@askexenow/exe-os 0.9.105 → 0.9.106

package/dist/bin/agentic-ontology-backfill.js

@@ -1606,7 +1606,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -3737,12 +3745,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/agentic-reflection-backfill.js

@@ -1606,7 +1606,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -3737,12 +3745,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/agentic-semantic-label.js

@@ -1606,7 +1606,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -3737,12 +3745,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/backfill-conversations.js

@@ -1746,7 +1746,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -3877,12 +3885,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/backfill-responses.js

@@ -1746,7 +1746,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -3877,12 +3885,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/backfill-vectors.js

@@ -1742,7 +1742,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -3873,12 +3881,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/bulk-sync-postgres.js

@@ -1606,7 +1606,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -4045,12 +4053,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/cleanup-stale-review-tasks.js

@@ -1832,7 +1832,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -4520,12 +4528,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/cli.js

@@ -4487,7 +4487,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -9226,12 +9234,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/exe-agent.js

@@ -1511,12 +1511,6 @@ var PLATFORM_PROCEDURES = [
     priority: "p0",
     content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
   },
-  {
-    title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-    domain: "workflow",
-    priority: "p0",
-    content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-  },
   {
     title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
     domain: "architecture",

package/dist/bin/exe-assign.js

@@ -1756,7 +1756,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -3887,12 +3895,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/exe-boot.js

@@ -1908,7 +1908,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -3575,12 +3583,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/exe-call.js

@@ -448,12 +448,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/exe-cloud.js

@@ -2344,7 +2344,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -7035,12 +7043,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/exe-dispatch.js

@@ -2410,7 +2410,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -8329,12 +8337,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/exe-doctor.js

@@ -2932,7 +2932,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -4848,12 +4856,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/exe-export-behaviors.js

@@ -1897,7 +1897,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -4585,12 +4593,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",

package/dist/bin/exe-forget.js

@@ -1821,7 +1821,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -4509,12 +4517,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",
@@ -5981,7 +5983,32 @@ async function ftsQuery(client, matchExpr, agentId, options, limit) {
   sql = appendMemoryTypeFilter(sql, args, "m.memory_type", options);
   sql += ` ORDER BY rank LIMIT ?`;
   args.push(limit);
-  const result = await client.execute({ sql, args });
+  let result;
+  try {
+    result = await client.execute({ sql, args });
+  } catch (ftsErr) {
+    const msg = ftsErr instanceof Error ? ftsErr.message : String(ftsErr);
+    if (msg.includes("fts5") || msg.includes("FTS") || msg.includes("database disk image is malformed")) {
+      process.stderr.write(
+        `[hybrid-search] FTS5 corruption detected during query: ${msg}
+[hybrid-search] Attempting auto-rebuild of memories_fts index...
+`
+      );
+      try {
+        await client.execute("INSERT INTO memories_fts(memories_fts) VALUES('rebuild')");
+        process.stderr.write("[hybrid-search] FTS5 index rebuilt successfully \u2014 retrying query.\n");
+        result = await client.execute({ sql, args });
+      } catch (rebuildErr) {
+        process.stderr.write(
+          `[hybrid-search] FTS5 rebuild failed: ${rebuildErr instanceof Error ? rebuildErr.message : String(rebuildErr)}
+`
+        );
+        return [];
+      }
+    } else {
+      throw ftsErr;
+    }
+  }
   return result.rows.map((row) => ({
     id: row.id,
     agent_id: row.agent_id,

package/dist/bin/exe-gateway.js

@@ -2492,7 +2492,15 @@ function getClient() {
   if (!_resilientClient) {
     return _adapterClient;
   }
-  return _resilientClient;
+  if (process.env.EXE_DB_READONLY === "1") {
+    return _resilientClient;
+  }
+  process.stderr.write(
+    "[database] ERROR: Daemon is not running \u2014 refusing direct SQLite write access.\n[database] Direct writes bypass the single-writer gate and corrupt FTS5 indexes.\n[database] Restart the daemon: kill $(cat ~/.exe-os/exed.pid) && exe-os update\n[database] Or set EXE_DB_READONLY=1 if you only need read access.\n"
+  );
+  throw new Error(
+    "Daemon not running. Direct SQLite writes are blocked to prevent FTS5 corruption. Restart daemon or set EXE_DB_READONLY=1 for read-only access."
+  );
 }
 async function initDaemonClient() {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") return;
@@ -5193,12 +5201,6 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When you dispatch work, you OWN the review. Check list_tasks(status='needs_review') on EVERY prompt \u2014 don't wait for intercom nudges (they're unreliable). When a task shows needs_review: (1) read the deliverable (git diff in worktree, exe/output/ files, or task result summary), (2) verify it works (tsc, build, run), (3) close_task if good or create a fix task if not. Reviews sitting >30 minutes is a pipeline stall. The whole chain: worker calls update_task(done) \u2192 system flags needs_review \u2192 manager pulls and verifies \u2192 close_task \u2192 COO reviews manager's work \u2192 merge to main. Every level actively pulls \u2014 nobody waits."
       },
-      {
-        title: "Bug fix lifecycle \u2014 triage upstream after every verified fix so customers see the status",
-        domain: "workflow",
-        priority: "p0",
-        content: "When a bug from support(action='list_bugs') is fixed and verified, the reviewer MUST triage it upstream: support(action='triage_bug', id='<bug-id>', notes='<what was fixed>', fixed_version='<version>', linked_commit='<hash>'). This closes the bug in the customer's view \u2014 their COO checks list_my_bugs and sees status change from open \u2192 closed with the fix version. Without triage, customers see 'open' forever even after the fix ships. Same for feature requests: support(action='triage_feature', ..., shipped_version='<version>'). Triage is part of the review gate \u2014 a fix is not done until the upstream report is closed."
-      },
       {
         title: "Intercom is a speedup, not delivery \u2014 DB is the source of truth",
         domain: "architecture",