@askthew/mcp-plugin 0.2.8 → 0.4.2

package/dist/index.js

@@ -1,9 +1,22 @@
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { z } from "zod";
-import * as fs from "node:fs";
-import * as path from "node:path";
-import { resolveFunctionalAreaFromToml, resolvePluginScope } from "./scope.js";
+import { resolvePluginScope } from "./scope.js";
+import { resolveMcpMode } from "./lib/free-tier-policy.js";
+import { LocalStore } from "./lib/local-store.js";
+import { buildTelemetryPayload, flushTelemetryOutbox } from "./lib/telemetry.js";
+import { ensureLocalIdentity } from "./lib/local-identity.js";
+import { buildLocalTimeline, buildTimelineInsights as buildLocalTimelineInsights, renderTimelineMarkdown as renderLocalTimelineMarkdown } from "./lib/timeline-insights.js";
+import { paidDescription, paidFeatureNudge, toolJson } from "./lib/upgrade-nudge.js";
+import { configPath, readJsonFile } from "./lib/paths.js";
 const evidenceRoleSchema = z.enum(["user", "assistant", "system"]);
+const evidenceEntrySchema = z.object({
+    role: evidenceRoleSchema,
+    excerpt: z.string().min(1).max(2000),
+    kind: z.enum(["excerpt", "diff", "prompt_diff"]).optional(),
+    diff: z.string().max(12000).optional(),
+    before: z.string().max(6000).optional(),
+    after: z.string().max(6000).optional(),
+});
 const sessionSignalKindSchema = z.enum([
     "setup_complete",
     "session_checkpoint",
@@ -18,10 +31,7 @@ export const codingSessionSignalSchema = z.object({
     kind: sessionSignalKindSchema,
     summary: z.string().min(1).max(2000),
     evidence: z
-        .array(z.object({
-        role: evidenceRoleSchema,
-        excerpt: z.string().min(1).max(500),
-    }))
+        .array(evidenceEntrySchema)
         .default([]),
     filesTouched: z.array(z.string().min(1).max(500)).default([]),
     commandsRun: z.array(z.string().min(1).max(500)).default([]),
@@ -41,85 +51,245 @@ export const provenanceSignalSchema = z.object({
     metadata: z.record(z.string(), z.unknown()).default({}),
 });
 const REDACTION_PATTERNS = [
-    /\bAKIA[0-9A-Z]{16}\b/g,
-    /\b(?:sk|rk)_(?:live|test)_[A-Za-z0-9]{16,}\b/g,
-    /\beyJ[A-Za-z0-9_-]{20,}\.[A-Za-z0-9_-]{20,}\.[A-Za-z0-9_-]{20,}\b/g,
-    /\b[A-Za-z0-9_-]{32,}\b/g,
+    { name: "aws_access_key", pattern: /\bAKIA[0-9A-Z]{16}\b/g },
+    { name: "aws_secret_key", pattern: /\b[A-Za-z0-9+/]{40}\b/g },
+    { name: "gcp_api_key", pattern: /\bAIza[0-9A-Za-z\-_]{35}\b/g },
+    { name: "azure_storage_key", pattern: /[A-Za-z0-9+/]{86}==/g },
+    { name: "stripe_key", pattern: /\b(?:sk|rk|pk)_(?:live|test)_[A-Za-z0-9]{16,}\b/g },
+    { name: "sendgrid_key", pattern: /\bSG\.[A-Za-z0-9_-]{22,}\.[A-Za-z0-9_-]{22,}\b/g },
+    { name: "twilio_key", pattern: /\bSK[0-9a-fA-F]{32}\b/g },
+    { name: "slack_token", pattern: /\bxox[baprs]-[0-9A-Za-z\-]{10,}\b/g },
+    { name: "slack_webhook", pattern: /https:\/\/hooks\.slack\.com\/services\/T[A-Z0-9]+\/B[A-Z0-9]+\/[A-Za-z0-9]+/g },
+    { name: "openai_env_assignment", pattern: /\bOPENAI_API_KEY\s*[=:]\s*["']?sk-[A-Za-z0-9_-]{20,}["']?/g },
+    { name: "openai_key", pattern: /\bsk-[A-Za-z0-9_-]{20,}\b/g },
+    { name: "bearer_token", pattern: /\bBearer\s+[A-Za-z0-9._-]+\b/g },
+    { name: "anthropic_key", pattern: /\bsk-ant-[A-Za-z0-9\-_]{32,}\b/g },
+    { name: "github_pat_classic", pattern: /\bghp_[A-Za-z0-9]{36}\b/g },
+    { name: "github_pat_fine", pattern: /\bgithub_pat_[A-Za-z0-9_]{82}\b/g },
+    { name: "github_oauth", pattern: /\bgho_[A-Za-z0-9]{36}\b/g },
+    { name: "github_app_token", pattern: /\bghs_[A-Za-z0-9]{36}\b/g },
+    { name: "gitlab_pat", pattern: /\bglpat-[A-Za-z0-9\-_]{20,}\b/g },
+    { name: "jwt", pattern: /\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g },
+    { name: "pem_private_key", pattern: /-----BEGIN (?:RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----[\s\S]*?-----END (?:RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----/g },
+    { name: "db_dsn_with_creds", pattern: /(?:postgres|postgresql|mysql|mongodb(?:\+srv)?|redis):\/\/[^:]+:[^@\s]+@[^\s"'`]+/gi },
+    { name: "atw_token", pattern: /\b(?:atw|askthew)_[a-z]+_[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}_[0-9a-f]{16,}\b/gi },
+    { name: "uuid_token", pattern: /\b\w{2,20}_[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}(?:_[A-Za-z0-9]{8,})?\b/g },
+    { name: "env_var_assignment", pattern: /(?:^|[\s;|&])(?:export\s+)?[A-Z][A-Z0-9_]{4,}(?:_KEY|_TOKEN|_SECRET|_PASSWORD|_PASS|_CREDENTIAL|_API_KEY|_PRIVATE|_AUTH)\s*[=:]\s*["']?[A-Za-z0-9+/=._~-]{8,}["']?/gm },
+    { name: "email", pattern: /\b[A-Za-z0-9._%+\-]+@[A-Za-z0-9.\-]+\.[A-Za-z]{2,}\b/g },
+    { name: "us_phone", pattern: /\b(?:\+?1[-.\s]?)?\(?\d{3}\)?[-.\s]\d{3}[-.\s]\d{4}\b/g },
+    { name: "ssn", pattern: /\b(?!000|666|9\d{2})\d{3}[-\s](?!00)\d{2}[-\s](?!0{4})\d{4}\b/g },
+    { name: "credit_card", pattern: /\b(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|3[47][0-9]{13}|6(?:011|5[0-9]{2})[0-9]{12})\b/g },
 ];
-function redactSecrets(text) {
-    return REDACTION_PATTERNS.reduce((accumulator, pattern) => accumulator.replace(pattern, "[REDACTED]"), text);
+const SENSITIVE_QUERY_PARAMS = new Set([
+    "token",
+    "key",
+    "api_key",
+    "apikey",
+    "secret",
+    "password",
+    "passwd",
+    "pass",
+    "auth",
+    "access_token",
+    "refresh_token",
+    "id_token",
+    "client_secret",
+    "authorization",
+    "credential",
+    "sig",
+    "signature",
+]);
+const SENSITIVE_FLAG_NAMES = new Set([
+    "token",
+    "password",
+    "passwd",
+    "pass",
+    "secret",
+    "key",
+    "api-key",
+    "apikey",
+    "api_key",
+    "auth",
+    "access-token",
+    "private-key",
+    "credential",
+    "credentials",
+    "authorization",
+    "client-secret",
+    "client_secret",
+]);
+const SENSITIVE_PATH_SEGMENTS = new Set([
+    ".env",
+    ".ssh",
+    ".aws",
+    ".gcp",
+    ".azure",
+    ".gnupg",
+    ".pgp",
+    "secrets",
+    "secret",
+    "credentials",
+    "credential",
+    "private",
+    "keys",
+    "certs",
+    "certificates",
+    "vault",
+    ".netrc",
+    ".npmrc",
+    ".pypirc",
+    ".docker",
+    "kubeconfig",
+    ".kube",
+]);
+const ENTROPY_THRESHOLD = 4.5;
+const ENTROPY_TOKEN_PATTERN = /[A-Za-z0-9+/=_\-]{20,}/g;
+export function loadAskTheWConfig(env = process.env) {
+    return readJsonFile(configPath(env)) ?? {};
 }
-function redactMetadata(value) {
-    if (typeof value === "string") {
-        return redactSecrets(value);
-    }
-    if (Array.isArray(value)) {
-        return value.map((entry) => redactMetadata(entry));
-    }
-    if (typeof value === "object" && value !== null) {
-        return Object.fromEntries(Object.entries(value).map(([key, entry]) => [key, redactMetadata(entry)]));
-    }
-    return value;
+function isRedactionEnabled() {
+    return loadAskTheWConfig().redaction?.enabled !== false;
 }
-export function inferFunctionalArea(signal) {
-    const explicit = process.env.ASKTHEW_FUNCTIONAL_AREA?.trim();
-    if (explicit) {
-        return explicit;
+function sanitizeUrl(raw) {
+    try {
+        const url = new URL(raw);
+        if (url.username || url.password) {
+            url.username = "[REDACTED]";
+            url.password = "[REDACTED]";
+        }
+        for (const key of Array.from(url.searchParams.keys())) {
+            if (SENSITIVE_QUERY_PARAMS.has(key.toLowerCase())) {
+                url.searchParams.set(key, "[REDACTED]");
+            }
+        }
+        return url.toString().replace(/%5BREDACTED%5D/gi, "[REDACTED]");
     }
-    const configuredArea = resolveFunctionalAreaFromToml(process.cwd());
-    if (configuredArea) {
-        return configuredArea;
+    catch {
+        return raw;
     }
-    const files = (signal.filesAffected ?? []).map((file) => file.toLowerCase());
-    if (files.length > 0 && files.every((file) => file.includes("test"))) {
-        return "QA";
+}
+function sanitizeUrls(text) {
+    return text.replace(/https?:\/\/[^\s"'`<>)\\]*/g, (match) => sanitizeUrl(match));
+}
+function scrubCommandFlags(command) {
+    let result = command.replace(/(-{1,2})([\w-]+)([ =])(["'])([^"']+)\4/g, (match, dashes, flagName, separator, quote) => SENSITIVE_FLAG_NAMES.has(String(flagName).toLowerCase())
+        ? `${dashes}${flagName}${separator}${quote}[REDACTED]${quote}`
+        : match);
+    result = result.replace(/(-{1,2})([\w-]+)([ =])([^\s"'`]+)/g, (match, dashes, flagName, separator) => SENSITIVE_FLAG_NAMES.has(String(flagName).toLowerCase())
+        ? `${dashes}${flagName}${separator}[REDACTED]`
+        : match);
+    return result;
+}
+function shannonEntropy(value) {
+    const freq = new Map();
+    for (const char of value) {
+        freq.set(char, (freq.get(char) ?? 0) + 1);
     }
-    if (files.length > 0 && files.every((file) => file.includes("marketing") || file.includes("content"))) {
-        return "Marketing";
+    let entropy = 0;
+    for (const count of freq.values()) {
+        const probability = count / value.length;
+        entropy -= probability * Math.log2(probability);
     }
-    if (files.length > 0 && files.every((file) => file.includes("design"))) {
-        return "Design";
+    return entropy;
+}
+function looksLikeSecret(token) {
+    const hasDigit = /\d/.test(token);
+    const hasUpper = /[A-Z]/.test(token);
+    const hasLower = /[a-z]/.test(token);
+    const hasSpecial = /[+/=_\-]/.test(token);
+    return hasDigit && hasLower && (hasUpper || hasSpecial);
+}
+function redactHighEntropyTokens(text) {
+    return text.replace(ENTROPY_TOKEN_PATTERN, (match) => {
+        if (match.includes("/") && match.length < 60) {
+            return match;
+        }
+        if (!looksLikeSecret(match)) {
+            return match;
+        }
+        return shannonEntropy(match) >= ENTROPY_THRESHOLD ? "[REDACTED]" : match;
+    });
+}
+function redactTargetedPatterns(text) {
+    return REDACTION_PATTERNS.reduce((accumulator, entry) => {
+        entry.pattern.lastIndex = 0;
+        return accumulator.replace(entry.pattern, "[REDACTED]");
+    }, text);
+}
+function redactRawSignalText(text) {
+    return redactTargetedPatterns(sanitizeUrls(text));
+}
+function redactOperationalContext(text) {
+    return redactHighEntropyTokens(scrubCommandFlags(redactRawSignalText(text)));
+}
+function sanitizeFilePath(filePath) {
+    let result = filePath.replace(/^(?:[A-Za-z]:\\|\/(?:Users|home|root|var|etc)\/[^/]+\/)/, "~/");
+    result = redactRawSignalText(result);
+    const segments = result.split(/[/\\]/);
+    if (segments.some((segment) => SENSITIVE_PATH_SEGMENTS.has(segment.toLowerCase()))) {
+        const basename = segments[segments.length - 1] ?? result;
+        return `[SENSITIVE_PATH]/${basename}`;
     }
-    if (fs.existsSync(path.resolve(process.cwd(), "figma.config")) || fs.existsSync(path.resolve(process.cwd(), ".sketch"))) {
-        return "Design";
+    return result;
+}
+function redactMetadata(value, key) {
+    if (typeof value === "string") {
+        const redacted = redactOperationalContext(value);
+        if (key && /(?:^|_)(?:path|root|file|dir|directory)(?:$|_)/i.test(key)) {
+            return sanitizeFilePath(redacted);
+        }
+        return redacted;
     }
-    if (fs.existsSync(path.resolve(process.cwd(), "campaign.yml"))) {
-        return "Marketing";
+    if (Array.isArray(value)) {
+        return value.map((entry) => redactMetadata(entry));
     }
-    const repoMarkers = ["package.json", "pyproject.toml", "go.mod", "Cargo.toml"];
-    if (repoMarkers.some((marker) => fs.existsSync(path.resolve(process.cwd(), marker)))) {
-        return "Engineering";
+    if (typeof value === "object" && value !== null) {
+        return Object.fromEntries(Object.entries(value).map(([entryKey, entry]) => [entryKey, redactMetadata(entry, entryKey)]));
     }
-    return "Engineering";
+    return value;
 }
 export function redactProvenanceSignal(input) {
     const parsed = provenanceSignalSchema.parse(input);
+    if (!isRedactionEnabled()) {
+        return parsed;
+    }
     return {
         ...parsed,
+        decision: redactRawSignalText(parsed.decision),
+        rationale: redactRawSignalText(parsed.rationale),
+        framework: typeof parsed.framework === "string" ? redactRawSignalText(parsed.framework) : undefined,
+        filesAffected: parsed.filesAffected.map((filePath) => sanitizeFilePath(filePath)),
         originatingPrompt: typeof parsed.originatingPrompt === "string"
-            ? redactSecrets(parsed.originatingPrompt)
+            ? redactOperationalContext(parsed.originatingPrompt)
             : undefined,
-        metadata: {
-            ...parsed.metadata,
-            functional_area: inferFunctionalArea(parsed),
-        },
+        installToken: typeof parsed.installToken === "string"
+            ? redactOperationalContext(parsed.installToken)
+            : undefined,
+        metadata: redactMetadata(parsed.metadata),
     };
 }
 export function redactCodingSessionSignal(input) {
     const parsed = codingSessionSignalSchema.parse(input);
+    if (!isRedactionEnabled()) {
+        return parsed;
+    }
     return {
         ...parsed,
-        summary: redactSecrets(parsed.summary),
+        summary: redactRawSignalText(parsed.summary),
         evidence: parsed.evidence.map((entry) => ({
             ...entry,
-            excerpt: redactSecrets(entry.excerpt),
+            excerpt: redactOperationalContext(entry.excerpt),
+            diff: typeof entry.diff === "string" ? redactOperationalContext(entry.diff) : undefined,
+            before: typeof entry.before === "string" ? redactOperationalContext(entry.before) : undefined,
+            after: typeof entry.after === "string" ? redactOperationalContext(entry.after) : undefined,
         })),
-        commandsRun: parsed.commandsRun.map((command) => redactSecrets(command)),
+        filesTouched: parsed.filesTouched.map((filePath) => sanitizeFilePath(filePath)),
+        commandsRun: parsed.commandsRun.map((command) => redactOperationalContext(command)),
         metadata: redactMetadata(parsed.metadata),
     };
 }
-function apiBaseUrl() {
-    return process.env.ASKTHEW_API_URL?.trim() || "https://app.askthew.com";
+function apiBaseUrl(override) {
+    return override?.trim() || process.env.ASKTHEW_API_URL?.trim() || "https://app.askthew.com";
 }
 function normalizeClientId(value) {
     return String(value ?? "")
@@ -132,75 +302,202 @@ function normalizeClientId(value) {
 export function normalizeInstallTokenInput(token) {
     return String(token ?? "").trim().replace(/^['"]/, "").replace(/['"]$/, "");
 }
-function credentials() {
+const echoSchema = z.enum(["summary", "full"]).optional();
+const cursorSchema = z.string().optional();
+const idempotencyKeySchema = z.string().min(1).max(200).optional();
+const maxCharsSchema = z.number().int().positive().max(100000).optional();
+function traceId() {
+    return `trace_${Date.now()}_${Math.random().toString(36).slice(2, 10)}`;
+}
+function structuredError(input) {
+    return {
+        ok: false,
+        code: input.code,
+        message: input.message,
+        retryable: Boolean(input.retryable),
+        hint: input.hint ?? "",
+        traceId: input.traceId ?? traceId(),
+        ...(typeof input.status === "number" ? { status: input.status } : {}),
+        ...(input.extra ?? {}),
+    };
+}
+function withResponseShape(route, responseShape = "v2") {
+    const [path, query = ""] = route.split("?");
+    const searchParams = new URLSearchParams(query);
+    searchParams.set("response_shape", responseShape);
+    const nextQuery = searchParams.toString();
+    return nextQuery ? `${path}?${nextQuery}` : path;
+}
+function routeWithQuery(route, params) {
+    const searchParams = new URLSearchParams();
+    for (const [key, value] of Object.entries(params)) {
+        if (value === undefined || value === null || value === "") {
+            continue;
+        }
+        searchParams.set(key, String(value));
+    }
+    const query = searchParams.toString();
+    return query ? `${route}?${query}` : route;
+}
+function credentials(overrides) {
     const legacyHostType = process.env.ASKTHEW_HOST_TYPE?.trim();
     const hostType = legacyHostType === "claude_code" || legacyHostType === "codex" || legacyHostType === "cursor"
         ? legacyHostType
         : undefined;
-    const clientId = normalizeClientId(process.env.ASKTHEW_CLIENT_ID?.trim()) || hostType || "mcp_client";
+    const overrideHostType = overrides?.hostType;
+    const clientId = normalizeClientId(overrides?.clientId) ||
+        normalizeClientId(process.env.ASKTHEW_CLIENT_ID?.trim()) ||
+        overrideHostType ||
+        hostType ||
+        "mcp_client";
     return {
-        installToken: normalizeInstallTokenInput(process.env.ASKTHEW_INSTALL_TOKEN),
-        userId: process.env.ASKTHEW_USER_ID?.trim(),
-        apiKey: process.env.ASKTHEW_API_KEY?.trim(),
-        serverName: process.env.ASKTHEW_SERVER_NAME?.trim(),
+        installToken: normalizeInstallTokenInput(overrides?.installToken) ||
+            normalizeInstallTokenInput(process.env.ASKTHEW_INSTALL_TOKEN),
+        userId: overrides?.userId?.trim() || process.env.ASKTHEW_USER_ID?.trim(),
+        apiKey: overrides?.apiKey?.trim() || process.env.ASKTHEW_API_KEY?.trim(),
+        serverName: overrides?.serverName?.trim() || process.env.ASKTHEW_SERVER_NAME?.trim(),
         clientId,
-        clientLabel: process.env.ASKTHEW_CLIENT_LABEL?.trim(),
-        hostType,
+        clientLabel: overrides?.clientLabel?.trim() || process.env.ASKTHEW_CLIENT_LABEL?.trim(),
+        hostType: overrideHostType || hostType,
     };
 }
-function hasServerIdentity() {
-    const { installToken, userId } = credentials();
+function hasServerIdentity(overrides) {
+    const { installToken, userId } = credentials(overrides);
     return Boolean(installToken || userId);
 }
-async function postToServer(route, payload) {
-    if (!hasServerIdentity()) {
+async function postToServer(route, payload, options, request) {
+    if (!hasServerIdentity(options?.credentials)) {
         return null;
     }
-    const { installToken, userId, apiKey, clientId, clientLabel, hostType } = credentials();
-    const response = await fetch(`${apiBaseUrl()}${route}`, {
-        method: "POST",
+    const { installToken, userId, apiKey, clientId, clientLabel, hostType } = credentials(options?.credentials);
+    const fetcher = options?.fetchImpl ?? fetch;
+    const method = request?.method ?? "POST";
+    const bodyPayload = {
+        ...payload,
+        installToken: installToken || undefined,
+        userId: userId || undefined,
+        clientId,
+        clientLabel: clientLabel || undefined,
+        hostType: hostType || undefined,
+    };
+    const response = await fetcher(`${apiBaseUrl(options?.apiBaseUrl)}${route}`, {
+        method,
         headers: {
-            "Content-Type": "application/json",
-            ...(apiKey ? { Authorization: `Bearer ${apiKey}` } : {}),
+            ...(method === "GET" ? {} : { "Content-Type": "application/json" }),
+            ...(request?.idempotencyKey ? { "Idempotency-Key": request.idempotencyKey } : {}),
+            ...(installToken
+                ? { Authorization: `Bearer ${installToken}` }
+                : apiKey
+                    ? { Authorization: `Bearer ${apiKey}` }
+                    : {}),
         },
-        body: JSON.stringify({
-            ...payload,
-            installToken: installToken || undefined,
-            userId: userId || undefined,
-            clientId,
-            clientLabel: clientLabel || undefined,
-            hostType: hostType || undefined,
-        }),
+        ...(method === "GET" ? {} : { body: JSON.stringify(bodyPayload) }),
     }).catch(() => null);
-    if (!response || !response.ok) {
-        return null;
+    if (!response) {
+        return structuredError({
+            code: "network_error",
+            message: "Ask The W server could not be reached.",
+            retryable: true,
+            hint: "Check your network connection or retry the same idempotency key.",
+        });
+    }
+    const body = await response.json().catch(() => null);
+    if (!response.ok) {
+        if (body && typeof body === "object") {
+            const record = body;
+            return {
+                ...structuredError({
+                    code: typeof record.code === "string" ? record.code : "http_error",
+                    message: typeof record.message === "string"
+                        ? record.message
+                        : typeof record.error === "string"
+                            ? record.error
+                            : `Ask The W request failed with HTTP ${response.status}.`,
+                    retryable: response.status === 429 || response.status >= 500,
+                    hint: typeof record.hint === "string"
+                        ? record.hint
+                        : response.status >= 500
+                            ? "Retry with the same Idempotency-Key if this was a write."
+                            : "Check the tool input and retry.",
+                    traceId: typeof record.traceId === "string" ? record.traceId : undefined,
+                    status: response.status,
+                }),
+                ...record,
+            };
+        }
+        return structuredError({
+            code: "http_error",
+            message: `Ask The W request failed with HTTP ${response.status}.`,
+            retryable: response.status === 429 || response.status >= 500,
+            hint: response.status >= 500 ? "Retry with the same Idempotency-Key if this was a write." : "Check the tool input and retry.",
+            status: response.status,
+        });
     }
-    return response.json().catch(() => null);
+    return body;
 }
-function runtimeMetadata() {
+function runtimeMetadata(options) {
     const scope = resolvePluginScope(process.cwd());
-    const { serverName, clientId, clientLabel } = credentials();
+    const { serverName, clientId, clientLabel } = credentials(options?.credentials);
+    const extraMetadata = typeof options?.runtimeMetadata === "function"
+        ? options.runtimeMetadata()
+        : (options?.runtimeMetadata ?? {});
     return {
         repository: scope.repoName,
         repo_name: scope.repoName,
-        ...(scope.repoRoot ? { repo_root: scope.repoRoot } : {}),
-        ...(scope.appPath ? { app_path: scope.appPath } : {}),
+        scope_key: localScopeKey(),
+        ...(scope.repoRoot ? { repo_root: sanitizeFilePath(scope.repoRoot) } : {}),
+        ...(scope.appPath ? { app_path: sanitizeFilePath(scope.appPath) } : {}),
         ...(scope.serviceName ? { service_name: scope.serviceName } : {}),
         ...(serverName ? { server_name: serverName } : {}),
         ...(clientId ? { client_id: clientId } : {}),
         ...(clientLabel ? { client_label: clientLabel } : {}),
+        ...extraMetadata,
     };
 }
-async function sendStartupHeartbeat() {
-    if (!hasServerIdentity()) {
+function localScopeKey(cwd = process.cwd()) {
+    const scope = resolvePluginScope(cwd);
+    return [scope.repoRoot || scope.repoName || cwd, scope.appPath ?? "", scope.serviceName ?? ""]
+        .filter(Boolean)
+        .join("::")
+        .replace(/\s+/g, " ")
+        .slice(0, 500);
+}
+function startupSessionId(options) {
+    const scope = resolvePluginScope(process.cwd());
+    const { clientId } = credentials(options?.credentials);
+    const scopeKey = [scope.repoName, scope.appPath, scope.serviceName]
+        .filter((part) => Boolean(part))
+        .join(":") || "workspace";
+    return ["mcp-startup", clientId || "mcp_client", scopeKey]
+        .join(":")
+        .replace(/[^a-zA-Z0-9:_-]+/g, "_")
+        .slice(0, 240);
+}
+function loginCommandHint() {
+    for (const value of [
+        process.env.ASKTHEW_EMAIL,
+        process.env.GIT_AUTHOR_EMAIL,
+        process.env.GIT_COMMITTER_EMAIL,
+        process.env.EMAIL,
+    ]) {
+        const email = String(value ?? "").trim();
+        if (/^[^@\s]+@[^@\s]+\.[^@\s]+$/.test(email)) {
+            return `npx @askthew/mcp-plugin identify --email ${email}`;
+        }
+    }
+    return "npx @askthew/mcp-plugin identify --email <your-email>";
+}
+async function sendStartupHeartbeat(options) {
+    if (!hasServerIdentity(options?.credentials)) {
         return;
     }
-    const { installToken, apiKey, clientId, clientLabel, hostType, serverName } = credentials();
+    const { installToken, apiKey, clientId, clientLabel, hostType, serverName } = credentials(options?.credentials);
     if (!installToken) {
         return;
     }
     const scope = resolvePluginScope(process.cwd());
-    await fetch(`${apiBaseUrl()}/api/connectors/mcp/heartbeat`, {
+    const fetcher = options?.fetchImpl ?? fetch;
+    await fetcher(`${apiBaseUrl(options?.apiBaseUrl)}/api/connectors/mcp/heartbeat`, {
         method: "POST",
         headers: {
             "Content-Type": "application/json",
@@ -219,37 +516,254 @@ async function sendStartupHeartbeat() {
         }),
     }).catch(() => null);
 }
-export function createAskTheWMcpServer() {
+async function sendStartupSetupSignal(options) {
+    const sessionSignal = {
+        sessionId: startupSessionId(options),
+        sequence: 0,
+        kind: "setup_complete",
+        summary: "Ask The W plugin server started for this coding-agent session.",
+        evidence: [],
+        filesTouched: [],
+        commandsRun: [],
+        metadata: {
+            ...runtimeMetadata(options),
+            automated: true,
+            operational: true,
+            origin: "mcp_server_startup",
+        },
+    };
+    await postToServer("/api/ingest/mcp", {
+        sessionSignal: redactCodingSessionSignal(sessionSignal),
+    }, options);
+}
+async function sendStartupSignals(options) {
+    await sendStartupHeartbeat(options).catch(() => null);
+    await sendStartupSetupSignal(options).catch(() => null);
+}
+export function createAskTheWMcpServer(options = {}) {
+    const initialMode = resolveMcpMode();
+    if (initialMode.mode === "free_pending_auth") {
+        ensureLocalIdentity({
+            emailClaim: process.env.ASKTHEW_EMAIL,
+            apiUrl: options.apiBaseUrl,
+            telemetryOptOut: process.env.ASKTHEW_TELEMETRY === "off",
+        });
+    }
+    const resolvedMode = resolveMcpMode();
+    const optionInstallToken = normalizeInstallTokenInput(options.credentials?.installToken);
+    const mode = optionInstallToken
+        ? { mode: "paid", installToken: optionInstallToken, reason: "options_install_token" }
+        : resolvedMode;
+    const localStore = mode.mode === "paid" ? null : LocalStore.open();
+    if (localStore && mode.mode === "free" && mode.cliCredentials) {
+        void flushTelemetryOutbox({
+            store: localStore,
+            credentials: mode.cliCredentials,
+            apiUrl: options.apiBaseUrl,
+            fetchImpl: options.fetchImpl,
+        }).catch(() => null);
+    }
     const server = new McpServer({
-        name: "AskTheW Coding Agent Connector",
-        version: "1.0.0",
+        name: "Ask The W Coding Agent Connector",
+        version: "0.4.0",
     });
-    void sendStartupHeartbeat();
+    if (options.sendStartupHeartbeat !== false && mode.mode === "paid") {
+        void sendStartupSignals(options);
+    }
+    const apiToolResponse = async (route, payload = {}, method = "GET", request) => {
+        const upstream = await postToServer(route, payload, options, { method, idempotencyKey: request?.idempotencyKey });
+        return {
+            content: [
+                {
+                    type: "text",
+                    text: JSON.stringify(upstream, null, 2),
+                },
+            ],
+        };
+    };
+    const localResponse = (value) => toolJson(value);
+    const localToolError = (input) => localResponse(structuredError(input));
+    const budgetedLocalResponse = (value, maxChars) => {
+        if (!maxChars || JSON.stringify(value, null, 2).length <= maxChars) {
+            return localResponse(value);
+        }
+        const next = { ...value, truncated: true, maxChars };
+        for (const key of ["signals", "decisions", "decisionCandidates", "matches"]) {
+            const list = next[key];
+            if (Array.isArray(list)) {
+                while (list.length > 0 && JSON.stringify(next, null, 2).length > maxChars) {
+                    list.pop();
+                }
+                next[key] = list;
+            }
+        }
+        if (typeof next.rendered === "string" && JSON.stringify(next, null, 2).length > maxChars) {
+            const overhead = JSON.stringify({ ...next, rendered: "" }, null, 2).length + 80;
+            next.rendered = `${next.rendered.slice(0, Math.max(0, maxChars - overhead)).trimEnd()}\n\n[truncated to max_chars=${maxChars}]`;
+        }
+        return localResponse(next);
+    };
+    const currentScopeKey = () => localScopeKey();
+    const compactWriteResponse = (input) => localResponse({
+        ok: input.ok !== false,
+        id: input.id ?? null,
+        ...(input.sessionId ? { sessionId: input.sessionId } : {}),
+        ...(typeof input.sequence === "number" ? { sequence: input.sequence } : {}),
+        ...(typeof input.signalCount === "number" ? { signalCount: input.signalCount } : {}),
+        ...(input.warnings && input.warnings.length > 0 ? { warnings: input.warnings } : {}),
+    });
+    const upstreamId = (upstream) => {
+        if (!upstream || typeof upstream !== "object")
+            return null;
+        const record = upstream;
+        return (record.id ??
+            record.signalId ??
+            record.entry?.id ??
+            record.decision?.id ??
+            record.data?.id ??
+            record.data?.outcome?.id ??
+            record.data?.decision?.id ??
+            null);
+    };
+    const upstreamSequence = (upstream) => {
+        if (!upstream || typeof upstream !== "object")
+            return null;
+        const record = upstream;
+        const sequence = record.sequence ?? record.entry?.sequence ?? record.data?.sequence ?? null;
+        return typeof sequence === "number" ? sequence : null;
+    };
+    const upstreamFailure = (upstream) => upstream && typeof upstream === "object" && upstream.ok === false
+        ? upstream
+        : null;
+    const requireFreeIdentity = () => {
+        if (mode.mode === "unauthenticated" || mode.mode === "free_pending_auth") {
+            const loginCommand = loginCommandHint();
+            return localToolError({
+                code: "free_tier_login_required",
+                message: "Free local mode needs a local install identity before capture.",
+                retryable: false,
+                hint: `Run \`${loginCommand}\` or reinstall with \`--free --email <your-email>\`, then restart or reload the MCP host.`,
+                extra: {
+                    loginCommand,
+                    supportEmail: "support@askthew.com",
+                },
+            });
+        }
+        return null;
+    };
     server.tool("capture_session_signal", {
         sessionId: z.string().min(1),
         sequence: z.number().int().nonnegative(),
         kind: sessionSignalKindSchema,
         summary: z.string().min(1).max(2000),
         evidence: z
-            .array(z.object({
-            role: evidenceRoleSchema,
-            excerpt: z.string().min(1).max(500),
-        }))
+            .array(evidenceEntrySchema)
             .default([]),
         filesTouched: z.array(z.string().min(1).max(500)).default([]),
         commandsRun: z.array(z.string().min(1).max(500)).default([]),
         metadata: z.record(z.string(), z.unknown()).default({}),
+        idempotencyKey: idempotencyKeySchema,
+        echo: echoSchema,
     }, async (payload) => {
         const sessionSignal = redactCodingSessionSignal({
             ...payload,
             metadata: {
-                ...runtimeMetadata(),
+                ...runtimeMetadata(options),
                 ...(payload.metadata ?? {}),
             },
         });
-        const upstream = await postToServer("/api/ingest/mcp", {
+        const scopeKey = currentScopeKey();
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired) {
+                return loginRequired;
+            }
+            const signal = localStore.insertSignal({
+                sessionId: sessionSignal.sessionId,
+                sequence: sessionSignal.sequence,
+                kind: sessionSignal.kind,
+                summary: sessionSignal.summary,
+                evidence: sessionSignal.evidence,
+                filesTouched: sessionSignal.filesTouched,
+                commandsRun: sessionSignal.commandsRun,
+                metadata: sessionSignal.metadata,
+                scopeKey,
+            });
+            const sessionSignalCount = localStore.listSignals({
+                sessionId: signal.sessionId,
+                scopeKey,
+                limit: 100000,
+            }).length;
+            if (sessionSignal.kind === "final_summary" && mode.cliCredentials) {
+                localStore.enqueueTelemetry(buildTelemetryPayload({
+                    store: localStore,
+                    credentials: mode.cliCredentials,
+                    sessionId: sessionSignal.sessionId,
+                }));
+                void flushTelemetryOutbox({
+                    store: localStore,
+                    credentials: mode.cliCredentials,
+                    apiUrl: options.apiBaseUrl,
+                    fetchImpl: options.fetchImpl,
+                }).catch(() => null);
+            }
+            if (!payload.echo) {
+                return compactWriteResponse({
+                    id: signal.id,
+                    sessionId: signal.sessionId,
+                    sequence: signal.sequence,
+                    signalCount: sessionSignalCount,
+                });
+            }
+            if (payload.echo === "summary") {
+                return localResponse({
+                    ok: true,
+                    id: signal.id,
+                    sessionId: signal.sessionId,
+                    sequence: signal.sequence,
+                    signalCount: sessionSignalCount,
+                    summary: signal.summary,
+                    kind: signal.kind,
+                });
+            }
+            return localResponse({
+                ok: true,
+                tier: "free",
+                signal,
+                note: localStore.usingJsonFallback
+                    ? "Captured locally in JSON fallback mode because SQLite was unavailable."
+                    : "Captured locally in SQLite. Aggregate telemetry only may flush on final_summary unless opted out.",
+            });
+        }
+        const upstream = await postToServer(payload.echo === "full" ? "/api/ingest/mcp" : withResponseShape("/api/ingest/mcp"), {
             sessionSignal,
-        });
+        }, options, { idempotencyKey: payload.idempotencyKey });
+        const failure = upstreamFailure(upstream);
+        if (failure)
+            return localResponse(failure);
+        if (!payload.echo) {
+            return compactWriteResponse({
+                id: upstreamId(upstream),
+                sessionId: sessionSignal.sessionId,
+                sequence: sessionSignal.sequence,
+                signalCount: upstream && typeof upstream === "object" && typeof upstream.signalCount === "number"
+                    ? upstream.signalCount
+                    : 1,
+            });
+        }
+        if (payload.echo === "summary") {
+            return localResponse({
+                ok: true,
+                id: upstreamId(upstream),
+                sessionId: sessionSignal.sessionId,
+                sequence: sessionSignal.sequence,
+                signalCount: upstream && typeof upstream === "object" && typeof upstream.signalCount === "number"
+                    ? upstream.signalCount
+                    : 1,
+                summary: sessionSignal.summary,
+                kind: sessionSignal.kind,
+            });
+        }
         return {
             content: [
                 {
@@ -264,5 +778,1124 @@ export function createAskTheWMcpServer() {
             ],
         };
     });
+    server.tool("list_decisions", {
+        limit: z.number().int().positive().max(300).optional(),
+        cursor: z.string().optional(),
+        sessionId: z.string().optional(),
+        status: z.enum(["proposed", "committed", "shipped", "abandoned"]).optional(),
+        since: z.string().optional(),
+        compact: z.boolean().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired)
+                return loginRequired;
+            const decisions = localStore.listDecisions({
+                limit: payload.limit ?? 5,
+                cursor: payload.cursor,
+                sessionId: payload.sessionId,
+                status: payload.status,
+                since: payload.since,
+                scopeKey: currentScopeKey(),
+            });
+            return budgetedLocalResponse({
+                ok: true,
+                tier: "free",
+                decisions: payload.compact !== false
+                    ? decisions.map((decision) => ({
+                        id: decision.id,
+                        headline: decision.headline,
+                        status: decision.status,
+                        signalIds: decision.sourceSignalIds,
+                    }))
+                    : decisions.map((decision) => decisionWithSignals(localStore, decision)),
+                nextCursor: decisions.length >= (payload.limit ?? 5) ? decisions.at(-1)?.createdAt ?? null : null,
+            }, payload.max_chars ?? 8000);
+        }
+        return apiToolResponse(routeWithQuery("/api/decisions", {
+            limit: payload.limit ?? 5,
+            cursor: payload.cursor,
+            sessionId: payload.sessionId,
+            status: payload.status,
+            since: payload.since,
+            compact: payload.compact ?? true,
+            max_chars: payload.max_chars ?? 8000,
+        }));
+    });
+    server.tool("get_decision", {
+        id: z.string().min(1),
+    }, async (payload) => {
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired)
+                return loginRequired;
+            const decision = localStore.getDecision(payload.id);
+            return decision
+                ? localResponse({ ok: true, tier: "free", decision: decisionWithSignals(localStore, decision) })
+                : localToolError({
+                    code: "not_found",
+                    message: "Decision not found in the local Ask The W store.",
+                    retryable: false,
+                    hint: "Check the decision id or search/list local decisions first.",
+                });
+        }
+        return apiToolResponse(`/api/decisions/${encodeURIComponent(payload.id)}`);
+    });
+    server.tool("create_decision", {
+        content: z.string().min(1),
+        idempotencyKey: idempotencyKeySchema,
+        echo: echoSchema,
+    }, async (payload) => {
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired)
+                return loginRequired;
+            const scopeKey = currentScopeKey();
+            if (payload.idempotencyKey) {
+                const existingId = localStore.getMeta(`idempotency:create_decision:${scopeKey}:${payload.idempotencyKey}`);
+                if (existingId) {
+                    const existing = localStore.getDecision(existingId);
+                    if (existing) {
+                        return payload.echo === "full"
+                            ? localResponse({ ok: true, tier: "free", decision: decisionWithSignals(localStore, existing), idempotent: true })
+                            : compactWriteResponse({ id: existing.id, sequence: localStore.stats().decisions });
+                    }
+                }
+            }
+            const decision = localStore.createDecision({
+                rawContent: payload.content,
+                sessionId: localStore.mostRecentSessionId({ scopeKey }),
+                scopeKey,
+            });
+            if (payload.idempotencyKey) {
+                localStore.setMeta(`idempotency:create_decision:${scopeKey}:${payload.idempotencyKey}`, decision.id);
+            }
+            const warnings = detectDecisionConflicts({
+                decision,
+                decisions: localStore.listDecisions({ limit: 100000, scopeKey }),
+            });
+            if (!payload.echo) {
+                return compactWriteResponse({
+                    id: decision.id,
+                    sequence: localStore.stats().decisions,
+                    warnings,
+                });
+            }
+            return localResponse({
+                ok: true,
+                ...(payload.echo === "summary"
+                    ? { id: decision.id, sequence: localStore.stats().decisions, headline: decision.headline, warnings }
+                    : { tier: "free", decision: decisionWithSignals(localStore, decision), warnings }),
+            });
+        }
+        const upstream = await postToServer(payload.echo === "full" ? "/api/decisions" : withResponseShape("/api/decisions"), {
+            content: payload.content,
+        }, options, { method: "POST", idempotencyKey: payload.idempotencyKey });
+        const failure = upstreamFailure(upstream);
+        if (failure)
+            return localResponse(failure);
+        if (!payload.echo) {
+            return compactWriteResponse({
+                id: upstreamId(upstream),
+                sequence: upstreamSequence(upstream) ?? 1,
+            });
+        }
+        return localResponse(payload.echo === "summary"
+            ? { ok: true, id: upstreamId(upstream), sequence: upstreamSequence(upstream) ?? 1 }
+            : upstream);
+    });
+    server.tool("update_decision", {
+        id: z.string().min(1),
+        headline: z.string().min(1).optional(),
+        why: z.string().optional(),
+        status: z.enum(["proposed", "committed", "shipped", "abandoned"]).optional(),
+        alignment: z.enum(["aligned", "orthogonal", "conflicts", "ambiguous"]).optional(),
+        outcomeId: z.string().min(1).optional(),
+        idempotencyKey: idempotencyKeySchema,
+        echo: echoSchema,
+    }, async (payload) => {
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired)
+                return loginRequired;
+            const decision = localStore.updateDecision(payload.id, {
+                ...(payload.headline ? { headline: payload.headline } : {}),
+                ...(payload.why !== undefined ? { why: payload.why } : {}),
+                ...(payload.status ? { status: payload.status } : {}),
+                ...(payload.alignment !== undefined ? { alignment: payload.alignment } : {}),
+            });
+            if (!decision) {
+                return localToolError({
+                    code: "not_found",
+                    message: "Decision not found in the local Ask The W store.",
+                    retryable: false,
+                    hint: "Check the decision id before updating.",
+                });
+            }
+            const warnings = detectDecisionConflicts({
+                decision,
+                decisions: localStore.listDecisions({ limit: 100000, scopeKey: currentScopeKey() }),
+            });
+            if (!payload.echo) {
+                return compactWriteResponse({ id: decision.id, sequence: localStore.stats().decisions, warnings });
+            }
+            return localResponse(payload.echo === "summary"
+                ? { ok: true, id: decision.id, sequence: localStore.stats().decisions, headline: decision.headline, warnings }
+                : { ok: true, tier: "free", decision: decisionWithSignals(localStore, decision), warnings });
+        }
+        const upstream = await postToServer(payload.echo === "full"
+            ? `/api/decisions/${encodeURIComponent(payload.id)}`
+            : withResponseShape(`/api/decisions/${encodeURIComponent(payload.id)}`), {
+            headline: payload.headline,
+            why: payload.why,
+            status: payload.status,
+            alignment: payload.alignment,
+            outcomeId: payload.outcomeId,
+        }, options, { method: "PATCH", idempotencyKey: payload.idempotencyKey });
+        const failure = upstreamFailure(upstream);
+        if (failure)
+            return localResponse(failure);
+        if (!payload.echo) {
+            return compactWriteResponse({ id: upstreamId(upstream) ?? payload.id, sequence: upstreamSequence(upstream) ?? 1 });
+        }
+        return localResponse(payload.echo === "summary"
+            ? { ok: true, id: upstreamId(upstream) ?? payload.id, sequence: upstreamSequence(upstream) ?? 1 }
+            : upstream);
+    });
+    server.tool("delete_decision", {
+        id: z.string().min(1),
+        confirmText: z.string().min(1),
+        idempotencyKey: idempotencyKeySchema,
+    }, async (payload) => {
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired)
+                return loginRequired;
+            if (payload.confirmText !== payload.id) {
+                return localToolError({
+                    code: "confirmation_required",
+                    message: "confirmText must match the decision id.",
+                    retryable: false,
+                    hint: "Pass the exact decision id as confirmText.",
+                });
+            }
+            return localResponse({ ok: localStore.deleteDecision(payload.id), tier: "free" });
+        }
+        return apiToolResponse(`/api/decisions/${encodeURIComponent(payload.id)}`, {
+            confirmText: payload.confirmText,
+        }, "DELETE", { idempotencyKey: payload.idempotencyKey });
+    });
+    server.tool("list_outcomes", paidDescription("List outcomes from your workspace.", mode.mode), {
+        limit: z.number().int().positive().max(300).optional(),
+        cursor: cursorSchema,
+    }, async (payload) => {
+        if (mode.mode === "free")
+            return localResponse(paidFeatureNudge("list_outcomes"));
+        return apiToolResponse(routeWithQuery("/api/outcomes", {
+            limit: payload.limit,
+            cursor: payload.cursor,
+        }));
+    });
+    server.tool("get_outcome", paidDescription("Get outcome detail from your workspace.", mode.mode), {
+        id: z.string().min(1),
+    }, async (payload) => mode.mode === "free"
+        ? localResponse(paidFeatureNudge("get_outcome"))
+        : apiToolResponse(`/api/outcomes/${encodeURIComponent(payload.id)}`));
+    server.tool("list_outcome_signals", paidDescription("List signals linked to an outcome.", mode.mode), {
+        id: z.string().min(1),
+        limit: z.number().int().positive().max(300).optional(),
+        cursor: cursorSchema,
+    }, async (payload) => mode.mode === "free"
+        ? localResponse(paidFeatureNudge("list_outcome_signals"))
+        : apiToolResponse(routeWithQuery(`/api/outcomes/${encodeURIComponent(payload.id)}/signals`, {
+            limit: payload.limit,
+            cursor: payload.cursor,
+        })));
+    server.tool("create_outcome", paidDescription("Create a new outcome.", mode.mode), {
+        name: z.string().min(1),
+        summary: z.string().optional(),
+        causalHypothesis: z.string().optional(),
+        suggestedAction: z.string().optional(),
+        idempotencyKey: idempotencyKeySchema,
+    }, async (payload) => {
+        if (mode.mode === "free")
+            return localResponse(paidFeatureNudge("create_outcome"));
+        return apiToolResponse("/api/outcomes", {
+            name: payload.name,
+            summary: payload.summary,
+            causalHypothesis: payload.causalHypothesis,
+            suggestedAction: payload.suggestedAction,
+        }, "POST", { idempotencyKey: payload.idempotencyKey });
+    });
+    server.tool("update_outcome", paidDescription("Update an outcome.", mode.mode), {
+        id: z.string().min(1),
+        name: z.string().min(1).optional(),
+        summary: z.string().optional(),
+        causalHypothesis: z.string().optional(),
+        suggestedAction: z.string().optional(),
+        status: z.enum(["active", "achieved", "abandoned", "archived"]).optional(),
+        idempotencyKey: idempotencyKeySchema,
+        echo: echoSchema,
+    }, async (payload) => {
+        if (mode.mode === "free")
+            return localResponse(paidFeatureNudge("update_outcome"));
+        const upstream = await postToServer(payload.echo === "full"
+            ? `/api/outcomes/${encodeURIComponent(payload.id)}`
+            : withResponseShape(`/api/outcomes/${encodeURIComponent(payload.id)}`), {
+            name: payload.name,
+            summary: payload.summary,
+            causalHypothesis: payload.causalHypothesis,
+            suggestedAction: payload.suggestedAction,
+            status: payload.status,
+        }, options, { method: "PATCH", idempotencyKey: payload.idempotencyKey });
+        const failure = upstreamFailure(upstream);
+        if (failure)
+            return localResponse(failure);
+        if (!payload.echo) {
+            return compactWriteResponse({ id: upstreamId(upstream) ?? payload.id, sequence: upstreamSequence(upstream) ?? 1 });
+        }
+        return localResponse(payload.echo === "summary"
+            ? { ok: true, id: upstreamId(upstream) ?? payload.id, sequence: upstreamSequence(upstream) ?? 1 }
+            : upstream);
+    });
+    server.tool("delete_outcome", paidDescription("Delete an outcome.", mode.mode), {
+        id: z.string().min(1),
+        confirmText: z.string().min(1),
+        idempotencyKey: idempotencyKeySchema,
+    }, async (payload) => {
+        if (mode.mode === "free")
+            return localResponse(paidFeatureNudge("delete_outcome"));
+        return apiToolResponse(`/api/outcomes/${encodeURIComponent(payload.id)}`, {
+            confirmText: payload.confirmText,
+        }, "DELETE", { idempotencyKey: payload.idempotencyKey });
+    });
+    server.tool("get_north_star", paidDescription("Read the workspace north-star metric.", mode.mode), {}, async () => mode.mode === "free"
+        ? localResponse(paidFeatureNudge("get_north_star"))
+        : apiToolResponse("/api/north-star"));
+    server.tool("update_north_star", paidDescription("Update the workspace north-star metric.", mode.mode), {
+        metric: z.string().min(1),
+        current: z.string().min(1),
+        target: z.string().min(1),
+        reason: z.string().min(1),
+        idempotencyKey: idempotencyKeySchema,
+    }, async (payload) => {
+        if (mode.mode === "free")
+            return localResponse(paidFeatureNudge("update_north_star"));
+        return apiToolResponse("/api/north-star", {
+            metric: payload.metric,
+            current: payload.current,
+            target: payload.target,
+            reason: payload.reason,
+        }, "POST", { idempotencyKey: payload.idempotencyKey });
+    });
+    server.tool("list_signals", {
+        limit: z.number().int().positive().max(300).optional(),
+        cursor: z.string().optional(),
+        sessionId: z.string().optional(),
+        since: z.string().optional(),
+        compact: z.boolean().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired)
+                return loginRequired;
+            const signals = localStore.listSignals({
+                limit: payload.limit ?? 10,
+                cursor: payload.cursor,
+                sessionId: payload.sessionId,
+                since: payload.since,
+                scopeKey: currentScopeKey(),
+            });
+            return budgetedLocalResponse({
+                ok: true,
+                tier: "free",
+                signals: payload.compact !== false
+                    ? signals.map((signal) => compactSignal(signal, localStore.getDecisionForSignal(signal.id)))
+                    : signals.map((signal) => signalWithDecision(localStore, signal)),
+                nextCursor: signals.length >= (payload.limit ?? 10) ? signals.at(-1)?.capturedAt ?? null : null,
+            }, payload.max_chars ?? 8000);
+        }
+        return apiToolResponse(routeWithQuery("/api/signals", {
+            limit: payload.limit ?? 10,
+            cursor: payload.cursor,
+            sessionId: payload.sessionId,
+            since: payload.since,
+            compact: payload.compact ?? true,
+            max_chars: payload.max_chars ?? 8000,
+        }));
+    });
+    server.tool("find_signal_by_summary", "Find recent signals by summary text without needing an opaque signal id first.", {
+        query: z.string().min(1),
+        sessionId: z.string().optional(),
+        limit: z.number().int().positive().max(50).default(5),
+        compact: z.boolean().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired)
+                return loginRequired;
+            const normalizedQuery = payload.query.toLowerCase();
+            const signals = localStore
+                .listSignals({
+                limit: 100000,
+                sessionId: payload.sessionId,
+                scopeKey: currentScopeKey(),
+            })
+                .filter((signal) => [
+                signal.summary,
+                signal.kind,
+                ...signal.filesTouched,
+                ...signal.commandsRun,
+            ].join("\n").toLowerCase().includes(normalizedQuery))
+                .slice(0, payload.limit);
+            return budgetedLocalResponse({
+                ok: true,
+                tier: "free",
+                query: payload.query,
+                signals: payload.compact === false
+                    ? signals.map((signal) => signalWithDecision(localStore, signal))
+                    : signals.map((signal) => compactSignal(signal, localStore.getDecisionForSignal(signal.id))),
+            }, payload.max_chars ?? 8000);
+        }
+        return apiToolResponse(routeWithQuery("/api/signals", {
+            query: payload.query,
+            sessionId: payload.sessionId,
+            limit: payload.limit,
+            compact: payload.compact ?? true,
+            max_chars: payload.max_chars ?? 8000,
+        }));
+    });
+    server.tool("get_signal", {
+        id: z.string().min(1),
+    }, async (payload) => {
+        if (mode.mode !== "paid" && localStore) {
+            const loginRequired = requireFreeIdentity();
+            if (loginRequired)
+                return loginRequired;
+            const signal = localStore.getSignal(Number(payload.id));
+            return signal
+                ? localResponse({ ok: true, tier: "free", signal: signalWithDecision(localStore, signal) })
+                : localToolError({
+                    code: "not_found",
+                    message: "Signal not found in the local Ask The W store.",
+                    retryable: false,
+                    hint: "Check the signal id or list local signals first.",
+                });
+        }
+        return apiToolResponse(`/api/signals/${encodeURIComponent(payload.id)}`);
+    });
+    server.tool("review_decisions", "Review captured decisions. Use for natural prompts like: What did I decide yesterday?", {
+        since: z.string().optional(),
+        status: z.enum(["proposed", "committed", "shipped", "abandoned"]).optional(),
+        format: z.enum(["markdown", "json"]).default("markdown"),
+        limit: z.number().int().positive().max(300).default(50),
+        cursor: cursorSchema,
+        sessionId: z.string().optional(),
+        compact: z.boolean().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (mode.mode === "paid") {
+            return apiToolResponse(routeWithQuery("/api/decisions", {
+                since: payload.since,
+                status: payload.status,
+                limit: payload.limit,
+                cursor: payload.cursor,
+                sessionId: payload.sessionId,
+                compact: payload.compact,
+                max_chars: payload.max_chars,
+            }));
+        }
+        if (!localStore) {
+            return localToolError({
+                code: "local_store_unavailable",
+                message: "The local Ask The W store is unavailable.",
+                retryable: true,
+                hint: "Retry after restarting the plugin host.",
+            });
+        }
+        const loginRequired = requireFreeIdentity();
+        if (loginRequired)
+            return loginRequired;
+        const decisions = localStore.listDecisions({
+            since: payload.since,
+            status: payload.status,
+            limit: payload.limit,
+            cursor: payload.cursor,
+            sessionId: payload.sessionId,
+            scopeKey: currentScopeKey(),
+        });
+        return budgetedLocalResponse({
+            ok: true,
+            tier: "free",
+            format: payload.format,
+            rendered: renderDecisionDigest(decisions),
+            decisions: payload.compact
+                ? decisions.map((decision) => ({
+                    id: decision.id,
+                    headline: decision.headline,
+                    status: decision.status,
+                    signalIds: decision.sourceSignalIds,
+                }))
+                : decisions.map((decision) => decisionWithSignals(localStore, decision)),
+            count: decisions.length,
+            nextCursor: decisions.length >= payload.limit ? decisions.at(-1)?.createdAt ?? null : null,
+            copyHint: "Copy this output to back up your decisions - `export_decisions` is a paid feature.",
+        }, payload.max_chars);
+    });
+    server.tool("review_session", "Review the current session trail. Use for natural prompts like: Show me my session trail.", {
+        sessionId: z.string().optional(),
+        format: z.enum(["markdown", "json"]).default("markdown"),
+        cursor: cursorSchema,
+        limit: z.number().int().positive().max(50).default(50),
+        compact: z.boolean().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (!localStore || mode.mode === "paid") {
+            return apiToolResponse(routeWithQuery("/api/signals", {
+                sessionId: payload.sessionId,
+                cursor: payload.cursor,
+                limit: payload.limit,
+                compact: payload.compact,
+                max_chars: payload.max_chars,
+            }));
+        }
+        const loginRequired = requireFreeIdentity();
+        if (loginRequired)
+            return loginRequired;
+        const scopeKey = currentScopeKey();
+        const sessionId = payload.sessionId ?? localStore.mostRecentSessionId({ scopeKey });
+        const allSessionIds = localStore.listSessionIds({ limit: 100000, scopeKey });
+        const allowedSessionIds = new Set(allSessionIds.slice(0, 3));
+        if (sessionId && allSessionIds.length > 3 && !allowedSessionIds.has(sessionId)) {
+            return localToolError({
+                code: "free_tier_limit",
+                message: "The free plugin can review the latest three local sessions.",
+                retryable: false,
+                hint: "Upgrade to review more than three sessions in the workspace dashboard.",
+                extra: {
+                    tool: "review_session",
+                    limit: 3,
+                    upgradeUrl: "https://askthew.com/mcp?utm_source=mcp-plugin&utm_medium=tool-nudge&utm_campaign=mcp-free&tool=review_session",
+                    cta: "Upgrade to review more than three sessions in the workspace dashboard.",
+                },
+            });
+        }
+        const limit = Math.min(50, payload.limit ?? 50);
+        const signals = sessionId
+            ? localStore.listSignals({ sessionId, scopeKey, cursor: payload.cursor, limit })
+            : [];
+        const allSignals = sessionId ? localStore.listSignals({ sessionId, scopeKey, limit: 100000 }) : [];
+        const decisions = sessionId
+            ? localStore.listDecisions({ sessionId, scopeKey, limit: 100000 })
+            : [];
+        const decisionCandidates = listDecisionCandidates({ store: localStore, sessionId, scopeKey, limit: 25 }).candidates;
+        const counts = signals.reduce((accumulator, signal) => {
+            accumulator[signal.kind] = (accumulator[signal.kind] ?? 0) + 1;
+            return accumulator;
+        }, {});
+        const allCounts = allSignals.reduce((accumulator, signal) => {
+            accumulator[signal.kind] = (accumulator[signal.kind] ?? 0) + 1;
+            return accumulator;
+        }, {});
+        const nextCursor = signals.length >= limit ? signals.at(-1)?.capturedAt ?? null : null;
+        if (payload.format === "json") {
+            return budgetedLocalResponse({
+                ok: true,
+                tier: "free",
+                sessionId,
+                format: "json",
+                signals: payload.compact
+                    ? signals.map((signal) => compactSignal(signal, localStore.getDecisionForSignal(signal.id)))
+                    : signals.map((signal) => signalWithDecision(localStore, signal)),
+                decisions: payload.compact
+                    ? decisions.map((decision) => ({ id: decision.id, headline: decision.headline, status: decision.status, signalIds: decision.sourceSignalIds }))
+                    : decisions.map((decision) => decisionWithSignals(localStore, decision)),
+                decisionCandidates,
+                nextCursor,
+                counts: {
+                    totalSignals: allSignals.length,
+                    byKind: allCounts,
+                },
+            }, payload.max_chars);
+        }
+        return budgetedLocalResponse({
+            ok: true,
+            tier: "free",
+            sessionId,
+            format: "markdown",
+            rendered: renderSessionMarkdown({ sessionId, signals: allSignals, decisions, decisionCandidates }),
+            ...(payload.compact
+                ? { signals: allSignals.map((signal) => compactSignal(signal, localStore.getDecisionForSignal(signal.id))) }
+                : {}),
+            counts: {
+                totalSignals: allSignals.length,
+                byKind: Object.keys(allCounts).length ? allCounts : counts,
+            },
+        }, payload.max_chars);
+    });
+    server.tool("recap", "Summarize the latest local coding-agent session as a digest, standup, or share-ready recap.", {
+        format: z.enum(["digest", "standup", "share"]).default("digest"),
+        sessionId: z.string().optional(),
+        compact: z.boolean().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (!localStore || mode.mode === "paid")
+            return localResponse(paidFeatureNudge("recap"));
+        const loginRequired = requireFreeIdentity();
+        if (loginRequired)
+            return loginRequired;
+        const scopeKey = currentScopeKey();
+        const sessionId = payload.sessionId ?? localStore.mostRecentSessionId({ scopeKey });
+        const signals = sessionId ? localStore.listSignals({ sessionId, scopeKey, limit: 100000 }) : [];
+        const decisions = sessionId ? localStore.listDecisions({ sessionId, scopeKey, limit: 100000 }) : [];
+        return budgetedLocalResponse({
+            ok: true,
+            tier: "free",
+            sessionId,
+            format: payload.format,
+            rendered: renderRecap({ format: payload.format, signals, decisions }),
+            ...(payload.compact
+                ? { signals: signals.map((signal) => compactSignal(signal, localStore.getDecisionForSignal(signal.id))) }
+                : {}),
+        }, payload.max_chars);
+    });
+    server.tool("coach", "Coach the local coding-agent session. Use for natural prompts like: Coach me on this session.", {
+        scope: z.enum(["session", "week", "patterns"]).default("session"),
+        sessionId: z.string().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (payload.scope === "week" || payload.scope === "patterns") {
+            return localResponse(paidFeatureNudge("coach"));
+        }
+        if (!localStore || mode.mode === "paid")
+            return localResponse(paidFeatureNudge("coach"));
+        const loginRequired = requireFreeIdentity();
+        if (loginRequired)
+            return loginRequired;
+        const scopeKey = currentScopeKey();
+        const sessionId = payload.sessionId ?? localStore.mostRecentSessionId({ scopeKey });
+        const signals = sessionId ? localStore.listSignals({ sessionId, scopeKey, limit: 100000 }) : [];
+        const decisions = sessionId ? localStore.listDecisions({ sessionId, scopeKey, limit: 100000 }) : [];
+        const coaching = buildSessionCoach({ signals, decisions });
+        return budgetedLocalResponse({
+            ok: true,
+            tier: "free",
+            scope: "session",
+            sessionId,
+            qualityScore: coaching.qualityScore,
+            biggestGap: coaching.biggestGap,
+            failureMode: coaching.failureMode,
+            rendered: `Decision quality score: ${coaching.qualityScore}/100\nBiggest gap: ${coaching.biggestGap}`,
+        }, payload.max_chars);
+    });
+    server.tool("promote_signal_to_decision", "Copy a captured signal summary into a linked local decision.", {
+        signalId: z.union([z.string(), z.number()]),
+        status: z.enum(["proposed", "committed", "shipped", "abandoned"]).default("proposed"),
+        why: z.string().optional(),
+        idempotencyKey: idempotencyKeySchema,
+    }, async (payload) => {
+        if (!localStore || mode.mode === "paid")
+            return localResponse(paidFeatureNudge("promote_signal_to_decision"));
+        const loginRequired = requireFreeIdentity();
+        if (loginRequired)
+            return loginRequired;
+        const numericSignalId = typeof payload.signalId === "number" ? payload.signalId : Number(payload.signalId);
+        if (!Number.isFinite(numericSignalId)) {
+            return localToolError({
+                code: "invalid_input",
+                message: "Invalid signalId.",
+                retryable: false,
+                hint: "Use the numeric local signal id.",
+                extra: { field: "signalId" },
+            });
+        }
+        const signal = localStore.getSignal(numericSignalId);
+        if (!signal) {
+            return localToolError({
+                code: "not_found",
+                message: "Signal not found in the local Ask The W store.",
+                retryable: false,
+                hint: "List signals first, then pass the numeric local signal id.",
+                extra: { tool: "promote_signal_to_decision" },
+            });
+        }
+        if (payload.idempotencyKey) {
+            const existingId = localStore.getMeta(`idempotency:promote_signal_to_decision:${payload.idempotencyKey}`);
+            if (existingId) {
+                const existing = localStore.getDecision(existingId);
+                if (existing) {
+                    return localResponse({
+                        ok: true,
+                        id: existing.id,
+                        sequence: localStore.stats().decisions,
+                        decision: decisionWithSignals(localStore, existing),
+                        linkedSignalId: signal.id,
+                        idempotent: true,
+                    });
+                }
+            }
+        }
+        const decision = localStore.createDecision({
+            rawContent: signal.summary,
+            headline: signal.summary,
+            why: payload.why ?? null,
+            status: payload.status,
+            sessionId: signal.sessionId,
+            files: signal.filesTouched,
+            sourceSignalIds: [signal.id],
+            scopeKey: signal.scopeKey ?? currentScopeKey(),
+        });
+        if (payload.idempotencyKey) {
+            localStore.setMeta(`idempotency:promote_signal_to_decision:${payload.idempotencyKey}`, decision.id);
+        }
+        const warnings = detectDecisionConflicts({
+            decision,
+            decisions: localStore.listDecisions({ limit: 100000, scopeKey: decision.scopeKey }),
+        });
+        return localResponse({
+            ok: true,
+            id: decision.id,
+            sequence: localStore.stats().decisions,
+            decision: decisionWithSignals(localStore, decision),
+            linkedSignalId: signal.id,
+            warnings,
+        });
+    });
+    server.tool("list_decision_candidates", "List local signals that look like decision moments and can be promoted.", {
+        sessionId: z.string().optional(),
+        limit: z.number().int().positive().max(300).default(50),
+        cursor: cursorSchema,
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (!localStore || mode.mode === "paid")
+            return localResponse(paidFeatureNudge("list_decision_candidates"));
+        const loginRequired = requireFreeIdentity();
+        if (loginRequired)
+            return loginRequired;
+        const scopeKey = currentScopeKey();
+        const sessionId = payload.sessionId ?? localStore.mostRecentSessionId({ scopeKey });
+        const result = listDecisionCandidates({
+            store: localStore,
+            sessionId,
+            scopeKey,
+            limit: payload.limit,
+            cursor: payload.cursor,
+        });
+        return budgetedLocalResponse({
+            ok: true,
+            tier: "free",
+            sessionId,
+            decisionCandidates: result.candidates,
+            nextCursor: result.nextCursor,
+        }, payload.max_chars);
+    });
+    server.tool("search_trail", "Search local signals and decisions together.", {
+        query: z.string().min(1),
+        sessionId: z.string().optional(),
+        limit: z.number().int().positive().max(100).default(25),
+        cursor: cursorSchema,
+        compact: z.boolean().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (!localStore || mode.mode === "paid")
+            return localResponse(paidFeatureNudge("search_trail"));
+        const loginRequired = requireFreeIdentity();
+        if (loginRequired)
+            return loginRequired;
+        const result = searchTrail({
+            store: localStore,
+            query: payload.query,
+            scopeKey: currentScopeKey(),
+            sessionId: payload.sessionId,
+            limit: payload.limit,
+            cursor: payload.cursor,
+            compact: payload.compact,
+        });
+        return budgetedLocalResponse({
+            ok: true,
+            tier: "free",
+            query: payload.query,
+            matches: result.matches,
+            nextCursor: result.nextCursor,
+        }, payload.max_chars);
+    });
+    server.tool("export_decisions", paidDescription("Export decisions from your workspace.", mode.mode), {
+        format: z.enum(["json", "markdown", "jsonl"]).default("json"),
+        cursor: cursorSchema,
+        limit: z.number().int().positive().max(300).optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => mode.mode === "free"
+        ? localResponse(paidFeatureNudge("export_decisions"))
+        : apiToolResponse(routeWithQuery("/api/export/timeline", {
+            format: payload.format,
+            cursor: payload.cursor,
+            limit: payload.limit ?? 50,
+            max_chars: payload.max_chars ?? 8000,
+        })));
+    server.tool("view_timeline", "View signals and decisions counts bucketed by session, day, or month.", {
+        scope: z.enum(["day", "month", "session"]).default("day"),
+        range: z.enum(["7D", "30D", "90D", "12M", "CUSTOM"]).default("30D"),
+        start: z.string().optional(),
+        end: z.string().optional(),
+        limit: z.number().int().positive().max(300).optional(),
+        outcomeId: z.string().optional(),
+        decisionStatus: z.enum(["proposed", "committed", "shipped", "abandoned"]).optional(),
+        signalSource: z.string().optional(),
+        max_chars: maxCharsSchema,
+    }, async (payload) => {
+        if (mode.mode === "paid") {
+            return apiToolResponse(routeWithQuery("/api/analytics/timeline-counts", {
+                scope: payload.scope,
+                range: payload.range,
+                start: payload.start,
+                end: payload.end,
+                limit: payload.limit,
+                outcomeId: payload.outcomeId,
+                decisionStatus: payload.decisionStatus,
+                signalSource: payload.signalSource,
+            }));
+        }
+        if (!localStore) {
+            return localToolError({
+                code: "local_store_unavailable",
+                message: "The local Ask The W store is unavailable.",
+                retryable: true,
+                hint: "Retry after restarting the plugin host.",
+            });
+        }
+        const loginRequired = requireFreeIdentity();
+        if (loginRequired)
+            return loginRequired;
+        const scopeKey = currentScopeKey();
+        const points = buildLocalTimeline({
+            scope: payload.scope,
+            signals: localStore.listSignals({ scopeKey, limit: 100000 }),
+            decisions: localStore.listDecisions({ scopeKey, limit: 100000 }),
+            limit: payload.limit,
+        });
+        const totals = points.reduce((accumulator, point) => ({
+            signals: accumulator.signals + point.signalCount,
+            decisions: accumulator.decisions + point.decisionCount,
+        }), { signals: 0, decisions: 0 });
+        return budgetedLocalResponse({
+            ok: true,
+            tier: "free",
+            scope: payload.scope,
+            period: {
+                start: points[0]?.startedAt ?? points[0]?.x ?? "",
+                end: points.at(-1)?.endedAt ?? points.at(-1)?.x ?? "",
+                label: "Local timeline",
+                tz: "UTC",
+            },
+            points,
+            totals,
+            insights: buildLocalTimelineInsights(points),
+            narrative: `Local timeline: ${totals.signals} signals, ${totals.decisions} decisions.`,
+            markdownTable: renderLocalTimelineMarkdown(points, payload.scope),
+        }, payload.max_chars);
+    });
     return server;
 }
+function renderDecisionDigest(decisions) {
+    if (decisions.length === 0) {
+        return "# Decisions\n\nNo local decisions captured yet.";
+    }
+    return [
+        "# Decisions",
+        "",
+        ...decisions.map((decision) => [`## ${decision.headline}`, `- id: ${decision.id}`, `- status: ${decision.status}`, `- created: ${decision.createdAt}`, decision.why ? `- why: ${decision.why}` : "- why: not captured"].join("\n")),
+    ].join("\n\n");
+}
+function buildSessionCoach(input) {
+    const verificationCount = input.signals.filter((signal) => signal.kind === "verification_result").length;
+    const implementationCount = input.signals.filter((signal) => signal.kind === "implementation_update").length;
+    const directionCount = input.signals.filter((signal) => signal.kind === "direction_change").length;
+    const finalSummaryCount = input.signals.filter((signal) => signal.kind === "final_summary").length;
+    const decisionCount = input.decisions.length;
+    const hasVerification = verificationCount > 0;
+    const hasDecision = decisionCount > 0;
+    const hasDirection = directionCount > 0;
+    const qualityScore = Math.max(0, Math.min(100, 35 +
+        Math.min(25, decisionCount * 12) +
+        (hasVerification ? 25 : 0) +
+        (hasDirection ? 10 : 0) -
+        Math.max(0, implementationCount - decisionCount) * 3));
+    const failureMode = implementationCount >= 3 && verificationCount === 0
+        ? `You captured ${implementationCount} implementation updates but no verification_result; run one check and capture it before ending.`
+        : input.signals.length >= 6 && finalSummaryCount === 0
+            ? `You captured ${input.signals.length} signals but no final_summary; close the session with the outcome and remaining risk.`
+            : decisionCount === 0 && directionCount > 0
+                ? "Direction changed, but no decision was captured; promote the clearest direction_change signal."
+                : null;
+    const biggestGap = failureMode ?? (!hasDecision
+        ? "Promote the clearest captured signal into a decision before the trail goes stale."
+        : !hasVerification
+            ? "Capture one verification result so the decision trail records whether the work actually held."
+            : implementationCount > decisionCount * 3
+                ? "There are many implementation updates per decision; collapse the important why into one decision."
+                : "The trail is usable. Keep the next decision tied to a verification result.");
+    return { qualityScore, biggestGap, failureMode };
+}
+function renderSessionMarkdown(input) {
+    const counts = input.signals.reduce((accumulator, signal) => {
+        accumulator[signal.kind] = (accumulator[signal.kind] ?? 0) + 1;
+        return accumulator;
+    }, {});
+    const activeDecisions = input.decisions.filter((decision) => decision.status !== "abandoned");
+    const coaching = buildSessionCoach({
+        signals: input.signals.map((signal) => ({ ...signal, filesTouched: [], commandsRun: [] })),
+        decisions: input.decisions,
+    });
+    const lines = [
+        "# Session Review",
+        `Session: ${input.sessionId ?? "none"}`,
+        `Signals: ${input.signals.length}`,
+        `Signal kinds: ${Object.entries(counts).map(([kind, count]) => `${kind} ${count}`).join(", ") || "none"}`,
+        `Active decisions: ${activeDecisions.length}`,
+        `Coaching tip: ${coaching.biggestGap}`,
+        "",
+        "## Signals By Kind",
+        ...Object.entries(counts)
+            .sort(([left], [right]) => left.localeCompare(right))
+            .map(([kind, count]) => `- ${kind}: ${count}`),
+        "",
+        "## Decision Candidates",
+        ...(input.decisionCandidates?.length
+            ? input.decisionCandidates.slice(0, 10).map((candidate) => `- signal ${candidate.signalId}: ${candidate.summary} (${candidate.suggestedStatus})`)
+            : ["- none"]),
+        "",
+        "## Active Decisions",
+        ...(activeDecisions.length
+            ? activeDecisions.map((decision) => `- ${decision.headline} (${decision.status})${decision.why ? ` - ${decision.why}` : ""}`)
+            : ["- none"]),
+    ];
+    return lines.slice(0, 300).join("\n");
+}
+function decisionalWeight(signal) {
+    const kindWeight = signal.kind === "direction_change" ? 4 : signal.kind === "verification_result" ? 3 : signal.kind === "implementation_update" ? 2 : 1;
+    const textWeight = /\b(decid|chose|commit|reject|approve|ship|verify|blocked|risk)\b/i.test(signal.summary) ? 2 : 0;
+    return kindWeight + textWeight;
+}
+function renderRecap(input) {
+    if (input.format === "standup") {
+        const blockers = input.signals.filter((signal) => /\b(block|fail|error|risk|stuck)\b/i.test(signal.summary));
+        return [
+            "# Standup Recap",
+            "## Yesterday",
+            input.decisions.length ? `- Captured ${input.decisions.length} decisions.` : "- No decisions captured.",
+            "## Today",
+            input.signals.length ? `- Review ${input.signals.length} session signals and promote the strongest one.` : "- Capture the first useful signal.",
+            "## Blockers",
+            ...(blockers.length ? blockers.slice(0, 5).map((signal) => `- ${signal.summary}`) : ["- None captured."]),
+        ].join("\n");
+    }
+    if (input.format === "share") {
+        return [
+            "# Ask The W Session Share",
+            "",
+            `Signals captured: ${input.signals.length}`,
+            `Decisions captured: ${input.decisions.length}`,
+            "",
+            "## Highlights",
+            ...input.signals
+                .slice()
+                .sort((left, right) => decisionalWeight(right) - decisionalWeight(left))
+                .slice(0, 8)
+                .map((signal) => `- ${signal.summary}`),
+            "",
+            "_Captured by Ask The W._",
+        ].join("\n");
+    }
+    return [
+        "# Session Digest",
+        "",
+        ...input.signals
+            .slice()
+            .sort((left, right) => decisionalWeight(right) - decisionalWeight(left))
+            .slice(0, 28)
+            .map((signal, index) => `${index + 1}. [${signal.kind}] ${signal.summary}`),
+    ].join("\n").split("\n").slice(0, 30).join("\n");
+}
+function renderSessionFeed(signals) {
+    if (signals.length === 0) {
+        return "# Session\n\nNo local signals captured yet.";
+    }
+    return [
+        "# Session",
+        "",
+        ...signals.map((signal) => [
+            `## ${signal.sequence ?? signal.id}. ${signal.kind}`,
+            signal.summary,
+            `- captured: ${signal.capturedAt}`,
+            signal.filesTouched.length ? `- files: ${signal.filesTouched.join(", ")}` : "- files: none",
+            signal.commandsRun.length ? `- commands: ${signal.commandsRun.join(" | ")}` : "- commands: none",
+        ].join("\n")),
+    ].join("\n\n");
+}
+function compactSignal(signal, decision) {
+    return {
+        id: signal.id,
+        kind: signal.kind,
+        summary: signal.summary,
+        files: signal.filesTouched,
+        decisionId: decision?.id ?? null,
+    };
+}
+function decisionWithSignals(store, decision) {
+    return {
+        ...decision,
+        contributingSignals: store.listSignalsByIds(decision.sourceSignalIds),
+    };
+}
+function signalWithDecision(store, signal) {
+    const decision = store.getDecisionForSignal(signal.id);
+    return {
+        ...signal,
+        decisionId: decision?.id ?? null,
+        decision: decision
+            ? {
+                id: decision.id,
+                headline: decision.headline,
+                status: decision.status,
+                why: decision.why,
+            }
+            : null,
+    };
+}
+function candidateFromSignal(signal, linkedDecision) {
+    if (linkedDecision)
+        return null;
+    const text = [signal.summary, ...signal.evidence.map((entry) => {
+            if (entry && typeof entry === "object") {
+                const record = entry;
+                return [record.excerpt, record.diff, record.before, record.after].filter(Boolean).join(" ");
+            }
+            return String(entry ?? "");
+        })].join(" ");
+    const hasDecisionLanguage = /\b(decid(?:e|ed|ing)?|chose|choose|commit(?:ted)?|approved?|reject(?:ed)?|let'?s go with|go with|we will|we're going to|standardize|adopt|defer|drop|keep|remove|replace)\b/i.test(text);
+    if (!hasDecisionLanguage && signal.kind !== "direction_change") {
+        return null;
+    }
+    const because = /\bbecause\b/i.test(text);
+    return {
+        id: `candidate_${signal.id}`,
+        signalId: signal.id,
+        sessionId: signal.sessionId,
+        summary: signal.summary,
+        suggestedStatus: signal.kind === "verification_result" ? "shipped" : "proposed",
+        why: because ? "The signal includes an explicit because/reason clause." : "The signal uses decision language.",
+        files: signal.filesTouched,
+        capturedAt: signal.capturedAt,
+    };
+}
+function listDecisionCandidates(input) {
+    const signals = input.store.listSignals({
+        sessionId: input.sessionId ?? undefined,
+        scopeKey: input.scopeKey,
+        cursor: input.cursor,
+        limit: Math.max(1, Math.min(300, input.limit ?? 50)),
+    });
+    const candidates = signals
+        .map((signal) => candidateFromSignal(signal, input.store.getDecisionForSignal(signal.id)))
+        .filter((candidate) => Boolean(candidate));
+    return {
+        candidates,
+        nextCursor: signals.length >= (input.limit ?? 50) ? signals.at(-1)?.capturedAt ?? null : null,
+    };
+}
+function normalizedDecisionTerms(text) {
+    const stop = new Set(["the", "and", "for", "with", "this", "that", "from", "into", "keep", "use", "adopt", "remove", "drop", "replace", "defer", "ship", "commit"]);
+    return String(text ?? "")
+        .toLowerCase()
+        .replace(/[^a-z0-9\s-]/g, " ")
+        .split(/\s+/)
+        .filter((term) => term.length >= 4 && !stop.has(term));
+}
+function decisionPolarity(text) {
+    if (/\b(remove|drop|abandon|defer|reject|disable|stop|sunset|do not|don't|won't|will not)\b/i.test(text))
+        return "negative";
+    if (/\b(keep|use|adopt|enable|add|ship|commit|standardize|choose|approve|go with)\b/i.test(text))
+        return "positive";
+    return "neutral";
+}
+function detectDecisionConflicts(input) {
+    const polarity = decisionPolarity(`${input.decision.headline} ${input.decision.rawContent}`);
+    if (polarity === "neutral")
+        return [];
+    const terms = new Set(normalizedDecisionTerms(`${input.decision.headline} ${input.decision.rawContent}`));
+    if (terms.size === 0)
+        return [];
+    return input.decisions
+        .filter((prior) => prior.id !== input.decision.id)
+        .filter((prior) => !input.decision.scopeKey || prior.scopeKey === input.decision.scopeKey)
+        .map((prior) => {
+        const priorPolarity = decisionPolarity(`${prior.headline} ${prior.rawContent}`);
+        const priorTerms = normalizedDecisionTerms(`${prior.headline} ${prior.rawContent}`);
+        const overlap = priorTerms.filter((term) => terms.has(term));
+        return {
+            prior,
+            priorPolarity,
+            overlap,
+        };
+    })
+        .filter((entry) => entry.priorPolarity !== "neutral" && entry.priorPolarity !== polarity && entry.overlap.length > 0)
+        .slice(0, 3)
+        .map((entry) => ({
+        code: "possible_conflict",
+        message: `This may conflict with "${entry.prior.headline}".`,
+        conflictingDecisionId: entry.prior.id,
+        overlappingTerms: entry.overlap.slice(0, 5),
+    }));
+}
+function searchTrail(input) {
+    const terms = String(input.query ?? "")
+        .toLowerCase()
+        .split(/\s+/)
+        .filter(Boolean);
+    const limit = Math.max(1, Math.min(100, input.limit ?? 25));
+    const haystackMatches = (value) => terms.every((term) => value.toLowerCase().includes(term));
+    const signals = input.store
+        .listSignals({ scopeKey: input.scopeKey, sessionId: input.sessionId ?? undefined, cursor: input.cursor, limit: 100000 })
+        .filter((signal) => haystackMatches([
+        signal.summary,
+        signal.kind,
+        signal.filesTouched.join(" "),
+        signal.commandsRun.join(" "),
+        JSON.stringify(signal.evidence),
+        JSON.stringify(signal.metadata),
+    ].join(" ")))
+        .map((signal) => ({
+        type: "signal",
+        id: String(signal.id),
+        createdAt: signal.capturedAt,
+        score: terms.length,
+        result: input.compact ? compactSignal(signal, input.store.getDecisionForSignal(signal.id)) : signalWithDecision(input.store, signal),
+    }));
+    const decisions = input.store
+        .listDecisions({ scopeKey: input.scopeKey, sessionId: input.sessionId ?? undefined, cursor: input.cursor, limit: 100000 })
+        .filter((decision) => haystackMatches([decision.headline, decision.why ?? "", decision.rawContent, decision.files.join(" "), decision.status].join(" ")))
+        .map((decision) => ({
+        type: "decision",
+        id: decision.id,
+        createdAt: decision.createdAt,
+        score: terms.length,
+        result: input.compact
+            ? {
+                id: decision.id,
+                headline: decision.headline,
+                status: decision.status,
+                signalIds: decision.sourceSignalIds,
+            }
+            : decisionWithSignals(input.store, decision),
+    }));
+    const matches = [...signals, ...decisions]
+        .sort((left, right) => right.createdAt.localeCompare(left.createdAt))
+        .slice(0, limit);
+    return {
+        matches,
+        nextCursor: matches.length >= limit ? matches.at(-1)?.createdAt ?? null : null,
+    };
+}