@askexenow/exe-os 0.9.7 → 0.9.9

package/dist/hooks/summary-worker.js

@@ -89,6 +89,44 @@ var init_db_retry = __esm({
   }
 });
 
+// src/lib/secure-files.ts
+import { chmodSync, existsSync, mkdirSync } from "fs";
+import { chmod, mkdir } from "fs/promises";
+async function ensurePrivateDir(dirPath) {
+  await mkdir(dirPath, { recursive: true, mode: PRIVATE_DIR_MODE });
+  try {
+    await chmod(dirPath, PRIVATE_DIR_MODE);
+  } catch {
+  }
+}
+function ensurePrivateDirSync(dirPath) {
+  mkdirSync(dirPath, { recursive: true, mode: PRIVATE_DIR_MODE });
+  try {
+    chmodSync(dirPath, PRIVATE_DIR_MODE);
+  } catch {
+  }
+}
+async function enforcePrivateFile(filePath) {
+  try {
+    await chmod(filePath, PRIVATE_FILE_MODE);
+  } catch {
+  }
+}
+function enforcePrivateFileSync(filePath) {
+  try {
+    if (existsSync(filePath)) chmodSync(filePath, PRIVATE_FILE_MODE);
+  } catch {
+  }
+}
+var PRIVATE_DIR_MODE, PRIVATE_FILE_MODE;
+var init_secure_files = __esm({
+  "src/lib/secure-files.ts"() {
+    "use strict";
+    PRIVATE_DIR_MODE = 448;
+    PRIVATE_FILE_MODE = 384;
+  }
+});
+
 // src/lib/config.ts
 var config_exports = {};
 __export(config_exports, {
@@ -105,8 +143,8 @@ __export(config_exports, {
   migrateConfig: () => migrateConfig,
   saveConfig: () => saveConfig
 });
-import { readFile, writeFile, mkdir, chmod } from "fs/promises";
-import { readFileSync, existsSync, renameSync } from "fs";
+import { readFile, writeFile } from "fs/promises";
+import { readFileSync, existsSync as existsSync2, renameSync } from "fs";
 import path from "path";
 import os from "os";
 function resolveDataDir() {
@@ -114,7 +152,7 @@ function resolveDataDir() {
   if (process.env.EXE_MEM_DIR) return process.env.EXE_MEM_DIR;
   const newDir = path.join(os.homedir(), ".exe-os");
   const legacyDir = path.join(os.homedir(), ".exe-mem");
-  if (!existsSync(newDir) && existsSync(legacyDir)) {
+  if (!existsSync2(newDir) && existsSync2(legacyDir)) {
     try {
       renameSync(legacyDir, newDir);
       process.stderr.write(`[exe-os] Migrated data directory: ~/.exe-mem \u2192 ~/.exe-os
@@ -177,9 +215,9 @@ function normalizeAutoUpdate(raw) {
 }
 async function loadConfig() {
   const dir = process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? EXE_AI_DIR;
-  await mkdir(dir, { recursive: true });
+  await ensurePrivateDir(dir);
   const configPath = path.join(dir, "config.json");
-  if (!existsSync(configPath)) {
+  if (!existsSync2(configPath)) {
     return { ...DEFAULT_CONFIG, dbPath: path.join(dir, "memories.db") };
   }
   const raw = await readFile(configPath, "utf-8");
@@ -192,6 +230,7 @@ async function loadConfig() {
 `);
       try {
         await writeFile(configPath, JSON.stringify(migratedCfg, null, 2) + "\n");
+        await enforcePrivateFile(configPath);
       } catch {
       }
     }
@@ -210,7 +249,7 @@ async function loadConfig() {
 function loadConfigSync() {
   const dir = process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? EXE_AI_DIR;
   const configPath = path.join(dir, "config.json");
-  if (!existsSync(configPath)) {
+  if (!existsSync2(configPath)) {
     return { ...DEFAULT_CONFIG, dbPath: path.join(dir, "memories.db") };
   }
   try {
@@ -228,12 +267,10 @@ function loadConfigSync() {
 }
 async function saveConfig(config) {
   const dir = process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? EXE_AI_DIR;
-  await mkdir(dir, { recursive: true });
+  await ensurePrivateDir(dir);
   const configPath = path.join(dir, "config.json");
   await writeFile(configPath, JSON.stringify(config, null, 2) + "\n");
-  if (config.cloud?.apiKey) {
-    await chmod(configPath, 384);
-  }
+  await enforcePrivateFile(configPath);
 }
 async function loadConfigFrom(configPath) {
   const raw = await readFile(configPath, "utf-8");
@@ -253,6 +290,7 @@ var EXE_AI_DIR, DB_PATH, MODELS_DIR, CONFIG_PATH, LEGACY_LANCE_PATH, CURRENT_CON
 var init_config = __esm({
   "src/lib/config.ts"() {
     "use strict";
+    init_secure_files();
     EXE_AI_DIR = resolveDataDir();
     DB_PATH = path.join(EXE_AI_DIR, "memories.db");
     MODELS_DIR = path.join(EXE_AI_DIR, "models");
@@ -331,7 +369,7 @@ var init_config = __esm({
 
 // src/lib/employees.ts
 import { readFile as readFile2, writeFile as writeFile2, mkdir as mkdir2 } from "fs/promises";
-import { existsSync as existsSync2, symlinkSync, readlinkSync, readFileSync as readFileSync2, renameSync as renameSync2, unlinkSync, writeFileSync } from "fs";
+import { existsSync as existsSync3, symlinkSync, readlinkSync, readFileSync as readFileSync2, renameSync as renameSync2, unlinkSync, writeFileSync } from "fs";
 import { execSync } from "child_process";
 import path2 from "path";
 import os2 from "os";
@@ -355,7 +393,7 @@ function canCoordinate(agentName, agentRole, employees = loadEmployeesSync()) {
   return agentName === "default" || isCoordinatorRole(agentRole) || isCoordinatorName(agentName, employees);
 }
 async function loadEmployees(employeesPath = EMPLOYEES_PATH) {
-  if (!existsSync2(employeesPath)) {
+  if (!existsSync3(employeesPath)) {
     return [];
   }
   const raw = await readFile2(employeesPath, "utf-8");
@@ -370,7 +408,7 @@ async function saveEmployees(employees, employeesPath = EMPLOYEES_PATH) {
   await writeFile2(employeesPath, JSON.stringify(employees, null, 2) + "\n", "utf-8");
 }
 function loadEmployeesSync(employeesPath = EMPLOYEES_PATH) {
-  if (!existsSync2(employeesPath)) return [];
+  if (!existsSync3(employeesPath)) return [];
   try {
     return JSON.parse(readFileSync2(employeesPath, "utf-8"));
   } catch {
@@ -404,7 +442,7 @@ function registerBinSymlinks(name) {
   for (const suffix of ["", "-opencode"]) {
     const linkName = `${name}${suffix}`;
     const linkPath = path2.join(binDir, linkName);
-    if (existsSync2(linkPath)) {
+    if (existsSync3(linkPath)) {
       skipped.push(linkName);
       continue;
     }
@@ -417,7 +455,7 @@ function registerBinSymlinks(name) {
   }
   return { created, skipped, errors };
 }
-var EMPLOYEES_PATH, DEFAULT_COORDINATOR_TEMPLATE_NAME, COORDINATOR_ROLE;
+var EMPLOYEES_PATH, DEFAULT_COORDINATOR_TEMPLATE_NAME, COORDINATOR_ROLE, IDENTITY_DIR;
 var init_employees = __esm({
   "src/lib/employees.ts"() {
     "use strict";
@@ -425,16 +463,638 @@ var init_employees = __esm({
     EMPLOYEES_PATH = path2.join(EXE_AI_DIR, "exe-employees.json");
     DEFAULT_COORDINATOR_TEMPLATE_NAME = "exe";
     COORDINATOR_ROLE = "COO";
+    IDENTITY_DIR = path2.join(EXE_AI_DIR, "identity");
+  }
+});
+
+// src/lib/database-adapter.ts
+import os3 from "os";
+import path3 from "path";
+import { createRequire } from "module";
+import { pathToFileURL } from "url";
+function quotedIdentifier(identifier) {
+  return `"${identifier.replace(/"/g, '""')}"`;
+}
+function unqualifiedTableName(name) {
+  const raw = name.trim().replace(/^"|"$/g, "");
+  const parts = raw.split(".");
+  return parts[parts.length - 1].replace(/^"|"$/g, "").toLowerCase();
+}
+function stripTrailingSemicolon(sql) {
+  return sql.trim().replace(/;+\s*$/u, "");
+}
+function appendClause(sql, clause) {
+  const trimmed = stripTrailingSemicolon(sql);
+  const returningMatch = /\sRETURNING\b[\s\S]*$/iu.exec(trimmed);
+  if (!returningMatch) {
+    return `${trimmed}${clause}`;
+  }
+  const idx = returningMatch.index;
+  return `${trimmed.slice(0, idx)}${clause}${trimmed.slice(idx)}`;
+}
+function normalizeStatement(stmt) {
+  if (typeof stmt === "string") {
+    return { kind: "positional", sql: stmt, args: [] };
+  }
+  const sql = stmt.sql;
+  if (Array.isArray(stmt.args) || stmt.args === void 0) {
+    return { kind: "positional", sql, args: stmt.args ?? [] };
+  }
+  return { kind: "named", sql, args: stmt.args };
+}
+function rewriteBooleanLiterals(sql) {
+  let out = sql;
+  for (const column of BOOLEAN_COLUMN_NAMES) {
+    const scoped = `((?:\\b[a-z_][a-z0-9_]*\\.)?${column})`;
+    out = out.replace(new RegExp(`${scoped}\\s*=\\s*0\\b`, "giu"), "$1 = FALSE");
+    out = out.replace(new RegExp(`${scoped}\\s*=\\s*1\\b`, "giu"), "$1 = TRUE");
+    out = out.replace(new RegExp(`${scoped}\\s*!=\\s*0\\b`, "giu"), "$1 != FALSE");
+    out = out.replace(new RegExp(`${scoped}\\s*!=\\s*1\\b`, "giu"), "$1 != TRUE");
+    out = out.replace(new RegExp(`${scoped}\\s*<>\\s*0\\b`, "giu"), "$1 <> FALSE");
+    out = out.replace(new RegExp(`${scoped}\\s*<>\\s*1\\b`, "giu"), "$1 <> TRUE");
+  }
+  return out;
+}
+function rewriteInsertOrIgnore(sql) {
+  if (!/^\s*INSERT\s+OR\s+IGNORE\s+INTO\b/iu.test(sql)) {
+    return sql;
+  }
+  const replaced = sql.replace(/^\s*INSERT\s+OR\s+IGNORE\s+INTO\b/iu, "INSERT INTO");
+  return /\bON\s+CONFLICT\b/iu.test(replaced) ? replaced : appendClause(replaced, " ON CONFLICT DO NOTHING");
+}
+function rewriteInsertOrReplace(sql) {
+  const match = /^\s*INSERT\s+OR\s+REPLACE\s+INTO\s+([A-Za-z0-9_."]+)\s*\(([^)]+)\)([\s\S]*)$/iu.exec(sql);
+  if (!match) {
+    return sql;
+  }
+  const rawTable = match[1];
+  const rawColumns = match[2];
+  const remainder = match[3];
+  const tableName = unqualifiedTableName(rawTable);
+  const conflictKeys = UPSERT_KEYS[tableName];
+  if (!conflictKeys?.length) {
+    return sql;
+  }
+  const columns = rawColumns.split(",").map((col) => col.trim().replace(/^"|"$/g, ""));
+  const updateColumns = columns.filter((col) => !conflictKeys.includes(col));
+  const conflictTarget = conflictKeys.map(quotedIdentifier).join(", ");
+  const updateClause = updateColumns.length === 0 ? " DO NOTHING" : ` DO UPDATE SET ${updateColumns.map((col) => `${quotedIdentifier(col)} = EXCLUDED.${quotedIdentifier(col)}`).join(", ")}`;
+  return `INSERT INTO ${rawTable} (${rawColumns})${appendClause(remainder, ` ON CONFLICT (${conflictTarget})${updateClause}`)}`;
+}
+function rewriteSql(sql) {
+  let out = sql;
+  out = out.replace(/\bdatetime\(\s*['"]now['"]\s*\)/giu, "CURRENT_TIMESTAMP");
+  out = out.replace(/\bvector32\s*\(\s*\?\s*\)/giu, "?");
+  out = rewriteBooleanLiterals(out);
+  out = rewriteInsertOrReplace(out);
+  out = rewriteInsertOrIgnore(out);
+  return stripTrailingSemicolon(out);
+}
+function toBoolean(value) {
+  if (value === null || value === void 0) return value;
+  if (typeof value === "boolean") return value;
+  if (typeof value === "number") return value !== 0;
+  if (typeof value === "bigint") return value !== 0n;
+  if (typeof value === "string") {
+    const normalized = value.trim().toLowerCase();
+    if (normalized === "0" || normalized === "false") return false;
+    if (normalized === "1" || normalized === "true") return true;
+  }
+  return Boolean(value);
+}
+function countQuestionMarks(sql, end) {
+  let count = 0;
+  let inSingle = false;
+  let inDouble = false;
+  let inLineComment = false;
+  let inBlockComment = false;
+  for (let i = 0; i < end; i++) {
+    const ch = sql[i];
+    const next = sql[i + 1];
+    if (inLineComment) {
+      if (ch === "\n") inLineComment = false;
+      continue;
+    }
+    if (inBlockComment) {
+      if (ch === "*" && next === "/") {
+        inBlockComment = false;
+        i += 1;
+      }
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "-" && next === "-") {
+      inLineComment = true;
+      i += 1;
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "/" && next === "*") {
+      inBlockComment = true;
+      i += 1;
+      continue;
+    }
+    if (!inDouble && ch === "'" && sql[i - 1] !== "\\") {
+      inSingle = !inSingle;
+      continue;
+    }
+    if (!inSingle && ch === '"' && sql[i - 1] !== "\\") {
+      inDouble = !inDouble;
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "?") {
+      count += 1;
+    }
+  }
+  return count;
+}
+function findBooleanPlaceholderIndexes(sql) {
+  const indexes = /* @__PURE__ */ new Set();
+  for (const column of BOOLEAN_COLUMN_NAMES) {
+    const pattern = new RegExp(`(?:\\b[a-z_][a-z0-9_]*\\.)?${column}\\s*=\\s*\\?`, "giu");
+    for (const match of sql.matchAll(pattern)) {
+      const matchText = match[0];
+      const qIndex = match.index + matchText.lastIndexOf("?");
+      indexes.add(countQuestionMarks(sql, qIndex + 1));
+    }
+  }
+  return indexes;
+}
+function coerceInsertBooleanArgs(sql, args) {
+  const match = /^\s*INSERT(?:\s+OR\s+(?:IGNORE|REPLACE))?\s+INTO\s+([A-Za-z0-9_."]+)\s*\(([^)]+)\)/iu.exec(sql);
+  if (!match) return;
+  const rawTable = match[1];
+  const rawColumns = match[2];
+  const boolColumns = BOOLEAN_COLUMNS_BY_TABLE[unqualifiedTableName(rawTable)];
+  if (!boolColumns?.size) return;
+  const columns = rawColumns.split(",").map((col) => col.trim().replace(/^"|"$/g, ""));
+  for (const [index, column] of columns.entries()) {
+    if (boolColumns.has(column) && index < args.length) {
+      args[index] = toBoolean(args[index]);
+    }
+  }
+}
+function coerceUpdateBooleanArgs(sql, args) {
+  const match = /^\s*UPDATE\s+([A-Za-z0-9_."]+)\s+SET\s+([\s\S]+?)(?:\s+WHERE\b|$)/iu.exec(sql);
+  if (!match) return;
+  const rawTable = match[1];
+  const setClause = match[2];
+  const boolColumns = BOOLEAN_COLUMNS_BY_TABLE[unqualifiedTableName(rawTable)];
+  if (!boolColumns?.size) return;
+  const assignments = setClause.split(",");
+  let placeholderIndex = 0;
+  for (const assignment of assignments) {
+    if (!assignment.includes("?")) continue;
+    placeholderIndex += 1;
+    const colMatch = /^\s*(?:[A-Za-z_][A-Za-z0-9_]*\.)?([A-Za-z_][A-Za-z0-9_]*)\s*=\s*\?/iu.exec(assignment);
+    if (colMatch && boolColumns.has(colMatch[1])) {
+      args[placeholderIndex - 1] = toBoolean(args[placeholderIndex - 1]);
+    }
+  }
+}
+function coerceBooleanArgs(sql, args) {
+  const nextArgs = [...args];
+  coerceInsertBooleanArgs(sql, nextArgs);
+  coerceUpdateBooleanArgs(sql, nextArgs);
+  const placeholderIndexes = findBooleanPlaceholderIndexes(sql);
+  for (const index of placeholderIndexes) {
+    if (index > 0 && index <= nextArgs.length) {
+      nextArgs[index - 1] = toBoolean(nextArgs[index - 1]);
+    }
+  }
+  return nextArgs;
+}
+function convertQuestionMarksToDollarParams(sql) {
+  let out = "";
+  let placeholder = 0;
+  let inSingle = false;
+  let inDouble = false;
+  let inLineComment = false;
+  let inBlockComment = false;
+  for (let i = 0; i < sql.length; i++) {
+    const ch = sql[i];
+    const next = sql[i + 1];
+    if (inLineComment) {
+      out += ch;
+      if (ch === "\n") inLineComment = false;
+      continue;
+    }
+    if (inBlockComment) {
+      out += ch;
+      if (ch === "*" && next === "/") {
+        out += next;
+        inBlockComment = false;
+        i += 1;
+      }
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "-" && next === "-") {
+      out += ch + next;
+      inLineComment = true;
+      i += 1;
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "/" && next === "*") {
+      out += ch + next;
+      inBlockComment = true;
+      i += 1;
+      continue;
+    }
+    if (!inDouble && ch === "'" && sql[i - 1] !== "\\") {
+      inSingle = !inSingle;
+      out += ch;
+      continue;
+    }
+    if (!inSingle && ch === '"' && sql[i - 1] !== "\\") {
+      inDouble = !inDouble;
+      out += ch;
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "?") {
+      placeholder += 1;
+      out += `$${placeholder}`;
+      continue;
+    }
+    out += ch;
+  }
+  return out;
+}
+function translateStatementForPostgres(stmt) {
+  const normalized = normalizeStatement(stmt);
+  if (normalized.kind === "named") {
+    throw new Error("Named SQL parameters are not supported by the Prisma adapter.");
+  }
+  const rewrittenSql = rewriteSql(normalized.sql);
+  const coercedArgs = coerceBooleanArgs(rewrittenSql, normalized.args);
+  return {
+    sql: convertQuestionMarksToDollarParams(rewrittenSql),
+    args: coercedArgs
+  };
+}
+function shouldBypassPostgres(stmt) {
+  const normalized = normalizeStatement(stmt);
+  if (normalized.kind === "named") {
+    return true;
+  }
+  return IMMEDIATE_FALLBACK_PATTERNS.some((pattern) => pattern.test(normalized.sql));
+}
+function shouldFallbackOnError(error) {
+  const message = error instanceof Error ? error.message : String(error);
+  return /42P01|42883|42601|does not exist|syntax error|not supported|Named SQL parameters are not supported/iu.test(message);
+}
+function isReadQuery(sql) {
+  const trimmed = sql.trimStart();
+  return /^(SELECT|WITH|SHOW|EXPLAIN|VALUES)\b/iu.test(trimmed) || /\bRETURNING\b/iu.test(trimmed);
+}
+function buildRow(row, columns) {
+  const values = columns.map((column) => row[column]);
+  return Object.assign(values, row);
+}
+function buildResultSet(rows, rowsAffected = 0) {
+  const columns = rows[0] ? Object.keys(rows[0]) : [];
+  const resultRows = rows.map((row) => buildRow(row, columns));
+  return {
+    columns,
+    columnTypes: columns.map(() => ""),
+    rows: resultRows,
+    rowsAffected,
+    lastInsertRowid: void 0,
+    toJSON() {
+      return {
+        columns,
+        columnTypes: columns.map(() => ""),
+        rows,
+        rowsAffected,
+        lastInsertRowid: void 0
+      };
+    }
+  };
+}
+async function loadPrismaClient() {
+  if (!prismaClientPromise) {
+    prismaClientPromise = (async () => {
+      const explicitPath = process.env.EXE_OS_PRISMA_CLIENT_PATH;
+      if (explicitPath) {
+        const module2 = await import(pathToFileURL(explicitPath).href);
+        const PrismaClient2 = module2.PrismaClient ?? module2.default?.PrismaClient;
+        if (!PrismaClient2) {
+          throw new Error(`No PrismaClient export found at ${explicitPath}`);
+        }
+        return new PrismaClient2();
+      }
+      const exeDbRoot = process.env.EXE_DB_ROOT ?? path3.join(os3.homedir(), "exe-db");
+      const requireFromExeDb = createRequire(path3.join(exeDbRoot, "package.json"));
+      const prismaEntry = requireFromExeDb.resolve("@prisma/client");
+      const module = await import(pathToFileURL(prismaEntry).href);
+      const PrismaClient = module.PrismaClient ?? module.default?.PrismaClient;
+      if (!PrismaClient) {
+        throw new Error(`No PrismaClient export found in ${prismaEntry}`);
+      }
+      return new PrismaClient();
+    })();
+  }
+  return prismaClientPromise;
+}
+async function ensureCompatibilityViews(prisma) {
+  if (!compatibilityBootstrapPromise) {
+    compatibilityBootstrapPromise = (async () => {
+      for (const mapping of VIEW_MAPPINGS) {
+        const relation = mapping.source.replace(/"/g, "");
+        const rows = await prisma.$queryRawUnsafe(
+          "SELECT to_regclass($1) AS regclass",
+          relation
+        );
+        if (!rows[0]?.regclass) {
+          continue;
+        }
+        await prisma.$executeRawUnsafe(
+          `CREATE OR REPLACE VIEW public.${quotedIdentifier(mapping.view)} AS SELECT * FROM ${mapping.source}`
+        );
+      }
+    })();
+  }
+  return compatibilityBootstrapPromise;
+}
+async function executeOnPrisma(executor, stmt) {
+  const translated = translateStatementForPostgres(stmt);
+  if (isReadQuery(translated.sql)) {
+    const rows = await executor.$queryRawUnsafe(
+      translated.sql,
+      ...translated.args
+    );
+    return buildResultSet(rows, /\bRETURNING\b/iu.test(translated.sql) ? rows.length : 0);
+  }
+  const rowsAffected = await executor.$executeRawUnsafe(translated.sql, ...translated.args);
+  return buildResultSet([], rowsAffected);
+}
+function splitSqlStatements(sql) {
+  const parts = [];
+  let current = "";
+  let inSingle = false;
+  let inDouble = false;
+  let inLineComment = false;
+  let inBlockComment = false;
+  for (let i = 0; i < sql.length; i++) {
+    const ch = sql[i];
+    const next = sql[i + 1];
+    if (inLineComment) {
+      current += ch;
+      if (ch === "\n") inLineComment = false;
+      continue;
+    }
+    if (inBlockComment) {
+      current += ch;
+      if (ch === "*" && next === "/") {
+        current += next;
+        inBlockComment = false;
+        i += 1;
+      }
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "-" && next === "-") {
+      current += ch + next;
+      inLineComment = true;
+      i += 1;
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "/" && next === "*") {
+      current += ch + next;
+      inBlockComment = true;
+      i += 1;
+      continue;
+    }
+    if (!inDouble && ch === "'" && sql[i - 1] !== "\\") {
+      inSingle = !inSingle;
+      current += ch;
+      continue;
+    }
+    if (!inSingle && ch === '"' && sql[i - 1] !== "\\") {
+      inDouble = !inDouble;
+      current += ch;
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === ";") {
+      if (current.trim()) {
+        parts.push(current.trim());
+      }
+      current = "";
+      continue;
+    }
+    current += ch;
+  }
+  if (current.trim()) {
+    parts.push(current.trim());
+  }
+  return parts;
+}
+async function createPrismaDbAdapter(fallbackClient) {
+  const prisma = await loadPrismaClient();
+  await ensureCompatibilityViews(prisma);
+  let closed = false;
+  let adapter;
+  const fallbackExecute = async (stmt, error) => {
+    if (!fallbackClient) {
+      if (error) throw error;
+      throw new Error("No fallback SQLite client is available for this Prisma-routed query.");
+    }
+    if (error) {
+      process.stderr.write(
+        `[database-adapter] Falling back to SQLite: ${error instanceof Error ? error.message : String(error)}
+`
+      );
+    }
+    return fallbackClient.execute(stmt);
+  };
+  adapter = {
+    async execute(stmt) {
+      if (shouldBypassPostgres(stmt)) {
+        return fallbackExecute(stmt);
+      }
+      try {
+        return await executeOnPrisma(prisma, stmt);
+      } catch (error) {
+        if (shouldFallbackOnError(error)) {
+          return fallbackExecute(stmt, error);
+        }
+        throw error;
+      }
+    },
+    async batch(stmts, mode) {
+      if (stmts.some((stmt) => shouldBypassPostgres(stmt))) {
+        if (!fallbackClient) {
+          throw new Error("Cannot batch unsupported SQLite-only statements without a fallback client.");
+        }
+        return fallbackClient.batch(stmts, mode);
+      }
+      try {
+        if (prisma.$transaction) {
+          return await prisma.$transaction(async (tx) => {
+            const results2 = [];
+            for (const stmt of stmts) {
+              results2.push(await executeOnPrisma(tx, stmt));
+            }
+            return results2;
+          });
+        }
+        const results = [];
+        for (const stmt of stmts) {
+          results.push(await executeOnPrisma(prisma, stmt));
+        }
+        return results;
+      } catch (error) {
+        if (fallbackClient && shouldFallbackOnError(error)) {
+          process.stderr.write(
+            `[database-adapter] Falling back batch to SQLite: ${error instanceof Error ? error.message : String(error)}
+`
+          );
+          return fallbackClient.batch(stmts, mode);
+        }
+        throw error;
+      }
+    },
+    async migrate(stmts) {
+      if (fallbackClient) {
+        return fallbackClient.migrate(stmts);
+      }
+      return adapter.batch(stmts, "deferred");
+    },
+    async transaction(mode) {
+      if (!fallbackClient) {
+        throw new Error("Interactive transactions are only supported on the SQLite fallback client.");
+      }
+      return fallbackClient.transaction(mode);
+    },
+    async executeMultiple(sql) {
+      if (fallbackClient && shouldBypassPostgres(sql)) {
+        return fallbackClient.executeMultiple(sql);
+      }
+      for (const statement of splitSqlStatements(sql)) {
+        await adapter.execute(statement);
+      }
+    },
+    async sync() {
+      if (fallbackClient) {
+        return fallbackClient.sync();
+      }
+      return { frame_no: 0, frames_synced: 0 };
+    },
+    close() {
+      closed = true;
+      prismaClientPromise = null;
+      compatibilityBootstrapPromise = null;
+      void prisma.$disconnect?.();
+    },
+    get closed() {
+      return closed;
+    },
+    get protocol() {
+      return "prisma-postgres";
+    }
+  };
+  return adapter;
+}
+var VIEW_MAPPINGS, UPSERT_KEYS, BOOLEAN_COLUMNS_BY_TABLE, BOOLEAN_COLUMN_NAMES, IMMEDIATE_FALLBACK_PATTERNS, prismaClientPromise, compatibilityBootstrapPromise;
+var init_database_adapter = __esm({
+  "src/lib/database-adapter.ts"() {
+    "use strict";
+    VIEW_MAPPINGS = [
+      { view: "memories", source: "memory.memory_records" },
+      { view: "tasks", source: "memory.tasks" },
+      { view: "behaviors", source: "memory.behaviors" },
+      { view: "entities", source: "memory.entities" },
+      { view: "relationships", source: "memory.relationships" },
+      { view: "entity_memories", source: "memory.entity_memories" },
+      { view: "entity_aliases", source: "memory.entity_aliases" },
+      { view: "notifications", source: "memory.notifications" },
+      { view: "messages", source: "memory.messages" },
+      { view: "users", source: "wiki.users" },
+      { view: "workspaces", source: "wiki.workspaces" },
+      { view: "workspace_users", source: "wiki.workspace_users" },
+      { view: "documents", source: "wiki.workspace_documents" },
+      { view: "chats", source: "wiki.workspace_chats" }
+    ];
+    UPSERT_KEYS = {
+      memories: ["id"],
+      tasks: ["id"],
+      behaviors: ["id"],
+      entities: ["id"],
+      relationships: ["id"],
+      entity_aliases: ["alias"],
+      notifications: ["id"],
+      messages: ["id"],
+      users: ["id"],
+      workspaces: ["id"],
+      workspace_users: ["id"],
+      documents: ["id"],
+      chats: ["id"]
+    };
+    BOOLEAN_COLUMNS_BY_TABLE = {
+      memories: /* @__PURE__ */ new Set(["has_error", "draft"]),
+      behaviors: /* @__PURE__ */ new Set(["active"]),
+      notifications: /* @__PURE__ */ new Set(["read"]),
+      users: /* @__PURE__ */ new Set(["has_personal_memory"])
+    };
+    BOOLEAN_COLUMN_NAMES = new Set(
+      Object.values(BOOLEAN_COLUMNS_BY_TABLE).flatMap((cols) => [...cols])
+    );
+    IMMEDIATE_FALLBACK_PATTERNS = [
+      /\bPRAGMA\b/i,
+      /\bsqlite_master\b/i,
+      /(?:^|[.\s])(?:memories|conversations|entities)_fts\b/i,
+      /\bMATCH\b/i,
+      /\bvector_distance_cos\s*\(/i,
+      /\bjson_extract\s*\(/i,
+      /\bjulianday\s*\(/i,
+      /\bstrftime\s*\(/i,
+      /\blast_insert_rowid\s*\(/i
+    ];
+    prismaClientPromise = null;
+    compatibilityBootstrapPromise = null;
+  }
+});
+
+// src/lib/daemon-auth.ts
+import crypto from "crypto";
+import path4 from "path";
+import { existsSync as existsSync4, readFileSync as readFileSync3, writeFileSync as writeFileSync2 } from "fs";
+function normalizeToken(token) {
+  if (!token) return null;
+  const trimmed = token.trim();
+  return trimmed.length > 0 ? trimmed : null;
+}
+function readDaemonToken() {
+  try {
+    if (!existsSync4(DAEMON_TOKEN_PATH)) return null;
+    return normalizeToken(readFileSync3(DAEMON_TOKEN_PATH, "utf8"));
+  } catch {
+    return null;
+  }
+}
+function ensureDaemonToken(seed) {
+  const existing = readDaemonToken();
+  if (existing) return existing;
+  const token = normalizeToken(seed) ?? crypto.randomBytes(32).toString("hex");
+  ensurePrivateDirSync(EXE_AI_DIR);
+  writeFileSync2(DAEMON_TOKEN_PATH, `${token}
+`, "utf8");
+  enforcePrivateFileSync(DAEMON_TOKEN_PATH);
+  return token;
+}
+var DAEMON_TOKEN_PATH;
+var init_daemon_auth = __esm({
+  "src/lib/daemon-auth.ts"() {
+    "use strict";
+    init_config();
+    init_secure_files();
+    DAEMON_TOKEN_PATH = path4.join(EXE_AI_DIR, "exed.token");
   }
 });
 
 // src/lib/exe-daemon-client.ts
 import net from "net";
-import os3 from "os";
+import os4 from "os";
 import { spawn } from "child_process";
 import { randomUUID } from "crypto";
-import { existsSync as existsSync3, unlinkSync as unlinkSync2, readFileSync as readFileSync3, openSync, closeSync, statSync } from "fs";
-import path3 from "path";
+import { existsSync as existsSync5, unlinkSync as unlinkSync2, readFileSync as readFileSync4, openSync, closeSync, statSync } from "fs";
+import path5 from "path";
 import { fileURLToPath } from "url";
 function handleData(chunk) {
   _buffer += chunk.toString();
@@ -462,9 +1122,9 @@ function handleData(chunk) {
   }
 }
 function cleanupStaleFiles() {
-  if (existsSync3(PID_PATH)) {
+  if (existsSync5(PID_PATH)) {
     try {
-      const pid = parseInt(readFileSync3(PID_PATH, "utf8").trim(), 10);
+      const pid = parseInt(readFileSync4(PID_PATH, "utf8").trim(), 10);
       if (pid > 0) {
         try {
           process.kill(pid, 0);
@@ -485,17 +1145,17 @@ function cleanupStaleFiles() {
   }
 }
 function findPackageRoot() {
-  let dir = path3.dirname(fileURLToPath(import.meta.url));
-  const { root } = path3.parse(dir);
+  let dir = path5.dirname(fileURLToPath(import.meta.url));
+  const { root } = path5.parse(dir);
   while (dir !== root) {
-    if (existsSync3(path3.join(dir, "package.json"))) return dir;
-    dir = path3.dirname(dir);
+    if (existsSync5(path5.join(dir, "package.json"))) return dir;
+    dir = path5.dirname(dir);
   }
   return null;
 }
 function spawnDaemon() {
-  const freeGB = os3.freemem() / (1024 * 1024 * 1024);
-  const totalGB = os3.totalmem() / (1024 * 1024 * 1024);
+  const freeGB = os4.freemem() / (1024 * 1024 * 1024);
+  const totalGB = os4.totalmem() / (1024 * 1024 * 1024);
   if (totalGB <= 8) {
     process.stderr.write(
       `[exed-client] SKIP: ${totalGB.toFixed(0)}GB system \u2014 embedding daemon disabled. Using keyword search only. Minimum 16GB recommended for vector search.
@@ -515,16 +1175,17 @@ function spawnDaemon() {
     process.stderr.write("[exed-client] WARN: cannot find package root\n");
     return;
   }
-  const daemonPath = path3.join(pkgRoot, "dist", "lib", "exe-daemon.js");
-  if (!existsSync3(daemonPath)) {
+  const daemonPath = path5.join(pkgRoot, "dist", "lib", "exe-daemon.js");
+  if (!existsSync5(daemonPath)) {
     process.stderr.write(`[exed-client] WARN: daemon script not found at ${daemonPath}
 `);
     return;
   }
   const resolvedPath = daemonPath;
+  const daemonToken = ensureDaemonToken(process.env[DAEMON_TOKEN_ENV] ?? null);
   process.stderr.write(`[exed-client] Spawning daemon: ${resolvedPath}
 `);
-  const logPath = path3.join(path3.dirname(SOCKET_PATH), "exed.log");
+  const logPath = path5.join(path5.dirname(SOCKET_PATH), "exed.log");
   let stderrFd = "ignore";
   try {
     stderrFd = openSync(logPath, "a");
@@ -542,7 +1203,8 @@ function spawnDaemon() {
       TMUX_PANE: void 0,
       // Prevents resolveExeSession() from scoping to one session
       EXE_DAEMON_SOCK: SOCKET_PATH,
-      EXE_DAEMON_PID: PID_PATH
+      EXE_DAEMON_PID: PID_PATH,
+      [DAEMON_TOKEN_ENV]: daemonToken
     }
   });
   child.unref();
@@ -652,13 +1314,14 @@ function sendDaemonRequest(payload, timeoutMs = REQUEST_TIMEOUT_MS) {
       return;
     }
     const id = randomUUID();
+    const token = process.env[DAEMON_TOKEN_ENV] ?? readDaemonToken();
     const timer = setTimeout(() => {
       _pending.delete(id);
       resolve({ error: "Request timeout" });
     }, timeoutMs);
     _pending.set(id, { resolve, timer });
     try {
-      _socket.write(JSON.stringify({ id, ...payload }) + "\n");
+      _socket.write(JSON.stringify({ id, token, ...payload }) + "\n");
     } catch {
       clearTimeout(timer);
       _pending.delete(id);
@@ -675,74 +1338,123 @@ async function pingDaemon() {
   return null;
 }
 function killAndRespawnDaemon() {
-  process.stderr.write("[exed-client] Killing daemon for restart...\n");
-  if (existsSync3(PID_PATH)) {
-    try {
-      const pid = parseInt(readFileSync3(PID_PATH, "utf8").trim(), 10);
-      if (pid > 0) {
-        try {
-          process.kill(pid, "SIGKILL");
-        } catch {
+  if (!acquireSpawnLock()) {
+    process.stderr.write("[exed-client] Another process is already restarting daemon \u2014 skipping\n");
+    if (_socket) {
+      _socket.destroy();
+      _socket = null;
+    }
+    _connected = false;
+    _buffer = "";
+    return;
+  }
+  try {
+    process.stderr.write("[exed-client] Killing daemon for restart...\n");
+    if (existsSync5(PID_PATH)) {
+      try {
+        const pid = parseInt(readFileSync4(PID_PATH, "utf8").trim(), 10);
+        if (pid > 0) {
+          try {
+            process.kill(pid, "SIGKILL");
+          } catch {
+          }
         }
+      } catch {
       }
+    }
+    if (_socket) {
+      _socket.destroy();
+      _socket = null;
+    }
+    _connected = false;
+    _buffer = "";
+    try {
+      unlinkSync2(PID_PATH);
     } catch {
     }
+    try {
+      unlinkSync2(SOCKET_PATH);
+    } catch {
+    }
+    spawnDaemon();
+  } finally {
+    releaseSpawnLock();
   }
-  if (_socket) {
-    _socket.destroy();
-    _socket = null;
-  }
-  _connected = false;
-  _buffer = "";
+}
+function isDaemonTooYoung() {
   try {
-    unlinkSync2(PID_PATH);
+    const stat = statSync(PID_PATH);
+    return Date.now() - stat.mtimeMs < MIN_DAEMON_AGE_MS;
   } catch {
+    return false;
   }
-  try {
-    unlinkSync2(SOCKET_PATH);
-  } catch {
+}
+async function retryThenRestart(doRequest, label) {
+  const result = await doRequest();
+  if (!result.error) {
+    _consecutiveFailures = 0;
+    return result;
   }
-  spawnDaemon();
+  _consecutiveFailures++;
+  for (let i = 0; i < MAX_RETRIES_BEFORE_RESTART; i++) {
+    const delayMs = RETRY_DELAYS_MS[i] ?? 5e3;
+    process.stderr.write(`[exed-client] ${label} failed (${result.error}), retry ${i + 1}/${MAX_RETRIES_BEFORE_RESTART} in ${delayMs}ms
+`);
+    await new Promise((r) => setTimeout(r, delayMs));
+    if (!_connected) {
+      if (!await connectToSocket()) continue;
+    }
+    const retry = await doRequest();
+    if (!retry.error) {
+      _consecutiveFailures = 0;
+      return retry;
+    }
+    _consecutiveFailures++;
+  }
+  if (isDaemonTooYoung()) {
+    process.stderr.write(`[exed-client] ${label}: daemon too young (< ${MIN_DAEMON_AGE_MS / 1e3}s) \u2014 skipping restart
+`);
+    return { error: result.error };
+  }
+  process.stderr.write(`[exed-client] ${label}: ${_consecutiveFailures} consecutive failures \u2014 restarting daemon
+`);
+  killAndRespawnDaemon();
+  const start = Date.now();
+  let delay2 = 200;
+  while (Date.now() - start < CONNECT_TIMEOUT_MS) {
+    await new Promise((r) => setTimeout(r, delay2));
+    if (await connectToSocket()) break;
+    delay2 = Math.min(delay2 * 2, 3e3);
+  }
+  if (!_connected) return { error: "Daemon restart failed" };
+  const final = await doRequest();
+  if (!final.error) _consecutiveFailures = 0;
+  return final;
 }
 async function embedViaClient(text, priority = "high") {
   if (!_connected && !await connectEmbedDaemon()) return null;
   _requestCount++;
   if (_requestCount % HEALTH_CHECK_INTERVAL === 0) {
     const health = await pingDaemon();
-    if (!health) {
+    if (!health && !isDaemonTooYoung()) {
       process.stderr.write(`[exed-client] Periodic health check failed at request ${_requestCount} \u2014 restarting daemon
 `);
       killAndRespawnDaemon();
       const start = Date.now();
-      let delay2 = 200;
+      let d = 200;
       while (Date.now() - start < CONNECT_TIMEOUT_MS) {
-        await new Promise((r) => setTimeout(r, delay2));
+        await new Promise((r) => setTimeout(r, d));
         if (await connectToSocket()) break;
-        delay2 = Math.min(delay2 * 2, 3e3);
+        d = Math.min(d * 2, 3e3);
       }
       if (!_connected) return null;
     }
   }
-  const result = await sendRequest([text], priority);
-  if (!result.error && result.vectors?.[0]) return result.vectors[0];
-  if (result.error) {
-    process.stderr.write(`[exed-client] Embed failed (${result.error}) \u2014 attempting restart
-`);
-    killAndRespawnDaemon();
-    const start = Date.now();
-    let delay2 = 200;
-    while (Date.now() - start < CONNECT_TIMEOUT_MS) {
-      await new Promise((r) => setTimeout(r, delay2));
-      if (await connectToSocket()) break;
-      delay2 = Math.min(delay2 * 2, 3e3);
-    }
-    if (!_connected) return null;
-    const retry = await sendRequest([text], priority);
-    if (!retry.error && retry.vectors?.[0]) return retry.vectors[0];
-    process.stderr.write(`[exed-client] Embed retry also failed: ${retry.error ?? "no vector"}
-`);
-  }
-  return null;
+  const result = await retryThenRestart(
+    () => sendRequest([text], priority),
+    "Embed"
+  );
+  return !result.error && result.vectors?.[0] ? result.vectors[0] : null;
 }
 function disconnectClient() {
   if (_socket) {
@@ -760,22 +1472,28 @@ function disconnectClient() {
 function isClientConnected() {
   return _connected;
 }
-var SOCKET_PATH, PID_PATH, SPAWN_LOCK_PATH, SPAWN_LOCK_STALE_MS, CONNECT_TIMEOUT_MS, REQUEST_TIMEOUT_MS, _socket, _connected, _buffer, _requestCount, HEALTH_CHECK_INTERVAL, _pending, MAX_BUFFER;
+var SOCKET_PATH, PID_PATH, SPAWN_LOCK_PATH, SPAWN_LOCK_STALE_MS, CONNECT_TIMEOUT_MS, REQUEST_TIMEOUT_MS, DAEMON_TOKEN_ENV, _socket, _connected, _buffer, _requestCount, _consecutiveFailures, HEALTH_CHECK_INTERVAL, MAX_RETRIES_BEFORE_RESTART, RETRY_DELAYS_MS, MIN_DAEMON_AGE_MS, _pending, MAX_BUFFER;
 var init_exe_daemon_client = __esm({
   "src/lib/exe-daemon-client.ts"() {
     "use strict";
     init_config();
-    SOCKET_PATH = process.env.EXE_DAEMON_SOCK ?? process.env.EXE_EMBED_SOCK ?? path3.join(EXE_AI_DIR, "exed.sock");
-    PID_PATH = process.env.EXE_DAEMON_PID ?? process.env.EXE_EMBED_PID ?? path3.join(EXE_AI_DIR, "exed.pid");
-    SPAWN_LOCK_PATH = path3.join(EXE_AI_DIR, "exed-spawn.lock");
+    init_daemon_auth();
+    SOCKET_PATH = process.env.EXE_DAEMON_SOCK ?? process.env.EXE_EMBED_SOCK ?? path5.join(EXE_AI_DIR, "exed.sock");
+    PID_PATH = process.env.EXE_DAEMON_PID ?? process.env.EXE_EMBED_PID ?? path5.join(EXE_AI_DIR, "exed.pid");
+    SPAWN_LOCK_PATH = path5.join(EXE_AI_DIR, "exed-spawn.lock");
     SPAWN_LOCK_STALE_MS = 3e4;
     CONNECT_TIMEOUT_MS = 15e3;
     REQUEST_TIMEOUT_MS = 3e4;
+    DAEMON_TOKEN_ENV = "EXE_DAEMON_TOKEN";
     _socket = null;
     _connected = false;
     _buffer = "";
     _requestCount = 0;
+    _consecutiveFailures = 0;
     HEALTH_CHECK_INTERVAL = 100;
+    MAX_RETRIES_BEFORE_RESTART = 3;
+    RETRY_DELAYS_MS = [1e3, 3e3, 5e3];
+    MIN_DAEMON_AGE_MS = 3e4;
     _pending = /* @__PURE__ */ new Map();
     MAX_BUFFER = 1e7;
   }
@@ -851,7 +1569,7 @@ __export(db_daemon_client_exports, {
   createDaemonDbClient: () => createDaemonDbClient,
   initDaemonDbClient: () => initDaemonDbClient
 });
-function normalizeStatement(stmt) {
+function normalizeStatement2(stmt) {
   if (typeof stmt === "string") {
     return { sql: stmt, args: [] };
   }
@@ -875,7 +1593,7 @@ function createDaemonDbClient(fallbackClient) {
       if (!_useDaemon || !isClientConnected()) {
         return fallbackClient.execute(stmt);
       }
-      const { sql, args } = normalizeStatement(stmt);
+      const { sql, args } = normalizeStatement2(stmt);
       const response = await sendDaemonRequest({
         type: "db-execute",
         sql,
@@ -900,7 +1618,7 @@ function createDaemonDbClient(fallbackClient) {
       if (!_useDaemon || !isClientConnected()) {
         return fallbackClient.batch(stmts, mode);
       }
-      const statements = stmts.map(normalizeStatement);
+      const statements = stmts.map(normalizeStatement2);
       const response = await sendDaemonRequest({
         type: "db-batch",
         statements,
@@ -995,6 +1713,18 @@ __export(database_exports, {
 });
 import { createClient } from "@libsql/client";
 async function initDatabase(config) {
+  if (_walCheckpointTimer) {
+    clearInterval(_walCheckpointTimer);
+    _walCheckpointTimer = null;
+  }
+  if (_daemonClient) {
+    _daemonClient.close();
+    _daemonClient = null;
+  }
+  if (_adapterClient && _adapterClient !== _resilientClient) {
+    _adapterClient.close();
+  }
+  _adapterClient = null;
   if (_client) {
     _client.close();
     _client = null;
@@ -1008,6 +1738,7 @@ async function initDatabase(config) {
   }
   _client = createClient(opts);
   _resilientClient = wrapWithRetry(_client);
+  _adapterClient = _resilientClient;
   _client.execute("PRAGMA busy_timeout = 30000").catch(() => {
   });
   _client.execute("PRAGMA journal_mode = WAL").catch(() => {
@@ -1018,14 +1749,20 @@ async function initDatabase(config) {
     });
   }, 3e4);
   _walCheckpointTimer.unref();
+  if (process.env.DATABASE_URL) {
+    _adapterClient = await createPrismaDbAdapter(_resilientClient);
+  }
 }
 function isInitialized() {
-  return _client !== null;
+  return _adapterClient !== null || _client !== null;
 }
 function getClient() {
-  if (!_resilientClient) {
+  if (!_adapterClient) {
     throw new Error("Database client not initialized. Call initDatabase() first.");
   }
+  if (process.env.DATABASE_URL) {
+    return _adapterClient;
+  }
   if (process.env.EXE_IS_DAEMON === "1") {
     return _resilientClient;
   }
@@ -1035,6 +1772,7 @@ function getClient() {
   return _resilientClient;
 }
 async function initDaemonClient() {
+  if (process.env.DATABASE_URL) return;
   if (process.env.EXE_IS_DAEMON === "1") return;
   if (!_resilientClient) return;
   try {
@@ -1331,6 +2069,7 @@ async function ensureSchema() {
       project     TEXT NOT NULL,
       summary     TEXT NOT NULL,
       task_file   TEXT,
+      session_scope TEXT,
       read        INTEGER NOT NULL DEFAULT 0,
       created_at  TEXT NOT NULL
     );
@@ -1339,7 +2078,7 @@ async function ensureSchema() {
       ON notifications(read);
 
     CREATE INDEX IF NOT EXISTS idx_notifications_agent
-      ON notifications(agent_id);
+      ON notifications(agent_id, session_scope);
 
     CREATE INDEX IF NOT EXISTS idx_notifications_task_file
       ON notifications(task_file);
@@ -1377,6 +2116,7 @@ async function ensureSchema() {
       target_agent    TEXT NOT NULL,
       target_project  TEXT,
       target_device   TEXT NOT NULL DEFAULT 'local',
+      session_scope   TEXT,
       content         TEXT NOT NULL,
       priority        TEXT DEFAULT 'normal',
       status          TEXT DEFAULT 'pending',
@@ -1390,10 +2130,31 @@ async function ensureSchema() {
     );
 
     CREATE INDEX IF NOT EXISTS idx_messages_target
-      ON messages(target_agent, status);
+      ON messages(target_agent, session_scope, status);
 
     CREATE INDEX IF NOT EXISTS idx_messages_conversation_order
-      ON messages(target_agent, from_agent, server_seq);
+      ON messages(target_agent, session_scope, from_agent, server_seq);
+  `);
+  try {
+    await client.execute({
+      sql: `ALTER TABLE notifications ADD COLUMN session_scope TEXT`,
+      args: []
+    });
+  } catch {
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE messages ADD COLUMN session_scope TEXT`,
+      args: []
+    });
+  } catch {
+  }
+  await client.executeMultiple(`
+    CREATE INDEX IF NOT EXISTS idx_notifications_agent_scope_read
+      ON notifications(agent_id, session_scope, read, created_at);
+
+    CREATE INDEX IF NOT EXISTS idx_messages_target_scope_status
+      ON messages(target_agent, session_scope, status, created_at);
   `);
   try {
     await client.execute({
@@ -1977,28 +2738,45 @@ async function ensureSchema() {
     } catch {
     }
   }
+  try {
+    await client.execute({
+      sql: `UPDATE tasks SET status = 'closed' WHERE status = 'done' AND result IS NOT NULL`,
+      args: []
+    });
+  } catch {
+  }
 }
 async function disposeDatabase() {
+  if (_walCheckpointTimer) {
+    clearInterval(_walCheckpointTimer);
+    _walCheckpointTimer = null;
+  }
   if (_daemonClient) {
     _daemonClient.close();
     _daemonClient = null;
   }
+  if (_adapterClient && _adapterClient !== _resilientClient) {
+    _adapterClient.close();
+  }
+  _adapterClient = null;
   if (_client) {
     _client.close();
     _client = null;
     _resilientClient = null;
   }
 }
-var _client, _resilientClient, _walCheckpointTimer, _daemonClient, initTurso, disposeTurso;
+var _client, _resilientClient, _walCheckpointTimer, _daemonClient, _adapterClient, initTurso, disposeTurso;
 var init_database = __esm({
   "src/lib/database.ts"() {
     "use strict";
     init_db_retry();
     init_employees();
+    init_database_adapter();
     _client = null;
     _resilientClient = null;
     _walCheckpointTimer = null;
     _daemonClient = null;
+    _adapterClient = null;
     initTurso = initDatabase;
     disposeTurso = disposeDatabase;
   }
@@ -2014,14 +2792,14 @@ __export(keychain_exports, {
   setMasterKey: () => setMasterKey
 });
 import { readFile as readFile3, writeFile as writeFile3, unlink, mkdir as mkdir3, chmod as chmod2 } from "fs/promises";
-import { existsSync as existsSync4 } from "fs";
-import path4 from "path";
-import os4 from "os";
+import { existsSync as existsSync6 } from "fs";
+import path6 from "path";
+import os5 from "os";
 function getKeyDir() {
-  return process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? path4.join(os4.homedir(), ".exe-os");
+  return process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? path6.join(os5.homedir(), ".exe-os");
 }
 function getKeyPath() {
-  return path4.join(getKeyDir(), "master.key");
+  return path6.join(getKeyDir(), "master.key");
 }
 async function tryKeytar() {
   try {
@@ -2042,9 +2820,9 @@ async function getMasterKey() {
     }
   }
   const keyPath = getKeyPath();
-  if (!existsSync4(keyPath)) {
+  if (!existsSync6(keyPath)) {
     process.stderr.write(
-      `[keychain] Key not found at ${keyPath} (HOME=${os4.homedir()}, EXE_OS_DIR=${process.env.EXE_OS_DIR ?? "unset"})
+      `[keychain] Key not found at ${keyPath} (HOME=${os5.homedir()}, EXE_OS_DIR=${process.env.EXE_OS_DIR ?? "unset"})
 `
     );
     return null;
@@ -2085,7 +2863,7 @@ async function deleteMasterKey() {
     }
   }
   const keyPath = getKeyPath();
-  if (existsSync4(keyPath)) {
+  if (existsSync6(keyPath)) {
     await unlink(keyPath);
   }
 }
@@ -2187,6 +2965,7 @@ var shard_manager_exports = {};
 __export(shard_manager_exports, {
   disposeShards: () => disposeShards,
   ensureShardSchema: () => ensureShardSchema,
+  getOpenShardCount: () => getOpenShardCount,
   getReadyShardClient: () => getReadyShardClient,
   getShardClient: () => getShardClient,
   getShardsDir: () => getShardsDir,
@@ -2195,15 +2974,18 @@ __export(shard_manager_exports, {
   listShards: () => listShards,
   shardExists: () => shardExists
 });
-import path5 from "path";
-import { existsSync as existsSync5, mkdirSync, readdirSync } from "fs";
+import path7 from "path";
+import { existsSync as existsSync7, mkdirSync as mkdirSync2, readdirSync } from "fs";
 import { createClient as createClient2 } from "@libsql/client";
 function initShardManager(encryptionKey) {
   _encryptionKey = encryptionKey;
-  if (!existsSync5(SHARDS_DIR)) {
-    mkdirSync(SHARDS_DIR, { recursive: true });
+  if (!existsSync7(SHARDS_DIR)) {
+    mkdirSync2(SHARDS_DIR, { recursive: true });
   }
   _shardingEnabled = true;
+  if (_evictionTimer) clearInterval(_evictionTimer);
+  _evictionTimer = setInterval(evictIdleShards, EVICTION_INTERVAL_MS);
+  _evictionTimer.unref();
 }
 function isShardingEnabled() {
   return _shardingEnabled;
@@ -2220,21 +3002,28 @@ function getShardClient(projectName) {
     throw new Error(`Invalid project name for shard: "${projectName}"`);
   }
   const cached = _shards.get(safeName);
-  if (cached) return cached;
-  const dbPath = path5.join(SHARDS_DIR, `${safeName}.db`);
+  if (cached) {
+    _shardLastAccess.set(safeName, Date.now());
+    return cached;
+  }
+  while (_shards.size >= MAX_OPEN_SHARDS) {
+    evictLRU();
+  }
+  const dbPath = path7.join(SHARDS_DIR, `${safeName}.db`);
   const client = createClient2({
     url: `file:${dbPath}`,
     encryptionKey: _encryptionKey
   });
   _shards.set(safeName, client);
+  _shardLastAccess.set(safeName, Date.now());
   return client;
 }
 function shardExists(projectName) {
   const safeName = projectName.replace(/[^a-zA-Z0-9_-]/g, "_");
-  return existsSync5(path5.join(SHARDS_DIR, `${safeName}.db`));
+  return existsSync7(path7.join(SHARDS_DIR, `${safeName}.db`));
 }
 function listShards() {
-  if (!existsSync5(SHARDS_DIR)) return [];
+  if (!existsSync7(SHARDS_DIR)) return [];
   return readdirSync(SHARDS_DIR).filter((f) => f.endsWith(".db")).map((f) => f.replace(".db", ""));
 }
 async function ensureShardSchema(client) {
@@ -2286,6 +3075,8 @@ async function ensureShardSchema(client) {
   for (const col of [
     "ALTER TABLE memories ADD COLUMN task_id TEXT",
     "ALTER TABLE memories ADD COLUMN consolidated INTEGER NOT NULL DEFAULT 0",
+    "ALTER TABLE memories ADD COLUMN author_device_id TEXT",
+    "ALTER TABLE memories ADD COLUMN scope TEXT NOT NULL DEFAULT 'business'",
     "ALTER TABLE memories ADD COLUMN importance INTEGER DEFAULT 5",
     "ALTER TABLE memories ADD COLUMN status TEXT DEFAULT 'active'",
     "ALTER TABLE memories ADD COLUMN wiki_synced INTEGER DEFAULT 0",
@@ -2308,7 +3099,23 @@ async function ensureShardSchema(client) {
     // MS-11: draft staging, MS-6a: memory_type, MS-7: trajectory
     "ALTER TABLE memories ADD COLUMN draft INTEGER DEFAULT 0",
     "ALTER TABLE memories ADD COLUMN memory_type TEXT DEFAULT 'raw'",
-    "ALTER TABLE memories ADD COLUMN trajectory TEXT"
+    "ALTER TABLE memories ADD COLUMN trajectory TEXT",
+    // Metadata enrichment columns (must match database.ts)
+    "ALTER TABLE memories ADD COLUMN intent TEXT",
+    "ALTER TABLE memories ADD COLUMN outcome TEXT",
+    "ALTER TABLE memories ADD COLUMN domain TEXT",
+    "ALTER TABLE memories ADD COLUMN referenced_entities TEXT",
+    "ALTER TABLE memories ADD COLUMN retrieval_count INTEGER DEFAULT 0",
+    "ALTER TABLE memories ADD COLUMN chain_position TEXT",
+    "ALTER TABLE memories ADD COLUMN review_status TEXT",
+    "ALTER TABLE memories ADD COLUMN context_window_pct INTEGER",
+    "ALTER TABLE memories ADD COLUMN file_paths TEXT",
+    "ALTER TABLE memories ADD COLUMN commit_hash TEXT",
+    "ALTER TABLE memories ADD COLUMN duration_ms INTEGER",
+    "ALTER TABLE memories ADD COLUMN token_cost REAL",
+    "ALTER TABLE memories ADD COLUMN audience TEXT",
+    "ALTER TABLE memories ADD COLUMN language_type TEXT",
+    "ALTER TABLE memories ADD COLUMN parent_memory_id TEXT"
   ]) {
     try {
       await client.execute(col);
@@ -2407,21 +3214,69 @@ async function getReadyShardClient(projectName) {
   await ensureShardSchema(client);
   return client;
 }
+function evictLRU() {
+  let oldest = null;
+  let oldestTime = Infinity;
+  for (const [name, time] of _shardLastAccess) {
+    if (time < oldestTime) {
+      oldestTime = time;
+      oldest = name;
+    }
+  }
+  if (oldest) {
+    const client = _shards.get(oldest);
+    if (client) {
+      client.close();
+    }
+    _shards.delete(oldest);
+    _shardLastAccess.delete(oldest);
+  }
+}
+function evictIdleShards() {
+  const now = Date.now();
+  const toEvict = [];
+  for (const [name, lastAccess] of _shardLastAccess) {
+    if (now - lastAccess > SHARD_IDLE_MS) {
+      toEvict.push(name);
+    }
+  }
+  for (const name of toEvict) {
+    const client = _shards.get(name);
+    if (client) {
+      client.close();
+    }
+    _shards.delete(name);
+    _shardLastAccess.delete(name);
+  }
+}
+function getOpenShardCount() {
+  return _shards.size;
+}
 function disposeShards() {
+  if (_evictionTimer) {
+    clearInterval(_evictionTimer);
+    _evictionTimer = null;
+  }
   for (const [, client] of _shards) {
     client.close();
   }
   _shards.clear();
+  _shardLastAccess.clear();
   _shardingEnabled = false;
   _encryptionKey = null;
 }
-var SHARDS_DIR, _shards, _encryptionKey, _shardingEnabled;
+var SHARDS_DIR, SHARD_IDLE_MS, MAX_OPEN_SHARDS, EVICTION_INTERVAL_MS, _shards, _shardLastAccess, _evictionTimer, _encryptionKey, _shardingEnabled;
 var init_shard_manager = __esm({
   "src/lib/shard-manager.ts"() {
     "use strict";
     init_config();
-    SHARDS_DIR = path5.join(EXE_AI_DIR, "shards");
+    SHARDS_DIR = path7.join(EXE_AI_DIR, "shards");
+    SHARD_IDLE_MS = 5 * 60 * 1e3;
+    MAX_OPEN_SHARDS = 10;
+    EVICTION_INTERVAL_MS = 60 * 1e3;
     _shards = /* @__PURE__ */ new Map();
+    _shardLastAccess = /* @__PURE__ */ new Map();
+    _evictionTimer = null;
     _encryptionKey = null;
     _shardingEnabled = false;
   }
@@ -2614,56 +3469,14 @@ ${p.content}`).join("\n\n");
   }
 });
 
-// src/lib/notifications.ts
-import crypto from "crypto";
-import path6 from "path";
-import os5 from "os";
-import {
-  readFileSync as readFileSync4,
-  readdirSync as readdirSync2,
-  unlinkSync as unlinkSync3,
-  existsSync as existsSync6,
-  rmdirSync
-} from "fs";
-async function writeNotification(notification) {
-  try {
-    const client = getClient();
-    const id = crypto.randomUUID();
-    const now = (/* @__PURE__ */ new Date()).toISOString();
-    await client.execute({
-      sql: `INSERT INTO notifications (id, agent_id, agent_role, event, project, summary, task_file, read, created_at)
-            VALUES (?, ?, ?, ?, ?, ?, ?, 0, ?)`,
-      args: [
-        id,
-        notification.agentId,
-        notification.agentRole,
-        notification.event,
-        notification.project,
-        notification.summary,
-        notification.taskFile ?? null,
-        now
-      ]
-    });
-  } catch (err) {
-    process.stderr.write(`[notifications] WRITE FAILED: ${err instanceof Error ? err.message : String(err)}
-`);
-  }
-}
-var init_notifications = __esm({
-  "src/lib/notifications.ts"() {
-    "use strict";
-    init_database();
-  }
-});
-
 // src/lib/session-registry.ts
-import path7 from "path";
+import path8 from "path";
 import os6 from "os";
 var REGISTRY_PATH;
 var init_session_registry = __esm({
   "src/lib/session-registry.ts"() {
     "use strict";
-    REGISTRY_PATH = path7.join(os6.homedir(), ".exe-os", "session-registry.json");
+    REGISTRY_PATH = path8.join(os6.homedir(), ".exe-os", "session-registry.json");
   }
 });
 
@@ -2898,15 +3711,16 @@ var init_runtime_table = __esm({
 });
 
 // src/lib/agent-config.ts
-import { readFileSync as readFileSync5, writeFileSync as writeFileSync2, existsSync as existsSync7, mkdirSync as mkdirSync2 } from "fs";
-import path8 from "path";
+import { readFileSync as readFileSync5, writeFileSync as writeFileSync3, existsSync as existsSync8 } from "fs";
+import path9 from "path";
 var AGENT_CONFIG_PATH, DEFAULT_MODELS;
 var init_agent_config = __esm({
   "src/lib/agent-config.ts"() {
     "use strict";
     init_config();
     init_runtime_table();
-    AGENT_CONFIG_PATH = path8.join(EXE_AI_DIR, "agent-config.json");
+    init_secure_files();
+    AGENT_CONFIG_PATH = path9.join(EXE_AI_DIR, "agent-config.json");
     DEFAULT_MODELS = {
       claude: "claude-opus-4",
       codex: RUNTIME_TABLE.codex?.defaultModel ?? "gpt-5.4",
@@ -2916,16 +3730,16 @@ var init_agent_config = __esm({
 });
 
 // src/lib/intercom-queue.ts
-import { readFileSync as readFileSync6, writeFileSync as writeFileSync3, renameSync as renameSync3, existsSync as existsSync8, mkdirSync as mkdirSync3 } from "fs";
-import path9 from "path";
+import { readFileSync as readFileSync6, writeFileSync as writeFileSync4, renameSync as renameSync3, existsSync as existsSync9, mkdirSync as mkdirSync3 } from "fs";
+import path10 from "path";
 import os7 from "os";
 var QUEUE_PATH, TTL_MS, INTERCOM_LOG;
 var init_intercom_queue = __esm({
   "src/lib/intercom-queue.ts"() {
     "use strict";
-    QUEUE_PATH = path9.join(os7.homedir(), ".exe-os", "intercom-queue.json");
+    QUEUE_PATH = path10.join(os7.homedir(), ".exe-os", "intercom-queue.json");
     TTL_MS = 60 * 60 * 1e3;
-    INTERCOM_LOG = path9.join(os7.homedir(), ".exe-os", "intercom.log");
+    INTERCOM_LOG = path10.join(os7.homedir(), ".exe-os", "intercom.log");
   }
 });
 
@@ -2946,9 +3760,12 @@ __export(license_exports, {
   stopLicenseRevalidation: () => stopLicenseRevalidation,
   validateLicense: () => validateLicense
 });
-import { readFileSync as readFileSync7, writeFileSync as writeFileSync4, existsSync as existsSync9, mkdirSync as mkdirSync4 } from "fs";
+import { readFileSync as readFileSync7, writeFileSync as writeFileSync5, existsSync as existsSync10, mkdirSync as mkdirSync4 } from "fs";
 import { randomUUID as randomUUID3 } from "crypto";
-import path10 from "path";
+import { createRequire as createRequire2 } from "module";
+import { pathToFileURL as pathToFileURL2 } from "url";
+import os8 from "os";
+import path11 from "path";
 import { jwtVerify, importSPKI } from "jose";
 async function fetchRetry(url, init) {
   try {
@@ -2959,16 +3776,16 @@ async function fetchRetry(url, init) {
   }
 }
 function loadDeviceId() {
-  const deviceJsonPath = path10.join(EXE_AI_DIR, "device.json");
+  const deviceJsonPath = path11.join(EXE_AI_DIR, "device.json");
   try {
-    if (existsSync9(deviceJsonPath)) {
+    if (existsSync10(deviceJsonPath)) {
       const data = JSON.parse(readFileSync7(deviceJsonPath, "utf8"));
       if (data.deviceId) return data.deviceId;
     }
   } catch {
   }
   try {
-    if (existsSync9(DEVICE_ID_PATH)) {
+    if (existsSync10(DEVICE_ID_PATH)) {
       const id2 = readFileSync7(DEVICE_ID_PATH, "utf8").trim();
       if (id2) return id2;
     }
@@ -2976,12 +3793,12 @@ function loadDeviceId() {
   }
   const id = randomUUID3();
   mkdirSync4(EXE_AI_DIR, { recursive: true });
-  writeFileSync4(DEVICE_ID_PATH, id, "utf8");
+  writeFileSync5(DEVICE_ID_PATH, id, "utf8");
   return id;
 }
 function loadLicense() {
   try {
-    if (!existsSync9(LICENSE_PATH)) return null;
+    if (!existsSync10(LICENSE_PATH)) return null;
     return readFileSync7(LICENSE_PATH, "utf8").trim();
   } catch {
     return null;
@@ -2989,7 +3806,7 @@ function loadLicense() {
 }
 function saveLicense(apiKey) {
   mkdirSync4(EXE_AI_DIR, { recursive: true });
-  writeFileSync4(LICENSE_PATH, apiKey.trim(), { encoding: "utf8", mode: 384 });
+  writeFileSync5(LICENSE_PATH, apiKey.trim(), { encoding: "utf8", mode: 384 });
 }
 async function verifyLicenseJwt(token) {
   try {
@@ -3015,7 +3832,7 @@ async function verifyLicenseJwt(token) {
 }
 async function getCachedLicense() {
   try {
-    if (!existsSync9(CACHE_PATH)) return null;
+    if (!existsSync10(CACHE_PATH)) return null;
     const raw = JSON.parse(readFileSync7(CACHE_PATH, "utf8"));
     if (!raw.token || typeof raw.token !== "string") return null;
     return await verifyLicenseJwt(raw.token);
@@ -3025,7 +3842,7 @@ async function getCachedLicense() {
 }
 function readCachedToken() {
   try {
-    if (!existsSync9(CACHE_PATH)) return null;
+    if (!existsSync10(CACHE_PATH)) return null;
     const raw = JSON.parse(readFileSync7(CACHE_PATH, "utf8"));
     return typeof raw.token === "string" ? raw.token : null;
   } catch {
@@ -3060,56 +3877,130 @@ function getRawCachedPlan() {
 }
 function cacheResponse(token) {
   try {
-    writeFileSync4(CACHE_PATH, JSON.stringify({ token }), "utf8");
+    writeFileSync5(CACHE_PATH, JSON.stringify({ token }), "utf8");
   } catch {
   }
 }
-async function validateLicense(apiKey, deviceId) {
-  const did = deviceId ?? loadDeviceId();
+function loadPrismaForLicense() {
+  if (_prismaFailed) return null;
+  const dbUrl = process.env.DATABASE_URL;
+  if (!dbUrl) {
+    const exeDbRoot = process.env.EXE_DB_ROOT ?? path11.join(os8.homedir(), "exe-db");
+    if (!existsSync10(path11.join(exeDbRoot, "package.json"))) {
+      _prismaFailed = true;
+      return null;
+    }
+  }
+  if (!_prismaPromise) {
+    _prismaPromise = (async () => {
+      const explicitPath = process.env.EXE_OS_PRISMA_CLIENT_PATH;
+      if (explicitPath) {
+        const mod2 = await import(pathToFileURL2(explicitPath).href);
+        const Ctor2 = mod2.PrismaClient ?? mod2.default?.PrismaClient;
+        if (!Ctor2) throw new Error(`No PrismaClient at ${explicitPath}`);
+        return new Ctor2();
+      }
+      const exeDbRoot = process.env.EXE_DB_ROOT ?? path11.join(os8.homedir(), "exe-db");
+      const req = createRequire2(path11.join(exeDbRoot, "package.json"));
+      const entry = req.resolve("@prisma/client");
+      const mod = await import(pathToFileURL2(entry).href);
+      const Ctor = mod.PrismaClient ?? mod.default?.PrismaClient;
+      if (!Ctor) throw new Error(`No PrismaClient in ${entry}`);
+      return new Ctor();
+    })().catch((err) => {
+      _prismaFailed = true;
+      _prismaPromise = null;
+      throw err;
+    });
+  }
+  return _prismaPromise;
+}
+async function validateViaPostgres(apiKey) {
+  const loader = loadPrismaForLicense();
+  if (!loader) return null;
+  try {
+    const prisma = await loader;
+    const rows = await prisma.$queryRawUnsafe(
+      `SELECT plan, email, status, device_limit, employee_limit, memory_limit, expires_at
+       FROM billing.licenses WHERE key = $1 LIMIT 1`,
+      apiKey
+    );
+    if (!rows || rows.length === 0) return null;
+    const row = rows[0];
+    if (row.status !== "active") return null;
+    if (row.expires_at && new Date(row.expires_at) < /* @__PURE__ */ new Date()) return null;
+    const plan = row.plan;
+    const limits = PLAN_LIMITS[plan] ?? PLAN_LIMITS.free;
+    return {
+      valid: true,
+      plan,
+      email: row.email,
+      expiresAt: row.expires_at ? new Date(row.expires_at).toISOString() : null,
+      deviceLimit: row.device_limit ?? limits.devices,
+      employeeLimit: row.employee_limit ?? limits.employees,
+      memoryLimit: row.memory_limit ?? limits.memories
+    };
+  } catch {
+    return null;
+  }
+}
+async function validateViaCFWorker(apiKey, deviceId) {
   try {
     const res = await fetchRetry(`${API_BASE}/auth/activate`, {
       method: "POST",
       headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({ apiKey, deviceId: did }),
+      body: JSON.stringify({ apiKey, deviceId }),
       signal: AbortSignal.timeout(1e4)
     });
-    if (res.ok) {
-      const data = await res.json();
-      if (data.error === "device_limit_exceeded") {
-        const cached2 = await getCachedLicense();
-        if (cached2) return cached2;
-        const raw2 = getRawCachedPlan();
-        if (raw2) return { ...raw2, valid: false };
-        return { ...FREE_LICENSE, valid: false, plan: "free" };
-      }
-      if (data.token) {
-        cacheResponse(data.token);
-        const verified = await verifyLicenseJwt(data.token);
-        if (verified) return verified;
+    if (!res.ok) return null;
+    const data = await res.json();
+    if (data.error === "device_limit_exceeded") return null;
+    if (!data.valid) return null;
+    if (data.token) {
+      cacheResponse(data.token);
+      const verified = await verifyLicenseJwt(data.token);
+      if (verified) return verified;
+    }
+    const limits = PLAN_LIMITS[data.plan] ?? PLAN_LIMITS.free;
+    return {
+      valid: data.valid,
+      plan: data.plan,
+      email: data.email,
+      expiresAt: data.expiresAt,
+      deviceLimit: limits.devices,
+      employeeLimit: limits.employees,
+      memoryLimit: limits.memories
+    };
+  } catch {
+    return null;
+  }
+}
+async function validateLicense(apiKey, deviceId) {
+  const did = deviceId ?? loadDeviceId();
+  const pgResult = await validateViaPostgres(apiKey);
+  if (pgResult) {
+    try {
+      writeFileSync5(CACHE_PATH, JSON.stringify({ pgLicense: pgResult, ts: Date.now() }), "utf8");
+    } catch {
+    }
+    return pgResult;
+  }
+  const cfResult = await validateViaCFWorker(apiKey, did);
+  if (cfResult) return cfResult;
+  const cached = await getCachedLicense();
+  if (cached) return cached;
+  try {
+    if (existsSync10(CACHE_PATH)) {
+      const raw = JSON.parse(readFileSync7(CACHE_PATH, "utf8"));
+      if (raw.pgLicense && raw.ts && Date.now() - raw.ts < 7 * 24 * 60 * 60 * 1e3) {
+        return raw.pgLicense;
       }
-      const limits = PLAN_LIMITS[data.plan] ?? PLAN_LIMITS.free;
-      return {
-        valid: data.valid,
-        plan: data.plan,
-        email: data.email,
-        expiresAt: data.expiresAt,
-        deviceLimit: limits.devices,
-        employeeLimit: limits.employees,
-        memoryLimit: limits.memories
-      };
     }
-    const cached = await getCachedLicense();
-    if (cached) return cached;
-    const raw = getRawCachedPlan();
-    if (raw) return raw;
-    return { ...FREE_LICENSE, valid: false, plan: "free" };
   } catch {
-    const cached = await getCachedLicense();
-    if (cached) return cached;
-    const rawFallback = getRawCachedPlan();
-    if (rawFallback) return rawFallback;
-    return { ...FREE_LICENSE, valid: false, error: "offline" };
   }
+  const rawFallback = getRawCachedPlan();
+  if (rawFallback) return rawFallback;
+  return { ...FREE_LICENSE, valid: false };
 }
 function getCacheAgeMs() {
   try {
@@ -3124,8 +4015,8 @@ async function checkLicense() {
   let key = loadLicense();
   if (!key) {
     try {
-      const configPath = path10.join(EXE_AI_DIR, "config.json");
-      if (existsSync9(configPath)) {
+      const configPath = path11.join(EXE_AI_DIR, "config.json");
+      if (existsSync10(configPath)) {
         const raw = JSON.parse(readFileSync7(configPath, "utf8"));
         const cloud = raw.cloud;
         if (cloud?.apiKey) {
@@ -3280,14 +4171,14 @@ function stopLicenseRevalidation() {
     _revalTimer = null;
   }
 }
-var LICENSE_PATH, CACHE_PATH, DEVICE_ID_PATH, API_BASE, RETRY_DELAY_MS, LICENSE_PUBLIC_KEY_PEM, LICENSE_JWT_ALG, PLAN_LIMITS, FREE_LICENSE, CACHE_MAX_AGE_MS, _revalTimer;
+var LICENSE_PATH, CACHE_PATH, DEVICE_ID_PATH, API_BASE, RETRY_DELAY_MS, LICENSE_PUBLIC_KEY_PEM, LICENSE_JWT_ALG, PLAN_LIMITS, FREE_LICENSE, _prismaPromise, _prismaFailed, CACHE_MAX_AGE_MS, _revalTimer;
 var init_license = __esm({
   "src/lib/license.ts"() {
     "use strict";
     init_config();
-    LICENSE_PATH = path10.join(EXE_AI_DIR, "license.key");
-    CACHE_PATH = path10.join(EXE_AI_DIR, "license-cache.json");
-    DEVICE_ID_PATH = path10.join(EXE_AI_DIR, "device-id");
+    LICENSE_PATH = path11.join(EXE_AI_DIR, "license.key");
+    CACHE_PATH = path11.join(EXE_AI_DIR, "license-cache.json");
+    DEVICE_ID_PATH = path11.join(EXE_AI_DIR, "device-id");
     API_BASE = "https://askexe.com/cloud";
     RETRY_DELAY_MS = 500;
     LICENSE_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
@@ -3311,6 +4202,8 @@ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeHztAMOpR/ZMh+rWuOASjEZ54CGY
       employeeLimit: 1,
       memoryLimit: 5e3
     };
+    _prismaPromise = null;
+    _prismaFailed = false;
     CACHE_MAX_AGE_MS = 36e5;
     _revalTimer = null;
   }
@@ -3327,11 +4220,11 @@ __export(plan_limits_exports, {
   countActiveMemories: () => countActiveMemories,
   getLicenseSync: () => getLicenseSync
 });
-import { readFileSync as readFileSync8, existsSync as existsSync10 } from "fs";
-import path11 from "path";
+import { readFileSync as readFileSync8, existsSync as existsSync11 } from "fs";
+import path12 from "path";
 function getLicenseSync() {
   try {
-    if (!existsSync10(CACHE_PATH2)) return freeLicense();
+    if (!existsSync11(CACHE_PATH2)) return freeLicense();
     const raw = JSON.parse(readFileSync8(CACHE_PATH2, "utf8"));
     if (!raw.token || typeof raw.token !== "string") return freeLicense();
     const parts = raw.token.split(".");
@@ -3399,7 +4292,7 @@ function assertEmployeeLimitSync(rosterPath) {
   const filePath = rosterPath ?? EMPLOYEES_PATH;
   let count = 0;
   try {
-    if (existsSync10(filePath)) {
+    if (existsSync11(filePath)) {
       const raw = readFileSync8(filePath, "utf8");
       const employees = JSON.parse(raw);
       count = Array.isArray(employees) ? employees.length : 0;
@@ -3437,14 +4330,14 @@ var init_plan_limits = __esm({
         this.name = "PlanLimitError";
       }
     };
-    CACHE_PATH2 = path11.join(EXE_AI_DIR, "license-cache.json");
+    CACHE_PATH2 = path12.join(EXE_AI_DIR, "license-cache.json");
   }
 });
 
 // src/lib/tmux-routing.ts
-import { readFileSync as readFileSync9, writeFileSync as writeFileSync5, mkdirSync as mkdirSync5, existsSync as existsSync11, appendFileSync, readdirSync as readdirSync3 } from "fs";
-import path12 from "path";
-import os8 from "os";
+import { readFileSync as readFileSync9, writeFileSync as writeFileSync6, mkdirSync as mkdirSync5, existsSync as existsSync12, appendFileSync, readdirSync as readdirSync2 } from "fs";
+import path13 from "path";
+import os9 from "os";
 import { fileURLToPath as fileURLToPath2 } from "url";
 function getMySession() {
   return getTransport().getMySession();
@@ -3457,7 +4350,7 @@ function extractRootExe(name) {
 }
 function getParentExe(sessionKey) {
   try {
-    const data = JSON.parse(readFileSync9(path12.join(SESSION_CACHE, `parent-exe-${sessionKey}.json`), "utf8"));
+    const data = JSON.parse(readFileSync9(path13.join(SESSION_CACHE, `parent-exe-${sessionKey}.json`), "utf8"));
     return data.parentExe || null;
   } catch {
     return null;
@@ -3500,10 +4393,10 @@ var init_tmux_routing = __esm({
     init_intercom_queue();
     init_plan_limits();
     init_employees();
-    SPAWN_LOCK_DIR = path12.join(os8.homedir(), ".exe-os", "spawn-locks");
-    SESSION_CACHE = path12.join(os8.homedir(), ".exe-os", "session-cache");
-    INTERCOM_LOG2 = path12.join(os8.homedir(), ".exe-os", "intercom.log");
-    DEBOUNCE_FILE = path12.join(SESSION_CACHE, "intercom-debounce.json");
+    SPAWN_LOCK_DIR = path13.join(os9.homedir(), ".exe-os", "spawn-locks");
+    SESSION_CACHE = path13.join(os9.homedir(), ".exe-os", "session-cache");
+    INTERCOM_LOG2 = path13.join(os9.homedir(), ".exe-os", "intercom.log");
+    DEBOUNCE_FILE = path13.join(SESSION_CACHE, "intercom-debounce.json");
     DEBOUNCE_CLEANUP_AGE_MS = 5 * 60 * 1e3;
   }
 });
@@ -3532,6 +4425,51 @@ var init_task_scope = __esm({
   }
 });
 
+// src/lib/notifications.ts
+import crypto2 from "crypto";
+import path14 from "path";
+import os10 from "os";
+import {
+  readFileSync as readFileSync10,
+  readdirSync as readdirSync3,
+  unlinkSync as unlinkSync3,
+  existsSync as existsSync13,
+  rmdirSync
+} from "fs";
+async function writeNotification(notification) {
+  try {
+    const client = getClient();
+    const id = crypto2.randomUUID();
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const sessionScope = notification.sessionScope === void 0 ? getCurrentSessionScope() : notification.sessionScope;
+    await client.execute({
+      sql: `INSERT INTO notifications (id, agent_id, agent_role, event, project, summary, task_file, session_scope, read, created_at)
+            VALUES (?, ?, ?, ?, ?, ?, ?, ?, 0, ?)`,
+      args: [
+        id,
+        notification.agentId,
+        notification.agentRole,
+        notification.event,
+        notification.project,
+        notification.summary,
+        notification.taskFile ?? null,
+        sessionScope,
+        now
+      ]
+    });
+  } catch (err) {
+    process.stderr.write(`[notifications] WRITE FAILED: ${err instanceof Error ? err.message : String(err)}
+`);
+  }
+}
+var init_notifications = __esm({
+  "src/lib/notifications.ts"() {
+    "use strict";
+    init_database();
+    init_task_scope();
+  }
+});
+
 // src/lib/embedder.ts
 var embedder_exports = {};
 __export(embedder_exports, {
@@ -3569,10 +4507,10 @@ async function disposeEmbedder() {
 async function embedDirect(text) {
   const llamaCpp = await import("node-llama-cpp");
   const { MODELS_DIR: MODELS_DIR2 } = await Promise.resolve().then(() => (init_config(), config_exports));
-  const { existsSync: existsSync16 } = await import("fs");
-  const path17 = await import("path");
-  const modelPath = path17.join(MODELS_DIR2, "jina-embeddings-v5-small-q4_k_m.gguf");
-  if (!existsSync16(modelPath)) {
+  const { existsSync: existsSync18 } = await import("fs");
+  const path19 = await import("path");
+  const modelPath = path19.join(MODELS_DIR2, "jina-embeddings-v5-small-q4_k_m.gguf");
+  if (!existsSync18(modelPath)) {
     throw new Error(`Embedding model not found at ${modelPath}. Run '/exe-setup' to download it.`);
   }
   const llama = await llamaCpp.getLlama();
@@ -3610,14 +4548,14 @@ __export(worker_gate_exports, {
   tryAcquireBackfillLock: () => tryAcquireBackfillLock,
   tryAcquireWorkerSlot: () => tryAcquireWorkerSlot
 });
-import { readdirSync as readdirSync4, writeFileSync as writeFileSync6, unlinkSync as unlinkSync4, mkdirSync as mkdirSync6, existsSync as existsSync12 } from "fs";
-import path13 from "path";
+import { readdirSync as readdirSync4, writeFileSync as writeFileSync7, unlinkSync as unlinkSync4, mkdirSync as mkdirSync6, existsSync as existsSync14 } from "fs";
+import path15 from "path";
 function tryAcquireWorkerSlot() {
   try {
     mkdirSync6(WORKER_PID_DIR, { recursive: true });
     const reservationId = `res-${process.pid}-${Date.now()}`;
-    const reservationPath = path13.join(WORKER_PID_DIR, `${reservationId}.pid`);
-    writeFileSync6(reservationPath, String(process.pid));
+    const reservationPath = path15.join(WORKER_PID_DIR, `${reservationId}.pid`);
+    writeFileSync7(reservationPath, String(process.pid));
     const files = readdirSync4(WORKER_PID_DIR);
     let alive = 0;
     for (const f of files) {
@@ -3634,7 +4572,7 @@ function tryAcquireWorkerSlot() {
         alive++;
       } catch {
         try {
-          unlinkSync4(path13.join(WORKER_PID_DIR, f));
+          unlinkSync4(path15.join(WORKER_PID_DIR, f));
         } catch {
         }
       }
@@ -3658,20 +4596,20 @@ function tryAcquireWorkerSlot() {
 function registerWorkerPid(pid) {
   try {
     mkdirSync6(WORKER_PID_DIR, { recursive: true });
-    writeFileSync6(path13.join(WORKER_PID_DIR, `worker-${pid}.pid`), String(pid));
+    writeFileSync7(path15.join(WORKER_PID_DIR, `worker-${pid}.pid`), String(pid));
   } catch {
   }
 }
 function cleanupWorkerPid() {
   try {
-    unlinkSync4(path13.join(WORKER_PID_DIR, `worker-${process.pid}.pid`));
+    unlinkSync4(path15.join(WORKER_PID_DIR, `worker-${process.pid}.pid`));
   } catch {
   }
 }
 function tryAcquireBackfillLock() {
   try {
     mkdirSync6(WORKER_PID_DIR, { recursive: true });
-    if (existsSync12(BACKFILL_LOCK)) {
+    if (existsSync14(BACKFILL_LOCK)) {
       try {
         const pid = parseInt(
           __require("fs").readFileSync(BACKFILL_LOCK, "utf8").trim(),
@@ -3687,7 +4625,7 @@ function tryAcquireBackfillLock() {
       } catch {
       }
     }
-    writeFileSync6(BACKFILL_LOCK, String(process.pid));
+    writeFileSync7(BACKFILL_LOCK, String(process.pid));
     return true;
   } catch {
     return true;
@@ -3704,9 +4642,9 @@ var init_worker_gate = __esm({
   "src/lib/worker-gate.ts"() {
     "use strict";
     init_config();
-    WORKER_PID_DIR = path13.join(EXE_AI_DIR, "worker-pids");
+    WORKER_PID_DIR = path15.join(EXE_AI_DIR, "worker-pids");
     MAX_CONCURRENT_WORKERS = 3;
-    BACKFILL_LOCK = path13.join(WORKER_PID_DIR, "backfill.lock");
+    BACKFILL_LOCK = path15.join(WORKER_PID_DIR, "backfill.lock");
   }
 });
 
@@ -3718,13 +4656,13 @@ __export(crypto_exports, {
   initSyncCrypto: () => initSyncCrypto,
   isSyncCryptoInitialized: () => isSyncCryptoInitialized
 });
-import crypto2 from "crypto";
+import crypto3 from "crypto";
 function initSyncCrypto(masterKey) {
   if (masterKey.length !== 32) {
     throw new Error(`Master key must be 32 bytes, got ${masterKey.length}`);
   }
   _syncKey = Buffer.from(
-    crypto2.hkdfSync("sha256", masterKey, "", SYNC_HKDF_INFO, 32)
+    crypto3.hkdfSync("sha256", masterKey, "", SYNC_HKDF_INFO, 32)
   );
 }
 function isSyncCryptoInitialized() {
@@ -3738,8 +4676,8 @@ function requireSyncKey() {
 }
 function encryptSyncBlob(data) {
   const key = requireSyncKey();
-  const iv = crypto2.randomBytes(IV_LENGTH);
-  const cipher = crypto2.createCipheriv(ALGORITHM, key, iv);
+  const iv = crypto3.randomBytes(IV_LENGTH);
+  const cipher = crypto3.createCipheriv(ALGORITHM, key, iv);
   const encrypted = Buffer.concat([cipher.update(data), cipher.final()]);
   const tag = cipher.getAuthTag();
   return Buffer.concat([iv, encrypted, tag]).toString("base64");
@@ -3753,7 +4691,7 @@ function decryptSyncBlob(ciphertext) {
   const iv = combined.subarray(0, IV_LENGTH);
   const tag = combined.subarray(combined.length - TAG_LENGTH);
   const encrypted = combined.subarray(IV_LENGTH, combined.length - TAG_LENGTH);
-  const decipher = crypto2.createDecipheriv(ALGORITHM, key, iv);
+  const decipher = crypto3.createDecipheriv(ALGORITHM, key, iv);
   decipher.setAuthTag(tag);
   return Buffer.concat([decipher.update(encrypted), decipher.final()]);
 }
@@ -3808,8 +4746,8 @@ __export(crdt_sync_exports, {
   rebuildFromDb: () => rebuildFromDb
 });
 import * as Y from "yjs";
-import { readFileSync as readFileSync10, writeFileSync as writeFileSync7, existsSync as existsSync13, mkdirSync as mkdirSync7, unlinkSync as unlinkSync5 } from "fs";
-import path14 from "path";
+import { readFileSync as readFileSync11, writeFileSync as writeFileSync8, existsSync as existsSync15, mkdirSync as mkdirSync7, unlinkSync as unlinkSync5 } from "fs";
+import path16 from "path";
 import { homedir } from "os";
 function getStatePath() {
   return _statePathOverride ?? DEFAULT_STATE_PATH;
@@ -3821,9 +4759,9 @@ function initCrdtDoc() {
   if (doc) return doc;
   doc = new Y.Doc();
   const sp = getStatePath();
-  if (existsSync13(sp)) {
+  if (existsSync15(sp)) {
     try {
-      const state = readFileSync10(sp);
+      const state = readFileSync11(sp);
       Y.applyUpdate(doc, new Uint8Array(state));
     } catch {
       console.warn("[crdt-sync] WARN: corrupted state file, rebuilding from DB");
@@ -3965,10 +4903,10 @@ function persistState() {
   if (!doc) return;
   try {
     const sp = getStatePath();
-    const dir = path14.dirname(sp);
-    if (!existsSync13(dir)) mkdirSync7(dir, { recursive: true });
+    const dir = path16.dirname(sp);
+    if (!existsSync15(dir)) mkdirSync7(dir, { recursive: true });
     const state = Y.encodeStateAsUpdate(doc);
-    writeFileSync7(sp, Buffer.from(state));
+    writeFileSync8(sp, Buffer.from(state));
   } catch {
   }
 }
@@ -4009,7 +4947,7 @@ var DEFAULT_STATE_PATH, _statePathOverride, doc;
 var init_crdt_sync = __esm({
   "src/lib/crdt-sync.ts"() {
     "use strict";
-    DEFAULT_STATE_PATH = path14.join(homedir(), ".exe-os", "crdt-state.bin");
+    DEFAULT_STATE_PATH = path16.join(homedir(), ".exe-os", "crdt-state.bin");
     _statePathOverride = null;
     doc = null;
   }
@@ -4041,39 +4979,107 @@ __export(cloud_sync_exports, {
   cloudSync: () => cloudSync,
   mergeConfig: () => mergeConfig,
   mergeRosterFromRemote: () => mergeRosterFromRemote,
+  pushToPostgres: () => pushToPostgres,
   recordRosterDeletion: () => recordRosterDeletion
 });
-import { readFileSync as readFileSync11, writeFileSync as writeFileSync8, existsSync as existsSync14, readdirSync as readdirSync5, mkdirSync as mkdirSync8, appendFileSync as appendFileSync2, unlinkSync as unlinkSync6, openSync as openSync2, closeSync as closeSync2 } from "fs";
-import crypto3 from "crypto";
-import path15 from "path";
+import { readFileSync as readFileSync12, writeFileSync as writeFileSync9, existsSync as existsSync16, readdirSync as readdirSync5, mkdirSync as mkdirSync8, appendFileSync as appendFileSync2, unlinkSync as unlinkSync6, openSync as openSync2, closeSync as closeSync2 } from "fs";
+import crypto4 from "crypto";
+import path17 from "path";
 import { homedir as homedir2 } from "os";
 function sqlSafe(v) {
   return v === void 0 ? null : v;
 }
 function logError(msg) {
   try {
-    const logPath = path15.join(homedir2(), ".exe-os", "workers.log");
+    const logPath = path17.join(homedir2(), ".exe-os", "workers.log");
     appendFileSync2(logPath, `${(/* @__PURE__ */ new Date()).toISOString()} ${msg}
 `);
   } catch {
   }
 }
+function loadPgClient() {
+  if (_pgFailed) return null;
+  const postgresUrl = process.env.DATABASE_URL;
+  const configPath = path17.join(EXE_AI_DIR, "config.json");
+  let cloudPostgresUrl;
+  try {
+    if (existsSync16(configPath)) {
+      const cfg = JSON.parse(readFileSync12(configPath, "utf8"));
+      cloudPostgresUrl = cfg.cloud?.postgresUrl;
+      if (cfg.cloud?.syncToPostgres === false) {
+        _pgFailed = true;
+        return null;
+      }
+    }
+  } catch {
+  }
+  const url = postgresUrl || cloudPostgresUrl;
+  if (!url) {
+    _pgFailed = true;
+    return null;
+  }
+  if (!_pgPromise) {
+    _pgPromise = (async () => {
+      const { createRequire: createRequire3 } = await import("module");
+      const { pathToFileURL: pathToFileURL3 } = await import("url");
+      const exeDbRoot = process.env.EXE_DB_ROOT ?? path17.join(homedir2(), "exe-db");
+      const req = createRequire3(path17.join(exeDbRoot, "package.json"));
+      const entry = req.resolve("@prisma/client");
+      const mod = await import(pathToFileURL3(entry).href);
+      const Ctor = mod.PrismaClient ?? mod.default?.PrismaClient;
+      if (!Ctor) throw new Error("No PrismaClient");
+      return new Ctor();
+    })().catch(() => {
+      _pgFailed = true;
+      _pgPromise = null;
+      throw new Error("pg_unavailable");
+    });
+  }
+  return _pgPromise;
+}
+async function pushToPostgres(records) {
+  const loader = loadPgClient();
+  if (!loader) return 0;
+  let prisma;
+  try {
+    prisma = await loader;
+  } catch {
+    return 0;
+  }
+  let inserted = 0;
+  for (const rec of records) {
+    try {
+      await prisma.$executeRawUnsafe(
+        `INSERT INTO raw.raw_events (id, source, source_id, event_type, payload, metadata, timestamp)
+         VALUES (gen_random_uuid(), 'cloud_sync', $1, 'memory', $2::jsonb, $3::jsonb, $4)
+         ON CONFLICT (source, source_id, event_type) DO NOTHING`,
+        String(rec.id ?? ""),
+        JSON.stringify(rec),
+        JSON.stringify({ agent_id: rec.agent_id, project_name: rec.project_name, tool_name: rec.tool_name }),
+        rec.timestamp ? new Date(String(rec.timestamp)) : /* @__PURE__ */ new Date()
+      );
+      inserted++;
+    } catch {
+    }
+  }
+  return inserted;
+}
 async function withRosterLock(fn) {
   try {
     const fd = openSync2(ROSTER_LOCK_PATH, "wx");
     closeSync2(fd);
-    writeFileSync8(ROSTER_LOCK_PATH, String(Date.now()));
+    writeFileSync9(ROSTER_LOCK_PATH, String(Date.now()));
   } catch (err) {
     if (err.code === "EEXIST") {
       try {
-        const ts = parseInt(readFileSync11(ROSTER_LOCK_PATH, "utf-8"), 10);
+        const ts = parseInt(readFileSync12(ROSTER_LOCK_PATH, "utf-8"), 10);
         if (Date.now() - ts < LOCK_STALE_MS) {
           throw new Error("Roster merge already in progress \u2014 another sync is running");
         }
         unlinkSync6(ROSTER_LOCK_PATH);
         const fd = openSync2(ROSTER_LOCK_PATH, "wx");
         closeSync2(fd);
-        writeFileSync8(ROSTER_LOCK_PATH, String(Date.now()));
+        writeFileSync9(ROSTER_LOCK_PATH, String(Date.now()));
       } catch (retryErr) {
         if (retryErr instanceof Error && retryErr.message.includes("already in progress")) throw retryErr;
         throw new Error("Roster merge already in progress \u2014 another sync is running");
@@ -4343,6 +5349,10 @@ async function cloudSync(config) {
     const maxVersion = Number(records[records.length - 1].version);
     const pushOk = await cloudPush(records, maxVersion, config);
     if (!pushOk) break;
+    try {
+      await pushToPostgres(records);
+    } catch {
+    }
     await client.execute({
       sql: "INSERT OR REPLACE INTO sync_meta (key, value) VALUES ('last_cloud_push_version', ?)",
       args: [String(maxVersion)]
@@ -4447,8 +5457,8 @@ async function cloudSync(config) {
   try {
     const employees = await loadEmployees();
     rosterResult.employees = employees.length;
-    const idDir = path15.join(EXE_AI_DIR, "identity");
-    if (existsSync14(idDir)) {
+    const idDir = path17.join(EXE_AI_DIR, "identity");
+    if (existsSync16(idDir)) {
       rosterResult.identities = readdirSync5(idDir).filter((f) => f.endsWith(".md")).length;
     }
   } catch {
@@ -4469,62 +5479,62 @@ async function cloudSync(config) {
 function recordRosterDeletion(name) {
   let deletions = [];
   try {
-    if (existsSync14(ROSTER_DELETIONS_PATH)) {
-      deletions = JSON.parse(readFileSync11(ROSTER_DELETIONS_PATH, "utf-8"));
+    if (existsSync16(ROSTER_DELETIONS_PATH)) {
+      deletions = JSON.parse(readFileSync12(ROSTER_DELETIONS_PATH, "utf-8"));
     }
   } catch {
   }
   if (!deletions.includes(name)) deletions.push(name);
-  writeFileSync8(ROSTER_DELETIONS_PATH, JSON.stringify(deletions));
+  writeFileSync9(ROSTER_DELETIONS_PATH, JSON.stringify(deletions));
 }
 function consumeRosterDeletions() {
   try {
-    if (!existsSync14(ROSTER_DELETIONS_PATH)) return [];
-    const deletions = JSON.parse(readFileSync11(ROSTER_DELETIONS_PATH, "utf-8"));
-    writeFileSync8(ROSTER_DELETIONS_PATH, "[]");
+    if (!existsSync16(ROSTER_DELETIONS_PATH)) return [];
+    const deletions = JSON.parse(readFileSync12(ROSTER_DELETIONS_PATH, "utf-8"));
+    writeFileSync9(ROSTER_DELETIONS_PATH, "[]");
     return deletions;
   } catch {
     return [];
   }
 }
 function buildRosterBlob(paths) {
-  const rosterPath = paths?.rosterPath ?? path15.join(EXE_AI_DIR, "exe-employees.json");
-  const identityDir = paths?.identityDir ?? path15.join(EXE_AI_DIR, "identity");
-  const configPath = paths?.configPath ?? path15.join(EXE_AI_DIR, "config.json");
+  const rosterPath = paths?.rosterPath ?? path17.join(EXE_AI_DIR, "exe-employees.json");
+  const identityDir = paths?.identityDir ?? path17.join(EXE_AI_DIR, "identity");
+  const configPath = paths?.configPath ?? path17.join(EXE_AI_DIR, "config.json");
   let roster = [];
-  if (existsSync14(rosterPath)) {
+  if (existsSync16(rosterPath)) {
     try {
-      roster = JSON.parse(readFileSync11(rosterPath, "utf-8"));
+      roster = JSON.parse(readFileSync12(rosterPath, "utf-8"));
     } catch {
     }
   }
   const identities = {};
-  if (existsSync14(identityDir)) {
+  if (existsSync16(identityDir)) {
     for (const file of readdirSync5(identityDir).filter((f) => f.endsWith(".md"))) {
       try {
-        identities[file] = readFileSync11(path15.join(identityDir, file), "utf-8");
+        identities[file] = readFileSync12(path17.join(identityDir, file), "utf-8");
       } catch {
       }
     }
   }
   let config;
-  if (existsSync14(configPath)) {
+  if (existsSync16(configPath)) {
     try {
-      config = JSON.parse(readFileSync11(configPath, "utf-8"));
+      config = JSON.parse(readFileSync12(configPath, "utf-8"));
     } catch {
     }
   }
   let agentConfig;
-  const agentConfigPath = path15.join(EXE_AI_DIR, "agent-config.json");
-  if (existsSync14(agentConfigPath)) {
+  const agentConfigPath = path17.join(EXE_AI_DIR, "agent-config.json");
+  if (existsSync16(agentConfigPath)) {
     try {
-      agentConfig = JSON.parse(readFileSync11(agentConfigPath, "utf-8"));
+      agentConfig = JSON.parse(readFileSync12(agentConfigPath, "utf-8"));
     } catch {
     }
   }
   const deletedNames = consumeRosterDeletions();
   const content = JSON.stringify({ roster, identities, config, agentConfig, deletedNames });
-  const hash = crypto3.createHash("sha256").update(content).digest("hex").slice(0, 16);
+  const hash = crypto4.createHash("sha256").update(content).digest("hex").slice(0, 16);
   return { roster, identities, config, agentConfig, deletedNames, version: hash };
 }
 async function cloudPushRoster(config) {
@@ -4594,23 +5604,24 @@ async function cloudPullRoster(config) {
   }
 }
 function mergeConfig(remoteConfig, configPath) {
-  const cfgPath = configPath ?? path15.join(EXE_AI_DIR, "config.json");
+  const cfgPath = configPath ?? path17.join(EXE_AI_DIR, "config.json");
   let local = {};
-  if (existsSync14(cfgPath)) {
+  if (existsSync16(cfgPath)) {
     try {
-      local = JSON.parse(readFileSync11(cfgPath, "utf-8"));
+      local = JSON.parse(readFileSync12(cfgPath, "utf-8"));
     } catch {
     }
   }
   const merged = { ...remoteConfig, ...local };
-  const dir = path15.dirname(cfgPath);
-  if (!existsSync14(dir)) mkdirSync8(dir, { recursive: true });
-  writeFileSync8(cfgPath, JSON.stringify(merged, null, 2), "utf-8");
+  const dir = path17.dirname(cfgPath);
+  ensurePrivateDirSync(dir);
+  writeFileSync9(cfgPath, JSON.stringify(merged, null, 2), "utf-8");
+  enforcePrivateFileSync(cfgPath);
 }
 async function mergeRosterFromRemote(remote, paths) {
   return withRosterLock(async () => {
     const rosterPath = paths?.rosterPath ?? void 0;
-    const identityDir = paths?.identityDir ?? path15.join(EXE_AI_DIR, "identity");
+    const identityDir = paths?.identityDir ?? path17.join(EXE_AI_DIR, "identity");
     const localEmployees = await loadEmployees(rosterPath);
     const localNames = new Set(localEmployees.map((e) => e.name));
     let added = 0;
@@ -4631,15 +5642,15 @@ async function mergeRosterFromRemote(remote, paths) {
       ) ?? lookupKey;
       const remoteIdentity = remote.identities[matchedKey];
       if (remoteIdentity) {
-        if (!existsSync14(identityDir)) mkdirSync8(identityDir, { recursive: true });
-        const idPath = path15.join(identityDir, `${remoteEmp.name}.md`);
+        if (!existsSync16(identityDir)) mkdirSync8(identityDir, { recursive: true });
+        const idPath = path17.join(identityDir, `${remoteEmp.name}.md`);
         let localIdentity = null;
         try {
-          localIdentity = existsSync14(idPath) ? readFileSync11(idPath, "utf-8") : null;
+          localIdentity = existsSync16(idPath) ? readFileSync12(idPath, "utf-8") : null;
         } catch {
         }
         if (localIdentity !== remoteIdentity) {
-          writeFileSync8(idPath, remoteIdentity, "utf-8");
+          writeFileSync9(idPath, remoteIdentity, "utf-8");
           identitiesUpdated++;
         }
       }
@@ -4665,16 +5676,18 @@ async function mergeRosterFromRemote(remote, paths) {
     }
     if (remote.agentConfig && Object.keys(remote.agentConfig).length > 0) {
       try {
-        const agentConfigPath = path15.join(EXE_AI_DIR, "agent-config.json");
+        const agentConfigPath = path17.join(EXE_AI_DIR, "agent-config.json");
         let local = {};
-        if (existsSync14(agentConfigPath)) {
+        if (existsSync16(agentConfigPath)) {
           try {
-            local = JSON.parse(readFileSync11(agentConfigPath, "utf-8"));
+            local = JSON.parse(readFileSync12(agentConfigPath, "utf-8"));
           } catch {
           }
         }
         const merged = { ...remote.agentConfig, ...local };
-        writeFileSync8(agentConfigPath, JSON.stringify(merged, null, 2) + "\n", "utf-8");
+        ensurePrivateDirSync(path17.dirname(agentConfigPath));
+        writeFileSync9(agentConfigPath, JSON.stringify(merged, null, 2) + "\n", "utf-8");
+        enforcePrivateFileSync(agentConfigPath);
       } catch {
       }
     }
@@ -5098,7 +6111,7 @@ async function cloudPullDocuments(config) {
   }
   return { pulled };
 }
-var LOCALHOST_PATTERNS, FETCH_TIMEOUT_MS, PUSH_BATCH_SIZE, ROSTER_LOCK_PATH, LOCK_STALE_MS, ROSTER_DELETIONS_PATH;
+var LOCALHOST_PATTERNS, FETCH_TIMEOUT_MS, PUSH_BATCH_SIZE, ROSTER_LOCK_PATH, LOCK_STALE_MS, _pgPromise, _pgFailed, ROSTER_DELETIONS_PATH;
 var init_cloud_sync = __esm({
   "src/lib/cloud-sync.ts"() {
     "use strict";
@@ -5109,12 +6122,15 @@ var init_cloud_sync = __esm({
     init_config();
     init_crdt_sync();
     init_employees();
+    init_secure_files();
     LOCALHOST_PATTERNS = /^(localhost|127\.0\.0\.1|\[::1\])$/i;
     FETCH_TIMEOUT_MS = 3e4;
     PUSH_BATCH_SIZE = 5e3;
-    ROSTER_LOCK_PATH = path15.join(EXE_AI_DIR, "roster-merge.lock");
+    ROSTER_LOCK_PATH = path17.join(EXE_AI_DIR, "roster-merge.lock");
     LOCK_STALE_MS = 3e4;
-    ROSTER_DELETIONS_PATH = path15.join(EXE_AI_DIR, "roster-deletions.json");
+    _pgPromise = null;
+    _pgFailed = false;
+    ROSTER_DELETIONS_PATH = path17.join(EXE_AI_DIR, "roster-deletions.json");
   }
 });
 
@@ -5481,10 +6497,10 @@ init_database();
 init_notifications();
 init_task_scope();
 init_employees();
-import crypto4 from "crypto";
+import crypto5 from "crypto";
 import { execSync as execSync4 } from "child_process";
-import { existsSync as existsSync15, mkdirSync as mkdirSync9, openSync as openSync3, closeSync as closeSync3 } from "fs";
-import path16 from "path";
+import { existsSync as existsSync17, mkdirSync as mkdirSync9, openSync as openSync3, closeSync as closeSync3 } from "fs";
+import path18 from "path";
 async function main() {
   const agentId = process.env.AGENT_ID ?? "default";
   const agentRole = process.env.AGENT_ROLE ?? "employee";
@@ -5564,7 +6580,7 @@ async function main() {
   if (limitReached) {
   } else {
     await writeMemory({
-      id: crypto4.randomUUID(),
+      id: crypto5.randomUUID(),
       agent_id: agentId,
       agent_role: agentRole,
       session_id: `auto-summary-${Date.now()}`,
@@ -5619,8 +6635,8 @@ async function main() {
     }
     try {
       const { EXE_AI_DIR: EXE_AI_DIR2 } = await Promise.resolve().then(() => (init_config(), config_exports));
-      const flagPath = path16.join(EXE_AI_DIR2, "session-cache", "needs-backfill");
-      if (existsSync15(flagPath)) {
+      const flagPath = path18.join(EXE_AI_DIR2, "session-cache", "needs-backfill");
+      if (existsSync17(flagPath)) {
         const { tryAcquireWorkerSlot: tryAcquireWorkerSlot2, registerWorkerPid: registerWorkerPid2 } = await Promise.resolve().then(() => (init_worker_gate(), worker_gate_exports));
         if (!tryAcquireWorkerSlot2()) {
           process.stderr.write("[summary-worker] Backfill needed but worker gate full \u2014 skipping\n");
@@ -5628,11 +6644,11 @@ async function main() {
           const { spawn: spawn2 } = await import("child_process");
           const { fileURLToPath: fileURLToPath3 } = await import("url");
           const thisFile = fileURLToPath3(import.meta.url);
-          const backfillPath = path16.resolve(path16.dirname(thisFile), "backfill-vectors.js");
-          if (existsSync15(backfillPath)) {
+          const backfillPath = path18.resolve(path18.dirname(thisFile), "backfill-vectors.js");
+          if (existsSync17(backfillPath)) {
             const { EXE_AI_DIR: exeDir2 } = await Promise.resolve().then(() => (init_config(), config_exports));
-            const bLogPath = path16.join(exeDir2, "workers.log");
-            mkdirSync9(path16.dirname(bLogPath), { recursive: true });
+            const bLogPath = path18.join(exeDir2, "workers.log");
+            mkdirSync9(path18.dirname(bLogPath), { recursive: true });
             const bLogFd = openSync3(bLogPath, "a");
             const child = spawn2(process.execPath, [backfillPath], {
               detached: true,