@askexenow/exe-os 0.9.77 → 0.9.78

package/dist/lib/exe-daemon.js

@@ -5799,7 +5799,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -5881,7 +5881,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
       },
       {
         title: "MCP tools \u2014 communication and messaging",
@@ -18386,12 +18386,13 @@ function assertSecureGatewayUrlForToken(gatewayUrl, authToken) {
     `Insecure Company Brain gateway URL rejected: "${gatewayUrl}". Bearer tokens require https:// for remote hosts; plain http:// is only allowed for localhost or Docker-internal gateway services.`
   );
 }
-function formatSuccess(query, scope, payload) {
+function formatSuccess(query, scope, payload, action) {
   const pretty = typeof payload === "string" ? payload : JSON.stringify(payload, null, 2);
   return [
     `# Company Brain Query`,
     "",
-    `query: ${query}`,
+    `action: ${action}`,
+    ...query ? [`query: ${query}`] : [],
     `scope: ${scope}`,
     "",
     pretty
@@ -18404,16 +18405,24 @@ function registerQueryCompanyBrain(server) {
       title: "Query Company Brain",
       description: "Search the Company Brain \u2014 queries across all data (raw events, wiki docs, agent memories, gateway messages).",
       inputSchema: {
-        query: z39.string().min(1).describe("Search text"),
-        scope: QUERY_SCOPE.default("all").describe("Which data scope to search"),
+        action: QUERY_ACTION.default("search").describe("search = search exe-db; list_sources = list available raw/CRM/wiki/memory/gateway sources"),
+        query: z39.string().optional().describe("Search text. Required for action=search."),
+        scope: QUERY_SCOPE.default("all").describe("Which data scope to search/read (raw, crm, wiki, memory, gateway, all)"),
         source: z39.string().optional().describe("Filter raw events by source (shopify, asana, etc.)"),
         limit: z39.coerce.number().int().min(1).max(100).default(20).describe("Max results per scope")
       }
     },
-    async ({ query, scope, source, limit }) => {
+    async ({ action, query, scope, source, limit }) => {
+      const resolvedAction = action ?? "search";
+      if (resolvedAction === "search" && !query?.trim()) {
+        return {
+          content: [{ type: "text", text: "query is required when action=search" }],
+          isError: true
+        };
+      }
       const config2 = await loadConfig();
       const gatewayUrl = config2.gateway?.url || process.env.EXE_GATEWAY_URL;
-      const authToken = config2.gateway?.authToken || process.env.EXE_GATEWAY_AUTH_TOKEN;
+      const authToken = config2.gateway?.authToken || process.env.EXE_GATEWAY_QUERY_AUTH_TOKEN || process.env.EXE_COMPANY_BRAIN_AUTH_TOKEN || process.env.EXE_GATEWAY_AUTH_TOKEN;
       if (!gatewayUrl) {
         return {
           content: [
@@ -18439,7 +18448,7 @@ function registerQueryCompanyBrain(server) {
       }
       let url;
       try {
-        url = new URL("/query", gatewayUrl);
+        url = new URL(resolvedAction === "list_sources" ? "/query/sources" : "/query", gatewayUrl);
       } catch (err) {
         return {
           content: [
@@ -18451,10 +18460,12 @@ function registerQueryCompanyBrain(server) {
           isError: true
         };
       }
-      url.searchParams.set("q", query);
-      url.searchParams.set("scope", scope);
-      if (source) url.searchParams.set("source", source);
-      url.searchParams.set("limit", String(limit));
+      if (resolvedAction === "search") {
+        url.searchParams.set("q", query.trim());
+        url.searchParams.set("scope", scope);
+        if (source) url.searchParams.set("source", source);
+        url.searchParams.set("limit", String(limit));
+      }
       try {
         const response = await fetch(url.toString(), {
           headers: authToken ? { Authorization: `Bearer ${authToken}` } : {},
@@ -18478,7 +18489,7 @@ function registerQueryCompanyBrain(server) {
           content: [
             {
               type: "text",
-              text: formatSuccess(query, scope, payload)
+              text: formatSuccess(query?.trim(), scope, payload, resolvedAction)
             }
           ]
         };
@@ -18496,13 +18507,14 @@ function registerQueryCompanyBrain(server) {
     }
   );
 }
-var FETCH_TIMEOUT_MS, QUERY_SCOPE, LOCAL_GATEWAY_HTTP_HOSTS;
+var FETCH_TIMEOUT_MS, QUERY_SCOPE, QUERY_ACTION, LOCAL_GATEWAY_HTTP_HOSTS;
 var init_query_company_brain = __esm({
   "src/mcp/tools/query-company-brain.ts"() {
     "use strict";
     init_config();
     FETCH_TIMEOUT_MS = 1e4;
-    QUERY_SCOPE = z39.enum(["raw", "wiki", "memory", "gateway", "all"]);
+    QUERY_SCOPE = z39.enum(["raw", "crm", "wiki", "memory", "gateway", "all"]);
+    QUERY_ACTION = z39.enum(["search", "list_sources"]);
     LOCAL_GATEWAY_HTTP_HOSTS = /^(localhost|127\.0\.0\.1|::1|exe-gateway|gateway)$/i;
   }
 });

package/dist/lib/hybrid-search.js

@@ -4132,7 +4132,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -4214,7 +4214,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
       },
       {
         title: "MCP tools \u2014 communication and messaging",

package/dist/lib/schedules.js

@@ -3361,7 +3361,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -3443,7 +3443,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
       },
       {
         title: "MCP tools \u2014 communication and messaging",

package/dist/lib/store.js

@@ -3361,7 +3361,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -3443,7 +3443,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
       },
       {
         title: "MCP tools \u2014 communication and messaging",

package/dist/mcp/server.js

@@ -4781,7 +4781,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -4863,7 +4863,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
       },
       {
         title: "MCP tools \u2014 communication and messaging",
@@ -17717,7 +17717,8 @@ function registerQueryConversations(server2) {
 init_config();
 import { z as z39 } from "zod";
 var FETCH_TIMEOUT_MS = 1e4;
-var QUERY_SCOPE = z39.enum(["raw", "wiki", "memory", "gateway", "all"]);
+var QUERY_SCOPE = z39.enum(["raw", "crm", "wiki", "memory", "gateway", "all"]);
+var QUERY_ACTION = z39.enum(["search", "list_sources"]);
 var LOCAL_GATEWAY_HTTP_HOSTS = /^(localhost|127\.0\.0\.1|::1|exe-gateway|gateway)$/i;
 function assertSecureGatewayUrlForToken(gatewayUrl, authToken) {
   if (!authToken) return;
@@ -17733,12 +17734,13 @@ function assertSecureGatewayUrlForToken(gatewayUrl, authToken) {
     `Insecure Company Brain gateway URL rejected: "${gatewayUrl}". Bearer tokens require https:// for remote hosts; plain http:// is only allowed for localhost or Docker-internal gateway services.`
   );
 }
-function formatSuccess(query, scope, payload) {
+function formatSuccess(query, scope, payload, action) {
   const pretty = typeof payload === "string" ? payload : JSON.stringify(payload, null, 2);
   return [
     `# Company Brain Query`,
     "",
-    `query: ${query}`,
+    `action: ${action}`,
+    ...query ? [`query: ${query}`] : [],
     `scope: ${scope}`,
     "",
     pretty
@@ -17751,16 +17753,24 @@ function registerQueryCompanyBrain(server2) {
       title: "Query Company Brain",
       description: "Search the Company Brain \u2014 queries across all data (raw events, wiki docs, agent memories, gateway messages).",
       inputSchema: {
-        query: z39.string().min(1).describe("Search text"),
-        scope: QUERY_SCOPE.default("all").describe("Which data scope to search"),
+        action: QUERY_ACTION.default("search").describe("search = search exe-db; list_sources = list available raw/CRM/wiki/memory/gateway sources"),
+        query: z39.string().optional().describe("Search text. Required for action=search."),
+        scope: QUERY_SCOPE.default("all").describe("Which data scope to search/read (raw, crm, wiki, memory, gateway, all)"),
         source: z39.string().optional().describe("Filter raw events by source (shopify, asana, etc.)"),
         limit: z39.coerce.number().int().min(1).max(100).default(20).describe("Max results per scope")
       }
     },
-    async ({ query, scope, source, limit }) => {
+    async ({ action, query, scope, source, limit }) => {
+      const resolvedAction = action ?? "search";
+      if (resolvedAction === "search" && !query?.trim()) {
+        return {
+          content: [{ type: "text", text: "query is required when action=search" }],
+          isError: true
+        };
+      }
       const config2 = await loadConfig();
       const gatewayUrl = config2.gateway?.url || process.env.EXE_GATEWAY_URL;
-      const authToken = config2.gateway?.authToken || process.env.EXE_GATEWAY_AUTH_TOKEN;
+      const authToken = config2.gateway?.authToken || process.env.EXE_GATEWAY_QUERY_AUTH_TOKEN || process.env.EXE_COMPANY_BRAIN_AUTH_TOKEN || process.env.EXE_GATEWAY_AUTH_TOKEN;
       if (!gatewayUrl) {
         return {
           content: [
@@ -17786,7 +17796,7 @@ function registerQueryCompanyBrain(server2) {
       }
       let url;
       try {
-        url = new URL("/query", gatewayUrl);
+        url = new URL(resolvedAction === "list_sources" ? "/query/sources" : "/query", gatewayUrl);
       } catch (err) {
         return {
           content: [
@@ -17798,10 +17808,12 @@ function registerQueryCompanyBrain(server2) {
           isError: true
         };
       }
-      url.searchParams.set("q", query);
-      url.searchParams.set("scope", scope);
-      if (source) url.searchParams.set("source", source);
-      url.searchParams.set("limit", String(limit));
+      if (resolvedAction === "search") {
+        url.searchParams.set("q", query.trim());
+        url.searchParams.set("scope", scope);
+        if (source) url.searchParams.set("source", source);
+        url.searchParams.set("limit", String(limit));
+      }
       try {
         const response = await fetch(url.toString(), {
           headers: authToken ? { Authorization: `Bearer ${authToken}` } : {},
@@ -17825,7 +17837,7 @@ function registerQueryCompanyBrain(server2) {
           content: [
             {
               type: "text",
-              text: formatSuccess(query, scope, payload)
+              text: formatSuccess(query?.trim(), scope, payload, resolvedAction)
             }
           ]
         };

package/dist/runtime/index.js

@@ -7957,7 +7957,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -8039,7 +8039,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
       },
       {
         title: "MCP tools \u2014 communication and messaging",

package/dist/tui/App.js

@@ -8929,7 +8929,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -9011,7 +9011,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
       },
       {
         title: "MCP tools \u2014 communication and messaging",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askexenow/exe-os",
-  "version": "0.9.77",
+  "version": "0.9.78",
   "description": "AI employee operating system — persistent memory, task management, and multi-agent coordination for Claude Code.",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",