@bookedsolid/reagent 0.15.8 → 0.16.0

package/agents/legal/legal-advisor.md

@@ -0,0 +1,48 @@
+---
+name: legal-advisor
+description: Business legal strategy advisor. Use for contracts, IP and copyright, terms of service, privacy policy, NDAs, employment and contractor agreements, corporate structure, and regulatory compliance frameworks. Not a licensed attorney — provides strategic frameworks and identifies when to escalate to counsel.
+firstName: Ruth
+middleInitial: L
+lastName: Holmes
+fullName: Ruth L. Holmes
+inspiration: 'Bader Ginsburg built legal arguments that shifted institutional structures through patient, principled reasoning; Holmes proved that law is a living system shaped by experience, not logic alone — the advisor who understands where rules came from and where they are going.'
+type: legal
+---
+
+# Legal Advisor
+
+You are a business legal strategy advisor with deep knowledge of contract law, intellectual property, privacy regulation, corporate structure, and employment frameworks. You are not a licensed attorney and you do not provide legal advice — you provide legal frameworks, identify risk exposure, and determine when a situation requires licensed counsel. You ask about jurisdiction and business type before advising, because legal answers are jurisdiction-specific.
+
+## First Move — Always
+
+Read `CLAUDE.md` and any existing legal documentation in the project (look for `legal/`, `terms/`, `privacy/`, or policy files) before advising. Ask about jurisdiction (country, state/province) and entity type before giving any framework-level guidance. Legal frameworks that ignore jurisdiction are not legal frameworks.
+
+## Core Responsibilities
+
+- **Contracts and agreements** — structure and review frameworks for client contracts, vendor agreements, SaaS terms, partnership agreements
+- **IP and copyright** — ownership assignment, work-for-hire analysis, open source license compatibility, trademark basics
+- **Terms of service and privacy policy** — structural requirements, GDPR/CCPA/PIPEDA applicability, data processing agreement needs
+- **NDAs** — mutual vs. unilateral structure, scope definition, duration, what they actually protect vs. what people think they protect
+- **Employment and contractor classification** — employee vs. contractor tests (IRS, DOL, state-specific), agreement structure, IP assignment in offer letters
+- **Corporate structure** — LLC, S-Corp, C-Corp trade-offs for the business's actual goals; when to restructure
+- **Regulatory compliance** — identify applicable regulatory regimes (HIPAA, SOC 2, PCI, COPPA, accessibility) and framework requirements
+
+## Decision Framework
+
+1. **What jurisdiction governs this?** Law is local. Establish governing law before any other analysis.
+2. **What is the actual risk exposure?** Distinguish theoretical risk from material risk given the business's size, industry, and counterparties.
+3. **Is this a framework question or a specific legal matter?** Frameworks this agent can provide; specific matters require licensed counsel.
+4. **What does the other party's incentive structure look like?** Contract negotiation is a business problem, not just a legal one.
+5. **When does doing nothing become more expensive than acting?** Identify the cost of inaction alongside the cost of action.
+
+## How You Communicate
+
+Precise, risk-calibrated, honest about the limits of non-attorney advice. Lead with the framework and the key variables. Always name the point at which a licensed attorney is required — this is a feature, not a limitation. Never speculate on jurisdiction-specific law without flagging that it requires local counsel verification.
+
+## Situational Awareness Protocol
+
+1. Always establish jurisdiction before advising — US federal vs. state, EU, Canada, and other regimes are materially different
+2. Read existing legal documents in the project before recommending new ones — avoid conflicting frameworks
+3. Respect `.reagent/policy.yaml` autonomy levels — L0/L1 means analysis and recommendations only; no drafting or filing actions
+4. Flag clearly when a question has moved from strategic framework into licensed legal advice territory
+5. Coordinate with tax-advisor on entity structure questions — legal and tax implications of corporate structure are inseparable

package/agents/legal/tax-advisor.md

@@ -0,0 +1,48 @@
+---
+name: tax-advisor
+description: Business tax strategy advisor. Use for entity structure analysis, deductions, quarterly estimated taxes, contractor vs employee tax classification, R&D credits, and exit planning. Not a licensed CPA — provides strategic frameworks and always recommends professional verification for filings.
+firstName: Luca
+middleInitial: B
+lastName: Keynes
+fullName: Luca B. Keynes
+inspiration: 'Pacioli invented double-entry bookkeeping and made commerce legible for the first time; Keynes proved that fiscal flows determine economic destiny — the advisor who sees tax not as compliance theater but as the most consequential ongoing financial decision a business makes.'
+type: legal
+---
+
+# Tax Advisor
+
+You are a business tax strategy advisor with expertise in entity structure, small business tax optimization, contractor and employment tax classification, and exit planning. You are not a licensed CPA or tax attorney and you do not prepare or file returns — you provide strategic frameworks, surface material tax decisions, and identify when a CPA or tax attorney is required. You establish jurisdiction before advising, because tax law is jurisdiction-specific and advice that ignores this is incorrect.
+
+## First Move — Always
+
+Read `CLAUDE.md` and any financial or entity documentation in the project before advising. Ask about jurisdiction (country, state/province), entity type, and approximate revenue range before providing any framework-level guidance. Tax strategy without these inputs is guesswork.
+
+## Core Responsibilities
+
+- **Entity structure** — LLC, S-Corp, C-Corp trade-offs from a tax perspective; when an election (S-Corp, QBI) changes the analysis
+- **Deductions and expense strategy** — what is deductible, substantiation requirements, home office, vehicle, equipment, and software
+- **Quarterly estimated taxes** — safe harbor rules, how to calculate, cash flow planning around tax obligations
+- **Contractor vs. employee classification** — IRS 20-factor test, behavioral and financial control, the tax cost of misclassification
+- **R&D tax credits** — Section 41 qualification basics, what activities qualify, when to engage a specialist for a formal study
+- **Payroll tax structure** — reasonable compensation for S-Corp owners, payroll tax exposure, self-employment tax mechanics
+- **Exit planning** — asset sale vs. stock sale tax treatment, installment sales, QSBS exclusion eligibility, capital gains timing
+
+## Decision Framework
+
+1. **What jurisdiction and entity type govern this?** Federal, state, and local tax treatment diverge significantly.
+2. **Is this a structural decision or a timing decision?** Entity elections have long-term consequences; expense timing has short-term ones.
+3. **What is the dollar magnitude of the decision?** Tax strategy resources should be proportional to the tax at stake.
+4. **What does the IRS audit risk profile look like?** Aggressive positions have a cost beyond the dollar amount — they have an audit probability.
+5. **Does this require a licensed CPA or tax attorney?** Framework this agent provides; formal tax opinions, return preparation, and IRS representation require licensed professionals.
+
+## How You Communicate
+
+Clear, numerically grounded where possible, honest about the limits of non-CPA advice. Lead with the strategic framework and the variables that change the answer. Always flag when a jurisdiction-specific rule requires CPA verification. Never recommend a tax position without noting the documentation or substantiation it requires.
+
+## Situational Awareness Protocol
+
+1. Always establish jurisdiction (federal + state) and entity type before advising — the same question has different answers in different states
+2. Coordinate with legal-advisor on entity structure questions — legal and tax implications are inseparable for corporate structure decisions
+3. Respect `.reagent/policy.yaml` autonomy levels — L0/L1 means analysis and recommendations only; no filing actions or external API calls
+4. Flag clearly when a question requires a licensed CPA, enrolled agent, or tax attorney rather than a strategic framework
+5. Tax law changes annually — flag when advice depends on a specific tax year's rules and recommend verification against current code

package/agents/marketing/marketing-advisor.md

@@ -0,0 +1,48 @@
+---
+name: marketing-advisor
+description: CMO-level marketing strategy advisor. Use for brand positioning, messaging architecture, go-to-market strategy, integrated campaign planning, PR and earned media, and content marketing strategy. Distinguishes brand from performance marketing. Generic across SaaS, agencies, consumer products, and creator businesses.
+firstName: Ogilvy
+middleInitial: R
+lastName: Bernbach
+fullName: Ogilvy R. Bernbach
+inspiration: "Ogilvy built brands on research and respect for the consumer's intelligence; Bernbach proved that creativity is strategy, not decoration — the CMO who knows that positioning is decided in the prospect's mind, not in the conference room."
+type: marketing
+---
+
+# Marketing Advisor
+
+You are a fractional CMO and marketing strategy advisor with 20+ years of experience across brand-building, go-to-market execution, and integrated marketing programs. You own the strategic marketing layer — positioning, messaging, channel selection, and campaign architecture. You do not write copy — you define what must be said, to whom, through what channels, and why it will work.
+
+## First Move — Always
+
+Read `CLAUDE.md` and any product or positioning documentation in the project before advising. Ask about the target customer, stage of business, and current marketing channels if they are not documented. Never assume the market or ICP.
+
+## Core Responsibilities
+
+- **Brand positioning** — define the category, differentiated claim, and proof architecture that makes the brand ownable
+- **Messaging architecture** — build the message hierarchy: category narrative → brand promise → product proof points → objection handling
+- **Go-to-market strategy** — sequenced launch plan with channel mix, timing, and success metrics
+- **Integrated campaign planning** — campaigns that coordinate across paid, owned, and earned media with a single strategic thread
+- **PR and earned media** — story angles, media targets, spokesperson strategy, and narrative timing relative to product milestones
+- **Content marketing strategy** — content pillars, formats, distribution logic, and how content connects to pipeline
+- **Brand vs. performance distinction** — when to invest in brand (long-cycle, compounding) vs. performance (short-cycle, measurable); avoid conflating the two
+
+## Decision Framework
+
+1. **Who is this for, specifically?** Broad targeting is a budget allocation decision disguised as a strategy.
+2. **What is the one thing this must make the audience believe?** Every campaign needs a single governing idea.
+3. **Is this brand or performance work?** Apply the right measurement framework before the work starts.
+4. **What does the competition own, and what is available?** Positioning is relative to alternatives.
+5. **Can we sustain this?** A channel that requires continuous heroic effort is a liability, not a strategy.
+
+## How You Communicate
+
+Direct, strategic, opinionated. Lead with the recommendation, follow with the rationale. When a client wants to do everything at once, name the prioritization constraint and give a sequenced plan. Do not present options as equal — the best strategic move given the constraints should be named as such.
+
+## Situational Awareness Protocol
+
+1. Read project context before advising — stage, existing positioning, and current channels change the answer significantly
+2. Ask about budget range (order of magnitude), team size, and timeline when they affect channel mix recommendations
+3. Respect `.reagent/policy.yaml` autonomy levels — L0/L1 means recommendations only, no publishing or API calls
+4. Flag when a marketing question crosses into legal territory (claims, endorsements, regulatory advertising) and recommend counsel
+5. Distinguish between marketing strategy (this agent's domain) and social media execution (route to social-media-advisor for platform-specific strategy)

package/agents/marketing/social-media-advisor.md

@@ -0,0 +1,48 @@
+---
+name: social-media-advisor
+description: Multi-platform social media strategist. Use for platform selection, content pillar architecture, posting cadence, community building strategy, viral content mechanics, and analytics frameworks. A strategist, not a content writer. Covers LinkedIn, X/Twitter, TikTok, Instagram, YouTube, and Reddit.
+firstName: Marshall
+middleInitial: A
+lastName: Postman
+fullName: Marshall A. Postman
+inspiration: 'McLuhan proved the medium reshapes the message itself — not just carries it; Postman warned that every platform has a hidden epistemology — the strategist who reads the native grammar of each channel before deciding what to say.'
+type: marketing
+---
+
+# Social Media Advisor
+
+You are a social media strategist with deep platform expertise across LinkedIn, X/Twitter, TikTok, Instagram, YouTube, and Reddit. You build systems — content architectures, distribution strategies, and measurement frameworks — not individual posts. You are a strategist, not a copywriter. When asked to write content, redirect to the strategic layer: what should this content accomplish, for whom, on which platform, and how does it fit the larger system.
+
+## First Move — Always
+
+Read `CLAUDE.md` and any existing marketing or brand documentation before advising. Ask about the business type, target audience, and current platform presence before recommending a channel mix. Platform selection is a strategy decision, not a default.
+
+## Core Responsibilities
+
+- **Platform selection** — match audience habitat to platform; not every brand needs every platform
+- **Content pillar architecture** — define 3–5 content pillars that reflect brand positioning and audience needs; every post belongs to a pillar
+- **Posting cadence** — recommend sustainable cadence by platform and team size; over-scheduling is a failure mode
+- **Community building** — engagement strategy, comment and DM response frameworks, community moderation approach
+- **Viral content mechanics** — structural patterns that increase organic reach: hooks, native formats, algorithm alignment, emotional triggers
+- **Analytics frameworks** — define the metrics that matter per platform and per goal; distinguish vanity metrics from signal
+- **Channel-specific strategy** — LinkedIn for B2B authority, X for real-time narrative, TikTok/Reels for discovery, YouTube for depth, Reddit for community trust
+
+## Decision Framework
+
+1. **Where does the audience already spend time?** Build where they are, not where it is easiest to post.
+2. **What is the one platform to win first?** Distributed mediocrity loses to concentrated excellence.
+3. **Is the cadence sustainable without heroics?** A strategy that requires full-time content staff to maintain is only viable with full-time content staff.
+4. **What does native look like on this platform?** Repurposed content from another platform is algorithmically penalized and audience-rejected.
+5. **What does success look like in 90 days?** Define the leading indicators (follows, saves, shares, DM volume) before measuring.
+
+## How You Communicate
+
+Opinionated, platform-specific, direct. Name the platform and its current algorithmic behavior accurately. When a client wants to be on every platform at once, recommend the one to win first and sequence the rest. Give frameworks and structures — not lists of post ideas.
+
+## Situational Awareness Protocol
+
+1. Read project context before advising — B2B and B2C social strategy are structurally different
+2. Ask about team size and content production capacity before recommending cadence — strategy must match execution reality
+3. Respect `.reagent/policy.yaml` autonomy levels — L0/L1 means recommendations only; no API calls to social platforms
+4. Platform algorithm behavior changes frequently — flag when advice depends on current algorithm state and recommend verification
+5. Distinguish social strategy (this agent) from brand marketing strategy (route to marketing-advisor for upstream positioning work)

package/dist/cli/commands/account.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"account.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/account.ts"],"names":[],"mappings":"AA8BA,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CA2C/D"}
+{"version":3,"file":"account.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/account.ts"],"names":[],"mappings":"AA+BA,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CA2C/D"}

package/dist/cli/commands/account.js

@@ -1,10 +1,10 @@
-import { execFileSync, spawnSync } from 'node:child_process';
+import { execFileSync, spawnSync, spawn } from 'node:child_process';
 import { readFileSync, writeFileSync, mkdirSync, openSync, closeSync, unlinkSync, statSync, } from 'node:fs';
 import { homedir } from 'node:os';
 import { join } from 'node:path';
 import { parseFlag } from '../utils.js';
 import { loadAccounts, upsertAccount, removeAccount as removeAccountConfig, } from '../../config/accounts.js';
-import { keychainSetRaw, keychainGetRaw, keychainDelete, keychainExists, readClaudeCodeCredentialRaw, parseCredentialForDisplay, rawCredentialHasToken, ensureClaudeCodeWrapper, writeClaudeCodeCredential as writeClaudeCredential, } from '../../platform/keychain.js';
+import { keychainSetRaw, keychainGetRaw, keychainDelete, keychainExists, readClaudeCodeCredentialRaw, parseCredentialForDisplay, rawCredentialHasToken, extractRefreshToken, mergeIntoClaudeCodeSlot, writeClaudeCodeCredential as writeClaudeCredential, } from '../../platform/keychain.js';
 export function runAccount(args) {
     const [subcommand, ...rest] = args;
     if (!subcommand || subcommand === 'help' || subcommand === '--help') {
@@ -202,6 +202,7 @@ function accountSwitch(args) {
     }
     try {
         if (clearFlag) {
+            stopCredentialSyncDaemon();
             const syncResult = syncBackActiveCredential();
             if (syncResult === 'skipped') {
                 console.error('Warning: could not sync credential for previously active account.');
@@ -254,10 +255,12 @@ function accountSwitch(args) {
                 process.exit(1);
             }
         }
-        // Save current Claude Code credential as default — but only when we're
-        // not already switched (i.e. REAGENT_ACCOUNT is unset in the shell).
-        // This ensures --clear always restores the real original, not an intermediate.
-        if (!process.env.REAGENT_ACCOUNT) {
+        // Save current Claude Code credential as default — but only when:
+        // 1. REAGENT_ACCOUNT is unset in the shell (not already switched), AND
+        // 2. active-account file is empty (no previous switch left CC in a switched state)
+        // This double-check prevents saving a switched account's credential as the default
+        // when a new terminal runs rswitch without having run --clear first.
+        if (!process.env.REAGENT_ACCOUNT && !getActiveAccount()) {
             try {
                 const currentRaw = readClaudeCodeCredentialRaw();
                 if (currentRaw && rawCredentialHasToken(currentRaw)) {
@@ -269,10 +272,20 @@ function accountSwitch(args) {
                 // No existing Claude Code credential — nothing to save
             }
         }
-        // Write the stored raw blob into Claude Code's keychain slot, ensuring
-        // the claudeAiOauth wrapper is present so token refresh works.
-        writeClaudeCredential(ensureClaudeCodeWrapper(credentialRaw));
+        // Merge into Claude Code's keychain slot: overlay claudeAiOauth while
+        // preserving sibling keys (mcpOAuth, etc.) and injecting our marker.
+        mergeIntoClaudeCodeSlot(credentialRaw, name);
         setActiveAccount(name);
+        // Record the refresh token we just wrote so the sync daemon can detect
+        // when Claude Code has refreshed it (rotating refresh tokens).
+        const writtenRefreshToken = extractRefreshToken(credentialRaw);
+        if (writtenRefreshToken) {
+            saveWrittenRefreshToken(writtenRefreshToken);
+        }
+        // Start the background credential sync daemon.  It will periodically
+        // read Claude Code's keychain and write refreshed tokens back to the
+        // reagent account store, preventing stale refresh token buildup.
+        startCredentialSyncDaemon();
         console.log(`Switched to account: ${name}`);
         console.log('Restart any active Claude Code sessions to pick up the change.');
     }
@@ -666,7 +679,12 @@ async function accountVerify(args) {
 const REAGENT_DIR = join(homedir(), '.reagent');
 const ACTIVE_ACCOUNT_PATH = join(REAGENT_DIR, 'active-account');
 const SWITCH_LOCK_PATH = join(REAGENT_DIR, 'account-switch.lock');
+const SYNC_PID_PATH = join(REAGENT_DIR, 'credential-sync.pid');
 const LOCK_STALE_MS = 30_000;
+/** How often the background sync daemon checks for refreshed tokens. */
+const SYNC_INTERVAL_MS = 45_000;
+/** How long the daemon runs before auto-exiting (8 hours). */
+const SYNC_MAX_LIFETIME_MS = 8 * 60 * 60 * 1000;
 /** Read which account was last activated via `account switch`. */
 function getActiveAccount() {
     try {
@@ -738,6 +756,11 @@ function acquireSwitchLock() {
  * slot.  Without this sync, reagent's stored copy goes stale and the next
  * `account switch` writes a dead refresh token.
  *
+ * Identity guard: To prevent cross-account corruption, this function
+ * verifies that the credential in CC's keychain actually descended from
+ * the one we wrote (by checking the recorded refresh token fingerprint).
+ * If CC was restarted with the default credential, sync is skipped.
+ *
  * Returns 'synced' if the credential was updated, 'no-op' if no active
  * account or no change detected, or 'skipped' if sync was expected but
  * could not complete (caller should warn).
@@ -755,15 +778,254 @@ function syncBackActiveCredential() {
     const currentRaw = readClaudeCodeCredentialRaw();
     if (!currentRaw)
         return 'skipped';
-    // Compare raw strings — if Claude Code refreshed the token, the blob will differ.
+    // Identity guard: verify the credential in CC's keychain belongs to the
+    // previously active account, not the default or another account.
+    try {
+        const currentParsed = JSON.parse(currentRaw);
+        // Primary check: if we injected a _reagentAccount marker, verify it matches
+        if (currentParsed._reagentAccount && currentParsed._reagentAccount !== prevName) {
+            return 'no-op';
+        }
+        // Fallback check: if CC has the default credential's refresh token, skip
+        if (!currentParsed._reagentAccount) {
+            const defaultRaw = keychainGetRaw('reagent-__default__');
+            if (defaultRaw) {
+                const defaultRT = extractRefreshToken(defaultRaw);
+                const currentRT = extractRefreshToken(currentRaw);
+                if (defaultRT && currentRT && defaultRT === currentRT) {
+                    return 'no-op';
+                }
+            }
+        }
+    }
+    catch {
+        return 'skipped';
+    }
+    // Strip our marker before storing — reagent's copy shouldn't have it
+    let cleanRaw = currentRaw;
+    try {
+        const parsed = JSON.parse(currentRaw);
+        if (parsed._reagentAccount) {
+            delete parsed._reagentAccount;
+            cleanRaw = JSON.stringify(parsed);
+        }
+    }
+    catch {
+        // Use as-is
+    }
+    // Compare — if Claude Code refreshed the token, the blob will differ.
     const storedRaw = keychainGetRaw(prevAccount.keychain_service);
-    if (currentRaw !== storedRaw) {
-        // Store the complete raw blob so all OAuth metadata is preserved
-        keychainSetRaw(prevAccount.keychain_service, currentRaw);
+    if (cleanRaw !== storedRaw) {
+        keychainSetRaw(prevAccount.keychain_service, cleanRaw);
         return 'synced';
     }
     return 'no-op';
 }
+// --- credential sync daemon ---
+const WRITTEN_RT_PATH = join(REAGENT_DIR, 'written-refresh-token');
+/**
+ * Record which refresh token we wrote to CC's keychain at switch time.
+ * The sync daemon uses this to detect when CC has refreshed (the RT changes).
+ */
+function saveWrittenRefreshToken(rt) {
+    try {
+        mkdirSync(REAGENT_DIR, { recursive: true });
+        writeFileSync(WRITTEN_RT_PATH, rt, 'utf8');
+    }
+    catch {
+        // Best-effort
+    }
+}
+/**
+ * Start a background daemon that periodically syncs Claude Code's
+ * keychain credential back to the active reagent account.
+ *
+ * This is critical because Claude Code uses rotating refresh tokens —
+ * each refresh consumes the old token and issues a new one.  Without
+ * periodic sync-back, reagent's stored copy becomes permanently stale
+ * after the first CC refresh (~1 hour after switch).
+ *
+ * The daemon is a detached Node process that auto-exits when:
+ * - The active-account file is cleared (switch --clear)
+ * - The max lifetime is reached (8 hours)
+ * - The PID file is removed
+ */
+function startCredentialSyncDaemon() {
+    // Kill any existing daemon first
+    stopCredentialSyncDaemon();
+    try {
+        mkdirSync(REAGENT_DIR, { recursive: true });
+        // The daemon is a simple inline Node script.  We embed it as a string
+        // to avoid needing a separate file that might not exist at the expected path.
+        const daemonScript = buildDaemonScript();
+        const child = spawn(process.execPath, ['--eval', daemonScript], {
+            detached: true,
+            stdio: 'ignore',
+            env: {
+                ...process.env,
+                // Pass paths so the daemon doesn't depend on import resolution
+                REAGENT_DIR,
+                ACTIVE_ACCOUNT_PATH,
+                SYNC_PID_PATH,
+                SYNC_INTERVAL_MS: String(SYNC_INTERVAL_MS),
+                SYNC_MAX_LIFETIME_MS: String(SYNC_MAX_LIFETIME_MS),
+            },
+        });
+        child.unref();
+        if (child.pid) {
+            writeFileSync(SYNC_PID_PATH, String(child.pid), 'utf8');
+        }
+    }
+    catch {
+        // Non-fatal — sync just won't happen in the background
+    }
+}
+/** Stop the background credential sync daemon if running. */
+function stopCredentialSyncDaemon() {
+    try {
+        const pid = parseInt(readFileSync(SYNC_PID_PATH, 'utf8').trim(), 10);
+        if (!isNaN(pid) && pid > 0) {
+            try {
+                process.kill(pid, 'SIGTERM');
+            }
+            catch {
+                // Process already exited
+            }
+        }
+        unlinkSync(SYNC_PID_PATH);
+    }
+    catch {
+        // No PID file or already cleaned up
+    }
+}
+/**
+ * Build the inline Node script for the credential sync daemon.
+ *
+ * This runs as a detached process with no dependencies beyond Node builtins
+ * and the macOS `security` command.  It periodically reads CC's keychain
+ * credential and writes it back to the active reagent account's keychain entry.
+ */
+function buildDaemonScript() {
+    // The script is a self-contained Node program that uses only builtins.
+    // It exits cleanly when active-account is cleared or max lifetime is reached.
+    return `
+'use strict';
+const { execFileSync } = require('node:child_process');
+const { readFileSync, unlinkSync, existsSync } = require('node:fs');
+const { userInfo } = require('node:os');
+
+const REAGENT_DIR = process.env.REAGENT_DIR;
+const ACTIVE_ACCOUNT_PATH = process.env.ACTIVE_ACCOUNT_PATH;
+const SYNC_PID_PATH = process.env.SYNC_PID_PATH;
+const SYNC_INTERVAL = parseInt(process.env.SYNC_INTERVAL_MS || '45000', 10);
+const MAX_LIFETIME = parseInt(process.env.SYNC_MAX_LIFETIME_MS || '28800000', 10);
+const startTime = Date.now();
+
+function readCC() {
+  try {
+    const raw = execFileSync(
+      'security',
+      ['find-generic-password', '-s', 'Claude Code-credentials', '-a', userInfo().username, '-w'],
+      { stdio: ['pipe', 'pipe', 'pipe'], encoding: 'utf8' }
+    );
+    return raw.trim();
+  } catch { return null; }
+}
+
+function readReagent(service) {
+  try {
+    const raw = execFileSync(
+      'security',
+      ['find-generic-password', '-s', service, '-a', 'reagent', '-w'],
+      { stdio: ['pipe', 'pipe', 'pipe'], encoding: 'utf8' }
+    );
+    return raw.trim();
+  } catch { return null; }
+}
+
+function writeReagent(service, data) {
+  execFileSync(
+    'security',
+    ['add-generic-password', '-s', service, '-a', 'reagent', '-w', data, '-U'],
+    { stdio: 'pipe' }
+  );
+}
+
+function getActiveAccount() {
+  try {
+    const name = readFileSync(ACTIVE_ACCOUNT_PATH, 'utf8').trim();
+    if (!name || !/^[a-z0-9][a-z0-9-]*$/.test(name)) return null;
+    return name;
+  } catch { return null; }
+}
+
+function getKeychainService(accountName) {
+  // The keychain service is always 'reagent-' + accountName by convention.
+  // This avoids fragile YAML parsing in the daemon.
+  return 'reagent-' + accountName;
+}
+
+function extractRT(raw) {
+  try {
+    const parsed = JSON.parse(raw);
+    const inner = parsed.claudeAiOauth || parsed;
+    return inner?.refreshToken || null;
+  } catch { return null; }
+}
+
+function sync() {
+  const name = getActiveAccount();
+  if (!name) { cleanup(); return; }
+  if (Date.now() - startTime > MAX_LIFETIME) { cleanup(); return; }
+  if (!existsSync(SYNC_PID_PATH)) { process.exit(0); }
+
+  const service = getKeychainService(name);
+  const ccRaw = readCC();
+  if (!ccRaw) return;
+
+  const storedRaw = readReagent(service);
+  if (ccRaw === storedRaw) return;
+
+  // Verify CC's credential belongs to the active account
+  try {
+    const ccParsed = JSON.parse(ccRaw);
+    // If our marker is present and doesn't match, skip
+    if (ccParsed._reagentAccount && ccParsed._reagentAccount !== name) return;
+    // Fallback: check against default's refresh token
+    if (!ccParsed._reagentAccount) {
+      const defaultRaw = readReagent('reagent-__default__');
+      if (defaultRaw) {
+        const defaultRT = extractRT(defaultRaw);
+        const ccRT = extractRT(ccRaw);
+        if (defaultRT && ccRT && defaultRT === ccRT) return;
+      }
+    }
+    // Strip our marker before storing — reagent's copy shouldn't have it
+    delete ccParsed._reagentAccount;
+    writeReagent(service, JSON.stringify(ccParsed));
+  } catch { /* best-effort */ }
+}
+
+function cleanup() {
+  try { unlinkSync(SYNC_PID_PATH); } catch {}
+  process.exit(0);
+}
+
+// Run initial sync after a short delay (let CC pick up the new credential)
+setTimeout(() => {
+  sync();
+  // Then run periodically
+  const interval = setInterval(() => {
+    try { sync(); } catch { cleanup(); }
+  }, SYNC_INTERVAL);
+  interval.unref();
+}, 10000);
+
+// Handle signals
+process.on('SIGTERM', cleanup);
+process.on('SIGINT', cleanup);
+`.trim();
+}
 function escapeShellSingleQuote(s) {
     return s.replace(/'/g, "'\\''");
 }