@cgh567/agent 2.4.2 → 2.4.4

package/daemon/lib/session-log-reader.js

@@ -0,0 +1,93 @@
+'use strict';
+
+const path = require('path');
+const os = require('os');
+
+/**
+ * SessionLogReader — reads OpenCode session logs from opencode.db
+ * to reconstruct agent decision traces for HED audit.
+ * Uses better-sqlite3 (already a dependency via daemon) for read-only access.
+ */
+
+// OpenCode stores sessions at platform-specific paths:
+//   Linux/WSL: ~/.local/share/opencode/opencode.db
+//   macOS:     ~/Library/Application Support/opencode/opencode.db
+//   Windows:   %APPDATA%\opencode\opencode.db
+function getOpenCodeDbPath() {
+  if (process.platform === 'linux') {
+    return path.join(os.homedir(), '.local', 'share', 'opencode', 'opencode.db');
+  }
+  if (process.platform === 'darwin') {
+    return path.join(os.homedir(), 'Library', 'Application Support', 'opencode', 'opencode.db');
+  }
+  return path.join(os.homedir(), 'AppData', 'Local', 'opencode', 'opencode.db');
+}
+
+async function readSessionLog(sessionKey) {
+  if (!sessionKey) return [];
+  let Database;
+  try {
+    Database = require('better-sqlite3');
+  } catch {
+    console.warn('[session-log-reader] better-sqlite3 not available — cannot read session log');
+    return [];
+  }
+  const dbPath = getOpenCodeDbPath();
+  let db;
+  try {
+    db = new Database(dbPath, { readonly: true, fileMustExist: true });
+  } catch (err) {
+    console.warn('[session-log-reader] cannot open opencode.db:', err.message);
+    return [];
+  }
+  try {
+    const messages = db.prepare(
+      `SELECT role, content, created_at FROM messages WHERE session_id = ? ORDER BY created_at ASC`
+    ).all(sessionKey);
+    return messages.map((m, i) => ({
+      index: i,
+      role: m.role,
+      content: typeof m.content === 'string' ? m.content : JSON.stringify(m.content),
+      createdAt: m.created_at
+    }));
+  } catch (err) {
+    console.warn('[session-log-reader] query failed:', err.message);
+    return [];
+  } finally {
+    db.close();
+  }
+}
+
+// Classify messages into XEPV sequence: eXplore, Execute, Plan, Verify
+function classifyXEPV(messages) {
+  return messages.map(m => {
+    const content = m.content || '';
+    // Tool calls in content indicate action type
+    if (content.includes('"edit"') || content.includes('"write"')) return { ...m, xepv: 'X_Execute' };
+    if (content.includes('"read"') || content.includes('"grep"') || content.includes('"search_codebase"') || content.includes('"glob"')) return { ...m, xepv: 'X_Explore' };
+    if (content.includes('"bash"') && (content.includes('test') || content.includes('vitest') || content.includes('grep -n'))) return { ...m, xepv: 'X_Verify' };
+    if (m.role === 'assistant' && (content.includes('plan') || content.includes('approach') || content.includes('strategy') || content.includes('first'))) return { ...m, xepv: 'X_Plan' };
+    return { ...m, xepv: 'X_Unknown' };
+  });
+}
+
+// Find the branch point where the agent deviated from the declared target
+function findBranchPoint(xepvMessages, opTarget) {
+  const exploreBeforeExecute = xepvMessages.filter(m => m.xepv === 'X_Explore');
+  for (const msg of exploreBeforeExecute) {
+    // If the agent explored files NOT in the declared target, that's the branch point
+    if (opTarget && !msg.content.includes(opTarget)) {
+      return { message: msg, reason: `Agent explored ${msg.content.slice(0, 200)} instead of declared target ${opTarget}` };
+    }
+  }
+  return null;
+}
+
+// Compute P-ratio: plan steps vs execution steps
+function computePRatio(xepvMessages) {
+  const plan = xepvMessages.filter(m => m.xepv === 'X_Plan').length;
+  const execute = xepvMessages.filter(m => m.xepv === 'X_Execute').length;
+  return { planSteps: plan, executeSteps: execute, ratio: execute > 0 ? plan / execute : plan };
+}
+
+module.exports = { readSessionLog, classifyXEPV, findBranchPoint, computePRatio };

package/daemon/lib/standard-work-bootstrap.js

@@ -106,7 +106,93 @@ const PROVISIONAL_WORK = [
     ],
     qualityCriteria: ['Body updated with completion summary.'],
     escalationTriggers: ['Task request is ambiguous — set andoning=true, andonCategory=ambiguous_instruction.']
-  }
+  },
+  {
+    taskOriginKind: 'harada_l2_research',
+    agentId: 'any',
+    estimatedDurationMs: 600_000,
+    p90DurationMs: 1_200_000,
+    steps: [
+      '1. Read your task body carefully — it contains the GoalResearchBrief, pillar domain, and CEO critique from the previous round (if any).',
+      '2. Read the full GoalPillar node for your assigned pillar using GET /api/hbo/mandala?companyId=<cid>.',
+      '3. Perform a SearXNG web search: "<pillar.name> <company domain> strategy best practices 2024 2025".',
+      '4. Query Memgraph for existing memory on this pillar: MATCH (p:GoalPillar {id: $pillarId})-[:HAS_FACT]->(f:KeyFact) RETURN f.text LIMIT 10.',
+      '5. Cross-reference the GoalResearchBrief tournament winner with your search results.',
+      '6. Synthesise a 50-word purpose statement for this pillar anchored to the company goal.',
+      '7. Choose a strategy direction in ≤20 chars (e.g., "Land & Expand", "Cost Leadership").',
+      '8. Define 3 key actions the company must execute over the next 90 days for this pillar.',
+      '9. If a CEO critique was provided in the task body, explicitly address each point.',
+      '10. Submit: POST /api/hbo/pillar/{pillarId}/l2content with { l2Strategy, l2Content, l2ReviewStatus: "pending_review" }.',
+      '11. Write a one-sentence completion summary in your task result.',
+    ],
+    qualityCriteria: [
+      'l2Strategy is ≤20 characters and is a recognisable strategic archetype.',
+      'l2Content directly references the GoalResearchBrief tournament winner.',
+      'All three 90-day actions are specific and measurable.',
+      'CEO critique (if present) is explicitly addressed point-by-point.',
+    ],
+  },
+  {
+    taskOriginKind: 'harada_l2_review',
+    agentId: 'any_ceo',
+    estimatedDurationMs: 120_000,
+    p90DurationMs: 300_000,
+    steps: [
+      '1. Read the GoalPillar l2Content and l2Strategy for the pillar under review.',
+      '2. Read the GoalResearchBrief tournament winner for context.',
+      '3. Evaluate against three criteria: (a) Does the strategy align with the company goal? (b) Does l2Content reference the tournament winner? (c) Are the 90-day actions specific and measurable?',
+      '4. If l2ReviewCycles >= 2: escalate with AnomalySignal (harada_cascade_blocked) instead of requesting another revision.',
+      '5. Verdict PASS: POST /api/hbo/pillar/{pillarId}/l2review with { verdict: "pass", reviewCritique: "<one sentence summary>" }.',
+      '6. Verdict FAIL: POST /api/hbo/pillar/{pillarId}/l2review with { verdict: "fail", reviewCritique: "<specific actionable critique>" }. This re-dispatches harada_l2_research with your critique in the task body.',
+    ],
+    qualityCriteria: [
+      'Verdict is exactly "pass" or "fail" — no other values.',
+      'reviewCritique is ≤100 words and is specific enough for the researcher to act on.',
+      'harada_cascade_blocked is raised when l2ReviewCycles >= 2 — never a third research pass.',
+    ],
+  },
+  {
+    taskOriginKind: 'harada_l3_research',
+    agentId: 'any',
+    estimatedDurationMs: 480_000,
+    p90DurationMs: 900_000,
+    steps: [
+      '1. Read your task body — it contains the pillar l2Content, l2Strategy, action cell description, and dept head critique (if any).',
+      '2. Read the ActionCell node for context using GET /api/hbo/actioncell/{cellId}.',
+      '3. Perform a SearXNG web search: "<cell.description> <pillar.name> execution tactics implementation".',
+      '4. Focus on concrete execution tactics, not high-level strategy.',
+      '5. Query Memgraph for relevant prior work: MATCH (ac:ActionCell {id: $cellId})-[:HAS_FACT]->(f:KeyFact) RETURN f.text LIMIT 5.',
+      '6. Synthesise a ≤100-word execution plan for this action cell.',
+      '7. Ensure your plan references the pillar l2Strategy for coherence.',
+      '8. If a dept head critique was in the task body, address it explicitly.',
+      '9. Submit: POST /api/hbo/actioncell/{cellId}/l3content with { l3Content, l3ReviewStatus: "pending_review" }.',
+      '10. Write a one-sentence completion summary.',
+    ],
+    qualityCriteria: [
+      'l3Content is ≤100 words and is an execution plan, not a strategy statement.',
+      'l3Content explicitly references the pillar l2Strategy.',
+      'Dept head critique (if present) is addressed point-by-point.',
+    ],
+  },
+  {
+    taskOriginKind: 'harada_l3_review',
+    agentId: 'any',
+    estimatedDurationMs: 120_000,
+    p90DurationMs: 300_000,
+    steps: [
+      '1. Read the ActionCell l3Content for the cell under review.',
+      '2. Read the parent GoalPillar l2Strategy for alignment context.',
+      '3. Evaluate against two criteria: (a) Does l3Content align with the pillar l2Strategy? (b) Is the execution plan specific enough to guide agent task dispatch?',
+      '4. If l3ReviewCycles >= 2: escalate with harada_cascade_blocked AnomalySignal.',
+      '5. Verdict PASS: POST /api/hbo/actioncell/{cellId}/l3review with { verdict: "pass", reviewCritique: "<one sentence>" }.',
+      '6. Verdict FAIL: POST /api/hbo/actioncell/{cellId}/l3review with { verdict: "fail", reviewCritique: "<specific critique>" }.',
+    ],
+    qualityCriteria: [
+      'Verdict is exactly "pass" or "fail".',
+      'reviewCritique is ≤80 words.',
+      'harada_cascade_blocked is raised when l3ReviewCycles >= 2.',
+    ],
+  },
 ];
 
 /**

package/daemon/lib/task-completion-processor.js

@@ -1,5 +1,6 @@
 'use strict';
 const logger = require('./logger');
+const hboStore = require('../../lib/hbo-core-store');
 const { MandalaManager } = require('./harada/mandala');
 /**
  * daemon/lib/task-completion-processor.js — Task Completion → Graph Persistence Pipeline
@@ -35,9 +36,11 @@ class TaskCompletionProcessor {
   /**
    * @param {object} opts
    * @param {Function} opts.mgQuery - Memgraph query function from daemon
+   * @param {object} [opts.activityLogger] - Optional ActivityLogger for recording task.complete events
    */
   constructor(opts = {}) {
     this._mg = opts.mgQuery;
+    this.activityLogger = opts.activityLogger ?? null;
   }
 
   /**
@@ -207,6 +210,16 @@ class TaskCompletionProcessor {
           process.stderr.write('[task-completion] routineDisciplineScore increment warn: ' + (e?.message || e) + '\n');
         }
       }
+
+      // ── H-01: Record task.complete in ActivityLogger ─────────────────────────
+      this.activityLogger?.record({
+        action: 'task.complete',
+        actor: agentId,
+        entityId: taskId,
+        companyId: companyId,
+        outcome: exitCode === 0 ? 'success' : 'error',
+        meta: { exitCode, originKind },
+      });
     } catch (err) {
       // Non-fatal — log but don't fail the task completion
       process.stdout.write(JSON.stringify({
@@ -259,6 +272,16 @@ class TaskCompletionProcessor {
        SET t.resultSummary = $summary, t.hasFullResult = true`,
       { taskId, summary: output.slice(0, 2000) }
     );
+
+    try {
+      hboStore.updateTask?.(taskId, companyId || '', {
+        status: 'done',
+        resultSummary: output.slice(0, 2000),
+        hasFullResult: true,
+      });
+    } catch (err) {
+      logger.warn(`[completion-processor] hbo-core mirror failed for ${taskId}: ${err.message}`);
+    }
   }
 
   // ── 2. Update goal progress ───────────────────────────────────────────────────

package/daemon/lib/wizard-engine.js

@@ -26,13 +26,65 @@ const { randomUUID } = require('crypto');
 const { EventEmitter } = require('events');
 const { SIGNAL_KEY } = require('./signal-key');
 
-const { initDefaultGoal } = require('../../skills/helios-business-operator/lib/business-goal-service.js');
 const { CompanyBeliefService } = require('./company-belief-service');
+const hboStore = require('../../lib/hbo-core-store');
 
 const HELIOS_ROOT    = path.resolve(__dirname, '..', '..');
 const COMPANIES_DIR  = path.join(__dirname, '..', 'companies');
 const HELIOS_RPC_BIN = path.join(HELIOS_ROOT, 'bin', 'helios-rpc.js');
 
+async function initWizardBusinessGoal(mgQuery, companyId, goalTitle) {
+  if (!goalTitle || !goalTitle.trim()) return null;
+
+  const existing = await mgQuery(
+    `MATCH (g:BusinessGoal {level: 'company', companyId: $companyId})
+     RETURN g.id AS id, g.title AS title LIMIT toInteger(1)`,
+    { companyId }
+  );
+  const existingRows = existing?.rows || [];
+  if (existingRows.length > 0) return { created: false };
+
+  const goalId = `bg:${randomUUID()}`;
+  const title = goalTitle.trim();
+  await mgQuery(
+    `CREATE (g:BusinessGoal {
+       id: $id,
+       companyId: $companyId,
+       title: $title,
+       description: $description,
+       level: 'company',
+       status: 'active',
+       parentId: null,
+       parentGoalId: null,
+       createdAt: datetime(),
+       updatedAt: datetime()
+     })`,
+    {
+      id: goalId,
+      companyId,
+      title,
+      description: 'Top-level company objective',
+    }
+  );
+
+  try {
+    hboStore.createGoal?.({
+      id: goalId,
+      companyId,
+      title,
+      description: 'Top-level company objective',
+      level: 'company',
+      status: 'active',
+      parentId: null,
+      createdAt: Date.now(),
+    });
+  } catch (storeErr) {
+    process.stderr.write(`[wizard-engine] goal mirror failed: ${storeErr.message}\n`);
+  }
+
+  return { created: true, goalId };
+}
+
 // ── Default agent template — the 7 core HBO roles every company gets ─────────
 //
 // Skills use 'helios-business-operator' so the helios_rpc adapter runs the
@@ -916,13 +968,12 @@ class WizardEngine extends EventEmitter {
 
     await seedToMemgraph(this._mgQuery, config);
 
-    // AR-M33 FIX: Wire initDefaultGoal now that company is seeded into Memgraph.
-    // initDefaultGoal creates a BusinessGoal node (distinct from CompanyGoal) scoped
-    // to the company and links the wizard's stated goal text as the top-level objective.
+    // Create a daemon-visible BusinessGoal after CompanyGoal seeding.
+    // Uses this wizard's mgQuery path and mirrors to hbo-core.db.
     // Previously this function had zero call sites — it was dead code.
     if (goal && goal.trim()) {
       try {
-        await initDefaultGoal(companyId, goal.trim());
+        await initWizardBusinessGoal(this._mgQuery, companyId, goal.trim());
         this._emit('wizard:seed_company', {
           message: `Default BusinessGoal initialized for company "${companyId}"`,
           companyId,
@@ -930,7 +981,7 @@ class WizardEngine extends EventEmitter {
       } catch (goalErr) {
         // Non-fatal: CompanyGoal already seeded; BusinessGoal hierarchy is supplemental.
         this._emit('wizard:seed_company', {
-          message: `initDefaultGoal note: ${goalErr.message}`,
+          message: `BusinessGoal initialization note: ${goalErr.message}`,
           companyId,
         });
       }

package/daemon/package.json

@@ -22,7 +22,8 @@
   "dependencies": {
     "better-sqlite3": "^12.10.0",
     "croner": "^9.0.0",
-    "neo4j-driver": "^6.0.1"
+    "neo4j-driver": "^6.0.1",
+    "sqlite-vec": "0.1.9"
   },
   "devDependencies": {
     "tsx": "^4.22.4",

package/daemon/routes/agents.js

@@ -4,8 +4,10 @@
  * routes/agents.js — Agent-related route dispatch
  *
  * Routes handled:
- *   GET  /api/agents
- *   POST /api/agents/pause-all
+ *   GET  /api/agents                       — list all agents for a company
+ *   GET  /api/agents/:id                   — single agent detail (P7-A1)
+ *   GET  /api/agents/:id/runs              — HeartbeatRun history (P7-A2)
+ *   POST /api/agents/pause-all             — pause all agents (handled by hbo.js; stubbed here)
  *   POST /api/agents/:id/sync-skills
  *   POST /api/agents/:id/approve
  *   POST /api/agents/:id/terminate
@@ -14,7 +16,8 @@
  */
 
 module.exports = function createAgentsRouter(handlers) {
-  const { handleGetAgents, handleSyncSkills, handleApproveAgent, handleTerminateAgent,
+  const { handleGetAgents, handleGetAgent, handleGetAgentRuns,
+          handleSyncSkills, handleApproveAgent, handleTerminateAgent,
           handlePauseAgent, handleResumeAgent, handlePauseAll } = handlers;
 
   return async function agentsRoute(req, res, ctx, pathname, method) {
@@ -24,7 +27,25 @@ module.exports = function createAgentsRouter(handlers) {
     }
 
     if (method === 'POST' && pathname === '/api/agents/pause-all') {
-      await handlePauseAll(req, res, ctx);
+      // pause-all is also handled by hbo.js; guard against null stub
+      if (handlePauseAll) {
+        await handlePauseAll(req, res, ctx);
+      } else {
+        // delegated to hbo.js — return false so hboRoute can handle it
+        return false;
+      }
+      return true;
+    }
+
+    // P7-A2: GET /api/agents/:id/runs — must be matched BEFORE /:id to avoid conflict
+    const runsMatch = pathname.match(/^\/api\/agents\/([^/]+)\/runs$/);
+    if (method === 'GET' && runsMatch) {
+      if (handleGetAgentRuns) {
+        await handleGetAgentRuns(req, res, ctx, decodeURIComponent(runsMatch[1]));
+      } else {
+        res.writeHead(501, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify({ error: 'Agent runs endpoint not configured' }));
+      }
       return true;
     }
 
@@ -48,13 +69,37 @@ module.exports = function createAgentsRouter(handlers) {
 
     const pauseMatch = pathname.match(/^\/api\/agents\/([^/]+)\/pause$/);
     if (method === 'POST' && pauseMatch) {
-      await handlePauseAgent(req, res, ctx, decodeURIComponent(pauseMatch[1]));
+      if (handlePauseAgent) {
+        await handlePauseAgent(req, res, ctx, decodeURIComponent(pauseMatch[1]));
+      } else {
+        // H-4 fix: explicit error response instead of silent hang
+        res.writeHead(501, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify({ error: 'Agent pause handler not configured' }));
+      }
       return true;
     }
 
     const resumeMatch = pathname.match(/^\/api\/agents\/([^/]+)\/resume$/);
     if (method === 'POST' && resumeMatch) {
-      await handleResumeAgent(req, res, ctx, decodeURIComponent(resumeMatch[1]));
+      if (handleResumeAgent) {
+        await handleResumeAgent(req, res, ctx, decodeURIComponent(resumeMatch[1]));
+      } else {
+        // H-4 fix: explicit error response instead of silent hang
+        res.writeHead(501, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify({ error: 'Agent resume handler not configured' }));
+      }
+      return true;
+    }
+
+    // P7-A1: GET /api/agents/:id — must be LAST to avoid matching sub-routes above
+    const agentDetailMatch = pathname.match(/^\/api\/agents\/([^/]+)$/);
+    if (method === 'GET' && agentDetailMatch) {
+      if (handleGetAgent) {
+        await handleGetAgent(req, res, ctx, decodeURIComponent(agentDetailMatch[1]));
+      } else {
+        res.writeHead(501, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify({ error: 'Agent detail endpoint not configured' }));
+      }
       return true;
     }
 

package/daemon/routes/channels.js

@@ -34,7 +34,7 @@ const ACCOUNTS_FILE = path.join(ACCOUNTS_DIR, 'accounts.json');
 // Serialise all accounts.json mutations to prevent concurrent-write corruption
 let _accountsWriteLock = Promise.resolve();
 function withAccountsLock(fn) {
-  _accountsWriteLock = _accountsWriteLock.then(fn).catch(fn);
+  _accountsWriteLock = _accountsWriteLock.then(fn).catch(err => { console.error('[channels] accounts lock error:', err); });
   return _accountsWriteLock;
 }
 
@@ -348,6 +348,108 @@ async function handleSaveSlackChannel(req, res, companyId, body, mgQuery) {
 
 // ── Route dispatcher ───────────────────────────────────────────────────────
 
+// ── iMessage channel handlers ──────────────────────────────────────────────
+
+/**
+ * POST /api/companies/:id/channels/imessage/setup
+ *
+ * Verifies that the daemon can read the macOS iMessage database (chat.db).
+ * Requirements: macOS, Messages.app installed, Full Disk Access granted to this process.
+ * Returns: { connected: true, messageCount: N } on success,
+ *          { error: 'fda_denied', message: '...' } if FDA is not granted,
+ *          { error: 'not_macos' } on non-macOS platforms.
+ */
+async function handleImessageSetup(req, res) {
+  // iMessage is macOS-only — chat.db only exists on macOS
+  if (process.platform !== 'darwin') {
+    jsonErr(res, 400, 'not_macos', req);
+    return;
+  }
+
+  const chatDbPath = path.join(os.homedir(), 'Library', 'Messages', 'chat.db');
+
+  let db;
+  try {
+    // Dynamically require better-sqlite3 so non-macOS builds don't fail at import time.
+    // If it's not available, fall back to graceful error.
+    let Database;
+    try {
+      Database = require('better-sqlite3');
+    } catch (_) {
+      // Try bun:sqlite as fallback (daemon may run under Bun)
+      try {
+        const bun = require('bun:sqlite');
+        Database = bun.Database;
+      } catch (__) {
+        jsonErr(res, 500, 'sqlite_unavailable', req);
+        return;
+      }
+    }
+
+    db = new Database(chatDbPath, { readonly: true });
+    // Quick sanity query — counts messages to verify FDA access
+    const row = db.prepare('SELECT COUNT(*) as count FROM message').get();
+    const messageCount = row ? row.count : 0;
+
+    jsonOk(res, { connected: true, messageCount }, req);
+  } catch (err) {
+    const code = err && (err.code || err.message || '');
+    // SQLITE_CANTOPEN is thrown when FDA is not granted (chat.db unreadable)
+    if (
+      typeof code === 'string' &&
+      (code.includes('SQLITE_CANTOPEN') || code.includes('EPERM') || code.includes('EACCES') || code.includes('authorization denied'))
+    ) {
+      res.writeHead(403, getCorsHeaders(req));
+      res.end(JSON.stringify({
+        error: 'fda_denied',
+        message: 'Helios needs Full Disk Access to read iMessages. Open System Settings → Privacy & Security → Full Disk Access and add Helios.',
+      }));
+    } else {
+      jsonErr(res, 500, err.message || 'Unknown error reading chat.db', req);
+    }
+  } finally {
+    if (db) {
+      try { db.close(); } catch (_) {}
+    }
+  }
+}
+
+/**
+ * GET /api/companies/:id/channels/imessage/status
+ *
+ * Returns imessage connection status without writing anything.
+ */
+async function handleImessageStatus(req, res) {
+  if (process.platform !== 'darwin') {
+    jsonOk(res, { connected: false, available: false }, req);
+    return;
+  }
+
+  const chatDbPath = path.join(os.homedir(), 'Library', 'Messages', 'chat.db');
+
+  let db;
+  let connected = false;
+  try {
+    let Database;
+    try { Database = require('better-sqlite3'); } catch (_) {
+      try { Database = require('bun:sqlite').Database; } catch (__) {}
+    }
+    if (Database) {
+      db = new Database(chatDbPath, { readonly: true });
+      db.prepare('SELECT 1 FROM message LIMIT 1').get();
+      connected = true;
+    }
+  } catch (_) {
+    connected = false;
+  } finally {
+    if (db) { try { db.close(); } catch (_) {} }
+  }
+
+  jsonOk(res, { connected, available: true }, req);
+}
+
+// ── Route dispatcher ───────────────────────────────────────────────────────
+
 /**
  * channelsRoute(req, res, ctx, pathname, method)
  * Returns true if this route handled the request, false otherwise.
@@ -362,8 +464,10 @@ function channelsRoute(req, res, ctx, pathname, method) {
 
   const emailMatch = pathname.match(/^\/api\/companies\/([^/]+)\/channels\/email(\/oauth\/(start|complete))?$/);
   const slackMatch = pathname.match(/^\/api\/companies\/([^/]+)\/channels\/slack$/);
+  const imessageSetupMatch = pathname.match(/^\/api\/companies\/([^/]+)\/channels\/imessage\/setup$/);
+  const imessageStatusMatch = pathname.match(/^\/api\/companies\/([^/]+)\/channels\/imessage\/status$/);
 
-  if (!emailMatch && !slackMatch) return Promise.resolve(false);
+  if (!emailMatch && !slackMatch && !imessageSetupMatch && !imessageStatusMatch) return Promise.resolve(false);
 
   const mgQuery = ctx && ctx.mgQuery;
 
@@ -396,6 +500,14 @@ function channelsRoute(req, res, ctx, pathname, method) {
     }
   }
 
+  if (imessageSetupMatch && method === 'POST') {
+    return handleImessageSetup(req, res).then(() => true);
+  }
+
+  if (imessageStatusMatch && method === 'GET') {
+    return handleImessageStatus(req, res).then(() => true);
+  }
+
   return Promise.resolve(false);
 }
 
@@ -431,3 +543,5 @@ module.exports.handleEmailOAuthStart = handleEmailOAuthStart;
 module.exports.handleEmailOAuthComplete = handleEmailOAuthComplete;
 module.exports.handleGetSlackChannel = handleGetSlackChannel;
 module.exports.handleSaveSlackChannel = handleSaveSlackChannel;
+module.exports.handleImessageSetup = handleImessageSetup;
+module.exports.handleImessageStatus = handleImessageStatus;

package/daemon/routes/crm.js

@@ -0,0 +1,85 @@
+'use strict';
+
+/**
+ * routes/crm.js — P5-S5c
+ * POST /api/crm/contacts — upsert a CRM contact into Memgraph.
+ * Accepts CRMSyncEntry shape from crmSyncService.ts dual-write.
+ * C7: Writes to Memgraph via mgQuery (CREATE or MERGE on email/id).
+ * C15: Non-blocking from desktop perspective — desktop SQLite is authoritative;
+ *      this route is the async Memgraph leg.
+ */
+
+module.exports = function createCrmRouter({ parseBody, jsonResponse }) {
+  return async function crmRoute(req, res, ctx, pathname, method) {
+    // POST /api/crm/contacts — upsert contact node into Memgraph
+    if (method === 'POST' && pathname === '/api/crm/contacts') {
+      try {
+        const body = await parseBody(req);
+        if (!body || !body.id || !body.name) {
+          jsonResponse(res, 400, { error: 'id and name are required' });
+          return true;
+        }
+
+        const mg = ctx.mgQuery;
+        if (!mg) {
+          // Memgraph not connected — return 503 so desktop queues for retry
+          jsonResponse(res, 503, { error: 'Memgraph not connected' });
+          return true;
+        }
+
+        const contact = {
+          id: String(body.id),
+          name: String(body.name),
+          email: body.email ? String(body.email) : null,
+          phone: body.phone ? String(body.phone) : null,
+          company: body.company ? String(body.company) : null,
+          jobTitle: body.jobTitle ? String(body.jobTitle) : null,
+          stage: body.stage ? String(body.stage) : 'lead',
+          source: body.source ? String(body.source) : 'desktop',
+          companyId: body.companyId ? String(body.companyId) : (ctx.cid || null),
+          dunbarLayer: body.dunbarLayer ? String(body.dunbarLayer) : null,
+          healthStatus: body.healthStatus ? String(body.healthStatus) : null,
+          personId: body.personId ? String(body.personId) : null,
+          syncedAt: new Date().toISOString(),
+        };
+
+        // MERGE on id to make upsert idempotent; SET all mutable fields
+        await mg(
+          `MERGE (c:CRMContact {id: $id})
+           SET c.name = $name,
+               c.email = $email,
+               c.phone = $phone,
+               c.company = $company,
+               c.jobTitle = $jobTitle,
+               c.stage = $stage,
+               c.source = $source,
+               c.companyId = $companyId,
+               c.dunbarLayer = $dunbarLayer,
+               c.healthStatus = $healthStatus,
+               c.personId = $personId,
+               c.syncedAt = $syncedAt`,
+          contact
+        );
+
+        // If personId is known, create a link to the Person node
+        if (contact.personId) {
+          await mg(
+            `MATCH (c:CRMContact {id: $crmId}), (p:Person {id: $personId})
+             MERGE (c)-[:TRACKS]->(p)`,
+            { crmId: contact.id, personId: contact.personId }
+          ).catch(() => {
+            // Non-fatal — Person node may not exist yet
+          });
+        }
+
+        jsonResponse(res, 201, { ok: true, id: contact.id });
+        return true;
+      } catch (err) {
+        jsonResponse(res, 500, { error: err.message });
+        return true;
+      }
+    }
+
+    return false;
+  };
+};