@intent-systems/nexus 2026.1.5-3 → 2026.1.5-5

package/dist/infra/provider-usage.fetch.claude.js

@@ -1,7 +1,8 @@
 import { fetchJson } from "./provider-usage.fetch.shared.js";
 import { clampPercent, PROVIDER_LABELS } from "./provider-usage.shared.js";
 function resolveClaudeWebSessionKey() {
-    const direct = process.env.CLAUDE_AI_SESSION_KEY?.trim() ?? process.env.CLAUDE_WEB_SESSION_KEY?.trim();
+    const direct = process.env.CLAUDE_AI_SESSION_KEY?.trim() ??
+        process.env.CLAUDE_WEB_SESSION_KEY?.trim();
     if (direct?.startsWith("sk-ant-"))
         return direct;
     const cookieHeader = process.env.CLAUDE_WEB_COOKIE?.trim();
@@ -33,14 +34,18 @@ async function fetchClaudeWebUsage(sessionKey, timeoutMs, fetchFn) {
         windows.push({
             label: "5h",
             usedPercent: clampPercent(data.five_hour.utilization),
-            resetAt: data.five_hour.resets_at ? new Date(data.five_hour.resets_at).getTime() : undefined,
+            resetAt: data.five_hour.resets_at
+                ? new Date(data.five_hour.resets_at).getTime()
+                : undefined,
         });
     }
     if (data.seven_day?.utilization !== undefined) {
         windows.push({
             label: "Week",
             usedPercent: clampPercent(data.seven_day.utilization),
-            resetAt: data.seven_day.resets_at ? new Date(data.seven_day.resets_at).getTime() : undefined,
+            resetAt: data.seven_day.resets_at
+                ? new Date(data.seven_day.resets_at).getTime()
+                : undefined,
         });
     }
     const modelWindow = data.seven_day_sonnet || data.seven_day_opus;
@@ -82,7 +87,8 @@ export async function fetchClaudeUsage(token, timeoutMs, fetchFn) {
         // Claude CLI setup-token yields tokens that can be used for inference, but may not
         // include user:profile scope required by the OAuth usage endpoint. When a claude.ai
         // browser sessionKey is available, fall back to the web API.
-        if (res.status === 403 && message?.includes("scope requirement user:profile")) {
+        if (res.status === 403 &&
+            message?.includes("scope requirement user:profile")) {
             const sessionKey = resolveClaudeWebSessionKey();
             if (sessionKey) {
                 const web = await fetchClaudeWebUsage(sessionKey, timeoutMs, fetchFn);
@@ -104,14 +110,18 @@ export async function fetchClaudeUsage(token, timeoutMs, fetchFn) {
         windows.push({
             label: "5h",
             usedPercent: clampPercent(data.five_hour.utilization),
-            resetAt: data.five_hour.resets_at ? new Date(data.five_hour.resets_at).getTime() : undefined,
+            resetAt: data.five_hour.resets_at
+                ? new Date(data.five_hour.resets_at).getTime()
+                : undefined,
         });
     }
     if (data.seven_day?.utilization !== undefined) {
         windows.push({
             label: "Week",
             usedPercent: clampPercent(data.seven_day.utilization),
-            resetAt: data.seven_day.resets_at ? new Date(data.seven_day.resets_at).getTime() : undefined,
+            resetAt: data.seven_day.resets_at
+                ? new Date(data.seven_day.resets_at).getTime()
+                : undefined,
         });
     }
     const modelWindow = data.seven_day_sonnet || data.seven_day_opus;

package/dist/infra/provider-usage.fetch.minimax.js

@@ -178,8 +178,12 @@ export async function fetchMinimaxUsage(apiKey, timeoutMs, fetchFn) {
             error: "Invalid JSON",
         };
     }
-    const baseResp = isRecord(data.base_resp) ? data.base_resp : undefined;
-    if (baseResp && typeof baseResp.status_code === "number" && baseResp.status_code !== 0) {
+    const baseResp = isRecord(data.base_resp)
+        ? data.base_resp
+        : undefined;
+    if (baseResp &&
+        typeof baseResp.status_code === "number" &&
+        baseResp.status_code !== 0) {
         return {
             provider: "minimax",
             displayName: PROVIDER_LABELS.minimax,
@@ -197,7 +201,8 @@ export async function fetchMinimaxUsage(apiKey, timeoutMs, fetchFn) {
             error: "Unsupported response shape",
         };
     }
-    const resetAt = parseEpoch(pickString(payload, RESET_KEYS)) ?? parseEpoch(pickNumber(payload, RESET_KEYS));
+    const resetAt = parseEpoch(pickString(payload, RESET_KEYS)) ??
+        parseEpoch(pickNumber(payload, RESET_KEYS));
     const windows = [
         {
             label: deriveWindowLabel(payload),

package/dist/infra/provider-usage.js

@@ -1,8 +1,8 @@
-import { resolveProviderAuths } from "./provider-usage.auth.js";
+import { resolveProviderAuths, } from "./provider-usage.auth.js";
 import { fetchClaudeUsage } from "./provider-usage.fetch.claude.js";
 import { fetchMinimaxUsage } from "./provider-usage.fetch.minimax.js";
-import { clampPercent, PROVIDER_LABELS } from "./provider-usage.shared.js";
 import { fetchJson } from "./provider-usage.fetch.shared.js";
+import { clampPercent, PROVIDER_LABELS } from "./provider-usage.shared.js";
 function resolveProviders(params) {
     if (params.providers && params.providers.length > 0) {
         return params.providers;
@@ -50,7 +50,9 @@ async function fetchZaiUsage(apiKey, timeoutMs, fetchFn) {
     const limit = data?.data?.limits?.find((entry) => entry?.type === "TOKENS_LIMIT") ??
         data?.data?.limits?.[0];
     const usedPercent = clampPercent(limit?.percentage ?? 0);
-    const resetAt = limit?.nextResetTime ? Date.parse(limit.nextResetTime) : undefined;
+    const resetAt = limit?.nextResetTime
+        ? Date.parse(limit.nextResetTime)
+        : undefined;
     const windows = [];
     if (Number.isFinite(usedPercent)) {
         windows.push({
@@ -102,7 +104,7 @@ export async function loadProviderUsageSummary(params) {
     }
     return { updatedAt: now, providers: snapshots };
 }
-export function formatUsageSummaryLine(summary, opts = {}) {
+export function formatUsageSummaryLine(summary, _opts = {}) {
     const providers = summary.providers ?? [];
     let best;
     for (const provider of providers) {
@@ -133,7 +135,9 @@ export function formatUsageReportLines(summary, opts = {}) {
         }
         for (const window of provider.windows) {
             const remaining = Math.max(0, 100 - window.usedPercent);
-            const reset = window.resetAt ? formatResetLabel(window.resetAt, now) : null;
+            const reset = window.resetAt
+                ? formatResetLabel(window.resetAt, now)
+                : null;
             const extras = [provider.plan ? `plan ${provider.plan}` : null, reset]
                 .filter(Boolean)
                 .join(", ");

package/dist/infra/restart.js

@@ -4,7 +4,7 @@ const DEFAULT_SYSTEMD_UNIT = "nexus-gateway.service";
 export function triggerNexusRestart() {
     if (process.platform !== "darwin") {
         if (process.platform === "linux") {
-            const unit = process.env.NEXUS_SYSTEMD_UNIT || process.env.NEXUS_SYSTEMD_UNIT || DEFAULT_SYSTEMD_UNIT;
+            const unit = process.env.NEXUS_SYSTEMD_UNIT || DEFAULT_SYSTEMD_UNIT;
             const userRestart = spawnSync("systemctl", ["--user", "restart", unit], {
                 stdio: "ignore",
             });
@@ -21,7 +21,7 @@ export function triggerNexusRestart() {
         }
         return "supervisor";
     }
-    const label = process.env.NEXUS_LAUNCHD_LABEL || process.env.NEXUS_LAUNCHD_LABEL || DEFAULT_LAUNCHD_LABEL;
+    const label = process.env.NEXUS_LAUNCHD_LABEL || DEFAULT_LAUNCHD_LABEL;
     const uid = typeof process.getuid === "function" ? process.getuid() : undefined;
     const target = uid !== undefined ? `gui/${uid}/${label}` : label;
     spawnSync("launchctl", ["kickstart", "-k", target], { stdio: "ignore" });

package/dist/infra/usage-settings.js

@@ -0,0 +1,78 @@
+const SETTINGS_URL_ENV = "NEXUS_USAGE_SETTINGS_URL";
+const UPLOAD_URL_ENV = "NEXUS_USAGE_UPLOAD_URL";
+const UPLOAD_TOKEN_ENV = "NEXUS_USAGE_UPLOAD_TOKEN";
+export function resolveUsageSettingsUrl(env = process.env) {
+    const override = env[SETTINGS_URL_ENV]?.trim();
+    if (override)
+        return override;
+    const uploadUrl = env[UPLOAD_URL_ENV]?.trim();
+    if (!uploadUrl)
+        return null;
+    return uploadUrl.replace(/\/api\/usage\/upload\/?$/, "/api/usage/settings");
+}
+function resolveAuthHeaders(env = process.env) {
+    const token = env[UPLOAD_TOKEN_ENV]?.trim();
+    if (!token)
+        return {};
+    return { Authorization: `Bearer ${token}` };
+}
+function parseSettingsResponse(payload) {
+    if (!payload || typeof payload !== "object")
+        return null;
+    const data = payload;
+    if (typeof data.canOptOut !== "boolean" || typeof data.optOut !== "boolean") {
+        return null;
+    }
+    return {
+        ok: typeof data.ok === "boolean" ? data.ok : true,
+        canOptOut: data.canOptOut,
+        optOut: data.optOut,
+        planName: typeof data.planName === "string" ? data.planName : undefined,
+        error: typeof data.error === "string" ? data.error : undefined,
+    };
+}
+export async function fetchUsageTrackingSettings(env = process.env) {
+    const url = resolveUsageSettingsUrl(env);
+    if (!url)
+        return null;
+    const headers = resolveAuthHeaders(env);
+    if (!headers.Authorization)
+        return null;
+    try {
+        const res = await fetch(url, { headers });
+        const payload = await res.json().catch(() => null);
+        const parsed = parseSettingsResponse(payload);
+        if (!parsed)
+            return null;
+        return { ...parsed, ok: res.ok && parsed.ok };
+    }
+    catch {
+        return null;
+    }
+}
+export async function updateUsageTrackingSettings(optOut, env = process.env) {
+    const url = resolveUsageSettingsUrl(env);
+    if (!url)
+        return null;
+    const headers = {
+        "Content-Type": "application/json",
+        ...resolveAuthHeaders(env),
+    };
+    if (!headers.Authorization)
+        return null;
+    try {
+        const res = await fetch(url, {
+            method: "POST",
+            headers,
+            body: JSON.stringify({ optOut }),
+        });
+        const payload = await res.json().catch(() => null);
+        const parsed = parseSettingsResponse(payload);
+        if (!parsed)
+            return null;
+        return { ...parsed, ok: res.ok && parsed.ok };
+    }
+    catch {
+        return null;
+    }
+}

package/dist/infra/usage-suggestions.js

@@ -58,17 +58,26 @@ export async function loadUsageEvents(opts = {}) {
             catch {
                 continue;
             }
-            const sessionId = String(raw.session_id ?? "");
+            const sessionId = typeof raw.session_id === "string" || typeof raw.session_id === "number"
+                ? String(raw.session_id)
+                : "";
             const seq = Number(raw.seq ?? 0);
             const ts = Number(raw.ts ?? 0);
-            const source = String(raw.source ?? "");
-            if (!sessionId || !Number.isFinite(seq) || !Number.isFinite(ts) || !source) {
+            const source = typeof raw.source === "string" || typeof raw.source === "number"
+                ? String(raw.source)
+                : "";
+            if (!sessionId ||
+                !Number.isFinite(seq) ||
+                !Number.isFinite(ts) ||
+                !source) {
                 continue;
             }
             if (opts.sinceMs && ts < opts.sinceMs) {
                 continue;
             }
-            if (opts.sources && opts.sources.length > 0 && !opts.sources.includes(source)) {
+            if (opts.sources &&
+                opts.sources.length > 0 &&
+                !opts.sources.includes(source)) {
                 continue;
             }
             const evt = {
@@ -76,7 +85,10 @@ export async function loadUsageEvents(opts = {}) {
                 seq,
                 ts,
                 source,
-                eventType: String(raw.event_type ?? ""),
+                eventType: typeof raw.event_type === "string" ||
+                    typeof raw.event_type === "number"
+                    ? String(raw.event_type)
+                    : "",
                 commandPath: typeof raw.command_path === "string" ? raw.command_path : undefined,
                 stream: typeof raw.stream === "string" ? raw.stream : undefined,
                 data: raw.data && typeof raw.data === "object"

package/dist/infra/usage-upload.js

@@ -4,6 +4,7 @@ import path from "node:path";
 import readline from "node:readline";
 import { resolveStateDir } from "../config/paths.js";
 import { resolveEventLogDir } from "./event-log.js";
+import { fetchUsageTrackingSettings } from "./usage-settings.js";
 const UPLOAD_URL_ENV = "NEXUS_USAGE_UPLOAD_URL";
 const UPLOAD_TOKEN_ENV = "NEXUS_USAGE_UPLOAD_TOKEN";
 const OUTBOX_DIR_ENV = "NEXUS_USAGE_OUTBOX_DIR";
@@ -39,9 +40,34 @@ function writeJSON(pathname, data) {
     fs.mkdirSync(path.dirname(pathname), { recursive: true });
     fs.writeFileSync(pathname, JSON.stringify(data, null, 2), "utf-8");
 }
+function updateTrackingState(state, settings) {
+    if (!settings)
+        return;
+    state.opted_out = settings.canOptOut && settings.optOut;
+    state.settings_checked_at = Date.now();
+    writeJSON(stateFilePath(), state);
+}
+function isTrackingDisabled(state, settings) {
+    if (settings)
+        return settings.canOptOut && settings.optOut;
+    return Boolean(state.opted_out);
+}
+function clearUsageOutbox() {
+    const outboxDir = resolveOutboxDir();
+    if (!fs.existsSync(outboxDir))
+        return 0;
+    const files = fs
+        .readdirSync(outboxDir)
+        .filter((name) => name.endsWith(".json"))
+        .map((name) => path.join(outboxDir, name));
+    for (const file of files) {
+        fs.unlinkSync(file);
+    }
+    return files.length;
+}
 function getOrCreateUsageState() {
     const existing = readJSON(stateFilePath());
-    if (existing && existing.anon_id && existing.anon_salt) {
+    if (existing?.anon_id && existing.anon_salt) {
         return existing;
     }
     const anonId = crypto.randomUUID();
@@ -260,6 +286,17 @@ export async function flushUsageOutbox() {
 }
 export async function runUsageUpload(opts = {}) {
     const limit = opts.limit && opts.limit > 0 ? opts.limit : 1000;
+    const state = getOrCreateUsageState();
+    const settings = await fetchUsageTrackingSettings();
+    const resolvedSettings = settings?.ok ? settings : null;
+    updateTrackingState(state, resolvedSettings);
+    if (isTrackingDisabled(state, resolvedSettings)) {
+        const cleared = clearUsageOutbox();
+        return {
+            status: "disabled",
+            cleared,
+        };
+    }
     if (!opts.onlyFlush) {
         const { batch, nextState, count } = await buildUsageUploadBatch(limit);
         if (opts.dryRun) {

package/dist/infra/voicewake.js

@@ -2,10 +2,10 @@ import { randomUUID } from "node:crypto";
 import fs from "node:fs/promises";
 import os from "node:os";
 import path from "node:path";
-import { resolveConfigDir } from "../utils.js";
+import { resolveStateDir } from "../config/paths.js";
 const DEFAULT_TRIGGERS = ["nexus", "claude", "computer"];
 function defaultBaseDir() {
-    return resolveConfigDir(process.env, os.homedir);
+    return resolveStateDir(process.env, os.homedir);
 }
 function resolvePath(baseDir) {
     const root = baseDir ?? defaultBaseDir();

package/dist/logging/redact.js

@@ -0,0 +1,109 @@
+import { loadConfig } from "../config/config.js";
+const DEFAULT_REDACT_MODE = "tools";
+const DEFAULT_REDACT_MIN_LENGTH = 18;
+const DEFAULT_REDACT_KEEP_START = 6;
+const DEFAULT_REDACT_KEEP_END = 4;
+const DEFAULT_REDACT_PATTERNS = [
+    // ENV-style assignments.
+    String.raw `\b[A-Z0-9_]*(?:KEY|TOKEN|SECRET|PASSWORD|PASSWD)\b\s*[=:]\s*(["']?)([^\s"'\\]+)\1`,
+    // JSON fields.
+    String.raw `"(?:apiKey|token|secret|password|passwd|accessToken|refreshToken)"\s*:\s*"([^"]+)"`,
+    // CLI flags.
+    String.raw `--(?:api[-_]?key|token|secret|password|passwd)\s+(["']?)([^\s"']+)\1`,
+    // Authorization headers.
+    String.raw `Authorization\s*[:=]\s*Bearer\s+([A-Za-z0-9._\-+=]+)`,
+    String.raw `\bBearer\s+([A-Za-z0-9._\-+=]{18,})\b`,
+    // PEM blocks.
+    String.raw `-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]+?-----END [A-Z ]*PRIVATE KEY-----`,
+    // Common token prefixes.
+    String.raw `\b(sk-[A-Za-z0-9_-]{8,})\b`,
+    String.raw `\b(ghp_[A-Za-z0-9]{20,})\b`,
+    String.raw `\b(github_pat_[A-Za-z0-9_]{20,})\b`,
+    String.raw `\b(xox[baprs]-[A-Za-z0-9-]{10,})\b`,
+    String.raw `\b(xapp-[A-Za-z0-9-]{10,})\b`,
+    String.raw `\b(gsk_[A-Za-z0-9_-]{10,})\b`,
+    String.raw `\b(AIza[0-9A-Za-z\-_]{20,})\b`,
+    String.raw `\b(pplx-[A-Za-z0-9_-]{10,})\b`,
+    String.raw `\b(npm_[A-Za-z0-9]{10,})\b`,
+    String.raw `\b(\d{6,}:[A-Za-z0-9_-]{20,})\b`,
+];
+function normalizeMode(value) {
+    return value === "off" ? "off" : DEFAULT_REDACT_MODE;
+}
+function parsePattern(raw) {
+    if (!raw.trim())
+        return null;
+    const match = raw.match(/^\/(.+)\/([gimsuy]*)$/);
+    try {
+        if (match) {
+            const flags = match[2].includes("g") ? match[2] : `${match[2]}g`;
+            return new RegExp(match[1], flags);
+        }
+        return new RegExp(raw, "gi");
+    }
+    catch {
+        return null;
+    }
+}
+function resolvePatterns(value) {
+    const source = value?.length ? value : DEFAULT_REDACT_PATTERNS;
+    return source.map(parsePattern).filter((re) => Boolean(re));
+}
+function maskToken(token) {
+    if (token.length < DEFAULT_REDACT_MIN_LENGTH)
+        return "***";
+    const start = token.slice(0, DEFAULT_REDACT_KEEP_START);
+    const end = token.slice(-DEFAULT_REDACT_KEEP_END);
+    return `${start}…${end}`;
+}
+function redactPemBlock(block) {
+    const lines = block.split(/\r?\n/).filter(Boolean);
+    if (lines.length < 2)
+        return "***";
+    return `${lines[0]}\n…redacted…\n${lines[lines.length - 1]}`;
+}
+function redactMatch(match, groups) {
+    if (match.includes("PRIVATE KEY-----"))
+        return redactPemBlock(match);
+    const token = groups
+        .filter((value) => typeof value === "string" && value.length > 0)
+        .at(-1) ?? match;
+    const masked = maskToken(token);
+    if (token === match)
+        return masked;
+    return match.replace(token, masked);
+}
+function redactText(text, patterns) {
+    let next = text;
+    for (const pattern of patterns) {
+        next = next.replace(pattern, (...args) => redactMatch(args[0], args.slice(1, args.length - 2)));
+    }
+    return next;
+}
+function resolveConfigRedaction() {
+    const cfg = loadConfig().logging;
+    return {
+        mode: normalizeMode(cfg?.redactSensitive),
+        patterns: cfg?.redactPatterns,
+    };
+}
+export function redactSensitiveText(text, options) {
+    if (!text)
+        return text;
+    const resolved = options ?? resolveConfigRedaction();
+    if (normalizeMode(resolved.mode) === "off")
+        return text;
+    const patterns = resolvePatterns(resolved.patterns);
+    if (!patterns.length)
+        return text;
+    return redactText(text, patterns);
+}
+export function redactToolDetail(detail) {
+    const resolved = resolveConfigRedaction();
+    if (normalizeMode(resolved.mode) !== "tools")
+        return detail;
+    return redactSensitiveText(detail, resolved);
+}
+export function getDefaultRedactPatterns() {
+    return [...DEFAULT_REDACT_PATTERNS];
+}

package/dist/markdown/fences.js

@@ -0,0 +1,58 @@
+export function parseFenceSpans(buffer) {
+    const spans = [];
+    let open;
+    let offset = 0;
+    while (offset <= buffer.length) {
+        const nextNewline = buffer.indexOf("\n", offset);
+        const lineEnd = nextNewline === -1 ? buffer.length : nextNewline;
+        const line = buffer.slice(offset, lineEnd);
+        const match = line.match(/^( {0,3})(`{3,}|~{3,})(.*)$/);
+        if (match) {
+            const indent = match[1];
+            const marker = match[2];
+            const markerChar = marker[0];
+            const markerLen = marker.length;
+            if (!open) {
+                open = {
+                    start: offset,
+                    markerChar,
+                    markerLen,
+                    openLine: line,
+                    marker,
+                    indent,
+                };
+            }
+            else if (open.markerChar === markerChar &&
+                markerLen >= open.markerLen) {
+                const end = nextNewline === -1 ? buffer.length : nextNewline + 1;
+                spans.push({
+                    start: open.start,
+                    end,
+                    openLine: open.openLine,
+                    marker: open.marker,
+                    indent: open.indent,
+                });
+                open = undefined;
+            }
+        }
+        if (nextNewline === -1)
+            break;
+        offset = nextNewline + 1;
+    }
+    if (open) {
+        spans.push({
+            start: open.start,
+            end: buffer.length,
+            openLine: open.openLine,
+            marker: open.marker,
+            indent: open.indent,
+        });
+    }
+    return spans;
+}
+export function findFenceSpanAt(spans, index) {
+    return spans.find((span) => index > span.start && index < span.end);
+}
+export function isSafeFenceBreak(spans, index) {
+    return !findFenceSpanAt(spans, index);
+}

package/dist/media/image-ops.js

@@ -7,7 +7,9 @@ function isBun() {
 }
 function prefersSips() {
     return (process.env.NEXUS_IMAGE_BACKEND === "sips" ||
-        (process.env.NEXUS_IMAGE_BACKEND !== "sharp" && isBun() && process.platform === "darwin"));
+        (process.env.NEXUS_IMAGE_BACKEND !== "sharp" &&
+            isBun() &&
+            process.platform === "darwin"));
 }
 async function loadSharp() {
     const mod = (await import("sharp"));

package/dist/memory/embeddings.js

@@ -0,0 +1,146 @@
+import { resolveApiKeyForProvider } from "../agents/model-auth.js";
+const DEFAULT_OPENAI_BASE_URL = "https://api.openai.com/v1";
+const DEFAULT_LOCAL_MODEL = "hf:ggml-org/embeddinggemma-300M-GGUF/embeddinggemma-300M-Q8_0.gguf";
+function normalizeOpenAiModel(model) {
+    const trimmed = model.trim();
+    if (!trimmed)
+        return "text-embedding-3-small";
+    if (trimmed.startsWith("openai/"))
+        return trimmed.slice("openai/".length);
+    return trimmed;
+}
+async function createOpenAiEmbeddingProvider(options) {
+    const remote = options.remote;
+    const remoteApiKey = remote?.apiKey?.trim();
+    const remoteBaseUrl = remote?.baseUrl?.trim();
+    const { apiKey } = remoteApiKey
+        ? { apiKey: remoteApiKey }
+        : await resolveApiKeyForProvider({
+            provider: "openai",
+            cfg: options.config,
+            agentDir: options.agentDir,
+        });
+    const providerConfig = options.config.models?.providers?.openai;
+    const baseUrl = remoteBaseUrl || providerConfig?.baseUrl?.trim() || DEFAULT_OPENAI_BASE_URL;
+    const url = `${baseUrl.replace(/\/$/, "")}/embeddings`;
+    const headerOverrides = Object.assign({}, providerConfig?.headers, remote?.headers);
+    const headers = {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${apiKey}`,
+        ...headerOverrides,
+    };
+    const model = normalizeOpenAiModel(options.model);
+    const embed = async (input) => {
+        if (input.length === 0)
+            return [];
+        const res = await fetch(url, {
+            method: "POST",
+            headers,
+            body: JSON.stringify({ model, input }),
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            throw new Error(`openai embeddings failed: ${res.status} ${text}`);
+        }
+        const payload = (await res.json());
+        const data = payload.data ?? [];
+        return data.map((entry) => entry.embedding ?? []);
+    };
+    return {
+        id: "openai",
+        model,
+        embedQuery: async (text) => {
+            const [vec] = await embed([text]);
+            return vec ?? [];
+        },
+        embedBatch: embed,
+    };
+}
+async function createLocalEmbeddingProvider(options) {
+    const modelPath = options.local?.modelPath?.trim() || DEFAULT_LOCAL_MODEL;
+    const modelCacheDir = options.local?.modelCacheDir?.trim();
+    // Lazy-load node-llama-cpp to keep startup light unless local is enabled.
+    const moduleName = "node-llama-cpp";
+    const { getLlama, resolveModelFile, LlamaLogLevel } = (await import(moduleName));
+    let llama = null;
+    let embeddingModel = null;
+    let embeddingContext = null;
+    const ensureContext = async () => {
+        if (!llama) {
+            llama = await getLlama({ logLevel: LlamaLogLevel.error });
+        }
+        if (!embeddingModel) {
+            const resolved = await resolveModelFile(modelPath, modelCacheDir || undefined);
+            embeddingModel = await llama.loadModel({ modelPath: resolved });
+        }
+        if (!embeddingContext) {
+            embeddingContext = await embeddingModel.createEmbeddingContext();
+        }
+        return embeddingContext;
+    };
+    return {
+        id: "local",
+        model: modelPath,
+        embedQuery: async (text) => {
+            const ctx = await ensureContext();
+            const embedding = await ctx.getEmbeddingFor(text);
+            return Array.from(embedding.vector);
+        },
+        embedBatch: async (texts) => {
+            const ctx = await ensureContext();
+            const embeddings = await Promise.all(texts.map(async (text) => {
+                const embedding = await ctx.getEmbeddingFor(text);
+                return Array.from(embedding.vector);
+            }));
+            return embeddings;
+        },
+    };
+}
+export async function createEmbeddingProvider(options) {
+    const requestedProvider = options.provider;
+    if (options.provider === "local") {
+        try {
+            const provider = await createLocalEmbeddingProvider(options);
+            return { provider, requestedProvider };
+        }
+        catch (err) {
+            const reason = formatLocalSetupError(err);
+            if (options.fallback === "openai") {
+                try {
+                    const provider = await createOpenAiEmbeddingProvider(options);
+                    return {
+                        provider,
+                        requestedProvider,
+                        fallbackFrom: "local",
+                        fallbackReason: reason,
+                    };
+                }
+                catch (fallbackErr) {
+                    throw new Error(`${reason}\n\nFallback to OpenAI failed: ${formatError(fallbackErr)}`);
+                }
+            }
+            throw new Error(reason);
+        }
+    }
+    const provider = await createOpenAiEmbeddingProvider(options);
+    return { provider, requestedProvider };
+}
+function formatError(err) {
+    if (err instanceof Error)
+        return err.message;
+    return String(err);
+}
+function formatLocalSetupError(err) {
+    const detail = formatError(err);
+    return [
+        "Local embeddings unavailable.",
+        detail ? `Reason: ${detail}` : undefined,
+        "To enable local embeddings:",
+        "1) pnpm approve-builds",
+        "2) select node-llama-cpp",
+        "3) pnpm rebuild node-llama-cpp",
+        'Or set agent.memorySearch.provider = "openai" (remote).',
+    ]
+        .filter(Boolean)
+        .join("\n");
+}

package/dist/memory/index.js

@@ -0,0 +1,3 @@
+export async function getMemorySearchManager() {
+    return { manager: null, error: "sqlite unavailable" };
+}