@gzoo/cortex 0.5.11 → 0.5.13

package/dist/cortex.mjs

@@ -688,6 +688,43 @@ var init_initial = __esm({
   }
 });
 
+// packages/graph/dist/migrations/002-add-indexes.js
+function up2(db) {
+  const currentVersion = db.prepare("SELECT MAX(version) as v FROM schema_version").get()?.v ?? 0;
+  if (currentVersion >= MIGRATION_VERSION2)
+    return;
+  db.exec(`
+    -- Composite index for common entity queries (project + status + soft-delete filter)
+    CREATE INDEX IF NOT EXISTS idx_entities_project_status_deleted
+      ON entities(project_id, status, deleted_at);
+
+    -- Contradiction lookups by status and severity
+    CREATE INDEX IF NOT EXISTS idx_contradictions_status_severity
+      ON contradictions(status, severity);
+
+    -- Contradiction lookups by entity
+    CREATE INDEX IF NOT EXISTS idx_contradictions_entity_a
+      ON contradictions(entity_id_a);
+
+    CREATE INDEX IF NOT EXISTS idx_contradictions_entity_b
+      ON contradictions(entity_id_b);
+
+    -- Files by project + status (used during watch/ingest)
+    CREATE INDEX IF NOT EXISTS idx_files_project_status
+      ON files(project_id, status);
+
+    INSERT OR IGNORE INTO schema_version (version, applied_at)
+      VALUES (${MIGRATION_VERSION2}, datetime('now'));
+  `);
+}
+var MIGRATION_VERSION2;
+var init_add_indexes = __esm({
+  "packages/graph/dist/migrations/002-add-indexes.js"() {
+    "use strict";
+    MIGRATION_VERSION2 = 2;
+  }
+});
+
 // packages/graph/dist/sqlite-store.js
 import Database from "better-sqlite3";
 import { randomUUID } from "node:crypto";
@@ -780,17 +817,22 @@ var init_sqlite_store = __esm({
     "use strict";
     init_dist();
     init_initial();
+    init_add_indexes();
     SQLiteStore = class {
       db;
       dbPath;
       constructor(options = {}) {
         const { dbPath = "~/.cortex/cortex.db", walMode = true, backupOnStartup = true } = options;
         this.dbPath = resolveHomePath(dbPath);
-        mkdirSync3(dirname(this.dbPath), { recursive: true });
+        mkdirSync3(dirname(this.dbPath), { recursive: true, mode: 448 });
         if (backupOnStartup) {
           this.backupSync();
         }
         this.db = new Database(this.dbPath);
+        try {
+          chmodSync(this.dbPath, 384);
+        } catch {
+        }
         if (walMode) {
           this.db.pragma("journal_mode = WAL");
         }
@@ -801,6 +843,7 @@ var init_sqlite_store = __esm({
       migrate() {
         try {
           up(this.db);
+          up2(this.db);
         } catch (err) {
           throw new CortexError(GRAPH_DB_ERROR, "critical", "graph", `Migration failed: ${err instanceof Error ? err.message : String(err)}`, void 0, "Delete the database and restart.");
         }
@@ -822,8 +865,17 @@ var init_sqlite_store = __esm({
       close() {
         this.db.close();
       }
+      transaction(fn) {
+        return this.db.transaction(fn)();
+      }
       // --- Entities ---
+      createEntitySync(entity) {
+        return this._createEntity(entity);
+      }
       async createEntity(entity) {
+        return this._createEntity(entity);
+      }
+      _createEntity(entity) {
         const id = randomUUID();
         const ts = now();
         this.db.prepare(`
@@ -903,13 +955,17 @@ var init_sqlite_store = __esm({
         }
         let sql;
         if (query.search) {
+          const sanitizedSearch = query.search.replace(/[^a-zA-Z0-9\s]/g, " ").trim();
+          if (!sanitizedSearch) {
+            return [];
+          }
           sql = `
         SELECT e.* FROM entities e
         JOIN entities_fts fts ON fts.rowid = e.rowid
         WHERE fts.entities_fts MATCH ? AND ${conditions.join(" AND ")}
         ORDER BY rank
       `;
-          params.unshift(query.search);
+          params.unshift(sanitizedSearch);
         } else {
           sql = `
         SELECT * FROM entities
@@ -945,22 +1001,35 @@ var init_sqlite_store = __esm({
         const row = this.db.prepare("SELECT * FROM relationships WHERE id = ?").get(id);
         return row ? rowToRelationship(row) : null;
       }
-      async getRelationshipsForEntity(entityId, direction = "both") {
+      async getRelationshipsForEntity(entityId, direction = "both", limit = 200) {
         let sql;
         let params;
         if (direction === "out") {
-          sql = "SELECT * FROM relationships WHERE source_entity_id = ?";
-          params = [entityId];
+          sql = "SELECT * FROM relationships WHERE source_entity_id = ? LIMIT ?";
+          params = [entityId, limit];
         } else if (direction === "in") {
-          sql = "SELECT * FROM relationships WHERE target_entity_id = ?";
-          params = [entityId];
+          sql = "SELECT * FROM relationships WHERE target_entity_id = ? LIMIT ?";
+          params = [entityId, limit];
         } else {
-          sql = "SELECT * FROM relationships WHERE source_entity_id = ? OR target_entity_id = ?";
-          params = [entityId, entityId];
+          sql = "SELECT * FROM relationships WHERE source_entity_id = ? OR target_entity_id = ? LIMIT ?";
+          params = [entityId, entityId, limit];
         }
         const rows = this.db.prepare(sql).all(...params);
         return rows.map(rowToRelationship);
       }
+      async getRelationshipsForEntities(entityIds) {
+        if (entityIds.length === 0)
+          return [];
+        const placeholders = entityIds.map(() => "?").join(",");
+        const sql = `
+      SELECT * FROM relationships
+      WHERE source_entity_id IN (${placeholders})
+         OR target_entity_id IN (${placeholders})
+      LIMIT 2000
+    `;
+        const rows = this.db.prepare(sql).all(...entityIds, ...entityIds);
+        return rows.map(rowToRelationship);
+      }
       async deleteRelationship(id) {
         this.db.prepare("DELETE FROM relationships WHERE id = ?").run(id);
       }
@@ -1388,13 +1457,100 @@ var init_vector_store = __esm({
 function estimateTokens(text) {
   return Math.ceil(text.length / AVG_CHARS_PER_TOKEN);
 }
-var logger2, AVG_CHARS_PER_TOKEN, QueryEngine;
+var logger2, AVG_CHARS_PER_TOKEN, FTS_STOP_WORDS, QueryEngine;
 var init_query_engine = __esm({
   "packages/graph/dist/query-engine.js"() {
     "use strict";
     init_dist();
     logger2 = createLogger("graph:query-engine");
     AVG_CHARS_PER_TOKEN = 4;
+    FTS_STOP_WORDS = /* @__PURE__ */ new Set([
+      "a",
+      "an",
+      "the",
+      "and",
+      "or",
+      "but",
+      "in",
+      "on",
+      "at",
+      "to",
+      "for",
+      "of",
+      "with",
+      "by",
+      "from",
+      "is",
+      "are",
+      "was",
+      "were",
+      "be",
+      "been",
+      "being",
+      "have",
+      "has",
+      "had",
+      "do",
+      "does",
+      "did",
+      "will",
+      "would",
+      "could",
+      "should",
+      "may",
+      "might",
+      "shall",
+      "can",
+      "need",
+      "must",
+      "what",
+      "which",
+      "who",
+      "how",
+      "why",
+      "when",
+      "where",
+      "that",
+      "this",
+      "these",
+      "those",
+      "it",
+      "its",
+      "me",
+      "my",
+      "you",
+      "your",
+      "we",
+      "our",
+      "they",
+      "their",
+      "he",
+      "she",
+      "i",
+      "all",
+      "any",
+      "each",
+      "some",
+      "no",
+      "not",
+      "so",
+      "yet",
+      "use",
+      "used",
+      "using",
+      "about",
+      "tell",
+      "know",
+      "get",
+      "got",
+      "make",
+      "made",
+      "see",
+      "give",
+      "go",
+      "come",
+      "take"
+    ]);
     QueryEngine = class {
       sqliteStore;
       vectorStore;
@@ -1430,16 +1586,8 @@ var init_query_engine = __esm({
         }
         const privacyFiltered = await this.filterByPrivacy(contextEntities);
         const entityIds = new Set(privacyFiltered.map((e) => e.id));
-        const relationships = [];
-        for (const entity of privacyFiltered) {
-          const rels = await this.sqliteStore.getRelationshipsForEntity(entity.id);
-          for (const rel of rels) {
-            if (entityIds.has(rel.sourceEntityId) && entityIds.has(rel.targetEntityId)) {
-              relationships.push(rel);
-            }
-          }
-        }
-        const uniqueRels = [...new Map(relationships.map((r) => [r.id, r])).values()];
+        const allRels = await this.sqliteStore.getRelationshipsForEntities([...entityIds]);
+        const uniqueRels = allRels.filter((r) => entityIds.has(r.sourceEntityId) && entityIds.has(r.targetEntityId));
         const relTokens = uniqueRels.reduce((sum, r) => sum + estimateTokens(r.description ?? "") + 20, 0);
         const filteredTokens = privacyFiltered.reduce((sum, e) => sum + estimateTokens(e.content) + estimateTokens(e.name), 0);
         logger2.debug("Context assembled", {
@@ -1493,94 +1641,7 @@ var init_query_engine = __esm({
        * entities matching ANY meaningful keyword are returned.
        */
       buildFtsQuery(query) {
-        const stopWords = /* @__PURE__ */ new Set([
-          "a",
-          "an",
-          "the",
-          "and",
-          "or",
-          "but",
-          "in",
-          "on",
-          "at",
-          "to",
-          "for",
-          "of",
-          "with",
-          "by",
-          "from",
-          "is",
-          "are",
-          "was",
-          "were",
-          "be",
-          "been",
-          "being",
-          "have",
-          "has",
-          "had",
-          "do",
-          "does",
-          "did",
-          "will",
-          "would",
-          "could",
-          "should",
-          "may",
-          "might",
-          "shall",
-          "can",
-          "need",
-          "must",
-          "what",
-          "which",
-          "who",
-          "how",
-          "why",
-          "when",
-          "where",
-          "that",
-          "this",
-          "these",
-          "those",
-          "it",
-          "its",
-          "me",
-          "my",
-          "you",
-          "your",
-          "we",
-          "our",
-          "they",
-          "their",
-          "he",
-          "she",
-          "i",
-          "all",
-          "any",
-          "each",
-          "some",
-          "no",
-          "not",
-          "so",
-          "yet",
-          "use",
-          "used",
-          "using",
-          "about",
-          "tell",
-          "know",
-          "get",
-          "got",
-          "make",
-          "made",
-          "see",
-          "give",
-          "go",
-          "come",
-          "take"
-        ]);
-        const keywords = query.replace(/[^a-zA-Z0-9\s]/g, " ").toLowerCase().split(/\s+/).filter((w) => w.length >= 3 && !stopWords.has(w));
+        const keywords = query.replace(/[^a-zA-Z0-9\s]/g, " ").toLowerCase().split(/\s+/).filter((w) => w.length >= 3 && !FTS_STOP_WORDS.has(w));
         if (keywords.length === 0) {
           return query.replace(/[^a-zA-Z0-9\s]/g, " ").trim();
         }
@@ -1796,12 +1857,38 @@ var init_anthropic = __esm({
 });
 
 // packages/llm/dist/providers/ollama.js
-var logger4, OllamaProvider;
+function validateOllamaHost(host) {
+  let parsed;
+  try {
+    parsed = new URL(host);
+  } catch {
+    throw new CortexError(LLM_PROVIDER_UNAVAILABLE, "high", "llm", `Invalid Ollama host URL: ${host}`, { host }, "Set a valid URL like http://localhost:11434", false);
+  }
+  const hostname = parsed.hostname;
+  for (const pattern of BLOCKED_HOST_PATTERNS) {
+    if (pattern.test(hostname)) {
+      throw new CortexError(LLM_PROVIDER_UNAVAILABLE, "high", "llm", `Ollama host "${hostname}" is blocked \u2014 it matches a link-local or cloud metadata IP range.`, { host }, "Use a non-link-local address for Ollama.", false);
+    }
+  }
+  const localhostNames = /* @__PURE__ */ new Set(["localhost", "127.0.0.1", "::1", "0.0.0.0"]);
+  if (!localhostNames.has(hostname)) {
+    logger4.warn(`Ollama host is not localhost (${hostname}). Ensure the remote Ollama instance is trusted and network-secured.`);
+  }
+}
+var logger4, BLOCKED_HOST_PATTERNS, OllamaProvider;
 var init_ollama = __esm({
   "packages/llm/dist/providers/ollama.js"() {
     "use strict";
     init_dist();
     logger4 = createLogger("llm:ollama");
+    BLOCKED_HOST_PATTERNS = [
+      /^169\.254\./,
+      // AWS/Azure metadata link-local
+      /^fd[0-9a-f]{2}:/i,
+      // IPv6 unique local (fd00::/8)
+      /^fe80:/i
+      // IPv6 link-local
+    ];
     OllamaProvider = class {
       name = "ollama";
       type = "local";
@@ -1812,6 +1899,7 @@ var init_ollama = __esm({
       numGpu;
       timeoutMs;
       keepAlive;
+      streamInactivityTimeoutMs;
       capabilities = {
         supportedTasks: [
           LLMTask.ENTITY_EXTRACTION,
@@ -1830,12 +1918,14 @@ var init_ollama = __esm({
       };
       constructor(options = {}) {
         this.host = options.host ?? process.env["CORTEX_OLLAMA_HOST"] ?? "http://localhost:11434";
+        validateOllamaHost(this.host);
         this.model = options.model ?? "mistral:7b-instruct-q5_K_M";
         this.embeddingModel = options.embeddingModel ?? "nomic-embed-text";
         this.numCtx = options.numCtx ?? 8192;
         this.numGpu = options.numGpu ?? -1;
         this.timeoutMs = options.timeoutMs ?? 3e5;
         this.keepAlive = options.keepAlive ?? "5m";
+        this.streamInactivityTimeoutMs = 6e4;
         this.capabilities.maxContextTokens = this.numCtx;
       }
       getModel() {
@@ -1942,25 +2032,43 @@ var init_ollama = __esm({
           const decoder = new TextDecoder();
           let inputTokens = 0;
           let outputTokens = 0;
-          while (true) {
-            const { done, value } = await reader.read();
-            if (done)
-              break;
-            const chunk = decoder.decode(value, { stream: true });
-            const lines = chunk.split("\n").filter((line) => line.trim());
-            for (const line of lines) {
-              try {
-                const data = JSON.parse(line);
-                if (data.response) {
-                  yield data.response;
-                }
-                if (data.done) {
-                  inputTokens = data.prompt_eval_count ?? 0;
-                  outputTokens = data.eval_count ?? 0;
+          const streamController = new AbortController();
+          let inactivityTimer = setTimeout(() => streamController.abort(), this.streamInactivityTimeoutMs);
+          try {
+            while (true) {
+              const readPromise = reader.read();
+              const raceResult = await Promise.race([
+                readPromise,
+                new Promise((_, reject) => {
+                  streamController.signal.addEventListener("abort", () => reject(new Error("Stream inactivity timeout")), { once: true });
+                  if (streamController.signal.aborted) {
+                    reject(new Error("Stream inactivity timeout"));
+                  }
+                })
+              ]);
+              const { done, value } = raceResult;
+              if (done)
+                break;
+              clearTimeout(inactivityTimer);
+              inactivityTimer = setTimeout(() => streamController.abort(), this.streamInactivityTimeoutMs);
+              const chunk = decoder.decode(value, { stream: true });
+              const lines = chunk.split("\n").filter((line) => line.trim());
+              for (const line of lines) {
+                try {
+                  const data = JSON.parse(line);
+                  if (data.response) {
+                    yield data.response;
+                  }
+                  if (data.done) {
+                    inputTokens = data.prompt_eval_count ?? 0;
+                    outputTokens = data.eval_count ?? 0;
+                  }
+                } catch {
                 }
-              } catch {
               }
             }
+          } finally {
+            clearTimeout(inactivityTimer);
           }
           return {
             inputTokens,
@@ -2125,7 +2233,12 @@ var init_openai_compatible = __esm({
         });
         this.primaryModel = options.primaryModel ?? "gpt-4o";
         this.fastModel = options.fastModel ?? "gpt-4o-mini";
-        this.isGemini = options.baseUrl.includes("generativelanguage.googleapis.com");
+        try {
+          const parsedUrl = new URL(options.baseUrl);
+          this.isGemini = parsedUrl.hostname === "generativelanguage.googleapis.com";
+        } catch {
+          this.isGemini = false;
+        }
         logger5.info("OpenAI-compatible provider initialized", {
           baseUrl: options.baseUrl,
           primaryModel: this.primaryModel,
@@ -2252,7 +2365,7 @@ function estimateCost(model, inputTokens, outputTokens) {
   const costs = MODEL_COSTS[model] ?? DEFAULT_COST;
   return inputTokens / 1e6 * costs.input + outputTokens / 1e6 * costs.output;
 }
-var logger6, MODEL_COSTS, DEFAULT_COST, TokenTracker;
+var logger6, MODEL_COSTS, DEFAULT_COST, MAX_IN_MEMORY_RECORDS, TokenTracker;
 var init_token_tracker = __esm({
   "packages/llm/dist/token-tracker.js"() {
     "use strict";
@@ -2263,6 +2376,7 @@ var init_token_tracker = __esm({
       "claude-haiku-4-5-20251001": { input: 0.8, output: 4 }
     };
     DEFAULT_COST = { input: 3, output: 15 };
+    MAX_IN_MEMORY_RECORDS = 1e4;
     TokenTracker = class {
       records = [];
       monthlyBudgetUsd;
@@ -2287,9 +2401,23 @@ var init_token_tracker = __esm({
           timestamp: (/* @__PURE__ */ new Date()).toISOString()
         };
         this.records.push(record);
+        this.trimOldRecords();
         this.checkBudget();
         return record;
       }
+      trimOldRecords() {
+        if (this.records.length <= MAX_IN_MEMORY_RECORDS)
+          return;
+        const currentMonth = (/* @__PURE__ */ new Date()).toISOString().slice(0, 7);
+        const currentMonthRecords = this.records.filter((r) => r.timestamp.startsWith(currentMonth));
+        const priorRecords = this.records.filter((r) => !r.timestamp.startsWith(currentMonth));
+        if (currentMonthRecords.length >= MAX_IN_MEMORY_RECORDS) {
+          this.records = currentMonthRecords.slice(-MAX_IN_MEMORY_RECORDS);
+        } else {
+          const keepFromPrior = MAX_IN_MEMORY_RECORDS - currentMonthRecords.length;
+          this.records = [...priorRecords.slice(-keepFromPrior), ...currentMonthRecords];
+        }
+      }
       checkBudget() {
         const spent = this.getCurrentMonthSpend();
         const usedPercent = this.monthlyBudgetUsd > 0 ? spent / this.monthlyBudgetUsd : 0;
@@ -2402,9 +2530,9 @@ var init_cache = __esm({
         if (!this.enabled)
           return;
         if (this.cache.size >= this.maxEntries) {
-          const oldest = [...this.cache.entries()].sort((a, b) => a[1].createdAt - b[1].createdAt)[0];
-          if (oldest) {
-            this.cache.delete(oldest[0]);
+          const firstKey = this.cache.keys().next().value;
+          if (firstKey !== void 0) {
+            this.cache.delete(firstKey);
           }
         }
         const key = this.buildKey(contentHash, promptId, promptVersion);
@@ -3906,7 +4034,7 @@ function isConversationMarkdown(content) {
   const lines = content.split("\n");
   const headings = [];
   for (const line of lines) {
-    const m = line.match(/^#{1,3}\s+(.+)$/);
+    const m = line.match(/^#{1,3}\s+(\S.*)$/);
     if (m) {
       headings.push(m[1].trim());
       if (headings.length >= 2)
@@ -3988,7 +4116,7 @@ function parseConversationMarkdown(content) {
   };
   for (let i = 0; i < lines.length; i++) {
     const line = lines[i];
-    const headingMatch = line.match(/^#{1,3}\s+(.+)$/);
+    const headingMatch = line.match(/^#{1,3}\s+(\S.*)$/);
     if (headingMatch) {
       flush(i);
       currentRole = headingMatch[1].trim();
@@ -4176,6 +4304,11 @@ import { extname } from "node:path";
 function escapeRegex(s) {
   return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
 }
+function globToRegex(pattern) {
+  const escaped = pattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
+  const regexStr = escaped.replace(/\*\*/g, "___GLOBSTAR___").replace(/\*/g, "[^/\\\\]*").replace(/___GLOBSTAR___/g, ".*");
+  return new RegExp("^" + regexStr + "$");
+}
 var logger9, FileWatcher;
 var init_watcher = __esm({
   "packages/ingest/dist/watcher.js"() {
@@ -4187,8 +4320,15 @@ var init_watcher = __esm({
       options;
       handler = null;
       debounceTimers = /* @__PURE__ */ new Map();
+      compiledExcludePatterns;
       constructor(options) {
         this.options = options;
+        this.compiledExcludePatterns = options.exclude.map((pattern) => {
+          if (pattern.includes("*")) {
+            return { pattern: globToRegex(pattern), isGlob: true };
+          }
+          return pattern;
+        });
       }
       static fromConfig(config8) {
         return new _FileWatcher({
@@ -4272,13 +4412,12 @@ var init_watcher = __esm({
       }
       isExcluded(filePath) {
         const parts = filePath.split(/[\\/]/);
-        for (const pattern of this.options.exclude) {
-          if (pattern.includes("*")) {
-            const re = new RegExp("^" + pattern.replace(/\./g, "\\.").replace(/\*\*/g, ".*").replace(/\*/g, "[^/\\\\]*") + "$");
-            if (parts.some((p) => re.test(p)))
+        for (const compiled of this.compiledExcludePatterns) {
+          if (typeof compiled === "string") {
+            if (parts.some((p) => p === compiled))
               return true;
           } else {
-            if (parts.some((p) => p === pattern))
+            if (parts.some((p) => compiled.pattern.test(p)))
               return true;
           }
         }
@@ -4288,8 +4427,7 @@ var init_watcher = __esm({
         const patterns = [];
         for (const pattern of this.options.exclude) {
           if (pattern.includes("*")) {
-            const regexStr = pattern.replace(/\./g, "\\.").replace(/\*\*/g, "___GLOBSTAR___").replace(/\*/g, "[^/]*").replace(/___GLOBSTAR___/g, ".*");
-            patterns.push(new RegExp(regexStr));
+            patterns.push(globToRegex(pattern));
           } else if (pattern.includes(".")) {
             patterns.push(new RegExp(`(^|[\\\\/])${escapeRegex(pattern)}$`));
           } else {
@@ -4466,10 +4604,34 @@ var init_pipeline = __esm({
       // Shared across all ingestFile calls — prevents the same entity pair from being
       // evaluated twice when multiple files ingest in the same batch.
       checkedContradictionPairs = /* @__PURE__ */ new Set();
+      // Pre-compiled secret patterns for scrubbing before cloud LLM calls
+      compiledSecretPatterns;
       constructor(router, store, options) {
         this.router = router;
         this.store = store;
         this.options = options;
+        this.compiledSecretPatterns = (options.secretPatterns ?? []).map((pattern) => {
+          try {
+            return new RegExp(pattern, "g");
+          } catch {
+            logger11.warn("Invalid secret pattern, skipping", { pattern });
+            return null;
+          }
+        }).filter((r) => r !== null);
+      }
+      /**
+       * Scrub secrets from content before sending to cloud LLMs.
+       * Only applied for standard privacy (sensitive/restricted use local provider).
+       */
+      scrubSecrets(content) {
+        if (this.compiledSecretPatterns.length === 0)
+          return content;
+        let scrubbed = content;
+        for (const re of this.compiledSecretPatterns) {
+          re.lastIndex = 0;
+          scrubbed = scrubbed.replace(re, "[SECRET_REDACTED]");
+        }
+        return scrubbed;
       }
       async ingestFile(filePath) {
         try {
@@ -4545,9 +4707,12 @@ var init_pipeline = __esm({
           const deduped = this.deduplicateEntities(allEntities);
           logger11.debug("Extracted entities", { filePath, raw: allEntities.length, deduped: deduped.length });
           const storedEntities = [];
-          for (const entity of deduped) {
-            const stored = await this.store.createEntity(entity);
-            storedEntities.push(stored);
+          this.store.transaction(() => {
+            for (const entity of deduped) {
+              storedEntities.push(this.store.createEntitySync(entity));
+            }
+          });
+          for (const stored of storedEntities) {
             eventBus.emit({
               type: "entity.created",
               payload: { entity: stored },
@@ -4608,6 +4773,7 @@ var init_pipeline = __esm({
       async extractEntities(chunk, filePath, fileType) {
         const contentHash = createHash2("sha256").update(chunk.content).digest("hex");
         const privacyOverride = this.options.projectPrivacyLevel !== "standard" ? { forceProvider: "local" } : {};
+        const safeContent = this.options.projectPrivacyLevel === "standard" ? this.scrubSecrets(chunk.content) : chunk.content;
         try {
           const result = await this.router.completeStructured({
             systemPrompt: entity_extraction_exports.systemPrompt,
@@ -4615,7 +4781,7 @@ var init_pipeline = __esm({
               filePath,
               projectName: this.options.projectName,
               fileType,
-              content: chunk.content
+              content: safeContent
             }),
             promptId: entity_extraction_exports.PROMPT_ID,
             promptVersion: entity_extraction_exports.PROMPT_VERSION,
@@ -5153,7 +5319,7 @@ var init_status = __esm({
       for (let i = 0; i < 6; i++) {
         try {
           const pkg = JSON.parse(readFileSync9(resolve19(dir, "package.json"), "utf-8"));
-          if (pkg.name === "gzoo-cortex" && pkg.version) {
+          if ((pkg.name === "@gzoo/cortex" || pkg.name === "gzoo-cortex") && pkg.version) {
             _version = pkg.version;
             break;
           }
@@ -5385,7 +5551,7 @@ async function startServer(options) {
       callback(new Error("CORS not allowed"));
     }
   }));
-  app.use(express.json());
+  app.use(express.json({ limit: "1mb" }));
   const isLocal = host === "127.0.0.1" || host === "localhost" || host === "::1";
   if (!isLocal && !config8.server.auth.enabled) {
     logger34.warn("Server bound to non-localhost without auth enabled. Set server.auth.enabled=true and server.auth.token in config, or set CORTEX_SERVER_AUTH_TOKEN env var.");
@@ -5393,6 +5559,15 @@ async function startServer(options) {
   const rateLimitWindow = 6e4;
   const rateLimitMax = 30;
   const rateLimitMap = /* @__PURE__ */ new Map();
+  const rateLimitCleanupInterval = setInterval(() => {
+    const now2 = Date.now();
+    for (const [key, entry] of rateLimitMap) {
+      if (now2 >= entry.resetAt) {
+        rateLimitMap.delete(key);
+      }
+    }
+  }, 6e4);
+  rateLimitCleanupInterval.unref();
   const rateLimiter = (req, res, next) => {
     const key = req.ip ?? "unknown";
     const now2 = Date.now();
@@ -5412,11 +5587,12 @@ async function startServer(options) {
     next();
   };
   const api = express.Router();
+  api.use(rateLimiter);
   api.use(createAuthMiddleware({ config: config8, host }));
   api.use("/entities", createEntityRoutes(bundle));
   api.use("/relationships", createRelationshipRoutes(bundle));
   api.use("/projects", createProjectRoutes(bundle));
-  api.use("/query", rateLimiter, createQueryRoutes(bundle));
+  api.use("/query", createQueryRoutes(bundle));
   api.use("/contradictions", createContradictionRoutes(bundle));
   api.use("/", createStatusRoutes(bundle));
   app.use("/api/v1", api);
@@ -5443,7 +5619,8 @@ async function startServer(options) {
             maxFileSize: config8.ingest.maxFileSize,
             batchSize: config8.ingest.batchSize,
             projectPrivacyLevel: project.privacyLevel,
-            mergeConfidenceThreshold: 0.85
+            mergeConfidenceThreshold: 0.85,
+            secretPatterns: config8.privacy.secretPatterns
           });
           const watcher = new FileWatcher2({
             dirs: [project.rootPath],
@@ -5488,6 +5665,7 @@ async function startServer(options) {
   });
   const shutdown = () => {
     logger34.info("Shutting down...");
+    clearInterval(rateLimitCleanupInterval);
     relay.close();
     server.close();
     bundle.store.close();
@@ -5852,7 +6030,8 @@ async function runWatch(projectName, opts, globals) {
     maxFileSize: config8.ingest.maxFileSize,
     batchSize: config8.ingest.batchSize,
     projectPrivacyLevel: project.privacyLevel,
-    mergeConfidenceThreshold: config8.graph.mergeConfidenceThreshold
+    mergeConfidenceThreshold: config8.graph.mergeConfidenceThreshold,
+    secretPatterns: config8.privacy.secretPatterns
   });
   const watcher = FileWatcher.fromConfig(config8.ingest);
   let ingestedCount = 0;
@@ -6247,6 +6426,16 @@ import { resolve as resolve7 } from "node:path";
 import { statSync as statSync3 } from "node:fs";
 import chalk5 from "chalk";
 var logger15 = createLogger("cli:status");
+function sanitizeUrl(url) {
+  try {
+    const parsed = new URL(url);
+    parsed.username = "";
+    parsed.password = "";
+    return parsed.toString().replace(/\/$/, "");
+  } catch {
+    return "[invalid-url]";
+  }
+}
 async function checkOllamaAvailable(host) {
   try {
     const controller = new AbortController();
@@ -6322,7 +6511,7 @@ async function runStatus(globals) {
           local: {
             provider: "ollama",
             available: ollamaAvailable,
-            host: config8.llm.local.host,
+            host: sanitizeUrl(config8.llm.local.host),
             model: config8.llm.local.model,
             numCtx: localProvider?.getNumCtx() ?? config8.llm.local.numCtx
           }
@@ -6351,7 +6540,7 @@ async function runStatus(globals) {
     const numGpu = localProvider?.getNumGpu() ?? config8.llm.local.numGpu;
     console.log(chalk5.white("LLM Mode:  ") + mode);
     const cloudLabel = `${config8.llm.cloud.models.primary} / ${config8.llm.cloud.models.fast} (${config8.llm.cloud.provider})`;
-    const localLabel = `${config8.llm.local.model} @ ${config8.llm.local.host}`;
+    const localLabel = `${config8.llm.local.model} @ ${sanitizeUrl(config8.llm.local.host)}`;
     const localDetail = `${numCtx.toLocaleString()} ctx | GPU: ${numGpu === -1 ? "auto" : numGpu} layers | ~30 tok/s est.`;
     if (mode === "cloud-first") {
       const llmStatus = hasApiKey ? chalk5.green("\u2713") : chalk5.red("\u2717");
@@ -6390,7 +6579,7 @@ async function runStatus(globals) {
     let statusMsg = "";
     if (mode === "local-only") {
       statusOk = ollamaAvailable;
-      statusMsg = ollamaAvailable ? "\u2713 Fully operational" : `\u26A0 Ollama not available at ${config8.llm.local.host}. Run \`ollama serve\`.`;
+      statusMsg = ollamaAvailable ? "\u2713 Fully operational" : `\u26A0 Ollama not available at ${sanitizeUrl(config8.llm.local.host)}. Run \`ollama serve\`.`;
     } else if (mode === "local-first") {
       statusOk = ollamaAvailable || hasApiKey;
       if (ollamaAvailable) {
@@ -6413,7 +6602,7 @@ async function runStatus(globals) {
       }
     } else {
       statusOk = hasApiKey;
-      statusMsg = hasApiKey ? "\u2713 Fully operational" : "\u26A0 API key not set. Run `cortex init` or set " + (apiKeyEnvVar ?? "your cloud API key env var") + ".";
+      statusMsg = hasApiKey ? "\u2713 Fully operational" : "\u26A0 API key not set. Run `cortex init` to configure.";
     }
     console.log(chalk5.white("Status:    ") + (statusOk ? chalk5.green(statusMsg) : chalk5.yellow(statusMsg)));
     console.log("");
@@ -6613,10 +6802,13 @@ function registerConfigCommand(program2) {
     await runExcludeRemove(pattern, globals);
   });
 }
+var DANGEROUS_KEYS = /* @__PURE__ */ new Set(["__proto__", "constructor", "prototype"]);
 function getNestedValue(obj, path) {
   const parts = path.split(".");
   let current = obj;
   for (const part of parts) {
+    if (DANGEROUS_KEYS.has(part))
+      return void 0;
     if (current === null || current === void 0 || typeof current !== "object") {
       return void 0;
     }
@@ -6629,12 +6821,17 @@ function setNestedValue(obj, path, value) {
   let current = obj;
   for (let i = 0; i < parts.length - 1; i++) {
     const part = parts[i];
+    if (DANGEROUS_KEYS.has(part))
+      throw new Error(`Invalid config key: ${part}`);
     if (current[part] === void 0 || typeof current[part] !== "object") {
       current[part] = {};
     }
     current = current[part];
   }
-  current[parts[parts.length - 1]] = value;
+  const lastKey = parts[parts.length - 1];
+  if (DANGEROUS_KEYS.has(lastKey))
+    throw new Error(`Invalid config key: ${lastKey}`);
+  current[lastKey] = value;
 }
 function parseValue(value) {
   try {
@@ -7355,7 +7552,8 @@ async function runIngest(pattern, opts, globals) {
     const lastSep = Math.max(resolvedPattern.lastIndexOf("/"), resolvedPattern.lastIndexOf("\\"));
     const dir = lastSep >= 0 ? resolvedPattern.slice(0, lastSep) : process.cwd();
     const filePattern = lastSep >= 0 ? resolvedPattern.slice(lastSep + 1) : resolvedPattern;
-    const regex = new RegExp("^" + filePattern.replace(/\./g, "\\.").replace(/\*/g, ".*") + "$");
+    const escaped = filePattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
+    const regex = new RegExp("^" + escaped.replace(/\*/g, ".*") + "$");
     if (existsSync6(dir)) {
       for (const entry of readdirSync(dir)) {
         if (regex.test(entry)) {
@@ -7436,7 +7634,8 @@ Dry run complete: ~${totalSections * 3} entities estimated across ${filePaths.le
     maxFileSize: config8.ingest.maxFileSize,
     batchSize: config8.ingest.batchSize,
     projectPrivacyLevel: project.privacyLevel,
-    mergeConfidenceThreshold: config8.graph.mergeConfidenceThreshold
+    mergeConfidenceThreshold: config8.graph.mergeConfidenceThreshold,
+    secretPatterns: config8.privacy.secretPatterns
   });
   let totalEntities = 0;
   let totalRelationships = 0;
@@ -7576,7 +7775,7 @@ async function runModelsPull(model, globals) {
 Pulling model: ${chalk13.cyan(model)}`));
     console.log(chalk13.dim("This may take several minutes for large models...\n"));
   }
-  const result = spawnSync("ollama", ["pull", model], { stdio: "inherit", shell: true });
+  const result = spawnSync("ollama", ["pull", model], { stdio: "inherit" });
   if (result.status !== 0) {
     console.error(chalk13.red(`
 \u2717 Failed to pull model "${model}"`));
@@ -7722,7 +7921,7 @@ function findPackageRoot(startDir) {
     try {
       const pkgPath = resolve16(dir, "package.json");
       const pkg = JSON.parse(readFileSync8(pkgPath, "utf-8"));
-      if (pkg.name === "gzoo-cortex")
+      if (pkg.name === "@gzoo/cortex" || pkg.name === "gzoo-cortex")
         return dir;
     } catch {
     }
@@ -8018,7 +8217,7 @@ function findPkgRoot(startDir) {
     try {
       const pkgPath = resolve21(dir, "package.json");
       const pkg = JSON.parse(readFileSync10(pkgPath, "utf-8"));
-      if (pkg.name === "gzoo-cortex")
+      if (pkg.name === "@gzoo/cortex" || pkg.name === "gzoo-cortex")
         return dir;
     } catch {
     }
@@ -8180,7 +8379,7 @@ function getVersion() {
   for (let i = 0; i < 6; i++) {
     try {
       const pkg = JSON.parse(readFileSync12(resolve23(dir, "package.json"), "utf-8"));
-      if (pkg.name === "gzoo-cortex" && pkg.version)
+      if ((pkg.name === "@gzoo/cortex" || pkg.name === "gzoo-cortex") && pkg.version)
         return pkg.version;
     } catch {
     }