@grindxp/cli 0.1.7 → 0.1.9

package/dist/index.js

@@ -5,25 +5,43 @@ var __getProtoOf = Object.getPrototypeOf;
 var __defProp = Object.defineProperty;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+function __accessProp(key) {
+  return this[key];
+}
+var __toESMCache_node;
+var __toESMCache_esm;
 var __toESM = (mod, isNodeMode, target) => {
+  var canCache = mod != null && typeof mod === "object";
+  if (canCache) {
+    var cache = isNodeMode ? __toESMCache_node ??= new WeakMap : __toESMCache_esm ??= new WeakMap;
+    var cached = cache.get(mod);
+    if (cached)
+      return cached;
+  }
   target = mod != null ? __create(__getProtoOf(mod)) : {};
   const to = isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target;
   for (let key of __getOwnPropNames(mod))
     if (!__hasOwnProp.call(to, key))
       __defProp(to, key, {
-        get: () => mod[key],
+        get: __accessProp.bind(mod, key),
         enumerable: true
       });
+  if (canCache)
+    cache.set(mod, to);
   return to;
 };
 var __commonJS = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
+var __returnValue = (v) => v;
+function __exportSetter(name, newValue) {
+  this[name] = __returnValue.bind(null, newValue);
+}
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, {
       get: all[name],
       enumerable: true,
       configurable: true,
-      set: (newValue) => all[name] = () => newValue
+      set: __exportSetter.bind(all, name)
     });
 };
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
@@ -28273,8 +28291,7 @@ async function flushCompanionMemory(params) {
     messages: [...messages, { role: "user", content: MEMORY_FLUSH_PROMPT }],
     tools,
     activeTools: ["list_insights", "store_insight", "update_user_context"],
-    stopWhen: stepCountIs(4),
-    maxOutputTokens: 128,
+    stopWhen: stepCountIs(6),
     maxRetries: 1,
     ...abortSignal ? { abortSignal } : {}
   });
@@ -28332,15 +28349,16 @@ What was planned or in progress.
 
 Be concise. This summary replaces the full conversation history.`, MEMORY_FLUSH_PROMPT = `Session is nearing compaction.
 
-Before summarization, persist any durable user memory via tools:
-- store_insight for concise durable facts (pattern, preference, goal, context)
-- update_user_context only for high-level narrative context that should stay in a user notes blob
+Step 1: Call list_insights to see what is already stored.
+Step 2: Identify any durable facts from this session that are NOT already covered by existing insights.
+Step 3: Only call store_insight for genuinely new information. Do not re-store facts already captured \u2014 store_insight will merge exact duplicates but semantic duplicates waste space.
+Step 4: If everything worth keeping is already stored, reply exactly: NO_REPLY
 
 Rules:
 - Store only durable information likely to matter in future sessions.
 - Do not store transient chatter.
 - Keep insights short and factual.
-- If there is nothing useful to store, reply exactly: NO_REPLY`;
+- Prefer updating an existing insight over creating a new one when the content overlaps.`;
 var init_compaction = __esm(() => {
   init_dist5();
 });
@@ -40820,8 +40838,16 @@ TOOL USAGE:
 - When asked whether integrations/channels are connected or available (Telegram, WhatsApp, Discord, Google Calendar), call get_integrations_status first. Do not guess.
 - If the user asks to send or test a Telegram message, call send_telegram_message immediately. Never ask the user for their chat ID \u2014 it is resolved automatically.
 - If send_telegram_message fails because no chat ID was found yet, tell the user to send any message to the bot from Telegram (not /start specifically) and offer to try again immediately after.
-- When the user asks to automate, schedule reminders, or set recurring workflows, use forge tools (create_forge_rule, list_forge_rules, update_forge_rule, run_forge_rule, delete_forge_rule) instead of telling them to use CLI manually.
-- Before updating or deleting a forge rule, call list_forge_rules to confirm the target. Use list_forge_runs to diagnose failures.
+- When the user asks to automate, schedule reminders, or set recurring workflows, use forge tools directly \u2014 never tell the user to use the CLI manually.
+- Before updating, deleting, or running a specific rule, call list_forge_rules to confirm the target and read its xpImpact field.
+- xpImpact: false rules (notifications, reminders, monitors): act fully autonomously \u2014 no explanation needed beyond confirming what you did.
+- xpImpact: true rules (log-to-vault, update-skill): proceed autonomously and briefly mention in your reply that XP will be awarded automatically.
+- Deleting a rule is permanent \u2014 tell the user this before calling delete_forge_rule.
+- run-script rules execute shell scripts as automations \u2014 always show the full script in your reply when creating or updating one.
+- Use list_forge_runs to diagnose failures.
+- When the user names a specific calendar (anything other than 'primary'), always call list_calendars first to resolve the name to its id, then pass that id to create_calendar_event or get_calendar_events. Never assume the id \u2014 always look it up.
+- If list_calendars does not return the named calendar and the user wants to create it, call create_calendar first, then use the returned id immediately for any subsequent event creation.
+- Never ask the user for a calendar ID \u2014 always resolve it yourself via list_calendars.
 - Keep responses concise. 1-3 sentences for simple actions. No walls of text.
 
 WEB & FILE ACCESS:
@@ -42711,6 +42737,16 @@ async function listCalendars(serviceConfig) {
   const data = await resp.json();
   return data.items ?? [];
 }
+async function createCalendar(serviceConfig, summary, timeZone) {
+  const body = { summary };
+  if (timeZone)
+    body.timeZone = timeZone;
+  const resp = await googleFetch(`${BASE}/calendars`, serviceConfig, {
+    method: "POST",
+    body: JSON.stringify(body)
+  });
+  return resp.json();
+}
 function getEventDateKey(event, tz) {
   if (event.start.date)
     return event.start.date;
@@ -46056,6 +46092,12 @@ async function findCompanionInsightByContent(db2, userId, category, content) {
   });
   return row ?? null;
 }
+async function updateCompanionMode(db2, userId, mode) {
+  const [updated] = await db2.update(companionSettings).set({ mode, updatedAt: Date.now() }).where(eq(companionSettings.userId, userId)).returning();
+  if (!updated)
+    throw new Error("Companion not found. Run `grindxp init` first.");
+  return updated;
+}
 async function deleteCompanionInsight(db2, insightId, userId) {
   const row = await db2.delete(companionInsights).where(and(eq(companionInsights.id, insightId), eq(companionInsights.userId, userId))).returning({ id: companionInsights.id });
   return row.length > 0;
@@ -46176,6 +46218,16 @@ async function deleteForgeRule(db2, userId, ruleId) {
   const rows = await db2.delete(forgeRules).where(and(eq(forgeRules.id, ruleId), eq(forgeRules.userId, userId))).returning({ id: forgeRules.id });
   return rows.length > 0;
 }
+async function listSignals(db2, userId, options = {}) {
+  const { limit = 20, source } = options;
+  const where = source ? and(eq(signals.userId, userId), eq(signals.source, source)) : eq(signals.userId, userId);
+  const rows = await db2.query.signals.findMany({
+    where,
+    orderBy: [desc(signals.detectedAt)],
+    limit
+  });
+  return rows.map(rowToSignal);
+}
 async function recordSignal(db2, input) {
   const valid = createSignalInputSchema.parse(input);
   const [row] = await db2.insert(signals).values(valid).returning();
@@ -46483,6 +46535,36 @@ async function completeQuest(db2, input) {
   });
   return { xpEarned: xpResult.totalXp, skillGains };
 }
+async function updateQuest(db2, questId, userId, patch) {
+  const set2 = { updatedAt: Date.now() };
+  if (patch.title !== undefined)
+    set2.title = patch.title;
+  if (patch.description !== undefined)
+    set2.description = patch.description;
+  if (patch.type !== undefined)
+    set2.type = patch.type;
+  if (patch.difficulty !== undefined)
+    set2.difficulty = patch.difficulty;
+  if (patch.skillTags !== undefined)
+    set2.skillTags = patch.skillTags;
+  if (patch.baseXp !== undefined)
+    set2.baseXp = patch.baseXp;
+  if (patch.scheduleCron !== undefined)
+    set2.scheduleCron = patch.scheduleCron;
+  if (patch.deadlineAt !== undefined)
+    set2.deadlineAt = patch.deadlineAt;
+  const [row] = await db2.update(quests).set(set2).where(and(eq(quests.id, questId), eq(quests.userId, userId))).returning();
+  return row ? rowToQuest(row) : null;
+}
+async function listQuestLogs(db2, userId, options = {}) {
+  const { limit = 20, since } = options;
+  const where = since ? and(eq(questLogs.userId, userId), gte(questLogs.completedAt, since)) : eq(questLogs.userId, userId);
+  return db2.query.questLogs.findMany({
+    where,
+    orderBy: [desc(questLogs.completedAt)],
+    limit
+  });
+}
 var init_quests = __esm(() => {
   init_drizzle_orm();
   init_schema();
@@ -46554,6 +46636,7 @@ var init_repositories = __esm(() => {
 // ../core/src/forge/runtime.ts
 import { spawnSync } from "child_process";
 import { statSync } from "fs";
+import { homedir as homedir2 } from "os";
 import { isAbsolute, resolve as resolve2 } from "path";
 async function runForgeTick(options) {
   const at3 = options.at ?? Date.now();
@@ -46719,6 +46802,8 @@ async function executeForgeAction(db2, userId, plan) {
         return executeLogToVault(db2, userId, plan);
       case "send-notification":
         return executeSendNotification(plan);
+      case "run-script":
+        return executeRunScript(plan);
       default:
         return {
           status: "skipped",
@@ -46911,6 +46996,53 @@ async function executeSendNotification(plan) {
     error: `Unsupported notification channel '${channel}'.`
   };
 }
+async function executeRunScript(plan) {
+  const script = asString2(plan.actionConfig.script);
+  if (!script) {
+    return {
+      status: "failed",
+      actionPayload: {},
+      error: "run-script requires actionConfig.script."
+    };
+  }
+  const timeoutMs = parsePositiveInt(plan.actionConfig.timeout) ?? 30000;
+  const rawWorkdir = asString2(plan.actionConfig.workdir);
+  const workdir = rawWorkdir ? rawWorkdir.replace(/^~/, homedir2()) : undefined;
+  const result = spawnSync("sh", ["-c", script], {
+    encoding: "utf8",
+    stdio: ["ignore", "pipe", "pipe"],
+    timeout: timeoutMs,
+    ...workdir ? { cwd: workdir } : {}
+  });
+  const errCode = result.error?.code;
+  if (errCode === "ENOENT" && workdir) {
+    return {
+      status: "failed",
+      actionPayload: { script, exitCode: null },
+      error: `Working directory does not exist: ${workdir}`
+    };
+  }
+  if (errCode === "ETIMEDOUT") {
+    return {
+      status: "failed",
+      actionPayload: { script, exitCode: null },
+      error: `Script timed out after ${timeoutMs}ms.`
+    };
+  }
+  if (result.status !== 0) {
+    const stderr = result.stderr?.trim().slice(0, 500) ?? "";
+    return {
+      status: "failed",
+      actionPayload: { script, exitCode: result.status },
+      error: `Script exited ${result.status ?? "null"}${stderr ? `: ${stderr}` : ""}`
+    };
+  }
+  const stdout = result.stdout?.trim().slice(0, 2000) ?? "";
+  return {
+    status: "success",
+    actionPayload: { script, exitCode: 0, ...stdout ? { stdout } : {} }
+  };
+}
 async function executeQueueQuest(db2, userId, plan) {
   const eventPayload = asRecord(plan.actionConfig.eventPayload);
   const questId = asString2(plan.actionConfig.questId) ?? asString2(eventPayload?.questId) ?? asString2(plan.actionConfig.targetQuestId);
@@ -47589,6 +47721,21 @@ var init_google = __esm(() => {
 import * as fs from "fs/promises";
 import * as path from "path";
 import os from "os";
+function requireTrust(ctx, toolName) {
+  const required2 = TOOL_TRUST_REQUIREMENTS[toolName];
+  if (required2 === undefined)
+    return { denied: false };
+  const current = ctx.trustLevel ?? 0;
+  if (current < required2) {
+    const requiredName = TRUST_LEVEL_NAMES[required2] ?? `Lv.${required2}`;
+    const currentName = TRUST_LEVEL_NAMES[current] ?? `Lv.${current}`;
+    return {
+      denied: true,
+      error: `Action requires trust level ${required2} (${requiredName}). Current level: ${current} (${currentName}). Grant trust with: grindxp companion trust ${required2}`
+    };
+  }
+  return { denied: false };
+}
 function expandPath(p) {
   if (p.startsWith("~/"))
     return path.join(os.homedir(), p.slice(2));
@@ -47646,6 +47793,38 @@ async function requirePermission(ctx, toolName, detail) {
     return { denied: true, error: "Permission denied by user" };
   return { denied: false };
 }
+function classifyGoogleError(err) {
+  if (err instanceof GoogleNotConnectedError || err instanceof GoogleTokenExpiredError) {
+    return "Google account not connected or session expired. Run `grindxp integrations connect google`.";
+  }
+  if (err instanceof GoogleApiError) {
+    switch (err.status) {
+      case 401:
+        return "Google account disconnected. Run `grindxp integrations connect google`.";
+      case 403:
+        return "No write access to this calendar. Check the calendar's sharing settings.";
+      case 404:
+        return "Calendar or event not found. Use list_calendars to verify available calendar IDs.";
+      case 409:
+        return "Conflict \u2014 this event may already exist on the calendar.";
+      case 410:
+        return "Sync token expired \u2014 a full re-sync will happen on the next poll.";
+    }
+    if (err.status >= 500) {
+      return "Google Calendar is temporarily unavailable. Try again in a moment.";
+    }
+    if (err.status === 400) {
+      try {
+        const parsed = JSON.parse(err.body);
+        const msg = parsed?.error?.message;
+        if (msg)
+          return `Invalid request: ${msg}`;
+      } catch {}
+      return "Invalid request \u2014 check the calendar ID and date format.";
+    }
+  }
+  return err instanceof Error ? err.message : String(err);
+}
 async function extractText(html) {
   let text4 = "";
   let skip = false;
@@ -47826,14 +48005,6 @@ async function resolveTelegramChatId(ctx, token) {
       return { chatId: candidate, source: "recent-signal" };
     }
   }
-  const webhookActive = Boolean(ctx.config?.gateway?.telegramWebhookSecret ?? freshConfig?.gateway?.telegramWebhookSecret);
-  if (webhookActive) {
-    return {
-      chatId: null,
-      source: "none",
-      detail: "Send any message to your Telegram bot and I'll respond automatically. The chat ID will be captured on first contact."
-    };
-  }
   const updatesResponse = await fetch(`https://api.telegram.org/bot${token}/getUpdates?limit=50&timeout=0`, {
     method: "GET"
   });
@@ -47898,7 +48069,10 @@ function persistTelegramDefaultChatId(ctx, chatId) {
       telegramDefaultChatId: chatId
     }
   };
-  writeGrindConfig(ctx.config);
+  const onDisk = readGrindConfig();
+  if (!onDisk?.gateway)
+    return;
+  writeGrindConfig({ ...onDisk, gateway: { ...onDisk.gateway, telegramDefaultChatId: chatId } });
 }
 function asRecord2(value) {
   if (!value || typeof value !== "object" || Array.isArray(value))
@@ -48210,6 +48384,37 @@ async function normalizeForgeRuleDefinition(ctx, input) {
       }
       break;
     }
+    case "run-script": {
+      const script = asNonEmptyString(actionConfig.script);
+      if (!script) {
+        return {
+          ok: false,
+          error: "run-script requires actionConfig.script (shell command to execute)."
+        };
+      }
+      actionConfig.script = script;
+      if (actionConfig.timeout !== undefined) {
+        const timeout = parsePositiveInt2(actionConfig.timeout);
+        if (!timeout) {
+          return {
+            ok: false,
+            error: "run-script actionConfig.timeout must be a positive integer (milliseconds)."
+          };
+        }
+        actionConfig.timeout = timeout;
+      }
+      if (actionConfig.workdir !== undefined) {
+        const workdir = asNonEmptyString(actionConfig.workdir);
+        if (!workdir) {
+          return {
+            ok: false,
+            error: "run-script actionConfig.workdir must be a non-empty string when provided."
+          };
+        }
+        actionConfig.workdir = workdir;
+      }
+      break;
+    }
   }
   return {
     ok: true,
@@ -48275,7 +48480,7 @@ function createGrindTools(ctx) {
           const calendars = await listCalendars(googleConfig);
           return { ok: true, calendars, count: calendars.length };
         } catch (err) {
-          return { ok: false, error: err instanceof Error ? err.message : String(err) };
+          return { ok: false, error: classifyGoogleError(err) };
         }
       }
     }),
@@ -48362,12 +48567,12 @@ function createGrindTools(ctx) {
           });
           return { ok: true, events: result.events, count: result.events.length };
         } catch (err) {
-          return { ok: false, error: err instanceof Error ? err.message : String(err) };
+          return { ok: false, error: classifyGoogleError(err) };
         }
       }
     }),
     create_calendar_event: tool({
-      description: "Create a new event in Google Calendar. Creates in the primary calendar by default. Use list_calendars to find other calendar IDs if needed.",
+      description: "Create a new event in Google Calendar. " + "If the user names a specific calendar (anything other than 'primary'), call list_calendars first to resolve its id, then pass that id as calendarId. " + "If the calendar does not exist yet, call create_calendar first, then use the returned id.",
       inputSchema: exports_external.object({
         summary: exports_external.string().min(1).max(500).describe("Event title"),
         startDateTime: exports_external.string().describe("Start time (ISO 8601, e.g. 2026-02-21T09:00:00)"),
@@ -48376,7 +48581,8 @@ function createGrindTools(ctx) {
         location: exports_external.string().optional().describe("Event location"),
         attendees: exports_external.array(exports_external.string().email()).optional().describe("List of attendee email addresses"),
         allDay: exports_external.boolean().optional().describe("If true, treats startDateTime/endDateTime as dates (YYYY-MM-DD)"),
-        timeZone: exports_external.string().optional().describe("IANA timezone name (e.g. America/New_York)")
+        timeZone: exports_external.string().optional().describe("IANA timezone name (e.g. America/New_York)"),
+        calendarId: exports_external.string().optional().describe("Calendar ID to create the event in. Use list_calendars to resolve a calendar name to its id. Defaults to the primary calendar.")
       }),
       execute: async ({
         summary,
@@ -48386,7 +48592,8 @@ function createGrindTools(ctx) {
         location,
         attendees,
         allDay,
-        timeZone
+        timeZone,
+        calendarId
       }) => {
         const googleConfig = ctx.config?.services?.google;
         if (!googleConfig) {
@@ -48405,10 +48612,32 @@ function createGrindTools(ctx) {
             ...attendees ? { attendees } : {},
             ...allDay ? { allDay } : {},
             ...timeZone ? { timeZone } : {}
-          });
+          }, calendarId ?? "primary");
           return { ok: true, event };
         } catch (err) {
-          return { ok: false, error: err instanceof Error ? err.message : String(err) };
+          return { ok: false, error: classifyGoogleError(err) };
+        }
+      }
+    }),
+    create_calendar: tool({
+      description: "Create a new Google Calendar. After creation, use the returned id with create_calendar_event to add events to it. " + "Use this when the user asks to create a calendar that does not yet exist in their list.",
+      inputSchema: exports_external.object({
+        summary: exports_external.string().min(1).max(255).describe("Calendar name (e.g. 'Work', 'God', 'Study')"),
+        timeZone: exports_external.string().optional().describe("IANA timezone name for the calendar (e.g. America/Sao_Paulo)")
+      }),
+      execute: async ({ summary, timeZone }) => {
+        const googleConfig = ctx.config?.services?.google;
+        if (!googleConfig) {
+          return {
+            ok: false,
+            error: "Google account not connected. Run `grindxp integrations connect google`."
+          };
+        }
+        try {
+          const calendar2 = await createCalendar(googleConfig, summary, timeZone);
+          return { ok: true, calendar: calendar2 };
+        } catch (err) {
+          return { ok: false, error: classifyGoogleError(err) };
         }
       }
     }),
@@ -48456,7 +48685,7 @@ function createGrindTools(ctx) {
           const event = await updateCalendarEvent(googleConfig, eventId, patch, calendarId ?? "primary");
           return { ok: true, event };
         } catch (err) {
-          return { ok: false, error: err instanceof Error ? err.message : String(err) };
+          return { ok: false, error: classifyGoogleError(err) };
         }
       }
     }),
@@ -48478,7 +48707,7 @@ function createGrindTools(ctx) {
           await deleteCalendarEvent(googleConfig, eventId, calendarId ?? "primary");
           return { ok: true, eventId };
         } catch (err) {
-          return { ok: false, error: err instanceof Error ? err.message : String(err) };
+          return { ok: false, error: classifyGoogleError(err) };
         }
       }
     }),
@@ -48593,7 +48822,7 @@ function createGrindTools(ctx) {
       }
     }),
     list_forge_rules: tool({
-      description: "List forge automation rules. Use this before updating, deleting, or running a specific rule.",
+      description: "List forge automation rules. Each rule includes xpImpact: true/false \u2014 use this to decide how to communicate the action to the user. Always call this before updating, deleting, or running a specific rule.",
       inputSchema: exports_external.object({
         enabledOnly: exports_external.boolean().optional().describe("When true, return only enabled rules."),
         includeRecentRuns: exports_external.boolean().default(true).describe("When true, include recent execution history."),
@@ -48611,6 +48840,7 @@ function createGrindTools(ctx) {
             enabled: rule.enabled,
             triggerType: rule.triggerType,
             actionType: rule.actionType,
+            xpImpact: ["log-to-vault", "update-skill"].includes(rule.actionType),
             triggerConfig: redactForgeValue(rule.triggerConfig),
             actionConfig: redactForgeValue(rule.actionConfig),
             updatedAt: rule.updatedAt
@@ -48685,13 +48915,13 @@ function createGrindTools(ctx) {
       }
     }),
     create_forge_rule: tool({
-      description: "Create a forge automation rule. This supports currently implemented actions only: queue-quest, log-to-vault, send-notification.",
+      description: "Create a forge automation rule (queue-quest, log-to-vault, send-notification, run-script). send-notification and queue-quest have no XP impact \u2014 create autonomously. log-to-vault auto-awards XP \u2014 create it and mention that in your reply. run-script executes a shell script \u2014 always include the full script in your reply so the user can verify it.",
       inputSchema: exports_external.object({
         name: exports_external.string().min(2).max(128).describe("Human-readable rule name."),
         triggerType: exports_external.enum(FORGE_TRIGGER_TYPES).describe("Trigger type (cron, event, signal, webhook, manual)."),
         triggerConfig: exports_external.record(exports_external.string(), exports_external.unknown()).default({}).describe("Trigger configuration object."),
         actionType: exports_external.enum(FORGE_ACTION_TYPES).describe("Action type (queue-quest, log-to-vault, send-notification)."),
-        actionConfig: exports_external.record(exports_external.string(), exports_external.unknown()).default({}).describe("Action configuration object. " + "send-notification: required 'message' (static string) or 'script' (shell command whose stdout becomes the message), plus 'channel' (telegram/console/webhook/whatsapp) and channel credentials. " + "queue-quest: required 'questId'. " + "log-to-vault: required 'activityType', 'durationMinutes'."),
+        actionConfig: exports_external.record(exports_external.string(), exports_external.unknown()).default({}).describe("Action configuration object. " + "send-notification: required 'message' (static string) or 'script' (shell command whose stdout becomes the message), plus 'channel' (telegram/console/webhook/whatsapp) and channel credentials. " + "queue-quest: required 'questId'. " + "log-to-vault: required 'activityType', 'durationMinutes'. " + "run-script: required 'script' (shell command), optional 'timeout' (ms, default 30000), optional 'workdir' (supports ~)."),
         enabled: exports_external.boolean().default(true).describe("Whether the rule starts enabled.")
       }),
       execute: async ({ name: name21, triggerType, triggerConfig, actionType, actionConfig, enabled }) => {
@@ -48731,7 +48961,7 @@ function createGrindTools(ctx) {
       }
     }),
     update_forge_rule: tool({
-      description: "Update a forge rule by ID prefix or name. Use list_forge_rules first to confirm the target.",
+      description: "Update a forge rule by ID prefix or name. Call list_forge_rules first to confirm the target. Act autonomously \u2014 no permission needed unless changing to a log-to-vault action, in which case mention the XP impact in your reply.",
       inputSchema: exports_external.object({
         ruleSearch: exports_external.string().min(1).describe("Rule ID prefix or rule name substring."),
         name: exports_external.string().min(2).max(128).optional().describe("New rule name."),
@@ -48798,6 +49028,7 @@ function createGrindTools(ctx) {
           nextTriggerConfig = normalized.triggerConfig;
           nextActionConfig = normalized.actionConfig;
         }
+        const effectiveActionType = actionType ?? rule.actionType;
         const updated = await updateForgeRule(ctx.db, ctx.userId, rule.id, {
           ...name21 !== undefined ? { name: name21 } : {},
           ...triggerType !== undefined ? { triggerType } : {},
@@ -48827,7 +49058,7 @@ function createGrindTools(ctx) {
       }
     }),
     delete_forge_rule: tool({
-      description: "Delete a forge rule by ID prefix or name. Related run history is removed as part of rule deletion.",
+      description: "Delete a forge rule by ID prefix or name. This is permanent \u2014 warn the user before calling this. Run history is also removed.",
       inputSchema: exports_external.object({
         ruleSearch: exports_external.string().min(1).describe("Rule ID prefix or rule name substring.")
       }),
@@ -48836,6 +49067,9 @@ function createGrindTools(ctx) {
         if (!rule) {
           return { ok: false, error: `No forge rule matching "${ruleSearch}".` };
         }
+        const perm = await requirePermission(ctx, "delete_forge_rule", `Permanently delete forge rule "${rule.name}"?`);
+        if (perm.denied)
+          return { ok: false, error: "Deletion cancelled." };
         const deleted = await deleteForgeRule(ctx.db, ctx.userId, rule.id);
         if (!deleted) {
           return { ok: false, error: "Failed to delete forge rule." };
@@ -48852,7 +49086,7 @@ function createGrindTools(ctx) {
       }
     }),
     run_forge_rule: tool({
-      description: "Run a forge rule immediately by ID prefix or name. Useful for testing automation behavior without waiting for its trigger.",
+      description: "Run a forge rule immediately by ID prefix or name. Check xpImpact from list_forge_rules first: if false (notifications, reminders), run autonomously; if true (log-to-vault), run and mention the XP award in your reply.",
       inputSchema: exports_external.object({
         ruleSearch: exports_external.string().min(1).describe("Rule ID prefix or rule name substring."),
         eventPayload: exports_external.record(exports_external.string(), exports_external.unknown()).optional().describe("Optional payload passed as event context for this run-now execution."),
@@ -48957,6 +49191,9 @@ function createGrindTools(ctx) {
         baseXp: exports_external.number().int().positive().default(10).describe("Base XP before multipliers. 10=small, 25=medium, 50=large, 100=epic")
       }),
       execute: async ({ title, description, type, difficulty, skillTags, baseXp }) => {
+        const trust2 = requireTrust(ctx, "create_quest");
+        if (trust2.denied)
+          return { error: trust2.error };
         const active = await listQuestsByUser(ctx.db, ctx.userId, ["active"]);
         if (active.length >= 5) {
           return { error: "Max 5 active quests. Complete or abandon one first." };
@@ -48990,6 +49227,9 @@ function createGrindTools(ctx) {
         durationMinutes: exports_external.number().int().positive().optional().describe("Duration in minutes if timer proof")
       }),
       execute: async ({ questSearch, proofType, durationMinutes }) => {
+        const trust2 = requireTrust(ctx, "complete_quest");
+        if (trust2.denied)
+          return { error: trust2.error };
         const quest2 = await findQuestByPrefix(ctx.db, ctx.userId, questSearch);
         if (!quest2)
           return { error: `No quest matching "${questSearch}"` };
@@ -49029,6 +49269,9 @@ function createGrindTools(ctx) {
         questSearch: exports_external.string().describe("Quest ID prefix or title substring")
       }),
       execute: async ({ questSearch }) => {
+        const trust2 = requireTrust(ctx, "abandon_quest");
+        if (trust2.denied)
+          return { error: trust2.error };
         const quest2 = await findQuestByPrefix(ctx.db, ctx.userId, questSearch);
         if (!quest2)
           return { error: `No quest matching "${questSearch}"` };
@@ -49048,6 +49291,9 @@ function createGrindTools(ctx) {
         questSearch: exports_external.string().describe("Quest ID prefix or title substring")
       }),
       execute: async ({ questSearch }) => {
+        const trust2 = requireTrust(ctx, "start_timer");
+        if (trust2.denied)
+          return { error: trust2.error };
         const existing = readTimer(ctx.timerPath);
         if (existing) {
           const elapsed = formatElapsed(existing.startedAt);
@@ -49075,6 +49321,9 @@ function createGrindTools(ctx) {
         complete: exports_external.boolean().default(false).describe("Whether to also complete the quest with timer-duration proof")
       }),
       execute: async ({ complete }) => {
+        const trust2 = requireTrust(ctx, "stop_timer");
+        if (trust2.denied)
+          return { error: trust2.error };
         const timer = readTimer(ctx.timerPath);
         if (!timer)
           return { error: "No timer running" };
@@ -49812,6 +50061,182 @@ ${normalized}` : normalized;
         return { pattern, matches, totalMatches: matches.length, truncated };
       }
     }),
+    list_skills: tool({
+      description: "List all skills with current XP, level, and category. Use this to see the full skill breakdown before making quest suggestions or updates.",
+      inputSchema: exports_external.object({}),
+      execute: async () => {
+        const allSkills = await listSkillsByUser(ctx.db, ctx.userId);
+        return allSkills.map((s) => ({
+          id: s.id.slice(0, 8),
+          name: s.name,
+          category: s.category,
+          xp: s.xp,
+          level: s.level
+        }));
+      }
+    }),
+    list_quest_logs: tool({
+      description: "List recent quest completion history. Returns completions with XP earned, duration, and proof type. Use this to see what the user has actually done recently.",
+      inputSchema: exports_external.object({
+        limit: exports_external.number().int().min(1).max(100).default(20).describe("Maximum number of logs to return"),
+        sinceDaysAgo: exports_external.number().int().min(1).max(90).optional().describe("Only return logs from this many days ago")
+      }),
+      execute: async ({ limit, sinceDaysAgo }) => {
+        const since = sinceDaysAgo ? Date.now() - sinceDaysAgo * 24 * 60 * 60 * 1000 : undefined;
+        const logs = await listQuestLogs(ctx.db, ctx.userId, {
+          limit,
+          ...since ? { since } : {}
+        });
+        const questIds = [...new Set(logs.map((l) => l.questId))];
+        const questTitles = {};
+        for (const qid of questIds) {
+          const q3 = await getQuestById(ctx.db, qid);
+          if (q3)
+            questTitles[qid] = q3.title;
+        }
+        return logs.map((l) => ({
+          questTitle: questTitles[l.questId] ?? l.questId.slice(0, 8),
+          completedAt: new Date(l.completedAt).toLocaleDateString(),
+          xpEarned: l.xpEarned,
+          durationMinutes: l.durationMinutes ?? null,
+          proofType: l.proofType,
+          streakDay: l.streakDay
+        }));
+      }
+    }),
+    list_signals: tool({
+      description: "List recently detected signals (git commits, file changes, process observations, webhook events). Use this to understand what the user has been doing passively.",
+      inputSchema: exports_external.object({
+        limit: exports_external.number().int().min(1).max(50).default(20).describe("Maximum number of signals to return"),
+        source: exports_external.enum(["git", "file", "process", "webhook"]).optional().describe("Filter by signal source")
+      }),
+      execute: async ({ limit, source }) => {
+        const sigs = await listSignals(ctx.db, ctx.userId, {
+          limit,
+          ...source ? { source } : {}
+        });
+        return sigs.map((s) => ({
+          source: s.source,
+          type: s.type,
+          confidence: s.confidence,
+          detectedAt: new Date(s.detectedAt).toLocaleString(),
+          payload: s.payload
+        }));
+      }
+    }),
+    update_quest: tool({
+      description: "Update quest details: title, description, difficulty, type, baseXp, skillTags, or schedule. Does NOT change quest status \u2014 use abandon_quest or complete_quest for that.",
+      inputSchema: exports_external.object({
+        questSearch: exports_external.string().describe("Quest ID prefix or title substring"),
+        title: exports_external.string().min(1).max(256).optional().describe("New quest title"),
+        description: exports_external.string().max(2000).nullable().optional().describe("New description"),
+        type: exports_external.enum(["daily", "weekly", "epic", "bounty", "chain", "ritual"]).optional().describe("New quest type"),
+        difficulty: exports_external.enum(["easy", "medium", "hard", "epic"]).optional().describe("New difficulty"),
+        skillTags: exports_external.array(exports_external.string()).optional().describe("Replace skill tags"),
+        baseXp: exports_external.number().int().positive().optional().describe("New base XP (before multipliers)"),
+        scheduleCron: exports_external.string().nullable().optional().describe("New cron schedule (null to remove)")
+      }).refine((v) => v.title !== undefined || v.description !== undefined || v.type !== undefined || v.difficulty !== undefined || v.skillTags !== undefined || v.baseXp !== undefined || v.scheduleCron !== undefined, { message: "Provide at least one field to update." }),
+      execute: async ({
+        questSearch,
+        title,
+        description,
+        type,
+        difficulty,
+        skillTags,
+        baseXp,
+        scheduleCron
+      }) => {
+        const trust2 = requireTrust(ctx, "update_quest");
+        if (trust2.denied)
+          return { error: trust2.error };
+        const quest2 = await findQuestByPrefix(ctx.db, ctx.userId, questSearch);
+        if (!quest2)
+          return { error: `No quest matching "${questSearch}"` };
+        const updated = await updateQuest(ctx.db, quest2.id, ctx.userId, {
+          ...title !== undefined ? { title } : {},
+          ...description !== undefined ? { description } : {},
+          ...type !== undefined ? { type } : {},
+          ...difficulty !== undefined ? { difficulty } : {},
+          ...skillTags !== undefined ? { skillTags } : {},
+          ...baseXp !== undefined ? { baseXp } : {},
+          ...scheduleCron !== undefined ? { scheduleCron } : {}
+        });
+        if (!updated)
+          return { error: "Failed to update quest." };
+        return {
+          ok: true,
+          id: updated.id.slice(0, 8),
+          title: updated.title,
+          type: updated.type,
+          difficulty: updated.difficulty,
+          skillTags: updated.skillTags,
+          baseXp: updated.baseXp
+        };
+      }
+    }),
+    activate_quest: tool({
+      description: "Move a quest from 'available' to 'active'. Use when the user is ready to start working on a quest that isn't active yet. Subject to the 5-quest active limit.",
+      inputSchema: exports_external.object({
+        questSearch: exports_external.string().describe("Quest ID prefix or title substring")
+      }),
+      execute: async ({ questSearch }) => {
+        const trust2 = requireTrust(ctx, "activate_quest");
+        if (trust2.denied)
+          return { error: trust2.error };
+        const quest2 = await findQuestByPrefix(ctx.db, ctx.userId, questSearch);
+        if (!quest2)
+          return { error: `No quest matching "${questSearch}"` };
+        if (quest2.status === "active")
+          return { error: "Quest is already active." };
+        if (quest2.status === "completed")
+          return { error: "Quest is completed \u2014 cannot reactivate." };
+        if (quest2.status === "abandoned")
+          return { error: "Quest is abandoned \u2014 cannot reactivate." };
+        const active = await listQuestsByUser(ctx.db, ctx.userId, ["active"]);
+        if (active.length >= 5) {
+          return { error: "Max 5 active quests. Complete or abandon one first." };
+        }
+        await updateQuestStatus(ctx.db, quest2.id, ctx.userId, "active");
+        return { ok: true, quest: quest2.title, status: "active" };
+      }
+    }),
+    delete_insight: tool({
+      description: "Delete a stored companion insight. Only AI-observed insights can be deleted. User-stated insights are permanent and cannot be removed by the companion.",
+      inputSchema: exports_external.object({
+        insightId: exports_external.string().min(1).describe("Insight ID (full UUID or short ID prefix)")
+      }),
+      execute: async ({ insightId }) => {
+        const trust2 = requireTrust(ctx, "delete_insight");
+        if (trust2.denied)
+          return { error: trust2.error };
+        const insights = await listCompanionInsights(ctx.db, ctx.userId, 200);
+        const match = insights.find((i) => i.id === insightId || i.id.startsWith(insightId));
+        if (!match)
+          return { error: `No insight matching "${insightId}"` };
+        if (match.source === "user-stated") {
+          return {
+            error: "Cannot delete user-stated insights. These are facts you provided \u2014 they can only be updated, not removed."
+          };
+        }
+        const deleted = await deleteCompanionInsight(ctx.db, match.id, ctx.userId);
+        if (!deleted)
+          return { error: "Failed to delete insight." };
+        return { ok: true, deleted: true, content: match.content };
+      }
+    }),
+    update_companion_mode: tool({
+      description: "Change the companion operating mode. 'suggest' = propose only, 'assist' = act on explicit requests, 'auto' = act proactively.",
+      inputSchema: exports_external.object({
+        mode: exports_external.enum(["off", "suggest", "assist", "auto"]).describe("New companion mode")
+      }),
+      execute: async ({ mode }) => {
+        const trust2 = requireTrust(ctx, "update_companion_mode");
+        if (trust2.denied)
+          return { error: trust2.error };
+        const updated = await updateCompanionMode(ctx.db, ctx.userId, mode);
+        return { ok: true, mode: updated.mode };
+      }
+    }),
     bash: tool({
       description: "Execute a shell command. Returns stdout, stderr, and exit code. Both stdout and stderr are capped at 50KB.",
       inputSchema: exports_external.object({
@@ -49896,7 +50321,7 @@ ${normalized}` : normalized;
     })
   };
 }
-var MAX_FETCH_SIZE, MAX_READ_SIZE, MAX_BASH_OUTPUT, DEFAULT_READ_LIMIT = 2000, MAX_LINE_LENGTH = 2000, FORGE_TRIGGER_TYPES, FORGE_ACTION_TYPES, FORGE_NOTIFICATION_CHANNELS, FORGE_WEBHOOK_CHANNEL_TAGS, SIMPLE_CRON_FIELD_REGEX, FORGE_SENSITIVE_KEYS;
+var TRUST_LEVEL_NAMES, TOOL_TRUST_REQUIREMENTS, MAX_FETCH_SIZE, MAX_READ_SIZE, MAX_BASH_OUTPUT, DEFAULT_READ_LIMIT = 2000, MAX_LINE_LENGTH = 2000, FORGE_TRIGGER_TYPES, FORGE_ACTION_TYPES, FORGE_NOTIFICATION_CHANNELS, FORGE_WEBHOOK_CHANNEL_TAGS, SIMPLE_CRON_FIELD_REGEX, FORGE_SENSITIVE_KEYS;
 var init_tools = __esm(() => {
   init_dist5();
   init_drizzle_orm();
@@ -49911,11 +50336,28 @@ var init_tools = __esm(() => {
   init_schema2();
   init_repositories();
   init_constants();
+  TRUST_LEVEL_NAMES = ["Watcher", "Advisor", "Scribe", "Agent", "Sovereign"];
+  TOOL_TRUST_REQUIREMENTS = {
+    complete_quest: 2,
+    abandon_quest: 2,
+    activate_quest: 2,
+    start_timer: 2,
+    stop_timer: 2,
+    update_companion_mode: 2,
+    create_quest: 3,
+    update_quest: 3,
+    delete_insight: 4
+  };
   MAX_FETCH_SIZE = 50 * 1024;
   MAX_READ_SIZE = 50 * 1024;
   MAX_BASH_OUTPUT = 50 * 1024;
   FORGE_TRIGGER_TYPES = ["cron", "event", "signal", "webhook", "manual"];
-  FORGE_ACTION_TYPES = ["queue-quest", "log-to-vault", "send-notification"];
+  FORGE_ACTION_TYPES = [
+    "queue-quest",
+    "log-to-vault",
+    "send-notification",
+    "run-script"
+  ];
   FORGE_NOTIFICATION_CHANNELS = ["console", "telegram", "webhook", "whatsapp"];
   FORGE_WEBHOOK_CHANNEL_TAGS = ["webhook", "telegram", "discord", "whatsapp"];
   SIMPLE_CRON_FIELD_REGEX = /^[\d*/,\-]+$/;
@@ -83124,9 +83566,10 @@ function ChatScreen(props) {
   const [pasteBuffers, setPasteBuffers] = import_react16.useState([]);
   const pasteCountRef = import_react16.useRef(0);
   const [pastePreviewOpen, setPastePreviewOpen] = import_react16.useState(false);
-  const promptHistoryRef = import_react16.useRef(props.initialPromptHistory ?? []);
+  const [hasPromptText, setHasPromptText] = import_react16.useState(false);
+  const historyRef = import_react16.useRef(props.initialPromptHistory ?? []);
   const historyDraftRef = import_react16.useRef("");
-  const [historyIndex, setHistoryIndex] = import_react16.useState(-1);
+  const [historyNavPos, setHistoryNavPos] = import_react16.useState(null);
   const suggestions = import_react16.useMemo(() => matchCommands(cmdBuffer), [cmdBuffer]);
   const ghostText = import_react16.useMemo(() => getGhostCompletion(cmdBuffer), [cmdBuffer]);
   const effectiveMode = permissionPrompt ? "permission" : sessionList && sessionList.length > 0 ? "sessions" : commandMode;
@@ -83170,18 +83613,59 @@ function ChatScreen(props) {
     setPickerSearch("");
     setPickerSelectedIndex(0);
   }, []);
+  const clearPromptAll = import_react16.useCallback(() => {
+    textareaRef.current?.clear();
+    textareaRef.current?.extmarks?.clear();
+    for (const att of attachments)
+      onRemoveAttachment(att.id);
+    setPasteBuffers([]);
+    setPastePreviewOpen(false);
+    setHasPromptText(false);
+    historyDraftRef.current = "";
+    setHistoryNavPos(null);
+  }, [attachments, onRemoveAttachment]);
+  function navigateHistory(direction) {
+    const textarea = textareaRef.current;
+    if (!textarea)
+      return;
+    const history = historyRef.current;
+    if (direction === "up") {
+      if (history.length === 0)
+        return;
+      const curIdx = historyNavPos !== null ? historyNavPos.i - 1 : -1;
+      const nextIdx = curIdx === -1 ? history.length - 1 : Math.max(0, curIdx - 1);
+      if (nextIdx === curIdx)
+        return;
+      if (curIdx === -1)
+        historyDraftRef.current = textarea.plainText;
+      setHistoryNavPos({ i: nextIdx + 1, n: history.length });
+      textarea.setText(history[nextIdx]);
+      textarea.cursorOffset = 0;
+      setHasPromptText(true);
+    } else {
+      if (historyNavPos === null)
+        return;
+      const nextIdx = historyNavPos.i;
+      if (nextIdx >= history.length) {
+        setHistoryNavPos(null);
+        const draft = historyDraftRef.current;
+        textarea.setText(draft);
+        textarea.cursorOffset = draft.length;
+        setHasPromptText(draft.length > 0);
+      } else {
+        setHistoryNavPos({ i: nextIdx + 1, n: history.length });
+        textarea.setText(history[nextIdx]);
+        textarea.cursorOffset = history[nextIdx].length;
+        setHasPromptText(true);
+      }
+    }
+  }
   const imageTypeIdRef = import_react16.useRef(null);
   const handleContentChange = useEffectEvent2(() => {
     if (commandMode !== "idle")
       return;
     const value = textareaRef.current?.plainText ?? "";
-    if (historyIndex !== -1) {
-      const expected = promptHistoryRef.current[historyIndex];
-      if (value !== expected) {
-        setHistoryIndex(-1);
-      }
-      return;
-    }
+    setHasPromptText(value.length > 0);
     if (value === "/") {
       textareaRef.current?.clear();
       setCommandMode("suggesting");
@@ -83237,18 +83721,22 @@ function ChatScreen(props) {
     if (!text4 && !hasImages)
       return;
     if (text4) {
-      const h = promptHistoryRef.current;
+      const h = historyRef.current;
       if (h[h.length - 1] !== text4) {
-        promptHistoryRef.current = [...h, text4].slice(-PROMPT_HISTORY_MAX2);
+        historyRef.current = [...h, text4].slice(-PROMPT_HISTORY_MAX2);
       }
     }
-    setHistoryIndex(-1);
     historyDraftRef.current = "";
+    setHistoryNavPos(null);
     onSend(text4);
     textareaRef.current?.extmarks?.clear();
     textareaRef.current?.clear();
   }, [onSend, pasteBuffers]);
   const handlePaste = import_react16.useCallback((event) => {
+    if (historyNavPos !== null) {
+      historyDraftRef.current = "";
+      setHistoryNavPos(null);
+    }
     const normalized = event.text.replace(/\r\n/g, `
 `).replace(/\r/g, `
 `);
@@ -83303,6 +83791,13 @@ function ChatScreen(props) {
   }, [onSessionSelect]);
   useKeyboard((key) => {
     if (key.ctrl && key.name === "c") {
+      if (effectiveMode === "idle") {
+        const text4 = textareaRef.current?.plainText ?? "";
+        if (text4 || attachments.length > 0 || pasteBuffers.length > 0) {
+          clearPromptAll();
+          return;
+        }
+      }
       onExit();
       return;
     }
@@ -83430,51 +83925,6 @@ function ChatScreen(props) {
       key.preventDefault();
       return;
     }
-    if (mode === "idle" && key.name === "up") {
-      const plain = textareaRef.current?.plainText ?? "";
-      const cursor = textareaRef.current?.cursorOffset ?? 0;
-      const onFirstLine = !plain.slice(0, cursor).includes(`
-`);
-      const history = promptHistoryRef.current;
-      if (onFirstLine && history.length > 0) {
-        key.preventDefault();
-        const curIdx = historyIndex;
-        const nextIdx = curIdx === -1 ? history.length - 1 : Math.max(0, curIdx - 1);
-        if (nextIdx !== curIdx) {
-          if (curIdx === -1)
-            historyDraftRef.current = plain;
-          const entry = history[nextIdx];
-          if (entry !== undefined) {
-            setHistoryIndex(nextIdx);
-            textareaRef.current?.clear();
-            textareaRef.current?.extmarks?.clear();
-            textareaRef.current?.insertText(entry);
-          }
-        }
-        return;
-      }
-    }
-    if (mode === "idle" && key.name === "down" && historyIndex !== -1) {
-      key.preventDefault();
-      const history = promptHistoryRef.current;
-      const nextIdx = historyIndex + 1;
-      if (nextIdx >= history.length) {
-        setHistoryIndex(-1);
-        textareaRef.current?.clear();
-        textareaRef.current?.extmarks?.clear();
-        if (historyDraftRef.current)
-          textareaRef.current?.insertText(historyDraftRef.current);
-      } else {
-        const entry = history[nextIdx];
-        if (entry !== undefined) {
-          setHistoryIndex(nextIdx);
-          textareaRef.current?.clear();
-          textareaRef.current?.extmarks?.clear();
-          textareaRef.current?.insertText(entry);
-        }
-      }
-      return;
-    }
     if (mode === "idle" && attachments.length > 0 && (key.meta && key.name === "backspace" || key.ctrl && key.name === "backspace" || key.ctrl && key.name === "w" || key.meta && key.name === "delete")) {
       const textarea = textareaRef.current;
       const extmarks = textarea?.extmarks;
@@ -83518,11 +83968,36 @@ function ChatScreen(props) {
       setPastePreviewOpen((open) => !open);
       return;
     }
+    if (mode === "idle" && historyNavPos !== null) {
+      const isChar = !key.ctrl && !key.meta && key.sequence && key.sequence.length === 1 && key.sequence.charCodeAt(0) >= 32;
+      if (isChar || key.name === "backspace" || key.name === "delete") {
+        historyDraftRef.current = "";
+        setHistoryNavPos(null);
+      }
+    }
+    if (mode === "idle" && key.name === "up" && !key.ctrl && !key.meta) {
+      const offset = textareaRef.current?.cursorOffset ?? 0;
+      if (offset === 0 && historyRef.current.length > 0) {
+        key.preventDefault();
+        navigateHistory("up");
+        return;
+      }
+    }
+    if (mode === "idle" && key.name === "down" && !key.ctrl && !key.meta && historyNavPos !== null) {
+      key.preventDefault();
+      navigateHistory("down");
+      return;
+    }
     if (key.name === "escape") {
       if (isStreaming) {
         onAbort();
       } else {
-        onExit();
+        const text4 = textareaRef.current?.plainText ?? "";
+        if (text4 || attachments.length > 0 || pasteBuffers.length > 0) {
+          clearPromptAll();
+        } else {
+          onExit();
+        }
       }
     }
   });
@@ -83846,9 +84321,13 @@ function ChatScreen(props) {
             focused: textareaFocused,
             minHeight: 1,
             maxHeight: 6,
+            flexShrink: 0,
             keyBindings: [
               { name: "return", action: "submit" },
-              { name: "return", meta: true, action: "newline" }
+              { name: "return", meta: true, action: "newline" },
+              { name: "return", ctrl: true, action: "newline" },
+              { name: "return", shift: true, action: "newline" },
+              { name: "j", ctrl: true, action: "newline" }
             ]
           }, undefined, false, undefined, this)
         }, undefined, false, undefined, this)
@@ -84053,7 +84532,43 @@ function ChatScreen(props) {
               }, undefined, true, undefined, this)
             ]
           }, undefined, true, undefined, this),
-          effectiveMode === "idle" && !isStreaming && /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV(import_jsx_dev_runtime2.Fragment, {
+          effectiveMode === "idle" && !isStreaming && historyNavPos !== null && /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV(import_jsx_dev_runtime2.Fragment, {
+            children: [
+              /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
+                fg: colors.muted,
+                children: [
+                  "\u2191\u2193",
+                  " history ",
+                  historyNavPos.i,
+                  "/",
+                  historyNavPos.n
+                ]
+              }, undefined, true, undefined, this),
+              /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
+                fg: colors.textDim,
+                children: "\xB7"
+              }, undefined, false, undefined, this),
+              /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
+                fg: colors.textDim,
+                children: [
+                  "\u2193",
+                  " newer"
+                ]
+              }, undefined, true, undefined, this),
+              /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
+                fg: colors.textDim,
+                children: [
+                  "[",
+                  /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("span", {
+                    fg: colors.accent,
+                    children: "Esc"
+                  }, undefined, false, undefined, this),
+                  "] cancel"
+                ]
+              }, undefined, true, undefined, this)
+            ]
+          }, undefined, true, undefined, this),
+          effectiveMode === "idle" && !isStreaming && historyNavPos === null && /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV(import_jsx_dev_runtime2.Fragment, {
             children: [
               /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
                 fg: colors.muted,
@@ -84105,43 +84620,44 @@ function ChatScreen(props) {
               }, undefined, true, undefined, this),
               !zenMode && /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV(import_jsx_dev_runtime2.Fragment, {
                 children: [
-                  /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
+                  historyRef.current.length > 0 && /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
                     fg: colors.textDim,
                     children: [
                       "[",
                       /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("span", {
                         fg: colors.accent,
-                        children: "/"
+                        children: "\u2191"
                       }, undefined, false, undefined, this),
-                      "] cmds"
+                      "] history"
                     ]
                   }, undefined, true, undefined, this),
-                  historyIndex !== -1 ? /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
-                    fg: colors.accent,
+                  /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
+                    fg: colors.textDim,
                     children: [
-                      "history [",
-                      historyIndex + 1,
-                      "/",
-                      promptHistoryRef.current.length,
-                      "]",
-                      " ",
+                      "[",
                       /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("span", {
-                        fg: colors.textDim,
-                        children: "[\u2191\u2193] nav"
-                      }, undefined, false, undefined, this)
+                        fg: colors.accent,
+                        children: "/"
+                      }, undefined, false, undefined, this),
+                      "] cmds"
                     ]
-                  }, undefined, true, undefined, this) : promptHistoryRef.current.length > 0 && /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
+                  }, undefined, true, undefined, this),
+                  hasPromptText || attachments.length > 0 || pasteBuffers.length > 0 ? /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
                     fg: colors.textDim,
                     children: [
                       "[",
                       /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("span", {
                         fg: colors.accent,
-                        children: "\u2191\u2193"
+                        children: "Esc"
                       }, undefined, false, undefined, this),
-                      "] history"
+                      "/",
+                      /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("span", {
+                        fg: colors.accent,
+                        children: "^C"
+                      }, undefined, false, undefined, this),
+                      "] clear"
                     ]
-                  }, undefined, true, undefined, this),
-                  /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
+                  }, undefined, true, undefined, this) : /* @__PURE__ */ import_jsx_dev_runtime2.jsxDEV("text", {
                     fg: colors.textDim,
                     children: [
                       "[",
@@ -84149,7 +84665,7 @@ function ChatScreen(props) {
                         fg: colors.accent,
                         children: "Esc"
                       }, undefined, false, undefined, this),
-                      "] back"
+                      "] exit"
                     ]
                   }, undefined, true, undefined, this)
                 ]
@@ -84193,7 +84709,7 @@ function ChatScreen(props) {
     ]
   }, undefined, true, undefined, this);
 }
-var import_react16, IMAGE_EXTS2, IMAGE_LABEL_RE, IMAGE_LABEL_SPLIT, COLLAPSED_LINES = 8, TOOL_ICONS, BLOCK_TOOLS, CMD_NAME_COL = 14, PROMPT_HISTORY_MAX2 = 100;
+var import_react16, IMAGE_EXTS2, IMAGE_LABEL_RE, IMAGE_LABEL_SPLIT, COLLAPSED_LINES = 8, PROMPT_HISTORY_MAX2 = 100, TOOL_ICONS, BLOCK_TOOLS, CMD_NAME_COL = 14;
 var init_ChatScreen = __esm(async () => {
   init_use_effect_event();
   init_clipboard();
@@ -85290,7 +85806,8 @@ function renderChat(root, params) {
     db: params.db,
     userId: params.userId,
     timerPath: params.timerPath,
-    config: params.config
+    config: params.config,
+    trustLevel: params.companion?.trustLevel ?? 0
   };
   const promptCtx = {
     user: params.user,
@@ -86865,6 +87382,85 @@ async function companionMemoryEditCommand(ctx, idPrefix) {
   });
   R2.success(`Updated insight ${updated.id.slice(0, 8)}.`);
 }
+var TRUST_LEVELS = [
+  {
+    level: 0,
+    name: "Watcher",
+    minScore: 0,
+    description: "Read-only. Manages forge rules by risk (notifications/reminders freely)."
+  },
+  {
+    level: 1,
+    name: "Advisor",
+    minScore: 10,
+    description: "Can suggest quests."
+  },
+  {
+    level: 2,
+    name: "Scribe",
+    minScore: 25,
+    description: "Can complete/abandon quests, start/stop timers, update companion mode."
+  },
+  {
+    level: 3,
+    name: "Agent",
+    minScore: 50,
+    description: "Can create and update quests."
+  },
+  {
+    level: 4,
+    name: "Sovereign",
+    minScore: 100,
+    description: "Can delete insights."
+  }
+];
+async function companionTrustCommand(ctx, levelArg) {
+  const companion4 = await requireCompanion(ctx);
+  if (levelArg === undefined) {
+    const currentName = TRUST_LEVELS.find((t) => t.level === companion4.trustLevel)?.name ?? `Lv.${companion4.trustLevel}`;
+    Ve([
+      `Current: ${currentName} (level ${companion4.trustLevel}, score ${companion4.trustScore})`,
+      "",
+      "Available levels:",
+      ...TRUST_LEVELS.map((t) => {
+        const marker21 = t.level === companion4.trustLevel ? "\u25B6" : " ";
+        return `  ${marker21} ${t.level} ${t.name.padEnd(10)} ${t.description}`;
+      }),
+      "",
+      "Grant trust: grindxp companion trust <0-4>"
+    ].join(`
+`), "Companion Trust");
+    return;
+  }
+  const parsed = Number.parseInt(levelArg, 10);
+  if (!Number.isInteger(parsed) || parsed < 0 || parsed > 4) {
+    R2.error("Trust level must be 0\u20134.");
+    return;
+  }
+  const target = TRUST_LEVELS[parsed];
+  if (!target) {
+    R2.error("Invalid trust level.");
+    return;
+  }
+  if (parsed === companion4.trustLevel) {
+    R2.info(`Companion is already at ${target.name} (level ${parsed}).`);
+    return;
+  }
+  const action = parsed > companion4.trustLevel ? "Grant" : "Revoke to";
+  const confirm = await Re({
+    message: `${action} trust level ${parsed} (${target.name})? ${target.description}`
+  });
+  if (Ct(confirm) || !confirm) {
+    Ne("Cancelled.");
+    return;
+  }
+  await upsertCompanion(ctx.db, {
+    ...companion4,
+    trustLevel: parsed,
+    trustScore: Math.max(companion4.trustScore, target.minScore)
+  });
+  R2.success(`Trust updated to ${target.name} (level ${parsed}).`);
+}
 async function companionMemoryDeleteCommand(ctx, idPrefix) {
   await requireCompanion(ctx);
   const insightId = await chooseInsightId(ctx, idPrefix);
@@ -87423,6 +88019,7 @@ async function handleTelegramEvent(options) {
     userId: options.userId,
     timerPath: getTimerPath(),
     config: options.config,
+    trustLevel: companion4?.trustLevel ?? 0,
     requestPermission: async (toolName, detail) => {
       if (options.alwaysAllowedTools.has(toolName)) {
         return "once";
@@ -87587,17 +88184,12 @@ function parsePermissionCallbackData(data) {
 }
 function ensureTrustedTelegramChat(options, chatId) {
   if (!options.trustedChatId) {
-    if (!options.config.gateway) {
+    const onDisk = readGrindConfig() ?? options.config;
+    const gatewayBase = onDisk.gateway ?? options.config.gateway;
+    if (!gatewayBase) {
       return false;
     }
-    const nextConfig = {
-      ...options.config,
-      gateway: {
-        ...options.config.gateway,
-        telegramDefaultChatId: chatId
-      }
-    };
-    writeGrindConfig(nextConfig);
+    writeGrindConfig({ ...onDisk, gateway: { ...gatewayBase, telegramDefaultChatId: chatId } });
     options.setTrustedChatId(chatId);
     options.onWarn?.(`Auto-set telegramDefaultChatId to ${chatId}.`);
     return true;
@@ -88050,7 +88642,7 @@ import { join as join6 } from "path";
 // src/gateway/autostart.ts
 await init_src();
 import { existsSync as existsSync6, mkdirSync as mkdirSync3, unlinkSync as unlinkSync3, writeFileSync as writeFileSync6 } from "fs";
-import { homedir as homedir2 } from "os";
+import { homedir as homedir3 } from "os";
 import { join as join5, resolve as resolve4 } from "path";
 var SYSTEMD_UNIT_NAME = "grind-gateway.service";
 var LAUNCHD_LABEL = "com.grind.gateway";
@@ -88237,7 +88829,7 @@ async function runSystemdCommand(args, options) {
   return runCommand(["systemctl", "--user", ...args], options);
 }
 function getSystemdUnitDir() {
-  return join5(homedir2(), ".config", "systemd", "user");
+  return join5(homedir3(), ".config", "systemd", "user");
 }
 function getSystemdUnitPath() {
   return join5(getSystemdUnitDir(), SYSTEMD_UNIT_NAME);
@@ -88361,7 +88953,7 @@ function buildLaunchdPlist(launchSpec) {
 `);
 }
 function getLaunchdDir() {
-  return join5(homedir2(), "Library", "LaunchAgents");
+  return join5(homedir3(), "Library", "LaunchAgents");
 }
 function getLaunchdPlistPath() {
   return join5(getLaunchdDir(), `${LAUNCHD_LABEL}.plist`);
@@ -90079,9 +90671,14 @@ async function forgeCreateCommand(ctx) {
   const actionType = await Je({
     message: "Action type:",
     options: [
-      { value: "queue-quest", label: "queue-quest", hint: "Low risk" },
-      { value: "log-to-vault", label: "log-to-vault", hint: "Medium risk" },
-      { value: "send-notification", label: "send-notification", hint: "Low risk" }
+      {
+        value: "send-notification",
+        label: "send-notification",
+        hint: "Send a message or run a script whose stdout becomes the message"
+      },
+      { value: "run-script", label: "run-script", hint: "Execute a shell script silently" },
+      { value: "queue-quest", label: "queue-quest", hint: "Activate a quest" },
+      { value: "log-to-vault", label: "log-to-vault", hint: "Auto-log an activity and award XP" }
     ]
   });
   if (Ct(actionType))
@@ -90237,6 +90834,38 @@ async function forgeCreateCommand(ctx) {
       }
     }
   }
+  if (actionType === "run-script") {
+    const script = await Ze({
+      message: "Shell script to execute:",
+      placeholder: "curl -s https://example.com/data | jq .price",
+      validate: (value) => !value?.trim() ? "Script is required." : undefined
+    });
+    if (Ct(script))
+      return bail();
+    actionConfig.script = script.trim();
+    const timeoutRaw = await Ze({
+      message: "Timeout in seconds (default 30):",
+      placeholder: "30",
+      defaultValue: "30",
+      validate: (value) => {
+        const parsed = Number.parseInt(value ?? "", 10);
+        if (!Number.isInteger(parsed) || parsed <= 0)
+          return "Enter a positive integer.";
+        return;
+      }
+    });
+    if (Ct(timeoutRaw))
+      return bail();
+    actionConfig.timeout = Number.parseInt(String(timeoutRaw), 10) * 1000;
+    const workdir = await Ze({
+      message: "Working directory (optional):",
+      placeholder: "~/projects/myapp"
+    });
+    if (Ct(workdir))
+      return bail();
+    if (workdir)
+      actionConfig.workdir = workdir;
+  }
   const rule = await insertForgeRule(ctx.db, {
     userId: ctx.user.id,
     name: name21,
@@ -91774,6 +92403,7 @@ function showCommandHelp(command, sub) {
         "Usage: grindxp companion <subcommand>",
         "",
         cmd("(none)", "Show companion settings"),
+        cmd("trust [level]", "Show or set companion trust level (0\u20134)"),
         cmd("soul", "Edit companion personality in $EDITOR"),
         cmd("context [--refresh]", "View or refresh your user context"),
         cmd("memory, insights", "List stored insights"),
@@ -92076,7 +92706,9 @@ async function main() {
         }
         break;
       case "companion":
-        if (sub === "soul") {
+        if (sub === "trust") {
+          await companionTrustCommand(ctx, rest[0]);
+        } else if (sub === "soul") {
           await companionSoulCommand(ctx);
         } else if (sub === "context") {
           await companionContextCommand(ctx, rest.includes("--refresh"));