npm - @danielblomma/cortex-mcp - Versions diffs - 1.7.2 → 2.0.3 - Mend

@danielblomma/cortex-mcp 1.7.2 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (79) hide show

package/README.md +4 -24
package/bin/cortex.mjs +679 -32
package/bin/style.mjs +349 -0
package/package.json +4 -3
package/scaffold/mcp/src/cli/enterprise-setup.ts +124 -0
package/scaffold/mcp/src/cli/govern.ts +987 -0
package/scaffold/mcp/src/cli/run.ts +306 -0
package/scaffold/mcp/src/cli/telemetry-test.ts +158 -0
package/scaffold/mcp/src/cli/ungoverned-detector.ts +168 -0
package/scaffold/mcp/src/core/audit/query.ts +81 -0
package/scaffold/mcp/src/core/audit/writer.ts +68 -0
package/scaffold/mcp/src/core/config.ts +329 -0
package/scaffold/mcp/src/core/index.ts +34 -0
package/scaffold/mcp/src/core/license.ts +202 -0
package/scaffold/mcp/src/core/policy/enforce.ts +98 -0
package/scaffold/mcp/src/core/policy/injection.ts +229 -0
package/scaffold/mcp/src/core/policy/store.ts +197 -0
package/scaffold/mcp/src/core/rbac/check.ts +40 -0
package/scaffold/mcp/src/core/telemetry/collector.ts +408 -0
package/scaffold/mcp/src/core/validators/builtins.ts +711 -0
package/scaffold/mcp/src/core/validators/config.ts +47 -0
package/scaffold/mcp/src/core/validators/engine.ts +199 -0
package/scaffold/mcp/src/core/validators/evaluators/code_comments.ts +294 -0
package/scaffold/mcp/src/core/validators/evaluators/regex.ts +144 -0
package/scaffold/mcp/src/daemon/client.ts +155 -0
package/scaffold/mcp/src/daemon/egress-proxy.ts +331 -0
package/scaffold/mcp/src/daemon/heartbeat-pusher.ts +147 -0
package/scaffold/mcp/src/daemon/heartbeat-tracker.ts +223 -0
package/scaffold/mcp/src/daemon/host-events-pusher.ts +285 -0
package/scaffold/mcp/src/daemon/main.ts +435 -0
package/scaffold/mcp/src/daemon/paths.ts +41 -0
package/scaffold/mcp/src/daemon/protocol.ts +101 -0
package/scaffold/mcp/src/daemon/server.ts +227 -0
package/scaffold/mcp/src/daemon/sync-checker.ts +213 -0
package/scaffold/mcp/src/daemon/ungoverned-scanner.ts +149 -0
package/scaffold/mcp/src/enterprise/audit/push.ts +84 -0
package/scaffold/mcp/src/enterprise/index.ts +386 -0
package/scaffold/mcp/src/enterprise/model/deploy.ts +33 -0
package/scaffold/mcp/src/enterprise/policy/sync.ts +146 -0
package/scaffold/mcp/src/enterprise/privacy/boundary.ts +214 -0
package/scaffold/mcp/src/enterprise/reviews/push.ts +79 -0
package/scaffold/mcp/src/enterprise/telemetry/sync.ts +73 -0
package/scaffold/mcp/src/enterprise/tools/enterprise.ts +1031 -0
package/scaffold/mcp/src/enterprise/tools/walk.ts +79 -0
package/scaffold/mcp/src/enterprise/violations/push.ts +102 -0
package/scaffold/mcp/src/enterprise/workflow/push.ts +60 -0
package/scaffold/mcp/src/enterprise/workflow/state.ts +535 -0
package/scaffold/mcp/src/hooks/pre-compact.ts +54 -0
package/scaffold/mcp/src/hooks/pre-tool-use.ts +96 -0
package/scaffold/mcp/src/hooks/session-end.ts +73 -0
package/scaffold/mcp/src/hooks/session-start.ts +78 -0
package/scaffold/mcp/src/hooks/shared.ts +134 -0
package/scaffold/mcp/src/hooks/stop.ts +60 -0
package/scaffold/mcp/src/hooks/user-prompt-submit.ts +64 -0
package/scaffold/mcp/src/loadGraph.ts +2 -0
package/scaffold/mcp/src/plugin.ts +150 -0
package/scaffold/mcp/src/server.ts +218 -7
package/scaffold/mcp/tests/copilot-shim.test.mjs +146 -0
package/scaffold/mcp/tests/daemon-client.test.mjs +32 -0
package/scaffold/mcp/tests/egress-proxy.test.mjs +239 -0
package/scaffold/mcp/tests/enterprise-config.test.mjs +154 -0
package/scaffold/mcp/tests/govern-install.test.mjs +320 -0
package/scaffold/mcp/tests/govern-repair.test.mjs +157 -0
package/scaffold/mcp/tests/govern-status.test.mjs +538 -0
package/scaffold/mcp/tests/govern.test.mjs +74 -0
package/scaffold/mcp/tests/heartbeat-pusher.test.mjs +154 -0
package/scaffold/mcp/tests/heartbeat-tracker.test.mjs +237 -0
package/scaffold/mcp/tests/host-events-pusher.test.mjs +347 -0
package/scaffold/mcp/tests/policy-check.test.mjs +220 -0
package/scaffold/mcp/tests/repo-name.test.mjs +134 -0
package/scaffold/mcp/tests/run.test.mjs +109 -0
package/scaffold/mcp/tests/sync-checker.test.mjs +188 -0
package/scaffold/mcp/tests/telemetry-collector.test.mjs +30 -0
package/scaffold/mcp/tests/ungoverned-detector.test.mjs +191 -0
package/scaffold/mcp/tests/ungoverned-scanner.test.mjs +198 -0
package/scaffold/scripts/bootstrap.sh +0 -11
package/scaffold/scripts/doctor.sh +24 -4
package/types.js +5 -0
package/docs/MCP_MARKETPLACE.md +0 -160

package/scaffold/mcp/src/daemon/client.ts ADDED Viewed

@@ -0,0 +1,155 @@
+import { connect, type Socket } from "node:net";
+import { spawn } from "node:child_process";
+import { existsSync, readFileSync } from "node:fs";
+import { randomUUID } from "node:crypto";
+import { socketPath, pidFilePath, logFilePath } from "./paths.js";
+import {
+  DEFAULT_REQUEST_TIMEOUT_MS,
+  type Request,
+  type RequestType,
+  type Response,
+} from "./protocol.js";
+/**
+ * Hook-side client for talking to the cortex daemon.
+ * Handles auto-start, connect, request/response, and timeouts.
+ */
+export type CallOptions = {
+  timeoutMs?: number;
+  autoStart?: boolean;
+};
+export type CallResult<T> =
+  | { ok: true; result: T }
+  | { ok: false; error: string };
+export function isProcessAlive(pid: number): boolean {
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch (err) {
+    if (err && typeof err === "object" && "code" in err && err.code === "EPERM") {
+      return true;
+    }
+    return false;
+  }
+}
+function readDaemonPid(): number | null {
+  if (!existsSync(pidFilePath())) return null;
+  try {
+    const raw = readFileSync(pidFilePath(), "utf8").trim();
+    const pid = Number.parseInt(raw, 10);
+    if (!Number.isFinite(pid) || pid <= 0) return null;
+    return pid;
+  } catch {
+    return null;
+  }
+}
+export function isDaemonRunning(): boolean {
+  const pid = readDaemonPid();
+  if (pid === null) return false;
+  return isProcessAlive(pid);
+}
+/**
+ * Spawn the daemon as a detached process. Returns immediately — caller is
+ * responsible for waiting until socket is ready (typically via retry loop).
+ */
+export function spawnDaemon(daemonEntryAbsPath: string): void {
+  const out = (() => {
+    try {
+      // openSync returns an fd we can pass to spawn for stdio redirection.
+      // Append-only — the daemon log accumulates across runs.
+      // eslint-disable-next-line @typescript-eslint/no-require-imports
+      const fs = require("node:fs") as typeof import("node:fs");
+      return fs.openSync(logFilePath(), "a");
+    } catch {
+      return "ignore" as const;
+    }
+  })();
+  const child = spawn(process.execPath, [daemonEntryAbsPath], {
+    detached: true,
+    stdio: ["ignore", out, out],
+    env: { ...process.env, CORTEX_DAEMON_AUTOSTART: "1" },
+  });
+  child.unref();
+}
+async function connectWithRetry(timeoutMs: number): Promise<Socket | null> {
+  const start = Date.now();
+  while (Date.now() - start < timeoutMs) {
+    const sock = await new Promise<Socket | null>((resolve) => {
+      const s = connect(socketPath());
+      s.once("connect", () => resolve(s));
+      s.once("error", () => {
+        s.destroy();
+        resolve(null);
+      });
+    });
+    if (sock) return sock;
+    await new Promise((r) => setTimeout(r, 100));
+  }
+  return null;
+}
+export async function call<T>(
+  type: RequestType,
+  payload: unknown,
+  options: CallOptions = {},
+): Promise<CallResult<T>> {
+  const timeoutMs = options.timeoutMs ?? DEFAULT_REQUEST_TIMEOUT_MS;
+  const id = randomUUID();
+  const sock = await connectWithRetry(timeoutMs);
+  if (!sock) {
+    return { ok: false, error: "daemon_unreachable" };
+  }
+  return new Promise<CallResult<T>>((resolve) => {
+    let buffer = "";
+    let settled = false;
+    const finish = (r: CallResult<T>) => {
+      if (settled) return;
+      settled = true;
+      sock.end();
+      resolve(r);
+    };
+    const timer = setTimeout(() => {
+      finish({ ok: false, error: "timeout" });
+    }, timeoutMs);
+    timer.unref();
+    sock.on("data", (chunk) => {
+      buffer += chunk.toString("utf8");
+      const nl = buffer.indexOf("\n");
+      if (nl === -1) return;
+      const line = buffer.slice(0, nl);
+      try {
+        const resp = JSON.parse(line) as Response;
+        if (resp.id !== id) return; // not ours; ignore
+        clearTimeout(timer);
+        if (resp.ok) {
+          finish({ ok: true, result: resp.result as T });
+        } else {
+          finish({ ok: false, error: resp.error ?? "unknown_error" });
+        }
+      } catch {
+        finish({ ok: false, error: "invalid_response" });
+      }
+    });
+    sock.on("error", (err) => {
+      clearTimeout(timer);
+      finish({ ok: false, error: `socket_error: ${err.message}` });
+    });
+    const request: Request = { id, type, payload };
+    sock.write(`${JSON.stringify(request)}\n`);
+  });
+}

package/scaffold/mcp/src/daemon/egress-proxy.ts ADDED Viewed

@@ -0,0 +1,331 @@
+import { createServer, connect, type Server, type Socket } from "node:net";
+import { hostname } from "node:os";
+import { writeHostAuditEvent } from "./ungoverned-scanner.js";
+/**
+ * Phase 4 task 19 — cortex egress proxy.
+ *
+ * Listens on a local TCP port for HTTP CONNECT (https-proxy) requests.
+ * Pipes bytes through transparently; does NOT terminate TLS. Inspects
+ * only:
+ *   - the CONNECT line for the destination host:port
+ *   - the first client chunk for the TLS ClientHello SNI extension
+ *
+ * Per privacy boundary v3 we never send payload bytes to cortex-web —
+ * only SNI + destination + bytes-transferred counters. The audit lands
+ * in .context/audit/host-events-YYYY-MM-DD.jsonl as event_type =
+ * "egress_connection". The host-events pusher (Fas 7) then forwards
+ * those to cortex-web on the periodic timer.
+ *
+ * Plain HTTP (non-CONNECT) is also supported but logged with the Host
+ * header in place of SNI.
+ */
+const CONNECT_RE = /^CONNECT\s+([^\s:]+):(\d+)\s+HTTP\/1\.[01]/i;
+const HTTP_RE = /^([A-Z]+)\s+(http:\/\/[^\s]+)\s+HTTP\/1\.[01]/i;
+export type EgressEvent = {
+  event_type: "egress_connection";
+  timestamp: string;
+  host_id: string;
+  source_port: number | null;
+  destination: { host: string; port: number };
+  protocol: "https" | "http";
+  sni: string | null;
+  bytes_client_to_server: number;
+  bytes_server_to_client: number;
+  duration_ms: number;
+  closed_by: "client" | "server" | "error";
+  error: string | null;
+};
+/**
+ * Parse SNI from a TLS ClientHello buffer. Returns null if not found
+ * or buffer is malformed. Does not mutate the buffer.
+ */
+export function parseSni(buf: Buffer): string | null {
+  if (buf.length < 11) return null;
+  if (buf[0] !== 0x16) return null;
+  if (buf[1] !== 0x03) return null;
+  const recordLen = buf.readUInt16BE(3);
+  const recordEnd = 5 + recordLen;
+  if (buf.length < recordEnd) return null;
+  if (buf[5] !== 0x01) return null;
+  const handshakeLen = (buf[6] << 16) | (buf[7] << 8) | buf[8];
+  const handshakeEnd = 9 + handshakeLen;
+  if (buf.length < Math.min(handshakeEnd, recordEnd)) return null;
+  let p = 9 + 2 + 32;
+  if (p + 1 > recordEnd) return null;
+  const sessionIdLen = buf[p];
+  p += 1 + sessionIdLen;
+  if (p + 2 > recordEnd) return null;
+  const cipherSuitesLen = buf.readUInt16BE(p);
+  p += 2 + cipherSuitesLen;
+  if (p + 1 > recordEnd) return null;
+  const compMethodsLen = buf[p];
+  p += 1 + compMethodsLen;
+  if (p + 2 > recordEnd) return null;
+  const extensionsLen = buf.readUInt16BE(p);
+  p += 2;
+  const extensionsEnd = p + extensionsLen;
+  if (extensionsEnd > recordEnd) return null;
+  while (p + 4 <= extensionsEnd) {
+    const extType = buf.readUInt16BE(p);
+    const extLen = buf.readUInt16BE(p + 2);
+    const extEnd = p + 4 + extLen;
+    if (extEnd > extensionsEnd) return null;
+    if (extType === 0x0000) {
+      let q = p + 4;
+      if (q + 2 > extEnd) return null;
+      const listLen = buf.readUInt16BE(q);
+      q += 2;
+      const listEnd = q + listLen;
+      if (listEnd > extEnd) return null;
+      while (q + 3 <= listEnd) {
+        const nameType = buf[q];
+        const nameLen = buf.readUInt16BE(q + 1);
+        q += 3;
+        if (q + nameLen > listEnd) return null;
+        if (nameType === 0x00) {
+          return buf.subarray(q, q + nameLen).toString("ascii");
+        }
+        q += nameLen;
+      }
+      return null;
+    }
+    p = extEnd;
+  }
+  return null;
+}
+export type ProxyOptions = {
+  cwd: string;
+  port?: number;
+  hostId?: string;
+};
+export type ProxyHandle = {
+  port: number;
+  stop(): Promise<void>;
+  isRunning(): boolean;
+};
+const HTTP_OK = "HTTP/1.1 200 Connection Established\r\nProxy-Agent: cortex-egress\r\n\r\n";
+const HTTP_BAD = "HTTP/1.1 400 Bad Request\r\nConnection: close\r\n\r\n";
+const HTTP_BAD_GATEWAY = "HTTP/1.1 502 Bad Gateway\r\nConnection: close\r\n\r\n";
+function emit(cwd: string, evt: EgressEvent): void {
+  void writeHostAuditEvent(cwd, evt as unknown as Record<string, unknown>).catch((err) => {
+    process.stderr.write(
+      `[cortex-egress] audit emit failed: ${err instanceof Error ? err.message : String(err)}\n`,
+    );
+  });
+}
+function newEvent(host: string, port: number, protocol: "https" | "http", hostId: string, sourcePort: number | null): EgressEvent {
+  return {
+    event_type: "egress_connection",
+    timestamp: new Date().toISOString(),
+    host_id: hostId,
+    source_port: sourcePort,
+    destination: { host, port },
+    protocol,
+    sni: null,
+    bytes_client_to_server: 0,
+    bytes_server_to_client: 0,
+    duration_ms: 0,
+    closed_by: "client",
+    error: null,
+  };
+}
+function pipeWithCounting(
+  client: Socket,
+  upstream: Socket,
+  evt: EgressEvent,
+  cwd: string,
+  start: number,
+): void {
+  let firstClientChunk = true;
+  client.on("data", (chunk) => {
+    evt.bytes_client_to_server += chunk.length;
+    if (firstClientChunk && evt.protocol === "https") {
+      firstClientChunk = false;
+      const sni = parseSni(chunk);
+      if (sni) evt.sni = sni;
+    }
+    upstream.write(chunk);
+  });
+  upstream.on("data", (chunk) => {
+    evt.bytes_server_to_client += chunk.length;
+    client.write(chunk);
+  });
+  const finalize = (closer: "client" | "server" | "error", error: string | null = null) => {
+    if (evt.duration_ms > 0) return;
+    evt.duration_ms = Date.now() - start;
+    evt.closed_by = closer;
+    evt.error = error;
+    emit(cwd, evt);
+    try {
+      client.destroy();
+    } catch {
+      // ignore
+    }
+    try {
+      upstream.destroy();
+    } catch {
+      // ignore
+    }
+  };
+  client.on("end", () => finalize("client"));
+  upstream.on("end", () => finalize("server"));
+  client.on("error", (err) => finalize("error", err.message));
+  upstream.on("error", (err) => finalize("error", err.message));
+}
+function handleConnect(
+  client: Socket,
+  host: string,
+  port: number,
+  cwd: string,
+  hostId: string,
+): void {
+  const evt = newEvent(host, port, "https", hostId, client.remotePort ?? null);
+  const start = Date.now();
+  const upstream = connect({ host, port }, () => {
+    client.write(HTTP_OK);
+    pipeWithCounting(client, upstream, evt, cwd, start);
+  });
+  upstream.on("error", (err) => {
+    evt.duration_ms = Date.now() - start;
+    evt.closed_by = "error";
+    evt.error = `upstream connect: ${err.message}`;
+    emit(cwd, evt);
+    try {
+      client.write(HTTP_BAD_GATEWAY);
+      client.destroy();
+    } catch {
+      // ignore
+    }
+  });
+}
+function handleHttp(
+  client: Socket,
+  url: URL,
+  initialChunk: Buffer,
+  cwd: string,
+  hostId: string,
+): void {
+  const port = url.port ? parseInt(url.port, 10) : 80;
+  const evt = newEvent(url.hostname, port, "http", hostId, client.remotePort ?? null);
+  evt.sni = url.hostname;
+  const start = Date.now();
+  const upstream = connect({ host: url.hostname, port }, () => {
+    upstream.write(initialChunk);
+    pipeWithCounting(client, upstream, evt, cwd, start);
+  });
+  upstream.on("error", (err) => {
+    evt.duration_ms = Date.now() - start;
+    evt.closed_by = "error";
+    evt.error = `upstream connect: ${err.message}`;
+    emit(cwd, evt);
+    try {
+      client.write(HTTP_BAD_GATEWAY);
+      client.destroy();
+    } catch {
+      // ignore
+    }
+  });
+}
+function handleConnection(client: Socket, cwd: string, hostId: string): void {
+  let buffer = Buffer.alloc(0);
+  const onFirstChunk = (chunk: Buffer) => {
+    buffer = Buffer.concat([buffer, chunk]);
+    const headerEnd = buffer.indexOf("\r\n\r\n");
+    if (headerEnd === -1) {
+      if (buffer.length > 8192) {
+        client.write(HTTP_BAD);
+        client.destroy();
+        return;
+      }
+      client.once("data", onFirstChunk);
+      return;
+    }
+    const headers = buffer.subarray(0, headerEnd).toString("ascii");
+    const remainder = buffer.subarray(headerEnd + 4);
+    const firstLine = headers.split(/\r?\n/, 1)[0] ?? "";
+    const connectMatch = firstLine.match(CONNECT_RE);
+    if (connectMatch) {
+      const host = connectMatch[1];
+      const port = parseInt(connectMatch[2], 10);
+      handleConnect(client, host, port, cwd, hostId);
+      return;
+    }
+    const httpMatch = firstLine.match(HTTP_RE);
+    if (httpMatch) {
+      let url: URL;
+      try {
+        url = new URL(httpMatch[2]);
+      } catch {
+        client.write(HTTP_BAD);
+        client.destroy();
+        return;
+      }
+      const path = url.pathname + url.search;
+      const rebuilt = `${httpMatch[1]} ${path} HTTP/1.1\r\n${headers.split(/\r?\n/).slice(1).join("\r\n")}\r\n\r\n`;
+      const initial = Buffer.concat([Buffer.from(rebuilt, "ascii"), remainder]);
+      handleHttp(client, url, initial, cwd, hostId);
+      return;
+    }
+    client.write(HTTP_BAD);
+    client.destroy();
+  };
+  client.once("data", onFirstChunk);
+  client.on("error", () => {
+    try {
+      client.destroy();
+    } catch {
+      // ignore
+    }
+  });
+}
+export function startEgressProxy(options: ProxyOptions): Promise<ProxyHandle> {
+  const port = options.port ?? 18888;
+  const hostId = options.hostId ?? hostname();
+  const cwd = options.cwd;
+  return new Promise((resolve, reject) => {
+    const server: Server = createServer((client) => handleConnection(client, cwd, hostId));
+    server.once("error", (err) => {
+      reject(err);
+    });
+    server.listen(port, "127.0.0.1", () => {
+      const addr = server.address();
+      const actualPort = typeof addr === "object" && addr ? addr.port : port;
+      let running = true;
+      resolve({
+        port: actualPort,
+        async stop(): Promise<void> {
+          if (!running) return;
+          running = false;
+          await new Promise<void>((res) => server.close(() => res()));
+        },
+        isRunning: () => running,
+      });
+    });
+  });
+}

package/scaffold/mcp/src/daemon/heartbeat-pusher.ts ADDED Viewed

@@ -0,0 +1,147 @@
+import { existsSync, readFileSync } from "node:fs";
+import { join } from "node:path";
+import { hostname, platform, release } from "node:os";
+import { loadEnterpriseConfig } from "../core/config.js";
+/**
+ * Govern host heartbeat — fills the host_enrollment table on cortex-web.
+ *
+ * Reads .context/govern.local.json + enterprise.yml + OS info, builds a
+ * canonical payload matching governHeartbeatSchema on the server side,
+ * and POSTs it to /api/v1/govern/heartbeat. Without this, the dashboard
+ * at /dashboard/govern shows zero hosts forever.
+ *
+ * Periodic — default 5 min, same cadence as host-events-pusher.
+ */
+const TIER_BY_CLI: Record<string, "prevent" | "wrap" | "detect" | "off"> = {
+  claude: "prevent",
+  codex: "prevent",
+  copilot: "wrap",
+};
+type LocalGovernState = {
+  installs?: Record<
+    string,
+    {
+      mode?: "advisory" | "enforced";
+      version?: string;
+      frameworks?: Array<{ id: string; version: string }>;
+    }
+  >;
+};
+function readLocalGovernState(cwd: string): LocalGovernState {
+  const p = join(cwd, ".context", "govern.local.json");
+  if (!existsSync(p)) return {};
+  try {
+    return JSON.parse(readFileSync(p, "utf8")) as LocalGovernState;
+  } catch {
+    return {};
+  }
+}
+function mapOs(plat: NodeJS.Platform): "darwin" | "linux" | "windows" {
+  if (plat === "darwin") return "darwin";
+  if (plat === "linux") return "linux";
+  if (plat === "win32") return "windows";
+  return "linux";
+}
+export type HeartbeatPayload = {
+  host_id: string;
+  os: "darwin" | "linux" | "windows";
+  os_version?: string;
+  govern_mode: "off" | "advisory" | "enforced";
+  active_frameworks: string[];
+  config_version: string | null;
+  ai_clis_detected: Array<{
+    name: string;
+    tier: "prevent" | "wrap" | "detect" | "off";
+    version?: string;
+    last_seen?: string;
+  }>;
+};
+export function buildHeartbeatPayload(cwd: string, hostId?: string): HeartbeatPayload {
+  const config = loadEnterpriseConfig(join(cwd, ".context"));
+  const state = readLocalGovernState(cwd);
+  const installs = state.installs ?? {};
+  const now = new Date().toISOString();
+  const aiClisDetected = Object.entries(installs).map(([name, info]) => ({
+    name,
+    tier: TIER_BY_CLI[name] ?? "off",
+    version: info.version,
+    last_seen: now,
+  }));
+  let governMode: "off" | "advisory" | "enforced" = "off";
+  for (const inst of Object.values(installs)) {
+    if (inst.mode === "enforced") {
+      governMode = "enforced";
+      break;
+    }
+    if (inst.mode === "advisory" && governMode === "off") governMode = "advisory";
+  }
+  const configVersion = Object.values(installs)[0]?.version ?? null;
+  return {
+    host_id: hostId ?? hostname(),
+    os: mapOs(platform()),
+    os_version: release(),
+    govern_mode: governMode,
+    active_frameworks: config.compliance.frameworks,
+    config_version: configVersion,
+    ai_clis_detected: aiClisDetected,
+  };
+}
+export type HeartbeatPushOutcome = { ok: true } | { ok: false; error: string };
+export async function pushHeartbeat(cwd: string): Promise<HeartbeatPushOutcome> {
+  const config = loadEnterpriseConfig(join(cwd, ".context"));
+  const apiKey = config.enterprise.api_key.trim();
+  const baseUrl = (config.enterprise.base_url || config.enterprise.endpoint).trim();
+  if (!apiKey || !baseUrl) {
+    return { ok: false, error: "enterprise not configured" };
+  }
+  const payload = buildHeartbeatPayload(cwd);
+  try {
+    const res = await fetch(`${baseUrl.replace(/\/$/, "")}/api/v1/govern/heartbeat`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${apiKey}`,
+      },
+      body: JSON.stringify(payload),
+    });
+    if (!res.ok) {
+      return { ok: false, error: `HTTP ${res.status} ${res.statusText}` };
+    }
+    return { ok: true };
+  } catch (err) {
+    return { ok: false, error: err instanceof Error ? err.message : String(err) };
+  }
+}
+export type HeartbeatHandle = { stop(): void };
+export function startHeartbeatPusher(cwd: string, intervalMs: number): HeartbeatHandle {
+  const tick = () => {
+    void pushHeartbeat(cwd).catch((err) => {
+      process.stderr.write(
+        `[cortex-daemon] heartbeat push failed: ${err instanceof Error ? err.message : String(err)}\n`,
+      );
+    });
+  };
+  void Promise.resolve().then(tick);
+  const handle = setInterval(tick, intervalMs);
+  if (typeof handle.unref === "function") handle.unref();
+  return {
+    stop() {
+      clearInterval(handle);
+    },
+  };
+}