@hasna/machines 0.0.37 → 0.0.39

package/dist/index.js

@@ -6569,6 +6569,21 @@ class SqliteAdapter {
   }
 }
 var adapter = null;
+var AGENT_HEARTBEAT_COLUMNS = [
+  { name: "daemon_version", definition: "TEXT" },
+  { name: "agent_mode", definition: "TEXT" },
+  { name: "platform", definition: "TEXT" },
+  { name: "os_version", definition: "TEXT" },
+  { name: "os_build", definition: "TEXT" },
+  { name: "arch", definition: "TEXT" },
+  { name: "uptime_seconds", definition: "INTEGER" },
+  { name: "tool_versions_json", definition: "TEXT" },
+  { name: "tailscale_json", definition: "TEXT" },
+  { name: "storage_sync_status", definition: "TEXT" },
+  { name: "storage_sync_last_error", definition: "TEXT" },
+  { name: "doctor_summary_json", definition: "TEXT" },
+  { name: "private_metadata", definition: "INTEGER NOT NULL DEFAULT 0" }
+];
 function createTables(db) {
   db.exec(`
     CREATE TABLE IF NOT EXISTS agent_heartbeats (
@@ -6576,9 +6591,23 @@ function createTables(db) {
       pid INTEGER NOT NULL,
       status TEXT NOT NULL,
       updated_at TEXT NOT NULL,
+      daemon_version TEXT,
+      agent_mode TEXT,
+      platform TEXT,
+      os_version TEXT,
+      os_build TEXT,
+      arch TEXT,
+      uptime_seconds INTEGER,
+      tool_versions_json TEXT,
+      tailscale_json TEXT,
+      storage_sync_status TEXT,
+      storage_sync_last_error TEXT,
+      doctor_summary_json TEXT,
+      private_metadata INTEGER NOT NULL DEFAULT 0,
       PRIMARY KEY (machine_id, pid)
     )
   `);
+  migrateAgentHeartbeats(db);
   db.exec(`
     CREATE TABLE IF NOT EXISTS setup_runs (
       id TEXT PRIMARY KEY,
@@ -6600,6 +6629,15 @@ function createTables(db) {
     )
   `);
 }
+function migrateAgentHeartbeats(db) {
+  const columns = db.query("PRAGMA table_info(agent_heartbeats)").all();
+  const existing = new Set(columns.map((column) => column.name));
+  for (const column of AGENT_HEARTBEAT_COLUMNS) {
+    if (existing.has(column.name))
+      continue;
+    db.exec(`ALTER TABLE agent_heartbeats ADD COLUMN ${column.name} ${column.definition}`);
+  }
+}
 function getAdapter(path = getDbPath()) {
   if (path === ":memory:") {
     const memoryAdapter = new SqliteAdapter(path);
@@ -6628,13 +6666,44 @@ function closeDb() {
     adapter = null;
   }
 }
-function upsertHeartbeat(machineId, pid = process.pid, status = "online") {
+function upsertHeartbeat(machineId, pid = process.pid, status = "online", metadata = {}) {
   const db = getDb();
-  db.query(`INSERT INTO agent_heartbeats (machine_id, pid, status, updated_at)
-     VALUES (?, ?, ?, ?)
+  db.query(`INSERT INTO agent_heartbeats (
+       machine_id,
+       pid,
+       status,
+       updated_at,
+       daemon_version,
+       agent_mode,
+       platform,
+       os_version,
+       os_build,
+       arch,
+       uptime_seconds,
+       tool_versions_json,
+       tailscale_json,
+       storage_sync_status,
+       storage_sync_last_error,
+       doctor_summary_json,
+       private_metadata
+     )
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
      ON CONFLICT(machine_id, pid) DO UPDATE SET
        status = excluded.status,
-       updated_at = excluded.updated_at`).run(machineId, pid, status, new Date().toISOString());
+       updated_at = excluded.updated_at,
+       daemon_version = excluded.daemon_version,
+       agent_mode = excluded.agent_mode,
+       platform = excluded.platform,
+       os_version = excluded.os_version,
+       os_build = excluded.os_build,
+       arch = excluded.arch,
+       uptime_seconds = excluded.uptime_seconds,
+       tool_versions_json = excluded.tool_versions_json,
+       tailscale_json = excluded.tailscale_json,
+       storage_sync_status = excluded.storage_sync_status,
+       storage_sync_last_error = excluded.storage_sync_last_error,
+       doctor_summary_json = excluded.doctor_summary_json,
+       private_metadata = excluded.private_metadata`).run(machineId, pid, status, new Date().toISOString(), metadata.daemonVersion ?? null, metadata.agentMode ?? null, metadata.platform ?? null, metadata.osVersion ?? null, metadata.osBuild ?? null, metadata.arch ?? null, metadata.uptimeSeconds == null ? null : Math.max(0, Math.floor(metadata.uptimeSeconds)), metadata.toolVersions ? JSON.stringify(metadata.toolVersions) : null, metadata.tailscale ? JSON.stringify(metadata.tailscale) : null, metadata.storageSyncStatus ?? null, metadata.storageSyncLastError ?? null, metadata.doctorSummary ? JSON.stringify(metadata.doctorSummary) : null, metadata.privateMetadata ? 1 : 0);
 }
 function getLocalMachineId() {
   return process.env["HASNA_MACHINES_MACHINE_ID"] || hostname();
@@ -6642,12 +6711,12 @@ function getLocalMachineId() {
 function listHeartbeats(machineId) {
   const db = getDb();
   if (machineId) {
-    return db.query(`SELECT machine_id, pid, status, updated_at
+    return db.query(`SELECT *
          FROM agent_heartbeats
          WHERE machine_id = ?
          ORDER BY updated_at DESC`).all(machineId);
   }
-  return db.query(`SELECT machine_id, pid, status, updated_at
+  return db.query(`SELECT *
        FROM agent_heartbeats
        ORDER BY updated_at DESC`).all();
 }
@@ -6683,9 +6752,36 @@ var PG_MIGRATIONS = [
     pid INTEGER NOT NULL,
     status TEXT NOT NULL,
     updated_at TIMESTAMPTZ NOT NULL,
+    daemon_version TEXT,
+    agent_mode TEXT,
+    platform TEXT,
+    os_version TEXT,
+    os_build TEXT,
+    arch TEXT,
+    uptime_seconds INTEGER,
+    tool_versions_json TEXT,
+    tailscale_json TEXT,
+    storage_sync_status TEXT,
+    storage_sync_last_error TEXT,
+    doctor_summary_json TEXT,
+    private_metadata INTEGER NOT NULL DEFAULT 0,
     PRIMARY KEY (machine_id, pid)
   );
 
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS daemon_version TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS agent_mode TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS platform TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS os_version TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS os_build TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS arch TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS uptime_seconds INTEGER;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS tool_versions_json TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS tailscale_json TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS storage_sync_status TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS storage_sync_last_error TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS doctor_summary_json TEXT;
+  ALTER TABLE agent_heartbeats ADD COLUMN IF NOT EXISTS private_metadata INTEGER NOT NULL DEFAULT 0;
+
   CREATE TABLE IF NOT EXISTS setup_runs (
     id TEXT PRIMARY KEY,
     machine_id TEXT NOT NULL,
@@ -6717,7 +6813,20 @@ function normalizeParams(params) {
   return flat.map((value) => value === undefined ? null : value);
 }
 function sslConfigFor(connectionString) {
-  return connectionString.includes("sslmode=require") || connectionString.includes("ssl=true") ? { rejectUnauthorized: false } : undefined;
+  let url;
+  try {
+    url = new URL(connectionString);
+  } catch {
+    return;
+  }
+  const sslMode = url.searchParams.get("sslmode")?.toLowerCase();
+  const ssl = url.searchParams.get("ssl")?.toLowerCase();
+  if (sslMode === "disable" || ssl === "false")
+    return;
+  if (sslMode === "no-verify" || process.env["HASNA_MACHINES_DATABASE_SSL_REJECT_UNAUTHORIZED"] === "0") {
+    return { rejectUnauthorized: false };
+  }
+  return sslMode || ssl === "true" ? { rejectUnauthorized: true } : undefined;
 }
 
 class PgAdapterAsync {
@@ -10984,6 +11093,11 @@ var coerce = {
 var NEVER = INVALID;
 // src/redaction.ts
 var REDACTED_VALUE = "[redacted]";
+var PRIVATE_METADATA_ENV = "HASNA_MACHINES_PRIVATE_METADATA";
+var PRIVATE_METADATA_FALLBACK_ENV = "MACHINES_PRIVATE_METADATA";
+var PRIVATE_OUTPUT_ENV = "HASNA_MACHINES_ALLOW_PRIVATE_OUTPUT";
+var PRIVATE_OUTPUT_FALLBACK_ENV = "MACHINES_ALLOW_PRIVATE_OUTPUT";
+var PRIVATE_OUTPUT_DENIED_WARNING = `private_output_denied:set ${PRIVATE_OUTPUT_ENV}=1 to allow private metadata output`;
 var SENSITIVE_KEY_PATTERN = /(password|passwd|token|credential|private[_-]?key|privateKey|api[_-]?key|github.*key|pem|secret)/i;
 var SECRET_REFERENCE_KEY_PATTERN = /(secret(ref(erence)?|key)?|secretRef|secretKey)$/i;
 var SENSITIVE_VALUE_PATTERNS = [
@@ -10994,9 +11108,21 @@ var SENSITIVE_VALUE_PATTERNS = [
   /\bAKIA[0-9A-Z]{16}\b/,
   /\bsk-[A-Za-z0-9_-]{20,}\b/
 ];
+var IPV4_PATTERN = /\b(?:10|127|169\.254|172\.(?:1[6-9]|2\d|3[0-1])|192\.168|100\.(?:6[4-9]|[7-9]\d|1[01]\d|12[0-7]))(?:\.\d{1,3}){2}\b/g;
+var IPV6_PATTERN = /\b(?:fc|fd|fe80)[0-9a-f:]*:[0-9a-f:]+\b/gi;
+var DATABASE_URL_PATTERN = /\b(?:postgres(?:ql)?|mysql|mariadb|redis|mongodb|s3):\/\/[^\s"'<>]+/gi;
+var PRIVATE_HOST_PATTERN = /\b(?:[A-Za-z0-9._%+-]+@)?[A-Za-z0-9-]+(?:\.[A-Za-z0-9-]+)*(?:\.tailnet(?:\.[A-Za-z0-9-]+)*|\.ts\.net|\.private(?:\.[A-Za-z0-9-]+)*|\.internal|\.local)\b/gi;
 function isSensitiveKey(key) {
   return SENSITIVE_KEY_PATTERN.test(key);
 }
+function isPrivateMetadataEnabled(env = process.env) {
+  const value = env[PRIVATE_METADATA_ENV] ?? env[PRIVATE_METADATA_FALLBACK_ENV];
+  return ["1", "true", "yes", "on", "private"].includes(String(value ?? "").trim().toLowerCase());
+}
+function isPrivateOutputEnabled(env = process.env) {
+  const value = env[PRIVATE_OUTPUT_ENV] ?? env[PRIVATE_OUTPUT_FALLBACK_ENV];
+  return ["1", "true", "yes", "on", "private"].includes(String(value ?? "").trim().toLowerCase());
+}
 function isSecretReferenceKey(key) {
   return SECRET_REFERENCE_KEY_PATTERN.test(key);
 }
@@ -11009,6 +11135,17 @@ function isRecord(value) {
 function redactPath(value) {
   return value.replace(/\/home\/[^/\s]+/g, "/home/<user>").replace(/\/Users\/[^/\s]+/g, "/Users/<user>").replace(/[A-Za-z]:\\Users\\[^\\\s]+/g, "C:\\Users\\<user>");
 }
+function redactNetworkValue(value) {
+  if (!value.trim())
+    return value;
+  return REDACTED_VALUE;
+}
+function redactErrorMessage(value) {
+  return redactPath(value).replace(DATABASE_URL_PATTERN, (match) => {
+    const scheme = match.match(/^([a-z][a-z0-9+.-]*:\/\/)/i)?.[1] ?? "";
+    return `${scheme}${REDACTED_VALUE}`;
+  }).replace(IPV4_PATTERN, REDACTED_VALUE).replace(IPV6_PATTERN, REDACTED_VALUE).replace(PRIVATE_HOST_PATTERN, REDACTED_VALUE);
+}
 function redactPrivateRef(value) {
   const trimmed = value.trim();
   const scheme = trimmed.match(/^([a-z][a-z0-9+.-]*:\/\/)/i);
@@ -11271,12 +11408,12 @@ import { arch as arch2, hostname as hostname3, platform as platform2, userInfo a
 import { spawnSync } from "child_process";
 
 // src/version.ts
-import { existsSync as existsSync3, readFileSync as readFileSync2 } from "fs";
+import { existsSync as existsSync3, readFileSync as readFileSync2, realpathSync } from "fs";
 import { dirname as dirname3, join as join2 } from "path";
 import { fileURLToPath } from "url";
 function getPackageVersion() {
   try {
-    const here = dirname3(fileURLToPath(import.meta.url));
+    const here = dirname3(realpathSync(fileURLToPath(import.meta.url)));
     const candidates = [join2(here, "..", "package.json"), join2(here, "..", "..", "package.json")];
     const pkgPath = candidates.find((candidate) => existsSync3(candidate));
     if (!pkgPath) {
@@ -11518,6 +11655,16 @@ function routeRank(hint) {
 function selectRouteHint(hints) {
   return [...hints].sort((left, right) => routeRank(left) - routeRank(right))[0] ?? null;
 }
+function parseHeartbeatJson(value) {
+  if (!value)
+    return null;
+  try {
+    const parsed = JSON.parse(value);
+    return parsed && typeof parsed === "object" && !Array.isArray(parsed) ? parsed : null;
+  } catch {
+    return null;
+  }
+}
 function buildEntry(input) {
   const manifest = input.manifest;
   const peer = input.peer;
@@ -11540,6 +11687,22 @@ function buildEntry(input) {
     manifest_declared: Boolean(manifest),
     heartbeat_status: input.heartbeat?.status ?? "unknown",
     last_heartbeat_at: input.heartbeat?.updated_at ?? null,
+    agent: {
+      pid: input.heartbeat?.pid ?? null,
+      daemon_version: input.heartbeat?.daemon_version ?? null,
+      mode: input.heartbeat?.agent_mode ?? null,
+      private_metadata: Boolean(input.heartbeat?.private_metadata),
+      platform: input.heartbeat?.platform ?? null,
+      os_version: input.heartbeat?.os_version ?? null,
+      os_build: input.heartbeat?.os_build ?? null,
+      arch: input.heartbeat?.arch ?? null,
+      uptime_seconds: input.heartbeat?.uptime_seconds ?? null,
+      tool_versions: parseHeartbeatJson(input.heartbeat?.tool_versions_json),
+      tailscale: parseHeartbeatJson(input.heartbeat?.tailscale_json),
+      storage_sync_status: input.heartbeat?.storage_sync_status ?? null,
+      storage_sync_last_error: input.heartbeat?.storage_sync_last_error ?? null,
+      doctor_summary: parseHeartbeatJson(input.heartbeat?.doctor_summary_json)
+    },
     tailscale: {
       dns_name: manifest?.tailscaleName ?? peer?.DNSName?.replace(/\.$/, "") ?? null,
       ips: peer?.TailscaleIPs ?? [],
@@ -11599,6 +11762,72 @@ function discoverMachineTopology(options = {}) {
     warnings
   };
 }
+function redactFleetString(value) {
+  if (!value)
+    return value;
+  return redactErrorMessage(value);
+}
+function redactPublicRecord(value) {
+  if (!value)
+    return null;
+  const redacted = {};
+  for (const [key, entry] of Object.entries(value)) {
+    if (/(host|hostname|dns|ip|ips|user|username|serial|address|target|url|token|secret|password|credential)/i.test(key)) {
+      redacted[key] = REDACTED_VALUE;
+      continue;
+    }
+    if (typeof entry === "string") {
+      redacted[key] = redactFleetString(entry);
+    } else if (Array.isArray(entry)) {
+      redacted[key] = entry.map((item) => {
+        if (typeof item === "string")
+          return redactFleetString(item);
+        if (item && typeof item === "object")
+          return redactPublicRecord(item);
+        return item;
+      });
+    } else if (entry && typeof entry === "object") {
+      redacted[key] = redactPublicRecord(entry);
+    } else {
+      redacted[key] = entry;
+    }
+  }
+  return redactSensitiveValue(redacted);
+}
+function redactTopologyForOutput(topology, options = {}) {
+  if (options.privateMetadata)
+    return topology;
+  return {
+    ...topology,
+    local_hostname: REDACTED_VALUE,
+    warnings: topology.warnings.map(redactFleetString),
+    machines: topology.machines.map((machine) => ({
+      ...machine,
+      hostname: machine.hostname ? REDACTED_VALUE : null,
+      user: machine.user ? REDACTED_VALUE : null,
+      tailscale: {
+        ...machine.tailscale,
+        dns_name: machine.tailscale.dns_name ? REDACTED_VALUE : null,
+        ips: machine.tailscale.ips.map(() => REDACTED_VALUE)
+      },
+      ssh: {
+        ...machine.ssh,
+        address: machine.ssh.address ? REDACTED_VALUE : null,
+        command_target: machine.ssh.command_target ? REDACTED_VALUE : null
+      },
+      route_hints: machine.route_hints.map((hint) => ({
+        ...hint,
+        target: REDACTED_VALUE
+      })),
+      agent: {
+        ...machine.agent,
+        tailscale: redactPublicRecord(machine.agent.tailscale),
+        storage_sync_last_error: machine.agent.storage_sync_last_error ? redactFleetString(machine.agent.storage_sync_last_error) : null,
+        doctor_summary: redactPublicRecord(machine.agent.doctor_summary)
+      }
+    }))
+  };
+}
 function normalizeMachineAlias(value) {
   return value.trim().replace(/\.$/, "").toLowerCase();
 }
@@ -11823,6 +12052,20 @@ function resolveMachineRoute(machineId, options = {}) {
     warnings
   };
 }
+function redactRouteForOutput(route, options = {}) {
+  if (options.privateMetadata)
+    return route;
+  return {
+    ...route,
+    target: route.target ? REDACTED_VALUE : null,
+    command_target: route.command_target ? REDACTED_VALUE : null,
+    warnings: route.warnings.map(redactFleetString),
+    evidence: {
+      ...route.evidence,
+      selected_hint: route.evidence.selected_hint ? { ...route.evidence.selected_hint, target: REDACTED_VALUE } : null
+    }
+  };
+}
 function isRecord2(value) {
   return Boolean(value) && typeof value === "object" && !Array.isArray(value);
 }
@@ -12322,6 +12565,22 @@ function getLocalMachineTopology(options = {}) {
     manifest_declared: false,
     heartbeat_status: "unknown",
     last_heartbeat_at: null,
+    agent: {
+      pid: null,
+      daemon_version: null,
+      mode: null,
+      private_metadata: false,
+      platform: null,
+      os_version: null,
+      os_build: null,
+      arch: null,
+      uptime_seconds: null,
+      tool_versions: null,
+      tailscale: null,
+      storage_sync_status: null,
+      storage_sync_last_error: null,
+      doctor_summary: null
+    },
     tailscale: { dns_name: null, ips: [], online: null, active: null, last_seen: null },
     ssh: { address: null, route: "local", command_target: "localhost" },
     route_hints: [{ kind: "local", target: "localhost", reachable: true }],
@@ -12649,29 +12908,450 @@ function checkMachineCompatibility(options = {}) {
   };
 }
 // src/agent/runtime.ts
-function writeHeartbeat(status = "online") {
-  const machineId = getLocalMachineId();
-  upsertHeartbeat(machineId, process.pid, status);
+import { execFileSync } from "child_process";
+import { arch as arch3, hostname as hostname5, platform as platform3, release, uptime, version as osVersion } from "os";
+
+// src/commands/doctor.ts
+var DOCTOR_OPTIONAL_ADAPTER_DOMAINS = ["secrets", "configs", "monitor", "repos", "mcps", "shield"];
+function makeCheck2(id, status, summary, detail, extra = {}) {
+  const { data, ...rest } = extra;
   return {
-    machineId,
-    pid: process.pid,
+    ...rest,
+    id,
     status,
-    updatedAt: new Date().toISOString()
+    summary,
+    detail,
+    data: data ? redactSensitiveValue(data) : undefined
   };
 }
-function markOffline() {
-  return writeHeartbeat("offline");
+function parseKeyValueOutput(stdout) {
+  const result = {};
+  for (const line of stdout.trim().split(`
+`)) {
+    const index = line.indexOf("=");
+    if (index <= 0)
+      continue;
+    result[line.slice(0, index)] = line.slice(index + 1);
+  }
+  return result;
+}
+function buildDoctorCommand() {
+  return [
+    'data_dir="${HASNA_MACHINES_DIR:-$HOME/.hasna/machines}"',
+    'manifest_path="${HASNA_MACHINES_MANIFEST_PATH:-$data_dir/machines.json}"',
+    'db_path="${HASNA_MACHINES_DB_PATH:-$data_dir/machines.db}"',
+    'notifications_path="${HASNA_MACHINES_NOTIFICATIONS_PATH:-$data_dir/notifications.json}"',
+    `printf 'data_dir=%s\\n' "$data_dir"`,
+    `printf 'manifest_path=%s\\n' "$manifest_path"`,
+    `printf 'db_path=%s\\n' "$db_path"`,
+    `printf 'notifications_path=%s\\n' "$notifications_path"`,
+    `printf 'data_dir_exists=%s\\n' "$(test -d "$data_dir" && printf yes || printf no)"`,
+    `printf 'manifest_exists=%s\\n' "$(test -e "$manifest_path" && printf yes || printf no)"`,
+    `printf 'db_exists=%s\\n' "$(test -e "$db_path" && printf yes || printf no)"`,
+    `printf 'notifications_exists=%s\\n' "$(test -e "$notifications_path" && printf yes || printf no)"`,
+    `printf 'bun=%s\\n' "$(bun --version 2>/dev/null || printf missing)"`,
+    `printf 'ssh=%s\\n' "$(command -v ssh >/dev/null 2>&1 && printf ok || printf missing)"`,
+    `printf 'machines=%s\\n' "$(command -v machines 2>/dev/null || printf missing)"`,
+    `printf 'machines_agent=%s\\n' "$(command -v machines-agent 2>/dev/null || printf missing)"`,
+    `printf 'machines_mcp=%s\\n' "$(command -v machines-mcp 2>/dev/null || printf missing)"`,
+    `printf 'sudo_noninteractive=%s\\n' "$(sudo -n true >/dev/null 2>&1 && printf ok || printf unavailable)"`,
+    `printf 'ssh_cert_support=%s\\n' "$(ssh -Q key-cert 2>/dev/null | grep -q 'ssh-ed25519-cert-v01@openssh.com' && printf ok || printf unavailable)"`,
+    `printf 'gh_cli=%s\\n' "$(command -v gh 2>/dev/null || printf missing)"`,
+    `printf 'gh_auth=%s\\n' "$(gh auth status >/dev/null 2>&1 && printf ok || printf unavailable)"`,
+    "printf 'github_app_ref=%s\\n' \"$(test -n \\\"${HASNA_GITHUB_APP_ID:-}\\\" -a -n \\\"${HASNA_GITHUB_APP_PRIVATE_KEY_REF:-}\\\" && printf configured || printf missing)\""
+  ].join("; ");
+}
+function fallbackAdapterCheck(domain) {
+  return makeCheck2(`${domain}-adapter`, "ok", `Optional ${domain} adapter`, `No ${domain} adapter configured; skipped optional private integration check.`, {
+    optional: true,
+    source: "open-machines",
+    data: { configured: false, fallback: true }
+  });
 }
-function getAgentStatus(machineId = getLocalMachineId()) {
-  return listHeartbeats(machineId).map((heartbeat) => ({
+function sanitizeAdapterCheck(check, domain, adapterId) {
+  const safeAdapterId = redactIdentifier(adapterId);
+  return makeCheck2(check.id.startsWith(`${domain}-`) || check.id.startsWith(`${domain}:`) ? check.id : `${domain}:${check.id}`, check.status, check.summary, String(redactSensitiveValue(check.detail)), {
+    ...check,
+    optional: check.optional ?? true,
+    source: check.source ? String(redactSensitiveValue(check.source)) : `adapter:${safeAdapterId}`,
+    data: check.data ? redactSensitiveValue(check.data) : undefined
+  });
+}
+function runOptionalAdapterChecks(context, adapters) {
+  const checks = [];
+  for (const domain of DOCTOR_OPTIONAL_ADAPTER_DOMAINS) {
+    const adapter2 = adapters.find((candidate) => candidate.checks?.[domain]);
+    const hook = adapter2?.checks?.[domain];
+    if (!adapter2 || !hook) {
+      checks.push(fallbackAdapterCheck(domain));
+      continue;
+    }
+    try {
+      const result = hook(context);
+      const domainChecks = Array.isArray(result) ? result : result ? [result] : [fallbackAdapterCheck(domain)];
+      checks.push(...domainChecks.map((check) => sanitizeAdapterCheck(check, domain, adapter2.id)));
+    } catch {
+      const safeAdapterId = redactIdentifier(adapter2.id);
+      checks.push(makeCheck2(`${domain}-adapter`, "warn", `Optional ${domain} adapter failed`, "Adapter failed; details are intentionally hidden to avoid leaking private refs or credentials.", {
+        optional: true,
+        source: `adapter:${safeAdapterId}`,
+        data: { adapter: safeAdapterId, fallback: true }
+      }));
+    }
+  }
+  return checks;
+}
+function runDoctor(machineId, options = {}) {
+  const implicitLocalMachine = !machineId;
+  const requestedMachineId = machineId ?? getLocalMachineId();
+  const reportedMachineId = implicitLocalMachine ? "local" : requestedMachineId;
+  const now = options.now ?? new Date;
+  const { manifest, info: manifestSource } = readManifestWithSource({ adapter: options.manifestAdapter ?? null });
+  const commandChecks = runMachineCommand(requestedMachineId, buildDoctorCommand());
+  const details = parseKeyValueOutput(commandChecks.stdout);
+  const machineInManifest = manifest.machines.find((machine) => machine.id === requestedMachineId);
+  const diagnosticMachine = machineInManifest ? redactManifestForDiagnostics(machineInManifest) : null;
+  if (implicitLocalMachine && diagnosticMachine)
+    diagnosticMachine.id = reportedMachineId;
+  const optionalAdapterChecks = options.includeOptionalAdapters === false ? [] : runOptionalAdapterChecks({
+    machineId: requestedMachineId,
+    manifest,
+    manifestSource,
+    commandDetails: details,
+    now
+  }, options.adapters ?? []);
+  const checks = [
+    makeCheck2("manifest-source", manifestSource.warnings.length > 0 ? "warn" : "ok", "Manifest source boundary", `${manifestSource.source.kind}:${manifestSource.source.ref} loaded from ${manifestSource.loadedFrom}`, {
+      data: {
+        source: manifestSource.source,
+        loadedFrom: manifestSource.loadedFrom,
+        fallbackSource: manifestSource.fallbackSource,
+        warnings: manifestSource.warnings
+      },
+      remediation: manifestSource.warnings.length > 0 ? ["Provide a private manifest adapter or unset the private manifest ref to use the local manifest only."] : undefined
+    }),
+    makeCheck2("manifest-entry", machineInManifest ? "ok" : "warn", machineInManifest ? "Machine exists in manifest" : "Machine missing from manifest", diagnosticMachine ? JSON.stringify(diagnosticMachine) : `No manifest entry for ${reportedMachineId}`, {
+      data: {
+        declared: Boolean(machineInManifest),
+        machine: diagnosticMachine
+      }
+    }),
+    makeCheck2("data-dir", details["data_dir_exists"] === "yes" ? "ok" : "warn", "Data directory check", `${redactPath(details["data_dir"] || "unknown")} ${details["data_dir_exists"] === "yes" ? "exists" : "missing"}`, {
+      data: {
+        path: redactPath(details["data_dir"] || "unknown"),
+        exists: details["data_dir_exists"] === "yes"
+      }
+    }),
+    makeCheck2("manifest-path", details["manifest_exists"] === "yes" ? "ok" : "warn", "Manifest path check", `${redactPath(details["manifest_path"] || "unknown")} ${details["manifest_exists"] === "yes" ? "exists" : "missing"}`, {
+      data: {
+        path: redactPath(details["manifest_path"] || "unknown"),
+        exists: details["manifest_exists"] === "yes"
+      }
+    }),
+    makeCheck2("db-path", details["db_exists"] === "yes" ? "ok" : "warn", "DB path check", `${redactPath(details["db_path"] || "unknown")} ${details["db_exists"] === "yes" ? "exists" : "missing"}`, {
+      data: {
+        path: redactPath(details["db_path"] || "unknown"),
+        exists: details["db_exists"] === "yes"
+      }
+    }),
+    makeCheck2("notifications-path", details["notifications_exists"] === "yes" ? "ok" : "warn", "Notifications path check", `${redactPath(details["notifications_path"] || "unknown")} ${details["notifications_exists"] === "yes" ? "exists" : "missing"}`, {
+      data: {
+        path: redactPath(details["notifications_path"] || "unknown"),
+        exists: details["notifications_exists"] === "yes"
+      }
+    }),
+    makeCheck2("bun", details["bun"] && details["bun"] !== "missing" ? "ok" : "fail", "Bun availability", details["bun"] || "missing"),
+    makeCheck2("machines-cli", details["machines"] && details["machines"] !== "missing" ? "ok" : "warn", "machines CLI availability", details["machines"] || "missing"),
+    makeCheck2("machines-agent-cli", details["machines_agent"] && details["machines_agent"] !== "missing" ? "ok" : "warn", "machines-agent availability", details["machines_agent"] || "missing"),
+    makeCheck2("machines-mcp-cli", details["machines_mcp"] && details["machines_mcp"] !== "missing" ? "ok" : "warn", "machines-mcp availability", details["machines_mcp"] || "missing"),
+    makeCheck2("ssh", details["ssh"] === "ok" ? "ok" : "warn", "SSH availability", details["ssh"] || "missing"),
+    makeCheck2("sudo-noninteractive", details["sudo_noninteractive"] === "ok" ? "ok" : "warn", "Noninteractive sudo availability", details["sudo_noninteractive"] === "ok" ? "sudo -n is available" : "sudo -n unavailable; setup may require user-provided approval or password handling.", {
+      data: { available: details["sudo_noninteractive"] === "ok" },
+      remediation: details["sudo_noninteractive"] === "ok" ? undefined : ["Configure explicit sudo policy or run setup commands manually; do not store sudo passwords in public manifests."]
+    }),
+    makeCheck2("ssh-cert-support", details["ssh_cert_support"] === "ok" ? "ok" : "warn", "SSH certificate support", details["ssh_cert_support"] === "ok" ? "OpenSSH reports ed25519 certificate support" : "OpenSSH certificate support not detected.", {
+      data: { supported: details["ssh_cert_support"] === "ok" },
+      remediation: details["ssh_cert_support"] === "ok" ? undefined : ["Install or update OpenSSH before adopting SSH certificate auth for this machine."]
+    }),
+    makeCheck2("github-app-auth", details["github_app_ref"] === "configured" ? "ok" : "warn", "GitHub App auth references", details["github_app_ref"] === "configured" ? "GitHub App id and private-key reference are configured" : "GitHub App id/private-key reference missing; use secret references, not user tokens or raw private keys.", {
+      data: {
+        gh_cli: details["gh_cli"] && details["gh_cli"] !== "missing",
+        gh_auth: details["gh_auth"] === "ok",
+        app_ref_configured: details["github_app_ref"] === "configured"
+      },
+      remediation: details["github_app_ref"] === "configured" ? undefined : ["Set HASNA_GITHUB_APP_ID plus HASNA_GITHUB_APP_PRIVATE_KEY_REF or provide an equivalent open-secrets adapter."]
+    }),
+    ...optionalAdapterChecks
+  ];
+  return {
+    machineId: reportedMachineId,
+    source: commandChecks.source,
+    schemaVersion: 1,
+    generatedAt: now.toISOString(),
+    manifestSource,
+    manifestPath: details["manifest_path"] ? redactPath(details["manifest_path"]) : undefined,
+    dbPath: details["db_path"] ? redactPath(details["db_path"]) : undefined,
+    notificationsPath: details["notifications_path"] ? redactPath(details["notifications_path"]) : undefined,
+    checks
+  };
+}
+
+// src/agent/runtime.ts
+function resolvePrivateMetadata(value) {
+  return value ?? isPrivateMetadataEnabled();
+}
+function readToolVersion(command, args) {
+  try {
+    const output = execFileSync(command, args, {
+      encoding: "utf8",
+      stdio: ["ignore", "pipe", "ignore"],
+      timeout: 1000
+    });
+    const firstLine2 = output.split(/\r?\n/).find((line) => line.trim());
+    return firstLine2 ? sanitizePublicString(firstLine2.trim()) : null;
+  } catch {
+    return null;
+  }
+}
+function selectedToolVersions() {
+  const versions = {};
+  if (process.versions.bun)
+    versions.bun = process.versions.bun;
+  if (process.version)
+    versions.node = process.version;
+  const git = readToolVersion("git", ["--version"]);
+  if (git)
+    versions.git = git;
+  const tailscale = readToolVersion("tailscale", ["version"]);
+  if (tailscale)
+    versions.tailscale = tailscale;
+  return versions;
+}
+function summarizeTailscale(privateMetadata) {
+  let parsed;
+  try {
+    const output = execFileSync("tailscale", ["status", "--json"], {
+      encoding: "utf8",
+      stdio: ["ignore", "pipe", "ignore"],
+      timeout: 1500
+    });
+    parsed = JSON.parse(output);
+  } catch {
+    return { available: false };
+  }
+  const peers = parsed["Peer"] && typeof parsed["Peer"] === "object" ? Object.values(parsed["Peer"]) : [];
+  const self = parsed["Self"] && typeof parsed["Self"] === "object" ? parsed["Self"] : {};
+  const summary = {
+    available: true,
+    backendState: typeof parsed["BackendState"] === "string" ? parsed["BackendState"] : undefined,
+    selfOnline: typeof self["Online"] === "boolean" ? self["Online"] : undefined,
+    peerCount: peers.length
+  };
+  if (privateMetadata) {
+    summary.selfDnsName = typeof self["DNSName"] === "string" ? self["DNSName"] : undefined;
+    summary.selfTailscaleIps = Array.isArray(self["TailscaleIPs"]) ? self["TailscaleIPs"] : undefined;
+  }
+  return sanitizeRecord(summary, privateMetadata);
+}
+function envFlag(name) {
+  const value = process.env[name]?.trim().toLowerCase();
+  return value === "1" || value === "true" || value === "yes" || value === "on";
+}
+function shouldCollectDoctorSummary(value) {
+  return value ?? envFlag("HASNA_MACHINES_AGENT_DOCTOR_SUMMARY");
+}
+function collectDoctorSummary(machineId, enabled) {
+  if (!enabled)
+    return null;
+  try {
+    const report = runDoctor(machineId, { includeOptionalAdapters: false });
+    const summary = report.checks.reduce((counts, check) => {
+      counts[check.status] += 1;
+      return counts;
+    }, { ok: 0, warn: 0, fail: 0 });
+    return {
+      generated_at: report.generatedAt,
+      source: report.source,
+      summary,
+      blockers: report.checks.filter((check) => check.status !== "ok").slice(0, 20).map((check) => ({
+        id: check.id,
+        status: check.status,
+        summary: check.summary,
+        detail: check.detail,
+        remediation: check.remediation ?? []
+      }))
+    };
+  } catch (error) {
+    return {
+      generated_at: new Date().toISOString(),
+      source: "doctor",
+      summary: { ok: 0, warn: 1, fail: 0 },
+      blockers: [{
+        id: "doctor-summary",
+        status: "warn",
+        summary: "Doctor summary unavailable",
+        detail: redactErrorMessage(error instanceof Error ? error.message : String(error)),
+        remediation: []
+      }]
+    };
+  }
+}
+function collectHeartbeatMetadata(machineId, options = {}) {
+  const privateMetadata = resolvePrivateMetadata(options.privateMetadata);
+  return {
+    daemonVersion: getPackageVersion(),
+    agentMode: sanitizePublicString(options.mode?.trim() || "daemon", privateMetadata),
+    platform: platform3(),
+    osVersion: sanitizePublicString(osVersion(), privateMetadata),
+    osBuild: sanitizePublicString(release(), privateMetadata),
+    arch: arch3(),
+    uptimeSeconds: uptime(),
+    toolVersions: sanitizeRecord(selectedToolVersions(), privateMetadata),
+    tailscale: summarizeTailscale(privateMetadata),
+    storageSyncStatus: options.storageSyncStatus ?? null,
+    storageSyncLastError: options.storageSyncLastError ? sanitizePublicString(options.storageSyncLastError, privateMetadata) : null,
+    doctorSummary: collectDoctorSummary(machineId, shouldCollectDoctorSummary(options.doctorSummary)),
+    privateMetadata
+  };
+}
+function parseJsonObject(value) {
+  if (!value)
+    return null;
+  try {
+    const parsed = JSON.parse(value);
+    return parsed && typeof parsed === "object" && !Array.isArray(parsed) ? parsed : null;
+  } catch {
+    return null;
+  }
+}
+function heartbeatToStatus(heartbeat, options = {}) {
+  const privateMetadata = options.privateMetadata === true;
+  const tailscale = parseJsonObject(heartbeat.tailscale_json);
+  const doctorSummary = parseJsonObject(heartbeat.doctor_summary_json);
+  return {
     machineId: heartbeat.machine_id,
     pid: heartbeat.pid,
     status: heartbeat.status,
-    updatedAt: heartbeat.updated_at
-  }));
+    updatedAt: heartbeat.updated_at,
+    daemonVersion: heartbeat.daemon_version,
+    agentMode: heartbeat.agent_mode,
+    platform: heartbeat.platform,
+    osVersion: heartbeat.os_version,
+    osBuild: heartbeat.os_build,
+    arch: heartbeat.arch,
+    uptimeSeconds: heartbeat.uptime_seconds,
+    toolVersions: sanitizeRecord(parseJsonObject(heartbeat.tool_versions_json) ?? {}, privateMetadata),
+    tailscale: tailscale ? sanitizeRecord(tailscale, privateMetadata) : null,
+    storageSyncStatus: heartbeat.storage_sync_status,
+    storageSyncLastError: heartbeat.storage_sync_last_error ? sanitizeStorageError(heartbeat.storage_sync_last_error, privateMetadata) : null,
+    doctorSummary: doctorSummary ? sanitizeRecord(doctorSummary, privateMetadata) : null,
+    privateMetadata: Boolean(heartbeat.private_metadata)
+  };
+}
+function sanitizePublicString(value, privateMetadata = false) {
+  if (privateMetadata)
+    return value;
+  let redacted = value;
+  const localHostname = hostname5();
+  const localUser = process.env["USER"] || process.env["LOGNAME"] || process.env["USERNAME"];
+  if (localHostname)
+    redacted = redacted.replaceAll(localHostname, "[redacted-host]");
+  if (localUser)
+    redacted = redacted.replaceAll(localUser, "[redacted-user]");
+  return redactErrorMessage(redacted.replace(/[a-z][a-z0-9+.-]*:\/\/[^\s'")]+/gi, (match) => {
+    const scheme = match.match(/^([a-z][a-z0-9+.-]*:\/\/)/i)?.[1] ?? "";
+    return `${scheme}[redacted]`;
+  }).replace(/\b10(?:\.\d{1,3}){3}\b/g, "[redacted-ip]").replace(/\b172\.(?:1[6-9]|2\d|3[01])(?:\.\d{1,3}){2}\b/g, "[redacted-ip]").replace(/\b192\.168(?:\.\d{1,3}){2}\b/g, "[redacted-ip]").replace(/\b100\.(?:6[4-9]|[7-9]\d|1[01]\d|12[0-7])(?:\.\d{1,3}){2}\b/g, "[redacted-ip]").replace(/\b(password|passwd|token|secret|api[_-]?key)=([^&\s]+)/gi, "$1=[redacted]"));
+}
+function sanitizeValue(value, privateMetadata) {
+  if (typeof value === "string")
+    return sanitizePublicString(value, privateMetadata);
+  if (Array.isArray(value))
+    return value.map((entry) => sanitizeValue(entry, privateMetadata));
+  if (value && typeof value === "object")
+    return sanitizeRecord(value, privateMetadata);
+  return value;
+}
+function sanitizeRecord(value, privateMetadata) {
+  const sanitized = {};
+  for (const [key, entry] of Object.entries(value)) {
+    if (!privateMetadata && /(hostname|hostName|user|username|serial|dnsName|ip|ips|databaseUrl|url|token|secret|password|credential)/i.test(key)) {
+      sanitized[key] = "[redacted]";
+      continue;
+    }
+    sanitized[key] = sanitizeValue(entry, privateMetadata);
+  }
+  return sanitized;
+}
+function writeHeartbeat(status = "online", options = {}) {
+  const machineId = getLocalMachineId();
+  upsertHeartbeat(machineId, process.pid, status, collectHeartbeatMetadata(machineId, options));
+  return getAgentStatus(machineId, { privateMetadata: resolvePrivateMetadata(options.privateMetadata) }).find((heartbeat) => heartbeat.pid === process.pid) ?? {
+    machineId,
+    pid: process.pid,
+    status,
+    updatedAt: new Date().toISOString()
+  };
+}
+function sleep(ms) {
+  return new Promise((resolve2) => setTimeout(resolve2, ms));
+}
+function sanitizeStorageError(message, privateMetadata) {
+  return privateMetadata ? message : redactErrorMessage(message);
+}
+async function pushHeartbeatRowsWithRetry(options, privateMetadata) {
+  const retries = Number.isInteger(options.storagePushRetries) && options.storagePushRetries >= 0 ? options.storagePushRetries : 2;
+  const backoffMs = Number.isInteger(options.storagePushBackoffMs) && options.storagePushBackoffMs >= 0 ? options.storagePushBackoffMs : 250;
+  const attempts = retries + 1;
+  let lastError = null;
+  for (let attempt = 1;attempt <= attempts; attempt += 1) {
+    try {
+      const results = await storagePush({ tables: ["agent_heartbeats"] });
+      const errors2 = results.flatMap((result) => result.errors);
+      if (errors2.length === 0)
+        return { ok: true, error: null, attempts: attempt };
+      lastError = errors2.map((error) => sanitizeStorageError(error, privateMetadata)).join("; ");
+    } catch (error) {
+      lastError = sanitizeStorageError(error instanceof Error ? error.message : String(error), privateMetadata);
+    }
+    if (attempt < attempts && backoffMs > 0) {
+      await sleep(backoffMs * attempt);
+    }
+  }
+  return { ok: false, error: lastError, attempts };
+}
+async function writeHeartbeatTick(status = "online", options = {}) {
+  const privateMetadata = resolvePrivateMetadata(options.privateMetadata);
+  if (!options.storagePush)
+    return writeHeartbeat(status, { ...options, storageSyncStatus: options.storageSyncStatus ?? "disabled" });
+  let heartbeat = writeHeartbeat(status, { ...options, doctorSummary: false, storageSyncStatus: "pending", storageSyncLastError: null });
+  const pushed = await pushHeartbeatRowsWithRetry(options, privateMetadata);
+  heartbeat = writeHeartbeat(status, {
+    ...options,
+    storageSyncStatus: pushed.ok ? "ok" : "error",
+    storageSyncLastError: pushed.ok ? null : `${pushed.error ?? "storage push failed"} (attempts=${pushed.attempts})`
+  });
+  if (pushed.ok) {
+    const finalPush = await pushHeartbeatRowsWithRetry({ ...options, storagePushRetries: 0 }, privateMetadata);
+    if (!finalPush.ok) {
+      heartbeat = writeHeartbeat(status, {
+        ...options,
+        storageSyncStatus: "error",
+        storageSyncLastError: `${finalPush.error ?? "final storage push failed"} (attempts=${finalPush.attempts})`
+      });
+      await pushHeartbeatRowsWithRetry({ ...options, storagePushRetries: 0 }, privateMetadata);
+    }
+  }
+  return heartbeat;
+}
+function markOffline(options = {}) {
+  return writeHeartbeat("offline", options);
+}
+function getAgentStatus(machineId, options = {}) {
+  return listHeartbeats(machineId).map((heartbeat) => heartbeatToStatus(heartbeat, options));
 }
 // src/commands/backup.ts
-import { homedir as homedir2, hostname as hostname5 } from "os";
+import { homedir as homedir2, hostname as hostname6 } from "os";
 import { join as join3 } from "path";
 var MACHINES_BACKUP_BUCKET_ENV = "HASNA_MACHINES_S3_BUCKET";
 var MACHINES_BACKUP_BUCKET_FALLBACK_ENV = "MACHINES_S3_BUCKET";
@@ -12741,7 +13421,7 @@ function buildBackupPlan(bucket, prefix) {
     {
       id: "backup-upload",
       title: "Upload archive to S3",
-      command: `aws s3 cp ${quote(archivePath)} ${quote(`s3://${target.bucket}/${target.prefix}/${hostname5()}-backup.tgz`)}`,
+      command: `aws s3 cp ${quote(archivePath)} ${quote(`s3://${target.bucket}/${target.prefix}/${hostname6()}-backup.tgz`)}`,
       manager: "custom"
     }
   ];
@@ -12918,7 +13598,7 @@ function runAppsInstall(machineId, options = {}, runner = runMachineCommand) {
   };
 }
 // src/commands/cert.ts
-import { homedir as homedir3, platform as platform3 } from "os";
+import { homedir as homedir3, platform as platform4 } from "os";
 import { join as join4 } from "path";
 function quote2(value) {
   return `'${value.replace(/'/g, `'\\''`)}'`;
@@ -12934,7 +13614,7 @@ function buildCertPlan(domains) {
   const certPath = join4(certDir(), `${primary}.pem`);
   const keyPath = join4(certDir(), `${primary}-key.pem`);
   const steps = [];
-  if (platform3() === "darwin") {
+  if (platform4() === "darwin") {
     steps.push({
       id: "mkcert-install-macos",
       title: "Install mkcert on macOS",
@@ -13037,189 +13717,448 @@ function renderDomainMapping(domain) {
     keyPath: join5(getDataDir(), "certs", `${entry.domain}-key.pem`)
   };
 }
-// src/commands/doctor.ts
-var DOCTOR_OPTIONAL_ADAPTER_DOMAINS = ["secrets", "configs", "monitor", "repos", "mcps", "shield"];
-function makeCheck2(id, status, summary, detail, extra = {}) {
-  const { data, ...rest } = extra;
+// src/commands/daemon.ts
+import { execFileSync as execFileSync2 } from "child_process";
+import { chmodSync, mkdirSync as mkdirSync2, writeFileSync as writeFileSync3 } from "fs";
+import { dirname as dirname4 } from "path";
+import { platform as osPlatform } from "os";
+var DEFAULT_SERVICE_NAME = "machines-agent";
+var DEFAULT_EXECUTABLE = "/usr/local/bin/machines-agent";
+var DEFAULT_INTERVAL_MS = 30000;
+var ENV_NAME_PATTERN = /^[A-Z_][A-Z0-9_]*$/;
+var SERVICE_NAME_PATTERN = /^[A-Za-z0-9_.-]+$/;
+function buildDaemonServicePlan(options) {
+  const resolved = resolveDaemonServiceOptions(options);
+  const files = resolved.action === "install" ? [buildServiceFile(resolved)] : [];
   return {
-    ...rest,
-    id,
-    status,
-    summary,
-    detail,
-    data: data ? redactSensitiveValue(data) : undefined
+    platform: resolved.platform,
+    mode: resolved.mode,
+    action: resolved.action,
+    serviceName: resolved.serviceName,
+    serviceId: resolved.serviceId,
+    executable: resolved.executable,
+    intervalMs: resolved.intervalMs,
+    commands: buildActionCommands(resolved),
+    files,
+    warnings: resolved.warnings,
+    manualSteps: buildManualSteps(resolved, files)
+  };
+}
+function runDaemonServicePlan(plan, options = {}) {
+  const apply = options.apply === true;
+  const allowed = apply && options.yes === true;
+  const warnings = [...plan.warnings];
+  const filesWritten = [];
+  const commands = [];
+  if (apply && !allowed) {
+    warnings.push("apply_requires_yes");
+  }
+  if (allowed) {
+    for (const file of plan.files) {
+      const path = expandShellPath(file.path);
+      let content;
+      try {
+        content = materializePlaceholders(file.content);
+      } catch (error) {
+        warnings.push(error instanceof Error ? error.message : String(error));
+        return {
+          mode: "plan",
+          applied: false,
+          plan,
+          filesWritten,
+          commands: plan.commands.map((commandSpec) => ({
+            id: commandSpec.id,
+            command: renderCommand(commandSpec),
+            skipped: true,
+            exitCode: null,
+            stdout: "",
+            stderr: ""
+          })),
+          warnings
+        };
+      }
+      mkdirSync2(dirname4(path), { recursive: true });
+      writeFileSync3(path, content, "utf8");
+      chmodSync(path, Number.parseInt(file.mode, 8));
+      filesWritten.push(path);
+    }
+  }
+  for (const commandSpec of plan.commands) {
+    const commandLine = renderCommand(commandSpec);
+    if (!allowed) {
+      commands.push({
+        id: commandSpec.id,
+        command: commandLine,
+        skipped: true,
+        exitCode: null,
+        stdout: "",
+        stderr: ""
+      });
+      continue;
+    }
+    const program = commandLine[0];
+    const args = commandLine.slice(1);
+    try {
+      const result = execFileSync2(program, args, { encoding: "utf8", stdio: ["ignore", "pipe", "pipe"] });
+      commands.push({
+        id: commandSpec.id,
+        command: commandLine,
+        skipped: false,
+        exitCode: 0,
+        stdout: result,
+        stderr: ""
+      });
+    } catch (error) {
+      const maybe = error;
+      if (commandSpec.allowFailure) {
+        commands.push({
+          id: commandSpec.id,
+          command: commandLine,
+          skipped: false,
+          exitCode: typeof maybe.status === "number" ? maybe.status : 1,
+          stdout: String(maybe.stdout ?? ""),
+          stderr: String(maybe.stderr ?? ""),
+          error: maybe.message ?? String(error)
+        });
+        continue;
+      }
+      commands.push({
+        id: commandSpec.id,
+        command: commandLine,
+        skipped: false,
+        exitCode: typeof maybe.status === "number" ? maybe.status : 1,
+        stdout: String(maybe.stdout ?? ""),
+        stderr: String(maybe.stderr ?? ""),
+        error: maybe.message ?? String(error)
+      });
+      break;
+    }
+  }
+  return {
+    mode: allowed ? "apply" : "plan",
+    applied: allowed,
+    plan,
+    filesWritten,
+    commands,
+    warnings
+  };
+}
+function buildDaemonInstallPlan(options = {}) {
+  return buildDaemonServicePlan({ ...options, action: "install" });
+}
+function buildDaemonUninstallPlan(options = {}) {
+  return buildDaemonServicePlan({ ...options, action: "uninstall" });
+}
+function buildDaemonRestartPlan(options = {}) {
+  return buildDaemonServicePlan({ ...options, action: "restart" });
+}
+function buildDaemonStatusPlan(options = {}) {
+  return buildDaemonServicePlan({ ...options, action: "status" });
+}
+function buildDaemonLogsPlan(options = {}) {
+  return buildDaemonServicePlan({ ...options, action: "logs" });
+}
+function renderLaunchdPlist(options = {}) {
+  const resolved = resolveDaemonServiceOptions({ ...options, action: "install", platform: "macos" });
+  return launchdPlist(resolved);
+}
+function renderSystemdUnit(options = {}) {
+  const resolved = resolveDaemonServiceOptions({ ...options, action: "install", platform: "linux" });
+  return systemdUnit(resolved);
+}
+function resolveDaemonServiceOptions(options) {
+  const warnings = [];
+  const serviceName = normalizeServiceName(options.serviceName, warnings);
+  const platform5 = normalizePlatform3(options.platform, warnings);
+  const mode = options.mode ?? "user";
+  const intervalMs = normalizeIntervalMs(options.intervalMs, warnings);
+  const executable = options.executable?.trim() || DEFAULT_EXECUTABLE;
+  if (platform5 === "linux" && !executable.startsWith("/")) {
+    warnings.push("systemd units should use an absolute executable path; install plan keeps the provided path unchanged.");
+  }
+  return {
+    action: options.action,
+    platform: platform5,
+    mode,
+    serviceName,
+    serviceId: serviceName,
+    executable,
+    intervalMs,
+    env: buildEnvironment(serviceName, options, warnings),
+    warnings
   };
 }
-function parseKeyValueOutput(stdout) {
-  const result = {};
-  for (const line of stdout.trim().split(`
-`)) {
-    const index = line.indexOf("=");
-    if (index <= 0)
+function normalizeServiceName(value, warnings) {
+  const serviceName = value?.trim() || DEFAULT_SERVICE_NAME;
+  if (SERVICE_NAME_PATTERN.test(serviceName))
+    return serviceName;
+  warnings.push(`Invalid serviceName "${serviceName}"; using ${DEFAULT_SERVICE_NAME}.`);
+  return DEFAULT_SERVICE_NAME;
+}
+function normalizePlatform3(value, warnings) {
+  const raw = value ?? osPlatform();
+  if (raw === "darwin" || raw === "macos")
+    return "macos";
+  if (raw === "linux")
+    return "linux";
+  warnings.push(`Unsupported platform "${raw}"; using linux service planning.`);
+  return "linux";
+}
+function normalizeIntervalMs(value, warnings) {
+  if (value === undefined)
+    return DEFAULT_INTERVAL_MS;
+  if (Number.isInteger(value) && value > 0)
+    return value;
+  warnings.push(`Invalid intervalMs "${String(value)}"; using ${DEFAULT_INTERVAL_MS}.`);
+  return DEFAULT_INTERVAL_MS;
+}
+function buildEnvironment(serviceName, options, warnings) {
+  const env = {
+    HASNA_MACHINES_AGENT_MODE: "daemon",
+    HASNA_MACHINES_AGENT_SERVICE: serviceName
+  };
+  if (options.storagePush) {
+    env["HASNA_MACHINES_AGENT_STORAGE_PUSH"] = "1";
+    env["HASNA_MACHINES_AGENT_STORAGE_PUSH_BACKOFF_MS"] = "250";
+    env["HASNA_MACHINES_AGENT_STORAGE_PUSH_RETRIES"] = "2";
+    env["HASNA_MACHINES_STORAGE_MODE"] = "hybrid";
+    env["HASNA_MACHINES_DATABASE_URL"] = placeholderForEnv("HASNA_MACHINES_DATABASE_URL");
+    warnings.push("storagePush is represented with env placeholders; no database URL is embedded in the plan.");
+  }
+  if (options.doctorSummary) {
+    env["HASNA_MACHINES_AGENT_DOCTOR_SUMMARY"] = "1";
+  }
+  if (options.privateMetadata === true) {
+    env["HASNA_MACHINES_PRIVATE_METADATA"] = "1";
+    warnings.push("privateMetadata=true enables private host/network facts in heartbeat rows; do not share private-mode output publicly.");
+  } else if (Array.isArray(options.privateMetadata)) {
+    addEnvPlaceholders(env, options.privateMetadata, warnings);
+  }
+  addEnvPlaceholders(env, options.env ?? [], warnings);
+  return Object.fromEntries(Object.entries(env).sort(([left], [right]) => left.localeCompare(right)));
+}
+function addEnvPlaceholders(env, names, warnings) {
+  for (const rawName of names) {
+    const name = rawName.trim();
+    if (!ENV_NAME_PATTERN.test(name)) {
+      warnings.push(`Invalid environment variable name "${rawName}"; skipped.`);
       continue;
-    result[line.slice(0, index)] = line.slice(index + 1);
+    }
+    env[name] = placeholderForEnv(name);
   }
-  return result;
 }
-function buildDoctorCommand() {
+function placeholderForEnv(name) {
+  return `<set:${name}>`;
+}
+function buildServiceFile(options) {
+  if (options.platform === "macos") {
+    return {
+      id: "launchd-plist",
+      description: "launchd property list for machines-agent",
+      path: launchdPlistPath(options),
+      mode: "0644",
+      content: launchdPlist(options)
+    };
+  }
+  return {
+    id: "systemd-unit",
+    description: "systemd unit for machines-agent",
+    path: systemdUnitPath(options),
+    mode: "0644",
+    content: systemdUnit(options)
+  };
+}
+function buildActionCommands(options) {
+  if (options.platform === "macos")
+    return buildLaunchdCommands(options);
+  return buildSystemdCommands(options);
+}
+function buildLaunchdCommands(options) {
+  const domain = launchdDomain(options);
+  const serviceTarget = `${domain}/${options.serviceId}`;
+  const plistPath = launchdPlistPath(options);
+  const sudo = options.mode === "system";
+  if (options.action === "install") {
+    return [
+      command("launchd-bootout-existing", "Unload any existing launchd job before bootstrap.", "launchctl", ["bootout", domain, plistPath], sudo, true, true),
+      command("launchd-bootstrap", "Load the planned launchd plist.", "launchctl", ["bootstrap", domain, plistPath], sudo, true),
+      command("launchd-enable", "Enable the launchd service.", "launchctl", ["enable", serviceTarget], sudo, true),
+      command("launchd-kickstart", "Start or restart the launchd service.", "launchctl", ["kickstart", "-k", serviceTarget], sudo, true)
+    ];
+  }
+  if (options.action === "uninstall") {
+    return [
+      command("launchd-bootout", "Unload the launchd job.", "launchctl", ["bootout", domain, plistPath], sudo, true),
+      command("remove-launchd-plist", "Remove the planned launchd plist file.", "rm", ["-f", plistPath], sudo, true)
+    ];
+  }
+  if (options.action === "restart") {
+    return [command("launchd-kickstart", "Restart the launchd service.", "launchctl", ["kickstart", "-k", serviceTarget], sudo, true)];
+  }
+  if (options.action === "status") {
+    return [command("launchd-print", "Print launchd service status.", "launchctl", ["print", serviceTarget], sudo, false)];
+  }
   return [
-    'data_dir="${HASNA_MACHINES_DIR:-$HOME/.hasna/machines}"',
-    'manifest_path="${HASNA_MACHINES_MANIFEST_PATH:-$data_dir/machines.json}"',
-    'db_path="${HASNA_MACHINES_DB_PATH:-$data_dir/machines.db}"',
-    'notifications_path="${HASNA_MACHINES_NOTIFICATIONS_PATH:-$data_dir/notifications.json}"',
-    `printf 'data_dir=%s\\n' "$data_dir"`,
-    `printf 'manifest_path=%s\\n' "$manifest_path"`,
-    `printf 'db_path=%s\\n' "$db_path"`,
-    `printf 'notifications_path=%s\\n' "$notifications_path"`,
-    `printf 'data_dir_exists=%s\\n' "$(test -d "$data_dir" && printf yes || printf no)"`,
-    `printf 'manifest_exists=%s\\n' "$(test -e "$manifest_path" && printf yes || printf no)"`,
-    `printf 'db_exists=%s\\n' "$(test -e "$db_path" && printf yes || printf no)"`,
-    `printf 'notifications_exists=%s\\n' "$(test -e "$notifications_path" && printf yes || printf no)"`,
-    `printf 'bun=%s\\n' "$(bun --version 2>/dev/null || printf missing)"`,
-    `printf 'ssh=%s\\n' "$(command -v ssh >/dev/null 2>&1 && printf ok || printf missing)"`,
-    `printf 'machines=%s\\n' "$(command -v machines 2>/dev/null || printf missing)"`,
-    `printf 'machines_agent=%s\\n' "$(command -v machines-agent 2>/dev/null || printf missing)"`,
-    `printf 'machines_mcp=%s\\n' "$(command -v machines-mcp 2>/dev/null || printf missing)"`,
-    `printf 'sudo_noninteractive=%s\\n' "$(sudo -n true >/dev/null 2>&1 && printf ok || printf unavailable)"`,
-    `printf 'ssh_cert_support=%s\\n' "$(ssh -Q key-cert 2>/dev/null | grep -q 'ssh-ed25519-cert-v01@openssh.com' && printf ok || printf unavailable)"`,
-    `printf 'gh_cli=%s\\n' "$(command -v gh 2>/dev/null || printf missing)"`,
-    `printf 'gh_auth=%s\\n' "$(gh auth status >/dev/null 2>&1 && printf ok || printf unavailable)"`,
-    "printf 'github_app_ref=%s\\n' \"$(test -n \\\"${HASNA_GITHUB_APP_ID:-}\\\" -a -n \\\"${HASNA_GITHUB_APP_PRIVATE_KEY_REF:-}\\\" && printf configured || printf missing)\""
-  ].join("; ");
+    command("launchd-logs", "Stream logs for machines-agent.", "log", ["stream", "--style", "compact", "--predicate", `process == "${basename(options.executable)}" OR eventMessage CONTAINS "${options.serviceId}"`], false, false)
+  ];
 }
-function fallbackAdapterCheck(domain) {
-  return makeCheck2(`${domain}-adapter`, "ok", `Optional ${domain} adapter`, `No ${domain} adapter configured; skipped optional private integration check.`, {
-    optional: true,
-    source: "open-machines",
-    data: { configured: false, fallback: true }
-  });
+function buildSystemdCommands(options) {
+  const userFlag = options.mode === "user" ? ["--user"] : [];
+  const sudo = options.mode === "system";
+  const unitName = systemdUnitName(options);
+  const daemonReload = command("systemd-daemon-reload", "Reload systemd unit metadata.", "systemctl", [...userFlag, "daemon-reload"], sudo, true);
+  if (options.action === "install") {
+    return [
+      daemonReload,
+      command("systemd-enable-now", "Enable and start the systemd service.", "systemctl", [...userFlag, "enable", "--now", unitName], sudo, true)
+    ];
+  }
+  if (options.action === "uninstall") {
+    return [
+      command("systemd-disable-now", "Stop and disable the systemd service.", "systemctl", [...userFlag, "disable", "--now", unitName], sudo, true),
+      command("remove-systemd-unit", "Remove the planned systemd unit file.", "rm", ["-f", systemdUnitPath(options)], sudo, true),
+      daemonReload
+    ];
+  }
+  if (options.action === "restart") {
+    return [command("systemd-restart", "Restart the systemd service.", "systemctl", [...userFlag, "restart", unitName], sudo, true)];
+  }
+  if (options.action === "status") {
+    return [command("systemd-status", "Show systemd service status.", "systemctl", [...userFlag, "status", unitName, "--no-pager"], sudo, false)];
+  }
+  return [
+    command("systemd-logs", "Follow journal logs for the service.", "journalctl", [...userFlag, "-u", unitName, "-f", "--no-pager"], sudo, false)
+  ];
 }
-function sanitizeAdapterCheck(check, domain, adapterId) {
-  const safeAdapterId = redactIdentifier(adapterId);
-  return makeCheck2(check.id.startsWith(`${domain}-`) || check.id.startsWith(`${domain}:`) ? check.id : `${domain}:${check.id}`, check.status, check.summary, String(redactSensitiveValue(check.detail)), {
-    ...check,
-    optional: check.optional ?? true,
-    source: check.source ? String(redactSensitiveValue(check.source)) : `adapter:${safeAdapterId}`,
-    data: check.data ? redactSensitiveValue(check.data) : undefined
-  });
+function buildManualSteps(options, files) {
+  const steps = [];
+  if (files[0])
+    steps.push(`Write ${files[0].id} content to ${files[0].path} with mode ${files[0].mode}.`);
+  if (options.mode === "system")
+    steps.push("Run commands marked sudo with root privileges.");
+  if (options.platform === "linux" && options.mode === "user") {
+    steps.push("Run commands as the target user; enable lingering separately if the service must survive logout.");
+  }
+  if (options.action === "logs")
+    steps.push("Stop the log command manually when finished.");
+  return steps;
 }
-function runOptionalAdapterChecks(context, adapters) {
-  const checks = [];
-  for (const domain of DOCTOR_OPTIONAL_ADAPTER_DOMAINS) {
-    const adapter2 = adapters.find((candidate) => candidate.checks?.[domain]);
-    const hook = adapter2?.checks?.[domain];
-    if (!adapter2 || !hook) {
-      checks.push(fallbackAdapterCheck(domain));
-      continue;
+function command(id, description, program, args, sudo, mutates, allowFailure = false) {
+  return { id, description, program, args, sudo, mutates, ...allowFailure ? { allowFailure: true } : {} };
+}
+function renderCommand(commandSpec) {
+  const expanded = [commandSpec.program, ...commandSpec.args].map(expandShellPath);
+  if (commandSpec.sudo)
+    return ["sudo", ...expanded];
+  return expanded;
+}
+function expandShellPath(path) {
+  if (path.startsWith("$HOME/"))
+    return `${process.env["HOME"] ?? ""}/${path.slice("$HOME/".length)}`;
+  return path.replaceAll("$HOME", process.env["HOME"] ?? "").replaceAll("$UID", String(process.getuid ? process.getuid() : ""));
+}
+function materializePlaceholders(content) {
+  return content.replace(/(?:<set:([A-Z_][A-Z0-9_]*)>|&lt;set:([A-Z_][A-Z0-9_]*)&gt;)/g, (_match, rawName, escapedName) => {
+    const name = rawName ?? escapedName ?? "";
+    const value = process.env[name];
+    if (value === undefined || value === "") {
+      throw new Error(`Missing environment variable required for service apply: ${name}`);
     }
-    try {
-      const result = hook(context);
-      const domainChecks = Array.isArray(result) ? result : result ? [result] : [fallbackAdapterCheck(domain)];
-      checks.push(...domainChecks.map((check) => sanitizeAdapterCheck(check, domain, adapter2.id)));
-    } catch {
-      const safeAdapterId = redactIdentifier(adapter2.id);
-      checks.push(makeCheck2(`${domain}-adapter`, "warn", `Optional ${domain} adapter failed`, "Adapter failed; details are intentionally hidden to avoid leaking private refs or credentials.", {
-        optional: true,
-        source: `adapter:${safeAdapterId}`,
-        data: { adapter: safeAdapterId, fallback: true }
-      }));
+    if (/[\u0000-\u001f\u007f]/.test(value)) {
+      throw new Error(`Environment variable ${name} contains control characters; refusing to write service file.`);
     }
-  }
-  return checks;
+    return escapedName ? xmlEscape(value) : escapeSystemdEnvironmentValue(value);
+  });
 }
-function runDoctor(machineId, options = {}) {
-  const implicitLocalMachine = !machineId;
-  const requestedMachineId = machineId ?? getLocalMachineId();
-  const reportedMachineId = implicitLocalMachine ? "local" : requestedMachineId;
-  const now = options.now ?? new Date;
-  const { manifest, info: manifestSource } = readManifestWithSource({ adapter: options.manifestAdapter ?? null });
-  const commandChecks = runMachineCommand(requestedMachineId, buildDoctorCommand());
-  const details = parseKeyValueOutput(commandChecks.stdout);
-  const machineInManifest = manifest.machines.find((machine) => machine.id === requestedMachineId);
-  const diagnosticMachine = machineInManifest ? redactManifestForDiagnostics(machineInManifest) : null;
-  if (implicitLocalMachine && diagnosticMachine)
-    diagnosticMachine.id = reportedMachineId;
-  const optionalAdapterChecks = options.includeOptionalAdapters === false ? [] : runOptionalAdapterChecks({
-    machineId: requestedMachineId,
-    manifest,
-    manifestSource,
-    commandDetails: details,
-    now
-  }, options.adapters ?? []);
-  const checks = [
-    makeCheck2("manifest-source", manifestSource.warnings.length > 0 ? "warn" : "ok", "Manifest source boundary", `${manifestSource.source.kind}:${manifestSource.source.ref} loaded from ${manifestSource.loadedFrom}`, {
-      data: {
-        source: manifestSource.source,
-        loadedFrom: manifestSource.loadedFrom,
-        fallbackSource: manifestSource.fallbackSource,
-        warnings: manifestSource.warnings
-      },
-      remediation: manifestSource.warnings.length > 0 ? ["Provide a private manifest adapter or unset the private manifest ref to use the local manifest only."] : undefined
-    }),
-    makeCheck2("manifest-entry", machineInManifest ? "ok" : "warn", machineInManifest ? "Machine exists in manifest" : "Machine missing from manifest", diagnosticMachine ? JSON.stringify(diagnosticMachine) : `No manifest entry for ${reportedMachineId}`, {
-      data: {
-        declared: Boolean(machineInManifest),
-        machine: diagnosticMachine
-      }
-    }),
-    makeCheck2("data-dir", details["data_dir_exists"] === "yes" ? "ok" : "warn", "Data directory check", `${redactPath(details["data_dir"] || "unknown")} ${details["data_dir_exists"] === "yes" ? "exists" : "missing"}`, {
-      data: {
-        path: redactPath(details["data_dir"] || "unknown"),
-        exists: details["data_dir_exists"] === "yes"
-      }
-    }),
-    makeCheck2("manifest-path", details["manifest_exists"] === "yes" ? "ok" : "warn", "Manifest path check", `${redactPath(details["manifest_path"] || "unknown")} ${details["manifest_exists"] === "yes" ? "exists" : "missing"}`, {
-      data: {
-        path: redactPath(details["manifest_path"] || "unknown"),
-        exists: details["manifest_exists"] === "yes"
-      }
-    }),
-    makeCheck2("db-path", details["db_exists"] === "yes" ? "ok" : "warn", "DB path check", `${redactPath(details["db_path"] || "unknown")} ${details["db_exists"] === "yes" ? "exists" : "missing"}`, {
-      data: {
-        path: redactPath(details["db_path"] || "unknown"),
-        exists: details["db_exists"] === "yes"
-      }
-    }),
-    makeCheck2("notifications-path", details["notifications_exists"] === "yes" ? "ok" : "warn", "Notifications path check", `${redactPath(details["notifications_path"] || "unknown")} ${details["notifications_exists"] === "yes" ? "exists" : "missing"}`, {
-      data: {
-        path: redactPath(details["notifications_path"] || "unknown"),
-        exists: details["notifications_exists"] === "yes"
-      }
-    }),
-    makeCheck2("bun", details["bun"] && details["bun"] !== "missing" ? "ok" : "fail", "Bun availability", details["bun"] || "missing"),
-    makeCheck2("machines-cli", details["machines"] && details["machines"] !== "missing" ? "ok" : "warn", "machines CLI availability", details["machines"] || "missing"),
-    makeCheck2("machines-agent-cli", details["machines_agent"] && details["machines_agent"] !== "missing" ? "ok" : "warn", "machines-agent availability", details["machines_agent"] || "missing"),
-    makeCheck2("machines-mcp-cli", details["machines_mcp"] && details["machines_mcp"] !== "missing" ? "ok" : "warn", "machines-mcp availability", details["machines_mcp"] || "missing"),
-    makeCheck2("ssh", details["ssh"] === "ok" ? "ok" : "warn", "SSH availability", details["ssh"] || "missing"),
-    makeCheck2("sudo-noninteractive", details["sudo_noninteractive"] === "ok" ? "ok" : "warn", "Noninteractive sudo availability", details["sudo_noninteractive"] === "ok" ? "sudo -n is available" : "sudo -n unavailable; setup may require user-provided approval or password handling.", {
-      data: { available: details["sudo_noninteractive"] === "ok" },
-      remediation: details["sudo_noninteractive"] === "ok" ? undefined : ["Configure explicit sudo policy or run setup commands manually; do not store sudo passwords in public manifests."]
-    }),
-    makeCheck2("ssh-cert-support", details["ssh_cert_support"] === "ok" ? "ok" : "warn", "SSH certificate support", details["ssh_cert_support"] === "ok" ? "OpenSSH reports ed25519 certificate support" : "OpenSSH certificate support not detected.", {
-      data: { supported: details["ssh_cert_support"] === "ok" },
-      remediation: details["ssh_cert_support"] === "ok" ? undefined : ["Install or update OpenSSH before adopting SSH certificate auth for this machine."]
-    }),
-    makeCheck2("github-app-auth", details["github_app_ref"] === "configured" ? "ok" : "warn", "GitHub App auth references", details["github_app_ref"] === "configured" ? "GitHub App id and private-key reference are configured" : "GitHub App id/private-key reference missing; use secret references, not user tokens or raw private keys.", {
-      data: {
-        gh_cli: details["gh_cli"] && details["gh_cli"] !== "missing",
-        gh_auth: details["gh_auth"] === "ok",
-        app_ref_configured: details["github_app_ref"] === "configured"
-      },
-      remediation: details["github_app_ref"] === "configured" ? undefined : ["Set HASNA_GITHUB_APP_ID plus HASNA_GITHUB_APP_PRIVATE_KEY_REF or provide an equivalent open-secrets adapter."]
-    }),
-    ...optionalAdapterChecks
-  ];
-  return {
-    machineId: reportedMachineId,
-    source: commandChecks.source,
-    schemaVersion: 1,
-    generatedAt: now.toISOString(),
-    manifestSource,
-    manifestPath: details["manifest_path"] ? redactPath(details["manifest_path"]) : undefined,
-    dbPath: details["db_path"] ? redactPath(details["db_path"]) : undefined,
-    notificationsPath: details["notifications_path"] ? redactPath(details["notifications_path"]) : undefined,
-    checks
-  };
+function escapeSystemdEnvironmentValue(value) {
+  return value.replace(/\\/g, "\\\\").replace(/"/g, "\\\"").replace(/%/g, "%%");
+}
+function launchdPlist(options) {
+  const env = Object.entries(options.env).map(([name, value]) => `    <key>${xmlEscape(name)}</key>
+    <string>${xmlEscape(value)}</string>`).join(`
+`);
+  return `<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+  <key>Label</key>
+  <string>${xmlEscape(options.serviceId)}</string>
+  <key>ProgramArguments</key>
+  <array>
+    <string>${xmlEscape(options.executable)}</string>
+    <string>--interval-ms</string>
+    <string>${options.intervalMs}</string>
+  </array>
+  <key>EnvironmentVariables</key>
+  <dict>
+${env}
+  </dict>
+  <key>KeepAlive</key>
+  <true/>
+  <key>RunAtLoad</key>
+  <true/>
+  <key>StandardOutPath</key>
+  <string>${xmlEscape(launchdLogPath(options, "out"))}</string>
+  <key>StandardErrorPath</key>
+  <string>${xmlEscape(launchdLogPath(options, "err"))}</string>
+</dict>
+</plist>
+`;
+}
+function systemdUnit(options) {
+  const env = Object.entries(options.env).map(([name, value]) => `Environment=${quoteSystemdEnvironment(name, value)}`).join(`
+`);
+  return `[Unit]
+Description=Hasna machines agent
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+ExecStart=${quoteSystemdExecArg(options.executable)} --interval-ms ${options.intervalMs}
+Restart=always
+RestartSec=10
+${env}
+
+[Install]
+WantedBy=${options.mode === "system" ? "multi-user.target" : "default.target"}
+`;
+}
+function launchdDomain(options) {
+  return options.mode === "system" ? "system" : "gui/$UID";
+}
+function launchdPlistPath(options) {
+  if (options.mode === "system")
+    return `/Library/LaunchDaemons/${options.serviceId}.plist`;
+  return `$HOME/Library/LaunchAgents/${options.serviceId}.plist`;
+}
+function launchdLogPath(options, stream) {
+  const fileName = `${options.serviceId}.${stream}.log`;
+  if (options.mode === "system")
+    return `/var/log/${fileName}`;
+  return `$HOME/Library/Logs/${fileName}`;
+}
+function systemdUnitName(options) {
+  return `${options.serviceId}.service`;
+}
+function systemdUnitPath(options) {
+  if (options.mode === "system")
+    return `/etc/systemd/system/${systemdUnitName(options)}`;
+  return `$HOME/.config/systemd/user/${systemdUnitName(options)}`;
+}
+function xmlEscape(value) {
+  return String(value).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
+}
+function quoteSystemdExecArg(value) {
+  if (/^[A-Za-z0-9_@%+=:,./-]+$/.test(value) && !value.includes("%"))
+    return value;
+  return `"${value.replace(/\\/g, "\\\\").replace(/"/g, "\\\"").replace(/%/g, "%%")}"`;
+}
+function quoteSystemdEnvironment(name, value) {
+  return `"${name}=${value.replace(/\\/g, "\\\\").replace(/"/g, "\\\"").replace(/%/g, "%%")}"`;
+}
+function basename(path) {
+  return path.split("/").filter(Boolean).at(-1) || path;
 }
 // src/commands/manifest.ts
 function manifestInit() {
@@ -13465,7 +14404,7 @@ function runTailscaleInstall(machineId, options = {}, runner = runMachineCommand
   };
 }
 // src/commands/notifications.ts
-import { existsSync as existsSync6, readFileSync as readFileSync4, writeFileSync as writeFileSync3 } from "fs";
+import { existsSync as existsSync6, readFileSync as readFileSync4, writeFileSync as writeFileSync4 } from "fs";
 var notificationChannelSchema = exports_external.object({
   id: exports_external.string(),
   type: exports_external.enum(["email", "webhook", "command"]),
@@ -13528,8 +14467,8 @@ ${message}
     };
   }
   if (hasCommand2("mail")) {
-    const command = `printf %s ${shellQuote6(message)} | mail -s ${shellQuote6(subject)} ${shellQuote6(channel.target)}`;
-    const result = Bun.spawnSync(["bash", "-lc", command], {
+    const command2 = `printf %s ${shellQuote6(message)} | mail -s ${shellQuote6(subject)} ${shellQuote6(channel.target)}`;
+    const result = Bun.spawnSync(["bash", "-lc", command2], {
       stdout: "pipe",
       stderr: "pipe",
       env: process.env
@@ -13633,7 +14572,7 @@ function writeNotificationConfig(config, path = getNotificationsPath()) {
     updatedAt: new Date().toISOString(),
     channels: sortChannels(config.channels)
   };
-  writeFileSync3(path, `${JSON.stringify(nextConfig, null, 2)}
+  writeFileSync4(path, `${JSON.stringify(nextConfig, null, 2)}
 `, "utf8");
   return nextConfig;
 }
@@ -13752,8 +14691,8 @@ function listPorts(machineId) {
   const targetMachineId = machineId || getLocalMachineId();
   const isLocal = targetMachineId === getLocalMachineId();
   const localCommand = "if command -v ss >/dev/null 2>&1; then ss -ltnpH; else lsof -nP -iTCP -sTCP:LISTEN; fi";
-  const command = isLocal ? localCommand : buildSshCommand(targetMachineId, localCommand);
-  const result = spawnSync3("bash", ["-lc", command], { encoding: "utf8" });
+  const command2 = isLocal ? localCommand : buildSshCommand(targetMachineId, localCommand);
+  const result = spawnSync3("bash", ["-lc", command2], { encoding: "utf8" });
   if (result.status !== 0) {
     throw new Error(result.stderr || `Failed to list ports for ${targetMachineId}`);
   }
@@ -13765,7 +14704,7 @@ function listPorts(machineId) {
 }
 // src/commands/runtime.ts
 import { spawnSync as spawnSync4 } from "child_process";
-import { setTimeout as sleep } from "timers/promises";
+import { setTimeout as sleep2 } from "timers/promises";
 import { EventsClient } from "@hasna/events";
 function probeTmuxPane(target, tmuxCommand = process.env["HASNA_MACHINES_TMUX_BIN"] || "tmux") {
   const checkedAt = new Date().toISOString();
@@ -13794,7 +14733,7 @@ async function watchTmuxPane(options) {
   const maxChecks = options.maxChecks ?? Number.POSITIVE_INFINITY;
   const client = options.client ?? new EventsClient;
   const probe = options.probe ?? ((paneTarget) => probeTmuxPane(paneTarget, options.tmuxCommand));
-  const wait = options.sleep ?? sleep;
+  const wait = options.sleep ?? sleep2;
   let lastPresent;
   let lastProbe;
   for (let checks = 1;checks <= maxChecks; checks += 1) {
@@ -13855,6 +14794,16 @@ async function emitTmuxEvent(client, type, probe, lastPresent, deliver) {
 import { EventsClient as EventsClient2, sanitizeChannelsForOutput } from "@hasna/events";
 
 // src/commands/status.ts
+function parseJsonObject2(value) {
+  if (!value)
+    return null;
+  try {
+    const parsed = JSON.parse(value);
+    return parsed && typeof parsed === "object" && !Array.isArray(parsed) ? parsed : null;
+  } catch {
+    return null;
+  }
+}
 function getStatus() {
   const manifest = readManifest();
   const heartbeats = listHeartbeats();
@@ -13878,7 +14827,12 @@ function getStatus() {
         platform: declared?.platform,
         manifestDeclared: Boolean(declared),
         heartbeatStatus: heartbeat?.status || "unknown",
-        lastHeartbeatAt: heartbeat?.updated_at
+        lastHeartbeatAt: heartbeat?.updated_at,
+        daemonVersion: heartbeat?.daemon_version ?? null,
+        agentMode: heartbeat?.agent_mode ?? null,
+        storageSyncStatus: heartbeat?.storage_sync_status ?? null,
+        doctorSummary: parseJsonObject2(heartbeat?.doctor_summary_json),
+        privateMetadata: Boolean(heartbeat?.private_metadata)
       };
     }),
     recentSetupRuns: countRuns("setup_runs"),
@@ -13901,6 +14855,9 @@ function getServeInfo(options = {}) {
       "/",
       "/health",
       "/api/status",
+      "/api/topology",
+      "/api/routes",
+      "/api/daemon/status",
       "/api/manifest",
       "/api/notifications",
       "/api/webhooks",
@@ -13918,6 +14875,7 @@ function getServeInfo(options = {}) {
 }
 function renderDashboardHtml() {
   const status = getStatus();
+  const topology = discoverMachineTopology();
   const manifest = manifestList();
   const notifications = listNotificationChannels();
   const doctor = runDoctor();
@@ -13956,17 +14914,20 @@ function renderDashboardHtml() {
         <section class="card"><div>Heartbeats</div><div class="stat">${status.heartbeatCount}</div></section>
         <section class="card"><div>Notification channels</div><div class="stat">${notifications.channels.length}</div></section>
         <section class="card"><div>Doctor warnings</div><div class="stat">${doctor.checks.filter((entry) => entry.status !== "ok").length}</div></section>
+        <section class="card"><div>Tailscale routes</div><div class="stat">${topology.machines.filter((machine) => machine.ssh.route === "tailscale").length}</div></section>
       </div>
 
       <section class="card" style="margin-top:16px">
         <h2>Machines</h2>
         <table>
-          <thead><tr><th>ID</th><th>Platform</th><th>Status</th><th>Last heartbeat</th></tr></thead>
+          <thead><tr><th>ID</th><th>Platform</th><th>Status</th><th>Agent</th><th>Storage</th><th>Last heartbeat</th></tr></thead>
           <tbody>
             ${status.machines.map((machine) => `<tr>
               <td><code>${escapeHtml(machine.machineId)}</code></td>
               <td>${escapeHtml(machine.platform || "unknown")}</td>
               <td><span class="badge ${escapeHtml(machine.heartbeatStatus)}">${escapeHtml(machine.heartbeatStatus)}</span></td>
+              <td>${escapeHtml(machine.agentMode || "unknown")} ${escapeHtml(machine.daemonVersion || "")}</td>
+              <td>${escapeHtml(machine.storageSyncStatus || "unknown")}</td>
               <td>${escapeHtml(machine.lastHeartbeatAt || "\u2014")}</td>
             </tr>`).join("")}
           </tbody>
@@ -14010,6 +14971,14 @@ function renderDashboardHtml() {
     <script>
       // Auto-refresh dashboard data every 15s
       const REFRESH_INTERVAL = 15000;
+      function escapeHtml(value) {
+        return String(value ?? "")
+          .replaceAll("&", "&amp;")
+          .replaceAll("<", "&lt;")
+          .replaceAll(">", "&gt;")
+          .replaceAll('"', "&quot;")
+          .replaceAll("'", "&#39;");
+      }
       async function refreshData() {
         try {
           const [statusRes, doctorRes] = await Promise.all([
@@ -14030,10 +14999,12 @@ function renderDashboardHtml() {
             tbody.innerHTML = status.machines
               .map((m) =>
                 "<tr>" +
-                "<td><code>" + m.machineId + "</code></td>" +
-                "<td>" + (m.platform || "unknown") + "</td>" +
-                '<td><span class="badge ' + m.heartbeatStatus + '">' + m.heartbeatStatus + '</span></td>' +
-                "<td>" + (m.lastHeartbeatAt || "\\u2014") + "</td>" +
+                "<td><code>" + escapeHtml(m.machineId) + "</code></td>" +
+                "<td>" + escapeHtml(m.platform || "unknown") + "</td>" +
+                '<td><span class="badge ' + escapeHtml(m.heartbeatStatus) + '">' + escapeHtml(m.heartbeatStatus) + '</span></td>' +
+                "<td>" + escapeHtml(m.agentMode || "unknown") + " " + escapeHtml(m.daemonVersion || "") + "</td>" +
+                "<td>" + escapeHtml(m.storageSyncStatus || "unknown") + "</td>" +
+                "<td>" + escapeHtml(m.lastHeartbeatAt || "\\u2014") + "</td>" +
                 "</tr>"
               )
               .join("");
@@ -14045,9 +15016,9 @@ function renderDashboardHtml() {
             doctorTbody.innerHTML = doctor.checks
               .map((c) =>
                 "<tr>" +
-                "<td>" + c.summary + "</td>" +
-                '<td><span class="badge ' + c.status + '">' + c.status + '</span></td>' +
-                '<td class="muted">' + c.detail + "</td>" +
+                "<td>" + escapeHtml(c.summary) + "</td>" +
+                '<td><span class="badge ' + escapeHtml(c.status) + '">' + escapeHtml(c.status) + '</span></td>' +
+                '<td class="muted">' + escapeHtml(c.detail) + "</td>" +
                 "</tr>"
               )
               .join("");
@@ -14077,6 +15048,14 @@ async function parseJsonBody(request) {
 function jsonError(message, status = 400) {
   return Response.json({ error: message }, { status });
 }
+function privateOutputWarnings(requested, allowed) {
+  return requested && !allowed ? [PRIVATE_OUTPUT_DENIED_WARNING] : [];
+}
+function appendWarnings(payload, warnings) {
+  if (warnings.length === 0)
+    return payload;
+  return { ...payload, warnings: [...payload.warnings ?? [], ...warnings] };
+}
 function startDashboardServer(options = {}) {
   const info = getServeInfo(options);
   const events = new EventsClient2;
@@ -14087,12 +15066,34 @@ function startDashboardServer(options = {}) {
       const url = new URL(request.url);
       const machineId = url.searchParams.get("machine") || undefined;
       const tools = url.searchParams.get("tools")?.split(",").map((value) => value.trim()).filter(Boolean);
+      const privateMetadataRequested = url.searchParams.get("privateMetadata") === "true" || url.searchParams.get("private_metadata") === "true";
+      const privateMetadata = privateMetadataRequested && isPrivateOutputEnabled();
+      const privateWarnings = privateOutputWarnings(privateMetadataRequested, privateMetadata);
       if (url.pathname === "/health") {
         return Response.json({ ok: true, ...getServeInfo(options) });
       }
       if (url.pathname === "/api/status") {
         return Response.json(getStatus());
       }
+      if (url.pathname === "/api/topology") {
+        const topology = discoverMachineTopology({ includeTailscale: url.searchParams.get("tailscale") !== "false" });
+        return Response.json(appendWarnings(redactTopologyForOutput(topology, { privateMetadata }), privateWarnings));
+      }
+      if (url.pathname === "/api/routes") {
+        const topology = discoverMachineTopology({ includeTailscale: url.searchParams.get("tailscale") !== "false" });
+        return Response.json({
+          generated_at: topology.generated_at,
+          routes: topology.machines.map((machine) => redactRouteForOutput(resolveMachineRoute(machine.machine_id, { topology }), { privateMetadata })),
+          ...privateWarnings.length > 0 ? { warnings: privateWarnings } : {}
+        });
+      }
+      if (url.pathname === "/api/daemon/status") {
+        return Response.json({
+          generated_at: new Date().toISOString(),
+          agents: getAgentStatus(machineId, { privateMetadata }),
+          ...privateWarnings.length > 0 ? { warnings: privateWarnings } : {}
+        });
+      }
       if (url.pathname === "/api/manifest") {
         return Response.json(manifestList());
       }
@@ -14305,18 +15306,18 @@ function buildBaseSteps(machine) {
 function buildPackageSteps(machine) {
   return (machine.packages || []).map((pkg, index) => {
     const manager = pkg.manager || (machine.platform === "macos" ? "brew" : "apt");
-    let command = pkg.name;
+    let command2 = pkg.name;
     if (manager === "bun") {
-      command = `bun install -g ${quote3(pkg.name)}`;
+      command2 = `bun install -g ${quote3(pkg.name)}`;
     } else if (manager === "brew") {
-      command = `brew install ${quote3(pkg.name)}`;
+      command2 = `brew install ${quote3(pkg.name)}`;
     } else if (manager === "apt") {
-      command = `sudo apt-get install -y ${quote3(pkg.name)}`;
+      command2 = `sudo apt-get install -y ${quote3(pkg.name)}`;
     }
     return {
       id: `package-${index + 1}`,
       title: `Install package ${pkg.name}`,
-      command,
+      command: command2,
       manager,
       privileged: manager === "apt"
     };
@@ -14381,8 +15382,8 @@ var DEFAULT_SCREEN_SECRET_NAMESPACE = "machines/screen-sharing";
 function shellQuote7(value) {
   return `'${value.replace(/'/g, "'\\''")}'`;
 }
-function shellCommand2(command) {
-  return command.map(shellQuote7).join(" ");
+function shellCommand2(command2) {
+  return command2.map(shellQuote7).join(" ");
 }
 function metadataString2(metadata, keys) {
   if (!metadata)
@@ -14564,11 +15565,11 @@ function detectFileActions(machine) {
         status = source === target ? "ok" : "drifted";
       }
     }
-    const command = file.mode === "symlink" ? `ln -sfn ${quote4(file.source)} ${quote4(file.target)}` : `cp ${quote4(file.source)} ${quote4(file.target)}`;
+    const command2 = file.mode === "symlink" ? `ln -sfn ${quote4(file.source)} ${quote4(file.target)}` : `cp ${quote4(file.source)} ${quote4(file.target)}`;
     return {
       id: `file-${index + 1}`,
       title: `${status === "ok" ? "File in sync" : "Reconcile file"} ${file.target}`,
-      command,
+      command: command2,
       status,
       kind: "file"
     };
@@ -14597,18 +15598,18 @@ function buildSyncPlan(machineId, runner = runMachineCommand) {
     executed: 0
   };
 }
-function applyFileAction(command) {
-  const [verb, source, target] = command.split(" ");
+function applyFileAction(command2) {
+  const [verb, source, target] = command2.split(" ");
   if (verb === "cp" && source && target) {
     ensureParentDir(target);
     copyFileSync(source.slice(1, -1), target.slice(1, -1));
     return;
   }
   if (verb === "ln" && source && target) {
-    const sourcePath = command.match(/ln -sfn '(.+)' '(.+)'/)?.[1];
-    const targetPath = command.match(/ln -sfn '(.+)' '(.+)'/)?.[2];
+    const sourcePath = command2.match(/ln -sfn '(.+)' '(.+)'/)?.[1];
+    const targetPath = command2.match(/ln -sfn '(.+)' '(.+)'/)?.[2];
     if (!sourcePath || !targetPath) {
-      throw new Error(`Unable to parse symlink command: ${command}`);
+      throw new Error(`Unable to parse symlink command: ${command2}`);
     }
     ensureParentDir(targetPath);
     try {
@@ -15531,7 +16532,7 @@ var cidrv4 = /^((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(25[0-5]
 var cidrv6 = /^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|::|([0-9a-fA-F]{1,4})?::([0-9a-fA-F]{1,4}:?){0,6})\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])$/;
 var base64 = /^$|^(?:[0-9a-zA-Z+/]{4})*(?:(?:[0-9a-zA-Z+/]{2}==)|(?:[0-9a-zA-Z+/]{3}=))?$/;
 var base64url = /^[A-Za-z0-9_-]*$/;
-var hostname6 = /^([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+$/;
+var hostname7 = /^([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+$/;
 var e164 = /^\+(?:[0-9]){6,14}[0-9]$/;
 var dateSource = `(?:(?:\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\\d|30)|(?:02)-(?:0[1-9]|1\\d|2[0-8])))`;
 var date = /* @__PURE__ */ new RegExp(`^${dateSource}$`);
@@ -16143,7 +17144,7 @@ var $ZodURL = /* @__PURE__ */ $constructor("$ZodURL", (inst, def) => {
             code: "invalid_format",
             format: "url",
             note: "Invalid hostname",
-            pattern: hostname6.source,
+            pattern: hostname7.source,
             input: payload.value,
             inst,
             continue: !def.abort
@@ -23731,6 +24732,8 @@ var MACHINE_MCP_TOOL_NAMES = [
   "machines_manifest_get",
   "machines_manifest_remove",
   "machines_agent_status",
+  "machines_daemon_status",
+  "machines_daemon_service_plan",
   "machines_setup_preview",
   "machines_setup_apply",
   "machines_sync_preview",
@@ -23777,6 +24780,17 @@ var MACHINE_MCP_TOOL_NAMES = [
 function buildServer(version2 = getPackageVersion()) {
   return createMcpServer(version2);
 }
+function privateMetadataAllowed(requested) {
+  return requested === true && isPrivateOutputEnabled();
+}
+function privateOutputWarnings2(requested, allowed) {
+  return requested === true && !allowed ? [PRIVATE_OUTPUT_DENIED_WARNING] : [];
+}
+function appendWarnings2(payload, warnings) {
+  if (warnings.length === 0)
+    return payload;
+  return { ...payload, warnings: [...payload.warnings ?? [], ...warnings] };
+}
 function createMcpServer(version2) {
   const server = new McpServer({ name: "machines", version: version2 });
   const events = new EventsClient3;
@@ -23803,16 +24817,69 @@ function createMcpServer(version2) {
   }));
   server.tool("machines_manifest_get", "Read a single machine from the fleet manifest.", { machine_id: exports_external.string().describe("Machine identifier") }, async ({ machine_id }) => ({ content: [{ type: "text", text: JSON.stringify(manifestGet(machine_id), null, 2) }] }));
   server.tool("machines_manifest_remove", "Remove a single machine from the fleet manifest.", { machine_id: exports_external.string().describe("Machine identifier") }, async ({ machine_id }) => ({ content: [{ type: "text", text: JSON.stringify(manifestRemove(machine_id), null, 2) }] }));
-  server.tool("machines_agent_status", "List current machine agent heartbeats.", {}, async () => ({
-    content: [{ type: "text", text: JSON.stringify(getAgentStatus(), null, 2) }]
+  server.tool("machines_agent_status", "List current machine agent heartbeats.", { private_metadata: exports_external.boolean().optional().describe("Include private heartbeat metadata") }, async ({ private_metadata }) => {
+    const privateMetadata = privateMetadataAllowed(private_metadata);
+    const warnings = privateOutputWarnings2(private_metadata, privateMetadata);
+    const agents = getAgentStatus(undefined, { privateMetadata });
+    return {
+      content: [{ type: "text", text: JSON.stringify(warnings.length > 0 ? { agents, warnings } : agents, null, 2) }]
+    };
+  });
+  server.tool("machines_daemon_status", "List fleet daemon heartbeat status rows.", { private_metadata: exports_external.boolean().optional().describe("Include private heartbeat metadata") }, async ({ private_metadata }) => {
+    const privateMetadata = privateMetadataAllowed(private_metadata);
+    const warnings = privateOutputWarnings2(private_metadata, privateMetadata);
+    return {
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          generated_at: new Date().toISOString(),
+          agents: getAgentStatus(undefined, { privateMetadata }),
+          ...warnings.length > 0 ? { warnings } : {}
+        }, null, 2)
+      }]
+    };
+  });
+  server.tool("machines_daemon_service_plan", "Plan launchd/systemd lifecycle commands for the machines-agent daemon.", {
+    action: exports_external.enum(["install", "uninstall", "restart", "status", "logs"]).describe("Daemon lifecycle action"),
+    platform: exports_external.enum(["macos", "linux"]).optional().describe("Target service platform"),
+    mode: exports_external.enum(["user", "system"]).optional().describe("Service mode"),
+    service_name: exports_external.string().optional().describe("Service name/label"),
+    executable: exports_external.string().optional().describe("machines-agent executable path"),
+    interval_ms: exports_external.number().optional().describe("Heartbeat interval in milliseconds"),
+    storage_push: exports_external.boolean().optional().describe("Configure heartbeat storage push"),
+    doctor_summary: exports_external.boolean().optional().describe("Configure lightweight doctor summaries in heartbeat metadata"),
+    private_metadata: exports_external.boolean().optional().describe("Opt in to private heartbeat metadata"),
+    env: exports_external.array(exports_external.string()).optional().describe("Environment variable names to include as placeholders")
+  }, async ({ action, platform: platform5, mode, service_name, executable, interval_ms, storage_push, doctor_summary, private_metadata, env }) => ({
+    content: [{
+      type: "text",
+      text: JSON.stringify(buildDaemonServicePlan({
+        action,
+        platform: platform5,
+        mode,
+        serviceName: service_name,
+        executable,
+        intervalMs: interval_ms,
+        storagePush: storage_push,
+        doctorSummary: doctor_summary,
+        privateMetadata: private_metadata,
+        env
+      }), null, 2)
+    }]
   }));
   server.tool("machines_setup_preview", "Preview setup actions for a machine.", { machine_id: exports_external.string().optional().describe("Machine identifier") }, async ({ machine_id }) => ({ content: [{ type: "text", text: JSON.stringify(buildSetupPlan(machine_id), null, 2) }] }));
   server.tool("machines_setup_apply", "Execute setup actions for a machine.", { machine_id: exports_external.string().optional().describe("Machine identifier"), yes: exports_external.boolean().describe("Confirmation flag for execution") }, async ({ machine_id, yes }) => ({ content: [{ type: "text", text: JSON.stringify(runSetup(machine_id, { apply: true, yes }), null, 2) }] }));
   server.tool("machines_sync_preview", "Preview sync actions for a machine.", { machine_id: exports_external.string().optional().describe("Machine identifier") }, async ({ machine_id }) => ({ content: [{ type: "text", text: JSON.stringify(buildSyncPlan(machine_id), null, 2) }] }));
   server.tool("machines_sync_apply", "Execute sync actions for a machine.", { machine_id: exports_external.string().optional().describe("Machine identifier"), yes: exports_external.boolean().describe("Confirmation flag for execution") }, async ({ machine_id, yes }) => ({ content: [{ type: "text", text: JSON.stringify(runSync(machine_id, { apply: true, yes }), null, 2) }] }));
-  server.tool("machines_topology", "Discover local, manifest, heartbeat, SSH, and Tailscale machine topology.", { include_tailscale: exports_external.boolean().optional().describe("Whether to probe tailscale status --json") }, async ({ include_tailscale }) => ({
-    content: [{ type: "text", text: JSON.stringify(discoverMachineTopology({ includeTailscale: include_tailscale !== false }), null, 2) }]
-  }));
+  server.tool("machines_topology", "Discover local, manifest, heartbeat, SSH, and Tailscale machine topology.", {
+    include_tailscale: exports_external.boolean().optional().describe("Whether to probe tailscale status --json"),
+    private_metadata: exports_external.boolean().optional().describe("Include private host/network route fields")
+  }, async ({ include_tailscale, private_metadata }) => {
+    const privateMetadata = privateMetadataAllowed(private_metadata);
+    const warnings = privateOutputWarnings2(private_metadata, privateMetadata);
+    const topology = redactTopologyForOutput(discoverMachineTopology({ includeTailscale: include_tailscale !== false }), { privateMetadata });
+    return { content: [{ type: "text", text: JSON.stringify(appendWarnings2(topology, warnings), null, 2) }] };
+  });
   server.tool("machines_compatibility", "Check remote package, command, and workspace compatibility for open-* consumers.", {
     machine_id: exports_external.string().optional().describe("Machine identifier"),
     commands: exports_external.array(exports_external.object({
@@ -23864,9 +24931,16 @@ function createMcpServer(version2) {
   }));
   server.tool("machines_install_tailscale_preview", "Preview Tailscale install steps for a machine.", { machine_id: exports_external.string().optional().describe("Machine identifier") }, async ({ machine_id }) => ({ content: [{ type: "text", text: JSON.stringify(buildTailscaleInstallPlan(machine_id), null, 2) }] }));
   server.tool("machines_install_tailscale_apply", "Execute Tailscale install steps for a machine.", { machine_id: exports_external.string().optional().describe("Machine identifier"), yes: exports_external.boolean().describe("Confirmation flag for execution") }, async ({ machine_id, yes }) => ({ content: [{ type: "text", text: JSON.stringify(runTailscaleInstall(machine_id, { apply: true, yes }), null, 2) }] }));
-  server.tool("machines_route_resolve", "Resolve the best route for a machine using manifest, heartbeat, SSH, LAN, and Tailscale topology.", { machine_id: exports_external.string().describe("Machine identifier"), include_tailscale: exports_external.boolean().optional().describe("Whether to probe tailscale status --json") }, async ({ machine_id, include_tailscale }) => ({
-    content: [{ type: "text", text: JSON.stringify(resolveMachineRoute(machine_id, { includeTailscale: include_tailscale !== false }), null, 2) }]
-  }));
+  server.tool("machines_route_resolve", "Resolve the best route for a machine using manifest, heartbeat, SSH, LAN, and Tailscale topology.", {
+    machine_id: exports_external.string().describe("Machine identifier"),
+    include_tailscale: exports_external.boolean().optional().describe("Whether to probe tailscale status --json"),
+    private_metadata: exports_external.boolean().optional().describe("Include private route targets")
+  }, async ({ machine_id, include_tailscale, private_metadata }) => {
+    const privateMetadata = privateMetadataAllowed(private_metadata);
+    const warnings = privateOutputWarnings2(private_metadata, privateMetadata);
+    const route = redactRouteForOutput(resolveMachineRoute(machine_id, { includeTailscale: include_tailscale !== false }), { privateMetadata });
+    return { content: [{ type: "text", text: JSON.stringify(appendWarnings2(route, warnings), null, 2) }] };
+  });
   server.tool("machines_workspace_resolve", "Resolve sync-safe repo and open-files roots for an open-* consumer.", {
     machine_id: exports_external.string().describe("Machine identifier"),
     project_id: exports_external.string().describe("Canonical project id"),
@@ -24002,6 +25076,7 @@ function createMcpServer(version2) {
 export {
   writeNotificationConfig,
   writeManifest,
+  writeHeartbeatTick,
   writeHeartbeat,
   watchTmuxPane,
   validateManifest,
@@ -24012,12 +25087,14 @@ export {
   storagePull,
   startDashboardServer,
   setHeartbeatStatus,
+  sanitizePublicString,
   runTailscaleInstall,
   runSync,
   runStorageMigrations,
   runSetup,
   runSelfTest,
   runDoctor,
+  runDaemonServicePlan,
   runClaudeInstall,
   runCertPlan,
   runBackup,
@@ -24030,15 +25107,21 @@ export {
   resolveMachineRoute,
   resolveBackupTarget,
   repairWorkspaceManifestMappings,
+  renderSystemdUnit,
+  renderLaunchdPlist,
   renderDomainMapping,
   renderDashboardHtml,
   removeNotificationChannel,
+  redactTopologyForOutput,
   redactSensitiveValue,
+  redactRouteForOutput,
   redactPrivateRef,
   redactPath,
+  redactNetworkValue,
   redactMetadata,
   redactManifestForDiagnostics,
   redactIdentifier,
+  redactErrorMessage,
   recordSyncRun,
   recordSetupRun,
   readNotificationConfig,
@@ -24063,6 +25146,8 @@ export {
   listDomainMappings,
   listApps,
   isSensitiveKey,
+  isPrivateOutputEnabled,
+  isPrivateMetadataEnabled,
   getSyncMetaAll,
   getStorageStatus,
   getStoragePg,
@@ -24115,6 +25200,12 @@ export {
   buildScreenEnableRemoteCommand,
   buildScreenEnableCommand,
   buildScreenCommand,
+  buildDaemonUninstallPlan,
+  buildDaemonStatusPlan,
+  buildDaemonServicePlan,
+  buildDaemonRestartPlan,
+  buildDaemonLogsPlan,
+  buildDaemonInstallPlan,
   buildClaudeInstallPlan,
   buildCertPlan,
   buildBackupPlan,
@@ -24127,6 +25218,11 @@ export {
   STORAGE_DATABASE_ENV,
   SCREEN_SECRET_NAMESPACE_ENV,
   REDACTED_VALUE,
+  PRIVATE_OUTPUT_FALLBACK_ENV,
+  PRIVATE_OUTPUT_ENV,
+  PRIVATE_OUTPUT_DENIED_WARNING,
+  PRIVATE_METADATA_FALLBACK_ENV,
+  PRIVATE_METADATA_ENV,
   PRIVATE_MANIFEST_REF_ENV,
   PRIVATE_MANIFEST_BACKEND_ENV,
   MACHINE_MCP_TOOL_NAMES,