     * operator's task never lands on (or bills) this machine.
+     */
+    async claim(runnerId, repos, operatorIds) {
+      const body = { runner_id: runnerId };
+      if (Array.isArray(repos) && repos.length > 0) body.repos = repos;
+      if (Array.isArray(operatorIds) && operatorIds.length > 0) body.operator_ids = operatorIds;
+      const res = await req("POST", "/api/v1/code-task/claim", body);
+      if (res.status === 401) {
+        cachedFirebaseToken = null;
+        throw new Error("claim unauthorized (401)");
+      }
+      if (!res.ok) throw new Error(`claim failed: HTTP ${res.status}`);
+      const json = await res.json();
+      return json && json.task ? json.task : null;
+    },
+    /**
+     * Enqueue a new code-task (used by the PR watcher to auto-dispatch a CI fix).
+     * Server derives operator/tenant from the daemon's authenticated principal.
+     * Returns the created task, or throws on a non-2xx response.
+     */
+    async enqueueCodeTask({ repo, prompt, max_budget_usd, max_turns }) {
+      const body = { repo, prompt };
+      if (typeof max_budget_usd === "number") body.max_budget_usd = max_budget_usd;
+      if (typeof max_turns === "number") body.max_turns = max_turns;
+      const res = await req("POST", "/api/v1/code-task", body);
+      if (res.status === 401) {
+        cachedFirebaseToken = null;
+        throw new Error("enqueue unauthorized (401)");
+      }
+      if (!res.ok) throw new Error(`enqueue failed: HTTP ${res.status}`);
+      const json = await res.json();
+      return json && json.task ? json.task : null;
+    },
+    /**
+     * Append progress / set terminal status. Returns
+     *   { task }            — applied
+     *   { terminal: true }  — task already terminal (operator cancelled): STOP
+     */
+    async postProgress(taskId, patch) {
+      const res = await req("PATCH", `/api/v1/code-task/${taskId}/progress`, patch);
+      if (res.status === 409) return { terminal: true };
+      if (res.status === 404) return { terminal: true, missing: true };
+      if (!res.ok) throw new Error(`progress failed: HTTP ${res.status}`);
+      const json = await res.json();
+      return { task: json && json.task };
+    },
+    /** Read the current task (cancel detection). Null on 404. */
+    async getTask(taskId) {
+      const res = await req("GET", `/api/v1/code-task/${taskId}`);
+      if (res.status === 404) return null;
+      if (!res.ok) throw new Error(`getTask failed: HTTP ${res.status}`);
+      const json = await res.json();
+      return json ? json.task : null;
+    },
+    /**
+     * Report this machine's rolling-7-day Claude Code token usage (the real
+     * weekly-capacity gauge) PLUS the operator's real Claude weekly % (when
+     * available). The daemon authenticates as admin, so the target `operatorId`
+     * is named explicitly. Best-effort; throws on a non-2xx so the caller can
+     * log + move on.
+     *
+     * `tokens` = { input_tokens, output_tokens, cache_creation_tokens, cache_read_tokens }.
+     * Optional: `claudeWeeklyPct` (number) + `claudeWeeklyResetsAt` (ISO string | null).
+     */
+    async postWeeklyTokens({ operatorId, runnerId, tokens, claudeWeeklyPct, claudeWeeklyResetsAt }) {
+      const body = {
+        operator_id: operatorId,
+        runner_id: runnerId,
+        input_tokens: tokens.input_tokens,
+        output_tokens: tokens.output_tokens,
+        cache_creation_tokens: tokens.cache_creation_tokens,
+        cache_read_tokens: tokens.cache_read_tokens
+      };
+      if (typeof claudeWeeklyPct === "number") {
+        body.claude_weekly_pct = claudeWeeklyPct;
+      }
+      if (claudeWeeklyResetsAt !== void 0) {
+        body.claude_weekly_resets_at = claudeWeeklyResetsAt;
+      }
+      const res = await req("POST", "/api/v1/weekly-tokens", body);
+      if (res.status === 401) {
+        cachedFirebaseToken = null;
+        throw new Error("weekly-tokens unauthorized (401)");
+      }
+      if (!res.ok) throw new Error(`weekly-tokens failed: HTTP ${res.status}`);
+      return true;
+    },
+    /**
+     * Read the operator's dispatch-mode config (Fast→Ultracode effort setting).
+     * Returns the mode string ('fast'|'standard'|'deep'|'ultra'|'ultracode'),
+     * defaulting to 'standard' on any error. Never throws — best-effort.
+     */
+    async getDispatchMode() {
+      try {
+        const res = await req("GET", "/api/v1/dispatch-mode-config");
+        if (!res.ok) return "standard";
+        const json = await res.json();
+        return json?.dispatchMode || "standard";
+      } catch {
+        return "standard";
+      }
+    }
+  };
+}
+
+// ../../scripts/virtual-office/code-runner/claude-runner.mjs
+import { spawn } from "node:child_process";
+import { spawnSync as spawnSync2 } from "node:child_process";
+var DEFAULT_PERMISSION_MODE = "acceptEdits";
+function extractText(content) {
+  if (typeof content === "string") return content.trim();
+  if (Array.isArray(content)) {
+    return content.filter((b) => b && b.type === "text" && typeof b.text === "string").map((b) => b.text).join("").trim();
+  }
+  return "";
+}
+function parseStreamEvent(line) {
+  const trimmed = String(line || "").trim();
+  if (!trimmed) return null;
+  let evt;
+  try {
+    evt = JSON.parse(trimmed);
+  } catch {
+    return null;
+  }
+  if (!evt || typeof evt !== "object") return null;
+  if (evt.type === "assistant" && evt.message && evt.message.content) {
+    const text = extractText(evt.message.content);
+    return text ? { kind: "progress", text } : null;
+  }
+  if (evt.type === "result") {
+    const isError = Boolean(evt.is_error) || evt.subtype === "error_max_turns" || evt.subtype === "error_during_execution";
+    return {
+      kind: "result",
+      isError,
+      costUsd: typeof evt.total_cost_usd === "number" ? evt.total_cost_usd : null,
+      summary: typeof evt.result === "string" && evt.result.length > 0 ? evt.result : evt.subtype || (isError ? "error" : "completed"),
+      numTurns: typeof evt.num_turns === "number" ? evt.num_turns : null
+    };
+  }
+  return null;
+}
+function buildClaudeArgs({ permissionMode = DEFAULT_PERMISSION_MODE, maxTurns, model } = {}) {
+  const args = [
+    "-p",
+    "--output-format",
+    "stream-json",
+    "--verbose",
+    "--permission-mode",
+    String(permissionMode || DEFAULT_PERMISSION_MODE)
+  ];
+  if (Number.isInteger(maxTurns) && maxTurns > 0) {
+    args.push("--max-turns", String(maxTurns));
+  }
+  if (model) {
+    args.push("--model", String(model));
+  }
+  return args;
+}
+function runClaudeTask({
+  prompt,
+  cwd,
+  claudeBin = "claude",
+  permissionMode,
+  maxTurns,
+  model,
+  env: env2 = process.env,
+  onProgress = () => {
+  },
+  shouldCancel = async () => false,
+  cancelPollMs = 5e3,
+  maxWallClockMs = 0,
+  spawnImpl = spawn
+}) {
+  return new Promise((resolve) => {
+    const args = buildClaudeArgs({ permissionMode, maxTurns, model });
+    const child = spawnImpl(claudeBin, args, {
+      cwd,
+      env: { ...env2 },
+      stdio: ["pipe", "pipe", "pipe"],
+      // Windows: `claude` is a `.cmd` shim → spawn needs a shell to resolve it
+      // (without it: spawn ENOENT). Safe because the prompt goes via stdin
+      // below, never argv, so the shell never sees untrusted input.
+      shell: process.platform === "win32",
+      windowsHide: true
+    });
+    try {
+      child.stdin.write(String(prompt));
+      child.stdin.end();
+    } catch {
+    }
+    let buffer = "";
+    let result = { ok: false, costUsd: null, summary: "", numTurns: null, killed: false };
+    let killed = false;
+    let timedOut = false;
+    let stderrTail = "";
+    const hardKill = () => {
+      try {
+        child.kill("SIGTERM");
+      } catch {
+      }
+      setTimeout(() => {
+        try {
+          child.kill("SIGKILL");
+        } catch {
+        }
+      }, 5e3);
+    };
+    const wallTimer = maxWallClockMs > 0 ? setTimeout(() => {
+      timedOut = true;
+      clearInterval(poll);
+      hardKill();
+    }, maxWallClockMs) : null;
+    child.stdout.on("data", (chunk) => {
+      buffer += chunk.toString();
+      let nl;
+      while ((nl = buffer.indexOf("\n")) >= 0) {
+        const line = buffer.slice(0, nl);
+        buffer = buffer.slice(nl + 1);
+        const evt = parseStreamEvent(line);
+        if (!evt) continue;
+        if (evt.kind === "progress") {
+          try {
+            onProgress(evt.text.slice(0, 1500));
+          } catch {
+          }
+        } else if (evt.kind === "result") {
+          result = {
+            ...result,
+            ok: !evt.isError,
+            costUsd: evt.costUsd,
+            summary: evt.summary,
+            numTurns: evt.numTurns
+          };
+        }
+      }
+    });
+    child.stderr.on("data", (c) => {
+      stderrTail = (stderrTail + c.toString()).slice(-4e3);
+    });
+    child.on("error", (err) => {
+      clearInterval(poll);
+      if (wallTimer) clearTimeout(wallTimer);
+      resolve({ ...result, ok: false, summary: `spawn error: ${err.message}` });
+    });
+    const poll = setInterval(() => {
+      Promise.resolve().then(() => shouldCancel()).then((cancel) => {
+        if (cancel && !killed) {
+          killed = true;
+          clearInterval(poll);
+          hardKill();
+        }
+      }).catch(() => {
+      });
+    }, cancelPollMs);
+    child.on("close", (code) => {
+      clearInterval(poll);
+      if (wallTimer) clearTimeout(wallTimer);
+      if (timedOut) {
+        resolve({
+          ...result,
+          ok: false,
+          timedOut: true,
+          summary: `wall-clock timeout (${maxWallClockMs}ms)`
+        });
+        return;
+      }
+      if (killed) {
+        resolve({ ...result, ok: false, killed: true, summary: "cancelled by operator" });
+        return;
+      }
+      if (!result.summary && code !== 0) {
+        result.summary = stderrTail.slice(-500) || `claude exited ${code}`;
+      }
+      resolve({ ...result, ok: result.ok && code === 0 });
+    });
+  });
+}
+var ClaudeRunner = class {
+  get binary() {
+    return "claude";
+  }
+  buildArgs({ permissionMode, maxTurns, model } = {}) {
+    return buildClaudeArgs({ permissionMode, maxTurns, model });
+  }
+  parseEvent(line) {
+    return parseStreamEvent(line);
+  }
+  getSpawnOptions() {
+    return {
+      shell: process.platform === "win32",
+      windowsHide: true
+    };
+  }
+  /**
+   * Best-effort auth check: is `claude` on PATH and can we verify login?
+   * Never throws. If we can't cheaply detect auth, we return installed:true
+   * and let the real spawn fail with a clearer error from the CLI itself.
+   */
+  async checkAuth() {
+    try {
+      const { status, error } = spawnSync2("claude", ["--version"], {
+        shell: process.platform === "win32",
+        windowsHide: true,
+        timeout: 3e3,
+        stdio: "ignore"
+      });
+      if (error) {
+        return {
+          installed: false,
+          authenticated: false,
+          message: `claude not found on PATH: ${error.message}`
+        };
+      }
+      if (status !== 0) {
+        return {
+          installed: true,
+          authenticated: false,
+          message: "claude binary exists but --version failed (auth unclear)"
+        };
+      }
+      return {
+        installed: true,
+        authenticated: true,
+        message: "claude binary found (auth check is best-effort)"
+      };
+    } catch (err) {
+      return {
+        installed: false,
+        authenticated: false,
+        message: `checkAuth probe failed: ${err.message}`
+      };
+    }
+  }
+};
+var claudeRunner = new ClaudeRunner();
+
+// ../../scripts/virtual-office/code-runner/rate-limit-resume.mjs
+import { appendFileSync, mkdirSync as mkdirSync2 } from "node:fs";
+import { homedir as homedir2 } from "node:os";
+import { join as join2, dirname as dirname2 } from "node:path";
+
+// ../../scripts/ci/rate-limit-detector-core.mjs
+var RATE_LIMIT_RE = /\b(?:usage limit reached|usage limit|rate[ _-]?limit(?:ed|_error)?|too many requests|\b429\b|limit (?:will )?reset)/i;
+function extractResumeAfter(text, { now = null } = {}) {
+  const s = String(text || "");
+  const iso = s.match(/\b(\d{4}-\d{2}-\d{2}[T ]\d{2}:\d{2}(?::\d{2})?(?:\.\d+)?(?:Z|[+-]\d{2}:?\d{2})?)\b/);
+  if (iso) {
+    const t = Date.parse(iso[1].replace(" ", "T"));
+    if (Number.isFinite(t)) return new Date(t).toISOString();
+  }
+  const epoch = s.match(/(?:reset|resets|retry[- ]?after|available)[^0-9]{0,20}(\d{10,13})/i);
+  if (epoch) {
+    let n = Number(epoch[1]);
+    if (n < 1e12) n *= 1e3;
+    if (Number.isFinite(n)) return new Date(n).toISOString();
+  }
+  const after = s.match(/retry[- ]?after[^0-9]{0,8}(\d{1,6})\s*(?:s|sec|seconds)?\b/i);
+  if (after && now != null) {
+    const t = new Date(now).getTime() + Number(after[1]) * 1e3;
+    if (Number.isFinite(t)) return new Date(t).toISOString();
+  }
+  return null;
+}
+function detectRateLimit(text, { now = null } = {}) {
+  const s = String(text || "");
+  const rateLimited = RATE_LIMIT_RE.test(s);
+  return {
+    rateLimited,
+    resumeAfter: rateLimited ? extractResumeAfter(s, { now }) : null
+  };
+}
+
+// ../../scripts/virtual-office/code-runner/rate-limit-resume.mjs
+function resumeQueuePath() {
+  return join2(homedir2(), ".claude", "resume-queue.jsonl");
+}
+function buildResumeEntry({ task = {}, resumeAfter = null, summary = "", at } = {}) {
+  return {
+    kind: "rate_limited_code_task",
+    at,
+    code_task_id: task.code_task_id || null,
+    repo: task.repo || null,
+    operator_id: task.operator_id || null,
+    prompt: task.prompt || "",
+    resume_after: resumeAfter,
+    // ISO string, or null (scheduler backs off when null)
+    attempts: Number(task._resume_attempts || 0) + 1,
+    summary: String(summary).slice(0, 500)
+  };
+}
+function recordRateLimited({ task = {}, resumeAfter = null, summary = "", queuePath = resumeQueuePath(), at = (/* @__PURE__ */ new Date()).toISOString() } = {}) {
+  const entry = buildResumeEntry({ task, resumeAfter, summary, at });
+  try {
+    mkdirSync2(dirname2(queuePath), { recursive: true });
+    appendFileSync(queuePath, `${JSON.stringify(entry)}
+`, "utf-8");
+    return { ok: true, entry };
+  } catch (e) {
+    return { ok: false, error: e && e.message ? e.message : "write failed", entry };
+  }
+}
+function classifyFailureForResume({
+  enabled = false,
+  run: run2 = {},
+  task = {},
+  now = (/* @__PURE__ */ new Date()).toISOString(),
+  detect = detectRateLimit,
+  record = recordRateLimited
+} = {}) {
+  if (enabled) {
+    const rl = detect(run2.summary, { now });
+    if (rl.rateLimited) {
+      const rec = record({ task, resumeAfter: rl.resumeAfter, summary: run2.summary });
+      return {
+        rateLimited: true,
+        resumeAfter: rl.resumeAfter,
+        recorded: !!(rec && rec.ok),
+        progress: {
+          status: "failed",
+          message: `rate-limited (resumable): ${run2.summary}`.slice(0, 1500),
+          result: "rate_limited"
+        }
+      };
+    }
+  }
+  return {
+    rateLimited: false,
+    progress: {
+      status: "failed",
+      message: `agent failed: ${run2.summary}`.slice(0, 1500),
+      result: String(run2.summary).slice(0, 2e3)
+    }
+  };
+}
+
+// ../../scripts/virtual-office/code-runner/publish.mjs
+import { spawnSync as spawnSync3 } from "node:child_process";
+function run(cmd, args, cwd, { timeout = 18e4, raw = false } = {}) {
+  const r = spawnSync3(cmd, args, { cwd, encoding: "utf8", timeout });
+  if (r.error) throw r.error;
+  if (r.status !== 0) {
+    throw new Error(`${cmd} ${args[0]} failed (exit ${r.status}): ${(r.stderr || "").slice(-300)}`);
+  }
+  const out = r.stdout || "";
+  return raw ? out : out.trim();
+}
+function parsePorcelainZ(out) {
+  const tokens = String(out).split("\0");
+  const files = [];
+  for (let i = 0; i < tokens.length; i += 1) {
+    const tok = tokens[i];
+    if (!tok) continue;
+    const path3 = tok.slice(3);
+    if (path3) files.push(path3);
+    if (tok[0] === "R" || tok[0] === "C") i += 1;
+  }
+  return files;
+}
+var SCRATCH_PATTERNS = [
+  /(^|\/)\.tmp-/i,
+  // .tmp-pr-body.md and other dot-temp scratch
+  /(^|\/)tmp\/pr[-_]?(body|description)/i,
+  // tmp/pr-body.md, tmp/pr_description...
+  /(^|\/)pr[-_]?(body|description)(\.(md|txt))?$/i
+  // pr-body.md, PR_DESCRIPTION.txt
+];
+function isAgentScratch(path3) {
+  const p = String(path3 || "");
+  return SCRATCH_PATTERNS.some((re) => re.test(p));
+}
+function listChangedFiles(cwd) {
+  const out = run("git", ["-c", "core.quotepath=false", "status", "--porcelain", "-z"], cwd, {
+    timeout: 6e4,
+    raw: true
+  });
+  return parsePorcelainZ(out);
+}
+function listCommittedFiles(cwd, base = "origin/main") {
+  try {
+    run("git", ["fetch", "origin", "main"], cwd, { timeout: 6e4 });
+  } catch {
+  }
+  try {
+    const out = run(
+      "git",
+      ["-c", "core.quotepath=false", "diff", "--name-only", "-z", `${base}...HEAD`],
+      cwd,
+      { timeout: 6e4, raw: true }
+    );
+    return String(out).split("\0").map((s) => s.trim()).filter(Boolean);
+  } catch {
+    return [];
+  }
+}
+function compactTitle(s, max = 100) {
+  return String(s || "").replace(/\s+/g, " ").trim().slice(0, max) || "code-task";
+}
+function openCodeTaskPr(worktreeDir, files, {
+  title,
+  body,
+  branchPrefix = "vo/code-task",
+  botName = "vo-code-runner",
+  botEmail = "vo-code-runner@algosuite.ai",
+  maxFiles = 200,
+  // Safety net: the agent already COMMITTED its work to a branch (despite the
+  // preamble). Skip add+commit; just push the existing branch and open the PR.
+  alreadyCommitted = false
+} = {}) {
+  if (!Array.isArray(files) || files.length === 0) {
+    throw new Error("openCodeTaskPr: no files to commit");
+  }
+  const cleaned = files.filter((f) => !isAgentScratch(f));
+  if (!alreadyCommitted && cleaned.length === 0) {
+    throw new Error("openCodeTaskPr: only scratch files, nothing to commit");
+  }
+  const toAdd = cleaned.slice(0, maxFiles);
+  run("git", ["config", "user.name", botName], worktreeDir);
+  run("git", ["config", "user.email", botEmail], worktreeDir);
+  let branch = "";
+  try {
+    branch = run("git", ["branch", "--show-current"], worktreeDir, { timeout: 3e4 });
+  } catch {
+  }
+  if (alreadyCommitted) {
+    if (!branch || branch === "main" || branch === "HEAD") {
+      const stamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
+      branch = `${branchPrefix}-${stamp}`;
+      run("git", ["checkout", "-b", branch], worktreeDir);
+    }
+    run("git", ["push", "origin", branch], worktreeDir);
+  } else {
+    if (!branch || branch === "main" || branch === "HEAD") {
+      const stamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
+      branch = `${branchPrefix}-${stamp}`;
+      run("git", ["fetch", "origin", "main"], worktreeDir, { timeout: 6e4 });
+      run("git", ["checkout", "-b", branch, "origin/main"], worktreeDir);
+    }
+    for (const f of toAdd) {
+      run("git", ["add", "--", f], worktreeDir, { timeout: 6e4 });
+    }
+    const commitMsg = compactTitle(title, 180);
+    run("git", ["commit", "--no-verify", "-m", commitMsg], worktreeDir);
+    run("git", ["push", "origin", branch], worktreeDir);
+  }
+  const out = run(
+    "gh",
+    [
+      "pr",
+      "create",
+      "--base",
+      "main",
+      "--head",
+      branch,
+      "--title",
+      compactTitle(title),
+      "--body",
+      String(body || "")
+    ],
+    worktreeDir
+  );
+  const m = out.match(/https:\/\/github\.com\/[^/]+\/[^/]+\/pull\/(\d+)/);
+  if (!m) throw new Error("gh pr create returned no parseable PR URL");
+  return { prUrl: m[0], prNumber: Number(m[1]), branch, truncated: cleaned.length > maxFiles };
+}
+
+// ../../scripts/virtual-office/code-runner/dispatch-onboarding.mjs
+var MANDATORY_READS = [
+  "CLAUDE.md (repo root \u2014 Claude-specific rules; auto-loaded, but READ it)",
+  'AGENTS.md (repo root \u2014 cross-vendor rules + "Onboarding for a lane"; NOT auto-loaded)',
+  "README.md (repo root \u2014 product context)",
+  "docs/current/virtual-office-agent-charter.md",
+  "docs/current/virtual-office-operating-model.md",
+  "docs/current/virtual-office-test-architect.md",
+  "docs/current/evidence-grounded-consensus-testing.md",
+  "docs/vo/ADR-001-verification-oracle-not-orchestrator-2026-05-29.md (VO verifies + signs; human approves merges; NO autonomous bot-merge / headless triggers)",
+  "docs/vo/vo-adr-002-two-plane-moat.md (fat secret server / thin dumb client)",
+  "docs/vo/vo-roadmap-2026-05-26.md (the live roadmap \u2014 read its Change log tail for current state)",
+  "the nearest scoped CLAUDE.md for any directory you edit",
+  "for AlgoTax work: docs/current/algotax-progressive-return-roadmap.md + docs/current/algotax-coverage-roadmap.md",
+  "docs/current/pr-live-stewardship-doctrine.md (own EVERY PR to LIVE-VERIFIED; never let the operator discover a red PR or a backed-up deploy)"
+];
+var NON_NEGOTIABLES = [
+  "MULTI-MODEL CONSENSUS VERIFICATION IS THE CORE of every Algosuite product \u2014 never ship single-model judgment as the product; route verifiable decisions through the consensus/verify path.",
+  'TEST HONESTY (enforced): a test passes ONLY when it proves the product returned the VERIFIED CORRECT answer. No broad catch-alls; INVALID_ARGUMENT / null / PERMISSION_DENIED / empty / "no data" / SKIP are NOT passes. Fake green is a blocking bug.',
+  "VERIFY BEFORE ACT, human approves the merge (ADR-001). Never arm an autonomous bot-merge loop; never add a headless/automatic agent trigger.",
+  "NEVER trigger a full / all-codebase functions deploy, and NEVER edit functions-shared/src without an explicit plan \u2014 a full functions deploy is ~24h and catastrophic (RED LINE).",
+  "Gen2 Cloud Functions ONLY (firebase-functions/v2/*). Gen1 is CI-blocked.",
+  "Work on your OWN branch in a worktree; never `git add -A` / `git add .` (add files by name); respect file-size caps (components \u2264300, functions/services/utils \u2264400).",
+  "A handoff or roadmap line is a CLAIM, not evidence \u2014 verify shipped state against `git show origin/main:<path>`, never the stale local main tree.",
+  `MANDATORY FOR EVERY VO PR (cloud-run/vo-*, packages/vo-mcp, packages/consensus-engine, packages/vo-ratchets, packages/vo-arch-defaults, scripts/virtual-office, vo-claude-plugin): record a dated Change-log entry IN THE SAME PR via EITHER appending to the "\xA7 10 Change log" of docs/vo/vo-roadmap-2026-05-26.md OR (PREFERRED) creating docs/vo/roadmap-log/<YYYY-MM-DD>-<short-slug>.md (fragments avoid conflicts when PRs ship concurrently) and flip any status the work shipped. CI enforces this (check-vo-roadmap-discipline.mjs); bypass ONLY via "VO-ROADMAP-ALLOW: <reason>" in the PR body. The roadmap is the single source of truth \u2014 if you didn't update it, you didn't ship. Finish line = MERGED + DEPLOYED + LIVE-VERIFIED.`,
+  "Every UI change ships against docs/current/ui-trust-standard.md and adds VO QA tester coverage; verify in a real browser, not selector-presence.",
+  'PR \u2192 LIVE is YOUR job end-to-end \u2014 the operator must NEVER be the one to discover a red PR or a backed-up deploy. Own every PR from branch \u2192 CI \u2192 merge \u2192 functions deploy \u2192 LIVE-VERIFIED. "Done" = the functions you changed are actually SERVING in prod in every region; prove it with `node scripts/ci/prove-pr-live.mjs --pr <N>` \u2014 a merge / green deploy checkmark / homepage 200 is NOT proof. If a function staled, re-deploy ONLY the affected functions (targeted), never a full deploy. If you hit a usage/rate limit, STOP cleanly with the PR obligation OPEN \u2014 the watchdog auto-resumes when it resets; do not abandon it. See docs/current/pr-live-stewardship-doctrine.md.',
+  `CONTEXT DEPTH IS NOT A REASON TO STOP. "I'm deep in context / fresh context would be better / I'll checkpoint" is the SAME premature-stop failure as doing 20 minutes of work instead of 6 hours \u2014 there is no quality cliff before compaction and the harness carries work forward. Keep BUILDING until the task is genuinely DONE; delicate or fleet-governing work means be CAREFUL, not stop. The ONLY valid pauses are real blockers: an operator decision is required, a dependency is not merged, or a hard external wait.`
+];
+function buildDispatchOnboarding({ repo = "Algosuite-ai/Nexus" } = {}) {
+  const reads = MANDATORY_READS.map((r, i) => `  ${i + 1}. ${r}`).join("\n");
+  const rules = NON_NEGOTIABLES.map((r) => `  - ${r}`).join("\n");
+  return [
+    `You are a Virtual Office (VO) dispatched coding agent working in a fresh worktree of ${repo}.`,
+    "You were dispatched by the operator (greylor, a non-coder founder) to do the TASK at the end of this message.",
+    "Before writing ANY code, you MUST read the onboarding docs below \u2014 they are mandatory, not optional. Your worktree auto-loads CLAUDE.md, but the rest are NOT auto-loaded; open and read them.",
+    "",
+    "MANDATORY READS (read these FIRST, in order):",
+    reads,
+    "",
+    "NON-NEGOTIABLE RULES (these bind you even before you finish reading):",
+    rules,
+    "",
+    "HOW THE RUNNER PUBLISHES YOUR WORK (critical \u2014 read carefully):",
+    "  - Leave your changes as UNCOMMITTED edits in this worktree. The VO runner commits them, pushes a branch, and opens the PR FOR you \u2014 that is its job, not yours.",
+    "  - Do NOT run git (no commit, no branch, no checkout) and do NOT run `gh` / open a PR yourself. You are sandboxed to file edits; git/gh commands will be denied, and committing your work moves it where the runner cannot see it (your change would be silently discarded).",
+    "  - When the task is done, simply STOP. Your final message should summarize what you changed; the runner detects your edited files and creates the PR.",
+    "  - If a git or `gh` command is DENIED, that is EXPECTED and CORRECT \u2014 it means the runner will handle publishing. Do NOT retry it, do NOT try a different git/gh invocation, and do NOT wait for an approval that will not come. STOP immediately with your edits uncommitted. (Agents that retried a denied `gh pr create` burned ~25 minutes of usage and their finished fix was lost.)",
+    "  - Do NOT create scratch files \u2014 no drafted PR body, no notes/TODO/plan files, nothing under tmp/ or named pr-body*/pr-description*. The runner writes the PR body itself; the worktree should contain ONLY the real file changes the task requires. (Stray scratch files have leaked into PRs.)",
+    "",
+    "Definition of done: the change is correct, tested to the standard above, type-checks + lints clean, and (for VO surfaces) updates the roadmap. Leave it as UNCOMMITTED edits and STOP \u2014 the runner opens the PR. If the task is ambiguous or would violate a rule, STOP and report rather than guessing.",
+    "",
+    "\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550 YOUR TASK \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550"
+  ].join("\n");
+}
+function composeDispatchPrompt(taskPrompt, opts = {}) {
+  return `${buildDispatchOnboarding(opts)}
+${String(taskPrompt ?? "").trim()}
+`;
+}
+
+// ../../scripts/virtual-office/code-runner/session-spool-forwarder.mjs
+import { homedir as homedir3 } from "node:os";
+import { join as join3 } from "node:path";
+import { readdir, readFile, unlink, writeFile } from "node:fs/promises";
+import { createHash } from "node:crypto";
+var SPOOL_DIR = join3(homedir3(), ".vo", "session-spool");
+var CLOUD_MAP_FILE = join3(homedir3(), ".vo", "session-cloud-map.json");
+var STALE_MS = 60 * 60 * 1e3;
+var ACTIVE_SILENCE_MS = 10 * 60 * 1e3;
+function deriveUuid(seed) {
+  const h = createHash("sha256").update(seed).digest("hex");
+  return `${h.slice(0, 8)}-${h.slice(8, 12)}-5${h.slice(13, 16)}-${(parseInt(h.slice(16, 18), 16) & 63 | 128).toString(16)}${h.slice(18, 20)}-${h.slice(20, 32)}`;
+}
+function spoolToCloud(record, ids) {
+  const ended = record.status === "ended";
+  const silentMs = Date.now() - Date.parse(record.last_seen_at || 0);
+  const status = ended ? "handed_off" : silentMs > ACTIVE_SILENCE_MS ? "abandoned" : "active";
+  return {
+    session_id: deriveUuid(`vo-session:${record.session_key}`),
+    operator_id: ids.operator_id,
+    tenant_id: ids.tenant_id,
+    agent_type: record.agent_type === "claude-code" ? "claude-code" : "other",
+    current_goal: (record.current_goal || "Interactive Claude Code session").slice(0, 2e3),
+    status,
+    last_seen_at: record.last_seen_at
+  };
+}
+async function readSpool(spoolDir = SPOOL_DIR) {
+  let files = [];
+  try {
+    files = await readdir(spoolDir);
+  } catch {
+    return [];
+  }
+  const out = [];
+  for (const f of files) {
+    if (!f.endsWith(".json")) continue;
+    try {
+      const record = JSON.parse(await readFile(join3(spoolDir, f), "utf8"));
+      if (record && typeof record.session_key === "string") {
+        out.push({ full: join3(spoolDir, f), record });
+      }
+    } catch {
+    }
+  }
+  return out;
+}
+async function readCloudMap(path3) {
+  try {
+    return JSON.parse(await readFile(path3, "utf8"));
+  } catch {
+    return {};
+  }
+}
+async function forwardSessionSpool(deps) {
+  const fetchImpl = deps.fetchImpl ?? fetch;
+  const now = deps.now ? deps.now() : Date.now();
+  const mapPath = deps.cloudMapPath ?? CLOUD_MAP_FILE;
+  const ids = {
+    operator_id: deriveUuid(`vo-operator:${deps.operatorSeed}`),
+    tenant_id: deriveUuid(`vo-tenant:${deps.operatorSeed}`)
+  };
+  const entries = await readSpool(deps.spoolDir);
+  const cloudMap = await readCloudMap(mapPath);
+  let forwarded = 0;
+  let pruned = 0;
+  for (const { full, record } of entries) {
+    const key = record.session_key;
+    const lastSeen = Date.parse(record.last_seen_at || 0);
+    const isPrune = record.status === "ended" && now - lastSeen > ACTIVE_SILENCE_MS || now - lastSeen > STALE_MS;
+    const cloud = spoolToCloud(record, ids);
+    try {
+      let cloudSessionId = cloudMap[key];
+      if (!cloudSessionId) {
+        const res = await fetchImpl(`${deps.baseUrl}/api/v1/session`, {
+          method: "POST",
+          headers: { "Content-Type": "application/json", Authorization: `Bearer ${deps.token}` },
+          body: JSON.stringify({
+            operator_id: cloud.operator_id,
+            tenant_id: cloud.tenant_id,
+            agent_type: cloud.agent_type,
+            current_goal: cloud.current_goal
+          })
+        });
+        const body = await res.json().catch(() => null);
+        cloudSessionId = body?.session?.session_id ?? null;
+        if (cloudSessionId) cloudMap[key] = cloudSessionId;
+      }
+      if (cloudSessionId) {
+        await fetchImpl(`${deps.baseUrl}/api/v1/session/${cloudSessionId}/report-state`, {
+          method: "POST",
+          headers: { "Content-Type": "application/json", Authorization: `Bearer ${deps.token}` },
+          body: JSON.stringify({
+            context_used_pct: 0,
+            current_goal: cloud.current_goal,
+            status: cloud.status
+          })
+        }).catch(() => {
+        });
+        forwarded++;
+      }
+    } catch {
+    }
+    if (isPrune) {
+      try {
+        await unlink(full);
+        pruned++;
+      } catch {
+      }
+      delete cloudMap[key];
+    }
+  }
+  try {
+    await writeFile(mapPath, JSON.stringify(cloudMap), "utf8");
+  } catch {
+  }
+  return { forwarded, pruned };
+}
+
+// ../../scripts/virtual-office/code-runner/pr-watcher.mjs
+import { homedir as homedir4 } from "node:os";
+import { join as join4 } from "node:path";
+import { readFile as readFile2, writeFile as writeFile2, mkdir } from "node:fs/promises";
+import { spawnSync as spawnSync4 } from "node:child_process";
+var CI_FIX_MARKER = "[VO-CI-FIX]";
+function ghViewPr(prNumber, repo) {
+  const r = spawnSync4(
+    "gh",
+    ["pr", "view", String(prNumber), "-R", repo, "--json", "state,statusCheckRollup,headRefName"],
+    { encoding: "utf8", timeout: 3e4 }
+  );
+  if (r.status !== 0) throw new Error((r.stderr || "gh pr view failed").slice(-200));
+  return JSON.parse(r.stdout || "{}");
+}
+var DEFAULT_STATE_FILE = join4(homedir4(), ".vo", "dispatched-prs.json");
+var FAIL_CONCLUSIONS = /* @__PURE__ */ new Set([
+  "FAILURE",
+  "TIMED_OUT",
+  "CANCELLED",
+  "ACTION_REQUIRED",
+  "ERROR",
+  "STARTUP_FAILURE",
+  "STALE"
+]);
+var STALE_MS2 = 24 * 60 * 60 * 1e3;
+var MAX_ENQUEUE_ERRORS = 3;
+function parsePrCiStatus(view) {
+  const state = (view && typeof view.state === "string" ? view.state : "UNKNOWN").toUpperCase();
+  const rollup = view && Array.isArray(view.statusCheckRollup) ? view.statusCheckRollup : [];
+  const failedChecks = [];
+  let pending = false;
+  for (const c of rollup) {
+    const name = c.name || c.context || "check";
+    const conclusion = String(c.conclusion || "").toUpperCase();
+    if (conclusion) {
+      if (FAIL_CONCLUSIONS.has(conclusion)) failedChecks.push(name);
+    } else if (c.status) {
+      pending = true;
+    } else {
+      const st = String(c.state || "").toUpperCase();
+      if (st === "FAILURE" || st === "ERROR") failedChecks.push(name);
+      else if (st !== "SUCCESS") pending = true;
+    }
+  }
+  const ci = failedChecks.length > 0 ? "failing" : pending ? "pending" : "passing";
+  return { state, ci, failedChecks, branch: view && view.headRefName || null };
+}
+function decideWatchAction(pr, fixAttempts, maxFixAttempts) {
+  if (pr.state !== "OPEN") return "untrack";
+  if (pr.ci === "failing" && (fixAttempts || 0) < maxFixAttempts) return "fix";
+  return "wait";
+}
+function buildCiFixPrompt({ prNumber, repo, branch, failedChecks }) {
+  return [
+    `${CI_FIX_MARKER} A VO-dispatched pull request has FAILING CI and needs a fix.`,
+    "",
+    `Repo: ${repo}`,
+    `PR: #${prNumber}  (head branch: ${branch || "unknown"})`,
+    `Failing checks: ${failedChecks && failedChecks.length ? failedChecks.join(", ") : "unknown"}`,
+    "",
+    "Diagnose the failure from the failing check NAMES + the PR diff (you cannot run gh).",
+    "Fix it. Follow the PR Freshness / safe-rebuild protocol: open a FRESH fix on a new",
+    `branch off current main that SUPERSEDES PR #${prNumber} (note "Supersedes #${prNumber}"`,
+    "in your summary). Leave UNCOMMITTED edits and STOP \u2014 the runner opens the PR. A denied",
+    "git/gh is EXPECTED; do NOT retry it."
+  ].join("\n");
+}
+async function readState(stateFile) {
+  try {
+    const parsed = JSON.parse(await readFile2(stateFile, "utf8"));
+    return parsed && typeof parsed === "object" && !Array.isArray(parsed) ? parsed : {};
+  } catch {
+    return {};
+  }
+}
+async function writeState(stateFile, state) {
+  try {
+    await mkdir(join4(stateFile, ".."), { recursive: true });
+    await writeFile2(stateFile, JSON.stringify(state, null, 2), "utf8");
+  } catch {
+  }
+}
+async function trackDispatchedPr({ prNumber, repo, branch, taskId }, { stateFile = DEFAULT_STATE_FILE, now = () => Date.now() } = {}) {
+  if (!prNumber || !repo) return;
+  const state = await readState(stateFile);
+  state[String(prNumber)] = {
+    repo,
+    branch: branch || null,
+    taskId: taskId || null,
+    fixAttempts: 0,
+    trackedAt: now()
+  };
+  await writeState(stateFile, state);
+}
+async function runWatchCycle({ viewPr, enqueueFix, log: log2 = () => {
+}, now = () => Date.now(), maxFixAttempts = 1, stateFile = DEFAULT_STATE_FILE }) {
+  const state = await readState(stateFile);
+  const prNumbers = Object.keys(state);
+  let checked = 0;
+  let fixed = 0;
+  let untracked = 0;
+  for (const prNumber of prNumbers) {
+    const entry = state[prNumber];
+    let view;
+    try {
+      view = await viewPr(prNumber, entry.repo);
+    } catch (err) {
+      log2(`watch: pr #${prNumber} view failed: ${err.message}`);
+      continue;
+    }
+    checked += 1;
+    const pr = parsePrCiStatus(view);
+    entry.lastCi = pr.ci;
+    const action = decideWatchAction(pr, entry.fixAttempts, maxFixAttempts);
+    if (action === "untrack") {
+      delete state[prNumber];
+      untracked += 1;
+      log2(`watch: pr #${prNumber} is ${pr.state} \u2014 untracked`);
+    } else if (action === "fix") {
+      entry.fixAttempts = (entry.fixAttempts || 0) + 1;
+      entry.lastCheckedAt = now();
+      try {
+        await enqueueFix({ prNumber: Number(prNumber), repo: entry.repo, branch: pr.branch || entry.branch, failedChecks: pr.failedChecks });
+        fixed += 1;
+        log2(`watch: pr #${prNumber} CI failing (${pr.failedChecks.join(", ") || "unknown"}) \u2014 dispatched fix ${entry.fixAttempts}/${maxFixAttempts}`);
+      } catch (err) {
+        entry.enqueueErrors = (entry.enqueueErrors || 0) + 1;
+        if (entry.enqueueErrors >= MAX_ENQUEUE_ERRORS) {
+          log2(`watch: pr #${prNumber} fix enqueue failed ${entry.enqueueErrors}x \u2014 giving up: ${err.message}`);
+        } else {
+          entry.fixAttempts = Math.max(0, (entry.fixAttempts || 1) - 1);
+          log2(`watch: pr #${prNumber} fix enqueue failed (${entry.enqueueErrors}/${MAX_ENQUEUE_ERRORS}): ${err.message}`);
+        }
+      }
+    } else {
+      entry.lastCheckedAt = now();
+    }
+  }
+  for (const [n, e] of Object.entries(state)) {
+    const cappedFailing = e.lastCi === "failing" && (e.fixAttempts || 0) >= maxFixAttempts;
+    if (cappedFailing && e.trackedAt && now() - e.trackedAt > STALE_MS2) {
+      delete state[n];
+      untracked += 1;
+      log2(`watch: pr #${n} capped + failing + tracked >24h ago \u2014 pruned from watch state`);
+    }
+  }
+  await writeState(stateFile, state);
+  return { checked, fixed, untracked };
+}
+function makeWatchRunner({ client, viewPr = ghViewPr, log: log2, maxFixAttempts }) {
+  return () => runWatchCycle({
+    viewPr,
+    enqueueFix: ({ prNumber, repo, branch, failedChecks }) => client.enqueueCodeTask({ repo, prompt: buildCiFixPrompt({ prNumber, repo, branch, failedChecks }) }),
+    log: log2,
+    maxFixAttempts
+  });
+}
+
+// ../../scripts/virtual-office/code-runner/control-server.mjs
+import { createServer } from "node:http";
+var LOCALHOST_ORIGIN_RE = /^https?:\/\/(localhost|127\.0\.0\.1)(:\d+)?$/;
+function resolveCorsOrigin(reqOrigin, allowedOrigin) {
+  if (typeof reqOrigin === "string" && (reqOrigin === allowedOrigin || LOCALHOST_ORIGIN_RE.test(reqOrigin))) {
+    return reqOrigin;
+  }
+  return allowedOrigin;
+}
+function isControlOriginAllowed(reqOrigin, allowedOrigin) {
+  return !reqOrigin || resolveCorsOrigin(reqOrigin, allowedOrigin) === reqOrigin;
+}
+function buildControlHandler({ getStatus, requestStop, allowedOrigin }) {
+  return (req, res) => {
+    res.setHeader("Access-Control-Allow-Origin", resolveCorsOrigin(req.headers.origin, allowedOrigin));
+    res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+    res.setHeader("Access-Control-Allow-Headers", "content-type, x-vo-control");
+    res.setHeader("Access-Control-Allow-Private-Network", "true");
+    res.setHeader("Vary", "Origin");
+    res.setHeader("Cache-Control", "no-store");
+    if (req.method === "OPTIONS") {
+      res.statusCode = 204;
+      res.end();
+      return;
+    }
+    const path3 = String(req.url || "").split("?")[0];
+    res.setHeader("content-type", "application/json");
+    if (req.method === "GET" && path3 === "/status") {
+      let status;
+      try {
+        status = getStatus();
+      } catch {
+        status = {};
+      }
+      res.statusCode = 200;
+      res.end(JSON.stringify({ ok: true, ...status }));
+      return;
+    }
+    if (req.method === "POST" && path3 === "/stop") {
+      if (!isControlOriginAllowed(req.headers.origin, allowedOrigin) || !req.headers["x-vo-control"]) {
+        res.statusCode = 403;
+        res.end(JSON.stringify({ ok: false, error: "forbidden" }));
+        return;
+      }
+      try {
+        requestStop("web-control");
+      } catch {
+      }
+      res.statusCode = 200;
+      res.end(JSON.stringify({ ok: true, stopping: true }));
+      return;
+    }
+    res.statusCode = 404;
+    res.end(JSON.stringify({ ok: false, error: "not_found" }));
+  };
+}
+function startControlServer({ port, getStatus, requestStop, allowedOrigin, log: log2 = () => {
+} }) {
+  const server = createServer(buildControlHandler({ getStatus, requestStop, allowedOrigin }));
+  server.on("error", (e) => log2(`control server error: ${e.message} (in-product runner control disabled)`));
+  server.listen(port, "127.0.0.1", () => log2(`control server on http://127.0.0.1:${port} (allow ${allowedOrigin})`));
+  server.unref?.();
+  return server;
+}
+function startDaemonControl({ cfg, requestStop, getActiveCount, isRunning, startedAt, log: log2 = () => {
+} }) {
+  if (!cfg.controlEnabled) return null;
+  return startControlServer({
+    port: cfg.controlPort,
+    allowedOrigin: cfg.appOrigin,
+    requestStop,
+    getStatus: () => ({
+      running: isRunning(),
+      pid: process.pid,
+      runnerId: cfg.runnerId,
+      servedRepos: cfg.servedRepos,
+      watchEnabled: cfg.watchEnabled,
+      activeTasks: getActiveCount(),
+      startedAt: new Date(startedAt).toISOString(),
+      uptimeSec: Math.round((Date.now() - startedAt) / 1e3)
+    }),
+    log: log2
+  });
+}
+
+// ../../scripts/virtual-office/code-runner/effort-mode-config.mjs
+var EFFORT_MODE_CONFIG = {
+  fast: {
+    tier: "cheap",
+    permissionMode: "acceptEdits",
+    maxTurns: 20,
+    thinkingDirective: "",
+    multiAgentInstruction: ""
+  },
+  standard: {
+    tier: "mid",
+    permissionMode: "acceptEdits",
+    maxTurns: 40,
+    thinkingDirective: "",
+    multiAgentInstruction: ""
+  },
+  deep: {
+    tier: "best",
+    permissionMode: "acceptEdits",
+    maxTurns: 60,
+    thinkingDirective: "Think step-by-step. Verify assumptions against source code. Check edge cases.",
+    multiAgentInstruction: ""
+  },
+  ultra: {
+    tier: "best",
+    permissionMode: "acceptEdits",
+    maxTurns: 80,
+    thinkingDirective: "Think step-by-step. Exhaustively verify every assumption against source code and documentation. Adversarially review your own work.",
+    multiAgentInstruction: "If this task needs multiple phases (research, build, verify), propose a plan first."
+  },
+  ultracode: {
+    tier: "best",
+    permissionMode: "default",
+    maxTurns: 120,
+    thinkingDirective: "Think step-by-step. Exhaustively verify every assumption against source code and documentation. Build worked examples to validate correctness. Adversarially review your own work.",
+    multiAgentInstruction: "Decompose this work into parallel research, build, and verification streams; use workflow orchestration where it helps."
+  }
+};
+var DEFAULT_MODE = "standard";
+function resolveEffortMode(mode) {
+  const normalized = String(mode || "").trim().toLowerCase();
+  return EFFORT_MODE_CONFIG[normalized] || EFFORT_MODE_CONFIG[DEFAULT_MODE];
+}
+function composeEffortPrompt(basePrompt, effortConfig) {
+  const parts = [];
+  if (effortConfig.thinkingDirective) {
+    parts.push(`## Thinking directive
+${effortConfig.thinkingDirective}
+`);
+  }
+  if (effortConfig.multiAgentInstruction) {
+    parts.push(`## Multi-agent instruction
+${effortConfig.multiAgentInstruction}
+`);
+  }
+  parts.push(String(basePrompt || "").trim());
+  return parts.join("\n");
+}
+
+// ../../scripts/virtual-office/model-registry.mjs
+import fs2 from "node:fs";
+import path2 from "node:path";
+import { fileURLToPath } from "node:url";
+var __dirname = path2.dirname(fileURLToPath(import.meta.url));
+var ROOT = path2.resolve(__dirname, "..", "..");
+var DEFAULT_CACHE_DIR = path2.join(ROOT, ".virtual-office-cache", "model-registry");
+var DEFAULT_CACHE_FILE = path2.join(DEFAULT_CACHE_DIR, "catalog.json");
+var DEFAULT_TTL_MS = 60 * 60 * 1e3;
+var ANTHROPIC_API_VERSION = "2023-06-01";
+var FAMILY_DEFINITIONS = {
+  "anthropic-flagship": {
+    provider: "anthropic",
+    include: [/^claude-opus/i],
+    // Reject `-fast` SKUs: they cost more and route to the same underlying
+    // weights, and at least one (`claude-opus-4-7-fast`) gets silently
+    // substituted server-side when callers ask for it (observed 2026-05-14:
+    // 24 model-fallback events per consensus run, collapsing diversity).
+    exclude: [/haiku/i, /-fast(?:[-.]|$)/i],
+    fallbacks: [
+      "claude-opus-4-8[1m]",
+      "claude-opus-4-8",
+      "claude-opus-4-7",
+      "claude-opus-4-6",
+      "claude-opus-4-5-20251101",
+      "claude-sonnet-4-6"
+    ]
+  },
+  "anthropic-balanced": {
+    provider: "anthropic",
+    include: [/^claude-sonnet/i],
+    exclude: [/haiku/i, /-fast(?:[-.]|$)/i],
+    fallbacks: ["claude-sonnet-4-6", "claude-sonnet-4-5-20250929", "claude-sonnet-4-20250514"]
+  },
+  "openai-flagship": {
+    provider: "openai",
+    include: [/^gpt-\d+(?:[.-]\d+)?$/i, /^gpt-\d+(?:[.-]\d+)?-pro$/i],
+    // -fast SKUs cost more and silently downgrade server-side; want standard.
+    exclude: [/mini|nano|chat|codex/i, /-fast(?:[-.]|$)/i],
+    fallbacks: ["gpt-5.4", "gpt-5.2", "gpt-5.3-codex"]
+  },
+  "openai-coding": {
+    provider: "openai",
+    include: [/codex/i],
+    exclude: [/mini|nano/i, /-fast(?:[-.]|$)/i],
+    fallbacks: ["gpt-5.3-codex", "gpt-5.2-codex", "gpt-5.4"]
+  },
+  "google-pro": {
+    provider: "google",
+    include: [/^gemini-.*pro/i],
+    exclude: [/vision|embedding|customtools/i, /-fast(?:[-.]|$)/i],
+    fallbacks: ["gemini-2.5-pro", "gemini-3.1-pro-preview"]
+  },
+  "google-flash": {
+    provider: "google",
+    // 'google-flash' is the explicit fast/low-latency family — DON'T exclude
+    // -fast here; that's the whole point of this family. Other families
+    // exclude -fast to avoid the silent server-side substitution problem.
+    include: [/^gemini-.*flash/i],
+    exclude: [/vision|embedding/i],
+    fallbacks: ["gemini-2.5-flash", "gemini-3-flash-preview"]
+  }
+};
+var memoryCache = null;
+function uniqueModels(models = []) {
+  return [...new Set(models.map((model) => String(model || "").trim()).filter(Boolean))];
+}
+function normalizeProvider(value = "") {
+  const lower = String(value || "").trim().toLowerCase();
+  if (lower.includes("anthropic")) return "anthropic";
+  if (lower.includes("openai")) return "openai";
+  if (lower.includes("google") || lower.includes("gemini")) return "google";
+  return lower;
+}
+function stripProviderPrefix(id = "") {
+  const raw = String(id || "").trim();
+  if (!raw.includes("/")) return raw.replace(/^models\//, "");
+  return raw.split("/").slice(1).join("/").replace(/^models\//, "");
+}
+function canonicalizeRegistryModelId(id = "", provider = "") {
+  let normalized = stripProviderPrefix(id).trim();
+  const normalizedProvider = normalizeProvider(provider) || inferProviderFromId(normalized);
+  if (normalizedProvider === "anthropic") {
+    normalized = normalized.replace(/^(claude-(?:opus|sonnet|haiku)-\d+)\.(\d+)(.*)$/i, "$1-$2$3");
+  }
+  if (normalizedProvider === "google") {
+    normalized = normalized.replace(/-customtools$/i, "");
+  }
+  return normalized;
+}
+function inferProviderFromId(rawId = "", explicitProvider = "") {
+  const provider = normalizeProvider(explicitProvider);
+  if (provider) return provider;
+  const id = String(rawId || "").toLowerCase();
+  if (id.startsWith("anthropic/") || id.includes("claude")) return "anthropic";
+  if (id.startsWith("openai/") || /^gpt-|^o\d/.test(stripProviderPrefix(id))) return "openai";
+  if (id.startsWith("google/") || id.includes("gemini")) return "google";
+  return "unknown";
+}
+function normalizeCatalogModel(model = {}) {
+  const rawId = String(model.id || model.name || model.modelId || "").trim();
+  const provider = inferProviderFromId(rawId, model.provider || model.owned_by || model.owner || model.developer);
+  const id = canonicalizeRegistryModelId(rawId, provider);
+  if (!id) return null;
+  return {
+    id,
+    rawId,
+    name: String(model.display_name || model.displayName || model.name || id).replace(/^models\//, ""),
+    provider,
+    source: model.source || "unknown",
+    createdAt: model.created_at || model.createdAt || model.created || ""
+  };
+}
+function parseVersionScore(id = "") {
+  const lower = String(id || "").toLowerCase();
+  const numbers = [...lower.matchAll(/\d+/g)].map((match) => Number(match[0])).filter(Number.isFinite);
+  let score = 0;
+  for (let i = 0; i < numbers.length; i++) score += numbers[i] / Math.pow(1e3, i);
+  if (/opus|pro|flagship/.test(lower)) score += 10;
+  if (/sonnet/.test(lower)) score += 5;
+  if (/preview|latest/.test(lower)) score += 0.25;
+  if (/\[1m\]|\(1m\)/i.test(lower)) score += 1;
+  if (/mini|nano|haiku|lite/.test(lower)) score -= 20;
+  return score;
+}
+function familyMatches(model, family) {
+  const def = FAMILY_DEFINITIONS[family];
+  if (!def) return false;
+  const id = String(model?.id || "").trim();
+  if (!id || normalizeProvider(model.provider) !== def.provider) return false;
+  if (def.exclude?.some((pattern) => pattern.test(id))) return false;
+  return def.include?.some((pattern) => pattern.test(id)) ?? false;
+}
+function selectBestFamilyModel(models = [], family) {
+  const matches = models.filter((model) => familyMatches(model, family));
+  matches.sort((left, right) => {
+    const scoreDelta = parseVersionScore(right.id) - parseVersionScore(left.id);
+    if (scoreDelta !== 0) return scoreDelta;
+    return String(right.createdAt || "").localeCompare(String(left.createdAt || ""));
+  });
+  return matches[0]?.id || "";
+}
+async function fetchJson(fetchImpl, url, options = {}) {
+  const res = await fetchImpl(url, options);
+  if (!res?.ok) return null;
+  return await res.json().catch(() => null);
+}
+async function fetchOpenRouterModels(fetchImpl) {
+  const data = await fetchJson(fetchImpl, "https://openrouter.ai/api/v1/models");
+  return (data?.data || []).map((model) => normalizeCatalogModel({ ...model, source: "openrouter" })).filter(Boolean);
+}
+async function fetchAnthropicModels(fetchImpl, env2 = process.env) {
+  const apiKey = env2.ANTHROPIC_API_KEY;
+  if (!apiKey) return [];
+  const data = await fetchJson(fetchImpl, "https://api.anthropic.com/v1/models?limit=1000", {
+    headers: { "x-api-key": apiKey, "anthropic-version": ANTHROPIC_API_VERSION }
+  });
+  return (data?.data || []).map((model) => normalizeCatalogModel({ ...model, provider: "anthropic", source: "anthropic" })).filter(Boolean);
+}
+async function fetchOpenAIModels(fetchImpl, env2 = process.env) {
+  const apiKey = env2.OPENAI_API_KEY;
+  if (!apiKey) return [];
+  const data = await fetchJson(fetchImpl, "https://api.openai.com/v1/models", {
+    headers: { Authorization: `Bearer ${apiKey}` }
+  });
+  return (data?.data || []).map((model) => normalizeCatalogModel({ ...model, provider: "openai", source: "openai" })).filter(Boolean);
+}
+async function fetchGoogleModels(fetchImpl, env2 = process.env) {
+  const apiKey = env2.GOOGLE_AI_API_KEY || env2.GEMINI_API_KEY || env2.GOOGLE_API_KEY;
+  if (!apiKey) return [];
+  const data = await fetchJson(fetchImpl, `https://generativelanguage.googleapis.com/v1beta/models?key=${encodeURIComponent(apiKey)}`);
+  return (data?.models || []).map((model) => normalizeCatalogModel({ ...model, provider: "google", source: "google" })).filter(Boolean);
+}
+function readCache(cacheFile = DEFAULT_CACHE_FILE, nowMs = Date.now(), ttlMs = DEFAULT_TTL_MS) {
+  if (!fs2.existsSync(cacheFile)) return null;
+  try {
+    const parsed = JSON.parse(fs2.readFileSync(cacheFile, "utf-8"));
+    if (nowMs - Number(parsed.checkedAtMs || 0) > ttlMs) return null;
+    if (!Array.isArray(parsed.models)) return null;
+    return parsed;
+  } catch {
+    return null;
+  }
+}
+function writeCache(cacheFile = DEFAULT_CACHE_FILE, payload) {
+  fs2.mkdirSync(path2.dirname(cacheFile), { recursive: true });
+  fs2.writeFileSync(cacheFile, JSON.stringify(payload, null, 2));
+}
+async function fetchRegistryCatalog({
+  fetchImpl = fetch,
+  env: env2 = process.env,
+  cacheFile = DEFAULT_CACHE_FILE,
+  nowMs = Date.now()
+} = {}) {
+  const sources = await Promise.allSettled([
+    fetchOpenRouterModels(fetchImpl),
+    fetchAnthropicModels(fetchImpl, env2),
+    fetchOpenAIModels(fetchImpl, env2),
+    fetchGoogleModels(fetchImpl, env2)
+  ]);
+  const models = uniqueModels(
+    sources.flatMap((result) => result.status === "fulfilled" ? result.value : []).map((model) => JSON.stringify(model))
+  ).map((raw) => JSON.parse(raw));
+  const payload = { checkedAt: new Date(nowMs).toISOString(), checkedAtMs: nowMs, models };
+  if (models.length > 0) writeCache(cacheFile, payload);
+  return payload;
+}
+async function getModelRegistryCatalog({
+  fetchImpl = fetch,
+  env: env2 = process.env,
+  cacheFile = DEFAULT_CACHE_FILE,
+  ttlMs = Number(env2.VO_MODEL_REGISTRY_TTL_MS || DEFAULT_TTL_MS),
+  nowMs = Date.now(),
+  forceRefresh = false
+} = {}) {
+  if (!forceRefresh && memoryCache && nowMs - memoryCache.checkedAtMs <= ttlMs) return memoryCache;
+  if (!forceRefresh) {
+    const cached2 = readCache(cacheFile, nowMs, ttlMs);
+    if (cached2) {
+      memoryCache = cached2;
+      return cached2;
+    }
+  }
+  if (env2.VO_MODEL_REGISTRY_OFFLINE === "1") return { checkedAt: "", checkedAtMs: nowMs, models: [] };
+  try {
+    memoryCache = await fetchRegistryCatalog({ fetchImpl, env: env2, cacheFile, nowMs });
+    return memoryCache;
+  } catch {
+    const cached2 = readCache(cacheFile, nowMs, Number.MAX_SAFE_INTEGER);
+    return cached2 || { checkedAt: "", checkedAtMs: nowMs, models: [] };
+  }
+}
+async function resolveModelFamily(family, options = {}) {
+  const def = FAMILY_DEFINITIONS[family];
+  if (!def) return String(family || "").trim();
+  const catalog = await getModelRegistryCatalog(options);
+  const resolved = selectBestFamilyModel(catalog.models || [], family);
+  return resolved || def.fallbacks[0];
+}
+
+// ../../scripts/virtual-office/code-runner/model-router.mjs
+function classifyTier(prompt) {
+  const text = String(prompt || "").trim();
+  if (!text) return "mid";
+  const lower = text.toLowerCase();
+  if (/lint|format|typo|missing import|update deps|chore|maintenance|runner|daemon/.test(
+    lower
+  )) {
+    return "cheap";
+  }
+  if (/generate roadmap|new feature|implement .* feature|major refactor|strategic/.test(
+    lower
+  ) || text.length > 1500) {
+    return "best";
+  }
+  return "mid";
+}
+async function resolveModelForTier(tier, { resolveModelFamily: resolver = resolveModelFamily } = {}) {
+  const t = String(tier || "mid").trim();
+  if (t === "cheap") {
+    const resolved2 = await resolver("anthropic-balanced");
+    return resolved2 || "claude-sonnet-4-6";
+  }
+  if (t === "best") {
+    const resolved2 = await resolver("anthropic-flagship");
+    return resolved2 || "claude-opus-4-8";
+  }
+  const resolved = await resolver("anthropic-flagship");
+  return resolved || "claude-opus-4-7";
+}
+async function resolveTaskModel(task) {
+  const tier = task.tier && task.tier !== "auto" ? task.tier : classifyTier(task.prompt);
+  const model = await resolveModelForTier(tier);
+  return { tier, model };
+}
+
+// ../../scripts/virtual-office/code-runner/apply-effort-mode.mjs
+async function resolveEffortDispatch({ client, task, env: env2, basePrompt, resolveModel = resolveTaskModel }) {
+  const dispatchMode = await client.getDispatchMode().catch(() => "standard");
+  const effortConfig = resolveEffortMode(dispatchMode);
+  const { tier, model } = await resolveModel({ ...task, tier: task.tier ?? effortConfig.tier });
+  return {
+    dispatchMode,
+    tier,
+    model,
+    permissionMode: env2.VO_CODE_RUNNER_PERMISSION_MODE || effortConfig.permissionMode,
+    maxTurns: typeof task.max_turns === "number" ? task.max_turns : effortConfig.maxTurns,
+    prompt: composeEffortPrompt(basePrompt, effortConfig)
+  };
+}
+
+// ../../scripts/virtual-office/code-runner/claim-scoping-log.mjs
+function envProvided(raw) {
+  return typeof raw === "string" && raw.length > 0;
+}
+function describeClaimScoping(cfg = {}, env2 = {}) {
+  const repos = cfg.servedRepos ?? [];
+  const operators = cfg.servedOperators ?? [];
+  const repoScoped = repos.length > 0;
+  const opScoped = operators.length > 0;
+  const reposEnvSet = envProvided(env2.VO_CODE_RUNNER_REPOS);
+  const opsEnvSet = envProvided(env2.VO_CODE_RUNNER_OPERATOR_IDS);
+  const lines = [];
+  if (repoScoped) lines.push(`claim-scoped to repos: ${repos.join(", ")}`);
+  if (opScoped) lines.push(`claim-scoped to operators: ${operators.join(", ")}`);
+  if (reposEnvSet && !repoScoped) {
+    lines.push(
+      "WARNING: VO_CODE_RUNNER_REPOS is set but has no valid entries \u2014 repo scoping is OFF (claims any repo)."
+    );
+  }
+  if (opsEnvSet && !opScoped) {
+    lines.push(
+      "WARNING: VO_CODE_RUNNER_OPERATOR_IDS is set but has no valid entries \u2014 operator scoping is OFF (claims any operator)."
+    );
+  }
+  if (repoScoped && !opScoped) {
+    lines.push(
+      "WARNING: operator scoping is OFF \u2014 this runner may claim ANY operator's tasks on the served repos. Set VO_CODE_RUNNER_OPERATOR_IDS to bind it to your operator (bring-your-own-runner)."
+    );
+  }
+  if (opScoped && !repoScoped) {
+    lines.push(
+      "WARNING: repo scoping is OFF \u2014 this runner may claim the served operators' tasks on ANY repo. Set VO_CODE_RUNNER_REPOS to constrain it."
+    );
+  }
+  if (!repoScoped && !opScoped) {
+    lines.push(
+      "WARNING: no claim scoping \u2014 this daemon claims ANY pending task. Set VO_CODE_RUNNER_REPOS and/or VO_CODE_RUNNER_OPERATOR_IDS to scope claims to this machine."
+    );
+  }
+  return lines;
+}
+
+// ../../scripts/virtual-office/code-runner-daemon.mjs
+function log(msg) {
+  console.log(`[code-runner ${(/* @__PURE__ */ new Date()).toISOString()}] ${msg}`);
+}
+var RATE_LIMIT_RESUME_ENABLED = process.env.VO_RATE_LIMIT_RESUME === "1";
+var parseList = (s) => String(s || "").split(/[\s,]+/).map((x) => x.trim()).filter(Boolean);
+function loadConfig(env2 = process.env) {
+  return {
+    runnerId: env2.VO_CODE_RUNNER_ID || `vo-code-runner-${os.hostname()}`,
+    claudeBin: env2.VO_CODE_RUNNER_CLAUDE_BIN || "claude",
+    permissionMode: env2.VO_CODE_RUNNER_PERMISSION_MODE || "acceptEdits",
+    maxConcurrency: Math.max(1, Number(env2.VO_CODE_TASK_MAX_CONCURRENCY || 2) || 2),
+    pollSec: Math.max(1, Number(env2.VO_CODE_RUNNER_POLL_SEC || 5) || 5),
+    // Repos this daemon may BUILD + operators it serves (`owner/name` repos /
+    // operator_ids; comma/space/newline separated). Sent on every claim so the
+    // control-plane only hands this machine its own work — another operator's
+    // task can never land here. Both UNSET ⇒ claims any pending task (legacy).
+    servedRepos: parseList(env2.VO_CODE_RUNNER_REPOS),
+    servedOperators: parseList(env2.VO_CODE_RUNNER_OPERATOR_IDS),
+    // 'Sees ALL agents': how often to forward the local session spool to the
+    // cloud (best-effort). Default 30s. Set 0 to disable forwarding.
+    sessionForwardSec: Math.max(0, Number(env2.VO_SESSION_FORWARD_SEC ?? 30) || 0),
+    operatorSeed: env2.VO_LOCAL_OPERATOR_SEED || env2.VO_CODE_RUNNER_ID || `local-${os.hostname()}`,
+    cancelPollMs: Math.max(1e3, Number(env2.VO_CODE_RUNNER_CANCEL_POLL_MS || 2500) || 2500),
+    // HARD enforced spend bound (max_budget_usd can only be checked post-hoc).
+    // Default 30 min; set 0 to disable.
+    maxWallClockMs: Math.max(0, Number(env2.VO_CODE_RUNNER_MAX_WALL_CLOCK_MS ?? 18e5) || 18e5),
+    // Active PR watcher: monitor each dispatched PR's CI + auto-dispatch ONE fix
+    // on failure (never auto-merges). Off: VO_CODE_RUNNER_WATCH=0; cap/interval below.
+    watchEnabled: env2.VO_CODE_RUNNER_WATCH !== "0",
+    watchMaxFix: Math.max(0, Number(env2.VO_CODE_RUNNER_WATCH_MAX_FIX ?? 1) || 0),
+    watchIntervalSec: Math.max(30, Number(env2.VO_CODE_RUNNER_WATCH_SEC ?? 60) || 60),
+    // In-product runner control (Phase 8.4): localhost-only status + Stop surface
+    // for /virtualoffice. Off: VO_CODE_RUNNER_CONTROL=0. appOrigin = CORS allow.
+    controlEnabled: env2.VO_CODE_RUNNER_CONTROL !== "0",
+    controlPort: Math.max(1, Number(env2.VO_CODE_RUNNER_CONTROL_PORT ?? 7787) || 7787),
+    appOrigin: env2.VO_APP_ORIGIN || "https://algosuite.ai"
+  };
+}
+var sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+var numOrUndef = (x) => typeof x === "number" ? x : void 0;
+async function safeProgress(client, id, patch) {
+  try {
+    const r = await client.postProgress(id, patch);
+    if (r && r.terminal) log(`task ${id} is terminal server-side; stopping updates`);
+    return r;
+  } catch (err) {
+    log(`progress post failed for ${id}: ${err.message}`);
+    return null;
+  }
+}
+function buildPrBody(task, run2, files) {
+  return [
+    "## VO Command Center \u2014 Code-from-Anywhere task",
+    "",
+    `- **Task:** \`${task.code_task_id}\``,
+    `- **Operator:** ${task.operator_id}`,
+    `- **Repo:** ${task.repo}`,
+    typeof run2.costUsd === "number" ? `- **Agent cost:** $${run2.costUsd.toFixed(4)}` : "- **Agent cost:** n/a",
+    typeof run2.numTurns === "number" ? `- **Turns:** ${run2.numTurns}` : "",
+    `- **Files changed:** ${files.length}`,
+    "",
+    "### Prompt",
+    "",
+    "```",
+    String(task.prompt).slice(0, 2e3),
+    "```",
+    "",
+    "### Agent summary",
+    "",
+    String(run2.summary || "").slice(0, 2e3),
+    "",
+    "---",
+    "_Opened by the VO code-runner daemon. This PR awaits the verify-before-act gate / operator review \u2014 it is NOT auto-merged._"
+  ].filter((l) => l !== "").join("\n");
+}
+async function processOneTask(client, task, cfg) {
+  const id = task.code_task_id;
+  let worktreeName = "";
+  try {
+    const wt = createFixWorktree("code-task", { source: id.slice(0, 8) });
+    worktreeName = wt.worktreeName;
+    const { dispatchMode, tier, model, permissionMode: effectivePermissionMode, maxTurns: effectiveMaxTurns, prompt: effortPrompt } = await resolveEffortDispatch({ client, task, env: process.env, basePrompt: composeDispatchPrompt(task.prompt, { repo: task.repo }) });
+    await safeProgress(client, id, { message: `${cfg.runnerId} spawning ${model} (${tier}, effort ${dispatchMode})` });
+    const cap = typeof task.max_budget_usd === "number" ? task.max_budget_usd : resolveSpendCapUsd();
+    const run2 = await runClaudeTask({
+      prompt: effortPrompt,
+      cwd: wt.worktreeDir,
+      claudeBin: cfg.claudeBin,
+      permissionMode: effectivePermissionMode,
+      maxTurns: effectiveMaxTurns,
+      model,
+      env: process.env,
+      onProgress: (text) => {
+        void safeProgress(client, id, { message: text });
+      },
+      shouldCancel: async () => {
+        const t = await client.getTask(id).catch(() => null);
+        return Boolean(t && t.status === "cancelled");
+      },
+      cancelPollMs: cfg.cancelPollMs,
+      maxWallClockMs: cfg.maxWallClockMs
+    });
+    if (run2.killed) {
+      log(`task ${id} cancelled by operator`);
+      return;
+    }
+    if (run2.timedOut) {
+      await safeProgress(client, id, {
+        status: "failed",
+        message: run2.summary,
+        result: "wall_clock_timeout",
+        cost_usd: numOrUndef(run2.costUsd)
+      });
+      return;
+    }
+    if (typeof task.max_turns === "number" && typeof run2.numTurns === "number" && run2.numTurns > task.max_turns) {
+      log(`task ${id} WARNING: agent ran ${run2.numTurns} turns > max_turns ${task.max_turns}`);
+    }
+    if (typeof run2.costUsd === "number" && cap > 0 && run2.costUsd > cap) {
+      log(
+        `task ${id}: usage ~$${run2.costUsd.toFixed(2)} (est, API-equivalent \u2014 not billed on a subscription) exceeded soft cap $${cap}; publishing the agent's work anyway`
+      );
+    }
+    if (!run2.ok) {
+      const v = classifyFailureForResume({ enabled: RATE_LIMIT_RESUME_ENABLED, run: run2, task });
+      if (v.rateLimited) log(`task ${id}: RATE_LIMITED (resumeAfter=${v.resumeAfter || "backoff"}); queued (${v.recorded ? "ok" : "queue-write-failed"})`);
+      await safeProgress(client, id, { ...v.progress, cost_usd: numOrUndef(run2.costUsd) });
+      return;
+    }
+    let files = listChangedFiles(wt.worktreeDir);
+    let alreadyCommitted = false;
+    if (files.length === 0) {
+      const committed = listCommittedFiles(wt.worktreeDir);
+      if (committed.length > 0) {
+        files = committed;
+        alreadyCommitted = true;
+        log(`task ${id}: agent committed ${committed.length} file(s) to a branch; recovering`);
+      }
+    }
+    const scratch = files.filter(isAgentScratch);
+    if (scratch.length > 0) {
+      files = files.filter((f) => !isAgentScratch(f));
+      log(`task ${id}: dropped ${scratch.length} scratch file(s): ${scratch.join(", ")}`);
+    }
+    if (files.length === 0) {
+      await safeProgress(client, id, {
+        status: "failed",
+        message: "agent made no file changes",
+        result: "no_changes",
+        cost_usd: numOrUndef(run2.costUsd)
+      });
+      return;
+    }
+    const fresh = await client.getTask(id).catch(() => null);
+    if (fresh && fresh.status === "cancelled") {
+      log(`task ${id} cancelled before PR open; discarding changes`);
+      return;
+    }
+    await safeProgress(client, id, { message: `opening PR for ${files.length} changed file(s)` });
+    const pr = openCodeTaskPr(wt.worktreeDir, files, {
+      title: `code-task: ${task.prompt}`,
+      body: buildPrBody(task, run2, files),
+      alreadyCommitted
+    });
+    await safeProgress(client, id, {
+      status: "pr_opened",
+      message: `opened ${pr.prUrl}`,
+      pr_url: pr.prUrl,
+      pr_number: pr.prNumber,
+      result: String(run2.summary).slice(0, 2e3),
+      cost_usd: numOrUndef(run2.costUsd)
+    });
+    log(`task ${id} \u2192 PR ${pr.prUrl}`);
+    if (cfg.watchEnabled && !String(task.prompt || "").includes(CI_FIX_MARKER)) {
+      await trackDispatchedPr({
+        prNumber: pr.prNumber,
+        repo: task.repo,
+        branch: pr.branch,
+        taskId: id
+      }).catch((e) => log(`watch: track failed for #${pr.prNumber}: ${e.message}`));
+    }
+  } catch (err) {
+    const msg = err && err.message ? err.message : String(err);
+    log(`task ${id} error: ${msg}`);
+    await safeProgress(client, id, {
+      status: "failed",
+      message: `runner error: ${msg}`.slice(0, 1500),
+      result: msg.slice(0, 2e3)
+    }).catch(() => {
+    });
+  } finally {
+    if (worktreeName) cleanupFixWorktree(worktreeName);
+  }
+}
+async function main({ env: env2 = process.env, once: once2 = false } = {}) {
+  const cfg = loadConfig(env2);
+  const client = createControlPlaneClient({ env: env2 });
+  let stopping = false;
+  let active = 0;
+  const stop = (sig) => {
+    if (stopping) return;
+    stopping = true;
+    log(`${sig} received \u2014 draining ${active} active task(s), no new claims`);
+  };
+  process.on("SIGINT", () => stop("SIGINT"));
+  process.on("SIGTERM", () => stop("SIGTERM"));
+  const startedAt = Date.now();
+  const controlServer = startDaemonControl({
+    cfg,
+    requestStop: () => stop("web-control"),
+    getActiveCount: () => active,
+    isRunning: () => !stopping,
+    startedAt,
+    log
+  });
+  log(
+    `up as ${cfg.runnerId} \u2192 ${env2.VO_CONTROL_PLANE_URL} (concurrency ${cfg.maxConcurrency}, poll ${cfg.pollSec}s, once=${once2})`
+  );
+  for (const line of describeClaimScoping(cfg, env2)) log(line);
+  log(
+    cfg.watchEnabled ? `PR watcher ON \u2014 auto-fix ${cfg.watchMaxFix}/PR on CI failure, never auto-merges, every ${cfg.watchIntervalSec}s (VO_CODE_RUNNER_WATCH=0 to disable)` : "PR watcher OFF (VO_CODE_RUNNER_WATCH=0)"
+  );
+  let lastSessionForward = 0;
+  let lastWatchCycle = 0;
+  const runWatch = makeWatchRunner({ client, log, maxFixAttempts: cfg.watchMaxFix });
+  while (!stopping) {
+    if (cfg.sessionForwardSec > 0 && Date.now() - lastSessionForward >= cfg.sessionForwardSec * 1e3) {
+      lastSessionForward = Date.now();
+      forwardSessionSpool({
+        baseUrl: String(env2.VO_CONTROL_PLANE_URL || "").replace(/\/$/, ""),
+        token: env2.VO_CONTROL_PLANE_ADMIN_TOKEN || "",
+        operatorSeed: cfg.operatorSeed
+      }).catch(() => {
+      });
+    }
+    if (cfg.watchEnabled && Date.now() - lastWatchCycle >= cfg.watchIntervalSec * 1e3) {
+      lastWatchCycle = Date.now();
+      runWatch().then((r) => {
+        if (r.checked > 0) log(`watch: ${r.checked} PR(s) checked, ${r.fixed} fix(es), ${r.untracked} untracked`);
+      }).catch((e) => log(`watch cycle error: ${e.message}`));
+    }
+    if (active >= cfg.maxConcurrency) {
+      await sleep(cfg.pollSec * 1e3);
+      continue;
+    }
+    let task;
+    try {
+      task = await client.claim(cfg.runnerId, cfg.servedRepos, cfg.servedOperators);
+    } catch (err) {
+      log(`claim error: ${err.message}`);
+      if (once2) break;
+      await sleep(cfg.pollSec * 1e3);
+      continue;
+    }
+    if (!task) {
+      if (once2) {
+        log("no pending task; --once exiting");
+        break;
+      }
+      await sleep(cfg.pollSec * 1e3);
+      continue;
+    }
+    log(`claimed task ${task.code_task_id} (${task.repo})`);
+    active += 1;
+    const done = processOneTask(client, task, cfg).finally(() => {
+      active -= 1;
+    });
+    if (once2) {
+      await done;
+      break;
+    }
+  }
+  while (active > 0) {
+    await sleep(500);
+  }
+  if (controlServer) controlServer.close();
+  log("stopped");
+}
+var invokedDirectly = process.argv[1] && fileURLToPath2(import.meta.url) === process.argv[1] && // Bundle-safe: only self-start when THIS file is the real entry, not when the
+// module is inlined into a bundle (e.g. @algosuite/vo-mcp's dist/runner-cli.js,
+// which calls main() itself — without this, `node dist/runner-cli.js` would
+// start a SECOND daemon loop and double-claim tasks).
+import.meta.url.endsWith("code-runner-daemon.mjs");
+if (invokedDirectly) {
+  const once2 = process.argv.includes("--once");
+  main({ once: once2 }).catch((err) => {
+    console.error("[code-runner] fatal:", err);
+    process.exit(1);
+  });
+}
+
+// src/runner-cli.mjs
+var DEFAULT_CONTROL_PLANE_URL = "https://vo-control-plane-bzjphrajaq-uc.a.run.app";
+function resolveToken() {
+  if (process.env.VO_CONTROL_PLANE_ADMIN_TOKEN) {
+    return process.env.VO_CONTROL_PLANE_ADMIN_TOKEN;
+  }
+  const cred = readStoredCredential();
+  return cred && cred.vo_credential ? cred.vo_credential : void 0;
+}
+var token = resolveToken();
+if (!token) {
+  console.error("[vo-mcp runner] No credential found. Run `vo-mcp login` first.");
+  console.error("  (or set VO_CONTROL_PLANE_ADMIN_TOKEN to a control-plane bearer)");
+  process.exit(1);
+}
+var env = {
+  ...process.env,
+  VO_CONTROL_PLANE_ADMIN_TOKEN: token,
+  VO_CONTROL_PLANE_URL: process.env.VO_CONTROL_PLANE_URL || DEFAULT_CONTROL_PLANE_URL,
+  VO_CODE_RUNNER_REPO: process.env.VO_CODE_RUNNER_REPO || process.cwd()
+};
+var once = process.argv.includes("--once");
+main({ env, once }).catch((err) => {
+  console.error("[vo-mcp runner] fatal:", err);
+  process.exit(1);
+});
+//# sourceMappingURL=runner-cli.js.map