@askexenow/exe-os 0.9.8 → 0.9.9

package/dist/lib/config.js

@@ -1,14 +1,35 @@
 // src/lib/config.ts
-import { readFile, writeFile, mkdir, chmod } from "fs/promises";
-import { readFileSync, existsSync, renameSync } from "fs";
+import { readFile, writeFile } from "fs/promises";
+import { readFileSync, existsSync as existsSync2, renameSync } from "fs";
 import path from "path";
 import os from "os";
+
+// src/lib/secure-files.ts
+import { chmodSync, existsSync, mkdirSync } from "fs";
+import { chmod, mkdir } from "fs/promises";
+var PRIVATE_DIR_MODE = 448;
+var PRIVATE_FILE_MODE = 384;
+async function ensurePrivateDir(dirPath) {
+  await mkdir(dirPath, { recursive: true, mode: PRIVATE_DIR_MODE });
+  try {
+    await chmod(dirPath, PRIVATE_DIR_MODE);
+  } catch {
+  }
+}
+async function enforcePrivateFile(filePath) {
+  try {
+    await chmod(filePath, PRIVATE_FILE_MODE);
+  } catch {
+  }
+}
+
+// src/lib/config.ts
 function resolveDataDir() {
   if (process.env.EXE_OS_DIR) return process.env.EXE_OS_DIR;
   if (process.env.EXE_MEM_DIR) return process.env.EXE_MEM_DIR;
   const newDir = path.join(os.homedir(), ".exe-os");
   const legacyDir = path.join(os.homedir(), ".exe-mem");
-  if (!existsSync(newDir) && existsSync(legacyDir)) {
+  if (!existsSync2(newDir) && existsSync2(legacyDir)) {
     try {
       renameSync(legacyDir, newDir);
       process.stderr.write(`[exe-os] Migrated data directory: ~/.exe-mem \u2192 ~/.exe-os
@@ -144,9 +165,9 @@ function normalizeAutoUpdate(raw) {
 }
 async function loadConfig() {
   const dir = process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? EXE_AI_DIR;
-  await mkdir(dir, { recursive: true });
+  await ensurePrivateDir(dir);
   const configPath = path.join(dir, "config.json");
-  if (!existsSync(configPath)) {
+  if (!existsSync2(configPath)) {
     return { ...DEFAULT_CONFIG, dbPath: path.join(dir, "memories.db") };
   }
   const raw = await readFile(configPath, "utf-8");
@@ -159,6 +180,7 @@ async function loadConfig() {
 `);
       try {
         await writeFile(configPath, JSON.stringify(migratedCfg, null, 2) + "\n");
+        await enforcePrivateFile(configPath);
       } catch {
       }
     }
@@ -177,7 +199,7 @@ async function loadConfig() {
 function loadConfigSync() {
   const dir = process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? EXE_AI_DIR;
   const configPath = path.join(dir, "config.json");
-  if (!existsSync(configPath)) {
+  if (!existsSync2(configPath)) {
     return { ...DEFAULT_CONFIG, dbPath: path.join(dir, "memories.db") };
   }
   try {
@@ -195,12 +217,10 @@ function loadConfigSync() {
 }
 async function saveConfig(config) {
   const dir = process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? EXE_AI_DIR;
-  await mkdir(dir, { recursive: true });
+  await ensurePrivateDir(dir);
   const configPath = path.join(dir, "config.json");
   await writeFile(configPath, JSON.stringify(config, null, 2) + "\n");
-  if (config.cloud?.apiKey) {
-    await chmod(configPath, 384);
-  }
+  await enforcePrivateFile(configPath);
 }
 async function loadConfigFrom(configPath) {
   const raw = await readFile(configPath, "utf-8");

package/dist/lib/consolidation.js

@@ -10,9 +10,18 @@ var init_db_retry = __esm({
   }
 });
 
+// src/lib/secure-files.ts
+import { chmodSync, existsSync, mkdirSync } from "fs";
+import { chmod, mkdir } from "fs/promises";
+var init_secure_files = __esm({
+  "src/lib/secure-files.ts"() {
+    "use strict";
+  }
+});
+
 // src/lib/config.ts
-import { readFile, writeFile, mkdir, chmod } from "fs/promises";
-import { readFileSync, existsSync, renameSync } from "fs";
+import { readFile, writeFile } from "fs/promises";
+import { readFileSync, existsSync as existsSync2, renameSync } from "fs";
 import path from "path";
 import os from "os";
 function resolveDataDir() {
@@ -20,7 +29,7 @@ function resolveDataDir() {
   if (process.env.EXE_MEM_DIR) return process.env.EXE_MEM_DIR;
   const newDir = path.join(os.homedir(), ".exe-os");
   const legacyDir = path.join(os.homedir(), ".exe-mem");
-  if (!existsSync(newDir) && existsSync(legacyDir)) {
+  if (!existsSync2(newDir) && existsSync2(legacyDir)) {
     try {
       renameSync(legacyDir, newDir);
       process.stderr.write(`[exe-os] Migrated data directory: ~/.exe-mem \u2192 ~/.exe-os
@@ -35,6 +44,7 @@ var EXE_AI_DIR, DB_PATH, MODELS_DIR, CONFIG_PATH, LEGACY_LANCE_PATH, CURRENT_CON
 var init_config = __esm({
   "src/lib/config.ts"() {
     "use strict";
+    init_secure_files();
     EXE_AI_DIR = resolveDataDir();
     DB_PATH = path.join(EXE_AI_DIR, "memories.db");
     MODELS_DIR = path.join(EXE_AI_DIR, "models");
@@ -103,7 +113,7 @@ var init_config = __esm({
 
 // src/lib/employees.ts
 import { readFile as readFile2, writeFile as writeFile2, mkdir as mkdir2 } from "fs/promises";
-import { existsSync as existsSync2, symlinkSync, readlinkSync, readFileSync as readFileSync2, renameSync as renameSync2, unlinkSync, writeFileSync } from "fs";
+import { existsSync as existsSync3, symlinkSync, readlinkSync, readFileSync as readFileSync2, renameSync as renameSync2, unlinkSync, writeFileSync } from "fs";
 import { execSync } from "child_process";
 import path2 from "path";
 import os2 from "os";
@@ -124,7 +134,7 @@ function isCoordinatorName(agentName, employees = loadEmployeesSync()) {
   return agentName.toLowerCase() === getCoordinatorName(employees).toLowerCase();
 }
 function loadEmployeesSync(employeesPath = EMPLOYEES_PATH) {
-  if (!existsSync2(employeesPath)) return [];
+  if (!existsSync3(employeesPath)) return [];
   try {
     return JSON.parse(readFileSync2(employeesPath, "utf-8"));
   } catch {
@@ -184,7 +194,7 @@ init_database();
 
 // src/lib/keychain.ts
 import { readFile as readFile3, writeFile as writeFile3, unlink, mkdir as mkdir3, chmod as chmod2 } from "fs/promises";
-import { existsSync as existsSync3 } from "fs";
+import { existsSync as existsSync4 } from "fs";
 import path4 from "path";
 import os4 from "os";
 

package/dist/lib/database.js

@@ -8,9 +8,34 @@ var __export = (target, all) => {
     __defProp(target, name, { get: all[name], enumerable: true });
 };
 
+// src/lib/secure-files.ts
+import { chmodSync, existsSync, mkdirSync } from "fs";
+import { chmod, mkdir } from "fs/promises";
+function ensurePrivateDirSync(dirPath) {
+  mkdirSync(dirPath, { recursive: true, mode: PRIVATE_DIR_MODE });
+  try {
+    chmodSync(dirPath, PRIVATE_DIR_MODE);
+  } catch {
+  }
+}
+function enforcePrivateFileSync(filePath) {
+  try {
+    if (existsSync(filePath)) chmodSync(filePath, PRIVATE_FILE_MODE);
+  } catch {
+  }
+}
+var PRIVATE_DIR_MODE, PRIVATE_FILE_MODE;
+var init_secure_files = __esm({
+  "src/lib/secure-files.ts"() {
+    "use strict";
+    PRIVATE_DIR_MODE = 448;
+    PRIVATE_FILE_MODE = 384;
+  }
+});
+
 // src/lib/config.ts
-import { readFile, writeFile, mkdir, chmod } from "fs/promises";
-import { readFileSync, existsSync, renameSync } from "fs";
+import { readFile, writeFile } from "fs/promises";
+import { readFileSync, existsSync as existsSync2, renameSync } from "fs";
 import path from "path";
 import os from "os";
 function resolveDataDir() {
@@ -18,7 +43,7 @@ function resolveDataDir() {
   if (process.env.EXE_MEM_DIR) return process.env.EXE_MEM_DIR;
   const newDir = path.join(os.homedir(), ".exe-os");
   const legacyDir = path.join(os.homedir(), ".exe-mem");
-  if (!existsSync(newDir) && existsSync(legacyDir)) {
+  if (!existsSync2(newDir) && existsSync2(legacyDir)) {
     try {
       renameSync(legacyDir, newDir);
       process.stderr.write(`[exe-os] Migrated data directory: ~/.exe-mem \u2192 ~/.exe-os
@@ -33,6 +58,7 @@ var EXE_AI_DIR, DB_PATH, MODELS_DIR, CONFIG_PATH, LEGACY_LANCE_PATH, CURRENT_CON
 var init_config = __esm({
   "src/lib/config.ts"() {
     "use strict";
+    init_secure_files();
     EXE_AI_DIR = resolveDataDir();
     DB_PATH = path.join(EXE_AI_DIR, "memories.db");
     MODELS_DIR = path.join(EXE_AI_DIR, "models");
@@ -99,13 +125,50 @@ var init_config = __esm({
   }
 });
 
+// src/lib/daemon-auth.ts
+import crypto from "crypto";
+import path4 from "path";
+import { existsSync as existsSync4, readFileSync as readFileSync3, writeFileSync as writeFileSync2 } from "fs";
+function normalizeToken(token) {
+  if (!token) return null;
+  const trimmed = token.trim();
+  return trimmed.length > 0 ? trimmed : null;
+}
+function readDaemonToken() {
+  try {
+    if (!existsSync4(DAEMON_TOKEN_PATH)) return null;
+    return normalizeToken(readFileSync3(DAEMON_TOKEN_PATH, "utf8"));
+  } catch {
+    return null;
+  }
+}
+function ensureDaemonToken(seed) {
+  const existing = readDaemonToken();
+  if (existing) return existing;
+  const token = normalizeToken(seed) ?? crypto.randomBytes(32).toString("hex");
+  ensurePrivateDirSync(EXE_AI_DIR);
+  writeFileSync2(DAEMON_TOKEN_PATH, `${token}
+`, "utf8");
+  enforcePrivateFileSync(DAEMON_TOKEN_PATH);
+  return token;
+}
+var DAEMON_TOKEN_PATH;
+var init_daemon_auth = __esm({
+  "src/lib/daemon-auth.ts"() {
+    "use strict";
+    init_config();
+    init_secure_files();
+    DAEMON_TOKEN_PATH = path4.join(EXE_AI_DIR, "exed.token");
+  }
+});
+
 // src/lib/exe-daemon-client.ts
 import net from "net";
 import os4 from "os";
 import { spawn } from "child_process";
 import { randomUUID } from "crypto";
-import { existsSync as existsSync3, unlinkSync as unlinkSync2, readFileSync as readFileSync3, openSync, closeSync, statSync } from "fs";
-import path4 from "path";
+import { existsSync as existsSync5, unlinkSync as unlinkSync2, readFileSync as readFileSync4, openSync, closeSync, statSync } from "fs";
+import path5 from "path";
 import { fileURLToPath } from "url";
 function handleData(chunk) {
   _buffer += chunk.toString();
@@ -133,9 +196,9 @@ function handleData(chunk) {
   }
 }
 function cleanupStaleFiles() {
-  if (existsSync3(PID_PATH)) {
+  if (existsSync5(PID_PATH)) {
     try {
-      const pid = parseInt(readFileSync3(PID_PATH, "utf8").trim(), 10);
+      const pid = parseInt(readFileSync4(PID_PATH, "utf8").trim(), 10);
       if (pid > 0) {
         try {
           process.kill(pid, 0);
@@ -156,11 +219,11 @@ function cleanupStaleFiles() {
   }
 }
 function findPackageRoot() {
-  let dir = path4.dirname(fileURLToPath(import.meta.url));
-  const { root } = path4.parse(dir);
+  let dir = path5.dirname(fileURLToPath(import.meta.url));
+  const { root } = path5.parse(dir);
   while (dir !== root) {
-    if (existsSync3(path4.join(dir, "package.json"))) return dir;
-    dir = path4.dirname(dir);
+    if (existsSync5(path5.join(dir, "package.json"))) return dir;
+    dir = path5.dirname(dir);
   }
   return null;
 }
@@ -186,16 +249,17 @@ function spawnDaemon() {
     process.stderr.write("[exed-client] WARN: cannot find package root\n");
     return;
   }
-  const daemonPath = path4.join(pkgRoot, "dist", "lib", "exe-daemon.js");
-  if (!existsSync3(daemonPath)) {
+  const daemonPath = path5.join(pkgRoot, "dist", "lib", "exe-daemon.js");
+  if (!existsSync5(daemonPath)) {
     process.stderr.write(`[exed-client] WARN: daemon script not found at ${daemonPath}
 `);
     return;
   }
   const resolvedPath = daemonPath;
+  const daemonToken = ensureDaemonToken(process.env[DAEMON_TOKEN_ENV] ?? null);
   process.stderr.write(`[exed-client] Spawning daemon: ${resolvedPath}
 `);
-  const logPath = path4.join(path4.dirname(SOCKET_PATH), "exed.log");
+  const logPath = path5.join(path5.dirname(SOCKET_PATH), "exed.log");
   let stderrFd = "ignore";
   try {
     stderrFd = openSync(logPath, "a");
@@ -213,7 +277,8 @@ function spawnDaemon() {
       TMUX_PANE: void 0,
       // Prevents resolveExeSession() from scoping to one session
       EXE_DAEMON_SOCK: SOCKET_PATH,
-      EXE_DAEMON_PID: PID_PATH
+      EXE_DAEMON_PID: PID_PATH,
+      [DAEMON_TOKEN_ENV]: daemonToken
     }
   });
   child.unref();
@@ -320,13 +385,14 @@ function sendDaemonRequest(payload, timeoutMs = REQUEST_TIMEOUT_MS) {
       return;
     }
     const id = randomUUID();
+    const token = process.env[DAEMON_TOKEN_ENV] ?? readDaemonToken();
     const timer = setTimeout(() => {
       _pending.delete(id);
       resolve({ error: "Request timeout" });
     }, timeoutMs);
     _pending.set(id, { resolve, timer });
     try {
-      _socket.write(JSON.stringify({ id, ...payload }) + "\n");
+      _socket.write(JSON.stringify({ id, token, ...payload }) + "\n");
     } catch {
       clearTimeout(timer);
       _pending.delete(id);
@@ -337,17 +403,19 @@ function sendDaemonRequest(payload, timeoutMs = REQUEST_TIMEOUT_MS) {
 function isClientConnected() {
   return _connected;
 }
-var SOCKET_PATH, PID_PATH, SPAWN_LOCK_PATH, SPAWN_LOCK_STALE_MS, CONNECT_TIMEOUT_MS, REQUEST_TIMEOUT_MS, _socket, _connected, _buffer, _pending, MAX_BUFFER;
+var SOCKET_PATH, PID_PATH, SPAWN_LOCK_PATH, SPAWN_LOCK_STALE_MS, CONNECT_TIMEOUT_MS, REQUEST_TIMEOUT_MS, DAEMON_TOKEN_ENV, _socket, _connected, _buffer, _pending, MAX_BUFFER;
 var init_exe_daemon_client = __esm({
   "src/lib/exe-daemon-client.ts"() {
     "use strict";
     init_config();
-    SOCKET_PATH = process.env.EXE_DAEMON_SOCK ?? process.env.EXE_EMBED_SOCK ?? path4.join(EXE_AI_DIR, "exed.sock");
-    PID_PATH = process.env.EXE_DAEMON_PID ?? process.env.EXE_EMBED_PID ?? path4.join(EXE_AI_DIR, "exed.pid");
-    SPAWN_LOCK_PATH = path4.join(EXE_AI_DIR, "exed-spawn.lock");
+    init_daemon_auth();
+    SOCKET_PATH = process.env.EXE_DAEMON_SOCK ?? process.env.EXE_EMBED_SOCK ?? path5.join(EXE_AI_DIR, "exed.sock");
+    PID_PATH = process.env.EXE_DAEMON_PID ?? process.env.EXE_EMBED_PID ?? path5.join(EXE_AI_DIR, "exed.pid");
+    SPAWN_LOCK_PATH = path5.join(EXE_AI_DIR, "exed-spawn.lock");
     SPAWN_LOCK_STALE_MS = 3e4;
     CONNECT_TIMEOUT_MS = 15e3;
     REQUEST_TIMEOUT_MS = 3e4;
+    DAEMON_TOKEN_ENV = "EXE_DAEMON_TOKEN";
     _socket = null;
     _connected = false;
     _buffer = "";
@@ -610,7 +678,7 @@ function wrapWithRetry(client) {
 // src/lib/employees.ts
 init_config();
 import { readFile as readFile2, writeFile as writeFile2, mkdir as mkdir2 } from "fs/promises";
-import { existsSync as existsSync2, symlinkSync, readlinkSync, readFileSync as readFileSync2, renameSync as renameSync2, unlinkSync, writeFileSync } from "fs";
+import { existsSync as existsSync3, symlinkSync, readlinkSync, readFileSync as readFileSync2, renameSync as renameSync2, unlinkSync, writeFileSync } from "fs";
 import { execSync } from "child_process";
 import path2 from "path";
 import os2 from "os";
@@ -630,7 +698,7 @@ function getCoordinatorName(employees = loadEmployeesSync()) {
   return getCoordinatorEmployee(employees)?.name ?? DEFAULT_COORDINATOR_TEMPLATE_NAME;
 }
 function loadEmployeesSync(employeesPath = EMPLOYEES_PATH) {
-  if (!existsSync2(employeesPath)) return [];
+  if (!existsSync3(employeesPath)) return [];
   try {
     return JSON.parse(readFileSync2(employeesPath, "utf-8"));
   } catch {
@@ -1581,6 +1649,7 @@ async function ensureSchema() {
       project     TEXT NOT NULL,
       summary     TEXT NOT NULL,
       task_file   TEXT,
+      session_scope TEXT,
       read        INTEGER NOT NULL DEFAULT 0,
       created_at  TEXT NOT NULL
     );
@@ -1589,7 +1658,7 @@ async function ensureSchema() {
       ON notifications(read);
 
     CREATE INDEX IF NOT EXISTS idx_notifications_agent
-      ON notifications(agent_id);
+      ON notifications(agent_id, session_scope);
 
     CREATE INDEX IF NOT EXISTS idx_notifications_task_file
       ON notifications(task_file);
@@ -1627,6 +1696,7 @@ async function ensureSchema() {
       target_agent    TEXT NOT NULL,
       target_project  TEXT,
       target_device   TEXT NOT NULL DEFAULT 'local',
+      session_scope   TEXT,
       content         TEXT NOT NULL,
       priority        TEXT DEFAULT 'normal',
       status          TEXT DEFAULT 'pending',
@@ -1640,10 +1710,31 @@ async function ensureSchema() {
     );
 
     CREATE INDEX IF NOT EXISTS idx_messages_target
-      ON messages(target_agent, status);
+      ON messages(target_agent, session_scope, status);
 
     CREATE INDEX IF NOT EXISTS idx_messages_conversation_order
-      ON messages(target_agent, from_agent, server_seq);
+      ON messages(target_agent, session_scope, from_agent, server_seq);
+  `);
+  try {
+    await client.execute({
+      sql: `ALTER TABLE notifications ADD COLUMN session_scope TEXT`,
+      args: []
+    });
+  } catch {
+  }
+  try {
+    await client.execute({
+      sql: `ALTER TABLE messages ADD COLUMN session_scope TEXT`,
+      args: []
+    });
+  } catch {
+  }
+  await client.executeMultiple(`
+    CREATE INDEX IF NOT EXISTS idx_notifications_agent_scope_read
+      ON notifications(agent_id, session_scope, read, created_at);
+
+    CREATE INDEX IF NOT EXISTS idx_messages_target_scope_status
+      ON messages(target_agent, session_scope, status, created_at);
   `);
   try {
     await client.execute({
@@ -2227,6 +2318,13 @@ async function ensureSchema() {
     } catch {
     }
   }
+  try {
+    await client.execute({
+      sql: `UPDATE tasks SET status = 'closed' WHERE status = 'done' AND result IS NOT NULL`,
+      args: []
+    });
+  } catch {
+  }
 }
 var disposeTurso = disposeDatabase;
 async function disposeDatabase() {

package/dist/lib/db-daemon-client.js

@@ -3,21 +3,42 @@ import net from "net";
 import os2 from "os";
 import { spawn } from "child_process";
 import { randomUUID } from "crypto";
-import { existsSync as existsSync2, unlinkSync, readFileSync as readFileSync2, openSync, closeSync, statSync } from "fs";
-import path2 from "path";
+import { existsSync as existsSync4, unlinkSync, readFileSync as readFileSync3, openSync, closeSync, statSync } from "fs";
+import path3 from "path";
 import { fileURLToPath } from "url";
 
 // src/lib/config.ts
-import { readFile, writeFile, mkdir, chmod } from "fs/promises";
-import { readFileSync, existsSync, renameSync } from "fs";
+import { readFile, writeFile } from "fs/promises";
+import { readFileSync, existsSync as existsSync2, renameSync } from "fs";
 import path from "path";
 import os from "os";
+
+// src/lib/secure-files.ts
+import { chmodSync, existsSync, mkdirSync } from "fs";
+import { chmod, mkdir } from "fs/promises";
+var PRIVATE_DIR_MODE = 448;
+var PRIVATE_FILE_MODE = 384;
+function ensurePrivateDirSync(dirPath) {
+  mkdirSync(dirPath, { recursive: true, mode: PRIVATE_DIR_MODE });
+  try {
+    chmodSync(dirPath, PRIVATE_DIR_MODE);
+  } catch {
+  }
+}
+function enforcePrivateFileSync(filePath) {
+  try {
+    if (existsSync(filePath)) chmodSync(filePath, PRIVATE_FILE_MODE);
+  } catch {
+  }
+}
+
+// src/lib/config.ts
 function resolveDataDir() {
   if (process.env.EXE_OS_DIR) return process.env.EXE_OS_DIR;
   if (process.env.EXE_MEM_DIR) return process.env.EXE_MEM_DIR;
   const newDir = path.join(os.homedir(), ".exe-os");
   const legacyDir = path.join(os.homedir(), ".exe-mem");
-  if (!existsSync(newDir) && existsSync(legacyDir)) {
+  if (!existsSync2(newDir) && existsSync2(legacyDir)) {
     try {
       renameSync(legacyDir, newDir);
       process.stderr.write(`[exe-os] Migrated data directory: ~/.exe-mem \u2192 ~/.exe-os
@@ -92,13 +113,43 @@ var DEFAULT_CONFIG = {
   }
 };
 
+// src/lib/daemon-auth.ts
+import crypto from "crypto";
+import path2 from "path";
+import { existsSync as existsSync3, readFileSync as readFileSync2, writeFileSync } from "fs";
+var DAEMON_TOKEN_PATH = path2.join(EXE_AI_DIR, "exed.token");
+function normalizeToken(token) {
+  if (!token) return null;
+  const trimmed = token.trim();
+  return trimmed.length > 0 ? trimmed : null;
+}
+function readDaemonToken() {
+  try {
+    if (!existsSync3(DAEMON_TOKEN_PATH)) return null;
+    return normalizeToken(readFileSync2(DAEMON_TOKEN_PATH, "utf8"));
+  } catch {
+    return null;
+  }
+}
+function ensureDaemonToken(seed) {
+  const existing = readDaemonToken();
+  if (existing) return existing;
+  const token = normalizeToken(seed) ?? crypto.randomBytes(32).toString("hex");
+  ensurePrivateDirSync(EXE_AI_DIR);
+  writeFileSync(DAEMON_TOKEN_PATH, `${token}
+`, "utf8");
+  enforcePrivateFileSync(DAEMON_TOKEN_PATH);
+  return token;
+}
+
 // src/lib/exe-daemon-client.ts
-var SOCKET_PATH = process.env.EXE_DAEMON_SOCK ?? process.env.EXE_EMBED_SOCK ?? path2.join(EXE_AI_DIR, "exed.sock");
-var PID_PATH = process.env.EXE_DAEMON_PID ?? process.env.EXE_EMBED_PID ?? path2.join(EXE_AI_DIR, "exed.pid");
-var SPAWN_LOCK_PATH = path2.join(EXE_AI_DIR, "exed-spawn.lock");
+var SOCKET_PATH = process.env.EXE_DAEMON_SOCK ?? process.env.EXE_EMBED_SOCK ?? path3.join(EXE_AI_DIR, "exed.sock");
+var PID_PATH = process.env.EXE_DAEMON_PID ?? process.env.EXE_EMBED_PID ?? path3.join(EXE_AI_DIR, "exed.pid");
+var SPAWN_LOCK_PATH = path3.join(EXE_AI_DIR, "exed-spawn.lock");
 var SPAWN_LOCK_STALE_MS = 3e4;
 var CONNECT_TIMEOUT_MS = 15e3;
 var REQUEST_TIMEOUT_MS = 3e4;
+var DAEMON_TOKEN_ENV = "EXE_DAEMON_TOKEN";
 var _socket = null;
 var _connected = false;
 var _buffer = "";
@@ -130,9 +181,9 @@ function handleData(chunk) {
   }
 }
 function cleanupStaleFiles() {
-  if (existsSync2(PID_PATH)) {
+  if (existsSync4(PID_PATH)) {
     try {
-      const pid = parseInt(readFileSync2(PID_PATH, "utf8").trim(), 10);
+      const pid = parseInt(readFileSync3(PID_PATH, "utf8").trim(), 10);
       if (pid > 0) {
         try {
           process.kill(pid, 0);
@@ -153,11 +204,11 @@ function cleanupStaleFiles() {
   }
 }
 function findPackageRoot() {
-  let dir = path2.dirname(fileURLToPath(import.meta.url));
-  const { root } = path2.parse(dir);
+  let dir = path3.dirname(fileURLToPath(import.meta.url));
+  const { root } = path3.parse(dir);
   while (dir !== root) {
-    if (existsSync2(path2.join(dir, "package.json"))) return dir;
-    dir = path2.dirname(dir);
+    if (existsSync4(path3.join(dir, "package.json"))) return dir;
+    dir = path3.dirname(dir);
   }
   return null;
 }
@@ -183,16 +234,17 @@ function spawnDaemon() {
     process.stderr.write("[exed-client] WARN: cannot find package root\n");
     return;
   }
-  const daemonPath = path2.join(pkgRoot, "dist", "lib", "exe-daemon.js");
-  if (!existsSync2(daemonPath)) {
+  const daemonPath = path3.join(pkgRoot, "dist", "lib", "exe-daemon.js");
+  if (!existsSync4(daemonPath)) {
     process.stderr.write(`[exed-client] WARN: daemon script not found at ${daemonPath}
 `);
     return;
   }
   const resolvedPath = daemonPath;
+  const daemonToken = ensureDaemonToken(process.env[DAEMON_TOKEN_ENV] ?? null);
   process.stderr.write(`[exed-client] Spawning daemon: ${resolvedPath}
 `);
-  const logPath = path2.join(path2.dirname(SOCKET_PATH), "exed.log");
+  const logPath = path3.join(path3.dirname(SOCKET_PATH), "exed.log");
   let stderrFd = "ignore";
   try {
     stderrFd = openSync(logPath, "a");
@@ -210,7 +262,8 @@ function spawnDaemon() {
       TMUX_PANE: void 0,
       // Prevents resolveExeSession() from scoping to one session
       EXE_DAEMON_SOCK: SOCKET_PATH,
-      EXE_DAEMON_PID: PID_PATH
+      EXE_DAEMON_PID: PID_PATH,
+      [DAEMON_TOKEN_ENV]: daemonToken
     }
   });
   child.unref();
@@ -317,13 +370,14 @@ function sendDaemonRequest(payload, timeoutMs = REQUEST_TIMEOUT_MS) {
       return;
     }
     const id = randomUUID();
+    const token = process.env[DAEMON_TOKEN_ENV] ?? readDaemonToken();
     const timer = setTimeout(() => {
       _pending.delete(id);
       resolve({ error: "Request timeout" });
     }, timeoutMs);
     _pending.set(id, { resolve, timer });
     try {
-      _socket.write(JSON.stringify({ id, ...payload }) + "\n");
+      _socket.write(JSON.stringify({ id, token, ...payload }) + "\n");
     } catch {
       clearTimeout(timer);
       _pending.delete(id);