@askexenow/exe-os 0.9.78 → 0.9.80

package/dist/lib/exe-daemon.js

@@ -5348,8 +5348,8 @@ function deriveMachineKey() {
 }
 function readMachineId() {
   try {
-    const { readFileSync: readFileSync40 } = __require("fs");
-    return readFileSync40("/etc/machine-id", "utf-8").trim();
+    const { readFileSync: readFileSync41 } = __require("fs");
+    return readFileSync41("/etc/machine-id", "utf-8").trim();
   } catch {
     return "";
   }
@@ -5799,7 +5799,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, call support_test (MCP) and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues; only ask the founder to run `exe-os support test` if MCP is disconnected/unavailable. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -5881,7 +5881,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. support_health: check local support readiness and AskExe support server health without filing a report. support_test: file a safe end-to-end smoke report. Customers only get report/test access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, call support_test first; only fall back to the terminal command `exe-os support test` when MCP is disconnected."
       },
       {
         title: "MCP tools \u2014 communication and messaging",
@@ -7175,8 +7175,8 @@ async function embedDirect(text3) {
   const llamaCpp = await import("node-llama-cpp");
   const { MODELS_DIR: MODELS_DIR2 } = await Promise.resolve().then(() => (init_config(), config_exports));
   const { existsSync: existsSync47 } = await import("fs");
-  const path60 = await import("path");
-  const modelPath = path60.join(MODELS_DIR2, "jina-embeddings-v5-small-q4_k_m.gguf");
+  const path61 = await import("path");
+  const modelPath = path61.join(MODELS_DIR2, "jina-embeddings-v5-small-q4_k_m.gguf");
   if (!existsSync47(modelPath)) {
     throw new Error(`Embedding model not found at ${modelPath}. Run '/exe-setup' to download it.`);
   }
@@ -8268,10 +8268,10 @@ async function hybridSearch(queryText, agentId, options) {
     };
     try {
       const fs = await import("fs");
-      const path60 = await import("path");
+      const path61 = await import("path");
       const os25 = await import("os");
-      const logPath = path60.join(os25.homedir(), ".exe-os", "search-quality.jsonl");
-      fs.mkdirSync(path60.dirname(logPath), { recursive: true });
+      const logPath = path61.join(os25.homedir(), ".exe-os", "search-quality.jsonl");
+      fs.mkdirSync(path61.dirname(logPath), { recursive: true });
       fs.appendFileSync(logPath, JSON.stringify(logEntry) + "\n");
     } catch {
     }
@@ -9904,8 +9904,8 @@ __export(wiki_client_exports, {
   listDocuments: () => listDocuments,
   listWorkspaces: () => listWorkspaces
 });
-async function wikiFetch(config2, path60, method = "GET", body) {
-  const url = `${config2.baseUrl}/api/v1${path60}`;
+async function wikiFetch(config2, path61, method = "GET", body) {
+  const url = `${config2.baseUrl}/api/v1${path61}`;
   const headers = {
     Authorization: `Bearer ${config2.apiKey}`,
     "Content-Type": "application/json"
@@ -9938,7 +9938,7 @@ async function wikiFetch(config2, path60, method = "GET", body) {
       }
     }
     if (!response.ok) {
-      throw new Error(`Wiki API ${method} ${path60}: ${response.status} ${response.statusText}`);
+      throw new Error(`Wiki API ${method} ${path61}: ${response.status} ${response.statusText}`);
     }
     return response.json();
   } finally {
@@ -15516,7 +15516,7 @@ function registerCreateTask(server) {
         skipDispatch: true
       });
       try {
-        const { existsSync: existsSync47, mkdirSync: mkdirSync25, writeFileSync: writeFileSync29 } = await import("fs");
+        const { existsSync: existsSync47, mkdirSync: mkdirSync26, writeFileSync: writeFileSync30 } = await import("fs");
         const { identityPath: identityPath2 } = await Promise.resolve().then(() => (init_identity(), identity_exports));
         const idPath = identityPath2(assigned_to);
         if (!existsSync47(idPath)) {
@@ -15528,8 +15528,8 @@ function registerCreateTask(server) {
             const template = getTemplateForTitle2(emp.role);
             if (template) {
               const dir = (await import("path")).dirname(idPath);
-              if (!existsSync47(dir)) mkdirSync25(dir, { recursive: true });
-              writeFileSync29(idPath, template.replace(/^agent_id: \w+/m, `agent_id: ${assigned_to}`), "utf-8");
+              if (!existsSync47(dir)) mkdirSync26(dir, { recursive: true });
+              writeFileSync30(idPath, template.replace(/^agent_id: \w+/m, `agent_id: ${assigned_to}`), "utf-8");
             }
           }
         }
@@ -19025,12 +19025,12 @@ function registerExportGraph(server) {
         }
         const html = await exportGraphHTML(client);
         const fs = await import("fs");
-        const path60 = await import("path");
+        const path61 = await import("path");
         const os25 = await import("os");
-        const outDir = path60.join(os25.homedir(), ".exe-os", "exports");
+        const outDir = path61.join(os25.homedir(), ".exe-os", "exports");
         fs.mkdirSync(outDir, { recursive: true });
         const timestamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-").slice(0, 19);
-        const filePath = path60.join(outDir, `graph-${timestamp}.html`);
+        const filePath = path61.join(outDir, `graph-${timestamp}.html`);
         fs.writeFileSync(filePath, html, "utf-8");
         return {
           content: [
@@ -26115,9 +26115,9 @@ var init_hostinger_api = __esm({
         }
         this.lastRequestTime = Date.now();
       }
-      async request(method, path60, body) {
+      async request(method, path61, body) {
         await this.rateLimit();
-        const url = `${this.baseUrl}${path60}`;
+        const url = `${this.baseUrl}${path61}`;
         const headers = {
           Authorization: `Bearer ${this.apiKey}`,
           "Content-Type": "application/json",
@@ -26186,8 +26186,8 @@ async function requestCloudflare(cfApiToken, zoneId, options) {
   }
   return envelope.result;
 }
-function buildUrl(zoneId, path60 = "/dns_records", query) {
-  const normalizedPath = path60.startsWith("/") ? path60 : `/${path60}`;
+function buildUrl(zoneId, path61 = "/dns_records", query) {
+  const normalizedPath = path61.startsWith("/") ? path61 : `/${path61}`;
   const url = new URL(
     `${CLOUDFLARE_API_BASE_URL}/zones/${zoneId}${normalizedPath}`
   );
@@ -30073,8 +30073,296 @@ var init_create_bug_report = __esm({
   }
 });
 
-// src/lib/session-events.ts
+// src/bin/exe-support.ts
+import { mkdirSync as mkdirSync21, readFileSync as readFileSync35, unlinkSync as unlinkSync13, writeFileSync as writeFileSync24 } from "fs";
+import path54 from "path";
 import { randomUUID as randomUUID9 } from "crypto";
+async function runHealth() {
+  const checks = [];
+  const endpoints = await resolveEndpoints();
+  checks.push(checkLocalWrite());
+  checks.push({
+    check: "license_key_present",
+    level: loadLicense() ? "pass" : "fail",
+    detail: loadLicense() ? "license.key found" : "missing ~/.exe-os/license.key; run exe-os setup or exe-os cloud setup",
+    next: loadLicense() ? void 0 : "Run `exe-os setup` or ask AskExe for the customer license key."
+  });
+  checks.push({
+    check: "license_token_cached",
+    level: readCachedLicenseToken() ? "pass" : "warn",
+    detail: readCachedLicenseToken() ? "cached license token found" : "no cached token yet; support can still use license.key",
+    next: readCachedLicenseToken() ? void 0 : "This is OK if license.key exists. It refreshes after cloud/license validation."
+  });
+  try {
+    const res = await fetch(endpoints.healthEndpoint, { method: "GET", signal: AbortSignal.timeout(1e4) });
+    const body = await safeJson2(res);
+    checks.push({
+      check: "support_health_endpoint",
+      level: res.ok && body?.status !== "down" ? "pass" : "fail",
+      detail: `${res.status} ${body?.status ?? res.statusText}`,
+      next: res.ok ? void 0 : "Check internet access, DNS, or AskExe support status."
+    });
+    for (const remote of body?.checks ?? []) {
+      const name = remote.name ?? "unknown";
+      checks.push({
+        check: `server_${name}`,
+        level: remote.ok === true ? "pass" : name === "admin_inbox_configured" ? "warn" : "fail",
+        detail: remote.detail ?? (remote.ok ? "ok" : "failed"),
+        next: remote.ok ? void 0 : "AskExe must fix this server-side."
+      });
+    }
+  } catch (err) {
+    checks.push({
+      check: "support_health_endpoint",
+      level: "fail",
+      detail: err instanceof Error ? err.message : String(err),
+      next: "Check internet access, then run `exe-os support health` again."
+    });
+  }
+  return checks;
+}
+async function runTest(project) {
+  const checks = await runHealth();
+  const endpoints = await resolveEndpoints();
+  const licenseKey = loadLicense();
+  const licenseToken = readCachedLicenseToken();
+  const id = randomUUID9();
+  const version = readPackageVersion2();
+  const reportPath = writeLocalTestReport(id, project, version);
+  checks.push({ check: "local_report_file", level: "pass", detail: reportPath });
+  if (!licenseKey && !licenseToken) {
+    checks.push({
+      check: "upstream_post",
+      level: "fail",
+      detail: "not sent because this device has no license key/token",
+      next: "Run `exe-os setup` or ask AskExe to provision this customer device."
+    });
+    return checks;
+  }
+  const payload = {
+    id,
+    title: `TEST \u2014 ${project} support intake (${version})`,
+    classification: "unclear",
+    severity: "p3",
+    summary: "Synthetic exe-os support intake smoke test. Safe to close.",
+    customer_impact: "No customer impact; diagnostic only.",
+    reproduction_steps: ["Run exe-os support test"],
+    expected: "The report reaches AskExe support intake and can be triaged.",
+    actual: "Smoke test submitted by exe-os support test.",
+    package_version: `@askexenow/exe-os@${version}`,
+    project_name: project,
+    agent_id: "support-test",
+    agent_role: "diagnostic",
+    report_path: reportPath,
+    markdown: readFileSync35(reportPath, "utf8")
+  };
+  try {
+    const headers = { "content-type": "application/json" };
+    if (licenseKey) headers["x-exe-license-key"] = licenseKey;
+    if (licenseToken) headers["x-exe-license-token"] = licenseToken;
+    const res = await fetch(endpoints.bugEndpoint, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(payload),
+      signal: AbortSignal.timeout(15e3)
+    });
+    const data = await safeJson2(res);
+    checks.push({
+      check: "upstream_post",
+      level: res.ok ? "pass" : "fail",
+      detail: res.ok ? `sent id=${String(data?.id ?? id)}` : summarizeHttpFailure(res.status, data),
+      next: res.ok ? void 0 : nextForPostFailure(res.status)
+    });
+    if (res.ok) {
+      checks.push(await maybeCloseAdmin(String(data?.id ?? id), endpoints.adminEndpoint, version));
+    }
+  } catch (err) {
+    checks.push({
+      check: "upstream_post",
+      level: "fail",
+      detail: err instanceof Error ? err.message : String(err),
+      next: "Check internet access, then run `exe-os support test` again."
+    });
+  }
+  return checks;
+}
+async function resolveEndpoints() {
+  const config2 = await loadConfig();
+  const bugEndpoint = process.env.EXE_SUPPORT_BUG_REPORT_ENDPOINT ?? config2.support?.bugReportEndpoint ?? DEFAULT_BUG_ENDPOINT;
+  const healthEndpoint = process.env.EXE_SUPPORT_HEALTH_ENDPOINT ?? bugEndpoint.replace(/\/bug-reports\/?$/, "/health");
+  const adminEndpoint = process.env.ASKEXE_SUPPORT_ADMIN_ENDPOINT ?? process.env.EXE_SUPPORT_ADMIN_ENDPOINT ?? DEFAULT_ADMIN_ENDPOINT;
+  return { bugEndpoint, healthEndpoint, adminEndpoint };
+}
+function checkLocalWrite() {
+  const dir = path54.join(EXE_AI_DIR, "bug-reports");
+  const testPath = path54.join(dir, ".support-write-test");
+  try {
+    mkdirSync21(dir, { recursive: true, mode: 448 });
+    writeFileSync24(testPath, "ok\n", { mode: 384 });
+    unlinkSync13(testPath);
+    return { check: "local_bug_report_dir_writable", level: "pass", detail: dir };
+  } catch (err) {
+    return {
+      check: "local_bug_report_dir_writable",
+      level: "fail",
+      detail: err instanceof Error ? err.message : String(err),
+      next: "Fix permissions on ~/.exe-os or rerun setup on a writable user account."
+    };
+  }
+}
+function writeLocalTestReport(id, project, version) {
+  const dir = path54.join(EXE_AI_DIR, "bug-reports");
+  mkdirSync21(dir, { recursive: true, mode: 448 });
+  const date = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+  const filePath = path54.join(dir, `${date}-support-intake-test-${id.slice(0, 8)}.md`);
+  writeFileSync24(filePath, `# TEST \u2014 ${project} support intake
+
+Report ID: ${id}
+Package: @askexenow/exe-os@${version}
+
+Synthetic smoke test from \`exe-os support test\`. Safe to close.
+`, { mode: 384 });
+  return filePath;
+}
+async function maybeCloseAdmin(id, adminEndpoint, version) {
+  const token = process.env.ASKEXE_SUPPORT_ADMIN_TOKEN ?? process.env.EXE_SUPPORT_ADMIN_TOKEN;
+  if (!token) {
+    return { check: "askexe_admin_autoclose", level: "warn", detail: "skipped; admin token is AskExe-only" };
+  }
+  try {
+    const res = await fetch(`${adminEndpoint}/${encodeURIComponent(id)}`, {
+      method: "PATCH",
+      headers: { authorization: `Bearer ${token}`, "content-type": "application/json" },
+      body: JSON.stringify({
+        status: "closed",
+        triage_notes: "Auto-closed synthetic support smoke test.",
+        fixed_version: version
+      }),
+      signal: AbortSignal.timeout(1e4)
+    });
+    return {
+      check: "askexe_admin_autoclose",
+      level: res.ok ? "pass" : "warn",
+      detail: res.ok ? "closed" : `${res.status} ${await res.text()}`,
+      next: res.ok ? void 0 : "Report was sent; AskExe can close the smoke report manually."
+    };
+  } catch (err) {
+    return {
+      check: "askexe_admin_autoclose",
+      level: "warn",
+      detail: err instanceof Error ? err.message : String(err),
+      next: "Report was sent; AskExe can close the smoke report manually."
+    };
+  }
+}
+function readPackageVersion2() {
+  let dir = path54.dirname(new URL(import.meta.url).pathname);
+  for (let i = 0; i < 6; i++) {
+    const pkg = path54.join(dir, "package.json");
+    try {
+      const parsed = JSON.parse(readFileSync35(pkg, "utf8"));
+      if (parsed.version) return parsed.version;
+    } catch {
+    }
+    dir = path54.dirname(dir);
+  }
+  return "unknown";
+}
+async function safeJson2(res) {
+  try {
+    return await res.json();
+  } catch {
+    return null;
+  }
+}
+function hasFailures(rows) {
+  return rows.some((row) => row.level === "fail");
+}
+function summarizeHttpFailure(status, data) {
+  const error = data?.error;
+  return `${status} ${error?.message ?? JSON.stringify(data)}`;
+}
+function nextForPostFailure(status) {
+  if (status === 401) return "License credentials were not sent. Run `exe-os support health` and check license_key_present.";
+  if (status === 403) return "License is valid locally but not accepted by support intake. AskExe must check server-side license provisioning.";
+  if (status >= 500) return "AskExe support intake is unhealthy server-side. Try again shortly and report the local file path.";
+  return "Run `exe-os support health`; if it passes, send this output to AskExe.";
+}
+var DEFAULT_BUG_ENDPOINT, DEFAULT_ADMIN_ENDPOINT;
+var init_exe_support = __esm({
+  "src/bin/exe-support.ts"() {
+    "use strict";
+    init_config();
+    init_license();
+    DEFAULT_BUG_ENDPOINT = "https://askexe.com/v1/support/bug-reports";
+    DEFAULT_ADMIN_ENDPOINT = "https://askexe.com/admin/support/bug-reports";
+  }
+});
+
+// src/mcp/tools/support.ts
+import { z as z88 } from "zod";
+function formatRows(rows, mode) {
+  const lines = [`exe-os support ${mode}`, ""];
+  for (const row of rows) {
+    const icon = row.level === "pass" ? "\u2705" : row.level === "warn" ? "\u26A0\uFE0F" : "\u274C";
+    lines.push(`${icon} ${row.check}: ${row.detail}`);
+    if (row.next) lines.push(`   \u2192 ${row.next}`);
+  }
+  lines.push("");
+  if (hasFailures(rows)) {
+    lines.push("Result: not ready. Fix the failed item(s), then rerun this tool.");
+  } else if (rows.some((row) => row.level === "warn")) {
+    lines.push("Result: ready with warnings. Bug reports can be sent; warnings are informational unless AskExe asked for stricter validation.");
+  } else {
+    lines.push(mode === "test" ? "Result: ready. AskExe received the test report." : "Result: ready. Use support_test for an end-to-end send test.");
+  }
+  return lines.join("\n");
+}
+function registerSupportTools(server) {
+  server.registerTool(
+    "support_health",
+    {
+      title: "Support Health",
+      description: "Customer-safe support intake health check. Verifies local bug-report directory, license presence, and AskExe support server health without filing a report.",
+      inputSchema: {}
+    },
+    async () => {
+      const checks = await runHealth();
+      return {
+        content: [{ type: "text", text: formatRows(checks, "health") }],
+        structuredContent: { ok: !hasFailures(checks), checks },
+        isError: hasFailures(checks)
+      };
+    }
+  );
+  server.registerTool(
+    "support_test",
+    {
+      title: "Support Test",
+      description: "End-to-end support intake smoke test. Files a clearly marked test report upstream and auto-closes it on AskExe machines with admin credentials.",
+      inputSchema: {
+        project: z88.string().default("support-smoke").describe("Customer/project name, e.g. hygo")
+      }
+    },
+    async ({ project }) => {
+      const checks = await runTest(project);
+      return {
+        content: [{ type: "text", text: formatRows(checks, "test") }],
+        structuredContent: { ok: !hasFailures(checks), checks },
+        isError: hasFailures(checks)
+      };
+    }
+  );
+}
+var init_support = __esm({
+  "src/mcp/tools/support.ts"() {
+    "use strict";
+    init_exe_support();
+  }
+});
+
+// src/lib/session-events.ts
+import { randomUUID as randomUUID10 } from "crypto";
 async function ensureSessionEventsTable(client) {
   await client.execute(`
     CREATE TABLE IF NOT EXISTS session_events (
@@ -30163,7 +30451,7 @@ var init_session_events = __esm({
 });
 
 // src/mcp/tools/get-session-events.ts
-import { z as z88 } from "zod";
+import { z as z89 } from "zod";
 function canReadAgent(activeRole, activeAgent, requestedAgent) {
   return requestedAgent === activeAgent || activeRole === "COO" || activeRole === "CTO";
 }
@@ -30187,11 +30475,11 @@ function registerGetSessionEvents(server) {
       title: "Get Session Events",
       description: "Return exact recent chronological user prompts, assistant responses, and tool calls from the append-only session journal. Use this when asked what happened last, not semantic memory search.",
       inputSchema: {
-        agent_id: z88.string().optional().describe("Agent to inspect. Defaults to active agent. COO/CTO may inspect others."),
-        session_id: z88.string().optional().describe("Optional exact runtime session id."),
+        agent_id: z89.string().optional().describe("Agent to inspect. Defaults to active agent. COO/CTO may inspect others."),
+        session_id: z89.string().optional().describe("Optional exact runtime session id."),
         event_type: EVENT_TYPE.optional().describe("Filter to one event type."),
-        project_name: z88.string().optional().describe("Optional project filter. Pass 'all' for all projects."),
-        limit: z88.number().int().min(1).max(100).default(20).describe("Number of events to return.")
+        project_name: z89.string().optional().describe("Optional project filter. Pass 'all' for all projects."),
+        limit: z89.number().int().min(1).max(100).default(20).describe("Number of events to return.")
       }
     },
     async ({ agent_id, session_id, event_type, project_name, limit }) => {
@@ -30227,8 +30515,8 @@ function registerGetLastAssistantResponse(server) {
       title: "Get Last Assistant Response",
       description: "Return the exact last assistant response for an agent from the session event journal. Use for 'what was the last thing you said?'",
       inputSchema: {
-        agent_id: z88.string().optional().describe("Agent to inspect. Defaults to active agent. COO/CTO may inspect others."),
-        project_name: z88.string().optional().describe("Optional project filter. Pass 'all' for all projects.")
+        agent_id: z89.string().optional().describe("Agent to inspect. Defaults to active agent. COO/CTO may inspect others."),
+        project_name: z89.string().optional().describe("Optional project filter. Pass 'all' for all projects.")
       }
     },
     async ({ agent_id, project_name }) => {
@@ -30263,7 +30551,7 @@ var init_get_session_events = __esm({
     init_active_agent();
     init_fast_db_init();
     init_session_events();
-    EVENT_TYPE = z88.enum([
+    EVENT_TYPE = z89.enum([
       "user_prompt",
       "assistant_response",
       "tool_call",
@@ -30275,24 +30563,24 @@ var init_get_session_events = __esm({
 
 // src/lib/code-context-index.ts
 import crypto20 from "crypto";
-import path54 from "path";
-import { existsSync as existsSync43, mkdirSync as mkdirSync21, readFileSync as readFileSync35, readdirSync as readdirSync14, statSync as statSync10, writeFileSync as writeFileSync24 } from "fs";
+import path55 from "path";
+import { existsSync as existsSync43, mkdirSync as mkdirSync22, readFileSync as readFileSync36, readdirSync as readdirSync14, statSync as statSync10, writeFileSync as writeFileSync25 } from "fs";
 import { spawnSync } from "child_process";
 function normalizeProjectRoot(projectRoot) {
-  return path54.resolve(projectRoot || process.cwd());
+  return path55.resolve(projectRoot || process.cwd());
 }
 function hashText(text3) {
   return crypto20.createHash("sha256").update(text3).digest("hex");
 }
 function indexDir() {
-  const dir = path54.join(EXE_AI_DIR, "code-context");
-  mkdirSync21(dir, { recursive: true });
+  const dir = path55.join(EXE_AI_DIR, "code-context");
+  mkdirSync22(dir, { recursive: true });
   return dir;
 }
 function getCodeContextIndexPath(projectRoot) {
   const root = normalizeProjectRoot(projectRoot);
   const rootHash = hashText(root).slice(0, 16);
-  return path54.join(indexDir(), `${rootHash}.json`);
+  return path55.join(indexDir(), `${rootHash}.json`);
 }
 function currentBranch(projectRoot) {
   const result2 = spawnSync("git", ["branch", "--show-current"], { cwd: projectRoot, encoding: "utf8", timeout: 2e3 });
@@ -30305,8 +30593,8 @@ function shouldIgnore(relPath) {
 }
 function listRecursive(projectRoot, dir = projectRoot, out = []) {
   for (const entry of readdirSync14(dir, { withFileTypes: true })) {
-    const abs = path54.join(dir, entry.name);
-    const rel = path54.relative(projectRoot, abs).replaceAll(path54.sep, "/");
+    const abs = path55.join(dir, entry.name);
+    const rel = path55.relative(projectRoot, abs).replaceAll(path55.sep, "/");
     if (shouldIgnore(rel)) continue;
     if (entry.isDirectory()) listRecursive(projectRoot, abs, out);
     else if (entry.isFile()) out.push(rel);
@@ -30322,7 +30610,7 @@ function listCodeFiles(projectRoot, maxFiles) {
     const rg = spawnSync("rg", ["--files"], { cwd: projectRoot, encoding: "utf8", timeout: 5e3, maxBuffer: 1024 * 1024 * 16 });
     files = rg.status === 0 && rg.stdout.trim() ? rg.stdout.split("\n").map((s) => s.trim()).filter(Boolean) : listRecursive(projectRoot);
   }
-  return files.map((file) => file.replaceAll(path54.sep, "/")).filter((file) => isChunkable(file) && !shouldIgnore(file)).slice(0, maxFiles).sort();
+  return files.map((file) => file.replaceAll(path55.sep, "/")).filter((file) => isChunkable(file) && !shouldIgnore(file)).slice(0, maxFiles).sort();
 }
 function parseImportPaths2(importText) {
   const paths = [];
@@ -30335,13 +30623,13 @@ function parseImportPaths2(importText) {
 }
 function resolveImport(fromFile, importPath, allFiles) {
   if (!importPath.startsWith(".")) return null;
-  const base = path54.posix.normalize(path54.posix.join(path54.posix.dirname(fromFile.replaceAll(path54.sep, "/")), importPath));
+  const base = path55.posix.normalize(path55.posix.join(path55.posix.dirname(fromFile.replaceAll(path55.sep, "/")), importPath));
   const withoutKnownExt = base.replace(/\.(?:[a-z0-9]+)$/i, "");
   const candidates = [base];
   for (const ext of ["ts", "tsx", "js", "jsx", "py", "rs", "go", "java", "cs", "cpp", "c", "rb", "php", "swift", "kt", "scala", "sql", "md", "json", "yaml", "yml"]) {
     candidates.push(`${withoutKnownExt}.${ext}`, `${base}.${ext}`);
   }
-  for (const indexName of ["index.ts", "index.tsx", "index.js", "mod.rs", "__init__.py"]) candidates.push(path54.posix.join(base, indexName));
+  for (const indexName of ["index.ts", "index.tsx", "index.js", "mod.rs", "__init__.py"]) candidates.push(path55.posix.join(base, indexName));
   return candidates.find((candidate) => allFiles.has(candidate)) ?? null;
 }
 function symbolId(filePath, chunk) {
@@ -30351,7 +30639,7 @@ function loadIndex(projectRoot) {
   const file = getCodeContextIndexPath(projectRoot);
   if (!existsSync43(file)) return null;
   try {
-    const parsed = JSON.parse(readFileSync35(file, "utf8"));
+    const parsed = JSON.parse(readFileSync36(file, "utf8"));
     if (parsed.version !== INDEX_VERSION || parsed.projectRoot !== projectRoot) return null;
     return parsed;
   } catch {
@@ -30359,10 +30647,10 @@ function loadIndex(projectRoot) {
   }
 }
 function saveIndex(index) {
-  writeFileSync24(getCodeContextIndexPath(index.projectRoot), JSON.stringify(index, null, 2));
+  writeFileSync25(getCodeContextIndexPath(index.projectRoot), JSON.stringify(index, null, 2));
 }
 function buildFileRecord(projectRoot, relPath, allFiles, previous) {
-  const absPath = path54.join(projectRoot, relPath);
+  const absPath = path55.join(projectRoot, relPath);
   let stat;
   try {
     stat = statSync10(absPath);
@@ -30372,7 +30660,7 @@ function buildFileRecord(projectRoot, relPath, allFiles, previous) {
   if (!stat.isFile()) return { record: null, reused: false };
   const language = languageForFile(relPath);
   if (!language || !isChunkable(relPath)) return { record: null, reused: false };
-  const source = readFileSync35(absPath, "utf8");
+  const source = readFileSync36(absPath, "utf8");
   const hash = hashText(source);
   if (previous && previous.hash === hash && previous.mtimeMs === stat.mtimeMs && previous.size === stat.size && previous.language === language) {
     return { record: previous, reused: true };
@@ -30400,13 +30688,13 @@ function buildCodeContextIndex(options = {}) {
   const branch = currentBranch(projectRoot);
   const previous = options.force ? null : loadIndex(projectRoot);
   const files = listCodeFiles(projectRoot, maxFiles);
-  const allFiles = new Set(files.map((file) => file.replaceAll(path54.sep, "/")));
+  const allFiles = new Set(files.map((file) => file.replaceAll(path55.sep, "/")));
   const fileRecords = {};
   let rebuiltFiles = 0;
   let reusedFiles = 0;
   let skippedFiles = 0;
   for (const rel of files) {
-    const normalized = rel.replaceAll(path54.sep, "/");
+    const normalized = rel.replaceAll(path55.sep, "/");
     const { record, reused } = buildFileRecord(projectRoot, normalized, allFiles, previous?.files[normalized]);
     if (record) {
       fileRecords[normalized] = record;
@@ -30435,11 +30723,11 @@ function loadOrBuildCodeContextIndex(options = {}) {
     if (loaded) {
       const currentFiles = listCodeFiles(projectRoot, options.maxFiles ?? DEFAULT_MAX_FILES);
       const unchanged = currentFiles.every((rel) => {
-        const normalized = rel.replaceAll(path54.sep, "/");
+        const normalized = rel.replaceAll(path55.sep, "/");
         const existing = loaded.files[normalized];
         if (!existing) return false;
         try {
-          const stat = statSync10(path54.join(projectRoot, normalized));
+          const stat = statSync10(path55.join(projectRoot, normalized));
           return stat.mtimeMs === existing.mtimeMs && stat.size === existing.size;
         } catch {
           return false;
@@ -30492,9 +30780,9 @@ function globToRegex(pattern) {
 }
 function matchesPath(filePath, patterns) {
   if (!patterns || patterns.length === 0) return true;
-  const normalized = filePath.replaceAll(path54.sep, "/");
+  const normalized = filePath.replaceAll(path55.sep, "/");
   return patterns.some((pattern) => {
-    const p = pattern.replaceAll(path54.sep, "/").replace(/^\.\//, "");
+    const p = pattern.replaceAll(path55.sep, "/").replace(/^\.\//, "");
     return normalized === p || normalized.startsWith(`${p}/`) || normalized.endsWith(p) || globToRegex(p).test(normalized);
   });
 }
@@ -30612,7 +30900,7 @@ function traceCodeSymbol(symbolName, options = {}) {
 }
 function resolveTargetFile(index, input) {
   if (input.filePath) {
-    const normalized = input.filePath.replaceAll(path54.sep, "/").replace(/^\.\//, "");
+    const normalized = input.filePath.replaceAll(path55.sep, "/").replace(/^\.\//, "");
     if (index.files[normalized]) return { filePath: normalized, target: normalized };
     const suffix = Object.keys(index.files).find((file) => file.endsWith(normalized));
     if (suffix) return { filePath: suffix, target: input.filePath };
@@ -30642,7 +30930,7 @@ function analyzeBlastRadius(input) {
       }
     }
   }
-  const targetBase = path54.basename(target.filePath).replace(/\.[^.]+$/, "").toLowerCase();
+  const targetBase = path55.basename(target.filePath).replace(/\.[^.]+$/, "").toLowerCase();
   const symbolLower = input.symbol?.toLowerCase();
   const tests = Object.keys(index.files).filter((file) => {
     const lower = file.toLowerCase();
@@ -30683,7 +30971,7 @@ var init_code_context_index = __esm({
 });
 
 // src/mcp/tools/code-context.ts
-import { z as z89 } from "zod";
+import { z as z90 } from "zod";
 function errorResult10(text3) {
   return { content: [{ type: "text", text: text3 }], isError: true };
 }
@@ -30695,19 +30983,19 @@ function registerCodeContext(server) {
     title: "Code Context",
     description: "Persistent codebase context engine. One consolidated tool to avoid MCP bloat. Actions: index, search, trace, blast_radius, stats.",
     inputSchema: {
-      action: z89.enum(["index", "search", "trace", "blast_radius", "stats"]).describe("Code context operation"),
-      project_root: z89.string().optional().describe("Repository root. Defaults to current working directory."),
-      query: z89.string().optional().describe("Search query for action=search"),
-      symbol: z89.string().optional().describe("Symbol/function/class/type name for trace or blast_radius"),
-      file_path: z89.string().optional().describe("File path for blast_radius"),
-      force: z89.boolean().optional().describe("Force rebuild before answering"),
-      limit: z89.coerce.number().int().min(1).max(100).optional().describe("Max results"),
-      offset: z89.coerce.number().int().min(0).optional().describe("Search pagination offset"),
-      refresh_index: z89.boolean().optional().describe("Refresh/rebuild index before searching"),
-      languages: z89.array(z89.string()).optional().describe('Language filters, e.g. ["python", "typescript"]'),
-      paths: z89.array(z89.string()).optional().describe("Path/glob filters"),
-      depth: z89.coerce.number().int().min(1).max(5).optional().describe("Dependent traversal depth for blast_radius"),
-      max_files: z89.coerce.number().int().min(1).max(1e4).optional().describe("Max code files to index")
+      action: z90.enum(["index", "search", "trace", "blast_radius", "stats"]).describe("Code context operation"),
+      project_root: z90.string().optional().describe("Repository root. Defaults to current working directory."),
+      query: z90.string().optional().describe("Search query for action=search"),
+      symbol: z90.string().optional().describe("Symbol/function/class/type name for trace or blast_radius"),
+      file_path: z90.string().optional().describe("File path for blast_radius"),
+      force: z90.boolean().optional().describe("Force rebuild before answering"),
+      limit: z90.coerce.number().int().min(1).max(100).optional().describe("Max results"),
+      offset: z90.coerce.number().int().min(0).optional().describe("Search pagination offset"),
+      refresh_index: z90.boolean().optional().describe("Refresh/rebuild index before searching"),
+      languages: z90.array(z90.string()).optional().describe('Language filters, e.g. ["python", "typescript"]'),
+      paths: z90.array(z90.string()).optional().describe("Path/glob filters"),
+      depth: z90.coerce.number().int().min(1).max(5).optional().describe("Dependent traversal depth for blast_radius"),
+      max_files: z90.coerce.number().int().min(1).max(1e4).optional().describe("Max code files to index")
     }
   }, async ({ action, project_root, query, symbol, file_path, force, limit, offset, refresh_index, languages, paths, depth, max_files }) => {
     const opts = { projectRoot: project_root, force, maxFiles: max_files };
@@ -30758,7 +31046,7 @@ var init_code_context = __esm({
 });
 
 // src/mcp/tools/support-inbox.ts
-import { z as z90 } from "zod";
+import { z as z91 } from "zod";
 function adminToken() {
   return process.env.ASKEXE_SUPPORT_ADMIN_TOKEN || process.env.EXE_SUPPORT_ADMIN_TOKEN;
 }
@@ -30797,9 +31085,9 @@ function registerListBugReports(server) {
       title: "List Bug Reports",
       description: "AskExe-internal only: list incoming customer bug reports from the support inbox.",
       inputSchema: {
-        status: z90.enum(["all", "open", "triaged", "fixed", "closed", "wontfix"]).default("open"),
-        severity: z90.enum(["p0", "p1", "p2", "p3"]).optional(),
-        limit: z90.number().int().min(1).max(100).default(25)
+        status: z91.enum(["all", "open", "triaged", "fixed", "closed", "wontfix"]).default("open"),
+        severity: z91.enum(["p0", "p1", "p2", "p3"]).optional(),
+        limit: z91.number().int().min(1).max(100).default(25)
       }
     },
     async ({ status, severity, limit }) => {
@@ -30818,7 +31106,7 @@ function registerGetBugReport(server) {
     {
       title: "Get Bug Report",
       description: "AskExe-internal only: fetch one customer bug report with full markdown payload.",
-      inputSchema: { id: z90.string().min(8) }
+      inputSchema: { id: z91.string().min(8) }
     },
     async ({ id }) => {
       const data = await requestJson(`${endpoint()}/${encodeURIComponent(id)}`);
@@ -30833,12 +31121,12 @@ function registerTriageBugReport(server) {
       title: "Triage Bug Report",
       description: "AskExe-internal only: update bug report status and link task/commit/release metadata.",
       inputSchema: {
-        id: z90.string().min(8),
+        id: z91.string().min(8),
         status: STATUS.optional(),
-        triage_notes: z90.string().optional(),
-        linked_task_id: z90.string().optional(),
-        linked_commit: z90.string().optional(),
-        fixed_version: z90.string().optional()
+        triage_notes: z91.string().optional(),
+        linked_task_id: z91.string().optional(),
+        linked_commit: z91.string().optional(),
+        fixed_version: z91.string().optional()
       }
     },
     async ({ id, status, triage_notes, linked_task_id, linked_commit, fixed_version }) => {
@@ -30855,7 +31143,7 @@ var init_support_inbox = __esm({
   "src/mcp/tools/support-inbox.ts"() {
     "use strict";
     DEFAULT_ENDPOINT = "https://askexe.com/admin/support/bug-reports";
-    STATUS = z90.enum(["open", "triaged", "fixed", "closed", "wontfix"]);
+    STATUS = z91.enum(["open", "triaged", "fixed", "closed", "wontfix"]);
   }
 });
 
@@ -30929,6 +31217,7 @@ var init_tool_gates = __esm({
       registerStoreDecision: "core",
       registerGetDecision: "core",
       registerCreateBugReport: "core",
+      registerSupportTools: "core",
       registerGetSessionEvents: "core",
       registerGetLastAssistantResponse: "core",
       registerCodeContext: "graph-read",
@@ -31188,6 +31477,7 @@ function registerAllTools(server) {
   gate("registerStoreDecision", registerStoreDecision);
   gate("registerGetDecision", registerGetDecision);
   gate("registerCreateBugReport", registerCreateBugReport);
+  gate("registerSupportTools", registerSupportTools);
   gate("registerGetSessionEvents", registerGetSessionEvents);
   gate("registerGetLastAssistantResponse", registerGetLastAssistantResponse);
   gate("registerCodeContext", registerCodeContext);
@@ -31335,6 +31625,7 @@ var init_register_tools = __esm({
     init_activate_license();
     init_query_company_brain();
     init_create_bug_report();
+    init_support();
     init_get_session_events();
     init_code_context();
     init_support_inbox();
@@ -31562,12 +31853,12 @@ __export(task_enforcement_exports, {
   runTaskEnforcementTick: () => runTaskEnforcementTick,
   sendNudge: () => sendNudge
 });
-import { writeFileSync as writeFileSync25 } from "fs";
-import path55 from "path";
+import { writeFileSync as writeFileSync26 } from "fs";
+import path56 from "path";
 function writeAuditEntry(entry) {
   try {
     const line = JSON.stringify(entry) + "\n";
-    writeFileSync25(AUDIT_LOG_PATH, line, { flag: "a" });
+    writeFileSync26(AUDIT_LOG_PATH, line, { flag: "a" });
   } catch {
   }
 }
@@ -31738,7 +32029,7 @@ var init_task_enforcement = __esm({
       "What do you need?"
     ];
     MANAGER_ROLES = ["COO", "CTO"];
-    AUDIT_LOG_PATH = path55.join(
+    AUDIT_LOG_PATH = path56.join(
       process.env.HOME ?? process.env.USERPROFILE ?? "/tmp",
       ".exe-os",
       "enforcement-audit.jsonl"
@@ -31760,12 +32051,12 @@ __export(background_jobs_exports, {
   reniceCurrentProcess: () => reniceCurrentProcess,
   startManagedJob: () => startManagedJob
 });
-import { existsSync as existsSync44, mkdirSync as mkdirSync22, readFileSync as readFileSync36, writeFileSync as writeFileSync26, unlinkSync as unlinkSync13 } from "fs";
+import { existsSync as existsSync44, mkdirSync as mkdirSync23, readFileSync as readFileSync37, writeFileSync as writeFileSync27, unlinkSync as unlinkSync14 } from "fs";
 import { execFileSync as execFileSync3 } from "child_process";
 import os22 from "os";
-import path56 from "path";
+import path57 from "path";
 function ensureDirs() {
-  mkdirSync22(LOCK_DIR, { recursive: true });
+  mkdirSync23(LOCK_DIR, { recursive: true });
 }
 function now() {
   return (/* @__PURE__ */ new Date()).toISOString();
@@ -31783,7 +32074,7 @@ function readJobsRaw() {
   ensureDirs();
   if (!existsSync44(JOBS_FILE)) return [];
   try {
-    const parsed = JSON.parse(readFileSync36(JOBS_FILE, "utf8"));
+    const parsed = JSON.parse(readFileSync37(JOBS_FILE, "utf8"));
     return Array.isArray(parsed) ? parsed : [];
   } catch {
     return [];
@@ -31793,7 +32084,7 @@ function writeJobsRaw(jobs) {
   ensureDirs();
   const running2 = jobs.filter((j) => j.status === "running");
   const rest = jobs.filter((j) => j.status !== "running").slice(-MAX_HISTORY);
-  writeFileSync26(JOBS_FILE, JSON.stringify([...rest, ...running2], null, 2) + "\n");
+  writeFileSync27(JOBS_FILE, JSON.stringify([...rest, ...running2], null, 2) + "\n");
 }
 function listBackgroundJobs() {
   const jobs = readJobsRaw();
@@ -31809,25 +32100,25 @@ function listBackgroundJobs() {
   return jobs;
 }
 function lockPath(type) {
-  return path56.join(LOCK_DIR, `${type.replace(/[^a-zA-Z0-9_.-]/g, "_")}.lock`);
+  return path57.join(LOCK_DIR, `${type.replace(/[^a-zA-Z0-9_.-]/g, "_")}.lock`);
 }
 function acquireJobLock(type, ttlMs = DEFAULT_LOCK_TTL_MS) {
   ensureDirs();
   const file = lockPath(type);
   if (existsSync44(file)) {
     try {
-      const lock = JSON.parse(readFileSync36(file, "utf8"));
+      const lock = JSON.parse(readFileSync37(file, "utf8"));
       const age = Date.now() - Date.parse(lock.updatedAt ?? "");
       if (lock.pid && isAlive(lock.pid) && Number.isFinite(age) && age < ttlMs) return false;
     } catch {
     }
     try {
-      unlinkSync13(file);
+      unlinkSync14(file);
     } catch {
     }
   }
   try {
-    writeFileSync26(file, JSON.stringify({ pid: process.pid, updatedAt: now() }, null, 2) + "\n", { flag: "wx" });
+    writeFileSync27(file, JSON.stringify({ pid: process.pid, updatedAt: now() }, null, 2) + "\n", { flag: "wx" });
     return true;
   } catch {
     return false;
@@ -31837,11 +32128,11 @@ function releaseJobLock(type) {
   const file = lockPath(type);
   try {
     if (!existsSync44(file)) return;
-    const lock = JSON.parse(readFileSync36(file, "utf8"));
-    if (lock.pid === process.pid || !lock.pid || !isAlive(lock.pid)) unlinkSync13(file);
+    const lock = JSON.parse(readFileSync37(file, "utf8"));
+    if (lock.pid === process.pid || !lock.pid || !isAlive(lock.pid)) unlinkSync14(file);
   } catch {
     try {
-      unlinkSync13(file);
+      unlinkSync14(file);
     } catch {
     }
   }
@@ -31876,7 +32167,7 @@ function startManagedJob(options) {
     writeJobsRaw([...jobs, record]);
     const file = lockPath(options.type);
     try {
-      writeFileSync26(file, JSON.stringify({ pid: process.pid, jobId: id, updatedAt: record.updatedAt }, null, 2) + "\n");
+      writeFileSync27(file, JSON.stringify({ pid: process.pid, jobId: id, updatedAt: record.updatedAt }, null, 2) + "\n");
     } catch {
     }
   };
@@ -32036,9 +32327,9 @@ var init_background_jobs = __esm({
   "src/lib/background-jobs.ts"() {
     "use strict";
     init_config();
-    JOB_DIR = path56.join(EXE_AI_DIR, "jobs");
-    JOBS_FILE = path56.join(JOB_DIR, "jobs.json");
-    LOCK_DIR = path56.join(JOB_DIR, "locks");
+    JOB_DIR = path57.join(EXE_AI_DIR, "jobs");
+    JOBS_FILE = path57.join(JOB_DIR, "jobs.json");
+    LOCK_DIR = path57.join(JOB_DIR, "locks");
     DEFAULT_LOCK_TTL_MS = 6 * 60 * 60 * 1e3;
     MAX_HISTORY = 200;
   }
@@ -32052,11 +32343,11 @@ __export(update_check_exports, {
   getRemoteVersion: () => getRemoteVersion
 });
 import { execSync as execSync15 } from "child_process";
-import { readFileSync as readFileSync37 } from "fs";
-import path57 from "path";
+import { readFileSync as readFileSync38 } from "fs";
+import path58 from "path";
 function getLocalVersion(packageRoot) {
-  const pkgPath = path57.join(packageRoot, "package.json");
-  const pkg = JSON.parse(readFileSync37(pkgPath, "utf-8"));
+  const pkgPath = path58.join(packageRoot, "package.json");
+  const pkg = JSON.parse(readFileSync38(pkgPath, "utf-8"));
   return pkg.version;
 }
 function getRemoteVersion() {
@@ -32128,12 +32419,12 @@ __export(device_registry_exports, {
 });
 import crypto22 from "crypto";
 import os23 from "os";
-import { readFileSync as readFileSync38, writeFileSync as writeFileSync27, mkdirSync as mkdirSync23, existsSync as existsSync45 } from "fs";
-import path58 from "path";
+import { readFileSync as readFileSync39, writeFileSync as writeFileSync28, mkdirSync as mkdirSync24, existsSync as existsSync45 } from "fs";
+import path59 from "path";
 function getDeviceInfo() {
   if (existsSync45(DEVICE_JSON_PATH)) {
     try {
-      const raw = readFileSync38(DEVICE_JSON_PATH, "utf8");
+      const raw = readFileSync39(DEVICE_JSON_PATH, "utf8");
       const data = JSON.parse(raw);
       if (data.deviceId && data.friendlyName && data.hostname) {
         return data;
@@ -32147,14 +32438,14 @@ function getDeviceInfo() {
     friendlyName: hostname.replace(/\./g, "-").toLowerCase(),
     hostname
   };
-  mkdirSync23(path58.dirname(DEVICE_JSON_PATH), { recursive: true });
-  writeFileSync27(DEVICE_JSON_PATH, JSON.stringify(info, null, 2));
+  mkdirSync24(path59.dirname(DEVICE_JSON_PATH), { recursive: true });
+  writeFileSync28(DEVICE_JSON_PATH, JSON.stringify(info, null, 2));
   return info;
 }
 function setFriendlyName(name) {
   const info = getDeviceInfo();
   info.friendlyName = name;
-  writeFileSync27(DEVICE_JSON_PATH, JSON.stringify(info, null, 2));
+  writeFileSync28(DEVICE_JSON_PATH, JSON.stringify(info, null, 2));
 }
 async function resolveTargetDevice(targetAgent, targetProject) {
   const { getClient: getClient2 } = await Promise.resolve().then(() => (init_database(), database_exports));
@@ -32188,7 +32479,7 @@ var init_device_registry = __esm({
   "src/lib/device-registry.ts"() {
     "use strict";
     init_config();
-    DEVICE_JSON_PATH = path58.join(EXE_AI_DIR, "device.json");
+    DEVICE_JSON_PATH = path59.join(EXE_AI_DIR, "device.json");
   }
 });
 
@@ -32403,9 +32694,9 @@ init_daemon_auth();
 import os24 from "os";
 import net2 from "net";
 import { createServer as createHttpServer } from "http";
-import { randomUUID as randomUUID10 } from "crypto";
-import { writeFileSync as writeFileSync28, unlinkSync as unlinkSync14, mkdirSync as mkdirSync24, existsSync as existsSync46, readFileSync as readFileSync39, chmodSync as chmodSync2 } from "fs";
-import path59 from "path";
+import { randomUUID as randomUUID11 } from "crypto";
+import { writeFileSync as writeFileSync29, unlinkSync as unlinkSync15, mkdirSync as mkdirSync25, existsSync as existsSync46, readFileSync as readFileSync40, chmodSync as chmodSync2 } from "fs";
+import path60 from "path";
 
 // src/lib/orchestration-metrics.ts
 init_config();
@@ -32478,8 +32769,8 @@ function initMetrics() {
 // src/lib/exe-daemon.ts
 init_memory_write_governor();
 init_mcp_transport_health();
-var SOCKET_PATH2 = process.env.EXE_DAEMON_SOCK ?? process.env.EXE_EMBED_SOCK ?? path59.join(EXE_AI_DIR, "exed.sock");
-var PID_PATH4 = process.env.EXE_DAEMON_PID ?? process.env.EXE_EMBED_PID ?? path59.join(EXE_AI_DIR, "exed.pid");
+var SOCKET_PATH2 = process.env.EXE_DAEMON_SOCK ?? process.env.EXE_EMBED_SOCK ?? path60.join(EXE_AI_DIR, "exed.sock");
+var PID_PATH4 = process.env.EXE_DAEMON_PID ?? process.env.EXE_EMBED_PID ?? path60.join(EXE_AI_DIR, "exed.pid");
 var MODEL_FILE = "jina-embeddings-v5-small-q4_k_m.gguf";
 var IDLE_TIMEOUT_MS2 = parseInt(process.env.EXE_DAEMON_IDLE_TIMEOUT_MS || "0", 10);
 var REVIEW_POLL_INTERVAL_MS = 60 * 1e3;
@@ -32508,7 +32799,7 @@ function enqueue(queue, entry) {
   queue.push(entry);
 }
 async function loadModel() {
-  const modelPath = path59.join(MODELS_DIR, MODEL_FILE);
+  const modelPath = path60.join(MODELS_DIR, MODEL_FILE);
   if (!existsSync46(modelPath)) {
     process.stderr.write(`[exed] No model at ${modelPath} \u2014 running without embeddings (VPS mode).
 `);
@@ -32605,11 +32896,11 @@ async function shutdown() {
   }
   if (process.platform === "darwin" && _llama) {
     try {
-      unlinkSync14(SOCKET_PATH2);
+      unlinkSync15(SOCKET_PATH2);
     } catch {
     }
     try {
-      unlinkSync14(PID_PATH4);
+      unlinkSync15(PID_PATH4);
     } catch {
     }
     process.stderr.write("[exed] Shutdown complete (darwin fast native exit).\n");
@@ -32638,11 +32929,11 @@ async function shutdown() {
     _llama = null;
   }
   try {
-    unlinkSync14(SOCKET_PATH2);
+    unlinkSync15(SOCKET_PATH2);
   } catch {
   }
   try {
-    unlinkSync14(PID_PATH4);
+    unlinkSync15(PID_PATH4);
   } catch {
   }
   process.stderr.write("[exed] Shutdown complete.\n");
@@ -32793,7 +33084,7 @@ async function handleBatchWriteMemory(socket, requestId, entries) {
   }
 }
 async function writeMemoryRecord(entry) {
-  const id = randomUUID10();
+  const id = randomUUID11();
   const now2 = entry.timestamp || (/* @__PURE__ */ new Date()).toISOString();
   const governed = governMemoryRecord({
     id,
@@ -32950,28 +33241,28 @@ function startMemoryQueueDrain() {
 `);
 }
 function startServer() {
-  mkdirSync24(path59.dirname(SOCKET_PATH2), { recursive: true });
+  mkdirSync25(path60.dirname(SOCKET_PATH2), { recursive: true });
   try {
-    chmodSync2(path59.dirname(SOCKET_PATH2), 448);
+    chmodSync2(path60.dirname(SOCKET_PATH2), 448);
   } catch {
   }
   _daemonToken = ensureDaemonToken(process.env[DAEMON_TOKEN_ENV2] ?? null);
   for (const oldFile of ["embed.sock", "embed.pid"]) {
-    const oldPath = path59.join(path59.dirname(SOCKET_PATH2), oldFile);
+    const oldPath = path60.join(path60.dirname(SOCKET_PATH2), oldFile);
     try {
       if (oldFile.endsWith(".pid")) {
-        const pid = parseInt(readFileSync39(oldPath, "utf8").trim(), 10);
+        const pid = parseInt(readFileSync40(oldPath, "utf8").trim(), 10);
         if (pid > 0) try {
           process.kill(pid, "SIGKILL");
         } catch {
         }
       }
-      unlinkSync14(oldPath);
+      unlinkSync15(oldPath);
     } catch {
     }
   }
   try {
-    unlinkSync14(SOCKET_PATH2);
+    unlinkSync15(SOCKET_PATH2);
   } catch {
   }
   const server = net2.createServer((socket) => {
@@ -33206,7 +33497,7 @@ async function startMcpHttpServer() {
         sessionLastSeen.set(sessionId, Date.now());
       } else if (!sessionId && req.method === "POST" && isInitializeRequest(parsedBody)) {
         transport = new StreamableHTTPServerTransport({
-          sessionIdGenerator: () => randomUUID10(),
+          sessionIdGenerator: () => randomUUID11(),
           onsessioninitialized: (sid) => {
             transports.set(sid, transport);
             sessionLastSeen.set(sid, Date.now());
@@ -33591,7 +33882,7 @@ function startGraphExtraction() {
 `);
 }
 var AGENT_STATS_INTERVAL_MS = 60 * 1e3;
-var AGENT_STATS_PATH = path59.join(EXE_AI_DIR, "agent-stats.json");
+var AGENT_STATS_PATH = path60.join(EXE_AI_DIR, "agent-stats.json");
 async function writeAgentStats() {
   fired("agent_stats");
   if (!await ensureStoreForPolling()) return;
@@ -33651,7 +33942,7 @@ async function writeAgentStats() {
         pid: process.pid
       }
     };
-    writeFileSync28(AGENT_STATS_PATH, JSON.stringify(stats, null, 2), "utf8");
+    writeFileSync29(AGENT_STATS_PATH, JSON.stringify(stats, null, 2), "utf8");
   } catch (err) {
     process.stderr.write(`[exed] Agent stats error: ${err instanceof Error ? err.message : String(err)}
 `);
@@ -33768,11 +34059,11 @@ function startIntercomQueueDrain() {
       const hasInProgressTask = (session) => {
         try {
           const { baseAgentName: ban } = (init_employees(), __toCommonJS(employees_exports));
-          const path60 = __require("path");
+          const path61 = __require("path");
           const { existsSync: existsSync47 } = __require("fs");
           const os25 = __require("os");
           const agent = ban(session.split("-")[0] ?? session);
-          const markerPath = path60.join(os25.homedir(), ".exe-os", "session-cache", `current-task-${agent}.json`);
+          const markerPath = path61.join(os25.homedir(), ".exe-os", "session-cache", `current-task-${agent}.json`);
           return existsSync47(markerPath);
         } catch {
           return false;
@@ -33968,11 +34259,11 @@ function handleSignalShutdown() {
     } catch {
     }
     try {
-      unlinkSync14(SOCKET_PATH2);
+      unlinkSync15(SOCKET_PATH2);
     } catch {
     }
     try {
-      unlinkSync14(PID_PATH4);
+      unlinkSync15(PID_PATH4);
     } catch {
     }
     process.stderr.write("[exed] Shutdown complete (darwin signal fast native exit).\n");
@@ -33986,11 +34277,11 @@ process.on("SIGTERM", handleSignalShutdown);
 function checkExistingDaemon() {
   try {
     if (!existsSync46(PID_PATH4)) return false;
-    const pid = parseInt(readFileSync39(PID_PATH4, "utf8").trim(), 10);
+    const pid = parseInt(readFileSync40(PID_PATH4, "utf8").trim(), 10);
     if (!pid || isNaN(pid)) return false;
     if (pid === process.pid) {
       try {
-        unlinkSync14(PID_PATH4);
+        unlinkSync15(PID_PATH4);
       } catch {
       }
       return false;
@@ -34006,7 +34297,7 @@ function checkExistingDaemon() {
       return true;
     }
     try {
-      unlinkSync14(PID_PATH4);
+      unlinkSync15(PID_PATH4);
     } catch {
     }
     return false;
@@ -34063,7 +34354,7 @@ function startAutoUpdateCheck() {
 if (checkExistingDaemon()) {
   process.exit(0);
 }
-writeFileSync28(PID_PATH4, String(process.pid));
+writeFileSync29(PID_PATH4, String(process.pid));
 try {
   chmodSync2(PID_PATH4, 384);
 } catch {
@@ -34187,11 +34478,11 @@ try {
   process.stderr.write(`[exed] FATAL: ${err instanceof Error ? err.message : String(err)}
 `);
   try {
-    unlinkSync14(SOCKET_PATH2);
+    unlinkSync15(SOCKET_PATH2);
   } catch {
   }
   try {
-    unlinkSync14(PID_PATH4);
+    unlinkSync15(PID_PATH4);
   } catch {
   }
   process.exit(1);