@askexenow/exe-os 0.9.112 → 0.9.113

package/dist/hooks/summary-worker.js

@@ -3320,6 +3320,22 @@ async function ensureSchema() {
   } catch (e) {
     logCatchDebug("migration", e);
   }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN visibility TEXT DEFAULT 'private'`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN strength REAL DEFAULT 1.0`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
 }
 async function disposeDatabase() {
   if (_walCheckpointTimer) {
@@ -4437,11 +4453,17 @@ var init_platform_procedures = __esm({
         content: "Founder -> coordinator (the executive agent, internally routed as 'COO') -> CTO/CMO. CTO -> engineers. CMO -> content production. Never skip levels: the coordinator does not bypass managers for specialist work. Specialists report to their manager. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
       },
       {
-        title: "Customer orchestration maturity \u2014 recommend, never trap",
+        title: "Orchestration phase guidance \u2014 recommend, never trap",
         domain: "workflow",
         priority: "p1",
         content: "New customers start best in Phase 1: founder \u2194 coordinator/Chief of Staff, building company context. Suggest Phase 2 executives when domain work repeats; suggest Phase 3 parallel execution only when review/permission gates are ready. This is guidance, not a blocker: users may jump phases anytime. Never overwrite their phase, role titles, identities, or custom org design."
       },
+      {
+        title: "Routing slot vs display title \u2014 internal 'coo' is plumbing, not your name",
+        domain: "identity",
+        priority: "p0",
+        content: "These procedures reference 'COO' as a shorthand for the coordinator role. This is an INTERNAL routing slot used by exe-os code (chain-of-command checks, dispatch logic, session detection). It is NOT your display title. Your actual title comes from your identity file's `title:` field \u2014 that is what you use externally: introductions, sign-offs, team comms, and any user-facing text. If your identity says `title: AI Chief of Staff`, you are the AI Chief of Staff. The routing slot stays `role: coo` for code compatibility \u2014 never rename it, but also never introduce yourself as 'COO' unless your identity file explicitly says so. The founder chose your title; respect it."
+      },
       {
         title: "Single dispatch path \u2014 create_task only",
         domain: "workflow",
@@ -4475,6 +4497,12 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 the COO reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
       },
+      {
+        title: "Destructive operations \u2014 mandatory reviewer gate",
+        domain: "security",
+        priority: "p0",
+        content: "Before ANY destructive operation (delete, remove, overwrite, drop, reset, force-push, truncate), you MUST: (1) Have your full task spec accessible \u2014 if you cannot read it, STOP and report to your reviewer. Never improvise destructive actions. (2) Confirm with your reviewer (assigned_by or COO) before executing. (3) If the task spec explicitly authorizes the operation, proceed \u2014 but log it. Violation = immediate task failure. This applies to ALL agents regardless of role."
+      },
       {
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
@@ -5400,7 +5428,7 @@ async function assertVpsLicense(opts) {
   }
   if (!transientFailure) {
     throw new Error(
-      "License validation failed: unknown backend state. Restore network connectivity to https://askexe.com/cloud and retry."
+      "License validation failed: unknown backend state. Restore network connectivity to https://cloud.askexe.com and retry."
     );
   }
   const fresh = await getCachedLicense();
@@ -5437,7 +5465,7 @@ async function assertVpsLicense(opts) {
   } catch {
   }
   throw new Error(
-    `License validation unreachable for more than ${graceDays} days. Restore network connectivity to https://askexe.com/cloud and retry. This VPS image refuses to boot after the offline grace window.`
+    `License validation unreachable for more than ${graceDays} days. Restore network connectivity to https://cloud.askexe.com and retry. This VPS image refuses to boot after the offline grace window.`
   );
 }
 function startLicenseRevalidation(intervalMs = 36e5) {
@@ -5469,7 +5497,7 @@ var init_license = __esm({
     LICENSE_PATH = path11.join(EXE_AI_DIR, "license.key");
     CACHE_PATH = path11.join(EXE_AI_DIR, "license-cache.json");
     DEVICE_ID_PATH = path11.join(EXE_AI_DIR, "device-id");
-    API_BASE = process.env.EXE_CLOUD_ENDPOINT ?? "https://askexe.com/cloud";
+    API_BASE = process.env.EXE_CLOUD_ENDPOINT ?? "https://cloud.askexe.com";
     RETRY_DELAY_MS = 500;
     LICENSE_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeHztAMOpR/ZMh+rWuOASjEZ54CGY
@@ -5658,6 +5686,18 @@ function extractRootExe(name) {
   const parts = name.split("-").filter(Boolean);
   return parts.length > 0 ? parts[parts.length - 1] : null;
 }
+function registerParentExe(sessionKey, parentExe, dispatchedBy) {
+  if (!existsSync14(SESSION_CACHE)) {
+    mkdirSync7(SESSION_CACHE, { recursive: true });
+  }
+  const rootExe = extractRootExe(parentExe) ?? parentExe;
+  const filePath = path14.join(SESSION_CACHE, `parent-exe-${sessionKey}.json`);
+  writeFileSync6(filePath, JSON.stringify({
+    parentExe: rootExe,
+    dispatchedBy: dispatchedBy || rootExe,
+    registeredAt: (/* @__PURE__ */ new Date()).toISOString()
+  }));
+}
 function getParentExe(sessionKey) {
   try {
     const data = JSON.parse(readFileSync9(path14.join(SESSION_CACHE, `parent-exe-${sessionKey}.json`), "utf8"));
@@ -5667,11 +5707,12 @@ function getParentExe(sessionKey) {
   }
 }
 function resolveExeSession() {
+  if (process.env.EXE_SESSION_NAME) {
+    const fromEnv = extractRootExe(process.env.EXE_SESSION_NAME) ?? process.env.EXE_SESSION_NAME;
+    if (fromEnv) return fromEnv;
+  }
   const mySession = getMySession();
   if (!mySession) {
-    if (process.env.EXE_SESSION_NAME) {
-      return extractRootExe(process.env.EXE_SESSION_NAME) ?? process.env.EXE_SESSION_NAME;
-    }
     return null;
   }
   const fromSessionName = extractRootExe(mySession);
@@ -5686,6 +5727,10 @@ function resolveExeSession() {
           `[tmux-routing] WARN: cache says "${fromCache}" but session name says "${fromSessionName}". Trusting session name.
 `
         );
+        try {
+          registerParentExe(key, fromSessionName);
+        } catch {
+        }
         candidate = fromSessionName;
       } else {
         candidate = fromCache;
@@ -6851,6 +6896,27 @@ async function cloudSync(config) {
       if (stmts.length > 0) await client.batch(stmts, "write");
       pulled = pullResult.records.length;
     } else {
+      try {
+        const incomingIds = pullResult.records.map((r) => sqlSafe(r.id));
+        if (incomingIds.length > 0) {
+          const ph = incomingIds.map(() => "?").join(",");
+          const existing = await client.execute({
+            sql: `SELECT id, version, timestamp FROM memories WHERE id IN (${ph})`,
+            args: incomingIds
+          });
+          const localMap = new Map(existing.rows.map((r) => [String(r.id), r]));
+          for (const rec of pullResult.records) {
+            const local = localMap.get(String(rec.id));
+            if (local && Number(local.version) > 0 && Number(local.version) !== Number(rec.version ?? 0)) {
+              process.stderr.write(
+                `[cloud-sync] CONFLICT: memory ${String(rec.id).slice(0, 8)} \u2014 local v${local.version} vs remote v${rec.version ?? 0}. Remote wins (LWW).
+`
+              );
+            }
+          }
+        }
+      } catch {
+      }
       const stmts = pullResult.records.map((rec) => ({
         sql: `INSERT OR REPLACE INTO memories
               (id, agent_id, agent_role, session_id, timestamp,

package/dist/index.js

@@ -368,6 +368,7 @@ __export(agent_config_exports, {
   getAgentRuntime: () => getAgentRuntime,
   loadAgentConfig: () => loadAgentConfig,
   saveAgentConfig: () => saveAgentConfig,
+  setAgentMcps: () => setAgentMcps,
   setAgentRuntime: () => setAgentRuntime
 });
 import { readFileSync as readFileSync2, writeFileSync, existsSync as existsSync3 } from "fs";
@@ -394,7 +395,7 @@ function getAgentRuntime(agentId) {
   if (orgDefault) return orgDefault;
   return { runtime: DEFAULT_RUNTIME, model: DEFAULT_MODELS[DEFAULT_RUNTIME] };
 }
-function setAgentRuntime(agentId, runtime, model, reasoning_effort) {
+function setAgentRuntime(agentId, runtime, model, reasoning_effort, mcps) {
   const knownModels = KNOWN_RUNTIMES[runtime];
   if (!knownModels) {
     return {
@@ -409,12 +410,26 @@ function setAgentRuntime(agentId, runtime, model, reasoning_effort) {
     };
   }
   const config2 = loadAgentConfig();
+  const existing = config2[agentId];
   const entry = { runtime, model };
   if (reasoning_effort) entry.reasoning_effort = reasoning_effort;
+  if (mcps !== void 0) {
+    entry.mcps = mcps.includes("exe-os") ? mcps : ["exe-os", ...mcps];
+  } else if (existing?.mcps) {
+    entry.mcps = existing.mcps;
+  }
   config2[agentId] = entry;
   saveAgentConfig(config2);
   return { ok: true };
 }
+function setAgentMcps(agentId, mcps) {
+  const config2 = loadAgentConfig();
+  const existing = config2[agentId] ?? getAgentRuntime(agentId);
+  existing.mcps = mcps.includes("exe-os") ? mcps : ["exe-os", ...mcps];
+  config2[agentId] = existing;
+  saveAgentConfig(config2);
+  return { ok: true };
+}
 function clearAgentRuntime(agentId) {
   const config2 = loadAgentConfig();
   delete config2[agentId];
@@ -4058,6 +4073,22 @@ async function ensureSchema() {
   } catch (e) {
     logCatchDebug("migration", e);
   }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN visibility TEXT DEFAULT 'private'`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN strength REAL DEFAULT 1.0`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
 }
 async function disposeDatabase() {
   if (_walCheckpointTimer) {
@@ -4476,7 +4507,7 @@ async function assertVpsLicense(opts) {
   }
   if (!transientFailure) {
     throw new Error(
-      "License validation failed: unknown backend state. Restore network connectivity to https://askexe.com/cloud and retry."
+      "License validation failed: unknown backend state. Restore network connectivity to https://cloud.askexe.com and retry."
     );
   }
   const fresh = await getCachedLicense();
@@ -4513,7 +4544,7 @@ async function assertVpsLicense(opts) {
   } catch {
   }
   throw new Error(
-    `License validation unreachable for more than ${graceDays} days. Restore network connectivity to https://askexe.com/cloud and retry. This VPS image refuses to boot after the offline grace window.`
+    `License validation unreachable for more than ${graceDays} days. Restore network connectivity to https://cloud.askexe.com and retry. This VPS image refuses to boot after the offline grace window.`
   );
 }
 function startLicenseRevalidation(intervalMs = 36e5) {
@@ -4545,7 +4576,7 @@ var init_license = __esm({
     LICENSE_PATH = path10.join(EXE_AI_DIR, "license.key");
     CACHE_PATH = path10.join(EXE_AI_DIR, "license-cache.json");
     DEVICE_ID_PATH = path10.join(EXE_AI_DIR, "device-id");
-    API_BASE = process.env.EXE_CLOUD_ENDPOINT ?? "https://askexe.com/cloud";
+    API_BASE = process.env.EXE_CLOUD_ENDPOINT ?? "https://cloud.askexe.com";
     RETRY_DELAY_MS = 500;
     LICENSE_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeHztAMOpR/ZMh+rWuOASjEZ54CGY
@@ -5089,6 +5120,19 @@ async function resolveTask(client, identifier, scopeSession) {
     args: [identifier, ...scope.args]
   });
   if (result.rows.length === 1) return result.rows[0];
+  if (/^[a-f0-9]{7,12}$/i.test(identifier)) {
+    result = await client.execute({
+      sql: `SELECT * FROM tasks WHERE id LIKE ?`,
+      args: [`${identifier}%`]
+    });
+    if (result.rows.length === 1) return result.rows[0];
+    if (result.rows.length > 1) {
+      const matches = result.rows.map((r) => `${String(r.id)} "${String(r.title)}" (${String(r.status)})`).join(", ");
+      throw new Error(
+        `Multiple tasks match short-ID "${identifier}": ${matches}. Use a longer prefix to disambiguate.`
+      );
+    }
+  }
   result = await client.execute({
     sql: `SELECT * FROM tasks WHERE task_file LIKE ?${scope.sql}`,
     args: [`%${identifier}%`, ...scope.args]
@@ -5943,12 +5987,13 @@ async function cascadeUnblock(taskId, baseDir, now) {
           WHERE blocked_by = ? AND status = 'blocked'`,
     args: [now, taskId]
   });
-  if (baseDir && unblocked.rowsAffected > 0) {
-    const ubScope = sessionScopeFilter();
-    const unblockedRows = await client.execute({
-      sql: `SELECT task_file FROM tasks WHERE blocked_by IS NULL AND updated_at = ?${ubScope.sql}`,
-      args: [now, ...ubScope.args]
-    });
+  if (unblocked.rowsAffected === 0) return;
+  const ubScope = sessionScopeFilter();
+  const unblockedRows = await client.execute({
+    sql: `SELECT id, title, assigned_to, priority, task_file FROM tasks WHERE blocked_by IS NULL AND updated_at = ?${ubScope.sql}`,
+    args: [now, ...ubScope.args]
+  });
+  if (baseDir) {
     for (const ur of unblockedRows.rows) {
       try {
         const ubFile = path17.join(baseDir, String(ur.task_file));
@@ -5960,6 +6005,19 @@ async function cascadeUnblock(taskId, baseDir, now) {
       }
     }
   }
+  if (unblockedRows.rows.length > 0 && !process.env.VITEST) {
+    try {
+      const { queueIntercom: queueIntercom2 } = await Promise.resolve().then(() => (init_intercom_queue(), intercom_queue_exports));
+      const dispatched = /* @__PURE__ */ new Set();
+      for (const ur of unblockedRows.rows) {
+        const assignee = String(ur.assigned_to);
+        if (dispatched.has(assignee)) continue;
+        dispatched.add(assignee);
+        queueIntercom2(`${assignee}`, `unblocked: "${String(ur.title)}" is now ready`);
+      }
+    } catch {
+    }
+  }
 }
 async function findNextTask(assignedTo) {
   const client = getClient();
@@ -6176,6 +6234,15 @@ __export(behaviors_exports, {
 });
 import crypto5 from "crypto";
 async function storeBehavior(opts) {
+  try {
+    const { loadEmployeesSync: loadEmployeesSync2 } = await Promise.resolve().then(() => (init_employees(), employees_exports));
+    const roster = loadEmployeesSync2();
+    if (roster.length > 0 && !roster.some((e) => e.name === opts.agentId)) {
+      throw new Error(`Agent "${opts.agentId}" not found in roster. Cannot store behavior for unregistered agent.`);
+    }
+  } catch (e) {
+    if (e instanceof Error && e.message.includes("not found in roster")) throw e;
+  }
   const client = getClient();
   const id = crypto5.randomUUID();
   const now = (/* @__PURE__ */ new Date()).toISOString();
@@ -6699,6 +6766,12 @@ async function updateTask(input) {
       }
     }
   }
+  if (input.status === "cancelled") {
+    try {
+      await cascadeUnblock(taskId, input.baseDir, now);
+    } catch {
+    }
+  }
   if ((input.status === "done" || input.status === "closed") && !isCoordinatorName(String(row.assigned_to)) && !process.env.VITEST) {
     Promise.resolve().then(() => (init_skill_learning(), skill_learning_exports)).then(
       ({ captureAndLearn: captureAndLearn2 }) => captureAndLearn2({
@@ -7230,11 +7303,12 @@ function getDispatchedBy(sessionKey) {
   }
 }
 function resolveExeSession() {
+  if (process.env.EXE_SESSION_NAME) {
+    const fromEnv = extractRootExe(process.env.EXE_SESSION_NAME) ?? process.env.EXE_SESSION_NAME;
+    if (fromEnv) return fromEnv;
+  }
   const mySession = getMySession();
   if (!mySession) {
-    if (process.env.EXE_SESSION_NAME) {
-      return extractRootExe(process.env.EXE_SESSION_NAME) ?? process.env.EXE_SESSION_NAME;
-    }
     return null;
   }
   const fromSessionName = extractRootExe(mySession);
@@ -7249,6 +7323,10 @@ function resolveExeSession() {
           `[tmux-routing] WARN: cache says "${fromCache}" but session name says "${fromSessionName}". Trusting session name.
 `
         );
+        try {
+          registerParentExe(key, fromSessionName);
+        } catch {
+        }
         candidate = fromSessionName;
       } else {
         candidate = fromCache;
@@ -8943,11 +9021,17 @@ var init_platform_procedures = __esm({
         content: "Founder -> coordinator (the executive agent, internally routed as 'COO') -> CTO/CMO. CTO -> engineers. CMO -> content production. Never skip levels: the coordinator does not bypass managers for specialist work. Specialists report to their manager. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
       },
       {
-        title: "Customer orchestration maturity \u2014 recommend, never trap",
+        title: "Orchestration phase guidance \u2014 recommend, never trap",
         domain: "workflow",
         priority: "p1",
         content: "New customers start best in Phase 1: founder \u2194 coordinator/Chief of Staff, building company context. Suggest Phase 2 executives when domain work repeats; suggest Phase 3 parallel execution only when review/permission gates are ready. This is guidance, not a blocker: users may jump phases anytime. Never overwrite their phase, role titles, identities, or custom org design."
       },
+      {
+        title: "Routing slot vs display title \u2014 internal 'coo' is plumbing, not your name",
+        domain: "identity",
+        priority: "p0",
+        content: "These procedures reference 'COO' as a shorthand for the coordinator role. This is an INTERNAL routing slot used by exe-os code (chain-of-command checks, dispatch logic, session detection). It is NOT your display title. Your actual title comes from your identity file's `title:` field \u2014 that is what you use externally: introductions, sign-offs, team comms, and any user-facing text. If your identity says `title: AI Chief of Staff`, you are the AI Chief of Staff. The routing slot stays `role: coo` for code compatibility \u2014 never rename it, but also never introduce yourself as 'COO' unless your identity file explicitly says so. The founder chose your title; respect it."
+      },
       {
         title: "Single dispatch path \u2014 create_task only",
         domain: "workflow",
@@ -8981,6 +9065,12 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 the COO reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
       },
+      {
+        title: "Destructive operations \u2014 mandatory reviewer gate",
+        domain: "security",
+        priority: "p0",
+        content: "Before ANY destructive operation (delete, remove, overwrite, drop, reset, force-push, truncate), you MUST: (1) Have your full task spec accessible \u2014 if you cannot read it, STOP and report to your reviewer. Never improvise destructive actions. (2) Confirm with your reviewer (assigned_by or COO) before executing. (3) If the task spec explicitly authorizes the operation, proceed \u2014 but log it. Violation = immediate task failure. This applies to ALL agents regardless of role."
+      },
       {
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
@@ -9266,10 +9356,24 @@ function stableId(memoryId, type, content) {
   return createHash2("sha256").update(`${memoryId}:${type}:${content}`).digest("hex").slice(0, 32);
 }
 function cleanText(text) {
-  return text.replace(/```[\s\S]*?```/g, " ").replace(/<[^>]+>/g, " ").replace(/\s+/g, " ").trim();
+  let cleaned = text.replace(
+    /```(\w*)\n(.*?)(?:\n[\s\S]*?)```/g,
+    (_m, lang, firstLine) => `[code${lang ? `:${lang}` : ""}] ${firstLine.trim()}`
+  );
+  cleaned = cleaned.replace(/<[^>]+>/g, " ").replace(/\s+/g, " ").trim();
+  return cleaned;
 }
-function splitSentences(text) {
-  return cleanText(text).split(/(?<=[.!?])\s+|\n+/).map((s) => s.trim()).filter((s) => s.length >= 24 && s.length <= MAX_SENTENCE_CHARS);
+function splitSegments(text) {
+  const cleaned = cleanText(text);
+  const segments = cleaned.split(/(?<=[.!?:;])\s+|\n{2,}|(?<=\))\s+(?=[A-Z])|\s*[|│]\s*/).map((s) => s.trim()).filter((s) => s.length >= MIN_SEGMENT_CHARS && s.length <= MAX_SEGMENT_CHARS);
+  if (segments.length === 0 && cleaned.length >= MIN_SEGMENT_CHARS) {
+    const lines = cleaned.split(/\n+/).map((l) => l.trim()).filter((l) => l.length >= MIN_SEGMENT_CHARS && l.length <= MAX_SEGMENT_CHARS);
+    if (lines.length > 0) return lines;
+    if (cleaned.length >= MIN_SEGMENT_CHARS) {
+      return [cleaned.slice(0, MAX_SEGMENT_CHARS)];
+    }
+  }
+  return segments;
 }
 function inferCardType(sentence, toolName) {
   const lower = sentence.toLowerCase();
@@ -9301,12 +9405,12 @@ function predicateFor(type) {
   }
 }
 function extractMemoryCards(row) {
-  const sentences = splitSentences(row.raw_text);
+  const segments = splitSegments(row.raw_text);
   const cards = [];
-  for (const sentence of sentences) {
+  for (const sentence of segments) {
     const type = inferCardType(sentence, row.tool_name);
     const subject = extractSubject(sentence, row.agent_id);
-    const content = sentence.length > MAX_SENTENCE_CHARS ? `${sentence.slice(0, MAX_SENTENCE_CHARS - 1)}\u2026` : sentence;
+    const content = sentence.length > MAX_SEGMENT_CHARS ? `${sentence.slice(0, MAX_SEGMENT_CHARS - 1)}\u2026` : sentence;
     cards.push({
       id: stableId(row.id, type, content),
       memory_id: row.id,
@@ -9402,13 +9506,14 @@ Source memory: ${String(row.source_ref ?? row.memory_id)}`,
     last_accessed: String(row.timestamp)
   }));
 }
-var MAX_CARDS_PER_MEMORY, MAX_SENTENCE_CHARS;
+var MAX_CARDS_PER_MEMORY, MAX_SEGMENT_CHARS, MIN_SEGMENT_CHARS;
 var init_memory_cards = __esm({
   "src/lib/memory-cards.ts"() {
     "use strict";
     init_database();
-    MAX_CARDS_PER_MEMORY = 6;
-    MAX_SENTENCE_CHARS = 360;
+    MAX_CARDS_PER_MEMORY = 8;
+    MAX_SEGMENT_CHARS = 500;
+    MIN_SEGMENT_CHARS = 20;
   }
 });
 

package/dist/lib/agent-config.js

@@ -175,7 +175,7 @@ function getAgentRuntime(agentId) {
   if (orgDefault) return orgDefault;
   return { runtime: DEFAULT_RUNTIME, model: DEFAULT_MODELS[DEFAULT_RUNTIME] };
 }
-function setAgentRuntime(agentId, runtime, model, reasoning_effort) {
+function setAgentRuntime(agentId, runtime, model, reasoning_effort, mcps) {
   const knownModels = KNOWN_RUNTIMES[runtime];
   if (!knownModels) {
     return {
@@ -190,12 +190,26 @@ function setAgentRuntime(agentId, runtime, model, reasoning_effort) {
     };
   }
   const config = loadAgentConfig();
+  const existing = config[agentId];
   const entry = { runtime, model };
   if (reasoning_effort) entry.reasoning_effort = reasoning_effort;
+  if (mcps !== void 0) {
+    entry.mcps = mcps.includes("exe-os") ? mcps : ["exe-os", ...mcps];
+  } else if (existing?.mcps) {
+    entry.mcps = existing.mcps;
+  }
   config[agentId] = entry;
   saveAgentConfig(config);
   return { ok: true };
 }
+function setAgentMcps(agentId, mcps) {
+  const config = loadAgentConfig();
+  const existing = config[agentId] ?? getAgentRuntime(agentId);
+  existing.mcps = mcps.includes("exe-os") ? mcps : ["exe-os", ...mcps];
+  config[agentId] = existing;
+  saveAgentConfig(config);
+  return { ok: true };
+}
 function clearAgentRuntime(agentId) {
   const config = loadAgentConfig();
   delete config[agentId];
@@ -210,5 +224,6 @@ export {
   getAgentRuntime,
   loadAgentConfig,
   saveAgentConfig,
+  setAgentMcps,
   setAgentRuntime
 };

package/dist/lib/cloud-sync.js

@@ -2972,6 +2972,22 @@ async function ensureSchema() {
   } catch (e) {
     logCatchDebug("migration", e);
   }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN visibility TEXT DEFAULT 'private'`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN strength REAL DEFAULT 1.0`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
 }
 async function disposeDatabase() {
   if (_walCheckpointTimer) {
@@ -3942,7 +3958,7 @@ import { jwtVerify, importSPKI } from "jose";
 var LICENSE_PATH = path6.join(EXE_AI_DIR, "license.key");
 var CACHE_PATH = path6.join(EXE_AI_DIR, "license-cache.json");
 var DEVICE_ID_PATH = path6.join(EXE_AI_DIR, "device-id");
-var API_BASE = process.env.EXE_CLOUD_ENDPOINT ?? "https://askexe.com/cloud";
+var API_BASE = process.env.EXE_CLOUD_ENDPOINT ?? "https://cloud.askexe.com";
 function loadDeviceId() {
   const deviceJsonPath = path6.join(EXE_AI_DIR, "device.json");
   try {
@@ -4367,6 +4383,27 @@ async function cloudSync(config) {
       if (stmts.length > 0) await client.batch(stmts, "write");
       pulled = pullResult.records.length;
     } else {
+      try {
+        const incomingIds = pullResult.records.map((r) => sqlSafe(r.id));
+        if (incomingIds.length > 0) {
+          const ph = incomingIds.map(() => "?").join(",");
+          const existing = await client.execute({
+            sql: `SELECT id, version, timestamp FROM memories WHERE id IN (${ph})`,
+            args: incomingIds
+          });
+          const localMap = new Map(existing.rows.map((r) => [String(r.id), r]));
+          for (const rec of pullResult.records) {
+            const local = localMap.get(String(rec.id));
+            if (local && Number(local.version) > 0 && Number(local.version) !== Number(rec.version ?? 0)) {
+              process.stderr.write(
+                `[cloud-sync] CONFLICT: memory ${String(rec.id).slice(0, 8)} \u2014 local v${local.version} vs remote v${rec.version ?? 0}. Remote wins (LWW).
+`
+              );
+            }
+          }
+        }
+      } catch {
+      }
       const stmts = pullResult.records.map((rec) => ({
         sql: `INSERT OR REPLACE INTO memories
               (id, agent_id, agent_role, session_id, timestamp,

package/dist/lib/consolidation.js

@@ -184,6 +184,7 @@ __export(agent_config_exports, {
   getAgentRuntime: () => getAgentRuntime,
   loadAgentConfig: () => loadAgentConfig,
   saveAgentConfig: () => saveAgentConfig,
+  setAgentMcps: () => setAgentMcps,
   setAgentRuntime: () => setAgentRuntime
 });
 import { readFileSync as readFileSync2, writeFileSync, existsSync as existsSync3 } from "fs";
@@ -210,7 +211,7 @@ function getAgentRuntime(agentId) {
   if (orgDefault) return orgDefault;
   return { runtime: DEFAULT_RUNTIME, model: DEFAULT_MODELS[DEFAULT_RUNTIME] };
 }
-function setAgentRuntime(agentId, runtime, model, reasoning_effort) {
+function setAgentRuntime(agentId, runtime, model, reasoning_effort, mcps) {
   const knownModels = KNOWN_RUNTIMES[runtime];
   if (!knownModels) {
     return {
@@ -225,12 +226,26 @@ function setAgentRuntime(agentId, runtime, model, reasoning_effort) {
     };
   }
   const config = loadAgentConfig();
+  const existing = config[agentId];
   const entry = { runtime, model };
   if (reasoning_effort) entry.reasoning_effort = reasoning_effort;
+  if (mcps !== void 0) {
+    entry.mcps = mcps.includes("exe-os") ? mcps : ["exe-os", ...mcps];
+  } else if (existing?.mcps) {
+    entry.mcps = existing.mcps;
+  }
   config[agentId] = entry;
   saveAgentConfig(config);
   return { ok: true };
 }
+function setAgentMcps(agentId, mcps) {
+  const config = loadAgentConfig();
+  const existing = config[agentId] ?? getAgentRuntime(agentId);
+  existing.mcps = mcps.includes("exe-os") ? mcps : ["exe-os", ...mcps];
+  config[agentId] = existing;
+  saveAgentConfig(config);
+  return { ok: true };
+}
 function clearAgentRuntime(agentId) {
   const config = loadAgentConfig();
   delete config[agentId];

package/dist/lib/database.js

@@ -2885,6 +2885,22 @@ async function ensureSchema() {
   } catch (e) {
     logCatchDebug("migration", e);
   }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN visibility TEXT DEFAULT 'private'`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN strength REAL DEFAULT 1.0`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
 }
 var disposeTurso = disposeDatabase;
 async function disposeDatabase() {

package/dist/lib/db.js

@@ -2885,6 +2885,22 @@ async function ensureSchema() {
   } catch (e) {
     logCatchDebug("migration", e);
   }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN visibility TEXT DEFAULT 'private'`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN strength REAL DEFAULT 1.0`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
 }
 var disposeTurso = disposeDatabase;
 async function disposeDatabase() {

package/dist/lib/device-registry.js

@@ -2911,6 +2911,22 @@ async function ensureSchema() {
   } catch (e) {
     logCatchDebug("migration", e);
   }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN visibility TEXT DEFAULT 'private'`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN strength REAL DEFAULT 1.0`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
 }
 async function disposeDatabase() {
   if (_walCheckpointTimer) {