@askexenow/exe-os 0.9.79 → 0.9.80

package/dist/mcp/server.js

@@ -877,8 +877,8 @@ async function embedDirect(text3) {
   const llamaCpp = await import("node-llama-cpp");
   const { MODELS_DIR: MODELS_DIR2 } = await Promise.resolve().then(() => (init_config(), config_exports));
   const { existsSync: existsSync41 } = await import("fs");
-  const path52 = await import("path");
-  const modelPath = path52.join(MODELS_DIR2, "jina-embeddings-v5-small-q4_k_m.gguf");
+  const path53 = await import("path");
+  const modelPath = path53.join(MODELS_DIR2, "jina-embeddings-v5-small-q4_k_m.gguf");
   if (!existsSync41(modelPath)) {
     throw new Error(`Embedding model not found at ${modelPath}. Run '/exe-setup' to download it.`);
   }
@@ -3721,8 +3721,8 @@ function deriveMachineKey() {
 }
 function readMachineId() {
   try {
-    const { readFileSync: readFileSync34 } = __require("fs");
-    return readFileSync34("/etc/machine-id", "utf-8").trim();
+    const { readFileSync: readFileSync35 } = __require("fs");
+    return readFileSync35("/etc/machine-id", "utf-8").trim();
   } catch {
     return "";
   }
@@ -4781,7 +4781,7 @@ var init_platform_procedures = __esm({
         title: "Customer patch triage \u2014 upstream bug vs customization",
         domain: "support",
         priority: "p0",
-        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, run `exe-os support test` and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
+        content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, call support_test (MCP) and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues; only ask the founder to run `exe-os support test` if MCP is disconnected/unavailable. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
       // --- Operations ---
       {
@@ -4863,7 +4863,7 @@ var init_platform_procedures = __esm({
         title: "MCP tools \u2014 identity, behavior, and decisions",
         domain: "tool-use",
         priority: "p1",
-        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. Customers only get report access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, run `exe-os support test` from the terminal to verify local file write, license auth, support endpoint health, and upstream POST."
+        content: "get_identity: read an agent's exe.md (Layer 1 identity). update_identity: write an agent's exe.md. Identity > behavior \u2014 use for permanent rules. store_behavior: record a correction or pattern for an agent (Layer 2 expertise). list_behaviors: view an agent's active behaviors. deactivate_behavior: soft-delete a stale or conflicting behavior. store_decision: record an ADR (architectural decision record). get_decision: retrieve a past decision by query. create_bug_report: customer-facing bug/support intake; use whenever an Exe OS bug or emergency hotfix is encountered so the report reaches AskExe directly. support_health: check local support readiness and AskExe support server health without filing a report. support_test: file a safe end-to-end smoke report. Customers only get report/test access; internal list/get/triage support tools are AskExe-only. If a customer-side agent cannot send upstream, call support_test first; only fall back to the terminal command `exe-os support test` when MCP is disconnected."
       },
       {
         title: "MCP tools \u2014 communication and messaging",
@@ -7303,10 +7303,10 @@ async function hybridSearch(queryText, agentId, options) {
     };
     try {
       const fs = await import("fs");
-      const path52 = await import("path");
+      const path53 = await import("path");
       const os21 = await import("os");
-      const logPath = path52.join(os21.homedir(), ".exe-os", "search-quality.jsonl");
-      fs.mkdirSync(path52.dirname(logPath), { recursive: true });
+      const logPath = path53.join(os21.homedir(), ".exe-os", "search-quality.jsonl");
+      fs.mkdirSync(path53.dirname(logPath), { recursive: true });
       fs.appendFileSync(logPath, JSON.stringify(logEntry) + "\n");
     } catch {
     }
@@ -8599,8 +8599,8 @@ __export(wiki_client_exports, {
   listDocuments: () => listDocuments,
   listWorkspaces: () => listWorkspaces
 });
-async function wikiFetch(config2, path52, method = "GET", body) {
-  const url = `${config2.baseUrl}/api/v1${path52}`;
+async function wikiFetch(config2, path53, method = "GET", body) {
+  const url = `${config2.baseUrl}/api/v1${path53}`;
   const headers = {
     Authorization: `Bearer ${config2.apiKey}`,
     "Content-Type": "application/json"
@@ -8633,7 +8633,7 @@ async function wikiFetch(config2, path52, method = "GET", body) {
       }
     }
     if (!response.ok) {
-      throw new Error(`Wiki API ${method} ${path52}: ${response.status} ${response.statusText}`);
+      throw new Error(`Wiki API ${method} ${path53}: ${response.status} ${response.statusText}`);
     }
     return response.json();
   } finally {
@@ -13963,8 +13963,8 @@ init_database();
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { spawn as spawn4 } from "child_process";
-import { existsSync as existsSync40, openSync as openSync4, mkdirSync as mkdirSync22, closeSync as closeSync4, readFileSync as readFileSync33 } from "fs";
-import path51 from "path";
+import { existsSync as existsSync40, openSync as openSync4, mkdirSync as mkdirSync23, closeSync as closeSync4, readFileSync as readFileSync34 } from "fs";
+import path52 from "path";
 import os20 from "os";
 import { fileURLToPath as fileURLToPath6 } from "url";
 
@@ -15350,7 +15350,7 @@ function registerCreateTask(server2) {
         skipDispatch: true
       });
       try {
-        const { existsSync: existsSync41, mkdirSync: mkdirSync23, writeFileSync: writeFileSync24 } = await import("fs");
+        const { existsSync: existsSync41, mkdirSync: mkdirSync24, writeFileSync: writeFileSync25 } = await import("fs");
         const { identityPath: identityPath2 } = await Promise.resolve().then(() => (init_identity(), identity_exports));
         const idPath = identityPath2(assigned_to);
         if (!existsSync41(idPath)) {
@@ -15362,8 +15362,8 @@ function registerCreateTask(server2) {
             const template = getTemplateForTitle2(emp.role);
             if (template) {
               const dir = (await import("path")).dirname(idPath);
-              if (!existsSync41(dir)) mkdirSync23(dir, { recursive: true });
-              writeFileSync24(idPath, template.replace(/^agent_id: \w+/m, `agent_id: ${assigned_to}`), "utf-8");
+              if (!existsSync41(dir)) mkdirSync24(dir, { recursive: true });
+              writeFileSync25(idPath, template.replace(/^agent_id: \w+/m, `agent_id: ${assigned_to}`), "utf-8");
             }
           }
         }
@@ -18337,12 +18337,12 @@ function registerExportGraph(server2) {
         }
         const html = await exportGraphHTML(client);
         const fs = await import("fs");
-        const path52 = await import("path");
+        const path53 = await import("path");
         const os21 = await import("os");
-        const outDir = path52.join(os21.homedir(), ".exe-os", "exports");
+        const outDir = path53.join(os21.homedir(), ".exe-os", "exports");
         fs.mkdirSync(outDir, { recursive: true });
         const timestamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-").slice(0, 19);
-        const filePath = path52.join(outDir, `graph-${timestamp}.html`);
+        const filePath = path53.join(outDir, `graph-${timestamp}.html`);
         fs.writeFileSync(filePath, html, "utf-8");
         return {
           content: [
@@ -23321,9 +23321,9 @@ var HostingerApiClient = class {
     }
     this.lastRequestTime = Date.now();
   }
-  async request(method, path52, body) {
+  async request(method, path53, body) {
     await this.rateLimit();
-    const url = `${this.baseUrl}${path52}`;
+    const url = `${this.baseUrl}${path53}`;
     const headers = {
       Authorization: `Bearer ${this.apiKey}`,
       "Content-Type": "application/json",
@@ -23396,8 +23396,8 @@ async function requestCloudflare(cfApiToken, zoneId, options) {
   }
   return envelope.result;
 }
-function buildUrl(zoneId, path52 = "/dns_records", query) {
-  const normalizedPath = path52.startsWith("/") ? path52 : `/${path52}`;
+function buildUrl(zoneId, path53 = "/dns_records", query) {
+  const normalizedPath = path53.startsWith("/") ? path53 : `/${path53}`;
   const url = new URL(
     `${CLOUDFLARE_API_BASE_URL}/zones/${zoneId}${normalizedPath}`
   );
@@ -27042,15 +27042,293 @@ Upstream status: ${upstreamStatus}`
   );
 }
 
+// src/mcp/tools/support.ts
+import { z as z88 } from "zod";
+
+// src/bin/exe-support.ts
+init_config();
+init_license();
+import { mkdirSync as mkdirSync21, readFileSync as readFileSync32, unlinkSync as unlinkSync12, writeFileSync as writeFileSync23 } from "fs";
+import path50 from "path";
+import { randomUUID as randomUUID9 } from "crypto";
+var DEFAULT_BUG_ENDPOINT = "https://askexe.com/v1/support/bug-reports";
+var DEFAULT_ADMIN_ENDPOINT = "https://askexe.com/admin/support/bug-reports";
+async function runHealth() {
+  const checks = [];
+  const endpoints = await resolveEndpoints();
+  checks.push(checkLocalWrite());
+  checks.push({
+    check: "license_key_present",
+    level: loadLicense() ? "pass" : "fail",
+    detail: loadLicense() ? "license.key found" : "missing ~/.exe-os/license.key; run exe-os setup or exe-os cloud setup",
+    next: loadLicense() ? void 0 : "Run `exe-os setup` or ask AskExe for the customer license key."
+  });
+  checks.push({
+    check: "license_token_cached",
+    level: readCachedLicenseToken() ? "pass" : "warn",
+    detail: readCachedLicenseToken() ? "cached license token found" : "no cached token yet; support can still use license.key",
+    next: readCachedLicenseToken() ? void 0 : "This is OK if license.key exists. It refreshes after cloud/license validation."
+  });
+  try {
+    const res = await fetch(endpoints.healthEndpoint, { method: "GET", signal: AbortSignal.timeout(1e4) });
+    const body = await safeJson2(res);
+    checks.push({
+      check: "support_health_endpoint",
+      level: res.ok && body?.status !== "down" ? "pass" : "fail",
+      detail: `${res.status} ${body?.status ?? res.statusText}`,
+      next: res.ok ? void 0 : "Check internet access, DNS, or AskExe support status."
+    });
+    for (const remote of body?.checks ?? []) {
+      const name = remote.name ?? "unknown";
+      checks.push({
+        check: `server_${name}`,
+        level: remote.ok === true ? "pass" : name === "admin_inbox_configured" ? "warn" : "fail",
+        detail: remote.detail ?? (remote.ok ? "ok" : "failed"),
+        next: remote.ok ? void 0 : "AskExe must fix this server-side."
+      });
+    }
+  } catch (err) {
+    checks.push({
+      check: "support_health_endpoint",
+      level: "fail",
+      detail: err instanceof Error ? err.message : String(err),
+      next: "Check internet access, then run `exe-os support health` again."
+    });
+  }
+  return checks;
+}
+async function runTest(project) {
+  const checks = await runHealth();
+  const endpoints = await resolveEndpoints();
+  const licenseKey = loadLicense();
+  const licenseToken = readCachedLicenseToken();
+  const id = randomUUID9();
+  const version = readPackageVersion2();
+  const reportPath = writeLocalTestReport(id, project, version);
+  checks.push({ check: "local_report_file", level: "pass", detail: reportPath });
+  if (!licenseKey && !licenseToken) {
+    checks.push({
+      check: "upstream_post",
+      level: "fail",
+      detail: "not sent because this device has no license key/token",
+      next: "Run `exe-os setup` or ask AskExe to provision this customer device."
+    });
+    return checks;
+  }
+  const payload = {
+    id,
+    title: `TEST \u2014 ${project} support intake (${version})`,
+    classification: "unclear",
+    severity: "p3",
+    summary: "Synthetic exe-os support intake smoke test. Safe to close.",
+    customer_impact: "No customer impact; diagnostic only.",
+    reproduction_steps: ["Run exe-os support test"],
+    expected: "The report reaches AskExe support intake and can be triaged.",
+    actual: "Smoke test submitted by exe-os support test.",
+    package_version: `@askexenow/exe-os@${version}`,
+    project_name: project,
+    agent_id: "support-test",
+    agent_role: "diagnostic",
+    report_path: reportPath,
+    markdown: readFileSync32(reportPath, "utf8")
+  };
+  try {
+    const headers = { "content-type": "application/json" };
+    if (licenseKey) headers["x-exe-license-key"] = licenseKey;
+    if (licenseToken) headers["x-exe-license-token"] = licenseToken;
+    const res = await fetch(endpoints.bugEndpoint, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(payload),
+      signal: AbortSignal.timeout(15e3)
+    });
+    const data = await safeJson2(res);
+    checks.push({
+      check: "upstream_post",
+      level: res.ok ? "pass" : "fail",
+      detail: res.ok ? `sent id=${String(data?.id ?? id)}` : summarizeHttpFailure(res.status, data),
+      next: res.ok ? void 0 : nextForPostFailure(res.status)
+    });
+    if (res.ok) {
+      checks.push(await maybeCloseAdmin(String(data?.id ?? id), endpoints.adminEndpoint, version));
+    }
+  } catch (err) {
+    checks.push({
+      check: "upstream_post",
+      level: "fail",
+      detail: err instanceof Error ? err.message : String(err),
+      next: "Check internet access, then run `exe-os support test` again."
+    });
+  }
+  return checks;
+}
+async function resolveEndpoints() {
+  const config2 = await loadConfig();
+  const bugEndpoint = process.env.EXE_SUPPORT_BUG_REPORT_ENDPOINT ?? config2.support?.bugReportEndpoint ?? DEFAULT_BUG_ENDPOINT;
+  const healthEndpoint = process.env.EXE_SUPPORT_HEALTH_ENDPOINT ?? bugEndpoint.replace(/\/bug-reports\/?$/, "/health");
+  const adminEndpoint = process.env.ASKEXE_SUPPORT_ADMIN_ENDPOINT ?? process.env.EXE_SUPPORT_ADMIN_ENDPOINT ?? DEFAULT_ADMIN_ENDPOINT;
+  return { bugEndpoint, healthEndpoint, adminEndpoint };
+}
+function checkLocalWrite() {
+  const dir = path50.join(EXE_AI_DIR, "bug-reports");
+  const testPath = path50.join(dir, ".support-write-test");
+  try {
+    mkdirSync21(dir, { recursive: true, mode: 448 });
+    writeFileSync23(testPath, "ok\n", { mode: 384 });
+    unlinkSync12(testPath);
+    return { check: "local_bug_report_dir_writable", level: "pass", detail: dir };
+  } catch (err) {
+    return {
+      check: "local_bug_report_dir_writable",
+      level: "fail",
+      detail: err instanceof Error ? err.message : String(err),
+      next: "Fix permissions on ~/.exe-os or rerun setup on a writable user account."
+    };
+  }
+}
+function writeLocalTestReport(id, project, version) {
+  const dir = path50.join(EXE_AI_DIR, "bug-reports");
+  mkdirSync21(dir, { recursive: true, mode: 448 });
+  const date = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+  const filePath = path50.join(dir, `${date}-support-intake-test-${id.slice(0, 8)}.md`);
+  writeFileSync23(filePath, `# TEST \u2014 ${project} support intake
+
+Report ID: ${id}
+Package: @askexenow/exe-os@${version}
+
+Synthetic smoke test from \`exe-os support test\`. Safe to close.
+`, { mode: 384 });
+  return filePath;
+}
+async function maybeCloseAdmin(id, adminEndpoint, version) {
+  const token = process.env.ASKEXE_SUPPORT_ADMIN_TOKEN ?? process.env.EXE_SUPPORT_ADMIN_TOKEN;
+  if (!token) {
+    return { check: "askexe_admin_autoclose", level: "warn", detail: "skipped; admin token is AskExe-only" };
+  }
+  try {
+    const res = await fetch(`${adminEndpoint}/${encodeURIComponent(id)}`, {
+      method: "PATCH",
+      headers: { authorization: `Bearer ${token}`, "content-type": "application/json" },
+      body: JSON.stringify({
+        status: "closed",
+        triage_notes: "Auto-closed synthetic support smoke test.",
+        fixed_version: version
+      }),
+      signal: AbortSignal.timeout(1e4)
+    });
+    return {
+      check: "askexe_admin_autoclose",
+      level: res.ok ? "pass" : "warn",
+      detail: res.ok ? "closed" : `${res.status} ${await res.text()}`,
+      next: res.ok ? void 0 : "Report was sent; AskExe can close the smoke report manually."
+    };
+  } catch (err) {
+    return {
+      check: "askexe_admin_autoclose",
+      level: "warn",
+      detail: err instanceof Error ? err.message : String(err),
+      next: "Report was sent; AskExe can close the smoke report manually."
+    };
+  }
+}
+function readPackageVersion2() {
+  let dir = path50.dirname(new URL(import.meta.url).pathname);
+  for (let i = 0; i < 6; i++) {
+    const pkg = path50.join(dir, "package.json");
+    try {
+      const parsed = JSON.parse(readFileSync32(pkg, "utf8"));
+      if (parsed.version) return parsed.version;
+    } catch {
+    }
+    dir = path50.dirname(dir);
+  }
+  return "unknown";
+}
+async function safeJson2(res) {
+  try {
+    return await res.json();
+  } catch {
+    return null;
+  }
+}
+function hasFailures(rows) {
+  return rows.some((row) => row.level === "fail");
+}
+function summarizeHttpFailure(status, data) {
+  const error = data?.error;
+  return `${status} ${error?.message ?? JSON.stringify(data)}`;
+}
+function nextForPostFailure(status) {
+  if (status === 401) return "License credentials were not sent. Run `exe-os support health` and check license_key_present.";
+  if (status === 403) return "License is valid locally but not accepted by support intake. AskExe must check server-side license provisioning.";
+  if (status >= 500) return "AskExe support intake is unhealthy server-side. Try again shortly and report the local file path.";
+  return "Run `exe-os support health`; if it passes, send this output to AskExe.";
+}
+
+// src/mcp/tools/support.ts
+function formatRows(rows, mode) {
+  const lines = [`exe-os support ${mode}`, ""];
+  for (const row of rows) {
+    const icon = row.level === "pass" ? "\u2705" : row.level === "warn" ? "\u26A0\uFE0F" : "\u274C";
+    lines.push(`${icon} ${row.check}: ${row.detail}`);
+    if (row.next) lines.push(`   \u2192 ${row.next}`);
+  }
+  lines.push("");
+  if (hasFailures(rows)) {
+    lines.push("Result: not ready. Fix the failed item(s), then rerun this tool.");
+  } else if (rows.some((row) => row.level === "warn")) {
+    lines.push("Result: ready with warnings. Bug reports can be sent; warnings are informational unless AskExe asked for stricter validation.");
+  } else {
+    lines.push(mode === "test" ? "Result: ready. AskExe received the test report." : "Result: ready. Use support_test for an end-to-end send test.");
+  }
+  return lines.join("\n");
+}
+function registerSupportTools(server2) {
+  server2.registerTool(
+    "support_health",
+    {
+      title: "Support Health",
+      description: "Customer-safe support intake health check. Verifies local bug-report directory, license presence, and AskExe support server health without filing a report.",
+      inputSchema: {}
+    },
+    async () => {
+      const checks = await runHealth();
+      return {
+        content: [{ type: "text", text: formatRows(checks, "health") }],
+        structuredContent: { ok: !hasFailures(checks), checks },
+        isError: hasFailures(checks)
+      };
+    }
+  );
+  server2.registerTool(
+    "support_test",
+    {
+      title: "Support Test",
+      description: "End-to-end support intake smoke test. Files a clearly marked test report upstream and auto-closes it on AskExe machines with admin credentials.",
+      inputSchema: {
+        project: z88.string().default("support-smoke").describe("Customer/project name, e.g. hygo")
+      }
+    },
+    async ({ project }) => {
+      const checks = await runTest(project);
+      return {
+        content: [{ type: "text", text: formatRows(checks, "test") }],
+        structuredContent: { ok: !hasFailures(checks), checks },
+        isError: hasFailures(checks)
+      };
+    }
+  );
+}
+
 // src/mcp/tools/get-session-events.ts
 init_active_agent();
 init_fast_db_init();
-import { z as z88 } from "zod";
+import { z as z89 } from "zod";
 
 // src/lib/session-events.ts
 init_task_scope();
 init_project_name();
-import { randomUUID as randomUUID9 } from "crypto";
+import { randomUUID as randomUUID10 } from "crypto";
 async function ensureSessionEventsTable(client) {
   await client.execute(`
     CREATE TABLE IF NOT EXISTS session_events (
@@ -27132,7 +27410,7 @@ async function listRecentSessionEvents(client, options) {
 }
 
 // src/mcp/tools/get-session-events.ts
-var EVENT_TYPE = z88.enum([
+var EVENT_TYPE = z89.enum([
   "user_prompt",
   "assistant_response",
   "tool_call",
@@ -27162,11 +27440,11 @@ function registerGetSessionEvents(server2) {
       title: "Get Session Events",
       description: "Return exact recent chronological user prompts, assistant responses, and tool calls from the append-only session journal. Use this when asked what happened last, not semantic memory search.",
       inputSchema: {
-        agent_id: z88.string().optional().describe("Agent to inspect. Defaults to active agent. COO/CTO may inspect others."),
-        session_id: z88.string().optional().describe("Optional exact runtime session id."),
+        agent_id: z89.string().optional().describe("Agent to inspect. Defaults to active agent. COO/CTO may inspect others."),
+        session_id: z89.string().optional().describe("Optional exact runtime session id."),
         event_type: EVENT_TYPE.optional().describe("Filter to one event type."),
-        project_name: z88.string().optional().describe("Optional project filter. Pass 'all' for all projects."),
-        limit: z88.number().int().min(1).max(100).default(20).describe("Number of events to return.")
+        project_name: z89.string().optional().describe("Optional project filter. Pass 'all' for all projects."),
+        limit: z89.number().int().min(1).max(100).default(20).describe("Number of events to return.")
       }
     },
     async ({ agent_id, session_id, event_type, project_name, limit }) => {
@@ -27202,8 +27480,8 @@ function registerGetLastAssistantResponse(server2) {
       title: "Get Last Assistant Response",
       description: "Return the exact last assistant response for an agent from the session event journal. Use for 'what was the last thing you said?'",
       inputSchema: {
-        agent_id: z88.string().optional().describe("Agent to inspect. Defaults to active agent. COO/CTO may inspect others."),
-        project_name: z88.string().optional().describe("Optional project filter. Pass 'all' for all projects.")
+        agent_id: z89.string().optional().describe("Agent to inspect. Defaults to active agent. COO/CTO may inspect others."),
+        project_name: z89.string().optional().describe("Optional project filter. Pass 'all' for all projects.")
       }
     },
     async ({ agent_id, project_name }) => {
@@ -27233,32 +27511,32 @@ function registerGetLastAssistantResponse(server2) {
 }
 
 // src/mcp/tools/code-context.ts
-import { z as z89 } from "zod";
+import { z as z90 } from "zod";
 
 // src/lib/code-context-index.ts
 init_config();
 import crypto19 from "crypto";
-import path50 from "path";
-import { existsSync as existsSync39, mkdirSync as mkdirSync21, readFileSync as readFileSync32, readdirSync as readdirSync14, statSync as statSync9, writeFileSync as writeFileSync23 } from "fs";
+import path51 from "path";
+import { existsSync as existsSync39, mkdirSync as mkdirSync22, readFileSync as readFileSync33, readdirSync as readdirSync14, statSync as statSync9, writeFileSync as writeFileSync24 } from "fs";
 import { spawnSync } from "child_process";
 var INDEX_VERSION = 2;
 var DEFAULT_MAX_FILES = 5e3;
 var IGNORE_SEGMENTS = /* @__PURE__ */ new Set(["node_modules", "dist", ".git", "coverage", ".worktrees", ".next", "build", "target", "vendor"]);
 function normalizeProjectRoot(projectRoot) {
-  return path50.resolve(projectRoot || process.cwd());
+  return path51.resolve(projectRoot || process.cwd());
 }
 function hashText(text3) {
   return crypto19.createHash("sha256").update(text3).digest("hex");
 }
 function indexDir() {
-  const dir = path50.join(EXE_AI_DIR, "code-context");
-  mkdirSync21(dir, { recursive: true });
+  const dir = path51.join(EXE_AI_DIR, "code-context");
+  mkdirSync22(dir, { recursive: true });
   return dir;
 }
 function getCodeContextIndexPath(projectRoot) {
   const root = normalizeProjectRoot(projectRoot);
   const rootHash = hashText(root).slice(0, 16);
-  return path50.join(indexDir(), `${rootHash}.json`);
+  return path51.join(indexDir(), `${rootHash}.json`);
 }
 function currentBranch(projectRoot) {
   const result2 = spawnSync("git", ["branch", "--show-current"], { cwd: projectRoot, encoding: "utf8", timeout: 2e3 });
@@ -27271,8 +27549,8 @@ function shouldIgnore(relPath) {
 }
 function listRecursive(projectRoot, dir = projectRoot, out = []) {
   for (const entry of readdirSync14(dir, { withFileTypes: true })) {
-    const abs = path50.join(dir, entry.name);
-    const rel = path50.relative(projectRoot, abs).replaceAll(path50.sep, "/");
+    const abs = path51.join(dir, entry.name);
+    const rel = path51.relative(projectRoot, abs).replaceAll(path51.sep, "/");
     if (shouldIgnore(rel)) continue;
     if (entry.isDirectory()) listRecursive(projectRoot, abs, out);
     else if (entry.isFile()) out.push(rel);
@@ -27288,7 +27566,7 @@ function listCodeFiles(projectRoot, maxFiles) {
     const rg = spawnSync("rg", ["--files"], { cwd: projectRoot, encoding: "utf8", timeout: 5e3, maxBuffer: 1024 * 1024 * 16 });
     files = rg.status === 0 && rg.stdout.trim() ? rg.stdout.split("\n").map((s) => s.trim()).filter(Boolean) : listRecursive(projectRoot);
   }
-  return files.map((file) => file.replaceAll(path50.sep, "/")).filter((file) => isChunkable(file) && !shouldIgnore(file)).slice(0, maxFiles).sort();
+  return files.map((file) => file.replaceAll(path51.sep, "/")).filter((file) => isChunkable(file) && !shouldIgnore(file)).slice(0, maxFiles).sort();
 }
 function parseImportPaths(importText) {
   const paths = [];
@@ -27301,13 +27579,13 @@ function parseImportPaths(importText) {
 }
 function resolveImport(fromFile, importPath, allFiles) {
   if (!importPath.startsWith(".")) return null;
-  const base = path50.posix.normalize(path50.posix.join(path50.posix.dirname(fromFile.replaceAll(path50.sep, "/")), importPath));
+  const base = path51.posix.normalize(path51.posix.join(path51.posix.dirname(fromFile.replaceAll(path51.sep, "/")), importPath));
   const withoutKnownExt = base.replace(/\.(?:[a-z0-9]+)$/i, "");
   const candidates = [base];
   for (const ext of ["ts", "tsx", "js", "jsx", "py", "rs", "go", "java", "cs", "cpp", "c", "rb", "php", "swift", "kt", "scala", "sql", "md", "json", "yaml", "yml"]) {
     candidates.push(`${withoutKnownExt}.${ext}`, `${base}.${ext}`);
   }
-  for (const indexName of ["index.ts", "index.tsx", "index.js", "mod.rs", "__init__.py"]) candidates.push(path50.posix.join(base, indexName));
+  for (const indexName of ["index.ts", "index.tsx", "index.js", "mod.rs", "__init__.py"]) candidates.push(path51.posix.join(base, indexName));
   return candidates.find((candidate) => allFiles.has(candidate)) ?? null;
 }
 function symbolId(filePath, chunk) {
@@ -27317,7 +27595,7 @@ function loadIndex(projectRoot) {
   const file = getCodeContextIndexPath(projectRoot);
   if (!existsSync39(file)) return null;
   try {
-    const parsed = JSON.parse(readFileSync32(file, "utf8"));
+    const parsed = JSON.parse(readFileSync33(file, "utf8"));
     if (parsed.version !== INDEX_VERSION || parsed.projectRoot !== projectRoot) return null;
     return parsed;
   } catch {
@@ -27325,10 +27603,10 @@ function loadIndex(projectRoot) {
   }
 }
 function saveIndex(index) {
-  writeFileSync23(getCodeContextIndexPath(index.projectRoot), JSON.stringify(index, null, 2));
+  writeFileSync24(getCodeContextIndexPath(index.projectRoot), JSON.stringify(index, null, 2));
 }
 function buildFileRecord(projectRoot, relPath, allFiles, previous) {
-  const absPath = path50.join(projectRoot, relPath);
+  const absPath = path51.join(projectRoot, relPath);
   let stat;
   try {
     stat = statSync9(absPath);
@@ -27338,7 +27616,7 @@ function buildFileRecord(projectRoot, relPath, allFiles, previous) {
   if (!stat.isFile()) return { record: null, reused: false };
   const language = languageForFile(relPath);
   if (!language || !isChunkable(relPath)) return { record: null, reused: false };
-  const source = readFileSync32(absPath, "utf8");
+  const source = readFileSync33(absPath, "utf8");
   const hash = hashText(source);
   if (previous && previous.hash === hash && previous.mtimeMs === stat.mtimeMs && previous.size === stat.size && previous.language === language) {
     return { record: previous, reused: true };
@@ -27366,13 +27644,13 @@ function buildCodeContextIndex(options = {}) {
   const branch = currentBranch(projectRoot);
   const previous = options.force ? null : loadIndex(projectRoot);
   const files = listCodeFiles(projectRoot, maxFiles);
-  const allFiles = new Set(files.map((file) => file.replaceAll(path50.sep, "/")));
+  const allFiles = new Set(files.map((file) => file.replaceAll(path51.sep, "/")));
   const fileRecords = {};
   let rebuiltFiles = 0;
   let reusedFiles = 0;
   let skippedFiles = 0;
   for (const rel of files) {
-    const normalized = rel.replaceAll(path50.sep, "/");
+    const normalized = rel.replaceAll(path51.sep, "/");
     const { record, reused } = buildFileRecord(projectRoot, normalized, allFiles, previous?.files[normalized]);
     if (record) {
       fileRecords[normalized] = record;
@@ -27401,11 +27679,11 @@ function loadOrBuildCodeContextIndex(options = {}) {
     if (loaded) {
       const currentFiles = listCodeFiles(projectRoot, options.maxFiles ?? DEFAULT_MAX_FILES);
       const unchanged = currentFiles.every((rel) => {
-        const normalized = rel.replaceAll(path50.sep, "/");
+        const normalized = rel.replaceAll(path51.sep, "/");
         const existing = loaded.files[normalized];
         if (!existing) return false;
         try {
-          const stat = statSync9(path50.join(projectRoot, normalized));
+          const stat = statSync9(path51.join(projectRoot, normalized));
           return stat.mtimeMs === existing.mtimeMs && stat.size === existing.size;
         } catch {
           return false;
@@ -27458,9 +27736,9 @@ function globToRegex(pattern) {
 }
 function matchesPath(filePath, patterns) {
   if (!patterns || patterns.length === 0) return true;
-  const normalized = filePath.replaceAll(path50.sep, "/");
+  const normalized = filePath.replaceAll(path51.sep, "/");
   return patterns.some((pattern) => {
-    const p = pattern.replaceAll(path50.sep, "/").replace(/^\.\//, "");
+    const p = pattern.replaceAll(path51.sep, "/").replace(/^\.\//, "");
     return normalized === p || normalized.startsWith(`${p}/`) || normalized.endsWith(p) || globToRegex(p).test(normalized);
   });
 }
@@ -27578,7 +27856,7 @@ function traceCodeSymbol(symbolName, options = {}) {
 }
 function resolveTargetFile(index, input) {
   if (input.filePath) {
-    const normalized = input.filePath.replaceAll(path50.sep, "/").replace(/^\.\//, "");
+    const normalized = input.filePath.replaceAll(path51.sep, "/").replace(/^\.\//, "");
     if (index.files[normalized]) return { filePath: normalized, target: normalized };
     const suffix = Object.keys(index.files).find((file) => file.endsWith(normalized));
     if (suffix) return { filePath: suffix, target: input.filePath };
@@ -27608,7 +27886,7 @@ function analyzeBlastRadius(input) {
       }
     }
   }
-  const targetBase = path50.basename(target.filePath).replace(/\.[^.]+$/, "").toLowerCase();
+  const targetBase = path51.basename(target.filePath).replace(/\.[^.]+$/, "").toLowerCase();
   const symbolLower = input.symbol?.toLowerCase();
   const tests = Object.keys(index.files).filter((file) => {
     const lower = file.toLowerCase();
@@ -27649,19 +27927,19 @@ function registerCodeContext(server2) {
     title: "Code Context",
     description: "Persistent codebase context engine. One consolidated tool to avoid MCP bloat. Actions: index, search, trace, blast_radius, stats.",
     inputSchema: {
-      action: z89.enum(["index", "search", "trace", "blast_radius", "stats"]).describe("Code context operation"),
-      project_root: z89.string().optional().describe("Repository root. Defaults to current working directory."),
-      query: z89.string().optional().describe("Search query for action=search"),
-      symbol: z89.string().optional().describe("Symbol/function/class/type name for trace or blast_radius"),
-      file_path: z89.string().optional().describe("File path for blast_radius"),
-      force: z89.boolean().optional().describe("Force rebuild before answering"),
-      limit: z89.coerce.number().int().min(1).max(100).optional().describe("Max results"),
-      offset: z89.coerce.number().int().min(0).optional().describe("Search pagination offset"),
-      refresh_index: z89.boolean().optional().describe("Refresh/rebuild index before searching"),
-      languages: z89.array(z89.string()).optional().describe('Language filters, e.g. ["python", "typescript"]'),
-      paths: z89.array(z89.string()).optional().describe("Path/glob filters"),
-      depth: z89.coerce.number().int().min(1).max(5).optional().describe("Dependent traversal depth for blast_radius"),
-      max_files: z89.coerce.number().int().min(1).max(1e4).optional().describe("Max code files to index")
+      action: z90.enum(["index", "search", "trace", "blast_radius", "stats"]).describe("Code context operation"),
+      project_root: z90.string().optional().describe("Repository root. Defaults to current working directory."),
+      query: z90.string().optional().describe("Search query for action=search"),
+      symbol: z90.string().optional().describe("Symbol/function/class/type name for trace or blast_radius"),
+      file_path: z90.string().optional().describe("File path for blast_radius"),
+      force: z90.boolean().optional().describe("Force rebuild before answering"),
+      limit: z90.coerce.number().int().min(1).max(100).optional().describe("Max results"),
+      offset: z90.coerce.number().int().min(0).optional().describe("Search pagination offset"),
+      refresh_index: z90.boolean().optional().describe("Refresh/rebuild index before searching"),
+      languages: z90.array(z90.string()).optional().describe('Language filters, e.g. ["python", "typescript"]'),
+      paths: z90.array(z90.string()).optional().describe("Path/glob filters"),
+      depth: z90.coerce.number().int().min(1).max(5).optional().describe("Dependent traversal depth for blast_radius"),
+      max_files: z90.coerce.number().int().min(1).max(1e4).optional().describe("Max code files to index")
     }
   }, async ({ action, project_root, query, symbol, file_path, force, limit, offset, refresh_index, languages, paths, depth, max_files }) => {
     const opts = { projectRoot: project_root, force, maxFiles: max_files };
@@ -27706,9 +27984,9 @@ function registerCodeContext(server2) {
 }
 
 // src/mcp/tools/support-inbox.ts
-import { z as z90 } from "zod";
+import { z as z91 } from "zod";
 var DEFAULT_ENDPOINT = "https://askexe.com/admin/support/bug-reports";
-var STATUS = z90.enum(["open", "triaged", "fixed", "closed", "wontfix"]);
+var STATUS = z91.enum(["open", "triaged", "fixed", "closed", "wontfix"]);
 function adminToken() {
   return process.env.ASKEXE_SUPPORT_ADMIN_TOKEN || process.env.EXE_SUPPORT_ADMIN_TOKEN;
 }
@@ -27747,9 +28025,9 @@ function registerListBugReports(server2) {
       title: "List Bug Reports",
       description: "AskExe-internal only: list incoming customer bug reports from the support inbox.",
       inputSchema: {
-        status: z90.enum(["all", "open", "triaged", "fixed", "closed", "wontfix"]).default("open"),
-        severity: z90.enum(["p0", "p1", "p2", "p3"]).optional(),
-        limit: z90.number().int().min(1).max(100).default(25)
+        status: z91.enum(["all", "open", "triaged", "fixed", "closed", "wontfix"]).default("open"),
+        severity: z91.enum(["p0", "p1", "p2", "p3"]).optional(),
+        limit: z91.number().int().min(1).max(100).default(25)
       }
     },
     async ({ status, severity, limit }) => {
@@ -27768,7 +28046,7 @@ function registerGetBugReport(server2) {
     {
       title: "Get Bug Report",
       description: "AskExe-internal only: fetch one customer bug report with full markdown payload.",
-      inputSchema: { id: z90.string().min(8) }
+      inputSchema: { id: z91.string().min(8) }
     },
     async ({ id }) => {
       const data = await requestJson(`${endpoint()}/${encodeURIComponent(id)}`);
@@ -27783,12 +28061,12 @@ function registerTriageBugReport(server2) {
       title: "Triage Bug Report",
       description: "AskExe-internal only: update bug report status and link task/commit/release metadata.",
       inputSchema: {
-        id: z90.string().min(8),
+        id: z91.string().min(8),
         status: STATUS.optional(),
-        triage_notes: z90.string().optional(),
-        linked_task_id: z90.string().optional(),
-        linked_commit: z90.string().optional(),
-        fixed_version: z90.string().optional()
+        triage_notes: z91.string().optional(),
+        linked_task_id: z91.string().optional(),
+        linked_commit: z91.string().optional(),
+        fixed_version: z91.string().optional()
       }
     },
     async ({ id, status, triage_notes, linked_task_id, linked_commit, fixed_version }) => {
@@ -27851,6 +28129,7 @@ var TOOL_CATEGORIES = {
   registerStoreDecision: "core",
   registerGetDecision: "core",
   registerCreateBugReport: "core",
+  registerSupportTools: "core",
   registerGetSessionEvents: "core",
   registerGetLastAssistantResponse: "core",
   registerCodeContext: "graph-read",
@@ -28120,6 +28399,7 @@ function registerAllTools(server2) {
   gate("registerStoreDecision", registerStoreDecision);
   gate("registerGetDecision", registerGetDecision);
   gate("registerCreateBugReport", registerCreateBugReport);
+  gate("registerSupportTools", registerSupportTools);
   gate("registerGetSessionEvents", registerGetSessionEvents);
   gate("registerGetLastAssistantResponse", registerGetLastAssistantResponse);
   gate("registerCodeContext", registerCodeContext);
@@ -28293,16 +28573,16 @@ try {
     }
   }, 3e4);
   _ppidWatchdog.unref();
-  const MCP_VERSION_PATH = path51.join(os20.homedir(), ".exe-os", "mcp-version");
+  const MCP_VERSION_PATH = path52.join(os20.homedir(), ".exe-os", "mcp-version");
   let _currentMcpVersion = null;
   try {
-    _currentMcpVersion = existsSync40(MCP_VERSION_PATH) ? readFileSync33(MCP_VERSION_PATH, "utf8").trim() : null;
+    _currentMcpVersion = existsSync40(MCP_VERSION_PATH) ? readFileSync34(MCP_VERSION_PATH, "utf8").trim() : null;
   } catch {
   }
   const _versionWatchdog = setInterval(() => {
     try {
       if (!existsSync40(MCP_VERSION_PATH)) return;
-      const diskVersion = readFileSync33(MCP_VERSION_PATH, "utf8").trim();
+      const diskVersion = readFileSync34(MCP_VERSION_PATH, "utf8").trim();
       if (_currentMcpVersion && diskVersion !== _currentMcpVersion) {
         process.stderr.write(
           `[exe-os] MCP version changed (${_currentMcpVersion} \u2192 ${diskVersion}). Hot-reloading...
@@ -28335,14 +28615,14 @@ try {
 `
       );
       const thisFile = fileURLToPath6(import.meta.url);
-      const backfillPath = path51.resolve(
-        path51.dirname(thisFile),
+      const backfillPath = path52.resolve(
+        path52.dirname(thisFile),
         "../bin/backfill-vectors.js"
       );
       if (existsSync40(backfillPath)) {
         const { EXE_AI_DIR: exeDir } = await Promise.resolve().then(() => (init_config(), config_exports));
-        const logPath = path51.join(exeDir, "workers.log");
-        mkdirSync22(path51.dirname(logPath), { recursive: true });
+        const logPath = path52.join(exeDir, "workers.log");
+        mkdirSync23(path52.dirname(logPath), { recursive: true });
         let logFd = "ignore";
         try {
           logFd = openSync4(logPath, "a");