@askexenow/exe-os 0.9.86 → 0.9.88

package/dist/bin/exe-doctor.js

@@ -2745,6 +2745,7 @@ __export(database_exports, {
   isInitialized: () => isInitialized,
   setExternalClient: () => setExternalClient
 });
+import { chmodSync as chmodSync2 } from "fs";
 import { createClient as createClient2 } from "@libsql/client";
 async function initDatabase(config) {
   if (_walCheckpointTimer) {
@@ -2786,6 +2787,16 @@ async function initDatabase(config) {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") {
     _adapterClient = await createPrismaDbAdapter(_resilientClient);
   }
+  try {
+    chmodSync2(config.dbPath, 384);
+    for (const suffix of ["-wal", "-shm"]) {
+      try {
+        chmodSync2(config.dbPath + suffix, 384);
+      } catch {
+      }
+    }
+  } catch {
+  }
 }
 function isInitialized() {
   return _adapterClient !== null || _client !== null;
@@ -4474,6 +4485,24 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, call support_test (MCP) and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues; only ask the founder to run `exe-os support test` if MCP is disconnected/unavailable. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
+      {
+        title: "Bug report status check \u2014 surface available fixes on boot",
+        domain: "support",
+        priority: "p1",
+        content: "Once per session (COO boot only, never repeat), call list_my_bug_reports to check if any previously filed bug reports have been fixed by AskExe. If any report has status 'fixed' with a fixed_version, surface it to the founder immediately: '\u{1F527} N bug fix(es) available \u2014 run exe-os update to get version X.Y.Z'. This is a one-time check at boot, not a recurring poll. If no reports exist or none are fixed, skip silently. If the MCP tool is unavailable or the network call fails, skip silently \u2014 this is informational, not blocking."
+      },
+      {
+        title: "Feature request triage \u2014 upstream feature vs local customization",
+        domain: "support",
+        priority: "p0",
+        content: "When an agent or founder identifies a desired capability that exe-os does not yet provide, the COO (or equivalent coordinator) must decide: is this a local customization (identity, behavior, procedure, config, branding, workflow preference that can be configured in customer-owned layers) or an upstream feature request (a platform capability that requires changes to exe-os code, shipped via npm update)? Local customizations: implement immediately using store_behavior, update_identity, company_procedure, or config changes. Upstream features: use create_feature_request to submit to AskExe. Include use case, business impact, and current workaround. Do NOT ask the founder for permission to file a feature request \u2014 file it proactively when the need is clear."
+      },
+      {
+        title: "Feature request status check \u2014 surface shipped features on boot",
+        domain: "support",
+        priority: "p1",
+        content: "Once per session (COO boot only, never repeat), call list_my_feature_requests to check if any previously filed feature requests have been shipped by AskExe. If any request has status 'shipped' with a shipped_version, surface it to the founder immediately: '\u{1F680} N feature(s) shipped \u2014 run exe-os update to get version X.Y.Z'. This is a one-time check at boot, not a recurring poll. If no requests exist or none are shipped, skip silently. If the MCP tool is unavailable or the network call fails, skip silently \u2014 this is informational, not blocking."
+      },
       // --- Operations ---
       {
         title: "Managers must supervise deployed workers",
@@ -5897,6 +5926,7 @@ import { fileURLToPath } from "url";
 function isMainModule(importMetaUrl) {
   if (process.argv[1] == null) return false;
   if (process.argv[1].includes("mcp/server")) return false;
+  if (process.argv[1].includes("exe-daemon")) return false;
   try {
     const scriptPath = realpathSync(process.argv[1]);
     const modulePath = realpathSync(fileURLToPath(importMetaUrl));

package/dist/bin/exe-export-behaviors.js

@@ -1778,6 +1778,7 @@ __export(database_exports, {
   isInitialized: () => isInitialized,
   setExternalClient: () => setExternalClient
 });
+import { chmodSync as chmodSync2 } from "fs";
 import { createClient } from "@libsql/client";
 async function initDatabase(config) {
   if (_walCheckpointTimer) {
@@ -1819,6 +1820,16 @@ async function initDatabase(config) {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") {
     _adapterClient = await createPrismaDbAdapter(_resilientClient);
   }
+  try {
+    chmodSync2(config.dbPath, 384);
+    for (const suffix of ["-wal", "-shm"]) {
+      try {
+        chmodSync2(config.dbPath + suffix, 384);
+      } catch {
+      }
+    }
+  } catch {
+  }
 }
 function isInitialized() {
   return _adapterClient !== null || _client !== null;
@@ -4230,6 +4241,24 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, call support_test (MCP) and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues; only ask the founder to run `exe-os support test` if MCP is disconnected/unavailable. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
+      {
+        title: "Bug report status check \u2014 surface available fixes on boot",
+        domain: "support",
+        priority: "p1",
+        content: "Once per session (COO boot only, never repeat), call list_my_bug_reports to check if any previously filed bug reports have been fixed by AskExe. If any report has status 'fixed' with a fixed_version, surface it to the founder immediately: '\u{1F527} N bug fix(es) available \u2014 run exe-os update to get version X.Y.Z'. This is a one-time check at boot, not a recurring poll. If no reports exist or none are fixed, skip silently. If the MCP tool is unavailable or the network call fails, skip silently \u2014 this is informational, not blocking."
+      },
+      {
+        title: "Feature request triage \u2014 upstream feature vs local customization",
+        domain: "support",
+        priority: "p0",
+        content: "When an agent or founder identifies a desired capability that exe-os does not yet provide, the COO (or equivalent coordinator) must decide: is this a local customization (identity, behavior, procedure, config, branding, workflow preference that can be configured in customer-owned layers) or an upstream feature request (a platform capability that requires changes to exe-os code, shipped via npm update)? Local customizations: implement immediately using store_behavior, update_identity, company_procedure, or config changes. Upstream features: use create_feature_request to submit to AskExe. Include use case, business impact, and current workaround. Do NOT ask the founder for permission to file a feature request \u2014 file it proactively when the need is clear."
+      },
+      {
+        title: "Feature request status check \u2014 surface shipped features on boot",
+        domain: "support",
+        priority: "p1",
+        content: "Once per session (COO boot only, never repeat), call list_my_feature_requests to check if any previously filed feature requests have been shipped by AskExe. If any request has status 'shipped' with a shipped_version, surface it to the founder immediately: '\u{1F680} N feature(s) shipped \u2014 run exe-os update to get version X.Y.Z'. This is a one-time check at boot, not a recurring poll. If no requests exist or none are shipped, skip silently. If the MCP tool is unavailable or the network call fails, skip silently \u2014 this is informational, not blocking."
+      },
       // --- Operations ---
       {
         title: "Managers must supervise deployed workers",

package/dist/bin/exe-forget.js

@@ -1702,6 +1702,7 @@ __export(database_exports, {
   isInitialized: () => isInitialized,
   setExternalClient: () => setExternalClient
 });
+import { chmodSync as chmodSync2 } from "fs";
 import { createClient } from "@libsql/client";
 async function initDatabase(config) {
   if (_walCheckpointTimer) {
@@ -1743,6 +1744,16 @@ async function initDatabase(config) {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") {
     _adapterClient = await createPrismaDbAdapter(_resilientClient);
   }
+  try {
+    chmodSync2(config.dbPath, 384);
+    for (const suffix of ["-wal", "-shm"]) {
+      try {
+        chmodSync2(config.dbPath + suffix, 384);
+      } catch {
+      }
+    }
+  } catch {
+  }
 }
 function isInitialized() {
   return _adapterClient !== null || _client !== null;
@@ -4154,6 +4165,24 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, call support_test (MCP) and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues; only ask the founder to run `exe-os support test` if MCP is disconnected/unavailable. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
+      {
+        title: "Bug report status check \u2014 surface available fixes on boot",
+        domain: "support",
+        priority: "p1",
+        content: "Once per session (COO boot only, never repeat), call list_my_bug_reports to check if any previously filed bug reports have been fixed by AskExe. If any report has status 'fixed' with a fixed_version, surface it to the founder immediately: '\u{1F527} N bug fix(es) available \u2014 run exe-os update to get version X.Y.Z'. This is a one-time check at boot, not a recurring poll. If no reports exist or none are fixed, skip silently. If the MCP tool is unavailable or the network call fails, skip silently \u2014 this is informational, not blocking."
+      },
+      {
+        title: "Feature request triage \u2014 upstream feature vs local customization",
+        domain: "support",
+        priority: "p0",
+        content: "When an agent or founder identifies a desired capability that exe-os does not yet provide, the COO (or equivalent coordinator) must decide: is this a local customization (identity, behavior, procedure, config, branding, workflow preference that can be configured in customer-owned layers) or an upstream feature request (a platform capability that requires changes to exe-os code, shipped via npm update)? Local customizations: implement immediately using store_behavior, update_identity, company_procedure, or config changes. Upstream features: use create_feature_request to submit to AskExe. Include use case, business impact, and current workaround. Do NOT ask the founder for permission to file a feature request \u2014 file it proactively when the need is clear."
+      },
+      {
+        title: "Feature request status check \u2014 surface shipped features on boot",
+        domain: "support",
+        priority: "p1",
+        content: "Once per session (COO boot only, never repeat), call list_my_feature_requests to check if any previously filed feature requests have been shipped by AskExe. If any request has status 'shipped' with a shipped_version, surface it to the founder immediately: '\u{1F680} N feature(s) shipped \u2014 run exe-os update to get version X.Y.Z'. This is a one-time check at boot, not a recurring poll. If no requests exist or none are shipped, skip silently. If the MCP tool is unavailable or the network call fails, skip silently \u2014 this is informational, not blocking."
+      },
       // --- Operations ---
       {
         title: "Managers must supervise deployed workers",
@@ -5764,6 +5793,7 @@ import { fileURLToPath as fileURLToPath2 } from "url";
 function isMainModule(importMetaUrl) {
   if (process.argv[1] == null) return false;
   if (process.argv[1].includes("mcp/server")) return false;
+  if (process.argv[1].includes("exe-daemon")) return false;
   try {
     const scriptPath = realpathSync(process.argv[1]);
     const modulePath = realpathSync(fileURLToPath2(importMetaUrl));

package/dist/bin/exe-gateway.js

@@ -26,6 +26,21 @@ var __copyProps = (to, from, except, desc) => {
 };
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
+// src/lib/pg-ssl.ts
+var pg_ssl_exports = {};
+__export(pg_ssl_exports, {
+  pgSslConfig: () => pgSslConfig
+});
+function pgSslConfig() {
+  if (process.env.EXE_DB_SSL_DISABLED === "true") return {};
+  return { ssl: { rejectUnauthorized: process.env.EXE_DB_SSL_ALLOW_SELFSIGNED !== "true" } };
+}
+var init_pg_ssl = __esm({
+  "src/lib/pg-ssl.ts"() {
+    "use strict";
+  }
+});
+
 // src/lib/state-bus.ts
 var StateBus, orgBus;
 var init_state_bus = __esm({
@@ -1664,7 +1679,7 @@ var init_memory = __esm({
 });
 
 // src/lib/daemon-auth.ts
-import crypto from "crypto";
+import crypto2 from "crypto";
 import path6 from "path";
 import { existsSync as existsSync5, readFileSync as readFileSync4, writeFileSync as writeFileSync3 } from "fs";
 function normalizeToken(token) {
@@ -1683,7 +1698,7 @@ function readDaemonToken() {
 function ensureDaemonToken(seed) {
   const existing = readDaemonToken();
   if (existing) return existing;
-  const token = normalizeToken(seed) ?? crypto.randomBytes(32).toString("hex");
+  const token = normalizeToken(seed) ?? crypto2.randomBytes(32).toString("hex");
   ensurePrivateDirSync(EXE_AI_DIR);
   writeFileSync3(DAEMON_TOKEN_PATH, `${token}
 `, "utf8");
@@ -2358,6 +2373,7 @@ __export(database_exports, {
   isInitialized: () => isInitialized,
   setExternalClient: () => setExternalClient
 });
+import { chmodSync as chmodSync2 } from "fs";
 import { createClient } from "@libsql/client";
 async function initDatabase(config2) {
   if (_walCheckpointTimer) {
@@ -2399,6 +2415,16 @@ async function initDatabase(config2) {
   if (process.env.DATABASE_URL && process.env.EXE_USE_POSTGRES === "1") {
     _adapterClient = await createPrismaDbAdapter(_resilientClient);
   }
+  try {
+    chmodSync2(config2.dbPath, 384);
+    for (const suffix of ["-wal", "-shm"]) {
+      try {
+        chmodSync2(config2.dbPath + suffix, 384);
+      } catch {
+      }
+    }
+  } catch {
+  }
 }
 function isInitialized() {
   return _adapterClient !== null || _client !== null;
@@ -3960,7 +3986,7 @@ async function tryKeytar() {
 }
 function deriveMachineKey() {
   try {
-    const crypto10 = __require("crypto");
+    const crypto11 = __require("crypto");
     const material = [
       os6.hostname(),
       os6.userInfo().username,
@@ -3969,7 +3995,7 @@ function deriveMachineKey() {
       // Machine ID on Linux (stable across reboots)
       process.platform === "linux" ? readMachineId() : ""
     ].join("|");
-    return crypto10.createHash("sha256").update(material).digest();
+    return crypto11.createHash("sha256").update(material).digest();
   } catch {
     return null;
   }
@@ -3983,9 +4009,9 @@ function readMachineId() {
   }
 }
 function encryptWithMachineKey(plaintext, machineKey) {
-  const crypto10 = __require("crypto");
-  const iv = crypto10.randomBytes(12);
-  const cipher = crypto10.createCipheriv("aes-256-gcm", machineKey, iv);
+  const crypto11 = __require("crypto");
+  const iv = crypto11.randomBytes(12);
+  const cipher = crypto11.createCipheriv("aes-256-gcm", machineKey, iv);
   let encrypted = cipher.update(plaintext, "utf-8", "base64");
   encrypted += cipher.final("base64");
   const authTag = cipher.getAuthTag().toString("base64");
@@ -3994,13 +4020,13 @@ function encryptWithMachineKey(plaintext, machineKey) {
 function decryptWithMachineKey(encrypted, machineKey) {
   if (!encrypted.startsWith(ENCRYPTED_PREFIX)) return null;
   try {
-    const crypto10 = __require("crypto");
+    const crypto11 = __require("crypto");
     const parts = encrypted.slice(ENCRYPTED_PREFIX.length).split(":");
     if (parts.length !== 3) return null;
     const [ivB64, tagB64, cipherB64] = parts;
     const iv = Buffer.from(ivB64, "base64");
     const authTag = Buffer.from(tagB64, "base64");
-    const decipher = crypto10.createDecipheriv("aes-256-gcm", machineKey, iv);
+    const decipher = crypto11.createDecipheriv("aes-256-gcm", machineKey, iv);
     decipher.setAuthTag(authTag);
     let decrypted = decipher.update(cipherB64, "base64", "utf-8");
     decrypted += decipher.final("utf-8");
@@ -4823,6 +4849,24 @@ var init_platform_procedures = __esm({
         priority: "p0",
         content: "When an agent encounters a suspected Exe OS bug, update breakage, MCP/tool failure, installer issue, memory/orchestration defect, or customer-local patch need, it MUST use create_bug_report. Do this before or alongside any local workaround so the report reaches AskExe support directly via the customer's license. Do NOT ask the founder for permission to file a required bug report. If create_bug_report is deferred/lazy-loaded, load it and call it. If it is unavailable in the live MCP surface, report 'create_bug_report unavailable in this session' and save a local report in exe/output \u2014 never claim the tool does not exist unless the live MCP surface was checked. If upstream delivery fails, call support_test (MCP) and include its result in the local report so AskExe can distinguish customer setup, license provisioning, and server intake issues; only ask the founder to run `exe-os support test` if MCP is disconnected/unavailable. Classify first: upstream_bug = reproducible exe-os/platform defect; customer_customization = identity, behavior, procedure, config, branding, workflow preference that belongs in customer-owned layers; emergency_hotfix = temporary local patch. For upstream bugs/emergency hotfixes include version, repro steps, expected/actual, files changed, workaround, and local diff summary. Avoid permanent platform-code patches unless founder approves; if a hotfix is unavoidable, document it in the bug report and re-check after npm update."
       },
+      {
+        title: "Bug report status check \u2014 surface available fixes on boot",
+        domain: "support",
+        priority: "p1",
+        content: "Once per session (COO boot only, never repeat), call list_my_bug_reports to check if any previously filed bug reports have been fixed by AskExe. If any report has status 'fixed' with a fixed_version, surface it to the founder immediately: '\u{1F527} N bug fix(es) available \u2014 run exe-os update to get version X.Y.Z'. This is a one-time check at boot, not a recurring poll. If no reports exist or none are fixed, skip silently. If the MCP tool is unavailable or the network call fails, skip silently \u2014 this is informational, not blocking."
+      },
+      {
+        title: "Feature request triage \u2014 upstream feature vs local customization",
+        domain: "support",
+        priority: "p0",
+        content: "When an agent or founder identifies a desired capability that exe-os does not yet provide, the COO (or equivalent coordinator) must decide: is this a local customization (identity, behavior, procedure, config, branding, workflow preference that can be configured in customer-owned layers) or an upstream feature request (a platform capability that requires changes to exe-os code, shipped via npm update)? Local customizations: implement immediately using store_behavior, update_identity, company_procedure, or config changes. Upstream features: use create_feature_request to submit to AskExe. Include use case, business impact, and current workaround. Do NOT ask the founder for permission to file a feature request \u2014 file it proactively when the need is clear."
+      },
+      {
+        title: "Feature request status check \u2014 surface shipped features on boot",
+        domain: "support",
+        priority: "p1",
+        content: "Once per session (COO boot only, never repeat), call list_my_feature_requests to check if any previously filed feature requests have been shipped by AskExe. If any request has status 'shipped' with a shipped_version, surface it to the founder immediately: '\u{1F680} N feature(s) shipped \u2014 run exe-os update to get version X.Y.Z'. This is a one-time check at boot, not a recurring poll. If no requests exist or none are shipped, skip silently. If the MCP tool is unavailable or the network call fails, skip silently \u2014 this is informational, not blocking."
+      },
       // --- Operations ---
       {
         title: "Managers must supervise deployed workers",
@@ -6434,13 +6478,13 @@ __export(graph_rag_exports, {
   resolveAlias: () => resolveAlias,
   storeExtraction: () => storeExtraction
 });
-import crypto2 from "crypto";
+import crypto3 from "crypto";
 function normalizeEntityName(name) {
   return name.replace(/\s*\([^)]*\)\s*/g, "").trim().toLowerCase();
 }
 function entityId(name, type) {
   const normalized = normalizeEntityName(name);
-  return crypto2.createHash("sha256").update(`${normalized}::${type.toLowerCase()}`).digest("hex").slice(0, 16);
+  return crypto3.createHash("sha256").update(`${normalized}::${type.toLowerCase()}`).digest("hex").slice(0, 16);
 }
 async function resolveAlias(client, name) {
   const normalized = normalizeEntityName(name);
@@ -6741,7 +6785,7 @@ async function storeExtraction(client, extraction, memoryId, timestamp) {
     const targetAlias = await resolveAlias(client, r.target);
     const sourceId = sourceAlias ?? entityId(r.source, r.sourceType);
     const targetId = targetAlias ?? entityId(r.target, r.targetType);
-    const relId = crypto2.randomUUID().slice(0, 16);
+    const relId = crypto3.randomUUID().slice(0, 16);
     try {
       await client.execute({
         sql: `INSERT OR IGNORE INTO entities (id, name, type, first_seen, last_seen)
@@ -6804,7 +6848,7 @@ async function storeExtraction(client, extraction, memoryId, timestamp) {
     }
   }
   for (const h of extraction.hyperedges) {
-    const hId = crypto2.randomUUID().slice(0, 16);
+    const hId = crypto3.randomUUID().slice(0, 16);
     try {
       await client.execute({
         sql: `INSERT OR IGNORE INTO hyperedges (id, label, relation, confidence, timestamp)
@@ -6868,7 +6912,7 @@ async function extractBatch(client, batchSize = 50, model = "claude-haiku-4-5-20
         totalEntities += stored.entitiesStored;
         totalRelationships += stored.relationshipsStored;
       }
-      const contentHash = crypto2.createHash("sha256").update(rawContent).digest("hex").slice(0, 32);
+      const contentHash = crypto3.createHash("sha256").update(rawContent).digest("hex").slice(0, 32);
       await client.execute({
         sql: "UPDATE memories SET graph_extracted = 1, content_hash = ?, graph_extracted_hash = ? WHERE id = ?",
         args: [contentHash, contentHash, memoryId]
@@ -9708,7 +9752,7 @@ function readQueue() {
 function writeQueue(queue) {
   ensureDir();
   const tmp = `${QUEUE_PATH}.tmp`;
-  writeFileSync6(tmp, JSON.stringify(queue, null, 2));
+  writeFileSync6(tmp, JSON.stringify(queue, null, 2), { mode: 384 });
   renameSync4(tmp, QUEUE_PATH);
 }
 function queueIntercom(targetSession, reason) {
@@ -9983,7 +10027,7 @@ var init_task_scope = __esm({
 });
 
 // src/lib/notifications.ts
-import crypto4 from "crypto";
+import crypto5 from "crypto";
 import path16 from "path";
 import os12 from "os";
 import {
@@ -9996,7 +10040,7 @@ import {
 async function writeNotification(notification) {
   try {
     const client = getClient();
-    const id = crypto4.randomUUID();
+    const id = crypto5.randomUUID();
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const sessionScope = notification.sessionScope === void 0 ? getCurrentSessionScope() : notification.sessionScope;
     await client.execute({
@@ -10040,7 +10084,7 @@ var init_notifications = __esm({
 });
 
 // src/lib/session-kill-telemetry.ts
-import crypto5 from "crypto";
+import crypto6 from "crypto";
 async function recordSessionKill(input) {
   try {
     const client = getClient();
@@ -10050,7 +10094,7 @@ async function recordSessionKill(input) {
                ticks_idle, estimated_tokens_saved)
             VALUES (?, ?, ?, ?, ?, ?, ?)`,
       args: [
-        crypto5.randomUUID(),
+        crypto6.randomUUID(),
         input.sessionName,
         input.agentId,
         (/* @__PURE__ */ new Date()).toISOString(),
@@ -10178,7 +10222,7 @@ var init_session_scope = __esm({
 });
 
 // src/lib/tasks-crud.ts
-import crypto6 from "crypto";
+import crypto7 from "crypto";
 import path18 from "path";
 import os13 from "os";
 import { execSync as execSync7 } from "child_process";
@@ -10299,7 +10343,7 @@ async function resolveTask(client, identifier, scopeSession) {
 }
 async function createTaskCore(input) {
   const client = getClient();
-  const id = crypto6.randomUUID();
+  const id = crypto7.randomUUID();
   const now = (/* @__PURE__ */ new Date()).toISOString();
   const slug = slugify(input.title);
   let earlySessionScope = null;
@@ -11264,10 +11308,10 @@ var init_tasks_notify = __esm({
 });
 
 // src/lib/behaviors.ts
-import crypto7 from "crypto";
+import crypto8 from "crypto";
 async function storeBehavior(opts) {
   const client = getClient();
-  const id = crypto7.randomUUID();
+  const id = crypto8.randomUUID();
   const now = (/* @__PURE__ */ new Date()).toISOString();
   let vector = null;
   try {
@@ -11303,7 +11347,7 @@ __export(skill_learning_exports, {
   storeTrajectory: () => storeTrajectory,
   sweepTrajectories: () => sweepTrajectories
 });
-import crypto8 from "crypto";
+import crypto9 from "crypto";
 async function extractTrajectory(taskId, agentId) {
   const client = getClient();
   const result = await client.execute({
@@ -11332,11 +11376,11 @@ async function extractTrajectory(taskId, agentId) {
   return signature;
 }
 function hashSignature(signature) {
-  return crypto8.createHash("sha256").update(signature.join("|")).digest("hex").slice(0, 16);
+  return crypto9.createHash("sha256").update(signature.join("|")).digest("hex").slice(0, 16);
 }
 async function storeTrajectory(opts) {
   const client = getClient();
-  const id = crypto8.randomUUID();
+  const id = crypto9.randomUUID();
   const now = (/* @__PURE__ */ new Date()).toISOString();
   const signatureHash = hashSignature(opts.signature);
   await client.execute({
@@ -12907,10 +12951,10 @@ __export(messaging_exports, {
   sendMessage: () => sendMessage,
   setWsClientSend: () => setWsClientSend
 });
-import crypto9 from "crypto";
+import crypto10 from "crypto";
 function generateUlid() {
   const timestamp = Date.now().toString(36).padStart(10, "0");
-  const random = crypto9.randomBytes(10).toString("hex").slice(0, 16);
+  const random = crypto10.randomBytes(10).toString("hex").slice(0, 16);
   return (timestamp + random).toUpperCase();
 }
 function rowToMessage(row) {
@@ -13531,6 +13575,7 @@ import os16 from "os";
 import { fileURLToPath as fileURLToPath3 } from "url";
 
 // src/gateway/webhook-server.ts
+import crypto from "crypto";
 import {
   createServer
 } from "http";
@@ -13878,7 +13923,7 @@ var ReadOnlySqlRunner = class {
     this.config = config2;
   }
   async run(sql, maxRows) {
-    const databaseUrl = this.config.databaseUrl ?? process.env.EXE_GATEWAY_SQL_DATABASE_URL ?? process.env.EXE_COMPANY_BRAIN_SQL_DATABASE_URL ?? process.env.DATABASE_URL;
+    const databaseUrl = this.config.databaseUrl ?? process.env.EXE_GATEWAY_SQL_DATABASE_URL ?? process.env.MCP_READONLY_DATABASE_URL ?? process.env.EXE_COMPANY_BRAIN_SQL_DATABASE_URL ?? process.env.DATABASE_URL;
     if (!databaseUrl) {
       throw new Error("Read-only SQL is not configured. Set EXE_GATEWAY_SQL_DATABASE_URL or DATABASE_URL.");
     }
@@ -13886,7 +13931,8 @@ var ReadOnlySqlRunner = class {
     const limit = clampRows(maxRows ?? this.config.maxRows ?? DEFAULT_MAX_ROWS);
     const timeoutMs = this.config.statementTimeoutMs ?? DEFAULT_TIMEOUT_MS;
     const wrappedSql = `SELECT * FROM (${cleaned}) AS exe_readonly_sql LIMIT ${limit + 1}`;
-    const client = new Client({ connectionString: databaseUrl });
+    const { pgSslConfig: pgSslConfig2 } = await Promise.resolve().then(() => (init_pg_ssl(), pg_ssl_exports));
+    const client = new Client({ connectionString: databaseUrl, ...pgSslConfig2() });
     const start = Date.now();
     try {
       await client.connect();
@@ -13949,6 +13995,61 @@ function clampRows(value) {
 // src/gateway/webhook-server.ts
 var DEFAULT_HOST = process.env.EXE_WEBHOOK_HOST || "127.0.0.1";
 var BODY_SIZE_LIMIT = 1048576;
+function verifyWebhookSignature(rawBody, signature, secret, toleranceSec = 300) {
+  if (!signature) return false;
+  const dotIdx = signature.indexOf(".");
+  if (dotIdx < 0) return false;
+  const timestampStr = signature.slice(0, dotIdx);
+  const hash = signature.slice(dotIdx + 1);
+  const timestamp = parseInt(timestampStr, 10);
+  if (isNaN(timestamp)) return false;
+  if (Math.abs(Date.now() / 1e3 - timestamp) > toleranceSec) return false;
+  const expected = crypto.createHmac("sha256", secret).update(`${timestamp}.${rawBody}`).digest("hex");
+  if (hash.length !== expected.length) return false;
+  return crypto.timingSafeEqual(
+    Buffer.from(hash, "hex"),
+    Buffer.from(expected, "hex")
+  );
+}
+function readRawBody(req) {
+  return new Promise((resolve, reject) => {
+    const chunks = [];
+    let size = 0;
+    let done = false;
+    req.on("data", (chunk) => {
+      size += chunk.length;
+      if (size > BODY_SIZE_LIMIT) {
+        if (!done) {
+          done = true;
+          req.resume();
+          reject(new Error("Body too large"));
+        }
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => {
+      if (done) return;
+      done = true;
+      const raw = Buffer.concat(chunks).toString("utf-8");
+      if (!raw) {
+        resolve({ raw: "", parsed: {} });
+        return;
+      }
+      try {
+        resolve({ raw, parsed: JSON.parse(raw) });
+      } catch {
+        reject(new Error("Invalid JSON"));
+      }
+    });
+    req.on("error", (err) => {
+      if (!done) {
+        done = true;
+        reject(err);
+      }
+    });
+  });
+}
 var WebhookServer = class {
   constructor(config2, queryHandler = new QueryHandler()) {
     this.config = config2;
@@ -14092,13 +14193,26 @@ var WebhookServer = class {
   }
   async handleWebhookPost(req, res, url) {
     let body;
+    let rawBody = "";
     let parseError = null;
     try {
-      body = await readBody(req);
+      const result = await readRawBody(req);
+      rawBody = result.raw;
+      body = result.parsed;
     } catch (err) {
       parseError = err instanceof Error ? err : new Error(String(err));
     }
-    if (this.config.authToken && !this.verifyAuth(req)) {
+    if (this.config.webhookSigningSecret) {
+      const sig = req.headers["x-webhook-signature"];
+      if (!verifyWebhookSignature(
+        rawBody,
+        sig,
+        this.config.webhookSigningSecret
+      )) {
+        sendJson(res, 401, { error: "Invalid webhook signature" });
+        return;
+      }
+    } else if (this.config.authToken && !this.verifyAuth(req)) {
       sendJson(res, 401, { error: "Unauthorized" });
       return;
     }
@@ -14142,6 +14256,7 @@ var WebhookServer = class {
     if (!expectedToken) return false;
     const authHeader = req.headers.authorization ?? "";
     if (authHeader === `Bearer ${expectedToken}`) return true;
+    if (process.env.NODE_ENV === "production") return false;
     const url = new URL(req.url ?? "/", `http://${req.headers.host ?? "localhost"}`);
     return url.searchParams.get("token") === expectedToken;
   }
@@ -14265,11 +14380,11 @@ init_crm_bridge();
 
 // src/lib/pipeline-router.ts
 init_database();
-import crypto3 from "crypto";
+import crypto4 from "crypto";
 async function sinkConversationStore(msg, agentResponse, agentName) {
   try {
     const client = getClient();
-    const id = crypto3.randomUUID();
+    const id = crypto4.randomUUID();
     const mediaJson = msg.media ? JSON.stringify(msg.media) : null;
     await client.execute({
       sql: `INSERT INTO conversations
@@ -14319,7 +14434,7 @@ async function sinkMemory(msg, agentResponse, agentName) {
     ].filter(Boolean).join("\n");
     const vector = await embed2(rawText);
     await writeMemory2({
-      id: crypto3.randomUUID(),
+      id: crypto4.randomUUID(),
       agent_id: agentName ?? "gateway",
       agent_role: "gateway",
       session_id: `gateway-${msg.platform}`,

package/dist/bin/exe-healthcheck.js

@@ -12,6 +12,7 @@ import { fileURLToPath } from "url";
 function isMainModule(importMetaUrl) {
   if (process.argv[1] == null) return false;
   if (process.argv[1].includes("mcp/server")) return false;
+  if (process.argv[1].includes("exe-daemon")) return false;
   try {
     const scriptPath = realpathSync(process.argv[1]);
     const modulePath = realpathSync(fileURLToPath(importMetaUrl));
@@ -587,7 +588,7 @@ function runHealthCheck() {
   const failed = results.filter((r) => !r.pass).length;
   return { results, passed, failed };
 }
-if (isMainModule(import.meta.url)) {
+if (isMainModule(import.meta.url) && (process.argv[1] ?? "").includes("exe-healthcheck")) {
   const { results, passed, failed } = runHealthCheck();
   console.log("\n  exe-os Health Check\n");
   for (const r of results) {