@askexenow/exe-os 0.9.256 → 0.9.259

package/dist/{chunk-YYSQAM4W.js → chunk-4TYAHVDI.js}

@@ -3,30 +3,30 @@ import {
 } from "./chunk-MLXJ5EZG.js";
 import {
   createTask
-} from "./chunk-5R4R743Q.js";
+} from "./chunk-V2UVWYHO.js";
 import {
   getActiveAgent
-} from "./chunk-VGWQBI76.js";
+} from "./chunk-GBR4MAAK.js";
 import {
   ensureEmployee,
   logTaskDispatch,
   resolveExeSession
-} from "./chunk-CS267UMH.js";
+} from "./chunk-5LDTCWYX.js";
 import {
   recordOrchestrationEventBestEffort
-} from "./chunk-USLVSLQ5.js";
+} from "./chunk-VDCPKJUQ.js";
 import {
   getAgentRuntime
 } from "./chunk-XJUUWHVN.js";
 import {
   getLicenseSync
-} from "./chunk-VFATLVRX.js";
+} from "./chunk-L5VPUOB6.js";
 import {
   getAgentContext
 } from "./chunk-GJV3WDWM.js";
 import {
   isCoordinatorName
-} from "./chunk-5U7WB4YG.js";
+} from "./chunk-WVBZ3QBR.js";
 
 // src/mcp/tools/create-task.ts
 import { z } from "zod";
@@ -275,7 +275,7 @@ function registerCreateTask(server) {
           session_scope: sessionScope,
           created_at: (/* @__PURE__ */ new Date()).toISOString()
         }), "utf-8");
-        const { recordOrchestrationEventBestEffort: recordOE } = await import("./orchestration-events-A5D52NXX.js");
+        const { recordOrchestrationEventBestEffort: recordOE } = await import("./orchestration-events-7RMWC5SS.js");
         recordOE({
           eventType: "signal.created",
           source: "create-task.mcp",
@@ -307,7 +307,7 @@ function registerCreateTask(server) {
             let projectConflictOpts = {};
             try {
               const { getClient } = await import("./lib/database.js");
-              const { sessionScopeFilter } = await import("./task-scope-XKNAY5S7.js");
+              const { sessionScopeFilter } = await import("./task-scope-AKF3CSWO.js");
               const client = getClient();
               const scope = sessionScopeFilter(task.sessionScope || callerRoot || exeSession || null);
               const existing = await client.execute({

package/dist/{chunk-2QKNXGII.js → chunk-4VECWOUO.js}

@@ -2,10 +2,10 @@ import {
   listWorkflowDefinitions,
   runWorkflow,
   startWorkflow
-} from "./chunk-MU6ESLYL.js";
+} from "./chunk-2PFNATXD.js";
 import {
   ingest
-} from "./chunk-3EMZZZNU.js";
+} from "./chunk-X2RKYKTP.js";
 import {
   initCRMBridge
 } from "./chunk-ONKIWA3R.js";

package/dist/{chunk-YXMXP45V.js → chunk-57C3MZPQ.js}

@@ -1,13 +1,13 @@
 import {
   vectorToBlob
-} from "./chunk-PSQNT5DS.js";
+} from "./chunk-AQS2B3HC.js";
 import {
   extractKeywords,
   keywordsToString
 } from "./chunk-CHCA3ZM2.js";
 import {
   isCoordinatorName
-} from "./chunk-5U7WB4YG.js";
+} from "./chunk-WVBZ3QBR.js";
 
 // src/lib/consolidation.ts
 import { randomUUID } from "crypto";

package/dist/{chunk-FTNNNAMH.js → chunk-5JYCTIQD.js}

@@ -4,7 +4,7 @@ import {
 } from "./chunk-K77WC6HA.js";
 import {
   getClient
-} from "./chunk-5U7WB4YG.js";
+} from "./chunk-WVBZ3QBR.js";
 
 // src/lib/global-procedures.ts
 import { randomUUID } from "crypto";

package/dist/{chunk-CS267UMH.js → chunk-5LDTCWYX.js}

@@ -1,6 +1,6 @@
 import {
   ensureWorktree
-} from "./chunk-6LFFIEDM.js";
+} from "./chunk-DU64OESH.js";
 import {
   queueIntercom
 } from "./chunk-5CHYEKMH.js";
@@ -10,7 +10,7 @@ import {
 } from "./chunk-4JERP7NT.js";
 import {
   registerSession
-} from "./chunk-SD2R3SEA.js";
+} from "./chunk-J3YNCJ4A.js";
 import {
   getTransport
 } from "./chunk-MVW62NIZ.js";
@@ -19,7 +19,7 @@ import {
 } from "./chunk-CX6GL3ZJ.js";
 import {
   recordOrchestrationEventBestEffort
-} from "./chunk-USLVSLQ5.js";
+} from "./chunk-VDCPKJUQ.js";
 import {
   getAgentRuntime,
   normalizeCcModelName
@@ -30,7 +30,7 @@ import {
 import {
   PlanLimitError,
   assertEmployeeLimitSync
-} from "./chunk-VFATLVRX.js";
+} from "./chunk-L5VPUOB6.js";
 import {
   getSessionKey
 } from "./chunk-CVYC6DUW.js";
@@ -45,7 +45,7 @@ import {
 } from "./chunk-MP2AFCGL.js";
 import {
   ensureAgentSymlink
-} from "./chunk-R7FBOZT5.js";
+} from "./chunk-ISL3NSVX.js";
 import {
   expandDualPrefixTools
 } from "./chunk-HYZV25LY.js";
@@ -57,7 +57,7 @@ import {
   isCoordinatorName,
   loadEmployees,
   loadEmployeesSync
-} from "./chunk-5U7WB4YG.js";
+} from "./chunk-WVBZ3QBR.js";
 import {
   loadDeviceId
 } from "./chunk-MOZ2YQ54.js";
@@ -398,6 +398,52 @@ function checkLaneAffinity(title, context, assigneeName) {
 }
 async function resolveTask(client, identifier, scopeSession) {
   const scope = sessionScopeFilter(scopeSession);
+  const currentScope = typeof scope.args[0] === "string" ? String(scope.args[0]) : null;
+  const crossSessionError = (rows) => {
+    if (!currentScope || rows.length === 0) return null;
+    const unique = /* @__PURE__ */ new Map();
+    for (const row of rows) unique.set(String(row.id), row);
+    const crossSessionRows = [...unique.values()].filter((row) => {
+      const rowScope = row.session_scope === null || row.session_scope === void 0 ? null : String(row.session_scope);
+      return rowScope !== null && rowScope !== currentScope;
+    });
+    if (crossSessionRows.length === 0) return null;
+    const matches = crossSessionRows.slice(0, 5).map((row) => `${String(row.id).slice(0, 8)} "${String(row.title)}" [session:${String(row.session_scope)}]`).join(", ");
+    return new Error(
+      `Cross-session task mutation blocked: "${identifier}" belongs to another coordinator session. Current session: ${currentScope}. Matching task(s): ${matches}. Use task(action="list", cross_session=true) for read-only diagnostics, or switch to the owning session to update/close.`
+    );
+  };
+  const findUnscopedMatches = async () => {
+    const matches = [];
+    const pushRows = (rows) => {
+      for (const row of rows) {
+        if (!matches.some((m) => String(m.id) === String(row.id))) matches.push(row);
+      }
+    };
+    let result2 = await client.execute({
+      sql: "SELECT * FROM tasks WHERE id = ? LIMIT 10",
+      args: [identifier]
+    });
+    pushRows(result2.rows);
+    if (/^[a-f0-9]{7,12}$/i.test(identifier)) {
+      result2 = await client.execute({
+        sql: "SELECT * FROM tasks WHERE id LIKE ? LIMIT 10",
+        args: [`${identifier}%`]
+      });
+      pushRows(result2.rows);
+    }
+    result2 = await client.execute({
+      sql: "SELECT * FROM tasks WHERE task_file LIKE ? LIMIT 10",
+      args: [`%${identifier}%`]
+    });
+    pushRows(result2.rows);
+    result2 = await client.execute({
+      sql: "SELECT * FROM tasks WHERE title LIKE ? LIMIT 10",
+      args: [`%${identifier}%`]
+    });
+    pushRows(result2.rows);
+    return matches;
+  };
   let result = await client.execute({
     sql: `SELECT * FROM tasks WHERE id = ?${scope.sql}`,
     args: [identifier, ...scope.args]
@@ -409,10 +455,19 @@ async function resolveTask(client, identifier, scopeSession) {
       args: [`${identifier}%`, ...scope.args]
     });
     if (result.rows.length === 0) {
-      result = await client.execute({
-        sql: `SELECT * FROM tasks WHERE id LIKE ?`,
-        args: [`${identifier}%`]
-      });
+      if (currentScope) {
+        const unscoped = await client.execute({
+          sql: `SELECT * FROM tasks WHERE id LIKE ?`,
+          args: [`${identifier}%`]
+        });
+        const err2 = crossSessionError(unscoped.rows);
+        if (err2) throw err2;
+      } else {
+        result = await client.execute({
+          sql: `SELECT * FROM tasks WHERE id LIKE ?`,
+          args: [`${identifier}%`]
+        });
+      }
     }
     if (result.rows.length === 1) return result.rows[0];
     if (result.rows.length > 1) {
@@ -457,7 +512,10 @@ async function resolveTask(client, identifier, scopeSession) {
       `Multiple tasks match "${identifier}": ${matches}. Use a UUID to disambiguate.`
     );
   }
-  throw new Error(`Task not found: ${identifier}`);
+  const unscopedMatches = await findUnscopedMatches();
+  const err = crossSessionError(unscopedMatches);
+  if (err) throw err;
+  throw new Error(`Task not found in current session: ${identifier}`);
 }
 function renderTaskMarkdown(f) {
   return `# ${f.title}
@@ -527,7 +585,7 @@ async function createTaskCore(input) {
         if (isCoordinatorSession) {
           earlySessionScope = resolved;
         } else {
-          const { getSessionProject } = await import("./session-scope-ZB4SR3AX.js");
+          const { getSessionProject } = await import("./session-scope-DHTVH3D4.js");
           const sessionProject = getSessionProject(resolved);
           if (sessionProject && sessionProject !== input.projectName) {
             scopeMismatchWarning = `session/project mismatch: session "${resolved}" owns "${sessionProject}" but task targets "${input.projectName}". Routed to default scope.`;
@@ -994,7 +1052,7 @@ async function updateTaskStatus(input) {
     } catch {
     }
     try {
-      const { writeNotification: writeNotification2 } = await import("./notifications-BETWD6EK.js");
+      const { writeNotification: writeNotification2 } = await import("./notifications-ZKGLZVCU.js");
       await writeNotification2({
         agentId: reviewer,
         agentRole: isCoordinatorName(reviewer) ? "COO" : "manager",
@@ -1332,7 +1390,7 @@ ${input.result ?? ""}`;
         sql: "SELECT assertions FROM tasks WHERE id = ?",
         args: [taskId]
       });
-      let merged = { assertions: [], resolved: [] };
+      const merged = { assertions: [], resolved: [] };
       if (existing.rows.length > 0 && existing.rows[0]?.assertions) {
         try {
           const prev = JSON.parse(String(existing.rows[0].assertions));
@@ -1409,7 +1467,7 @@ ${input.result ?? ""}`;
   }
   if (shouldWriteCompletionMemory && input.result) {
     try {
-      const { writeMemoryViaDaemon } = await import("./memory-queue-client-ITWQIFSD.js");
+      const { writeMemoryViaDaemon } = await import("./memory-queue-client-TPQDAA4D.js");
       await writeMemoryViaDaemon({
         raw_text: input.result,
         agent_id: String(row.assigned_to),
@@ -1512,7 +1570,7 @@ ${input.result ?? ""}`;
   }
   if (input.status === "done" || input.status === "needs_review") {
     try {
-      const { incrementSkillSuccess } = await import("./skill-refinement-TT4VDYYW.js");
+      const { incrementSkillSuccess } = await import("./skill-refinement-6PBAFLWP.js");
       await incrementSkillSuccess(
         String(row.assigned_to),
         row.project_name ? String(row.project_name) : null
@@ -2997,7 +3055,7 @@ async function verifyPaneAtCapacity(sessionName) {
       reason: `capture-pane failed: ${err instanceof Error ? err.message : String(err)}`
     };
   }
-  const { isAtCapacity } = await import("./capacity-monitor-QMKII67L.js");
+  const { isAtCapacity } = await import("./capacity-monitor-CTFWWTCR.js");
   if (!isAtCapacity(pane)) {
     return {
       atCapacity: false,
@@ -3264,7 +3322,8 @@ function notifyCoordinatorTaskCompletion(coordinatorSession, agentName, taskTitl
       if (pending instanceof Promise) {
         pending.then((count) => {
           if (count > 0) {
-            logIntercom(`COMPLETION \u2192 ${coordinatorSession} (${agentName} completed "${taskTitle.slice(0, 50)}", ${count} reviews pending \u2014 hook will surface)`);
+            logIntercom(`COMPLETION \u2192 ${coordinatorSession} (${agentName} completed "${taskTitle.slice(0, 50)}", ${count} reviews pending \u2014 sending intercom)`);
+            sendIntercom(coordinatorSession, { force: true, reason: "completion" });
           }
         }).catch(() => {
         });
@@ -3272,7 +3331,8 @@ function notifyCoordinatorTaskCompletion(coordinatorSession, agentName, taskTitl
       }
     } catch {
     }
-    logIntercom(`COMPLETION \u2192 ${coordinatorSession} (${agentName} completed "${taskTitle.slice(0, 50)}") \u2014 review count unavailable, skipping intercom (hook will catch it)`);
+    logIntercom(`COMPLETION \u2192 ${coordinatorSession} (${agentName} completed "${taskTitle.slice(0, 50)}") \u2014 review count unavailable, sending intercom as fallback`);
+    sendIntercom(coordinatorSession, { force: true, reason: "completion" });
     return true;
   } catch (e) {
     process.stderr.write("[tmux-routing] notifyCoordinatorTaskCompletion for " + coordinatorSession + ": " + (e instanceof Error ? e.message : String(e)) + "\n");

package/dist/{chunk-FQVITYVF.js → chunk-6D2IZ5MB.js}

@@ -1,9 +1,9 @@
 import {
   sendMessage
-} from "./chunk-MXCBORCC.js";
+} from "./chunk-MKTEGZ37.js";
 import {
   getActiveAgent
-} from "./chunk-VGWQBI76.js";
+} from "./chunk-GBR4MAAK.js";
 
 // src/mcp/tools/send-message.ts
 import { z } from "zod";

package/dist/{chunk-ZG3HADWE.js → chunk-7UJRF4WF.js}

@@ -1,6 +1,6 @@
 import {
   listBehaviors
-} from "./chunk-2NEQQCRC.js";
+} from "./chunk-25JAXHON.js";
 import {
   loadConfigSync
 } from "./chunk-VXIMSRTO.js";

package/dist/{chunk-JFVITKXI.js → chunk-A2UPDE3J.js}

@@ -204,7 +204,7 @@ async function main(args) {
   console.log("[health-gate] Starting rollback...");
   restorePreDeployBackup();
   try {
-    const { rollbackStackUpdate, defaultStackPaths } = await import("./stack-update-F4CQWMGV.js");
+    const { rollbackStackUpdate, defaultStackPaths } = await import("./stack-update-5SM62R3O.js");
     const paths = defaultStackPaths();
     await rollbackStackUpdate({
       manifestRef: paths.manifestRef,

package/dist/{chunk-KOCQAMAM.js → chunk-ANYOAZCZ.js}

@@ -142,13 +142,14 @@ function createStackUpdatePlan(manifest, envRaw, targetVersion) {
 }
 var ASKEXE_GHCR_IMAGE = /^(?:ghcr\.io\/askexe|update\.askexe\.com\/askexe)\/[a-z0-9._/-]+(?:(?::[^:@$/{]+)(?:@sha256:[a-f0-9]{64})?|@sha256:[a-f0-9]{64})$/i;
 var OFFICIAL_COMPOSE_IMAGE = /^(?:postgres|pgvector\/pgvector|clickhouse\/clickhouse-server|redis|nginx|postgrest\/postgrest|supabase\/gotrue|cloudflare\/cloudflared):[^:@$/{]+(?:@sha256:[a-f0-9]{64})?$/i;
-function validatePinnedGhcrImage(image, label) {
+function validatePinnedGhcrImage(image, label, requireDigest = false) {
   const trimmed = image.trim().replace(/^['"]|['"]$/g, "");
   if (!trimmed) return `${label} is empty`;
   if (trimmed.includes("${")) return null;
   if (!trimmed.startsWith("ghcr.io/askexe/") && !trimmed.startsWith("update.askexe.com/askexe/")) return `${label} must use ghcr.io/askexe/* or update.askexe.com/askexe/*, got ${trimmed}`;
   if (/:latest(?:$|[\s#])/.test(trimmed)) return `${label} must not use :latest (${trimmed})`;
   if (!ASKEXE_GHCR_IMAGE.test(trimmed)) return `${label} must be pinned with an explicit tag or sha256 digest from ghcr.io/askexe or update.askexe.com/askexe, got ${trimmed}`;
+  if (requireDigest && !/@sha256:[a-f0-9]{64}/.test(trimmed)) return `${label} must include @sha256: digest for supply-chain integrity, got ${trimmed}`;
   return null;
 }
 function validateComposeImageLiteral(image, label) {
@@ -427,7 +428,7 @@ function bootstrapStackHost(options) {
   );
   const brandingDest = path.join(path.dirname(options.envFile), "branding.json");
   copyTemplateIfMissing("deploy/compose/gateway.json", path.join(path.dirname(options.envFile), "gateway.json"), createdFiles);
-  if (!existsSync(brandingDest)) writeFileSync(brandingDest, JSON.stringify({ brandName: "Hygo", productName: "Hygo OS" }, null, 2) + "\n", { mode: 384 });
+  if (!existsSync(brandingDest)) writeFileSync(brandingDest, JSON.stringify({ brandName: "Exe", productName: "Exe OS" }, null, 2) + "\n", { mode: 384 });
   copyTemplateIfMissing(
     "deploy/compose/cloudflared/config.yml.example",
     path.join(path.dirname(options.composeFile), "cloudflared", "config.yml.example"),
@@ -474,6 +475,199 @@ function assertHostReadyForApply(report) {
   if (blockers.length > 0) throw new Error(`Stack host is not ready:
 - ${blockers.join("\n- ")}`);
 }
+function hardenHost(exec) {
+  const run = exec ?? defaultExec;
+  const result = {
+    skipped: false,
+    ufw: { changed: false, actions: [] },
+    ssh: { changed: false, actions: [] }
+  };
+  if (process.platform !== "linux") {
+    result.skipped = true;
+    result.reason = "Host hardening only runs on Linux (skipped on " + process.platform + ")";
+    console.log(`[stack-update] ${result.reason}`);
+    return result;
+  }
+  hardenUfw(run, result);
+  hardenSsh(run, result);
+  return result;
+}
+function hardenUfw(exec, result) {
+  const whichUfw = spawnSync("which", ["ufw"], { stdio: ["pipe", "pipe", "pipe"], timeout: 5e3 });
+  const ufwInstalled = whichUfw.status === 0;
+  if (!ufwInstalled) {
+    if (!existsSync("/etc/os-release")) {
+      result.ufw.actions.push("ufw_not_installed_unknown_distro");
+      console.warn("[stack-update] UFW not installed and OS not detected \u2014 skipping firewall hardening");
+      return;
+    }
+    const osRelease = readFileSync("/etc/os-release", "utf8");
+    if (!/ID=(ubuntu|debian)|ID_LIKE=.*debian/.test(osRelease)) {
+      result.ufw.actions.push("ufw_not_installed_unsupported_distro");
+      console.warn("[stack-update] UFW not installed on non-Debian OS \u2014 skipping firewall hardening");
+      return;
+    }
+    console.log("[stack-update] Installing UFW...");
+    try {
+      exec("apt-get", ["install", "-y", "ufw"]);
+      result.ufw.actions.push("installed_ufw");
+    } catch (err) {
+      const reason = err instanceof Error ? err.message : String(err);
+      console.warn(`[stack-update] Failed to install UFW: ${reason}`);
+      result.ufw.actions.push("install_failed");
+      return;
+    }
+  }
+  const statusResult = spawnSync("ufw", ["status", "verbose"], {
+    encoding: "utf8",
+    stdio: ["pipe", "pipe", "pipe"],
+    timeout: 1e4
+  });
+  const statusOutput = statusResult.stdout ?? "";
+  const isActive = /Status:\s*active/i.test(statusOutput);
+  const has22 = /22\/tcp\s+ALLOW/i.test(statusOutput);
+  const has80 = /80\/tcp\s+ALLOW/i.test(statusOutput);
+  const has443 = /443\/tcp\s+ALLOW/i.test(statusOutput);
+  const defaultDeny = /Default:\s*deny\s*\(incoming\)/i.test(statusOutput);
+  if (isActive && has22 && has80 && has443 && defaultDeny) {
+    result.ufw.actions.push("already_hardened");
+    console.log("[stack-update] UFW already active with correct rules \u2014 skipping");
+    return;
+  }
+  console.log("[stack-update] Configuring UFW firewall...");
+  try {
+    if (!defaultDeny) {
+      exec("ufw", ["default", "deny", "incoming"]);
+      result.ufw.actions.push("set_default_deny_incoming");
+    }
+    exec("ufw", ["default", "allow", "outgoing"]);
+    result.ufw.actions.push("set_default_allow_outgoing");
+    if (!has22) {
+      exec("ufw", ["allow", "22/tcp"]);
+      result.ufw.actions.push("allow_22_tcp");
+    }
+    if (!has80) {
+      exec("ufw", ["allow", "80/tcp"]);
+      result.ufw.actions.push("allow_80_tcp");
+    }
+    if (!has443) {
+      exec("ufw", ["allow", "443/tcp"]);
+      result.ufw.actions.push("allow_443_tcp");
+    }
+    if (!isActive) {
+      exec("ufw", ["--force", "enable"]);
+      result.ufw.actions.push("enabled_ufw");
+    }
+    result.ufw.changed = true;
+    console.log("[stack-update] \u2713 UFW firewall configured: deny incoming, allow 22/80/443");
+  } catch (err) {
+    const reason = err instanceof Error ? err.message : String(err);
+    console.warn(`[stack-update] UFW configuration failed (non-fatal): ${reason}`);
+    result.ufw.actions.push("configuration_failed");
+  }
+}
+function hardenSsh(exec, result) {
+  const sshdConfig = "/etc/ssh/sshd_config";
+  if (!existsSync(sshdConfig)) {
+    result.ssh.actions.push("sshd_config_not_found");
+    console.warn("[stack-update] /etc/ssh/sshd_config not found \u2014 skipping SSH hardening");
+    return;
+  }
+  let configRaw;
+  try {
+    configRaw = readFileSync(sshdConfig, "utf8");
+  } catch (err) {
+    const reason = err instanceof Error ? err.message : String(err);
+    result.ssh.actions.push("sshd_config_unreadable");
+    console.warn(`[stack-update] Cannot read sshd_config: ${reason}`);
+    return;
+  }
+  let modified = configRaw;
+  let needsReload = false;
+  const passwordAuthMatch = modified.match(/^\s*PasswordAuthentication\s+(yes|no)\s*$/m);
+  const passwordAuthCurrently = passwordAuthMatch?.[1]?.toLowerCase();
+  if (passwordAuthCurrently === "yes") {
+    modified = modified.replace(
+      /^\s*PasswordAuthentication\s+yes\s*$/m,
+      "PasswordAuthentication no"
+    );
+    result.ssh.actions.push("set_password_auth_no");
+    needsReload = true;
+  } else if (!passwordAuthMatch) {
+    if (/^#\s*PasswordAuthentication\s/m.test(modified)) {
+      modified = modified.replace(
+        /^#\s*PasswordAuthentication\s.*$/m,
+        "PasswordAuthentication no"
+      );
+    } else {
+      modified += "\nPasswordAuthentication no\n";
+    }
+    result.ssh.actions.push("set_password_auth_no");
+    needsReload = true;
+  } else {
+    result.ssh.actions.push("password_auth_already_no");
+  }
+  const rootLoginMatch = modified.match(/^\s*PermitRootLogin\s+(\S+)\s*$/m);
+  const rootLoginCurrently = rootLoginMatch?.[1]?.toLowerCase();
+  if (rootLoginCurrently === "yes") {
+    modified = modified.replace(
+      /^\s*PermitRootLogin\s+yes\s*$/m,
+      "PermitRootLogin prohibit-password"
+    );
+    result.ssh.actions.push("set_root_login_prohibit_password");
+    needsReload = true;
+  } else if (!rootLoginMatch) {
+    if (/^#\s*PermitRootLogin\s/m.test(modified)) {
+      modified = modified.replace(
+        /^#\s*PermitRootLogin\s.*$/m,
+        "PermitRootLogin prohibit-password"
+      );
+    } else {
+      modified += "\nPermitRootLogin prohibit-password\n";
+    }
+    result.ssh.actions.push("set_root_login_prohibit_password");
+    needsReload = true;
+  } else if (rootLoginCurrently === "prohibit-password" || rootLoginCurrently === "without-password" || rootLoginCurrently === "no") {
+    result.ssh.actions.push("root_login_already_restricted");
+  } else {
+    modified = modified.replace(
+      /^\s*PermitRootLogin\s+\S+\s*$/m,
+      "PermitRootLogin prohibit-password"
+    );
+    result.ssh.actions.push("set_root_login_prohibit_password");
+    needsReload = true;
+  }
+  if (!needsReload) {
+    console.log("[stack-update] SSH already hardened \u2014 skipping");
+    return;
+  }
+  try {
+    writeFileSync(sshdConfig, modified, { mode: 384 });
+    result.ssh.changed = true;
+  } catch (err) {
+    const reason = err instanceof Error ? err.message : String(err);
+    console.warn(`[stack-update] Failed to write sshd_config: ${reason}`);
+    result.ssh.actions.push("write_failed");
+    return;
+  }
+  try {
+    exec("systemctl", ["reload", "ssh"]);
+    result.ssh.actions.push("reloaded_ssh");
+  } catch {
+    try {
+      exec("systemctl", ["reload", "sshd"]);
+      result.ssh.actions.push("reloaded_sshd");
+    } catch (err) {
+      const reason = err instanceof Error ? err.message : String(err);
+      console.warn(`[stack-update] SSH reload failed (changes will apply on next restart): ${reason}`);
+      result.ssh.actions.push("reload_failed");
+    }
+  }
+  const sshSummary = result.ssh.actions.filter((a) => a.startsWith("set_")).map((a) => a.replace("set_", "").replaceAll("_", " ")).join(", ");
+  if (sshSummary) {
+    console.log(`[stack-update] \u2713 SSH hardened: ${sshSummary}`);
+  }
+}
 function areStackContainersRunning(composeFile, envFile) {
   try {
     const result = spawnSync("docker", ["compose", "--file", composeFile, "--env-file", envFile, "ps", "-q"], {
@@ -493,8 +687,15 @@ var CRITICAL_BIND_MOUNTS = [
 var CRITICAL_VOLUMES = [
   "postgres_data",
   "gateway_data",
+  "gateway_whatsapp_auth",
   "wiki_data",
-  "exe_os_data"
+  "exe_os_data",
+  "crm_data",
+  "monitor_hub_data",
+  "monitor_agent_data",
+  "redis_data",
+  "clickhouse_data",
+  "erp_sites"
 ];
 function assertBindMountsExist(stackDir) {
   const missing = [];
@@ -862,10 +1063,41 @@ async function runStackUpdate(options) {
         throw new Error("verifyStack hook not provided");
       }
       const verifyReport = await options.verifyStack({ composeFile: options.composeFile, envFile: options.envFile });
+      const securityFailures = [];
       for (const r of verifyReport.results) {
-        if (r.status === "fail") console.warn(`[verify-stack] FAIL: ${r.check}: ${r.message}`);
+        if (r.status === "fail") {
+          console.warn(`[verify-stack] FAIL: ${r.check}: ${r.message}`);
+          if (/security|auth|signup|password|ssl|tls|bind|exposed/i.test(r.check)) {
+            securityFailures.push(`${r.check}: ${r.message}`);
+          }
+        }
       }
-    } catch {
+      if (securityFailures.length > 0) {
+        throw new Error(`Security verification failed:
+  - ${securityFailures.join("\n  - ")}
+Fix these before the stack is safe to operate.`);
+      }
+    } catch (verifyErr) {
+      if (verifyErr instanceof Error && verifyErr.message.startsWith("Security verification failed")) {
+        throw verifyErr;
+      }
+      console.warn("[stack-update] Post-deploy verification skipped (module not available)");
+    }
+    if (!options.skipHardening) {
+      try {
+        const hardenResult = hardenHost(exec);
+        if (!hardenResult.skipped) {
+          const actions = [...hardenResult.ufw.actions, ...hardenResult.ssh.actions].filter(Boolean);
+          if (actions.length > 0) {
+            console.log(`[stack-update] Host hardening: ${actions.join(", ")}`);
+          }
+        }
+      } catch (hardenErr) {
+        const reason = hardenErr instanceof Error ? hardenErr.message : String(hardenErr);
+        console.warn(`[stack-update] Host hardening failed (non-fatal): ${reason}`);
+      }
+    } else {
+      console.log("[stack-update] Host hardening skipped (--skip-hardening)");
     }
     writeFileSync(lockFile, JSON.stringify({ stackVersion: plan.targetVersion, previousVersion, updatedAt: now().toISOString(), backupEnvFile, services: plan.release.services }, null, 2) + "\n");
     await postDeployAudit(options, "success", plan.targetVersion, previousVersion, void 0, { changes: plan.changes.length });
@@ -1078,6 +1310,7 @@ export {
   pairMonitorAgent,
   bootstrapStackHost,
   assertHostReadyForApply,
+  hardenHost,
   runStackUpdate,
   readCurrentStackVersion,
   listAvailableVersions,