@askexenow/exe-os 0.8.53 → 0.8.55

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. package/dist/bin/backfill-conversations.js +113 -10
  2. package/dist/bin/backfill-responses.js +113 -10
  3. package/dist/bin/backfill-vectors.js +147 -13
  4. package/dist/bin/cleanup-stale-review-tasks.js +113 -10
  5. package/dist/bin/cli.js +337 -211
  6. package/dist/bin/exe-agent.js +99 -4
  7. package/dist/bin/exe-assign.js +113 -10
  8. package/dist/bin/exe-boot.js +276 -85
  9. package/dist/bin/exe-call.js +107 -5
  10. package/dist/bin/exe-doctor.js +183 -13
  11. package/dist/bin/exe-export-behaviors.js +113 -10
  12. package/dist/bin/exe-forget.js +113 -10
  13. package/dist/bin/exe-gateway.js +131 -12
  14. package/dist/bin/exe-heartbeat.js +121 -11
  15. package/dist/bin/exe-kill.js +113 -10
  16. package/dist/bin/exe-launch-agent.js +113 -10
  17. package/dist/bin/exe-link.js +10 -2
  18. package/dist/bin/exe-new-employee.js +95 -0
  19. package/dist/bin/exe-pending-messages.js +113 -10
  20. package/dist/bin/exe-pending-notifications.js +113 -10
  21. package/dist/bin/exe-pending-reviews.js +122 -11
  22. package/dist/bin/exe-rename.js +95 -0
  23. package/dist/bin/exe-review.js +113 -10
  24. package/dist/bin/exe-search.js +113 -10
  25. package/dist/bin/exe-session-cleanup.js +131 -12
  26. package/dist/bin/exe-status.js +113 -10
  27. package/dist/bin/exe-team.js +113 -10
  28. package/dist/bin/git-sweep.js +131 -12
  29. package/dist/bin/graph-backfill.js +113 -10
  30. package/dist/bin/graph-export.js +113 -10
  31. package/dist/bin/scan-tasks.js +131 -12
  32. package/dist/bin/setup.js +107 -5
  33. package/dist/bin/shard-migrate.js +113 -10
  34. package/dist/bin/wiki-sync.js +113 -10
  35. package/dist/gateway/index.js +131 -12
  36. package/dist/hooks/bug-report-worker.js +131 -12
  37. package/dist/hooks/commit-complete.js +131 -12
  38. package/dist/hooks/error-recall.js +113 -10
  39. package/dist/hooks/ingest-worker.js +131 -12
  40. package/dist/hooks/instructions-loaded.js +113 -10
  41. package/dist/hooks/notification.js +113 -10
  42. package/dist/hooks/post-compact.js +113 -10
  43. package/dist/hooks/pre-compact.js +131 -12
  44. package/dist/hooks/pre-tool-use.js +113 -10
  45. package/dist/hooks/prompt-ingest-worker.js +113 -10
  46. package/dist/hooks/prompt-submit.js +140 -14
  47. package/dist/hooks/response-ingest-worker.js +113 -10
  48. package/dist/hooks/session-end.js +113 -10
  49. package/dist/hooks/session-start.js +113 -10
  50. package/dist/hooks/stop.js +113 -10
  51. package/dist/hooks/subagent-stop.js +113 -10
  52. package/dist/hooks/summary-worker.js +231 -114
  53. package/dist/index.js +131 -12
  54. package/dist/lib/cloud-sync.js +10 -2
  55. package/dist/lib/employee-templates.js +99 -4
  56. package/dist/lib/exe-daemon.js +4859 -4706
  57. package/dist/lib/hybrid-search.js +113 -10
  58. package/dist/lib/schedules.js +113 -10
  59. package/dist/lib/store.js +113 -10
  60. package/dist/lib/tasks.js +18 -2
  61. package/dist/lib/tmux-routing.js +18 -2
  62. package/dist/mcp/server.js +214 -28
  63. package/dist/mcp/tools/create-task.js +18 -2
  64. package/dist/mcp/tools/list-tasks.js +18 -2
  65. package/dist/runtime/index.js +131 -12
  66. package/dist/tui/App.js +337 -211
  67. package/package.json +2 -2
@@ -1527,6 +1527,103 @@ var init_shard_manager = __esm({
1527
1527
  }
1528
1528
  });
1529
1529
 
1530
+ // src/lib/platform-procedures.ts
1531
+ var PLATFORM_PROCEDURES, PLATFORM_PROCEDURE_TITLES;
1532
+ var init_platform_procedures = __esm({
1533
+ "src/lib/platform-procedures.ts"() {
1534
+ "use strict";
1535
+ PLATFORM_PROCEDURES = [
1536
+ // --- Foundation: what is exe-os ---
1537
+ {
1538
+ title: "What is exe-os \u2014 the operating model every agent must understand",
1539
+ domain: "architecture",
1540
+ priority: "p0",
1541
+ content: "Exe OS is an AI employee operating system. A founder runs 5-10 AI agents as a real org: COO (exe), CTO (yoshi), CMO (mari), engineers (tom), content (sasha). Each agent has identity, expertise, and experience layers \u2014 persistent memory that makes them better over time. All data is local-first, E2EE, owned by the user. The MCP server is the ONLY data interface \u2014 never access the DB directly."
1542
+ },
1543
+ {
1544
+ title: "Mode 1 \u2014 how exe-os runs inside Claude Code",
1545
+ domain: "architecture",
1546
+ priority: "p0",
1547
+ content: "Mode 1: exe-os runs AS hooks + MCP + skills inside Claude Code. The founder opens CC, runs /exe to boot the COO. exe manages employees in tmux sessions. Each exeN is a separate CC window/project. Employees (yoshi, tom, mari) run in their own tmux panes via create_task auto-spawn. The founder talks to exe; exe orchestrates the team. CC is the shell, exe-os is the brain."
1548
+ },
1549
+ {
1550
+ title: "Sessions explained \u2014 what exeN means and how projects work",
1551
+ domain: "architecture",
1552
+ priority: "p0",
1553
+ content: "Each exeN (exe1, exe2, exe3) is an isolated project session. exe1 might be exe-os development, exe2 might be exe-wiki. Each session spawns its own employees: exe1\u2192yoshi-exe1\u2192tom-exe1. Sessions share the same memory DB but tasks are scoped to the session that created them. A founder can run multiple projects simultaneously. Sessions never interfere with each other."
1554
+ },
1555
+ // --- Hierarchy and dispatch ---
1556
+ {
1557
+ title: "Chain of command \u2014 who talks to whom",
1558
+ domain: "workflow",
1559
+ priority: "p0",
1560
+ content: "Founder \u2192 exe (COO) \u2192 yoshi (CTO) / mari (CMO). Yoshi \u2192 tom (engineer). Mari \u2192 sasha (content). Never skip levels: exe never assigns directly to tom. Tom never reports directly to exe. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
1561
+ },
1562
+ {
1563
+ title: "Single dispatch path \u2014 create_task only",
1564
+ domain: "workflow",
1565
+ priority: "p0",
1566
+ content: "create_task is the ONLY way to dispatch work to another agent. No direct ensureEmployee calls, no manual tmux spawns, no send_message for actionable work. create_task \u2192 system auto-spawns \u2192 session correctly named. ONE PATH. No backdoors. No exceptions."
1567
+ },
1568
+ // --- Session isolation ---
1569
+ {
1570
+ title: "Session scoping \u2014 stay in your exe boundary",
1571
+ domain: "security",
1572
+ priority: "p0",
1573
+ content: "Session scoping is mandatory. Managers dispatch to workers within their own exe session ONLY. exe1\u2192yoshi-exe1\u2192tom-exe1. exe2\u2192yoshi-exe2\u2192tom2-exe2. Cross-session dispatch is blocked by the system. Verify session names before dispatch. Tasks are scoped to the creating exe session."
1574
+ },
1575
+ {
1576
+ title: "Session isolation \u2014 never touch another session's work",
1577
+ domain: "workflow",
1578
+ priority: "p0",
1579
+ content: `Sessions are isolated. exeN owns ONLY tasks it dispatched. (1) Never close/update/cancel tasks from another exe session. (2) Never review work from a different session \u2014 report "belongs to exeN" and skip. (3) Ignore other sessions' items in list_tasks results. (4) Employees inherit session: yoshi-exe1 works ONLY on exe1 tasks. Cross-session work is a system violation.`
1580
+ },
1581
+ // --- Engineering: session scoping in code ---
1582
+ {
1583
+ title: "Three-dimensional scoping \u2014 session, project, role \u2014 enforced in every query",
1584
+ domain: "architecture",
1585
+ priority: "p0",
1586
+ content: "Every DB query, notification, review count, and task operation MUST be scoped on 3 dimensions: (1) Session \u2014 filter by session_scope matching current exeN. (2) Project \u2014 filter by project_name. (3) Role \u2014 agents only see data at their hierarchy level. When writing ANY function that touches tasks, reviews, messages, or notifications: always accept a sessionScope parameter and pass it to the SQL WHERE clause. Unscoped queries are bugs. Test by running 2+ exe sessions simultaneously."
1587
+ },
1588
+ // --- Hard constraints ---
1589
+ {
1590
+ title: "What you CANNOT do in exe-os \u2014 hard constraints",
1591
+ domain: "security",
1592
+ priority: "p0",
1593
+ content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 exe reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
1594
+ },
1595
+ // --- Operations ---
1596
+ {
1597
+ title: "Managers must supervise deployed workers",
1598
+ domain: "workflow",
1599
+ priority: "p0",
1600
+ content: `Every manager (COO/CTO/CMO) who dispatches work to a worker MUST actively monitor them. Check tmux capture-pane every 10 minutes. Verify they're working, not stuck. If idle at prompt with in_progress task \u2192 send intercom. If stuck \u2192 unblock or escalate. "Standing by" without checking is negligence.`
1601
+ },
1602
+ {
1603
+ title: "COO boot health check \u2014 memory, cloud sync, daemon on every launch",
1604
+ domain: "workflow",
1605
+ priority: "p0",
1606
+ content: "On every /exe boot, COO MUST check system health BEFORE other work: (1) daemon \u2014 is exed PID alive, (2) cloud sync \u2014 grep workers.log for recent cloud-sync errors, (3) memory count \u2014 total in DB, (4) sync delta \u2014 local vs cloud storage_bytes. Report as 4-line status table. If ANY check fails, surface to founder immediately. Do not proceed to tasks until health confirmed."
1607
+ },
1608
+ {
1609
+ title: "exe-build-adv mandatory for 3+ files",
1610
+ domain: "workflow",
1611
+ priority: "p0",
1612
+ content: "exe-build-adv is MANDATORY for ALL work touching 3+ files. Run /exe-build-adv --auto BEFORE implementation. Pipeline: Spec \u2192 AC \u2192 Tests \u2192 Evaluate \u2192 Fix. No multi-file feature ships without pipeline artifacts. No exceptions \u2014 managers reject work without them."
1613
+ },
1614
+ {
1615
+ title: "Desktop and TUI are the same product",
1616
+ domain: "architecture",
1617
+ priority: "p0",
1618
+ content: "Desktop and TUI are the SAME product in different renderers. Same data contracts, same interactions, same acceptance criteria. Desktop tab specs in ARCHITECTURE.md ARE the TUI specs. When building TUI, cross-reference Desktop spec. Different tab names, identical behavior. Never treat them as separate products."
1619
+ }
1620
+ ];
1621
+ PLATFORM_PROCEDURE_TITLES = new Set(
1622
+ PLATFORM_PROCEDURES.map((p) => p.title)
1623
+ );
1624
+ }
1625
+ });
1626
+
1530
1627
  // src/lib/global-procedures.ts
1531
1628
  var global_procedures_exports = {};
1532
1629
  __export(global_procedures_exports, {
@@ -1542,22 +1639,25 @@ async function loadGlobalProcedures() {
1542
1639
  sql: "SELECT * FROM global_procedures WHERE active = 1 ORDER BY priority ASC, created_at ASC",
1543
1640
  args: []
1544
1641
  });
1545
- const procedures = result.rows;
1546
- if (procedures.length > 0) {
1547
- _cache = procedures.map((p) => `### ${p.title}
1642
+ const allRows = result.rows;
1643
+ const customerOnly = allRows.filter((p) => !PLATFORM_PROCEDURE_TITLES.has(p.title));
1644
+ if (customerOnly.length > 0) {
1645
+ _customerCache = customerOnly.map((p) => `### ${p.title}
1548
1646
  ${p.content}`).join("\n\n");
1549
1647
  } else {
1550
- _cache = "";
1648
+ _customerCache = "";
1551
1649
  }
1552
1650
  _cacheLoaded = true;
1553
- return procedures;
1651
+ return customerOnly;
1554
1652
  }
1555
1653
  function getGlobalProceduresBlock() {
1556
- if (!_cacheLoaded) return "";
1557
- if (!_cache) return "";
1654
+ const sections = [];
1655
+ if (_platformCache) sections.push(_platformCache);
1656
+ if (_cacheLoaded && _customerCache) sections.push(_customerCache);
1657
+ if (sections.length === 0) return "";
1558
1658
  return `## Organization-Wide Procedures (MANDATORY \u2014 supersedes all other rules)
1559
1659
 
1560
- ${_cache}
1660
+ ${sections.join("\n\n")}
1561
1661
  `;
1562
1662
  }
1563
1663
  async function storeGlobalProcedure(input2) {
@@ -1582,13 +1682,16 @@ async function deactivateGlobalProcedure(id) {
1582
1682
  await loadGlobalProcedures();
1583
1683
  return result.rowsAffected > 0;
1584
1684
  }
1585
- var _cache, _cacheLoaded;
1685
+ var _customerCache, _cacheLoaded, _platformCache;
1586
1686
  var init_global_procedures = __esm({
1587
1687
  "src/lib/global-procedures.ts"() {
1588
1688
  "use strict";
1589
1689
  init_database();
1590
- _cache = "";
1690
+ init_platform_procedures();
1691
+ _customerCache = "";
1591
1692
  _cacheLoaded = false;
1693
+ _platformCache = PLATFORM_PROCEDURES.map((p) => `### ${p.title}
1694
+ ${p.content}`).join("\n\n");
1592
1695
  }
1593
1696
  });
1594
1697
 
@@ -3911,16 +4014,32 @@ var init_tasks_crud = __esm({
3911
4014
  // src/lib/tasks-review.ts
3912
4015
  import path13 from "path";
3913
4016
  import { existsSync as existsSync12, readdirSync as readdirSync4, unlinkSync as unlinkSync4 } from "fs";
3914
- async function countPendingReviews() {
4017
+ async function countPendingReviews(sessionScope) {
3915
4018
  const client = getClient();
4019
+ if (sessionScope) {
4020
+ const result2 = await client.execute({
4021
+ sql: "SELECT COUNT(*) as cnt FROM tasks WHERE status = 'needs_review' AND (session_scope = ? OR session_scope IS NULL)",
4022
+ args: [sessionScope]
4023
+ });
4024
+ return Number(result2.rows[0]?.cnt) || 0;
4025
+ }
3916
4026
  const result = await client.execute({
3917
4027
  sql: "SELECT COUNT(*) as cnt FROM tasks WHERE status = 'needs_review'",
3918
4028
  args: []
3919
4029
  });
3920
4030
  return Number(result.rows[0]?.cnt) || 0;
3921
4031
  }
3922
- async function countNewPendingReviewsSince(sinceIso) {
4032
+ async function countNewPendingReviewsSince(sinceIso, sessionScope) {
3923
4033
  const client = getClient();
4034
+ if (sessionScope) {
4035
+ const result2 = await client.execute({
4036
+ sql: `SELECT COUNT(*) as cnt FROM tasks
4037
+ WHERE status = 'needs_review' AND updated_at > ?
4038
+ AND (session_scope = ? OR session_scope IS NULL)`,
4039
+ args: [sinceIso, sessionScope]
4040
+ });
4041
+ return Number(result2.rows[0]?.cnt) || 0;
4042
+ }
3924
4043
  const result = await client.execute({
3925
4044
  sql: `SELECT COUNT(*) as cnt FROM tasks
3926
4045
  WHERE status = 'needs_review' AND updated_at > ?`,
@@ -1790,6 +1790,103 @@ var init_shard_manager = __esm({
1790
1790
  }
1791
1791
  });
1792
1792
 
1793
+ // src/lib/platform-procedures.ts
1794
+ var PLATFORM_PROCEDURES, PLATFORM_PROCEDURE_TITLES;
1795
+ var init_platform_procedures = __esm({
1796
+ "src/lib/platform-procedures.ts"() {
1797
+ "use strict";
1798
+ PLATFORM_PROCEDURES = [
1799
+ // --- Foundation: what is exe-os ---
1800
+ {
1801
+ title: "What is exe-os \u2014 the operating model every agent must understand",
1802
+ domain: "architecture",
1803
+ priority: "p0",
1804
+ content: "Exe OS is an AI employee operating system. A founder runs 5-10 AI agents as a real org: COO (exe), CTO (yoshi), CMO (mari), engineers (tom), content (sasha). Each agent has identity, expertise, and experience layers \u2014 persistent memory that makes them better over time. All data is local-first, E2EE, owned by the user. The MCP server is the ONLY data interface \u2014 never access the DB directly."
1805
+ },
1806
+ {
1807
+ title: "Mode 1 \u2014 how exe-os runs inside Claude Code",
1808
+ domain: "architecture",
1809
+ priority: "p0",
1810
+ content: "Mode 1: exe-os runs AS hooks + MCP + skills inside Claude Code. The founder opens CC, runs /exe to boot the COO. exe manages employees in tmux sessions. Each exeN is a separate CC window/project. Employees (yoshi, tom, mari) run in their own tmux panes via create_task auto-spawn. The founder talks to exe; exe orchestrates the team. CC is the shell, exe-os is the brain."
1811
+ },
1812
+ {
1813
+ title: "Sessions explained \u2014 what exeN means and how projects work",
1814
+ domain: "architecture",
1815
+ priority: "p0",
1816
+ content: "Each exeN (exe1, exe2, exe3) is an isolated project session. exe1 might be exe-os development, exe2 might be exe-wiki. Each session spawns its own employees: exe1\u2192yoshi-exe1\u2192tom-exe1. Sessions share the same memory DB but tasks are scoped to the session that created them. A founder can run multiple projects simultaneously. Sessions never interfere with each other."
1817
+ },
1818
+ // --- Hierarchy and dispatch ---
1819
+ {
1820
+ title: "Chain of command \u2014 who talks to whom",
1821
+ domain: "workflow",
1822
+ priority: "p0",
1823
+ content: "Founder \u2192 exe (COO) \u2192 yoshi (CTO) / mari (CMO). Yoshi \u2192 tom (engineer). Mari \u2192 sasha (content). Never skip levels: exe never assigns directly to tom. Tom never reports directly to exe. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
1824
+ },
1825
+ {
1826
+ title: "Single dispatch path \u2014 create_task only",
1827
+ domain: "workflow",
1828
+ priority: "p0",
1829
+ content: "create_task is the ONLY way to dispatch work to another agent. No direct ensureEmployee calls, no manual tmux spawns, no send_message for actionable work. create_task \u2192 system auto-spawns \u2192 session correctly named. ONE PATH. No backdoors. No exceptions."
1830
+ },
1831
+ // --- Session isolation ---
1832
+ {
1833
+ title: "Session scoping \u2014 stay in your exe boundary",
1834
+ domain: "security",
1835
+ priority: "p0",
1836
+ content: "Session scoping is mandatory. Managers dispatch to workers within their own exe session ONLY. exe1\u2192yoshi-exe1\u2192tom-exe1. exe2\u2192yoshi-exe2\u2192tom2-exe2. Cross-session dispatch is blocked by the system. Verify session names before dispatch. Tasks are scoped to the creating exe session."
1837
+ },
1838
+ {
1839
+ title: "Session isolation \u2014 never touch another session's work",
1840
+ domain: "workflow",
1841
+ priority: "p0",
1842
+ content: `Sessions are isolated. exeN owns ONLY tasks it dispatched. (1) Never close/update/cancel tasks from another exe session. (2) Never review work from a different session \u2014 report "belongs to exeN" and skip. (3) Ignore other sessions' items in list_tasks results. (4) Employees inherit session: yoshi-exe1 works ONLY on exe1 tasks. Cross-session work is a system violation.`
1843
+ },
1844
+ // --- Engineering: session scoping in code ---
1845
+ {
1846
+ title: "Three-dimensional scoping \u2014 session, project, role \u2014 enforced in every query",
1847
+ domain: "architecture",
1848
+ priority: "p0",
1849
+ content: "Every DB query, notification, review count, and task operation MUST be scoped on 3 dimensions: (1) Session \u2014 filter by session_scope matching current exeN. (2) Project \u2014 filter by project_name. (3) Role \u2014 agents only see data at their hierarchy level. When writing ANY function that touches tasks, reviews, messages, or notifications: always accept a sessionScope parameter and pass it to the SQL WHERE clause. Unscoped queries are bugs. Test by running 2+ exe sessions simultaneously."
1850
+ },
1851
+ // --- Hard constraints ---
1852
+ {
1853
+ title: "What you CANNOT do in exe-os \u2014 hard constraints",
1854
+ domain: "security",
1855
+ priority: "p0",
1856
+ content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 exe reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
1857
+ },
1858
+ // --- Operations ---
1859
+ {
1860
+ title: "Managers must supervise deployed workers",
1861
+ domain: "workflow",
1862
+ priority: "p0",
1863
+ content: `Every manager (COO/CTO/CMO) who dispatches work to a worker MUST actively monitor them. Check tmux capture-pane every 10 minutes. Verify they're working, not stuck. If idle at prompt with in_progress task \u2192 send intercom. If stuck \u2192 unblock or escalate. "Standing by" without checking is negligence.`
1864
+ },
1865
+ {
1866
+ title: "COO boot health check \u2014 memory, cloud sync, daemon on every launch",
1867
+ domain: "workflow",
1868
+ priority: "p0",
1869
+ content: "On every /exe boot, COO MUST check system health BEFORE other work: (1) daemon \u2014 is exed PID alive, (2) cloud sync \u2014 grep workers.log for recent cloud-sync errors, (3) memory count \u2014 total in DB, (4) sync delta \u2014 local vs cloud storage_bytes. Report as 4-line status table. If ANY check fails, surface to founder immediately. Do not proceed to tasks until health confirmed."
1870
+ },
1871
+ {
1872
+ title: "exe-build-adv mandatory for 3+ files",
1873
+ domain: "workflow",
1874
+ priority: "p0",
1875
+ content: "exe-build-adv is MANDATORY for ALL work touching 3+ files. Run /exe-build-adv --auto BEFORE implementation. Pipeline: Spec \u2192 AC \u2192 Tests \u2192 Evaluate \u2192 Fix. No multi-file feature ships without pipeline artifacts. No exceptions \u2014 managers reject work without them."
1876
+ },
1877
+ {
1878
+ title: "Desktop and TUI are the same product",
1879
+ domain: "architecture",
1880
+ priority: "p0",
1881
+ content: "Desktop and TUI are the SAME product in different renderers. Same data contracts, same interactions, same acceptance criteria. Desktop tab specs in ARCHITECTURE.md ARE the TUI specs. When building TUI, cross-reference Desktop spec. Different tab names, identical behavior. Never treat them as separate products."
1882
+ }
1883
+ ];
1884
+ PLATFORM_PROCEDURE_TITLES = new Set(
1885
+ PLATFORM_PROCEDURES.map((p) => p.title)
1886
+ );
1887
+ }
1888
+ });
1889
+
1793
1890
  // src/lib/global-procedures.ts
1794
1891
  var global_procedures_exports = {};
1795
1892
  __export(global_procedures_exports, {
@@ -1805,22 +1902,25 @@ async function loadGlobalProcedures() {
1805
1902
  sql: "SELECT * FROM global_procedures WHERE active = 1 ORDER BY priority ASC, created_at ASC",
1806
1903
  args: []
1807
1904
  });
1808
- const procedures = result.rows;
1809
- if (procedures.length > 0) {
1810
- _cache = procedures.map((p) => `### ${p.title}
1905
+ const allRows = result.rows;
1906
+ const customerOnly = allRows.filter((p) => !PLATFORM_PROCEDURE_TITLES.has(p.title));
1907
+ if (customerOnly.length > 0) {
1908
+ _customerCache = customerOnly.map((p) => `### ${p.title}
1811
1909
  ${p.content}`).join("\n\n");
1812
1910
  } else {
1813
- _cache = "";
1911
+ _customerCache = "";
1814
1912
  }
1815
1913
  _cacheLoaded = true;
1816
- return procedures;
1914
+ return customerOnly;
1817
1915
  }
1818
1916
  function getGlobalProceduresBlock() {
1819
- if (!_cacheLoaded) return "";
1820
- if (!_cache) return "";
1917
+ const sections = [];
1918
+ if (_platformCache) sections.push(_platformCache);
1919
+ if (_cacheLoaded && _customerCache) sections.push(_customerCache);
1920
+ if (sections.length === 0) return "";
1821
1921
  return `## Organization-Wide Procedures (MANDATORY \u2014 supersedes all other rules)
1822
1922
 
1823
- ${_cache}
1923
+ ${sections.join("\n\n")}
1824
1924
  `;
1825
1925
  }
1826
1926
  async function storeGlobalProcedure(input2) {
@@ -1845,13 +1945,16 @@ async function deactivateGlobalProcedure(id) {
1845
1945
  await loadGlobalProcedures();
1846
1946
  return result.rowsAffected > 0;
1847
1947
  }
1848
- var _cache, _cacheLoaded;
1948
+ var _customerCache, _cacheLoaded, _platformCache;
1849
1949
  var init_global_procedures = __esm({
1850
1950
  "src/lib/global-procedures.ts"() {
1851
1951
  "use strict";
1852
1952
  init_database();
1853
- _cache = "";
1953
+ init_platform_procedures();
1954
+ _customerCache = "";
1854
1955
  _cacheLoaded = false;
1956
+ _platformCache = PLATFORM_PROCEDURES.map((p) => `### ${p.title}
1957
+ ${p.content}`).join("\n\n");
1855
1958
  }
1856
1959
  });
1857
1960
 
@@ -1422,6 +1422,103 @@ var init_shard_manager = __esm({
1422
1422
  }
1423
1423
  });
1424
1424
 
1425
+ // src/lib/platform-procedures.ts
1426
+ var PLATFORM_PROCEDURES, PLATFORM_PROCEDURE_TITLES;
1427
+ var init_platform_procedures = __esm({
1428
+ "src/lib/platform-procedures.ts"() {
1429
+ "use strict";
1430
+ PLATFORM_PROCEDURES = [
1431
+ // --- Foundation: what is exe-os ---
1432
+ {
1433
+ title: "What is exe-os \u2014 the operating model every agent must understand",
1434
+ domain: "architecture",
1435
+ priority: "p0",
1436
+ content: "Exe OS is an AI employee operating system. A founder runs 5-10 AI agents as a real org: COO (exe), CTO (yoshi), CMO (mari), engineers (tom), content (sasha). Each agent has identity, expertise, and experience layers \u2014 persistent memory that makes them better over time. All data is local-first, E2EE, owned by the user. The MCP server is the ONLY data interface \u2014 never access the DB directly."
1437
+ },
1438
+ {
1439
+ title: "Mode 1 \u2014 how exe-os runs inside Claude Code",
1440
+ domain: "architecture",
1441
+ priority: "p0",
1442
+ content: "Mode 1: exe-os runs AS hooks + MCP + skills inside Claude Code. The founder opens CC, runs /exe to boot the COO. exe manages employees in tmux sessions. Each exeN is a separate CC window/project. Employees (yoshi, tom, mari) run in their own tmux panes via create_task auto-spawn. The founder talks to exe; exe orchestrates the team. CC is the shell, exe-os is the brain."
1443
+ },
1444
+ {
1445
+ title: "Sessions explained \u2014 what exeN means and how projects work",
1446
+ domain: "architecture",
1447
+ priority: "p0",
1448
+ content: "Each exeN (exe1, exe2, exe3) is an isolated project session. exe1 might be exe-os development, exe2 might be exe-wiki. Each session spawns its own employees: exe1\u2192yoshi-exe1\u2192tom-exe1. Sessions share the same memory DB but tasks are scoped to the session that created them. A founder can run multiple projects simultaneously. Sessions never interfere with each other."
1449
+ },
1450
+ // --- Hierarchy and dispatch ---
1451
+ {
1452
+ title: "Chain of command \u2014 who talks to whom",
1453
+ domain: "workflow",
1454
+ priority: "p0",
1455
+ content: "Founder \u2192 exe (COO) \u2192 yoshi (CTO) / mari (CMO). Yoshi \u2192 tom (engineer). Mari \u2192 sasha (content). Never skip levels: exe never assigns directly to tom. Tom never reports directly to exe. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
1456
+ },
1457
+ {
1458
+ title: "Single dispatch path \u2014 create_task only",
1459
+ domain: "workflow",
1460
+ priority: "p0",
1461
+ content: "create_task is the ONLY way to dispatch work to another agent. No direct ensureEmployee calls, no manual tmux spawns, no send_message for actionable work. create_task \u2192 system auto-spawns \u2192 session correctly named. ONE PATH. No backdoors. No exceptions."
1462
+ },
1463
+ // --- Session isolation ---
1464
+ {
1465
+ title: "Session scoping \u2014 stay in your exe boundary",
1466
+ domain: "security",
1467
+ priority: "p0",
1468
+ content: "Session scoping is mandatory. Managers dispatch to workers within their own exe session ONLY. exe1\u2192yoshi-exe1\u2192tom-exe1. exe2\u2192yoshi-exe2\u2192tom2-exe2. Cross-session dispatch is blocked by the system. Verify session names before dispatch. Tasks are scoped to the creating exe session."
1469
+ },
1470
+ {
1471
+ title: "Session isolation \u2014 never touch another session's work",
1472
+ domain: "workflow",
1473
+ priority: "p0",
1474
+ content: `Sessions are isolated. exeN owns ONLY tasks it dispatched. (1) Never close/update/cancel tasks from another exe session. (2) Never review work from a different session \u2014 report "belongs to exeN" and skip. (3) Ignore other sessions' items in list_tasks results. (4) Employees inherit session: yoshi-exe1 works ONLY on exe1 tasks. Cross-session work is a system violation.`
1475
+ },
1476
+ // --- Engineering: session scoping in code ---
1477
+ {
1478
+ title: "Three-dimensional scoping \u2014 session, project, role \u2014 enforced in every query",
1479
+ domain: "architecture",
1480
+ priority: "p0",
1481
+ content: "Every DB query, notification, review count, and task operation MUST be scoped on 3 dimensions: (1) Session \u2014 filter by session_scope matching current exeN. (2) Project \u2014 filter by project_name. (3) Role \u2014 agents only see data at their hierarchy level. When writing ANY function that touches tasks, reviews, messages, or notifications: always accept a sessionScope parameter and pass it to the SQL WHERE clause. Unscoped queries are bugs. Test by running 2+ exe sessions simultaneously."
1482
+ },
1483
+ // --- Hard constraints ---
1484
+ {
1485
+ title: "What you CANNOT do in exe-os \u2014 hard constraints",
1486
+ domain: "security",
1487
+ priority: "p0",
1488
+ content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 exe reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
1489
+ },
1490
+ // --- Operations ---
1491
+ {
1492
+ title: "Managers must supervise deployed workers",
1493
+ domain: "workflow",
1494
+ priority: "p0",
1495
+ content: `Every manager (COO/CTO/CMO) who dispatches work to a worker MUST actively monitor them. Check tmux capture-pane every 10 minutes. Verify they're working, not stuck. If idle at prompt with in_progress task \u2192 send intercom. If stuck \u2192 unblock or escalate. "Standing by" without checking is negligence.`
1496
+ },
1497
+ {
1498
+ title: "COO boot health check \u2014 memory, cloud sync, daemon on every launch",
1499
+ domain: "workflow",
1500
+ priority: "p0",
1501
+ content: "On every /exe boot, COO MUST check system health BEFORE other work: (1) daemon \u2014 is exed PID alive, (2) cloud sync \u2014 grep workers.log for recent cloud-sync errors, (3) memory count \u2014 total in DB, (4) sync delta \u2014 local vs cloud storage_bytes. Report as 4-line status table. If ANY check fails, surface to founder immediately. Do not proceed to tasks until health confirmed."
1502
+ },
1503
+ {
1504
+ title: "exe-build-adv mandatory for 3+ files",
1505
+ domain: "workflow",
1506
+ priority: "p0",
1507
+ content: "exe-build-adv is MANDATORY for ALL work touching 3+ files. Run /exe-build-adv --auto BEFORE implementation. Pipeline: Spec \u2192 AC \u2192 Tests \u2192 Evaluate \u2192 Fix. No multi-file feature ships without pipeline artifacts. No exceptions \u2014 managers reject work without them."
1508
+ },
1509
+ {
1510
+ title: "Desktop and TUI are the same product",
1511
+ domain: "architecture",
1512
+ priority: "p0",
1513
+ content: "Desktop and TUI are the SAME product in different renderers. Same data contracts, same interactions, same acceptance criteria. Desktop tab specs in ARCHITECTURE.md ARE the TUI specs. When building TUI, cross-reference Desktop spec. Different tab names, identical behavior. Never treat them as separate products."
1514
+ }
1515
+ ];
1516
+ PLATFORM_PROCEDURE_TITLES = new Set(
1517
+ PLATFORM_PROCEDURES.map((p) => p.title)
1518
+ );
1519
+ }
1520
+ });
1521
+
1425
1522
  // src/lib/global-procedures.ts
1426
1523
  var global_procedures_exports = {};
1427
1524
  __export(global_procedures_exports, {
@@ -1437,22 +1534,25 @@ async function loadGlobalProcedures() {
1437
1534
  sql: "SELECT * FROM global_procedures WHERE active = 1 ORDER BY priority ASC, created_at ASC",
1438
1535
  args: []
1439
1536
  });
1440
- const procedures = result.rows;
1441
- if (procedures.length > 0) {
1442
- _cache = procedures.map((p) => `### ${p.title}
1537
+ const allRows = result.rows;
1538
+ const customerOnly = allRows.filter((p) => !PLATFORM_PROCEDURE_TITLES.has(p.title));
1539
+ if (customerOnly.length > 0) {
1540
+ _customerCache = customerOnly.map((p) => `### ${p.title}
1443
1541
  ${p.content}`).join("\n\n");
1444
1542
  } else {
1445
- _cache = "";
1543
+ _customerCache = "";
1446
1544
  }
1447
1545
  _cacheLoaded = true;
1448
- return procedures;
1546
+ return customerOnly;
1449
1547
  }
1450
1548
  function getGlobalProceduresBlock() {
1451
- if (!_cacheLoaded) return "";
1452
- if (!_cache) return "";
1549
+ const sections = [];
1550
+ if (_platformCache) sections.push(_platformCache);
1551
+ if (_cacheLoaded && _customerCache) sections.push(_customerCache);
1552
+ if (sections.length === 0) return "";
1453
1553
  return `## Organization-Wide Procedures (MANDATORY \u2014 supersedes all other rules)
1454
1554
 
1455
- ${_cache}
1555
+ ${sections.join("\n\n")}
1456
1556
  `;
1457
1557
  }
1458
1558
  async function storeGlobalProcedure(input) {
@@ -1477,13 +1577,16 @@ async function deactivateGlobalProcedure(id) {
1477
1577
  await loadGlobalProcedures();
1478
1578
  return result.rowsAffected > 0;
1479
1579
  }
1480
- var _cache, _cacheLoaded;
1580
+ var _customerCache, _cacheLoaded, _platformCache;
1481
1581
  var init_global_procedures = __esm({
1482
1582
  "src/lib/global-procedures.ts"() {
1483
1583
  "use strict";
1484
1584
  init_database();
1485
- _cache = "";
1585
+ init_platform_procedures();
1586
+ _customerCache = "";
1486
1587
  _cacheLoaded = false;
1588
+ _platformCache = PLATFORM_PROCEDURES.map((p) => `### ${p.title}
1589
+ ${p.content}`).join("\n\n");
1487
1590
  }
1488
1591
  });
1489
1592