@krimto-labs/krimto 0.2.34 → 0.2.36

package/README.md

@@ -9,28 +9,59 @@ place and reads the right slice of it — Alice's preferences override the team'
 conventions override the org's standards, and every fact carries a paper trail (author, source,
 timestamp, reviewer).
 
-> **Where we are:** **v0.2.18** is the current published release — a consolidated UX redesign over
-> the v0.2.16 storage / index / access layers (which are all unchanged). Everything from v0.2.16
-> (markdown-in-git storage, `user → team → org` hierarchy, hybrid retrieval, server-enforced access,
-> two-way git sync, MCP over stdio + HTTP, the Docker image, the web UI, the complete CLI) is still
-> here, plus a substantial UX redesign on top. What's new in v0.2.18:
+> **Where we are:** **v0.2.36** is the current release — the v0.2.17 wizard redesign is now
+> shipped end-to-end, plus nineteen patch releases of correctness fixes and agent-friendly
+> surface. The v0.2.16 architecture (markdown-in-git storage, `user → team → org` hierarchy,
+> hybrid retrieval, server-enforced access, two-way git sync, MCP over stdio + HTTP, the Docker
+> image, the web UI) is unchanged. What you get on top of v0.2.16:
 >
-> - **One-command interactive setup wizard** (`krimto init`) — five questions with preselected
->   defaults; absorbs `connect`, `init`, `setup-remote`, and `setup-embeddings` into one flow.
-> - **Team-mode wizard** (`krimto team init` / `krimto join` / `krimto team disband`) — admins
->   onboard their team in one command; teammates join with a single line from a DM template.
-> - **Per-note CLI** (`krimto notes` / `edit` / `mv` / `supersede` / `tag`) — browse, search,
->   and edit notes from the terminal without opening the browser.
-> - **Settings shortcuts** (`krimto editors` / `search` / `service` / `reset`) — change one
->   thing without re-running the whole wizard. `reset` cleanly disconnects + uninstalls; `--wipe-notes`
->   moves data to a recoverable trash sibling, never `rm -rf`.
-> - **Notes-app `/ui`** — plain-English scope labels (Just me / Team name / Org name), inline
->   Edit + Move + Delete on every note, and a consolidated **Settings** page for the engineering
->   panels.
+> **The setup story (v0.2.17 → v0.2.21).**
+> - **One-command interactive setup wizard** (`krimto init`) — five questions, preselected
+>   defaults. Reads `git config user.email` for identity; detects editors at both project
+>   level (`.cursor/`, `CLAUDE.md`) and machine level (`~/.cursor/`, `~/.claude.json`).
+> - **Reconfigure menu** — re-runs of `krimto init` show a "Krimto on this machine:"
+>   summary with a real **Service:** line driven by lock + launchctl reality (not just
+>   config snapshot). "Keep current" prompts let you Enter-through.
 >
-> See [ROADMAP.md](ROADMAP.md), [CHANGELOG.md](CHANGELOG.md), and
-> [docs/krimto-v0.2.17-maria-journey.html](docs/krimto-v0.2.17-maria-journey.html) for the design
-> rationale and what each release added.
+> **The teardown story (v0.2.32 → v0.2.33).**
+> - **`krimto stop` / `start` / `restart`** — first-class verbs for the off-ramp the original
+>   wizard forgot. Idempotent. `stop` keeps the plist on disk so `start` can reload it.
+> - **`krimto reset [--yes] [--wipe-notes]`** — aggressive sweep across all editors (Cursor
+>   JSON + Claude Code CLI scopes user/project/local) + launchd/systemd uninstall + lock
+>   cleanup. `--wipe-notes` collapses to one named-consequence prompt.
+>
+> **The runtime story (v0.2.26 → v0.2.30).**
+> - **`/ui` notes-app redesign** — warm-paper Fraunces serif aesthetic, scope cards with
+>   emoji icons (📔 Just me / 📓 Team / 🏢 Org), notes timeline with per-row Edit / Move /
+>   Delete / View file. `krimto ui` opens it.
+> - **Single reconciled runtime view** (`inspectRuntime`) — every read-side command (status,
+>   verify-connection, whoami, reconfigure menu) routes through the same lock + launchctl +
+>   editor-config probe. No more "status says one thing, verify says another."
+> - **Service-first install ordering + port-ready probe** — wizard installs the service
+>   first, waits for `:8080` to accept TCP, then writes editor configs. Cursor's file
+>   watcher never fires into an unbound port (the v0.2.27/28 ECONNREFUSED fix).
+>
+> **The agent story (v0.2.34 → v0.2.36).**
+> - **Phase B agent flags** — `editors --add cursor`, `service --always`, `search --keyword`,
+>   `reset --yes`, `remote --set <url>`, `folder --to <path>`. Every command that used to
+>   open an interactive prompt now has a flag form.
+> - **Non-TTY guards** — interactive commands without flags exit 2 with copy-pasteable
+>   usage instead of hanging on an unanswerable prompt.
+> - **`krimto whoami` + `set identity <email>`** + a **`krimto_whoami` MCP tool** so agents
+>   stop hallucinating identity.
+> - **Editor attribution via User-Agent sniffing** — facts saved over HTTP automatically
+>   carry `source: "cursor"` / `"claude-code"` / etc., so the dashboard's "saved from a
+>   Cursor chat" line works without prompting agents.
+> - **Cursor `alwaysApply: true` frontmatter** so `.cursor/rules/krimto.mdc` auto-attaches
+>   instead of requiring the user to type "krimto" first.
+> - **`krimto team init` lands you in team mode (v0.2.36)** — the wizard restarts the running
+>   service into team mode itself (no copy-paste recipe, no lock conflict), saves invite keys
+>   to a 0600 backup file, and validates the git remote URL at the prompt. `krimto notes` now
+>   works from any terminal (identity falls back to `git config user.email`).
+>
+> See [ROADMAP.md](ROADMAP.md), [CHANGELOG.md](CHANGELOG.md), and the proposal-vs-reality
+> diff in [docs/krimto-v0.2.17-maria-journey.html §09](docs/krimto-v0.2.17-maria-journey.html)
+> for the design rationale + what each patch caught.
 
 ## Try it in 90 seconds (solo, no account)
 
@@ -76,6 +107,33 @@ what your agent has been calling.
 **Power-user / CI:** `npx @krimto-labs/krimto init --yes` skips all prompts and applies
 defaults non-interactively. `--all` and `--minimal` keep their v0.2.16 meaning.
 
+### Setting Krimto up programmatically (AI agents, CI)
+
+Krimto is designed to be driven by Claude Code, Cursor, Codex, and similar AI agents that
+don't have a stdin TTY. Every interactive command has a flag form:
+
+```bash
+# The one-command full install (defaults: detected editors, as-needed run mode):
+krimto init --yes
+
+# Or pick the pieces:
+krimto editors --add cursor --add claude-code --yes    # wire editors
+krimto service --always                                # install background service
+krimto search --keyword                                # keyword search (default)
+krimto search --openai --api-key sk-...                # semantic search
+krimto remote --set git@github.com:acme/krimto.git     # cross-machine sync
+krimto status                                          # machine-readable check
+krimto stop / start / restart                          # idempotent service control
+```
+
+Run any interactive command (`editors`, `service`, `search`, `remote`, `folder`, `reset`)
+without a flag from a non-TTY shell and you get `exit 2` with copy-pasteable flag usage,
+not a hung-prompt warning. `krimto --help` has a dedicated **For AI agents (no TTY)**
+block at the top.
+
+The HTTP MCP handler also **sniffs `User-Agent`** to auto-stamp facts with `source:
+"cursor"` / `"claude-code"` / etc. — no agent-prompt convention needed.
+
 ## Connect your agent
 
 Krimto is one MCP server — point any client at `http://localhost:8080/mcp`. Verified for **Claude Code**
@@ -136,66 +194,77 @@ The in-product **Connect** page (`/ui/connect`) shows this same rule with a copy
 
 Everything is reachable via `npx`. Run `npx @krimto-labs/krimto --help` for the full list. All
 commands print clean, sectioned output with ✅ / ⚠️ / 🟢 status indicators and copy-paste shell
-commands. Grouped by purpose:
+commands. The seven groups below match `--help`'s structure.
 
 **Get connected (start here)**
 
 | Command | What it does |
 |---|---|
-| `init` | Interactive setup wizard — five questions, preselected defaults. Connects detected editors, applies the standing rule, optionally installs a background service. `--yes` skips prompts; legacy `--all` / `--minimal` still work. |
-| `serve` | Start the HTTP server (port 8080) + browser `/ui` dashboard |
-| `connect` | Print copy-paste config for Claude Code & Cursor (manual path) |
-| `uninit` | Strip the standing rule from this project's rules files |
+| `init [--yes]` | Interactive setup wizard — five questions, preselected defaults. Connects detected editors, applies the standing rule, optionally installs a background service. `--yes` skips prompts; legacy `--all` / `--minimal` still work. |
+| `connect` | Print copy-paste config for Claude Code & Cursor (manual path) — substitutes your real `git config user.email` for the identity. |
+| `uninit [--also-stop | --keep-running]` | Strip the standing rule from this project's rules files. Offers to stop the service too (or skip the prompt with the flags). |
 
-**Daily use** (v0.2.17-2 Phase D)
+**Look at your notes**
 
 | Command | What it does |
 |---|---|
 | `notes [query]` | List notes grouped by plain-English scope (`Just me` / team name / org name). With a query: ranked search via `krimto_recall`. |
-| `edit <id>` | Open the fact's `.md` in `$EDITOR`; reindexes on save. Validates frontmatter; restores immutable fields. |
-| `mv <id> <scope>` | Move a note between scopes (id preserved). Refuses if `canWrite` fails on either side. `user/me` resolves to the caller's identity. |
-| `supersede <id>` | Replace a note with a new version. Old version stays in git history + index (hidden from recall). |
-| `tag <id> +new -old ...` | Add or remove tags via frontmatter rewrite. Lowercase kebab-case enforced. |
+| `ui` | Open `http://localhost:8080/ui` in your browser. |
+| `open` | Reveal the notes folder in your OS file manager (`open` / `xdg-open` / `explorer`). |
+| `edit <id>` | Open the fact's `.md` in `$EDITOR`; reindexes on save. |
+| `mv <id> <scope>` | Move a note between scopes (id preserved). |
+| `supersede <id>` | Replace a note with a new version. Old stays in git. |
+| `tag <id> +new -old ...` | Add or remove tags via frontmatter rewrite. |
+| `rm <id>` | Delete a fact (file + index + git deletion commit). |
 
-**Team mode** (v0.2.17.1 Phase C)
+**Stop & reset** (v0.2.32+)
 
 | Command | What it does |
 |---|---|
-| `team init` | Admin-side wizard: admin email, team slug, optional git remote, initial teammates. Prints the admin key + per-teammate keys + a copy-paste DM template. |
-| `join --server <url> --key <key>` | Teammate-side: detects editors, writes HTTP MCP config with the bearer header + the standing rule. |
-| `team disband [--yes]` | Per-machine step-back to solo mode: rewrites HTTP MCP entries as stdio. Notes / `members.yaml` / git history untouched. |
+| `stop` | Stop the running krimto (uninstalls/unloads service if installed, SIGTERMs an ad-hoc PID). Plist stays on disk so `start` can reload it. Idempotent. |
+| `start` | Start krimto (re-bootstraps the existing plist). Honest message when no service is configured. |
+| `restart` | `stop` + `start`. Atomic on always-running mode via `launchctl kickstart -k`. |
+| `uninit` | Project-only undo (rule files only). Offers to stop the service too. |
+| `reset [--yes] [--wipe-notes]` | Disconnect every editor (Cursor JSON + Claude Code CLI across user/project/local scopes) + uninstall service + wipe API-key store. `--wipe-notes` collapses to one named-consequence prompt. |
 
-**Change settings** (v0.2.17-4 Phase B)
+**Is it working?**
 
 | Command | What it does |
 |---|---|
-| `editors` | Add or remove editor connections (checkbox prompt with current state preselected). |
-| `search` | Flip between Keyword and OpenAI search. Verifies the OpenAI key before persisting. |
-| `service` | Switch run mode (as-needed / always-running / manual). Installs or uninstalls the platform service. |
-| `reset [--yes] [--wipe-notes]` | Disconnect from all editors + uninstall service + wipe local keys. `--wipe-notes` atomically moves the data dir to a timestamped trash sibling (recoverable). |
+| `status` | One-screen consolidator: running PID + mode + launched-by, editors, storage, add-ons, recent activity, hijack warning. Nudges toward `service --always` when running ad-hoc. |
+| `whoami` | Print the active `KRIMTO_IDENTITY` and every place it's set (each editor's MCP config + the service unit env). Flags mismatches. |
+| `verify-connection` / `where` / `storage` / `usage` | Back-compat aliases — preserve their original stdout, point at `status` on stderr. |
 
-**Diagnose**
+**Configure (after first run)** — every command accepts flags so agents can drive them non-interactively.
 
 | Command | What it does |
 |---|---|
-| `status` | One-screen consolidator (v0.2.17): connections, storage, optional add-ons, recent activity, hijack warning. |
-| `verify-connection` / `where` / `storage` / `usage` | Legacy verbs — still work, point at `status` for the consolidated view. |
-| `setup-remote <url>` | Wire the data dir to a git remote and verify the initial push. |
-| `setup-embeddings` | Send a real test embedding to verify a `KRIMTO_EMBED_*` config. |
+| `editors --add <name> / --remove <name> / --set <list>` | Wire / unwire editors (Cursor / Claude Code / Codex / Gemini). `--list` prints current connections. No-flag form prompts interactively when a TTY is available. |
+| `service --as-needed / --always / --manual` | Switch run mode. Flag form skips the prompt. `service stop` / `service start` are aliases for `stop` / `start`. |
+| `search --keyword / --openai --api-key sk-...` | Switch search provider. The OpenAI path verifies the key before persisting. |
+| `remote --show / --set <url> / --remove` | Manage the git remote (also reachable as `setup-remote <url>`). |
+| `folder --to <path> [--yes]` | Guided move of the data dir. Stops service, atomic rename (cross-fs fallback), reinstalls service with new env, prints `export KRIMTO_DATA=` hint. |
+| `set identity <email>` | Change `KRIMTO_IDENTITY` everywhere atomically (editor MCP configs + service env). Preserves other env keys. |
 
-**Storage**
+**Team**
 
 | Command | What it does |
 |---|---|
-| `rm <id>` | Delete a fact (file + index + git deletion commit). Refuses while a server holds the lock. |
-| `reindex` | Rebuild `index.db` from the markdown files (fixes orphans left by manual `rm` of .md files). |
+| `team init` | Admin-side wizard: admin email, team slug, optional git remote, initial teammates. Prints admin key + per-teammate keys + a DM template. |
+| `team disband [--yes]` | Per-machine step-back to solo mode. Notes / `members.yaml` / git history untouched. |
+| `join --server <url> --key <key>` | Teammate-side: detects editors, writes HTTP MCP config with the bearer header + the standing rule. |
 
-**Other**
+**Advanced / scripting**
 
 | Command | What it does |
 |---|---|
-| (no args) | Start the stdio MCP server (default; for MCP clients to launch) |
-| `--help`, `-h` | Show the full CLI surface |
+| `serve` | Start the HTTP server in the foreground (port 8080) + browser `/ui` dashboard. |
+| `setup-remote <url>` | One-shot git remote setup (verifies the initial push). |
+| `setup-embeddings` | Send a real test embedding to verify a `KRIMTO_EMBED_*` config. |
+| `reindex` | Rebuild `index.db` from markdown (fixes orphans). |
+| `delete <id>` | Alias for `rm`. |
+| (no args) | Start the stdio MCP server (default; for MCP clients to launch). |
+| `--help`, `-h` | Show the full CLI surface — includes a `For AI agents (no TTY)` block at the top with copy-paste flag examples. |
 
 The stdio entrypoint enforces a **single-writer lock** on the data dir (`.krimto/lock.json`) — two
 Krimto processes can no longer race on the same `~/.krimto`. A second `serve`/stdio launch is
@@ -344,14 +413,14 @@ admin surface.
 
 ### Option C — Docker (HTTP + bearer auth, containerized)
 
-Build the image and run it (a published image is coming):
+The published multi-arch image at `ghcr.io/krimto-labs/krimto:latest` (built for `linux/amd64` and
+`linux/arm64`) is the default path:
 
 ```bash
-docker build -t krimto .
 docker run -d --name krimto -p 8080:8080 \
   -e KRIMTO_BOOTSTRAP_ADMIN=you@acme.com \
   -v ~/.krimto:/data \
-  krimto
+  ghcr.io/krimto-labs/krimto:latest
 docker logs krimto | grep "admin API key"   # the key is printed once
 ```
 
@@ -359,17 +428,19 @@ The container serves MCP at `http://localhost:8080/mcp` (bearer auth) and health
 `/health/ready`; facts persist in the mounted `/data` volume. Point your agent at it with the same
 `"url"` + `Bearer` config as Option B.
 
-**Pulling a published image (no local build):** pushing a `v*` git tag runs
-[`.github/workflows/docker-publish.yml`](.github/workflows/docker-publish.yml), which publishes the
-image to `ghcr.io/krimto-labs/krimto`. After the first release tag you can skip `docker build` and run
-the published image directly:
+**Building locally** — only needed if you're developing Krimto or pinning to an unreleased
+commit:
 
 ```bash
+docker build -t krimto .
 docker run -d --name krimto -p 8080:8080 \
   -e KRIMTO_BOOTSTRAP_ADMIN=you@acme.com -v ~/.krimto:/data \
-  ghcr.io/krimto-labs/krimto:latest
+  krimto
 ```
 
+The published image is built and pushed by
+[`.github/workflows/docker-publish.yml`](.github/workflows/docker-publish.yml) on every `v*` tag.
+
 ### Web UI (humans)
 
 When the HTTP server is running, open `http://localhost:8080/ui`. In local mode (no
@@ -431,9 +502,9 @@ Cline — is table stakes today, so Krimto ships it but doesn't lead with it.
 
 ## Roadmap
 
-`v0.2` (teams) → `v0.2.18` (UX redesign — wizards, per-note CLI, notes-app `/ui` — published) →
-`v0.3` (OAuth + PR approval flow) → `v1.0` (Krimto Cloud). See [ROADMAP.md](ROADMAP.md) for the
-per-release breakdown.
+`v0.2` (teams, v0.2.5) → `v0.2.18` (v0.2.17 wizard redesign — published as one SemVer-clean
+release) → `v0.2.36` (correctness + agent-friendly polish — current) → `v0.3` (OAuth + PR approval
+flow) → `v1.0` (Krimto Cloud). See [ROADMAP.md](ROADMAP.md) for the per-release breakdown.
 
 ## License
 

package/bin/krimto.mjs

@@ -521,7 +521,7 @@ try {
     const { resolveDataDir, resolveIdentity } = await tsImport("../src/server/index.ts", import.meta.url);
     const result = await runNotes({
       dataDir: resolveDataDir(),
-      identity: resolveIdentity(),
+      identity: await resolveIdentity(),
       query: typeof query === "string" && query.length > 0 ? query : undefined,
     });
     process.stdout.write(result.message);
@@ -534,7 +534,7 @@ try {
     }
     const { runEdit } = await tsImport("../src/cli/edit.ts", import.meta.url);
     const { resolveDataDir, resolveIdentity } = await tsImport("../src/server/index.ts", import.meta.url);
-    const result = await runEdit({ dataDir: resolveDataDir(), identity: resolveIdentity(), id });
+    const result = await runEdit({ dataDir: resolveDataDir(), identity: await resolveIdentity(), id });
     process.stdout.write(result.message);
     if (result.status !== "ok" && result.status !== "no-change") process.exitCode = 1;
   } else if (cmd === "mv") {
@@ -551,7 +551,7 @@ try {
     const { resolveDataDir, resolveIdentity } = await tsImport("../src/server/index.ts", import.meta.url);
     const result = await runMv({
       dataDir: resolveDataDir(),
-      identity: resolveIdentity(),
+      identity: await resolveIdentity(),
       id,
       newScope,
     });
@@ -568,7 +568,7 @@ try {
     const { resolveDataDir, resolveIdentity } = await tsImport("../src/server/index.ts", import.meta.url);
     const result = await runSupersede({
       dataDir: resolveDataDir(),
-      identity: resolveIdentity(),
+      identity: await resolveIdentity(),
       id,
     });
     process.stdout.write(result.message);
@@ -587,7 +587,7 @@ try {
     const { resolveDataDir, resolveIdentity } = await tsImport("../src/server/index.ts", import.meta.url);
     const result = await runTag({
       dataDir: resolveDataDir(),
-      identity: resolveIdentity(),
+      identity: await resolveIdentity(),
       id,
       changes,
     });
@@ -603,7 +603,7 @@ try {
     }
     const { runDeleteFact } = await tsImport("../src/cli/deleteFact.ts", import.meta.url);
     const { resolveDataDir, resolveIdentity } = await tsImport("../src/server/index.ts", import.meta.url);
-    const result = await runDeleteFact(resolveDataDir(), resolveIdentity(), id);
+    const result = await runDeleteFact(resolveDataDir(), await resolveIdentity(), id);
     process.stdout.write(result.message);
     if (result.status !== "ok") process.exitCode = 1;
   } else if (cmd === "reindex") {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@krimto-labs/krimto",
-  "version": "0.2.34",
+  "version": "0.2.36",
   "description": "Open-source team memory layer for AI agents — markdown files in git, user/team/org hierarchy, cross-vendor MCP server.",
   "license": "Apache-2.0",
   "type": "module",

package/src/cli/join.ts

@@ -11,6 +11,7 @@
 
 import { checkbox } from "@inquirer/prompts";
 import { promises as fs } from "node:fs";
+import * as os from "node:os";
 import * as path from "node:path";
 
 import { applyRule } from "../agentRule";
@@ -20,6 +21,7 @@ import {
   type EditorEnvironment,
   type EditorKind,
 } from "./init";
+import { inspectRuntime } from "./inspectRuntime";
 import { writeMcpConfig, type WriteAction } from "./mcpConfig";
 import { defaultIO, isExitPrompt, type WizardIO } from "./promptHelpers";
 
@@ -137,6 +139,15 @@ export async function runJoin(args: JoinArgs, opts: JoinOptions = {}): Promise<J
   try {
     io.out("\nKrimto — Joining team server\n\n");
     io.out(`  Server: ${normalizeServerUrl(args.server)}\n`);
+
+    // Smoke-6 follow-up: a teammate may have an EARLIER solo-mode Krimto service running on
+    // this machine. After join, their editor points at the admin's server (good) — but the
+    // local solo service keeps listening on localhost:8080 with no auth, serving whatever's
+    // in their solo data dir. Print one warning line so they can `krimto stop` first.
+    // Non-blocking, narrow: only fires when (a) a service-launched lock is alive, (b) the
+    // local /mcp returns anything other than 401 (i.e. not enforcing auth).
+    await warnIfLocalSoloServiceRunning(args.server, opts, io);
+
     io.out("  Detecting your editors...\n");
 
     const cwd = opts.cwd ?? process.cwd();
@@ -201,6 +212,61 @@ async function readMaybe(p: string): Promise<string | null> {
   }
 }
 
+/**
+ * Soft guard for the Plan-agent-flagged Risk (b): a teammate's earlier solo-mode Krimto
+ * service may still be running on this machine after join, serving solo notes on
+ * localhost:8080 with no auth. Print one warning line so they can `krimto stop` first.
+ * Best-effort, non-blocking — never refuses to proceed (that's the architectural fix's job).
+ */
+async function warnIfLocalSoloServiceRunning(
+  teamServerArg: string,
+  opts: JoinOptions,
+  io: WizardIO,
+): Promise<void> {
+  const dataDir = path.join(opts.homeDir ?? os.homedir(), ".krimto");
+  let runtime;
+  try {
+    runtime = await inspectRuntime(
+      dataDir,
+      opts.homeDir ? { homeDir: opts.homeDir } : {},
+    );
+  } catch {
+    return; // probe failed — say nothing rather than scare the user
+  }
+  if (!runtime.lock || !runtime.lock.alive || runtime.effectiveLaunchedBy !== "service") return;
+
+  // Same-machine joins (admin onboarding themselves) are NOT the case we want to warn about —
+  // their local service IS the team server. Skip the warning when the team-server URL is
+  // localhost / 127.0.0.1 / the host's own hostname.
+  const url = teamServerArg.toLowerCase();
+  if (
+    url.includes("localhost") ||
+    url.includes("127.0.0.1") ||
+    url.includes(os.hostname().toLowerCase())
+  ) {
+    return;
+  }
+
+  // Probe the local /mcp endpoint. 401 means auth is enforced (team mode) → no warning.
+  // Anything else (200, 405, timeout) → likely solo mode → warn.
+  let enforcingAuth = false;
+  try {
+    const res = await fetch("http://127.0.0.1:8080/mcp", {
+      signal: AbortSignal.timeout(1500),
+    });
+    enforcingAuth = res.status === 401;
+  } catch {
+    /* unreachable on :8080 — fall through and warn */
+  }
+  if (enforcingAuth) return;
+
+  io.err(
+    `\n⚠ A local Krimto service is also running on this machine (PID ${runtime.lock.pid}).\n` +
+      `  It serves notes in ${dataDir} on http://localhost:8080 with no auth.\n` +
+      `  If you don't need it: \`krimto stop\` then re-run \`krimto join …\`.\n\n`,
+  );
+}
+
 function printApplyResult(res: JoinResult, io: WizardIO): void {
   for (const o of res.editorOutcomes) {
     const label = EDITOR_LABEL[o.editor];

package/src/cli/mcpConfig.ts

@@ -148,25 +148,62 @@ export async function writeMcpConfig(
  * matching `mcp remove`, but we don't depend on it).
  */
 export async function removeMcpConfig(env: EditorEnvironment): Promise<{ removed: boolean }> {
-  if (env.mcpWire === null || env.mcpWire.method !== "json") return { removed: false };
-  let text: string;
-  try {
-    text = await fs.readFile(env.mcpWire.path, "utf8");
-  } catch {
-    return { removed: false };
+  if (env.mcpWire === null) return { removed: false };
+
+  if (env.mcpWire.method === "json") {
+    let text: string;
+    try {
+      text = await fs.readFile(env.mcpWire.path, "utf8");
+    } catch {
+      return { removed: false };
+    }
+    let parsed: Record<string, unknown>;
+    try {
+      parsed = JSON.parse(text) as Record<string, unknown>;
+    } catch {
+      return { removed: false };
+    }
+    const servers = parsed[env.mcpWire.key] as Record<string, unknown> | undefined;
+    if (!servers || !("krimto" in servers)) return { removed: false };
+    const { krimto: _krimto, ...rest } = servers; // eslint-disable-line @typescript-eslint/no-unused-vars
+    parsed[env.mcpWire.key] = rest;
+    await fs.writeFile(env.mcpWire.path, JSON.stringify(parsed, null, 2) + "\n", "utf8");
+    return { removed: true };
   }
-  let parsed: Record<string, unknown>;
-  try {
-    parsed = JSON.parse(text) as Record<string, unknown>;
-  } catch {
-    return { removed: false };
+
+  // v0.2.35 — CLI method (Claude Code). The smoke-6 transcript caught reset reporting "No
+  // editors were connected" while `claude mcp list` still showed krimto. Root cause: this
+  // function used to bail at the top with `method !== "json"`, so the CLI path was never
+  // exercised. The reset SWEEP rule (always run cleanup, never trust detection) covers the
+  // intent here too — we shell out to `claude mcp remove krimto` across the three scopes
+  // Claude Code supports (local / user / project). Each call is idempotent: if krimto
+  // isn't registered at a scope, claude prints "MCP server krimto not found" and exits
+  // non-zero, which we swallow. We mark removed=true when ANY scope succeeds.
+  if (env.mcpWire.method === "cli") {
+    return { removed: await removeClaudeMcpAllScopes(env.mcpWire.command) };
+  }
+
+  return { removed: false };
+}
+
+/**
+ * v0.2.35 — try `claude mcp remove krimto -s <scope>` for each known scope. Returns true
+ * when at least one succeeds. The user's krimto entry may live in any scope depending on
+ * which directory they were in when they originally ran `claude mcp add`, so we sweep all
+ * three. Errors are best-effort (no-op when nothing's registered at that scope).
+ */
+async function removeClaudeMcpAllScopes(claudeBinary: string): Promise<boolean> {
+  const scopes = ["local", "user", "project"] as const;
+  let anyRemoved = false;
+  for (const scope of scopes) {
+    try {
+      await exec(claudeBinary, ["mcp", "remove", "krimto", "-s", scope]);
+      anyRemoved = true;
+    } catch {
+      // "MCP server krimto not found" at this scope — fine, try the next.
+    }
   }
-  const servers = parsed[env.mcpWire.key] as Record<string, unknown> | undefined;
-  if (!servers || !("krimto" in servers)) return { removed: false };
-  const { krimto: _krimto, ...rest } = servers; // eslint-disable-line @typescript-eslint/no-unused-vars
-  parsed[env.mcpWire.key] = rest;
-  await fs.writeFile(env.mcpWire.path, JSON.stringify(parsed, null, 2) + "\n", "utf8");
-  return { removed: true };
+  return anyRemoved;
 }
 
 // --- internal helpers -------------------------------------------------------

package/src/cli/setupRemote.ts

@@ -14,13 +14,18 @@ export interface SetupRemoteResult {
   url: string;
 }
 
-// Minimal guard against obvious typos. Anything with whitespace or no `/`/`:` separator
-// (e.g. "not a url") is rejected up front; everything else is handed to git, which is the
-// authoritative URL parser (accepts ssh, https, file://, bare local paths, etc.).
-function looksLikeRemoteUrl(url: string): boolean {
+// Reject anything that isn't an obvious git remote BEFORE we hand it to `git`. Smoke-6
+// transcript showed `github.com/krimto-labs/foo.git` (no protocol, no user) reaching git and
+// failing only at push time — by which point the wizard had already printed success messages.
+// Tightened to require one of the well-known transport prefixes (or an absolute filesystem
+// path). git is still the authoritative parser for everything past this gate.
+const VALID_REMOTE_PREFIXES = ["git@", "https://", "http://", "ssh://", "file://"];
+
+export function looksLikeRemoteUrl(url: string): boolean {
   if (url.trim() !== url || url.length === 0) return false;
   if (/\s/.test(url)) return false;
-  return /[:/]/.test(url);
+  if (url.startsWith("/")) return true;
+  return VALID_REMOTE_PREFIXES.some((p) => url.startsWith(p));
 }
 
 export async function runSetupRemote(dataDir: string, url: string): Promise<SetupRemoteResult> {
@@ -47,7 +52,7 @@ export async function runSetupRemote(dataDir: string, url: string): Promise<Setu
         `\n   ${url}\n` +
         `\n━━ Next ━━\n` +
         `\n   To also auto-pull teammates' edits (every 60s), set on next boot:\n` +
-        `     $ export KRIMTO_GIT_REMOTE=${url}\n` +
+        `     export KRIMTO_GIT_REMOTE=${url}\n` +
         `\n   The batcher will auto-push every commit from now on regardless.\n`,
     };
   }

package/src/cli/teamInit.ts

@@ -22,8 +22,10 @@ import { ApiKeyStore } from "../access/auth";
 import { addUser, createTeam } from "../access/membershipStore";
 import { bootstrapAdmin } from "../server/bootstrap";
 import { defaultIdentity } from "./init";
+import { inspectRuntime } from "./inspectRuntime";
 import { defaultIO, isExitPrompt, type WizardIO } from "./promptHelpers";
-import { runSetupRemote } from "./setupRemote";
+import { detectPlatform, installService } from "./service";
+import { looksLikeRemoteUrl, runSetupRemote } from "./setupRemote";
 
 /** Everything the wizard collects before it calls {@link applyTeamInit}. */
 export interface TeamInitAnswers {
@@ -58,6 +60,13 @@ export interface TeamInitResult {
   serverHost: string;
   /** Resolved data dir the wizard wrote membership/keys into. */
   dataDir: string;
+  /**
+   * Path to the 0600-mode invite file written at apply time, when any keys were minted.
+   * Unset when there was nothing new to save (idempotent rerun where admin + all teammates
+   * already had keys). Admin's key is shown-once-only — losing it from scrollback used to
+   * require `reset-admin-key`; the file is the recoverable backup.
+   */
+  inviteFilePath?: string;
 }
 
 export interface TeamInitOptions {
@@ -68,6 +77,14 @@ export interface TeamInitOptions {
   keysPath?: string;
   /** Override KRIMTO_HTTP_PORT detection. */
   port?: number;
+  /** Override os.homedir() — passed to inspectRuntime + installService for tests. */
+  homeDir?: string;
+  /** When true, the post-apply service-restart step writes files but never invokes
+   * launchctl/systemctl/schtasks. Tests use this to assert the new env block without
+   * mutating CI's user services. */
+  dryRun?: boolean;
+  /** Suppress the post-apply service-restart probe entirely (tests that don't exercise it). */
+  skipServiceRestart?: boolean;
   /** Skip `runSetupRemote` even when a URL was given. Tests use this. */
   skipRemoteSetup?: boolean;
 }
@@ -123,6 +140,24 @@ export async function applyTeamInit(
   }
 
   const port = opts.port ?? Number(process.env.KRIMTO_HTTP_PORT ?? "8080");
+  const serverHost = `localhost:${port}`;
+
+  // 5. Save plaintext keys + DM template to a 0600 file. Admin's key is shown-once-only;
+  // teammates' keys are shown-once-each. Without this file the only recovery is
+  // `reset-admin-key` (admin) or re-issuing each invite (teammates) — both unnecessary churn.
+  let inviteFilePath: string | undefined;
+  if (adminKey || invites.length > 0) {
+    inviteFilePath = await writeInviteFile({
+      dataDir,
+      adminEmail: answers.adminEmail,
+      adminKey,
+      teamSlug: answers.teamSlug,
+      teamName: answers.teamName,
+      invites,
+      serverHost,
+    });
+  }
+
   return {
     adminEmail: answers.adminEmail,
     adminKey,
@@ -130,11 +165,60 @@ export async function applyTeamInit(
     teamName: answers.teamName,
     remote,
     invites,
-    serverHost: `localhost:${port}`,
+    serverHost,
     dataDir,
+    ...(inviteFilePath ? { inviteFilePath } : {}),
   };
 }
 
+/**
+ * Write the team-invite file to `<dataDir>/.krimto/team-invites-<ISO-timestamp>.txt` with
+ * mode 0o600. Filename's timestamp colons are replaced with dashes so the path is portable
+ * across filesystems. Returns the absolute path.
+ */
+async function writeInviteFile(input: {
+  dataDir: string;
+  adminEmail: string;
+  adminKey: string | null;
+  teamSlug: string;
+  teamName?: string;
+  invites: InviteRecord[];
+  serverHost: string;
+}): Promise<string> {
+  const ts = new Date().toISOString().replace(/:/g, "-").replace(/\.\d+Z$/, "Z");
+  const file = path.join(input.dataDir, ".krimto", `team-invites-${ts}.txt`);
+  const teamLabel = input.teamName ? `${input.teamSlug} ("${input.teamName}")` : input.teamSlug;
+  const adminBlock = input.adminKey
+    ? `━━ Admin ━━\n  ${input.adminEmail.padEnd(28)} ${input.adminKey}\n\n`
+    : `━━ Admin ━━\n  ${input.adminEmail} — existing key kept (no new one minted).\n\n`;
+  const inviteBlock =
+    input.invites.length > 0
+      ? "━━ Teammates (send each their key) ━━\n" +
+        input.invites.map((i) => `  ${i.email.padEnd(28)} ${i.key}`).join("\n") +
+        "\n\n"
+      : "";
+  const dmTemplate =
+    "━━ DM template (one per teammate) ━━\n" +
+    "  1. Install Krimto:\n" +
+    `     npx @krimto-labs/krimto join \\\n` +
+    `         --server http://${input.serverHost} \\\n` +
+    `         --key <your key from above>\n` +
+    "  2. Restart your editor.\n" +
+    "  3. Test: \"Remember our package manager is pnpm\" → new chat → \"What do we use?\"\n\n" +
+    (input.serverHost.startsWith("localhost:")
+      ? "  Note: `localhost` only works if your teammates are on this same machine.\n" +
+        "  Swap the --server URL for a reachable address before sharing.\n"
+      : "");
+  const body =
+    `Krimto team mode — saved ${new Date().toISOString()}\n` +
+    `Team: ${teamLabel}\n\n` +
+    adminBlock +
+    inviteBlock +
+    dmTemplate;
+  await fs.writeFile(file, body, { encoding: "utf8", mode: 0o600 });
+  return file;
+}
+
 // === Interactive entry point ===============================================
 
 /**
@@ -166,7 +250,14 @@ export async function runTeamInit(opts: TeamInitOptions = {}): Promise<TeamInitR
       { adminEmail, teamSlug, teamName, gitRemote, teammates },
       opts,
     );
-    printApplyResult(result, io);
+
+    // Probe runtime + offer to restart the always-running service so team-mode auth takes
+    // effect on the SAME machine, in the SAME wizard run. The smoke-6 transcript ended with
+    // a copy-paste "Next" recipe (`KRIMTO_BOOTSTRAP_ADMIN=... npx serve`) the user couldn't
+    // run because their existing service held the data-dir lock. This closes that gap.
+    const restartOutcome = await maybeRestartServiceForTeamMode(result, opts);
+
+    printApplyResult(result, io, restartOutcome);
     return result;
   } catch (e) {
     if (isExitPrompt(e)) {
@@ -231,7 +322,14 @@ async function askGitRemote(io: WizardIO): Promise<string | undefined> {
   const url = (
     await input({
       message: "Remote URL (e.g. git@github.com:acme/krimto-data.git)",
-      validate: (v) => (v.trim().length > 0 ? true : "Please paste a URL or pick 'Not yet'"),
+      validate: (v) => {
+        const t = v.trim();
+        if (t.length === 0) return "Please paste a URL or pick 'Not yet'";
+        if (!looksLikeRemoteUrl(t)) {
+          return "URL must start with git@, https://, http://, ssh://, file://, or / (no bare 'github.com/...')";
+        }
+        return true;
+      },
     })
   ).trim();
   io.out("Will verify the push during apply.\n");
@@ -254,6 +352,74 @@ async function askTeammates(): Promise<string[]> {
   return list;
 }
 
+// === Post-apply service restart =============================================
+
+/**
+ * What happened when the wizard tried to flip the running service into team mode after apply.
+ * Drives the "Next" block in {@link printApplyResult}: when team mode is live, we don't print
+ * the copy-paste `KRIMTO_BOOTSTRAP_ADMIN=... npx serve` recipe.
+ */
+export type RestartOutcome =
+  | { kind: "no-service" }
+  | { kind: "declined" }
+  | { kind: "restarted"; portReady: boolean }
+  | { kind: "failed"; error: string };
+
+/**
+ * If the running Krimto IS the always-running service we installed, offer to restart it with
+ * `KRIMTO_BOOTSTRAP_ADMIN` baked in so team-mode auth takes effect immediately. Returns the
+ * outcome for the print step to render. Skipped silently when {@link TeamInitOptions.skipServiceRestart}
+ * is set (tests that don't want to exercise this path).
+ */
+async function maybeRestartServiceForTeamMode(
+  result: TeamInitResult,
+  opts: TeamInitOptions,
+): Promise<RestartOutcome> {
+  if (opts.skipServiceRestart) return { kind: "no-service" };
+  const io = opts.io ?? defaultIO;
+
+  const runtime = await inspectRuntime(
+    result.dataDir,
+    opts.homeDir ? { homeDir: opts.homeDir } : {},
+  );
+  if (!runtime.service.loaded || runtime.effectiveLaunchedBy !== "service") {
+    return { kind: "no-service" };
+  }
+
+  const wantRestart = await confirm({
+    message: "Restart the running Krimto service so team mode is enforced now? (~3s of downtime)",
+    default: true,
+  });
+  if (!wantRestart) return { kind: "declined" };
+
+  io.out("\n  Restarting service in team mode...\n");
+  try {
+    const install = await installService(
+      {
+        binPath: process.execPath,
+        args: [process.argv[1] ?? "krimto", "serve"],
+        env: {
+          KRIMTO_IDENTITY: result.adminEmail,
+          KRIMTO_DATA: result.dataDir,
+          KRIMTO_HTTP_PORT: "8080",
+          KRIMTO_BOOTSTRAP_ADMIN: result.adminEmail,
+        },
+        ...(opts.homeDir ? { homeDir: opts.homeDir } : {}),
+      },
+      {
+        platform: detectPlatform(),
+        ...(opts.dryRun ? { dryRun: opts.dryRun } : {}),
+      },
+    );
+    return { kind: "restarted", portReady: install.portReady !== false };
+  } catch (e) {
+    return { kind: "failed", error: e instanceof Error ? e.message : String(e) };
+  }
+}
+
+// Exposed for the integration test that asserts on the env block written to the plist.
+export { maybeRestartServiceForTeamMode };
+
 // === Pretty printing ========================================================
 
 function printPreamble(dataDir: string, io: WizardIO): void {
@@ -273,7 +439,7 @@ function printSummary(a: TeamInitAnswers, io: WizardIO): void {
   io.out(`  Teammates:    ${a.teammates.length === 0 ? "(none yet)" : a.teammates.join(", ")}\n\n`);
 }
 
-function printApplyResult(res: TeamInitResult, io: WizardIO): void {
+function printApplyResult(res: TeamInitResult, io: WizardIO, restart: RestartOutcome): void {
   io.out("  ✓ Admin promoted + members.yaml updated\n");
   io.out(`  ✓ Team "${res.teamSlug}" created\n`);
   if (res.invites.length > 0) {
@@ -302,7 +468,7 @@ function printApplyResult(res: TeamInitResult, io: WizardIO): void {
     }
     io.out("\n━━ DM template for each teammate ━━\n\n");
     io.out("  1. Install Krimto:\n");
-    io.out(`     $ npx @krimto-labs/krimto join \\\n`);
+    io.out(`     npx @krimto-labs/krimto join \\\n`);
     io.out(`         --server http://${res.serverHost} \\\n`);
     io.out(`         --key <your key from above>\n`);
     io.out("  2. Restart your editor.\n");
@@ -316,9 +482,31 @@ function printApplyResult(res: TeamInitResult, io: WizardIO): void {
     }
   }
 
+  if (res.inviteFilePath) {
+    io.out("━━ Backup ━━\n\n");
+    io.out(`  All keys + the DM template are also saved to:\n    ${res.inviteFilePath}\n`);
+    io.out(`  (mode 0600 — read by you only. Delete it once teammates have their keys.)\n\n`);
+  }
+
+  // The "Next" block depends on whether the running service was just flipped into team mode.
+  // When it was, the user's already done — just hand them the dashboard URL. When it wasn't
+  // (no service, declined, or install failed), fall back to the original copy-paste recipe.
   io.out("━━ Next ━━\n\n");
-  io.out("  • Start the server in team mode (if not already):\n");
-  io.out(`      $ KRIMTO_BOOTSTRAP_ADMIN=${res.adminEmail} npx @krimto-labs/krimto serve\n`);
-  io.out("  • View the dashboard at http://localhost:8080/ui/admin\n");
+  if (restart.kind === "restarted" && restart.portReady) {
+    io.out(`  🟢 Team mode is live on http://localhost:8080\n`);
+    io.out(`  • View the dashboard at http://localhost:8080/ui/admin\n`);
+  } else if (restart.kind === "restarted" && !restart.portReady) {
+    io.out(`  ⚠ Service restarted in team mode, but the port didn't come up in 10s.\n`);
+    io.out(`     Check /tmp/com.krimto.server.err.log (macOS) or \`journalctl --user -u krimto\` (Linux).\n`);
+    io.out(`  • View the dashboard at http://localhost:8080/ui/admin (once the port is up)\n`);
+  } else if (restart.kind === "failed") {
+    io.out(`  ⚠ Service restart failed: ${restart.error}\n`);
+    io.out(`     Start it yourself: KRIMTO_BOOTSTRAP_ADMIN=${res.adminEmail} npx @krimto-labs/krimto serve\n`);
+  } else {
+    // "declined" or "no-service" — print the original recipe (still without the literal `$`).
+    io.out("  • Start the server in team mode (if not already):\n");
+    io.out(`      KRIMTO_BOOTSTRAP_ADMIN=${res.adminEmail} npx @krimto-labs/krimto serve\n`);
+    io.out("  • View the dashboard at http://localhost:8080/ui/admin\n");
+  }
   io.out("  • Step back to solo with `krimto team disband` (data preserved)\n\n");
 }

package/src/cli/wizard.ts

@@ -25,6 +25,10 @@ import {
 } from "./init";
 import { runSetupEmbeddings } from "./setupEmbeddings";
 import { KRIMTO_VERSION } from "../server/index";
+import { inspectRuntime, type RuntimeState } from "./inspectRuntime";
+import { applyService } from "./serviceCmd";
+import * as os from "node:os";
+import * as path from "node:path";
 
 const EDITOR_LABEL: Record<EditorKind, string> = {
   cursor: "Cursor",
@@ -68,46 +72,88 @@ export async function runInitWizard(
   }
 }
 
-/** §06 — "Krimto is already set up on this machine. What would you like to do?" */
+/**
+ * §06 — reconfigure menu shown when `krimto init` is re-run on a configured machine.
+ *
+ * v0.2.35: drops the ambiguous "Krimto is already set up on this machine" header (users
+ * read "set up" as "running"). The new header is neutral — "Krimto on this machine:" —
+ * and adds a real **Service:** line driven by `inspectRuntime` (config-snapshot ≠ runtime).
+ * That way the user always knows whether a process is actually serving right now, not just
+ * whether a config exists on disk. A fifth menu choice — "Start it running continuously"
+ * — appears only when no service is currently loaded, so users who want a daemon find the
+ * button without leaving the menu.
+ */
 async function runReconfigureMenu(
   cwd: string,
   snapshot: SetupSnapshot,
   opts: RunWizardOptions,
   io: WizardIO,
 ): Promise<ApplyResult | null> {
+  // Match applyWizardAnswers's pattern: derive dataDir from homeDir when not explicitly
+  // passed. Tests rely on this so the runtime probe hits a test temp dir, not the user's
+  // real ~/.krimto.
+  const homeDir = opts.homeDir ?? os.homedir();
+  const dataDir = opts.dataDir ?? path.join(homeDir, ".krimto");
+  const runtime = await inspectRuntime(dataDir, { cwd, homeDir });
+
   io.out("\n");
-  io.out("Krimto is already set up on this machine.\n");
-  io.out(`  Editors:   ${snapshot.registeredEditors.map((e) => EDITOR_LABEL[e]).join(", ") || "(none)"}\n`);
-  io.out(`  Run mode:  ${runModeLabel(snapshot.runMode)}\n`);
+  io.out("Krimto on this machine:\n");
+  io.out(
+    `  Editors:   ${
+      snapshot.registeredEditors.map((e) => EDITOR_LABEL[e]).join(", ") || "(none)"
+    }\n`,
+  );
+  io.out(`  Service:   ${formatServiceLine(runtime)}\n`);
   io.out(`  Search:    ${searchLabel(snapshot.searchProvider)}\n`);
   io.out("\n");
 
+  // The "Start it running continuously" choice only makes sense when no daemon is alive.
+  // (When already running as a service, there's nothing to start; when running ad-hoc, the
+  // user is better served by `krimto service --always` AFTER stopping the ad-hoc one, which
+  // is more state than this menu wants to manage.)
+  const canStartService =
+    !runtime.service.loaded && !(runtime.lock?.alive ?? false);
+
+  const choices: Array<{
+    value: "refresh" | "reconfigure" | "status" | "start-service" | "quit";
+    name: string;
+    description: string;
+  }> = [
+    {
+      value: "refresh",
+      name: "Just refresh the standing rule in this project",
+      description:
+        "Re-applies the 'always use Krimto' rule to CLAUDE.md / .cursor/rules/ here.\nUse this when you just cloned a new repo.",
+    },
+    {
+      value: "reconfigure",
+      name: "Change settings (reconfigure)",
+      description:
+        "Re-runs the setup wizard with your current answers pre-filled.\nSkip anything you don't want to change.",
+    },
+    {
+      value: "status",
+      name: "View status",
+      description: "Show what's working, what's configured, recent activity.",
+    },
+  ];
+  if (canStartService) {
+    choices.push({
+      value: "start-service",
+      name: "Start it running continuously (install as a background service)",
+      description:
+        "Runs Krimto as a launchd / systemd-user / schtasks service so it stays up\nacross reboots. Equivalent to `krimto service --always`.",
+    });
+  }
+  choices.push({
+    value: "quit",
+    name: "Quit",
+    description: "Leave Krimto as it is.",
+  });
+
   const choice = await select({
     message: "What would you like to do?",
-    choices: [
-      {
-        value: "refresh" as const,
-        name: "Just refresh the standing rule in this project",
-        description:
-          "Re-applies the 'always use Krimto' rule to CLAUDE.md / .cursor/rules/ here.\nUse this when you just cloned a new repo.",
-      },
-      {
-        value: "reconfigure" as const,
-        name: "Change settings (reconfigure)",
-        description:
-          "Re-runs the setup wizard with your current answers pre-filled.\nSkip anything you don't want to change.",
-      },
-      {
-        value: "status" as const,
-        name: "View status",
-        description: "Show what's working, what's configured, recent activity.",
-      },
-      {
-        value: "quit" as const,
-        name: "Quit",
-        description: "Leave Krimto as it is.",
-      },
-    ],
+    choices,
   });
 
   if (choice === "quit") {
@@ -139,10 +185,70 @@ async function runReconfigureMenu(
     return null;
   }
 
+  if (choice === "start-service") {
+    // v0.2.35 — install + load the always-running service from inside the menu so users
+    // who want a daemon don't have to drop back to the shell and remember the flag name.
+    // Delegates to applyService which handles the platform-specific install + port probe.
+    io.out("\nInstalling background service...\n");
+    const installResult = await applyService("always-running", {
+      ...(opts.dataDir ? { dataDir: opts.dataDir } : {}),
+      ...(opts.homeDir ? { homeDir: opts.homeDir } : {}),
+      ...(opts.dryRun ? { dryRun: true } : {}),
+    });
+    if (installResult.install?.activated) {
+      const portMsg =
+        installResult.install.portReady === false
+          ? "  ⚠ Service installed but the HTTP port didn't come up within 10s. Check\n    /tmp/com.krimto.server.err.log.\n"
+          : "  ✓ Service started, port accepting connections.\n";
+      io.out("\n✅ Background service is now running.\n" + portMsg + "\n");
+    } else {
+      io.out("\n(Service was configured but not activated — likely a dry-run.)\n");
+    }
+    return null;
+  }
+
   // "reconfigure" — re-run the five questions with snapshot as defaults
   return runFreshWizard(cwd, opts, io, snapshot);
 }
 
+/**
+ * v0.2.35 — turn the reconciled runtime view into one human line for the reconfigure menu.
+ * Four cases (in priority order):
+ *   1. A live process holds the lock AND launched-by="service"   → "Running as background service (PID …, started Nm ago)"
+ *   2. A live process holds the lock, launched-by="ad-hoc"        → "Running ad-hoc (PID … — started by `krimto serve` or an editor)"
+ *   3. Service unit on disk but not loaded                        → "⚠ Installed but not running — `krimto start` to load it"
+ *   4. Nothing running, no unit on disk                            → "Not running (your editor launches it on demand via stdio)"
+ *
+ * This is the line that the smoke-6 user wanted: "is Krimto serving RIGHT NOW?" — driven
+ * by lock + launchctl/systemctl reality, not by the static config snapshot.
+ */
+function formatServiceLine(runtime: RuntimeState): string {
+  const lock = runtime.lock;
+  if (lock?.alive) {
+    const ago = humanAgoForLock(lock.started);
+    if (runtime.effectiveLaunchedBy === "service") {
+      return `Running as background service (PID ${lock.pid}, started ${ago})`;
+    }
+    return `Running ad-hoc (PID ${lock.pid} — started ${ago} by \`krimto serve\` or an editor)`;
+  }
+  if (runtime.service.installed) {
+    return "⚠ Installed but not running — `krimto start` to load it";
+  }
+  return "Not running (your editor launches it on demand via stdio)";
+}
+
+function humanAgoForLock(iso: string): string {
+  const t = Date.parse(iso);
+  if (Number.isNaN(t)) return iso;
+  const secs = Math.max(0, Math.round((Date.now() - t) / 1000));
+  if (secs < 60) return `${secs}s ago`;
+  const mins = Math.round(secs / 60);
+  if (mins < 60) return `${mins}m ago`;
+  const hrs = Math.round(mins / 60);
+  if (hrs < 24) return `${hrs}h ago`;
+  return `${Math.round(hrs / 24)}d ago`;
+}
+
 /** §03 — the fresh five-question flow. `snapshot` (when given) seeds the defaults. */
 async function runFreshWizard(
   cwd: string,
@@ -152,7 +258,7 @@ async function runFreshWizard(
 ): Promise<ApplyResult | null> {
   io.out(`\nKrimto — Setting up your AI's memory · v${KRIMTO_VERSION}\n\n`);
   const envs = await detectEditorEnvironments(cwd, opts.homeDir);
-  printScan(envs, io);
+  printScan(envs, snapshot?.registeredEditors ?? [], io);
 
   // v0.2.31 — Gap D, "Keep current" intermediate prompt. On reconfigure runs (snapshot !==
   // null), each question is wrapped in a two-stage "Keep current / Reconfigure..." select so
@@ -392,16 +498,22 @@ async function askSearch(
 
 // === Pretty printing ========================================================
 
-function printScan(envs: EditorEnvironment[], io: WizardIO): void {
+function printScan(envs: EditorEnvironment[], registered: EditorKind[], io: WizardIO): void {
+  // Four states. The crucial split is "detected" vs "connected to Krimto": the smoke-6 user saw
+  // four detected editors then "Keep current (Cursor, Claude Code)" and didn't realize the other
+  // two weren't actually wired to Krimto's MCP. Now the scan output names that distinction.
+  const wired = new Set(registered);
   io.out("  Scanning your machine ...\n\n");
   for (const env of envs) {
-    // v0.2.21: three states — project-level, machine-level only, not found.
-    const dot = env.present ? "✓" : env.installed ? "~" : "–";
-    const note = env.present
-      ? "detected (in this project)"
-      : env.installed
-        ? "installed (machine-wide)"
-        : "not found";
+    const isWired = wired.has(env.editor);
+    const dot = isWired ? "✓" : env.present ? "✓" : env.installed ? "~" : "–";
+    const note = isWired
+      ? "connected to Krimto"
+      : env.present
+        ? "detected, not yet connected"
+        : env.installed
+          ? "installed (machine-wide), not connected"
+          : "not found";
     io.out(`    ${dot} ${EDITOR_LABEL[env.editor].padEnd(14)} ${note}\n`);
   }
   io.out("\n");

package/src/server/banner.ts

@@ -3,15 +3,18 @@
 
 import { connectSnippets } from "./connect";
 
-/** The placeholder identity that resolves when KRIMTO_IDENTITY is unset. Keep in sync with resolveIdentity(). */
+/** The placeholder identity that resolves when KRIMTO_IDENTITY is unset AND git config user.email is
+ * unset/invalid. Keep in sync with resolveIdentity()'s final fallback. */
 export const DEFAULT_IDENTITY = "user@localhost";
 
 /**
  * G2 — warn when the resolved identity is the unset-placeholder default. Two Krimto processes
  * on the same data dir (e.g. Cursor's stdio launch + a separate `serve` in her terminal) often
  * resolve to different identities — the MCP config sets one, the bare shell doesn't. The result
- * is scope mismatch: she writes facts under one identity and sees a different scope in /ui.
- * Returns an empty string when the identity was explicitly set.
+ * is scope mismatch: facts saved under one identity, viewed under another in /ui. After the
+ * smoke-6 fix, `resolveIdentity()` falls back to global git user.email before this placeholder,
+ * so the warning only fires when both sources are missing.
+ * Returns an empty string when a real identity was resolved.
  */
 export function identityWarning(identity: string): string {
   if (identity !== DEFAULT_IDENTITY) return "";

package/src/server/index.ts

@@ -8,6 +8,11 @@ import { fileURLToPath } from "node:url";
 import { homedir } from "node:os";
 import * as path from "node:path";
 import { promises as fs } from "node:fs";
+import { execFile } from "node:child_process";
+import { promisify } from "node:util";
+
+const execFileAsync = promisify(execFile);
+const IDENTITY_EMAIL_RE = /^[^@\s]+@[^@\s]+$/;
 
 import { ApiKeyStore } from "../access/auth";
 import { bootstrapAdmin, reissueKey } from "./bootstrap";
@@ -49,14 +54,36 @@ import { type Requester } from "../access/scope";
 
 export type RequesterResolver = (extra: { authInfo?: AuthInfo }) => Requester;
 
-export const KRIMTO_VERSION = "0.2.34";
+export const KRIMTO_VERSION = "0.2.36";
 
 export function resolveDataDir(): string {
   return process.env.KRIMTO_DATA ?? path.join(homedir(), ".krimto");
 }
 
-export function resolveIdentity(): string {
-  return process.env.KRIMTO_IDENTITY ?? "user@localhost";
+/**
+ * Resolve the caller's identity in three steps: explicit env override, then the user's global
+ * git identity, then a last-resort placeholder.
+ *
+ * The git fallback closes the smoke-6 UX gap. The wizard sets `KRIMTO_IDENTITY` in editor MCP
+ * configs and the service plist — but not in the user's shell rc. Without the git fallback,
+ * a plain-terminal `krimto notes` ran as `user@localhost` and couldn't see facts the editor
+ * had saved under the wizard-configured identity — same data dir, two answers depending on
+ * shell env. The CLI now infers the same identity the wizard would have captured.
+ *
+ * Stays async because the git lookup shells out; every call site is already inside an async
+ * handler. Malformed env values fall through (we never persist a non-email as an identity).
+ */
+export async function resolveIdentity(): Promise<string> {
+  const env = process.env.KRIMTO_IDENTITY;
+  if (env && IDENTITY_EMAIL_RE.test(env)) return env;
+  try {
+    const { stdout } = await execFileAsync("git", ["config", "--global", "user.email"]);
+    const email = stdout.trim();
+    if (IDENTITY_EMAIL_RE.test(email)) return email;
+  } catch {
+    /* git missing, no global user.email — fall through to the placeholder */
+  }
+  return "user@localhost";
 }
 
 function ok(data: unknown): CallToolResult {
@@ -281,7 +308,7 @@ export async function main(): Promise<void> {
 
   // Load membership AFTER bootstrap so the new admin is present.
   let membership = await loadMembership(dataDir);
-  const identity = resolveIdentity();
+  const identity = await resolveIdentity();
   const embedCfg = embeddingConfigFromEnv();
   const embeddingProvider = createEmbeddingProvider(embedCfg);
   const indexConfig: IndexConfig = {