@askexenow/exe-os 0.9.112 → 0.9.114

package/dist/bin/exe-call.js

@@ -290,11 +290,17 @@ var init_platform_procedures = __esm({
         content: "Founder -> coordinator (the executive agent, internally routed as 'COO') -> CTO/CMO. CTO -> engineers. CMO -> content production. Never skip levels: the coordinator does not bypass managers for specialist work. Specialists report to their manager. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
       },
       {
-        title: "Customer orchestration maturity \u2014 recommend, never trap",
+        title: "Orchestration phase guidance \u2014 recommend, never trap",
         domain: "workflow",
         priority: "p1",
         content: "New customers start best in Phase 1: founder \u2194 coordinator/Chief of Staff, building company context. Suggest Phase 2 executives when domain work repeats; suggest Phase 3 parallel execution only when review/permission gates are ready. This is guidance, not a blocker: users may jump phases anytime. Never overwrite their phase, role titles, identities, or custom org design."
       },
+      {
+        title: "Routing slot vs display title \u2014 internal 'coo' is plumbing, not your name",
+        domain: "identity",
+        priority: "p0",
+        content: "These procedures reference 'COO' as a shorthand for the coordinator role. This is an INTERNAL routing slot used by exe-os code (chain-of-command checks, dispatch logic, session detection). It is NOT your display title. Your actual title comes from your identity file's `title:` field \u2014 that is what you use externally: introductions, sign-offs, team comms, and any user-facing text. If your identity says `title: AI Chief of Staff`, you are the AI Chief of Staff. The routing slot stays `role: coo` for code compatibility \u2014 never rename it, but also never introduce yourself as 'COO' unless your identity file explicitly says so. The founder chose your title; respect it."
+      },
       {
         title: "Single dispatch path \u2014 create_task only",
         domain: "workflow",
@@ -328,6 +334,12 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 the COO reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
       },
+      {
+        title: "Destructive operations \u2014 mandatory reviewer gate",
+        domain: "security",
+        priority: "p0",
+        content: "Before ANY destructive operation (delete, remove, overwrite, drop, reset, force-push, truncate), you MUST: (1) Have your full task spec accessible \u2014 if you cannot read it, STOP and report to your reviewer. Never improvise destructive actions. (2) Confirm with your reviewer (assigned_by or COO) before executing. (3) If the task spec explicitly authorizes the operation, proceed \u2014 but log it. Violation = immediate task failure. This applies to ALL agents regardless of role."
+      },
       {
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
@@ -573,9 +585,23 @@ __export(employee_templates_exports, {
 function getSessionPrompt(storedPrompt) {
   const markerIndex = storedPrompt.indexOf(PROCEDURES_MARKER);
   const withoutProcedures = markerIndex >= 0 ? storedPrompt.slice(0, markerIndex).trimEnd() : storedPrompt;
+  let titlePrefix = "";
+  const frontmatterMatch = withoutProcedures.match(/^---\r?\n([\s\S]*?)\r?\n---/);
+  if (frontmatterMatch) {
+    const titleMatch = frontmatterMatch[1].match(/^title:\s*(.+)$/m);
+    const roleMatch = frontmatterMatch[1].match(/^role:\s*(.+)$/m);
+    if (titleMatch) {
+      const title = titleMatch[1].trim();
+      const role = roleMatch ? roleMatch[1].trim() : "";
+      if (title && role && title.toLowerCase() !== role.toLowerCase()) {
+        titlePrefix = `## Your Identity
+You are **${title}** (specialist). `;
+      }
+    }
+  }
   const rolePrompt = withoutProcedures.replace(/^---\r?\n[\s\S]*?\r?\n---\r?\n?/, "").replace(/<!--[\s\S]*?-->/g, "").trimStart();
   const globalBlock = getGlobalProceduresBlock();
-  return `${globalBlock}${rolePrompt}
+  return `${globalBlock}${titlePrefix}${rolePrompt}
 ${BASE_OPERATING_PROCEDURES}`;
 }
 function buildCustomEmployeePrompt(name, role) {
@@ -594,7 +620,7 @@ function personalizePrompt(prompt, templateName, actualName) {
   return prompt.replace(new RegExp(`\\bYou are ${escaped}\\b`, "g"), `You are ${actualName}`);
 }
 function renderClientCOOTemplate(vars) {
-  const resolved = { ...vars, title: vars.title || "Chief Operating Officer" };
+  const resolved = { ...vars, title: vars.title || "Chief of Staff" };
   for (const key of CLIENT_COO_PLACEHOLDERS) {
     const value = resolved[key];
     if (typeof value !== "string" || value.length === 0) {
@@ -1237,7 +1263,9 @@ __export(agent_config_exports, {
   clearAgentRuntime: () => clearAgentRuntime,
   getAgentRuntime: () => getAgentRuntime,
   loadAgentConfig: () => loadAgentConfig,
+  normalizeCcModelName: () => normalizeCcModelName,
   saveAgentConfig: () => saveAgentConfig,
+  setAgentMcps: () => setAgentMcps,
   setAgentRuntime: () => setAgentRuntime
 });
 import { readFileSync as readFileSync3, writeFileSync as writeFileSync2, existsSync as existsSync5 } from "fs";
@@ -1264,7 +1292,14 @@ function getAgentRuntime(agentId) {
   if (orgDefault) return orgDefault;
   return { runtime: DEFAULT_RUNTIME, model: DEFAULT_MODELS[DEFAULT_RUNTIME] };
 }
-function setAgentRuntime(agentId, runtime, model, reasoning_effort) {
+function normalizeCcModelName(model) {
+  let ccModel = model.replace(/(\d+)\.(\d+)/g, "$1-$2");
+  if (/claude-(opus|sonnet)-4-[6-9]/.test(ccModel) && !ccModel.includes("[1m]")) {
+    ccModel += "[1m]";
+  }
+  return ccModel;
+}
+function setAgentRuntime(agentId, runtime, model, reasoning_effort, mcps) {
   const knownModels = KNOWN_RUNTIMES[runtime];
   if (!knownModels) {
     return {
@@ -1279,12 +1314,26 @@ function setAgentRuntime(agentId, runtime, model, reasoning_effort) {
     };
   }
   const config = loadAgentConfig();
+  const existing = config[agentId];
   const entry = { runtime, model };
   if (reasoning_effort) entry.reasoning_effort = reasoning_effort;
+  if (mcps !== void 0) {
+    entry.mcps = mcps.includes("exe-os") ? mcps : ["exe-os", ...mcps];
+  } else if (existing?.mcps) {
+    entry.mcps = existing.mcps;
+  }
   config[agentId] = entry;
   saveAgentConfig(config);
   return { ok: true };
 }
+function setAgentMcps(agentId, mcps) {
+  const config = loadAgentConfig();
+  const existing = config[agentId] ?? getAgentRuntime(agentId);
+  existing.mcps = mcps.includes("exe-os") ? mcps : ["exe-os", ...mcps];
+  config[agentId] = existing;
+  saveAgentConfig(config);
+  return { ok: true };
+}
 function clearAgentRuntime(agentId) {
   const config = loadAgentConfig();
   delete config[agentId];

package/dist/bin/exe-cloud.js

@@ -25,7 +25,7 @@ __export(keychain_exports, {
   importMnemonic: () => importMnemonic,
   setMasterKey: () => setMasterKey
 });
-import { readFile, writeFile, unlink, mkdir, chmod } from "fs/promises";
+import { readFile, writeFile, unlink, mkdir, chmod, rename, copyFile } from "fs/promises";
 import { existsSync, statSync } from "fs";
 import { execSync } from "child_process";
 import path from "path";
@@ -60,12 +60,14 @@ function linuxSecretAvailable() {
 function isRootOnlyTrustedServerKeyFile(keyPath) {
   if (process.platform !== "linux") return false;
   try {
-    const uid = typeof os.userInfo().uid === "number" ? os.userInfo().uid : -1;
     const st = statSync(keyPath);
     if (!st.isFile() || (st.mode & 63) !== 0) return false;
+    const uid = typeof os.userInfo().uid === "number" ? os.userInfo().uid : -1;
     if (uid === 0) return true;
     const exeOsDir = process.env.EXE_OS_DIR;
-    return Boolean(exeOsDir && path.resolve(keyPath).startsWith(path.resolve(exeOsDir) + path.sep));
+    if (exeOsDir && path.resolve(keyPath).startsWith(path.resolve(exeOsDir) + path.sep)) return true;
+    if (!linuxSecretAvailable()) return true;
+    return false;
   } catch {
     return false;
   }
@@ -215,15 +217,25 @@ async function writeMachineBoundFileFallback(b64) {
   await mkdir(dir, { recursive: true });
   const keyPath = getKeyPath();
   const machineKey = deriveMachineKey();
-  if (machineKey) {
-    const encrypted = encryptWithMachineKey(b64, machineKey);
-    await writeFile(keyPath, encrypted + "\n", "utf-8");
-    await chmod(keyPath, 384);
-    return "encrypted";
+  const content = machineKey ? encryptWithMachineKey(b64, machineKey) + "\n" : b64 + "\n";
+  const result = machineKey ? "encrypted" : "plaintext";
+  const tmpPath = keyPath + ".tmp";
+  try {
+    if (existsSync(keyPath)) {
+      await copyFile(keyPath, keyPath + ".bak").catch(() => {
+      });
+    }
+    await writeFile(tmpPath, content, "utf-8");
+    await chmod(tmpPath, 384);
+    await rename(tmpPath, keyPath);
+  } catch (err) {
+    try {
+      await unlink(tmpPath);
+    } catch {
+    }
+    throw err;
   }
-  await writeFile(keyPath, b64 + "\n", "utf-8");
-  await chmod(keyPath, 384);
-  return "plaintext";
+  return result;
 }
 async function getMasterKey() {
   let nativeValue = macKeychainGet() ?? linuxSecretGet();
@@ -3772,6 +3784,22 @@ async function ensureSchema() {
   } catch (e) {
     logCatchDebug("migration", e);
   }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN visibility TEXT DEFAULT 'private'`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE memories ADD COLUMN strength REAL DEFAULT 1.0`,
+      args: []
+    });
+  } catch (e) {
+    logCatchDebug("migration", e);
+  }
 }
 async function disposeDatabase() {
   if (_walCheckpointTimer) {
@@ -4269,7 +4297,7 @@ async function assertVpsLicense(opts) {
   }
   if (!transientFailure) {
     throw new Error(
-      "License validation failed: unknown backend state. Restore network connectivity to https://askexe.com/cloud and retry."
+      "License validation failed: unknown backend state. Restore network connectivity to https://cloud.askexe.com and retry."
     );
   }
   const fresh = await getCachedLicense();
@@ -4306,7 +4334,7 @@ async function assertVpsLicense(opts) {
   } catch {
   }
   throw new Error(
-    `License validation unreachable for more than ${graceDays} days. Restore network connectivity to https://askexe.com/cloud and retry. This VPS image refuses to boot after the offline grace window.`
+    `License validation unreachable for more than ${graceDays} days. Restore network connectivity to https://cloud.askexe.com and retry. This VPS image refuses to boot after the offline grace window.`
   );
 }
 function startLicenseRevalidation(intervalMs = 36e5) {
@@ -4338,7 +4366,7 @@ var init_license = __esm({
     LICENSE_PATH = path7.join(EXE_AI_DIR, "license.key");
     CACHE_PATH = path7.join(EXE_AI_DIR, "license-cache.json");
     DEVICE_ID_PATH = path7.join(EXE_AI_DIR, "device-id");
-    API_BASE = process.env.EXE_CLOUD_ENDPOINT ?? "https://askexe.com/cloud";
+    API_BASE = process.env.EXE_CLOUD_ENDPOINT ?? "https://cloud.askexe.com";
     RETRY_DELAY_MS = 500;
     LICENSE_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeHztAMOpR/ZMh+rWuOASjEZ54CGY
@@ -4745,6 +4773,7 @@ __export(cloud_sync_exports, {
   markCloudReuploadRequired: () => markCloudReuploadRequired,
   mergeConfig: () => mergeConfig,
   mergeRosterFromRemote: () => mergeRosterFromRemote,
+  migrateEndpoint: () => migrateEndpoint,
   pushToPostgres: () => pushToPostgres,
   recordRosterDeletion: () => recordRosterDeletion
 });
@@ -4915,6 +4944,15 @@ async function fetchWithRetry(url, init) {
   }
   throw lastError;
 }
+function migrateEndpoint(endpoint) {
+  if (endpoint === "https://askexe.com/cloud" || endpoint === "https://askexe.com/cloud/") {
+    process.stderr.write(
+      "[cloud-sync] Auto-migrating endpoint from askexe.com/cloud to cloud.askexe.com (bypasses Cloudflare WAF for datacenter IPs)\n"
+    );
+    return "https://cloud.askexe.com";
+  }
+  return endpoint;
+}
 function assertSecureEndpoint(endpoint) {
   if (endpoint.startsWith("https://")) return;
   if (endpoint.startsWith("http://")) {
@@ -5052,6 +5090,7 @@ async function markCloudReuploadRequired(client = getClient()) {
   await client.execute("INSERT OR REPLACE INTO sync_meta (key, value) VALUES ('cloud_reupload_required', '1')");
 }
 async function cloudSync(config) {
+  config = { ...config, endpoint: migrateEndpoint(config.endpoint) };
   if (!isSyncCryptoInitialized()) {
     try {
       const { getMasterKey: getMasterKey2 } = await Promise.resolve().then(() => (init_keychain(), keychain_exports));
@@ -5141,6 +5180,27 @@ async function cloudSync(config) {
       if (stmts.length > 0) await client.batch(stmts, "write");
       pulled = pullResult.records.length;
     } else {
+      try {
+        const incomingIds = pullResult.records.map((r) => sqlSafe(r.id));
+        if (incomingIds.length > 0) {
+          const ph = incomingIds.map(() => "?").join(",");
+          const existing = await client.execute({
+            sql: `SELECT id, version, timestamp FROM memories WHERE id IN (${ph})`,
+            args: incomingIds
+          });
+          const localMap = new Map(existing.rows.map((r) => [String(r.id), r]));
+          for (const rec of pullResult.records) {
+            const local = localMap.get(String(rec.id));
+            if (local && Number(local.version) > 0 && Number(local.version) !== Number(rec.version ?? 0)) {
+              process.stderr.write(
+                `[cloud-sync] CONFLICT: memory ${String(rec.id).slice(0, 8)} \u2014 local v${local.version} vs remote v${rec.version ?? 0}. Remote wins (LWW).
+`
+              );
+            }
+          }
+        }
+      } catch {
+      }
       const stmts = pullResult.records.map((rec) => ({
         sql: `INSERT OR REPLACE INTO memories
               (id, agent_id, agent_role, session_id, timestamp,
@@ -6898,11 +6958,17 @@ var init_platform_procedures = __esm({
         content: "Founder -> coordinator (the executive agent, internally routed as 'COO') -> CTO/CMO. CTO -> engineers. CMO -> content production. Never skip levels: the coordinator does not bypass managers for specialist work. Specialists report to their manager. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
       },
       {
-        title: "Customer orchestration maturity \u2014 recommend, never trap",
+        title: "Orchestration phase guidance \u2014 recommend, never trap",
         domain: "workflow",
         priority: "p1",
         content: "New customers start best in Phase 1: founder \u2194 coordinator/Chief of Staff, building company context. Suggest Phase 2 executives when domain work repeats; suggest Phase 3 parallel execution only when review/permission gates are ready. This is guidance, not a blocker: users may jump phases anytime. Never overwrite their phase, role titles, identities, or custom org design."
       },
+      {
+        title: "Routing slot vs display title \u2014 internal 'coo' is plumbing, not your name",
+        domain: "identity",
+        priority: "p0",
+        content: "These procedures reference 'COO' as a shorthand for the coordinator role. This is an INTERNAL routing slot used by exe-os code (chain-of-command checks, dispatch logic, session detection). It is NOT your display title. Your actual title comes from your identity file's `title:` field \u2014 that is what you use externally: introductions, sign-offs, team comms, and any user-facing text. If your identity says `title: AI Chief of Staff`, you are the AI Chief of Staff. The routing slot stays `role: coo` for code compatibility \u2014 never rename it, but also never introduce yourself as 'COO' unless your identity file explicitly says so. The founder chose your title; respect it."
+      },
       {
         title: "Single dispatch path \u2014 create_task only",
         domain: "workflow",
@@ -6936,6 +7002,12 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 the COO reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
       },
+      {
+        title: "Destructive operations \u2014 mandatory reviewer gate",
+        domain: "security",
+        priority: "p0",
+        content: "Before ANY destructive operation (delete, remove, overwrite, drop, reset, force-push, truncate), you MUST: (1) Have your full task spec accessible \u2014 if you cannot read it, STOP and report to your reviewer. Never improvise destructive actions. (2) Confirm with your reviewer (assigned_by or COO) before executing. (3) If the task spec explicitly authorizes the operation, proceed \u2014 but log it. Violation = immediate task failure. This applies to ALL agents regardless of role."
+      },
       {
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
@@ -7221,10 +7293,24 @@ function stableId(memoryId, type, content) {
   return createHash2("sha256").update(`${memoryId}:${type}:${content}`).digest("hex").slice(0, 32);
 }
 function cleanText(text) {
-  return text.replace(/```[\s\S]*?```/g, " ").replace(/<[^>]+>/g, " ").replace(/\s+/g, " ").trim();
+  let cleaned = text.replace(
+    /```(\w*)\n(.*?)(?:\n[\s\S]*?)```/g,
+    (_m, lang, firstLine) => `[code${lang ? `:${lang}` : ""}] ${firstLine.trim()}`
+  );
+  cleaned = cleaned.replace(/<[^>]+>/g, " ").replace(/\s+/g, " ").trim();
+  return cleaned;
 }
-function splitSentences(text) {
-  return cleanText(text).split(/(?<=[.!?])\s+|\n+/).map((s) => s.trim()).filter((s) => s.length >= 24 && s.length <= MAX_SENTENCE_CHARS);
+function splitSegments(text) {
+  const cleaned = cleanText(text);
+  const segments = cleaned.split(/(?<=[.!?:;])\s+|\n{2,}|(?<=\))\s+(?=[A-Z])|\s*[|│]\s*/).map((s) => s.trim()).filter((s) => s.length >= MIN_SEGMENT_CHARS && s.length <= MAX_SEGMENT_CHARS);
+  if (segments.length === 0 && cleaned.length >= MIN_SEGMENT_CHARS) {
+    const lines = cleaned.split(/\n+/).map((l) => l.trim()).filter((l) => l.length >= MIN_SEGMENT_CHARS && l.length <= MAX_SEGMENT_CHARS);
+    if (lines.length > 0) return lines;
+    if (cleaned.length >= MIN_SEGMENT_CHARS) {
+      return [cleaned.slice(0, MAX_SEGMENT_CHARS)];
+    }
+  }
+  return segments;
 }
 function inferCardType(sentence, toolName) {
   const lower = sentence.toLowerCase();
@@ -7256,12 +7342,12 @@ function predicateFor(type) {
   }
 }
 function extractMemoryCards(row) {
-  const sentences = splitSentences(row.raw_text);
+  const segments = splitSegments(row.raw_text);
   const cards = [];
-  for (const sentence of sentences) {
+  for (const sentence of segments) {
     const type = inferCardType(sentence, row.tool_name);
     const subject = extractSubject(sentence, row.agent_id);
-    const content = sentence.length > MAX_SENTENCE_CHARS ? `${sentence.slice(0, MAX_SENTENCE_CHARS - 1)}\u2026` : sentence;
+    const content = sentence.length > MAX_SEGMENT_CHARS ? `${sentence.slice(0, MAX_SEGMENT_CHARS - 1)}\u2026` : sentence;
     cards.push({
       id: stableId(row.id, type, content),
       memory_id: row.id,
@@ -7357,13 +7443,14 @@ Source memory: ${String(row.source_ref ?? row.memory_id)}`,
     last_accessed: String(row.timestamp)
   }));
 }
-var MAX_CARDS_PER_MEMORY, MAX_SENTENCE_CHARS;
+var MAX_CARDS_PER_MEMORY, MAX_SEGMENT_CHARS, MIN_SEGMENT_CHARS;
 var init_memory_cards = __esm({
   "src/lib/memory-cards.ts"() {
     "use strict";
     init_database();
-    MAX_CARDS_PER_MEMORY = 6;
-    MAX_SENTENCE_CHARS = 360;
+    MAX_CARDS_PER_MEMORY = 8;
+    MAX_SEGMENT_CHARS = 500;
+    MIN_SEGMENT_CHARS = 20;
   }
 });
 
@@ -8486,7 +8573,7 @@ async function setupMode() {
       rl.close();
       return;
     }
-    const endpoint = await ask(rl, "  Endpoint [https://askexe.com/cloud]: ") || "https://askexe.com/cloud";
+    const endpoint = await ask(rl, "  Endpoint [https://cloud.askexe.com]: ") || "https://cloud.askexe.com";
     console.log("  Validating...");
     try {
       assertSecureEndpoint(endpoint);
@@ -8552,6 +8639,14 @@ async function setupMode() {
     }
     console.log("");
   }
+  try {
+    const keyInfo = await getKeyStorageInfo();
+    if (keyInfo.kind !== "missing") {
+      console.log(`  \u2713 Encryption key: ${keyInfo.note}`);
+    }
+  } catch {
+  }
+  console.log("");
   console.log(BAR);
   console.log(latestConfig.cloud?.apiKey ? " Setup complete. Cloud sync is connected." : " Setup complete. Cloud sync is not configured yet.");
   console.log(BAR);
@@ -8643,7 +8738,13 @@ async function statusMode() {
   console.log("");
   if (key) {
     const fingerprint = key.toString("hex").slice(0, 8);
-    console.log(`  Encryption key: \u2713 present (${fingerprint}...)`);
+    let storageNote = "";
+    try {
+      const keyInfo = await getKeyStorageInfo();
+      if (keyInfo.kind !== "missing") storageNote = ` [${keyInfo.note}]`;
+    } catch {
+    }
+    console.log(`  Encryption key: \u2713 present (${fingerprint}...)${storageNote}`);
   } else {
     console.log("  Encryption key: \u2717 not found \u2014 run /exe-setup");
   }