@karmaniverous/jeeves-server-openclaw 0.3.1 → 0.4.1

package/dist/index.js

@@ -1,6 +1,7 @@
 import { createRequire } from 'node:module';
-import path, { join, dirname, resolve } from 'node:path';
+import 'vm';
 import fs, { existsSync, mkdirSync, writeFileSync, readFileSync, renameSync, cpSync, rmSync } from 'node:fs';
+import path, { join, dirname, resolve } from 'node:path';
 import require$$0$3 from 'path';
 import require$$0$2 from 'fs';
 import require$$0 from 'constants';
@@ -12,8 +13,1214 @@ import { fileURLToPath } from 'node:url';
 import 'node:fs/promises';
 import process$1 from 'node:process';
 import { execSync } from 'node:child_process';
-import { createHmac } from 'node:crypto';
 import { homedir } from 'node:os';
+import { createHmac } from 'node:crypto';
+
+/**
+ * @implements {IHooks}
+ */
+class Hooks {
+  /**
+   * @callback HookCallback
+   * @this {*|Jsep} this
+   * @param {Jsep} env
+   * @returns: void
+   */
+  /**
+   * Adds the given callback to the list of callbacks for the given hook.
+   *
+   * The callback will be invoked when the hook it is registered for is run.
+   *
+   * One callback function can be registered to multiple hooks and the same hook multiple times.
+   *
+   * @param {string|object} name The name of the hook, or an object of callbacks keyed by name
+   * @param {HookCallback|boolean} callback The callback function which is given environment variables.
+   * @param {?boolean} [first=false] Will add the hook to the top of the list (defaults to the bottom)
+   * @public
+   */
+  add(name, callback, first) {
+    if (typeof arguments[0] != 'string') {
+      // Multiple hook callbacks, keyed by name
+      for (let name in arguments[0]) {
+        this.add(name, arguments[0][name], arguments[1]);
+      }
+    } else {
+      (Array.isArray(name) ? name : [name]).forEach(function (name) {
+        this[name] = this[name] || [];
+        if (callback) {
+          this[name][first ? 'unshift' : 'push'](callback);
+        }
+      }, this);
+    }
+  }
+
+  /**
+   * Runs a hook invoking all registered callbacks with the given environment variables.
+   *
+   * Callbacks will be invoked synchronously and in the order in which they were registered.
+   *
+   * @param {string} name The name of the hook.
+   * @param {Object<string, any>} env The environment variables of the hook passed to all callbacks registered.
+   * @public
+   */
+  run(name, env) {
+    this[name] = this[name] || [];
+    this[name].forEach(function (callback) {
+      callback.call(env && env.context ? env.context : env, env);
+    });
+  }
+}
+
+/**
+ * @implements {IPlugins}
+ */
+class Plugins {
+  constructor(jsep) {
+    this.jsep = jsep;
+    this.registered = {};
+  }
+
+  /**
+   * @callback PluginSetup
+   * @this {Jsep} jsep
+   * @returns: void
+   */
+  /**
+   * Adds the given plugin(s) to the registry
+   *
+   * @param {object} plugins
+   * @param {string} plugins.name The name of the plugin
+   * @param {PluginSetup} plugins.init The init function
+   * @public
+   */
+  register(...plugins) {
+    plugins.forEach(plugin => {
+      if (typeof plugin !== 'object' || !plugin.name || !plugin.init) {
+        throw new Error('Invalid JSEP plugin format');
+      }
+      if (this.registered[plugin.name]) {
+        // already registered. Ignore.
+        return;
+      }
+      plugin.init(this.jsep);
+      this.registered[plugin.name] = plugin;
+    });
+  }
+}
+
+//     JavaScript Expression Parser (JSEP) 1.4.0
+
+class Jsep {
+  /**
+   * @returns {string}
+   */
+  static get version() {
+    // To be filled in by the template
+    return '1.4.0';
+  }
+
+  /**
+   * @returns {string}
+   */
+  static toString() {
+    return 'JavaScript Expression Parser (JSEP) v' + Jsep.version;
+  }
+  // ==================== CONFIG ================================
+  /**
+   * @method addUnaryOp
+   * @param {string} op_name The name of the unary op to add
+   * @returns {Jsep}
+   */
+  static addUnaryOp(op_name) {
+    Jsep.max_unop_len = Math.max(op_name.length, Jsep.max_unop_len);
+    Jsep.unary_ops[op_name] = 1;
+    return Jsep;
+  }
+
+  /**
+   * @method jsep.addBinaryOp
+   * @param {string} op_name The name of the binary op to add
+   * @param {number} precedence The precedence of the binary op (can be a float). Higher number = higher precedence
+   * @param {boolean} [isRightAssociative=false] whether operator is right-associative
+   * @returns {Jsep}
+   */
+  static addBinaryOp(op_name, precedence, isRightAssociative) {
+    Jsep.max_binop_len = Math.max(op_name.length, Jsep.max_binop_len);
+    Jsep.binary_ops[op_name] = precedence;
+    if (isRightAssociative) {
+      Jsep.right_associative.add(op_name);
+    } else {
+      Jsep.right_associative.delete(op_name);
+    }
+    return Jsep;
+  }
+
+  /**
+   * @method addIdentifierChar
+   * @param {string} char The additional character to treat as a valid part of an identifier
+   * @returns {Jsep}
+   */
+  static addIdentifierChar(char) {
+    Jsep.additional_identifier_chars.add(char);
+    return Jsep;
+  }
+
+  /**
+   * @method addLiteral
+   * @param {string} literal_name The name of the literal to add
+   * @param {*} literal_value The value of the literal
+   * @returns {Jsep}
+   */
+  static addLiteral(literal_name, literal_value) {
+    Jsep.literals[literal_name] = literal_value;
+    return Jsep;
+  }
+
+  /**
+   * @method removeUnaryOp
+   * @param {string} op_name The name of the unary op to remove
+   * @returns {Jsep}
+   */
+  static removeUnaryOp(op_name) {
+    delete Jsep.unary_ops[op_name];
+    if (op_name.length === Jsep.max_unop_len) {
+      Jsep.max_unop_len = Jsep.getMaxKeyLen(Jsep.unary_ops);
+    }
+    return Jsep;
+  }
+
+  /**
+   * @method removeAllUnaryOps
+   * @returns {Jsep}
+   */
+  static removeAllUnaryOps() {
+    Jsep.unary_ops = {};
+    Jsep.max_unop_len = 0;
+    return Jsep;
+  }
+
+  /**
+   * @method removeIdentifierChar
+   * @param {string} char The additional character to stop treating as a valid part of an identifier
+   * @returns {Jsep}
+   */
+  static removeIdentifierChar(char) {
+    Jsep.additional_identifier_chars.delete(char);
+    return Jsep;
+  }
+
+  /**
+   * @method removeBinaryOp
+   * @param {string} op_name The name of the binary op to remove
+   * @returns {Jsep}
+   */
+  static removeBinaryOp(op_name) {
+    delete Jsep.binary_ops[op_name];
+    if (op_name.length === Jsep.max_binop_len) {
+      Jsep.max_binop_len = Jsep.getMaxKeyLen(Jsep.binary_ops);
+    }
+    Jsep.right_associative.delete(op_name);
+    return Jsep;
+  }
+
+  /**
+   * @method removeAllBinaryOps
+   * @returns {Jsep}
+   */
+  static removeAllBinaryOps() {
+    Jsep.binary_ops = {};
+    Jsep.max_binop_len = 0;
+    return Jsep;
+  }
+
+  /**
+   * @method removeLiteral
+   * @param {string} literal_name The name of the literal to remove
+   * @returns {Jsep}
+   */
+  static removeLiteral(literal_name) {
+    delete Jsep.literals[literal_name];
+    return Jsep;
+  }
+
+  /**
+   * @method removeAllLiterals
+   * @returns {Jsep}
+   */
+  static removeAllLiterals() {
+    Jsep.literals = {};
+    return Jsep;
+  }
+  // ==================== END CONFIG ============================
+
+  /**
+   * @returns {string}
+   */
+  get char() {
+    return this.expr.charAt(this.index);
+  }
+
+  /**
+   * @returns {number}
+   */
+  get code() {
+    return this.expr.charCodeAt(this.index);
+  }
+  /**
+   * @param {string} expr a string with the passed in express
+   * @returns Jsep
+   */
+  constructor(expr) {
+    // `index` stores the character number we are currently at
+    // All of the gobbles below will modify `index` as we move along
+    this.expr = expr;
+    this.index = 0;
+  }
+
+  /**
+   * static top-level parser
+   * @returns {jsep.Expression}
+   */
+  static parse(expr) {
+    return new Jsep(expr).parse();
+  }
+
+  /**
+   * Get the longest key length of any object
+   * @param {object} obj
+   * @returns {number}
+   */
+  static getMaxKeyLen(obj) {
+    return Math.max(0, ...Object.keys(obj).map(k => k.length));
+  }
+
+  /**
+   * `ch` is a character code in the next three functions
+   * @param {number} ch
+   * @returns {boolean}
+   */
+  static isDecimalDigit(ch) {
+    return ch >= 48 && ch <= 57; // 0...9
+  }
+
+  /**
+   * Returns the precedence of a binary operator or `0` if it isn't a binary operator. Can be float.
+   * @param {string} op_val
+   * @returns {number}
+   */
+  static binaryPrecedence(op_val) {
+    return Jsep.binary_ops[op_val] || 0;
+  }
+
+  /**
+   * Looks for start of identifier
+   * @param {number} ch
+   * @returns {boolean}
+   */
+  static isIdentifierStart(ch) {
+    return ch >= 65 && ch <= 90 ||
+    // A...Z
+    ch >= 97 && ch <= 122 ||
+    // a...z
+    ch >= 128 && !Jsep.binary_ops[String.fromCharCode(ch)] ||
+    // any non-ASCII that is not an operator
+    Jsep.additional_identifier_chars.has(String.fromCharCode(ch)); // additional characters
+  }
+
+  /**
+   * @param {number} ch
+   * @returns {boolean}
+   */
+  static isIdentifierPart(ch) {
+    return Jsep.isIdentifierStart(ch) || Jsep.isDecimalDigit(ch);
+  }
+
+  /**
+   * throw error at index of the expression
+   * @param {string} message
+   * @throws
+   */
+  throwError(message) {
+    const error = new Error(message + ' at character ' + this.index);
+    error.index = this.index;
+    error.description = message;
+    throw error;
+  }
+
+  /**
+   * Run a given hook
+   * @param {string} name
+   * @param {jsep.Expression|false} [node]
+   * @returns {?jsep.Expression}
+   */
+  runHook(name, node) {
+    if (Jsep.hooks[name]) {
+      const env = {
+        context: this,
+        node
+      };
+      Jsep.hooks.run(name, env);
+      return env.node;
+    }
+    return node;
+  }
+
+  /**
+   * Runs a given hook until one returns a node
+   * @param {string} name
+   * @returns {?jsep.Expression}
+   */
+  searchHook(name) {
+    if (Jsep.hooks[name]) {
+      const env = {
+        context: this
+      };
+      Jsep.hooks[name].find(function (callback) {
+        callback.call(env.context, env);
+        return env.node;
+      });
+      return env.node;
+    }
+  }
+
+  /**
+   * Push `index` up to the next non-space character
+   */
+  gobbleSpaces() {
+    let ch = this.code;
+    // Whitespace
+    while (ch === Jsep.SPACE_CODE || ch === Jsep.TAB_CODE || ch === Jsep.LF_CODE || ch === Jsep.CR_CODE) {
+      ch = this.expr.charCodeAt(++this.index);
+    }
+    this.runHook('gobble-spaces');
+  }
+
+  /**
+   * Top-level method to parse all expressions and returns compound or single node
+   * @returns {jsep.Expression}
+   */
+  parse() {
+    this.runHook('before-all');
+    const nodes = this.gobbleExpressions();
+
+    // If there's only one expression just try returning the expression
+    const node = nodes.length === 1 ? nodes[0] : {
+      type: Jsep.COMPOUND,
+      body: nodes
+    };
+    return this.runHook('after-all', node);
+  }
+
+  /**
+   * top-level parser (but can be reused within as well)
+   * @param {number} [untilICode]
+   * @returns {jsep.Expression[]}
+   */
+  gobbleExpressions(untilICode) {
+    let nodes = [],
+      ch_i,
+      node;
+    while (this.index < this.expr.length) {
+      ch_i = this.code;
+
+      // Expressions can be separated by semicolons, commas, or just inferred without any
+      // separators
+      if (ch_i === Jsep.SEMCOL_CODE || ch_i === Jsep.COMMA_CODE) {
+        this.index++; // ignore separators
+      } else {
+        // Try to gobble each expression individually
+        if (node = this.gobbleExpression()) {
+          nodes.push(node);
+          // If we weren't able to find a binary expression and are out of room, then
+          // the expression passed in probably has too much
+        } else if (this.index < this.expr.length) {
+          if (ch_i === untilICode) {
+            break;
+          }
+          this.throwError('Unexpected "' + this.char + '"');
+        }
+      }
+    }
+    return nodes;
+  }
+
+  /**
+   * The main parsing function.
+   * @returns {?jsep.Expression}
+   */
+  gobbleExpression() {
+    const node = this.searchHook('gobble-expression') || this.gobbleBinaryExpression();
+    this.gobbleSpaces();
+    return this.runHook('after-expression', node);
+  }
+
+  /**
+   * Search for the operation portion of the string (e.g. `+`, `===`)
+   * Start by taking the longest possible binary operations (3 characters: `===`, `!==`, `>>>`)
+   * and move down from 3 to 2 to 1 character until a matching binary operation is found
+   * then, return that binary operation
+   * @returns {string|boolean}
+   */
+  gobbleBinaryOp() {
+    this.gobbleSpaces();
+    let to_check = this.expr.substr(this.index, Jsep.max_binop_len);
+    let tc_len = to_check.length;
+    while (tc_len > 0) {
+      // Don't accept a binary op when it is an identifier.
+      // Binary ops that start with a identifier-valid character must be followed
+      // by a non identifier-part valid character
+      if (Jsep.binary_ops.hasOwnProperty(to_check) && (!Jsep.isIdentifierStart(this.code) || this.index + to_check.length < this.expr.length && !Jsep.isIdentifierPart(this.expr.charCodeAt(this.index + to_check.length)))) {
+        this.index += tc_len;
+        return to_check;
+      }
+      to_check = to_check.substr(0, --tc_len);
+    }
+    return false;
+  }
+
+  /**
+   * This function is responsible for gobbling an individual expression,
+   * e.g. `1`, `1+2`, `a+(b*2)-Math.sqrt(2)`
+   * @returns {?jsep.BinaryExpression}
+   */
+  gobbleBinaryExpression() {
+    let node, biop, prec, stack, biop_info, left, right, i, cur_biop;
+
+    // First, try to get the leftmost thing
+    // Then, check to see if there's a binary operator operating on that leftmost thing
+    // Don't gobbleBinaryOp without a left-hand-side
+    left = this.gobbleToken();
+    if (!left) {
+      return left;
+    }
+    biop = this.gobbleBinaryOp();
+
+    // If there wasn't a binary operator, just return the leftmost node
+    if (!biop) {
+      return left;
+    }
+
+    // Otherwise, we need to start a stack to properly place the binary operations in their
+    // precedence structure
+    biop_info = {
+      value: biop,
+      prec: Jsep.binaryPrecedence(biop),
+      right_a: Jsep.right_associative.has(biop)
+    };
+    right = this.gobbleToken();
+    if (!right) {
+      this.throwError("Expected expression after " + biop);
+    }
+    stack = [left, biop_info, right];
+
+    // Properly deal with precedence using [recursive descent](http://www.engr.mun.ca/~theo/Misc/exp_parsing.htm)
+    while (biop = this.gobbleBinaryOp()) {
+      prec = Jsep.binaryPrecedence(biop);
+      if (prec === 0) {
+        this.index -= biop.length;
+        break;
+      }
+      biop_info = {
+        value: biop,
+        prec,
+        right_a: Jsep.right_associative.has(biop)
+      };
+      cur_biop = biop;
+
+      // Reduce: make a binary expression from the three topmost entries.
+      const comparePrev = prev => biop_info.right_a && prev.right_a ? prec > prev.prec : prec <= prev.prec;
+      while (stack.length > 2 && comparePrev(stack[stack.length - 2])) {
+        right = stack.pop();
+        biop = stack.pop().value;
+        left = stack.pop();
+        node = {
+          type: Jsep.BINARY_EXP,
+          operator: biop,
+          left,
+          right
+        };
+        stack.push(node);
+      }
+      node = this.gobbleToken();
+      if (!node) {
+        this.throwError("Expected expression after " + cur_biop);
+      }
+      stack.push(biop_info, node);
+    }
+    i = stack.length - 1;
+    node = stack[i];
+    while (i > 1) {
+      node = {
+        type: Jsep.BINARY_EXP,
+        operator: stack[i - 1].value,
+        left: stack[i - 2],
+        right: node
+      };
+      i -= 2;
+    }
+    return node;
+  }
+
+  /**
+   * An individual part of a binary expression:
+   * e.g. `foo.bar(baz)`, `1`, `"abc"`, `(a % 2)` (because it's in parenthesis)
+   * @returns {boolean|jsep.Expression}
+   */
+  gobbleToken() {
+    let ch, to_check, tc_len, node;
+    this.gobbleSpaces();
+    node = this.searchHook('gobble-token');
+    if (node) {
+      return this.runHook('after-token', node);
+    }
+    ch = this.code;
+    if (Jsep.isDecimalDigit(ch) || ch === Jsep.PERIOD_CODE) {
+      // Char code 46 is a dot `.` which can start off a numeric literal
+      return this.gobbleNumericLiteral();
+    }
+    if (ch === Jsep.SQUOTE_CODE || ch === Jsep.DQUOTE_CODE) {
+      // Single or double quotes
+      node = this.gobbleStringLiteral();
+    } else if (ch === Jsep.OBRACK_CODE) {
+      node = this.gobbleArray();
+    } else {
+      to_check = this.expr.substr(this.index, Jsep.max_unop_len);
+      tc_len = to_check.length;
+      while (tc_len > 0) {
+        // Don't accept an unary op when it is an identifier.
+        // Unary ops that start with a identifier-valid character must be followed
+        // by a non identifier-part valid character
+        if (Jsep.unary_ops.hasOwnProperty(to_check) && (!Jsep.isIdentifierStart(this.code) || this.index + to_check.length < this.expr.length && !Jsep.isIdentifierPart(this.expr.charCodeAt(this.index + to_check.length)))) {
+          this.index += tc_len;
+          const argument = this.gobbleToken();
+          if (!argument) {
+            this.throwError('missing unaryOp argument');
+          }
+          return this.runHook('after-token', {
+            type: Jsep.UNARY_EXP,
+            operator: to_check,
+            argument,
+            prefix: true
+          });
+        }
+        to_check = to_check.substr(0, --tc_len);
+      }
+      if (Jsep.isIdentifierStart(ch)) {
+        node = this.gobbleIdentifier();
+        if (Jsep.literals.hasOwnProperty(node.name)) {
+          node = {
+            type: Jsep.LITERAL,
+            value: Jsep.literals[node.name],
+            raw: node.name
+          };
+        } else if (node.name === Jsep.this_str) {
+          node = {
+            type: Jsep.THIS_EXP
+          };
+        }
+      } else if (ch === Jsep.OPAREN_CODE) {
+        // open parenthesis
+        node = this.gobbleGroup();
+      }
+    }
+    if (!node) {
+      return this.runHook('after-token', false);
+    }
+    node = this.gobbleTokenProperty(node);
+    return this.runHook('after-token', node);
+  }
+
+  /**
+   * Gobble properties of of identifiers/strings/arrays/groups.
+   * e.g. `foo`, `bar.baz`, `foo['bar'].baz`
+   * It also gobbles function calls:
+   * e.g. `Math.acos(obj.angle)`
+   * @param {jsep.Expression} node
+   * @returns {jsep.Expression}
+   */
+  gobbleTokenProperty(node) {
+    this.gobbleSpaces();
+    let ch = this.code;
+    while (ch === Jsep.PERIOD_CODE || ch === Jsep.OBRACK_CODE || ch === Jsep.OPAREN_CODE || ch === Jsep.QUMARK_CODE) {
+      let optional;
+      if (ch === Jsep.QUMARK_CODE) {
+        if (this.expr.charCodeAt(this.index + 1) !== Jsep.PERIOD_CODE) {
+          break;
+        }
+        optional = true;
+        this.index += 2;
+        this.gobbleSpaces();
+        ch = this.code;
+      }
+      this.index++;
+      if (ch === Jsep.OBRACK_CODE) {
+        node = {
+          type: Jsep.MEMBER_EXP,
+          computed: true,
+          object: node,
+          property: this.gobbleExpression()
+        };
+        if (!node.property) {
+          this.throwError('Unexpected "' + this.char + '"');
+        }
+        this.gobbleSpaces();
+        ch = this.code;
+        if (ch !== Jsep.CBRACK_CODE) {
+          this.throwError('Unclosed [');
+        }
+        this.index++;
+      } else if (ch === Jsep.OPAREN_CODE) {
+        // A function call is being made; gobble all the arguments
+        node = {
+          type: Jsep.CALL_EXP,
+          'arguments': this.gobbleArguments(Jsep.CPAREN_CODE),
+          callee: node
+        };
+      } else if (ch === Jsep.PERIOD_CODE || optional) {
+        if (optional) {
+          this.index--;
+        }
+        this.gobbleSpaces();
+        node = {
+          type: Jsep.MEMBER_EXP,
+          computed: false,
+          object: node,
+          property: this.gobbleIdentifier()
+        };
+      }
+      if (optional) {
+        node.optional = true;
+      } // else leave undefined for compatibility with esprima
+
+      this.gobbleSpaces();
+      ch = this.code;
+    }
+    return node;
+  }
+
+  /**
+   * Parse simple numeric literals: `12`, `3.4`, `.5`. Do this by using a string to
+   * keep track of everything in the numeric literal and then calling `parseFloat` on that string
+   * @returns {jsep.Literal}
+   */
+  gobbleNumericLiteral() {
+    let number = '',
+      ch,
+      chCode;
+    while (Jsep.isDecimalDigit(this.code)) {
+      number += this.expr.charAt(this.index++);
+    }
+    if (this.code === Jsep.PERIOD_CODE) {
+      // can start with a decimal marker
+      number += this.expr.charAt(this.index++);
+      while (Jsep.isDecimalDigit(this.code)) {
+        number += this.expr.charAt(this.index++);
+      }
+    }
+    ch = this.char;
+    if (ch === 'e' || ch === 'E') {
+      // exponent marker
+      number += this.expr.charAt(this.index++);
+      ch = this.char;
+      if (ch === '+' || ch === '-') {
+        // exponent sign
+        number += this.expr.charAt(this.index++);
+      }
+      while (Jsep.isDecimalDigit(this.code)) {
+        // exponent itself
+        number += this.expr.charAt(this.index++);
+      }
+      if (!Jsep.isDecimalDigit(this.expr.charCodeAt(this.index - 1))) {
+        this.throwError('Expected exponent (' + number + this.char + ')');
+      }
+    }
+    chCode = this.code;
+
+    // Check to make sure this isn't a variable name that start with a number (123abc)
+    if (Jsep.isIdentifierStart(chCode)) {
+      this.throwError('Variable names cannot start with a number (' + number + this.char + ')');
+    } else if (chCode === Jsep.PERIOD_CODE || number.length === 1 && number.charCodeAt(0) === Jsep.PERIOD_CODE) {
+      this.throwError('Unexpected period');
+    }
+    return {
+      type: Jsep.LITERAL,
+      value: parseFloat(number),
+      raw: number
+    };
+  }
+
+  /**
+   * Parses a string literal, staring with single or double quotes with basic support for escape codes
+   * e.g. `"hello world"`, `'this is\nJSEP'`
+   * @returns {jsep.Literal}
+   */
+  gobbleStringLiteral() {
+    let str = '';
+    const startIndex = this.index;
+    const quote = this.expr.charAt(this.index++);
+    let closed = false;
+    while (this.index < this.expr.length) {
+      let ch = this.expr.charAt(this.index++);
+      if (ch === quote) {
+        closed = true;
+        break;
+      } else if (ch === '\\') {
+        // Check for all of the common escape codes
+        ch = this.expr.charAt(this.index++);
+        switch (ch) {
+          case 'n':
+            str += '\n';
+            break;
+          case 'r':
+            str += '\r';
+            break;
+          case 't':
+            str += '\t';
+            break;
+          case 'b':
+            str += '\b';
+            break;
+          case 'f':
+            str += '\f';
+            break;
+          case 'v':
+            str += '\x0B';
+            break;
+          default:
+            str += ch;
+        }
+      } else {
+        str += ch;
+      }
+    }
+    if (!closed) {
+      this.throwError('Unclosed quote after "' + str + '"');
+    }
+    return {
+      type: Jsep.LITERAL,
+      value: str,
+      raw: this.expr.substring(startIndex, this.index)
+    };
+  }
+
+  /**
+   * Gobbles only identifiers
+   * e.g.: `foo`, `_value`, `$x1`
+   * Also, this function checks if that identifier is a literal:
+   * (e.g. `true`, `false`, `null`) or `this`
+   * @returns {jsep.Identifier}
+   */
+  gobbleIdentifier() {
+    let ch = this.code,
+      start = this.index;
+    if (Jsep.isIdentifierStart(ch)) {
+      this.index++;
+    } else {
+      this.throwError('Unexpected ' + this.char);
+    }
+    while (this.index < this.expr.length) {
+      ch = this.code;
+      if (Jsep.isIdentifierPart(ch)) {
+        this.index++;
+      } else {
+        break;
+      }
+    }
+    return {
+      type: Jsep.IDENTIFIER,
+      name: this.expr.slice(start, this.index)
+    };
+  }
+
+  /**
+   * Gobbles a list of arguments within the context of a function call
+   * or array literal. This function also assumes that the opening character
+   * `(` or `[` has already been gobbled, and gobbles expressions and commas
+   * until the terminator character `)` or `]` is encountered.
+   * e.g. `foo(bar, baz)`, `my_func()`, or `[bar, baz]`
+   * @param {number} termination
+   * @returns {jsep.Expression[]}
+   */
+  gobbleArguments(termination) {
+    const args = [];
+    let closed = false;
+    let separator_count = 0;
+    while (this.index < this.expr.length) {
+      this.gobbleSpaces();
+      let ch_i = this.code;
+      if (ch_i === termination) {
+        // done parsing
+        closed = true;
+        this.index++;
+        if (termination === Jsep.CPAREN_CODE && separator_count && separator_count >= args.length) {
+          this.throwError('Unexpected token ' + String.fromCharCode(termination));
+        }
+        break;
+      } else if (ch_i === Jsep.COMMA_CODE) {
+        // between expressions
+        this.index++;
+        separator_count++;
+        if (separator_count !== args.length) {
+          // missing argument
+          if (termination === Jsep.CPAREN_CODE) {
+            this.throwError('Unexpected token ,');
+          } else if (termination === Jsep.CBRACK_CODE) {
+            for (let arg = args.length; arg < separator_count; arg++) {
+              args.push(null);
+            }
+          }
+        }
+      } else if (args.length !== separator_count && separator_count !== 0) {
+        // NOTE: `&& separator_count !== 0` allows for either all commas, or all spaces as arguments
+        this.throwError('Expected comma');
+      } else {
+        const node = this.gobbleExpression();
+        if (!node || node.type === Jsep.COMPOUND) {
+          this.throwError('Expected comma');
+        }
+        args.push(node);
+      }
+    }
+    if (!closed) {
+      this.throwError('Expected ' + String.fromCharCode(termination));
+    }
+    return args;
+  }
+
+  /**
+   * Responsible for parsing a group of things within parentheses `()`
+   * that have no identifier in front (so not a function call)
+   * This function assumes that it needs to gobble the opening parenthesis
+   * and then tries to gobble everything within that parenthesis, assuming
+   * that the next thing it should see is the close parenthesis. If not,
+   * then the expression probably doesn't have a `)`
+   * @returns {boolean|jsep.Expression}
+   */
+  gobbleGroup() {
+    this.index++;
+    let nodes = this.gobbleExpressions(Jsep.CPAREN_CODE);
+    if (this.code === Jsep.CPAREN_CODE) {
+      this.index++;
+      if (nodes.length === 1) {
+        return nodes[0];
+      } else if (!nodes.length) {
+        return false;
+      } else {
+        return {
+          type: Jsep.SEQUENCE_EXP,
+          expressions: nodes
+        };
+      }
+    } else {
+      this.throwError('Unclosed (');
+    }
+  }
+
+  /**
+   * Responsible for parsing Array literals `[1, 2, 3]`
+   * This function assumes that it needs to gobble the opening bracket
+   * and then tries to gobble the expressions as arguments.
+   * @returns {jsep.ArrayExpression}
+   */
+  gobbleArray() {
+    this.index++;
+    return {
+      type: Jsep.ARRAY_EXP,
+      elements: this.gobbleArguments(Jsep.CBRACK_CODE)
+    };
+  }
+}
+
+// Static fields:
+const hooks = new Hooks();
+Object.assign(Jsep, {
+  hooks,
+  plugins: new Plugins(Jsep),
+  // Node Types
+  // ----------
+  // This is the full set of types that any JSEP node can be.
+  // Store them here to save space when minified
+  COMPOUND: 'Compound',
+  SEQUENCE_EXP: 'SequenceExpression',
+  IDENTIFIER: 'Identifier',
+  MEMBER_EXP: 'MemberExpression',
+  LITERAL: 'Literal',
+  THIS_EXP: 'ThisExpression',
+  CALL_EXP: 'CallExpression',
+  UNARY_EXP: 'UnaryExpression',
+  BINARY_EXP: 'BinaryExpression',
+  ARRAY_EXP: 'ArrayExpression',
+  TAB_CODE: 9,
+  LF_CODE: 10,
+  CR_CODE: 13,
+  SPACE_CODE: 32,
+  PERIOD_CODE: 46,
+  // '.'
+  COMMA_CODE: 44,
+  // ','
+  SQUOTE_CODE: 39,
+  // single quote
+  DQUOTE_CODE: 34,
+  // double quotes
+  OPAREN_CODE: 40,
+  // (
+  CPAREN_CODE: 41,
+  // )
+  OBRACK_CODE: 91,
+  // [
+  CBRACK_CODE: 93,
+  // ]
+  QUMARK_CODE: 63,
+  // ?
+  SEMCOL_CODE: 59,
+  // ;
+  COLON_CODE: 58,
+  // :
+
+  // Operations
+  // ----------
+  // Use a quickly-accessible map to store all of the unary operators
+  // Values are set to `1` (it really doesn't matter)
+  unary_ops: {
+    '-': 1,
+    '!': 1,
+    '~': 1,
+    '+': 1
+  },
+  // Also use a map for the binary operations but set their values to their
+  // binary precedence for quick reference (higher number = higher precedence)
+  // see [Order of operations](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Operator_Precedence)
+  binary_ops: {
+    '||': 1,
+    '??': 1,
+    '&&': 2,
+    '|': 3,
+    '^': 4,
+    '&': 5,
+    '==': 6,
+    '!=': 6,
+    '===': 6,
+    '!==': 6,
+    '<': 7,
+    '>': 7,
+    '<=': 7,
+    '>=': 7,
+    '<<': 8,
+    '>>': 8,
+    '>>>': 8,
+    '+': 9,
+    '-': 9,
+    '*': 10,
+    '/': 10,
+    '%': 10,
+    '**': 11
+  },
+  // sets specific binary_ops as right-associative
+  right_associative: new Set(['**']),
+  // Additional valid identifier chars, apart from a-z, A-Z and 0-9 (except on the starting char)
+  additional_identifier_chars: new Set(['$', '_']),
+  // Literals
+  // ----------
+  // Store the values to return for the various literals we may encounter
+  literals: {
+    'true': true,
+    'false': false,
+    'null': null
+  },
+  // Except for `this`, which is special. This could be changed to something like `'self'` as well
+  this_str: 'this'
+});
+Jsep.max_unop_len = Jsep.getMaxKeyLen(Jsep.unary_ops);
+Jsep.max_binop_len = Jsep.getMaxKeyLen(Jsep.binary_ops);
+
+// Backward Compatibility:
+const jsep = expr => new Jsep(expr).parse();
+const stdClassProps = Object.getOwnPropertyNames(class Test {});
+Object.getOwnPropertyNames(Jsep).filter(prop => !stdClassProps.includes(prop) && jsep[prop] === undefined).forEach(m => {
+  jsep[m] = Jsep[m];
+});
+jsep.Jsep = Jsep; // allows for const { Jsep } = require('jsep');
+
+const CONDITIONAL_EXP = 'ConditionalExpression';
+var ternary = {
+  name: 'ternary',
+  init(jsep) {
+    // Ternary expression: test ? consequent : alternate
+    jsep.hooks.add('after-expression', function gobbleTernary(env) {
+      if (env.node && this.code === jsep.QUMARK_CODE) {
+        this.index++;
+        const test = env.node;
+        const consequent = this.gobbleExpression();
+        if (!consequent) {
+          this.throwError('Expected expression');
+        }
+        this.gobbleSpaces();
+        if (this.code === jsep.COLON_CODE) {
+          this.index++;
+          const alternate = this.gobbleExpression();
+          if (!alternate) {
+            this.throwError('Expected expression');
+          }
+          env.node = {
+            type: CONDITIONAL_EXP,
+            test,
+            consequent,
+            alternate
+          };
+
+          // check for operators of higher priority than ternary (i.e. assignment)
+          // jsep sets || at 1, and assignment at 0.9, and conditional should be between them
+          if (test.operator && jsep.binary_ops[test.operator] <= 0.9) {
+            let newTest = test;
+            while (newTest.right.operator && jsep.binary_ops[newTest.right.operator] <= 0.9) {
+              newTest = newTest.right;
+            }
+            env.node.test = newTest.right;
+            newTest.right = env.node;
+            env.node = test;
+          }
+        } else {
+          this.throwError('Expected :');
+        }
+      }
+    });
+  }
+};
+
+// Add default plugins:
+
+jsep.plugins.register(ternary);
+
+const FSLASH_CODE = 47; // '/'
+const BSLASH_CODE = 92; // '\\'
+
+var index = {
+  name: 'regex',
+  init(jsep) {
+    // Regex literal: /abc123/ig
+    jsep.hooks.add('gobble-token', function gobbleRegexLiteral(env) {
+      if (this.code === FSLASH_CODE) {
+        const patternIndex = ++this.index;
+        let inCharSet = false;
+        while (this.index < this.expr.length) {
+          if (this.code === FSLASH_CODE && !inCharSet) {
+            const pattern = this.expr.slice(patternIndex, this.index);
+            let flags = '';
+            while (++this.index < this.expr.length) {
+              const code = this.code;
+              if (code >= 97 && code <= 122 // a...z
+              || code >= 65 && code <= 90 // A...Z
+              || code >= 48 && code <= 57) {
+                // 0-9
+                flags += this.char;
+              } else {
+                break;
+              }
+            }
+            let value;
+            try {
+              value = new RegExp(pattern, flags);
+            } catch (e) {
+              this.throwError(e.message);
+            }
+            env.node = {
+              type: jsep.LITERAL,
+              value,
+              raw: this.expr.slice(patternIndex - 1, this.index)
+            };
+
+            // allow . [] and () after regex: /regex/.test(a)
+            env.node = this.gobbleTokenProperty(env.node);
+            return env.node;
+          }
+          if (this.code === jsep.OBRACK_CODE) {
+            inCharSet = true;
+          } else if (inCharSet && this.code === jsep.CBRACK_CODE) {
+            inCharSet = false;
+          }
+          this.index += this.code === BSLASH_CODE ? 2 : 1;
+        }
+        this.throwError('Unclosed Regex');
+      }
+    });
+  }
+};
+
+const PLUS_CODE = 43; // +
+const MINUS_CODE = 45; // -
+
+const plugin = {
+  name: 'assignment',
+  assignmentOperators: new Set(['=', '*=', '**=', '/=', '%=', '+=', '-=', '<<=', '>>=', '>>>=', '&=', '^=', '|=', '||=', '&&=', '??=']),
+  updateOperators: [PLUS_CODE, MINUS_CODE],
+  assignmentPrecedence: 0.9,
+  init(jsep) {
+    const updateNodeTypes = [jsep.IDENTIFIER, jsep.MEMBER_EXP];
+    plugin.assignmentOperators.forEach(op => jsep.addBinaryOp(op, plugin.assignmentPrecedence, true));
+    jsep.hooks.add('gobble-token', function gobbleUpdatePrefix(env) {
+      const code = this.code;
+      if (plugin.updateOperators.some(c => c === code && c === this.expr.charCodeAt(this.index + 1))) {
+        this.index += 2;
+        env.node = {
+          type: 'UpdateExpression',
+          operator: code === PLUS_CODE ? '++' : '--',
+          argument: this.gobbleTokenProperty(this.gobbleIdentifier()),
+          prefix: true
+        };
+        if (!env.node.argument || !updateNodeTypes.includes(env.node.argument.type)) {
+          this.throwError(`Unexpected ${env.node.operator}`);
+        }
+      }
+    });
+    jsep.hooks.add('after-token', function gobbleUpdatePostfix(env) {
+      if (env.node) {
+        const code = this.code;
+        if (plugin.updateOperators.some(c => c === code && c === this.expr.charCodeAt(this.index + 1))) {
+          if (!updateNodeTypes.includes(env.node.type)) {
+            this.throwError(`Unexpected ${env.node.operator}`);
+          }
+          this.index += 2;
+          env.node = {
+            type: 'UpdateExpression',
+            operator: code === PLUS_CODE ? '++' : '--',
+            argument: env.node,
+            prefix: false
+          };
+        }
+      }
+    });
+    jsep.hooks.add('after-expression', function gobbleAssignment(env) {
+      if (env.node) {
+        // Note: Binaries can be chained in a single expression to respect
+        // operator precedence (i.e. a = b = 1 + 2 + 3)
+        // Update all binary assignment nodes in the tree
+        updateBinariesToAssignments(env.node);
+      }
+    });
+    function updateBinariesToAssignments(node) {
+      if (plugin.assignmentOperators.has(node.operator)) {
+        node.type = 'AssignmentExpression';
+        updateBinariesToAssignments(node.left);
+        updateBinariesToAssignments(node.right);
+      } else if (!node.operator) {
+        Object.values(node).forEach(val => {
+          if (val && typeof val === 'object') {
+            updateBinariesToAssignments(val);
+          }
+        });
+      }
+    }
+  }
+};
+
+/* eslint-disable no-bitwise -- Convenient */
+
+// register plugins
+jsep.plugins.register(index, plugin);
+jsep.addUnaryOp('typeof');
+jsep.addUnaryOp('void');
+jsep.addLiteral('null', null);
+jsep.addLiteral('undefined', undefined);
 
 var commonjsGlobal = typeof globalThis !== 'undefined' ? globalThis : typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
 
@@ -2485,11 +3692,11 @@ function requireIdentifiers () {
 	return identifiers;
 }
 
-var semver$1;
+var semver$2;
 var hasRequiredSemver$1;
 
 function requireSemver$1 () {
-	if (hasRequiredSemver$1) return semver$1;
+	if (hasRequiredSemver$1) return semver$2;
 	hasRequiredSemver$1 = 1;
 
 	const debug = requireDebug();
@@ -2822,8 +4029,8 @@ function requireSemver$1 () {
 	  }
 	}
 
-	semver$1 = SemVer;
-	return semver$1;
+	semver$2 = SemVer;
+	return semver$2;
 }
 
 var parse_1;
@@ -4744,11 +5951,11 @@ function requireSubset () {
 	return subset_1;
 }
 
-var semver;
+var semver$1;
 var hasRequiredSemver;
 
 function requireSemver () {
-	if (hasRequiredSemver) return semver;
+	if (hasRequiredSemver) return semver$1;
 	hasRequiredSemver = 1;
 
 	// just pre-load all the stuff that index.js lazily exports
@@ -4793,7 +6000,7 @@ function requireSemver () {
 	const intersects = requireIntersects();
 	const simplifyRange = requireSimplify();
 	const subset = requireSubset();
-	semver = {
+	semver$1 = {
 	  parse,
 	  valid,
 	  clean,
@@ -4840,10 +6047,11 @@ function requireSemver () {
 	  compareIdentifiers: identifiers.compareIdentifiers,
 	  rcompareIdentifiers: identifiers.rcompareIdentifiers,
 	};
-	return semver;
+	return semver$1;
 }
 
 var semverExports = requireSemver();
+var semver = /*@__PURE__*/getDefaultExportFromCjs(semverExports);
 
 function commonjsRequire(path) {
 	throw new Error('Could not dynamically require "' + path + '". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.');
@@ -17217,6 +18425,142 @@ ZodPromise.create;
 ZodOptional.create;
 ZodNullable.create;
 
+/**
+ * Directory and file path conventions for the Jeeves platform.
+ */
+/** Core config directory name within the config root. */
+const CORE_CONFIG_DIR = 'jeeves-core';
+/** Prefix for component config directories: `jeeves-{name}`. */
+const COMPONENT_CONFIG_PREFIX = 'jeeves-';
+/** Default workspace file names. */
+const WORKSPACE_FILES = {
+    /** TOOLS.md — live platform state and component sections. */
+    tools: 'TOOLS.md',
+    /** SOUL.md — professional discipline and behavioral foundations. */
+    soul: 'SOUL.md',
+    /** AGENTS.md — operational protocols and memory architecture. */
+    agents: 'AGENTS.md',
+};
+/** Templates directory name within core config. */
+const TEMPLATES_DIR = 'templates';
+/** Registry cache file name. */
+const REGISTRY_CACHE_FILE = 'registry-cache.json';
+/** Core config file name. */
+const CONFIG_FILE = 'config.json';
+/** Component versions state file name. */
+const COMPONENT_VERSIONS_FILE = 'component-versions.json';
+
+/**
+ * Shared file I/O helpers for managed section operations.
+ *
+ * @remarks
+ * Extracts the atomic write pattern and file-level locking into
+ * reusable utilities, eliminating duplication between
+ * `updateManagedSection` and `removeManagedSection`.
+ */
+/** Stale lock threshold in ms (2 minutes). */
+const STALE_LOCK_MS = 120_000;
+/** Default core version when none provided. */
+const DEFAULT_CORE_VERSION = '0.0.0';
+/** Lock retry options. */
+const LOCK_RETRIES = { retries: 5, minTimeout: 100, maxTimeout: 1000 };
+/**
+ * Write content to a file atomically via a temp file + rename.
+ *
+ * @param filePath - Absolute path to the target file.
+ * @param content - Content to write.
+ */
+function atomicWrite(filePath, content) {
+    const dir = dirname(filePath);
+    const tempPath = join(dir, `.${String(Date.now())}.tmp`);
+    writeFileSync(tempPath, content, 'utf-8');
+    renameSync(tempPath, filePath);
+}
+/**
+ * Execute a callback while holding a file lock.
+ *
+ * @remarks
+ * Acquires a lock on the file, executes the callback, and releases
+ * the lock in a finally block. The lock uses a 2-minute stale threshold
+ * and retries up to 5 times.
+ *
+ * @param filePath - Absolute path to the file to lock.
+ * @param fn - Async callback to execute while holding the lock.
+ */
+async function withFileLock(filePath, fn) {
+    let release;
+    try {
+        release = await properLockfileExports.lock(filePath, {
+            stale: STALE_LOCK_MS,
+            retries: LOCK_RETRIES,
+        });
+        await fn();
+    }
+    finally {
+        if (release) {
+            try {
+                await release();
+            }
+            catch {
+                // Lock already released or file deleted — safe to ignore
+            }
+        }
+    }
+}
+
+/**
+ * Shared component version state file management.
+ *
+ * @remarks
+ * Each `ComponentWriter` cycle writes its component's entry to
+ * `{coreConfigDir}/component-versions.json`. The Platform Handlebars
+ * template reads this file to populate ALL rows in the service health
+ * table, not just the calling component's.
+ */
+/**
+ * Read the component versions state file.
+ *
+ * @param coreConfigDir - Path to the core config directory.
+ * @returns The parsed state, or an empty object if the file doesn't exist.
+ */
+function readComponentVersions(coreConfigDir) {
+    const filePath = join(coreConfigDir, COMPONENT_VERSIONS_FILE);
+    if (!existsSync(filePath))
+        return {};
+    try {
+        const raw = readFileSync(filePath, 'utf-8');
+        return JSON.parse(raw);
+    }
+    catch {
+        return {};
+    }
+}
+/**
+ * Write a component's version entry to the shared state file.
+ *
+ * @remarks
+ * Reads the existing file, merges the new entry, and writes atomically.
+ *
+ * @param coreConfigDir - Path to the core config directory.
+ * @param options - Component version data to write.
+ */
+function writeComponentVersion(coreConfigDir, options) {
+    const existing = readComponentVersions(coreConfigDir);
+    existing[options.componentName] = {
+        serviceVersion: options.serviceVersion,
+        pluginVersion: options.pluginVersion,
+        servicePackage: options.servicePackage,
+        pluginPackage: options.pluginPackage,
+        updatedAt: new Date().toISOString(),
+    };
+    const filePath = join(coreConfigDir, COMPONENT_VERSIONS_FILE);
+    const dir = dirname(filePath);
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true });
+    }
+    atomicWrite(filePath, JSON.stringify(existing, null, 2) + '\n');
+}
+
 /**
  * Comment markers for managed content blocks.
  *
@@ -17266,29 +18610,6 @@ const STALENESS_THRESHOLD_MS = 5 * 60 * 1000;
 /** Warning text prepended inside managed block when cleanup is needed. */
 const CLEANUP_FLAG = '> ⚠️ CLEANUP NEEDED: Orphaned Jeeves content may exist below this managed section. Review everything after the END marker and remove any content that duplicates what appears above.';
 
-/**
- * Directory and file path conventions for the Jeeves platform.
- */
-/** Core config directory name within the config root. */
-const CORE_CONFIG_DIR = 'jeeves-core';
-/** Prefix for component config directories: `jeeves-{name}`. */
-const COMPONENT_CONFIG_PREFIX = 'jeeves-';
-/** Default workspace file names. */
-const WORKSPACE_FILES = {
-    /** TOOLS.md — live platform state and component sections. */
-    tools: 'TOOLS.md',
-    /** SOUL.md — professional discipline and behavioral foundations. */
-    soul: 'SOUL.md',
-    /** AGENTS.md — operational protocols and memory architecture. */
-    agents: 'AGENTS.md',
-};
-/** Templates directory name within core config. */
-const TEMPLATES_DIR = 'templates';
-/** Registry cache file name. */
-const REGISTRY_CACHE_FILE = 'registry-cache.json';
-/** Core config file name. */
-const CONFIG_FILE = 'config.json';
-
 /**
  * Default port assignments for Jeeves platform services.
  *
@@ -17351,14 +18672,14 @@ const SECTION_ORDER = [
  * Core library version, inlined at build time.
  *
  * @remarks
- * The `0.1.5` placeholder is replaced by
+ * The `0.1.6` placeholder is replaced by
  * `@rollup/plugin-replace` during the build with the actual version
  * from `package.json`. This ensures the correct version survives
  * when consumers bundle core into their own dist (where runtime
  * `import.meta.url`-based resolution would find the wrong package.json).
  */
 /** The core library version from package.json (inlined at build time). */
-const CORE_VERSION = '0.1.5';
+const CORE_VERSION = '0.1.6';
 
 /**
  * Workspace and config root initialization.
@@ -17670,10 +18991,6 @@ function shouldWrite(myVersion, existing, stalenessThresholdMs = STALENESS_THRES
  *
  * Provides file-level locking, version-stamp convergence, and atomic writes.
  */
-/** Default core version when none provided. */
-const DEFAULT_VERSION = '0.0.0';
-/** Stale lock threshold in ms (2 minutes). */
-const STALE_LOCK_MS = 120_000;
 /**
  * Update a managed section in a file.
  *
@@ -17682,7 +18999,7 @@ const STALE_LOCK_MS = 120_000;
  * @param options - Write mode and optional configuration.
  */
 async function updateManagedSection(filePath, content, options = {}) {
-    const { mode = 'block', sectionId, markers = TOOLS_MARKERS, coreVersion = DEFAULT_VERSION, stalenessThresholdMs, } = options;
+    const { mode = 'block', sectionId, markers = TOOLS_MARKERS, coreVersion = DEFAULT_CORE_VERSION, stalenessThresholdMs, } = options;
     if (mode === 'section' && !sectionId) {
         throw new Error('sectionId is required when mode is "section"');
     }
@@ -17694,93 +19011,77 @@ async function updateManagedSection(filePath, content, options = {}) {
     if (!existsSync(filePath)) {
         writeFileSync(filePath, '', 'utf-8');
     }
-    let release;
     try {
-        release = await properLockfileExports.lock(filePath, {
-            stale: STALE_LOCK_MS,
-            retries: { retries: 5, minTimeout: 100, maxTimeout: 1000 },
-        });
-        const fileContent = readFileSync(filePath, 'utf-8');
-        const parsed = parseManaged(fileContent, markers);
-        // Version-stamp convergence check (block mode only).
-        // In section mode, components always write their own sections — the version
-        // stamp governs shared content convergence, not component-specific sections.
-        if (mode === 'block' &&
-            !shouldWrite(coreVersion, parsed.versionStamp, stalenessThresholdMs)) {
-            return;
-        }
-        let newManagedBody;
-        if (mode === 'block') {
-            // Prepend H1 title if markers specify one
-            newManagedBody = markers.title
-                ? `# ${markers.title}\n\n${content}`
-                : content;
-        }
-        else {
-            // Section mode: upsert the named section
-            const sections = [...parsed.sections];
-            const existingIdx = sections.findIndex((s) => s.id === sectionId);
-            if (existingIdx >= 0) {
-                sections[existingIdx] = { id: sectionId, content };
+        await withFileLock(filePath, () => {
+            const fileContent = readFileSync(filePath, 'utf-8');
+            const parsed = parseManaged(fileContent, markers);
+            // Version-stamp convergence check (block mode only).
+            // In section mode, components always write their own sections — the version
+            // stamp governs shared content convergence, not component-specific sections.
+            if (mode === 'block' &&
+                !shouldWrite(coreVersion, parsed.versionStamp, stalenessThresholdMs)) {
+                return;
+            }
+            let newManagedBody;
+            if (mode === 'block') {
+                // Prepend H1 title if markers specify one
+                newManagedBody = markers.title
+                    ? `# ${markers.title}\n\n${content}`
+                    : content;
             }
             else {
-                sections.push({ id: sectionId, content });
+                // Section mode: upsert the named section
+                const sections = [...parsed.sections];
+                const existingIdx = sections.findIndex((s) => s.id === sectionId);
+                if (existingIdx >= 0) {
+                    sections[existingIdx] = { id: sectionId, content };
+                }
+                else {
+                    sections.push({ id: sectionId, content });
+                }
+                sortSectionsByOrder(sections);
+                const sectionText = sections
+                    .map((s) => `## ${s.id}\n\n${s.content}`)
+                    .join('\n\n');
+                // Prepend H1 title if markers specify one
+                newManagedBody = markers.title
+                    ? `# ${markers.title}\n\n${sectionText}`
+                    : sectionText;
+            }
+            // Cleanup detection
+            const userContent = parsed.userContent;
+            const cleanupNeeded = needsCleanup(newManagedBody, userContent);
+            // Build the full managed block
+            const beginLine = formatBeginMarker(markers.begin, coreVersion);
+            const endLine = formatEndMarker(markers.end);
+            const parts = [];
+            if (parsed.beforeContent) {
+                parts.push(parsed.beforeContent);
+                parts.push('');
+            }
+            parts.push(beginLine);
+            if (cleanupNeeded) {
+                parts.push('');
+                parts.push(CLEANUP_FLAG);
             }
-            sortSectionsByOrder(sections);
-            const sectionText = sections
-                .map((s) => `## ${s.id}\n\n${s.content}`)
-                .join('\n\n');
-            // Prepend H1 title if markers specify one (e.g., "# Jeeves Platform Tools")
-            newManagedBody = markers.title
-                ? `# ${markers.title}\n\n${sectionText}`
-                : sectionText;
-        }
-        // Cleanup detection
-        const userContent = parsed.userContent;
-        const cleanupNeeded = needsCleanup(newManagedBody, userContent);
-        // Build the full managed block
-        const beginLine = formatBeginMarker(markers.begin, coreVersion);
-        const endLine = formatEndMarker(markers.end);
-        const parts = [];
-        if (parsed.beforeContent) {
-            parts.push(parsed.beforeContent);
             parts.push('');
-        }
-        parts.push(beginLine);
-        if (cleanupNeeded) {
+            parts.push(newManagedBody);
             parts.push('');
-            parts.push(CLEANUP_FLAG);
-        }
-        parts.push('');
-        parts.push(newManagedBody);
-        parts.push('');
-        parts.push(endLine);
-        if (userContent) {
+            parts.push(endLine);
+            if (userContent) {
+                parts.push('');
+                parts.push(userContent);
+            }
             parts.push('');
-            parts.push(userContent);
-        }
-        parts.push('');
-        const newFileContent = parts.join('\n');
-        // Atomic write: write to temp file, then rename
-        const tempPath = join(dir, `.${String(Date.now())}.tmp`);
-        writeFileSync(tempPath, newFileContent, 'utf-8');
-        renameSync(tempPath, filePath);
+            const newFileContent = parts.join('\n');
+            atomicWrite(filePath, newFileContent);
+        });
     }
     catch (err) {
         // Log warning but don't throw — writer cycles are periodic
         const message = err instanceof Error ? err.message : String(err);
         console.warn(`jeeves-core: updateManagedSection failed for ${filePath}: ${message}`);
     }
-    finally {
-        if (release) {
-            try {
-                await release();
-            }
-            catch {
-                // Lock already released or file deleted — safe to ignore
-            }
-        }
-    }
 }
 
 var agentsSectionContent = `## Memory Architecture
@@ -18213,7 +19514,7 @@ function loadConfig(configDir) {
  * @returns The resolved service URL.
  * @throws Error if `init()` has not been called or the service is unknown.
  */
-function getServiceUrl(serviceName, consumerName) {
+function getServiceUrl$1(serviceName, consumerName) {
     // 2. Check core config
     const coreDir = getCoreConfigDir();
     const coreConfig = loadConfig(coreDir);
@@ -18259,7 +19560,7 @@ function extractPort(url) {
  * @returns Probe result.
  */
 async function probeService(serviceName, consumerName, timeoutMs = 3000) {
-    const url = getServiceUrl(serviceName);
+    const url = getServiceUrl$1(serviceName);
     const port = extractPort(url);
     const endpoints = ['/status', '/health'];
     for (const endpoint of endpoints) {
@@ -18364,6 +19665,63 @@ function checkRegistryVersion(packageName, cacheDir, ttlSeconds = 3600) {
     }
 }
 
+/**
+ * Build enriched service rows for the Platform template.
+ *
+ * @remarks
+ * Merges health probe results with component version state and
+ * npm registry update availability into rows for the Handlebars
+ * Platform template.
+ */
+/**
+ * Check whether an available version is newer than the current one.
+ *
+ * @param available - Registry version string.
+ * @param current - Currently installed version string.
+ * @returns The available version if it's newer, otherwise undefined.
+ */
+function newerVersion(available, current) {
+    if (!available ||
+        !current ||
+        !semver.valid(available) ||
+        !semver.valid(current)) {
+        return undefined;
+    }
+    return semver.gt(available, current) ? available : undefined;
+}
+/**
+ * Build enriched service rows for the Platform Handlebars template.
+ *
+ * @param options - Probe results, version state, and configuration.
+ * @returns Array of enriched service rows.
+ */
+function buildServiceRows(options) {
+    const { probeResults, componentVersions, cacheDir, skipRegistryCheck } = options;
+    return probeResults.map((r) => {
+        const entry = componentVersions[r.name];
+        if (!entry)
+            return { ...r };
+        let availableServiceVersion;
+        let availablePluginVersion;
+        if (!skipRegistryCheck) {
+            if (entry.servicePackage) {
+                const registryVersion = checkRegistryVersion(entry.servicePackage, cacheDir);
+                availableServiceVersion = newerVersion(registryVersion, r.version);
+            }
+            if (entry.pluginPackage && entry.pluginVersion) {
+                const registryVersion = checkRegistryVersion(entry.pluginPackage, cacheDir);
+                availablePluginVersion = newerVersion(registryVersion, entry.pluginVersion);
+            }
+        }
+        return {
+            ...r,
+            pluginVersion: entry.pluginVersion,
+            availableServiceVersion,
+            availablePluginVersion,
+        };
+    });
+}
+
 /**
  * Internal function to maintain SOUL.md, AGENTS.md, and TOOLS.md Platform section.
  *
@@ -18417,15 +19775,28 @@ function copyTemplates(coreConfigDir) {
 }
 /** Whether Handlebars helpers have been registered. */
 let helpersRegistered = false;
-/**
- * Register Handlebars helpers used in the Platform template.
- */
+/** Register Handlebars helpers used in the Platform template. */
 function registerHelpers() {
     if (helpersRegistered)
         return;
     helpersRegistered = true;
     Handlebars.registerHelper('gt', (a, b) => typeof a === 'number' && typeof b === 'number' && a > b);
 }
+/**
+ * Check if a newer core version is available on npm.
+ *
+ * @returns The newer version string, or undefined.
+ */
+function checkCoreUpdate(coreVersion, cacheDir) {
+    const registryVersion = checkRegistryVersion('@karmaniverous/jeeves', cacheDir);
+    if (registryVersion &&
+        semver.valid(registryVersion) &&
+        semver.valid(coreVersion) &&
+        semver.gt(registryVersion, coreVersion)) {
+        return registryVersion;
+    }
+    return undefined;
+}
 /**
  * Refresh platform content: SOUL.md, AGENTS.md, and TOOLS.md Platform section.
  *
@@ -18437,55 +19808,46 @@ async function refreshPlatformContent(options) {
     const coreConfigDir = getCoreConfigDir();
     // 1. Probe all services
     const probeResults = await probeAllServices(undefined, probeTimeoutMs);
-    const unhealthyServices = probeResults.filter((r) => !r.healthy);
-    // 2. Registry version checks
+    // 2. Write calling component's version entry (with serviceVersion from probe)
+    if (componentName) {
+        const callerProbe = probeResults.find((r) => r.name === componentName);
+        writeComponentVersion(coreConfigDir, {
+            componentName,
+            serviceVersion: callerProbe?.version,
+            pluginVersion: componentVersion,
+            servicePackage,
+            pluginPackage,
+        });
+    }
+    // 3. Read all component versions from the shared state file
+    const componentVersions = readComponentVersions(coreConfigDir);
+    // 4. Build enriched service rows with registry checks
     const cacheDir = componentName
         ? getComponentConfigDir(componentName)
         : coreConfigDir;
-    let availableCoreVersion;
-    let availableServiceVersion;
-    let availablePluginVersion;
-    if (!skipRegistryCheck) {
-        const coreRegistryVersion = checkRegistryVersion('@karmaniverous/jeeves', cacheDir);
-        if (coreRegistryVersion && coreRegistryVersion !== coreVersion) {
-            availableCoreVersion = coreRegistryVersion;
-        }
-        if (servicePackage) {
-            const svcVersion = checkRegistryVersion(servicePackage, cacheDir);
-            if (svcVersion) {
-                availableServiceVersion = svcVersion;
-            }
-        }
-        if (pluginPackage) {
-            const plgVersion = checkRegistryVersion(pluginPackage, cacheDir);
-            if (plgVersion) {
-                availablePluginVersion = plgVersion;
-            }
-        }
-    }
-    // 3. Build enriched service rows — match the calling component by name
-    const serviceRows = probeResults.map((r) => ({
-        ...r,
-        pluginVersion: r.name === componentName ? componentVersion : undefined,
-        availableServiceVersion: r.name === componentName ? availableServiceVersion : undefined,
-        availablePluginVersion: r.name === componentName ? availablePluginVersion : undefined,
-    }));
-    // 5. Check if templates are available
+    const availableCoreVersion = skipRegistryCheck
+        ? undefined
+        : checkCoreUpdate(coreVersion, cacheDir);
+    const serviceRows = buildServiceRows({
+        probeResults,
+        componentVersions,
+        cacheDir,
+        skipRegistryCheck,
+    });
+    // 5. Render Platform template
     const templatePath = join(coreConfigDir, TEMPLATES_DIR);
-    const templatesAvailable = existsSync(templatePath);
-    // 6. Render Platform template
     registerHelpers();
     const template = Handlebars.compile(toolsPlatformTemplate);
     const templateData = {
         services: serviceRows,
-        unhealthyServices,
+        unhealthyServices: serviceRows.filter((r) => !r.healthy),
         coreVersion,
         availableCoreVersion,
-        templatesAvailable,
+        templatesAvailable: existsSync(templatePath),
         templatePath,
     };
     const platformContent = template(templateData);
-    // 7. Write TOOLS.md Platform section
+    // 6. Write TOOLS.md Platform section
     const toolsPath = join(workspacePath, WORKSPACE_FILES.tools);
     await updateManagedSection(toolsPath, platformContent, {
         mode: 'section',
@@ -18494,7 +19856,7 @@ async function refreshPlatformContent(options) {
         coreVersion,
         stalenessThresholdMs,
     });
-    // 8. Write SOUL.md managed block
+    // 7. Write SOUL.md managed block
     const soulPath = join(workspacePath, WORKSPACE_FILES.soul);
     await updateManagedSection(soulPath, soulSectionContent, {
         mode: 'block',
@@ -18502,7 +19864,7 @@ async function refreshPlatformContent(options) {
         coreVersion,
         stalenessThresholdMs,
     });
-    // 9. Write AGENTS.md managed block
+    // 8. Write AGENTS.md managed block
     const agentsPath = join(workspacePath, WORKSPACE_FILES.agents);
     await updateManagedSection(agentsPath, agentsSectionContent, {
         mode: 'block',
@@ -18510,7 +19872,7 @@ async function refreshPlatformContent(options) {
         coreVersion,
         stalenessThresholdMs,
     });
-    // 10. Copy templates to config dir
+    // 9. Copy templates to config dir
     copyTemplates(coreConfigDir);
 }
 
@@ -18590,6 +19952,8 @@ class ComponentWriter {
                 coreVersion: CORE_VERSION,
             });
             // Platform content maintenance: SOUL.md, AGENTS.md, Platform section
+            // refreshPlatformContent also writes the component version entry
+            // (with serviceVersion from probe) to the shared state file.
             await refreshPlatformContent({
                 coreVersion: CORE_VERSION,
                 componentName: this.component.name,
@@ -18744,88 +20108,204 @@ function createComponentWriter(component, options) {
 }
 
 /**
- * Resolve the OpenClaw workspace root from the plugin API.
+ * Plugin resolution helpers for the OpenClaw plugin SDK.
  *
  * @remarks
- * Tries three sources in order:
- * 1. `api.config.agents.defaults.workspace` — explicit config (most authoritative)
- * 2. `api.resolvePath('.')` — gateway-provided path resolver
- * 3. `process.cwd()` — last resort (unsafe when gateway runs from system32)
- *
- * The config value is checked first because `api.resolvePath('.')` delegates
- * to `path.resolve('.')`, which returns `process.cwd()` — not the workspace.
- * When the gateway runs as a Windows service from `C:\Windows\system32`,
- * `resolvePath('.')` returns system32, not the configured workspace.
- *
- * Plugins should call this once at registration time and pass the result
- * to `init({ workspacePath })`.
+ * Provides workspace path resolution and plugin setting resolution
+ * with a standard three-step fallback chain:
+ * plugin config → environment variable → default value.
  */
 /**
  * Resolve the workspace root from the OpenClaw plugin API.
  *
- * @param api - The plugin API object provided by the gateway at registration.
+ * @remarks
+ * Tries three sources in order:
+ * 1. `api.config.agents.defaults.workspace` — explicit config
+ * 2. `api.resolvePath('.')` — gateway-provided path resolver
+ * 3. `process.cwd()` — last resort
+ *
+ * @param api - The plugin API object provided by the gateway.
  * @returns Absolute path to the workspace root.
  */
 function resolveWorkspacePath(api) {
-    // 1. Explicit config value (most authoritative)
     const configured = api.config?.agents?.defaults?.workspace;
     if (typeof configured === 'string' && configured.trim()) {
         return configured;
     }
-    // 2. Gateway-provided path resolver
     if (typeof api.resolvePath === 'function') {
         return api.resolvePath('.');
     }
-    // 3. Last resort — unsafe when gateway runs from system32
     return process.cwd();
 }
-
 /**
- * Shared constants for the jeeves-server OpenClaw plugin.
+ * Resolve a plugin setting via the standard three-step fallback chain:
+ * plugin config → environment variable → fallback value.
+ *
+ * @param api - Plugin API object.
+ * @param pluginId - Plugin identifier (e.g., 'jeeves-watcher-openclaw').
+ * @param key - Config key within the plugin's config object.
+ * @param envVar - Environment variable name.
+ * @param fallback - Default value if neither source provides one.
+ * @returns The resolved setting value.
  */
-/** Plugin identifier used in OpenClaw config and extension paths. */
-const PLUGIN_ID = 'jeeves-server-openclaw';
+function resolvePluginSetting(api, pluginId, key, envVar, fallback) {
+    const fromPlugin = api.config?.plugins?.entries?.[pluginId]?.config?.[key];
+    if (typeof fromPlugin === 'string')
+        return fromPlugin;
+    const fromEnv = process.env[envVar];
+    if (fromEnv)
+        return fromEnv;
+    return fallback;
+}
 
 /**
- * Shared types and utility functions for the OpenClaw plugin tool registrations.
+ * HTTP helpers for the OpenClaw plugin SDK.
+ *
+ * @remarks
+ * Thin wrappers around `fetch` that throw on non-OK responses
+ * and handle JSON serialisation/deserialisation.
+ */
+/**
+ * Fetch JSON from a URL, throwing on non-OK responses.
+ *
+ * @param url - URL to fetch.
+ * @param init - Optional `fetch` init options.
+ * @returns Parsed JSON response body.
+ * @throws Error with `HTTP {status}: {body}` message on non-OK responses.
  */
-const DEFAULT_API_URL = 'http://127.0.0.1:1934';
-/** Extract plugin config from the API object. */
-function getPluginConfig(api) {
-    return api.config?.plugins?.entries?.[PLUGIN_ID]?.config;
+async function fetchJson(url, init) {
+    const res = await fetch(url, init);
+    if (!res.ok) {
+        throw new Error('HTTP ' + String(res.status) + ': ' + (await res.text()));
+    }
+    return res.json();
 }
-/** Resolve the server API base URL from plugin config. */
-function getApiUrl(api) {
-    const url = getPluginConfig(api)?.apiUrl;
-    return typeof url === 'string' ? url : DEFAULT_API_URL;
+
+/**
+ * OpenClaw configuration helpers for plugin CLI installers.
+ *
+ * @remarks
+ * Provides resolution of OpenClaw home directory and config file path,
+ * plus idempotent config patching for plugin install/uninstall.
+ */
+/**
+ * Resolve the OpenClaw home directory.
+ *
+ * @remarks
+ * Resolution order:
+ * 1. `OPENCLAW_CONFIG` env var → dirname of the config file path
+ * 2. `OPENCLAW_HOME` env var → resolved path
+ * 3. Default: `~/.openclaw`
+ *
+ * @returns Absolute path to the OpenClaw home directory.
+ */
+function resolveOpenClawHome() {
+    if (process.env.OPENCLAW_CONFIG) {
+        return dirname(resolve(process.env.OPENCLAW_CONFIG));
+    }
+    if (process.env.OPENCLAW_HOME) {
+        return resolve(process.env.OPENCLAW_HOME);
+    }
+    return join(homedir(), '.openclaw');
 }
-/** Resolve the plugin key seed from plugin config. */
-function getPluginKey(api) {
-    const key = getPluginConfig(api)?.pluginKey;
-    return typeof key === 'string' ? key : undefined;
+/**
+ * Resolve the OpenClaw config file path.
+ *
+ * @remarks
+ * If `OPENCLAW_CONFIG` is set, uses that directly.
+ * Otherwise defaults to `{home}/openclaw.json`.
+ *
+ * @param home - The OpenClaw home directory.
+ * @returns Absolute path to the config file.
+ */
+function resolveConfigPath(home) {
+    if (process.env.OPENCLAW_CONFIG) {
+        return resolve(process.env.OPENCLAW_CONFIG);
+    }
+    return join(home, 'openclaw.json');
 }
-/** Derive HMAC key from seed. */
-function deriveKey(seed) {
-    return createHmac('sha256', seed)
-        .update('insider')
-        .digest('hex')
-        .substring(0, 32);
+/**
+ * Patch an allowlist array: add or remove the plugin ID.
+ *
+ * @returns A log message if a change was made, or undefined.
+ */
+function patchAllowList(parent, key, label, pluginId, mode) {
+    {
+        if (!Array.isArray(parent[key]))
+            return undefined;
+        const list = parent[key];
+        const filtered = list.filter((id) => id !== pluginId);
+        if (filtered.length !== list.length) {
+            parent[key] = filtered;
+            return `Removed "${pluginId}" from ${label}`;
+        }
+    }
+    return undefined;
 }
-/** Append auth key query param to a URL. */
-function withAuth(url, keySeed) {
-    if (!keySeed)
-        return url;
-    const derived = deriveKey(keySeed);
-    const sep = url.includes('?') ? '&' : '?';
-    return url + sep + 'key=' + derived;
+/**
+ * Patch an OpenClaw config for plugin install or uninstall.
+ *
+ * @remarks
+ * Manages `plugins.entries.{pluginId}` and `tools.alsoAllow`.
+ * Idempotent: adding twice produces no duplicates; removing when absent
+ * produces no errors.
+ *
+ * @param config - The parsed OpenClaw config object (mutated in place).
+ * @param pluginId - The plugin identifier.
+ * @param mode - Whether to add or remove the plugin.
+ * @returns Array of log messages describing changes made.
+ */
+function patchConfig(config, pluginId, mode) {
+    const messages = [];
+    // Ensure plugins section
+    if (!config.plugins || typeof config.plugins !== 'object') {
+        config.plugins = {};
+    }
+    const plugins = config.plugins;
+    // plugins.entries
+    if (!plugins.entries || typeof plugins.entries !== 'object') {
+        plugins.entries = {};
+    }
+    const entries = plugins.entries;
+    if (pluginId in entries) {
+        Reflect.deleteProperty(entries, pluginId);
+        messages.push(`Removed "${pluginId}" from plugins.entries`);
+    }
+    // tools.alsoAllow
+    if (!config.tools || typeof config.tools !== 'object') {
+        config.tools = {};
+    }
+    const tools = config.tools;
+    const toolAlsoAllow = patchAllowList(tools, 'alsoAllow', 'tools.alsoAllow', pluginId);
+    if (toolAlsoAllow)
+        messages.push(toolAlsoAllow);
+    return messages;
 }
-/** Format a successful tool result. */
+
+/**
+ * Tool result formatters for the OpenClaw plugin SDK.
+ *
+ * @remarks
+ * Provides standardised helpers for building `ToolResult` objects:
+ * success, error, and connection-error variants.
+ */
+/**
+ * Format a successful tool result.
+ *
+ * @param data - Arbitrary data to return as JSON.
+ * @returns A `ToolResult` with JSON-stringified content.
+ */
 function ok(data) {
     return {
         content: [{ type: 'text', text: JSON.stringify(data, null, 2) }],
     };
 }
-/** Format an error tool result. */
+/**
+ * Format an error tool result.
+ *
+ * @param error - Error instance, string, or other value.
+ * @returns A `ToolResult` with `isError: true`.
+ */
 function fail(error) {
     const message = error instanceof Error ? error.message : String(error);
     return {
@@ -18833,8 +20313,21 @@ function fail(error) {
         isError: true,
     };
 }
-/** Format a connection error with actionable guidance. */
-function connectionFail(error, baseUrl) {
+/**
+ * Format a connection error with actionable guidance.
+ *
+ * @remarks
+ * Detects `ECONNREFUSED`, `ENOTFOUND`, and `ETIMEDOUT` from
+ * `error.cause.code` and returns a user-friendly message referencing
+ * the plugin's `config.apiUrl` setting. Falls back to `fail()` for
+ * non-connection errors.
+ *
+ * @param error - Error instance (typically from `fetch`).
+ * @param baseUrl - The URL that was being contacted.
+ * @param pluginId - The plugin identifier for config guidance.
+ * @returns A `ToolResult` with `isError: true`.
+ */
+function connectionFail(error, baseUrl, pluginId) {
     const cause = error instanceof Error ? error.cause : undefined;
     const code = cause && typeof cause === 'object' && 'code' in cause
         ? String(cause.code)
@@ -18846,9 +20339,9 @@ function connectionFail(error, baseUrl) {
                 {
                     type: 'text',
                     text: [
-                        'Server not reachable at ' + baseUrl + '.',
-                        'Either start the jeeves-server service, or if it runs on a different port,',
-                        'set plugins.entries.jeeves-server-openclaw.config.apiUrl in openclaw.json.',
+                        `Service not reachable at ${baseUrl}.`,
+                        'Either start the service, or if it runs on a different port,',
+                        `set plugins.entries.${pluginId}.config.apiUrl in openclaw.json.`,
                     ].join('\n'),
                 },
             ],
@@ -18857,14 +20350,12 @@ function connectionFail(error, baseUrl) {
     }
     return fail(error);
 }
-/** Fetch JSON from a URL, throwing on non-OK responses. */
-async function fetchJson(url, init) {
-    const res = await fetch(url, init);
-    if (!res.ok) {
-        throw new Error('HTTP ' + String(res.status) + ': ' + (await res.text()));
-    }
-    return res.json();
-}
+
+/**
+ * Shared constants for the jeeves-server OpenClaw plugin.
+ */
+/** Plugin identifier used in OpenClaw config and extension paths. */
+const PLUGIN_ID = 'jeeves-server-openclaw';
 
 /**
  * Generates the Server menu string for TOOLS.md injection.
@@ -18961,6 +20452,38 @@ async function generateServerMenu(apiUrl) {
     return lines.join('\n');
 }
 
+/**
+ * Server-specific HMAC authentication helpers for the OpenClaw plugin.
+ *
+ * @remarks
+ * These helpers handle insider key derivation and URL signing for
+ * authenticated requests to jeeves-server. Generic helpers (ok, fail,
+ * connectionFail, fetchJson, etc.) are imported from `@karmaniverous/jeeves`.
+ *
+ * @packageDocumentation
+ */
+/** Resolve the plugin key seed from plugin config. */
+function getPluginKey(api) {
+    const config = api.config?.plugins?.entries?.[PLUGIN_ID]?.config;
+    const key = config?.pluginKey;
+    return typeof key === 'string' ? key : undefined;
+}
+/** Derive HMAC key from seed. */
+function deriveKey(seed) {
+    return createHmac('sha256', seed)
+        .update('insider')
+        .digest('hex')
+        .substring(0, 32);
+}
+/** Append auth key query param to a URL. */
+function withAuth(url, keySeed) {
+    if (!keySeed)
+        return url;
+    const derived = deriveKey(keySeed);
+    const sep = url.includes('?') ? '&' : '?';
+    return url + sep + 'key=' + derived;
+}
+
 /**
  * Server tool registrations (server_* tools) for the OpenClaw plugin.
  */
@@ -18990,7 +20513,7 @@ function registerApiTool(api, baseUrl, keySeed, config) {
                 return ok(data);
             }
             catch (error) {
-                return connectionFail(error, baseUrl);
+                return connectionFail(error, baseUrl, PLUGIN_ID);
             }
         },
     }, { optional: true });
@@ -19121,75 +20644,6 @@ function registerServerTools(api, baseUrl) {
     }
 }
 
-/**
- * OpenClaw home and config path resolution.
- *
- * @remarks
- * Shared by the CLI installer and the in-process plugin commands.
- */
-/**
- * Resolve the OpenClaw home directory from environment or default.
- */
-function resolveOpenClawHome() {
-    if (process.env.OPENCLAW_CONFIG)
-        return dirname(resolve(process.env.OPENCLAW_CONFIG));
-    if (process.env.OPENCLAW_HOME)
-        return resolve(process.env.OPENCLAW_HOME);
-    return join(homedir(), '.openclaw');
-}
-/**
- * Resolve the OpenClaw config file path from environment or default.
- */
-function resolveConfigPath(home) {
-    if (process.env.OPENCLAW_CONFIG)
-        return resolve(process.env.OPENCLAW_CONFIG);
-    return join(home, 'openclaw.json');
-}
-
-/**
- * OpenClaw config patching utilities.
- *
- * @remarks
- * Shared by both the `npx ... install|uninstall` CLI and by in-process
- * plugin commands.
- */
-function patchAllowList(parent, key, label, mode) {
-    if (!Array.isArray(parent[key]) || parent[key].length === 0)
-        return undefined;
-    const list = parent[key];
-    {
-        const filtered = list.filter((id) => id !== PLUGIN_ID);
-        if (filtered.length !== list.length) {
-            parent[key] = filtered;
-            return 'Removed "' + PLUGIN_ID + '" from ' + label;
-        }
-    }
-    return undefined;
-}
-function patchConfig(config, mode) {
-    const messages = [];
-    if (!config.plugins || typeof config.plugins !== 'object')
-        config.plugins = {};
-    const plugins = config.plugins;
-    const pluginAllow = patchAllowList(plugins, 'allow', 'plugins.allow');
-    if (pluginAllow)
-        messages.push(pluginAllow);
-    if (!plugins.entries || typeof plugins.entries !== 'object')
-        plugins.entries = {};
-    const entries = plugins.entries;
-    if (PLUGIN_ID in entries) {
-        Reflect.deleteProperty(entries, PLUGIN_ID);
-        messages.push('Removed "' + PLUGIN_ID + '" from plugins.entries');
-    }
-    if (!config.tools || typeof config.tools !== 'object')
-        config.tools = {};
-    const tools = config.tools;
-    const toolAllow = patchAllowList(tools, 'allow', 'tools.allow');
-    if (toolAllow)
-        messages.push(toolAllow);
-    return messages;
-}
-
 /**
  * Shared plugin removal logic for extension directory and config cleanup.
  *
@@ -19214,7 +20668,7 @@ function removePlugin(home, configPath) {
     if (existsSync(configPath)) {
         const raw = readFileSync(configPath, 'utf8');
         const config = JSON.parse(raw);
-        const patchMessages = patchConfig(config);
+        const patchMessages = patchConfig(config, PLUGIN_ID);
         if (patchMessages.length > 0) {
             writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
             messages.push(...patchMessages);
@@ -19307,18 +20761,17 @@ function createPluginCommands() {
 /** Plugin version derived from package.json at runtime. */
 const require$1 = createRequire(import.meta.url);
 const { version: PLUGIN_VERSION } = require$1('../package.json');
-/** Default config root when not specified in plugin config. */
-const DEFAULT_CONFIG_ROOT = 'j:/config';
 /** Refresh interval in seconds (must be prime). */
 const REFRESH_INTERVAL_SECONDS = 61;
 /** Active writer instance — stopped on re-registration to prevent leaks. */
 let activeWriter = null;
-/**
- * Extract the configRoot from plugin config.
- */
+/** Resolve the server API base URL from plugin config or environment. */
+function getServiceUrl(api) {
+    return resolvePluginSetting(api, PLUGIN_ID, 'apiUrl', 'JEEVES_SERVER_URL', 'http://127.0.0.1:1934');
+}
+/** Resolve the platform config root from plugin config or environment. */
 function getConfigRoot(api) {
-    const root = getPluginConfig(api)?.configRoot;
-    return typeof root === 'string' ? root : DEFAULT_CONFIG_ROOT;
+    return resolvePluginSetting(api, PLUGIN_ID, 'configRoot', 'JEEVES_CONFIG_ROOT', 'j:/config');
 }
 /** Register all jeeves-server tools and start the TOOLS.md writer. */
 function register(api) {
@@ -19327,7 +20780,7 @@ function register(api) {
         activeWriter.stop();
         activeWriter = null;
     }
-    const baseUrl = getApiUrl(api);
+    const baseUrl = getServiceUrl(api);
     registerServerTools(api, baseUrl);
     // Initialize jeeves-core
     const workspacePath = resolveWorkspacePath(api);