@lightcone-ai/daemon 0.23.5 → 0.23.7

package/src/_vendor/video/recorder/plan-executor.js

@@ -14,8 +14,9 @@
 // or unsafe coordinates throw — no silent skipping.
 
 import { ATOMS, ATOM_NAMES } from './atoms.js';
-import { findOverlappingUnsafeRegion } from '../understanding/schema.js';
+import { findBlockById, findOverlappingUnsafeRegion } from '../understanding/schema.js';
 import { getCdpSession } from '../cdp-touch.js';
+import { setSpotlight, clearSpotlight } from './spotlight.js';
 
 const V5_FIELDS_ON_SECTION = Object.freeze([
   'action',
@@ -93,7 +94,70 @@ function assertYNotInUnsafeRegion(y, { unsafeRegions, atomName, sectionId, opera
   }
 }
 
-function validateOperation(op, { sectionId, operationIndex, fullHeightPx, unsafeRegions }) {
+// Resolve a scroll_to operation's target scrollTop. Two mutually-exclusive forms:
+//
+//   { block: 'b3' } — frame a content block: the block's middle is placed at
+//     the viewport center, then the section holds STILL on it. The recorder
+//     owns this geometry so the agent never writes pixels. A block taller than
+//     the viewport just shows its centered slice held still — there is no pan,
+//     partial visibility is accepted (decided 2026-05-16: 定住，接受看不全).
+//
+//   { y: <number> } — raw scrollTop, for content-agnostic moves such as the
+//     opening lead-in drift (画面跟内容无关的漫滑).
+//
+// Result is clamped to [0, full_height_px - viewport_height].
+export function resolveScrollTargetY(op, {
+  blocks = [],
+  viewportHeight = 1920,
+  fullHeightPx = null,
+  sectionId = '?',
+  operationIndex = 0,
+} = {}) {
+  const hasBlock = typeof op?.block === 'string' && op.block.trim();
+  const hasY = Number.isFinite(Number(op?.y));
+
+  if (hasBlock && hasY) {
+    const error = new Error(
+      `operations_invalid: section "${sectionId}" operations[${operationIndex}] sets both `
+      + '`block` and `y` on a scroll_to — specify exactly one (block to frame a content block, '
+      + 'y for a raw content-agnostic move).',
+    );
+    error.code = 'OPERATIONS_INVALID';
+    throw error;
+  }
+
+  if (hasBlock) {
+    const blockId = op.block.trim();
+    const block = findBlockById(blocks, blockId);
+    if (!block) {
+      const known = blocks.map(b => b?.id).filter(Boolean).join(', ') || '(none)';
+      const error = new Error(
+        `block_not_found: section "${sectionId}" operations[${operationIndex}].block="${blockId}" `
+        + `is not a block id in page_understanding.blocks. Known ids: ${known}.`,
+      );
+      error.code = 'BLOCK_NOT_FOUND';
+      throw error;
+    }
+    // Center the block. A block taller than the viewport shows its centered
+    // slice — the section then holds still on it (no pan).
+    const target = (block.y_top + block.y_bottom) / 2 - viewportHeight / 2;
+    const maxScroll = Number.isFinite(fullHeightPx) && fullHeightPx > 0
+      ? Math.max(0, fullHeightPx - viewportHeight)
+      : Number.POSITIVE_INFINITY;
+    return Math.round(Math.min(Math.max(target, 0), maxScroll));
+  }
+
+  if (hasY) return Math.round(Number(op.y));
+
+  const error = new Error(
+    `operations_invalid: section "${sectionId}" operations[${operationIndex}] is a scroll_to with `
+    + 'neither `block` nor `y`. Set `block` (centers/frames a content block) or `y` (raw scrollTop).',
+  );
+  error.code = 'OPERATIONS_INVALID';
+  throw error;
+}
+
+function validateOperation(op, { sectionId, operationIndex, fullHeightPx, unsafeRegions, blocks, viewportHeight }) {
   if (!op || typeof op !== 'object' || Array.isArray(op)) {
     const error = new Error(
       `operations_invalid: section "${sectionId}" operations[${operationIndex}] is not an object.`,
@@ -120,9 +184,15 @@ function validateOperation(op, { sectionId, operationIndex, fullHeightPx, unsafe
     throw error;
   }
 
+  let scrollTargetY = null;
   if (atomName === 'scroll_to') {
-    assertYWithinBounds(Number(op.y), { fullHeightPx, atomName, sectionId, operationIndex });
-    assertYNotInUnsafeRegion(Number(op.y), { unsafeRegions, atomName, sectionId, operationIndex });
+    // scroll_to.y is no longer agent-authored pixels — resolveScrollTargetY
+    // turns { block, align } into a clamped scrollTop. Raw { y } is still
+    // accepted for content-agnostic moves. The resolved value is what gets
+    // bounds/unsafe-checked and handed to the atom.
+    scrollTargetY = resolveScrollTargetY(op, { blocks, viewportHeight, fullHeightPx, sectionId, operationIndex });
+    assertYWithinBounds(scrollTargetY, { fullHeightPx, atomName, sectionId, operationIndex });
+    assertYNotInUnsafeRegion(scrollTargetY, { unsafeRegions, atomName, sectionId, operationIndex });
   } else if (atomName === 'cursor_focus') {
     assertYWithinBounds(Number(op.y), { fullHeightPx, atomName, sectionId, operationIndex });
     assertYNotInUnsafeRegion(Number(op.y), { unsafeRegions, atomName, sectionId, operationIndex });
@@ -134,16 +204,19 @@ function validateOperation(op, { sectionId, operationIndex, fullHeightPx, unsafe
       throw error;
     }
   }
-  return atomName;
+  return { atomName, scrollTargetY };
 }
 
-function operationToAtomParams(op, atomName, anchorY) {
+function operationToAtomParams(op, atomName, anchorY, scrollTargetY) {
   if (atomName === 'scroll_to') {
     return {
-      target_y: Number(op.y),
+      // scrollTargetY is resolved by resolveScrollTargetY (block-framed or raw y).
+      target_y: scrollTargetY,
       duration_ms: Number(op.duration_ms),
       curve: op.curve || 'easeInOutQuad',
-      jitter_px: Number.isFinite(Number(op.jitter_px)) ? Number(op.jitter_px) : 2,
+      // Default 0 — no pixel jitter (user requirement, repeatedly stated).
+      // Only consulted by touch mode; auto/programmatic ignore it.
+      jitter_px: Number.isFinite(Number(op.jitter_px)) ? Number(op.jitter_px) : 0,
       from_y: anchorY,
       mode: op.mode || 'auto',
     };
@@ -198,22 +271,45 @@ export function normalizePlanSections(plan = {}) {
 async function runOperations(page, ctx, operations, {
   fullHeightPx,
   unsafeRegions,
+  blocks,
+  viewportHeight,
+  viewportWidth,
   sectionId,
   fallbackAnchorY,
 }) {
   let anchorY = fallbackAnchorY;
+  // Spotlight off during the transition scroll — it appears once the section's
+  // block has landed centered (set right after the scroll_to below).
+  await clearSpotlight(page);
   for (let i = 0; i < operations.length; i += 1) {
     const op = operations[i];
-    const atomName = validateOperation(op, {
+    const { atomName, scrollTargetY } = validateOperation(op, {
       sectionId,
       operationIndex: i,
       fullHeightPx,
       unsafeRegions,
+      blocks,
+      viewportHeight,
     });
-    const params = operationToAtomParams(op, atomName, anchorY);
+    const params = operationToAtomParams(op, atomName, anchorY, scrollTargetY);
     const atomFn = ATOMS[atomName];
     const result = await atomFn(page, ctx, params);
     if (result?.anchorY != null) anchorY = result.anchorY;
+    // Once a scroll_to has landed on a content block, frame it: bordered box
+    // around the block + the rest of the page dimmed. The box then stays for
+    // the section's hold.
+    if (atomName === 'scroll_to' && typeof op.block === 'string' && op.block.trim()) {
+      const blk = findBlockById(blocks, op.block.trim());
+      if (blk) {
+        await setSpotlight(page, {
+          yTop: blk.y_top,
+          yBottom: blk.y_bottom,
+          viewportTop: scrollTargetY,
+          viewportHeight,
+          viewportWidth,
+        });
+      }
+    }
   }
   return { anchorY };
 }
@@ -230,6 +326,11 @@ function createEvent({ tMs, action, sectionId, detail = {} }) {
 
 export async function executePlanPhases(page, plan, {
   pageUnderstanding = null,
+  // The actual record-browser viewport height — used to frame block-referenced
+  // scroll_to operations. Falls back to page_understanding.viewport.height,
+  // then 1920. Pass the real recorder viewport so centering is pixel-correct.
+  viewportHeight = null,
+  viewportWidth = null,
   getNowMs = () => Date.now(),
   onEvent = null,
 } = {}) {
@@ -238,6 +339,13 @@ export async function executePlanPhases(page, plan, {
   const unsafeRegions = Array.isArray(pageUnderstanding?.unsafe_regions)
     ? pageUnderstanding.unsafe_regions
     : [];
+  const blocks = Array.isArray(pageUnderstanding?.blocks) ? pageUnderstanding.blocks : [];
+  const resolvedViewportHeight = Number(viewportHeight)
+    || Number(pageUnderstanding?.viewport?.height)
+    || 1920;
+  const resolvedViewportWidth = Number(viewportWidth)
+    || Number(pageUnderstanding?.viewport?.width)
+    || 1080;
 
   const startedAt = nowMs(getNowMs);
   const eventsLog = [];
@@ -263,6 +371,9 @@ export async function executePlanPhases(page, plan, {
       const result = await runOperations(page, ctx, section.operations, {
         fullHeightPx,
         unsafeRegions,
+        blocks,
+        viewportHeight: resolvedViewportHeight,
+        viewportWidth: resolvedViewportWidth,
         sectionId,
         fallbackAnchorY: lastAnchorY,
       });

package/src/cli.js

@@ -0,0 +1,255 @@
+#!/usr/bin/env node
+import { spawn } from 'node:child_process';
+import { createWriteStream, existsSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs';
+import { fileURLToPath } from 'node:url';
+import os from 'node:os';
+import path from 'node:path';
+
+import {
+  ensureLightconeDirs,
+  getDaemonStatus,
+  isProcessRunning,
+  readLocalConfig,
+  resolveDaemonLogPath,
+  resolveDaemonPidPath,
+  writeLocalConfig,
+} from './local-config.js';
+import { runDoctor } from './doctor.js';
+
+function parseArgs(raw) {
+  const opts = { _: [] };
+  for (let i = 0; i < raw.length; i += 1) {
+    const arg = raw[i];
+    if (arg.startsWith('--')) {
+      const next = raw[i + 1];
+      if (next && !next.startsWith('--')) {
+        opts[arg] = next;
+        i += 1;
+      } else {
+        opts[arg] = true;
+      }
+    } else {
+      opts._.push(arg);
+    }
+  }
+  return opts;
+}
+
+function printUsage() {
+  console.log(`Usage:
+  lightcone pair --server-url <url> --code <6-digit>
+  lightcone pair --server-url <url> --api-key <sk_machine_...>
+  lightcone daemon start
+  lightcone daemon stop
+  lightcone daemon restart
+  lightcone daemon status
+  lightcone status
+  lightcone doctor [--json]
+  lightcone logs [--lines 100]
+
+Notes:
+  Use --code for normal onboarding, or --api-key for advanced/server installs.`);
+}
+
+function printJson(value) {
+  console.log(JSON.stringify(value, null, 2));
+}
+
+function redactConfig(config) {
+  const token = String(config?.machineApiKey || '');
+  return {
+    ...config,
+    machineApiKey: token ? `${token.slice(0, 10)}...` : '',
+    localApiToken: config?.localApiToken ? `${String(config.localApiToken).slice(0, 12)}...` : '',
+  };
+}
+
+function requirePairedConfig() {
+  const config = readLocalConfig();
+  if (!config.serverUrl || !config.machineApiKey) {
+    throw new Error('not_paired: run `lightcone pair --server-url <url> --code <6-digit>` first');
+  }
+  return config;
+}
+
+async function exchangePairingCode({ serverUrl, code, name }) {
+  const endpoint = new URL('/api/servers/machine-pairing/exchange', serverUrl);
+  const response = await fetch(endpoint, {
+    method: 'POST',
+    headers: { 'content-type': 'application/json' },
+    body: JSON.stringify({
+      code,
+      name,
+      hostname: os.hostname(),
+      os: `${os.platform()} ${os.arch()} ${os.release()}`,
+    }),
+  });
+  let payload = null;
+  try { payload = await response.json(); } catch {}
+  if (!response.ok) {
+    throw new Error(`pair_code_exchange_failed:${response.status}:${payload?.error ?? response.statusText}`);
+  }
+  const apiKey = String(payload?.apiKey ?? '').trim();
+  if (!apiKey) throw new Error('pair_code_exchange_missing_api_key');
+  return payload;
+}
+
+function daemonEntryPath() {
+  return fileURLToPath(new URL('./index.js', import.meta.url));
+}
+
+function startDaemon({ foreground = false } = {}) {
+  const config = requirePairedConfig();
+  ensureLightconeDirs();
+
+  const current = getDaemonStatus();
+  if (current.running) {
+    console.log(`Daemon already running pid=${current.pid}`);
+    return current;
+  }
+
+  const args = [
+    daemonEntryPath(),
+    '--server-url', config.serverUrl,
+    '--api-key', config.machineApiKey,
+  ];
+
+  if (foreground) {
+    const child = spawn(process.execPath, args, { stdio: 'inherit' });
+    child.on('exit', (code, signal) => process.exit(code ?? (signal ? 1 : 0)));
+    return { running: true, foreground: true };
+  }
+
+  const logPath = resolveDaemonLogPath();
+  const out = createWriteStream(logPath, { flags: 'a' });
+  const child = spawn(process.execPath, args, {
+    detached: true,
+    stdio: ['ignore', out, out],
+    env: {
+      ...process.env,
+      SERVER_URL: config.serverUrl,
+      MACHINE_API_KEY: config.machineApiKey,
+    },
+  });
+  child.unref();
+  writeFileSync(resolveDaemonPidPath(), `${child.pid}\n`, 'utf8');
+  console.log(`Daemon started pid=${child.pid}`);
+  console.log(`Logs: ${logPath}`);
+  return getDaemonStatus();
+}
+
+function stopDaemon() {
+  const status = getDaemonStatus();
+  if (!status.pid) {
+    console.log('Daemon is not running.');
+    return status;
+  }
+  if (!isProcessRunning(status.pid)) {
+    try { unlinkSync(status.pidPath); } catch {}
+    console.log('Removed stale daemon pid file.');
+    return getDaemonStatus();
+  }
+  process.kill(status.pid, 'SIGTERM');
+  console.log(`Daemon stop requested pid=${status.pid}`);
+  return status;
+}
+
+function tailLogs(lines = 100) {
+  const logPath = resolveDaemonLogPath();
+  if (!existsSync(logPath)) {
+    console.log(`No daemon log found at ${logPath}`);
+    return;
+  }
+  const raw = readFileSync(logPath, 'utf8');
+  const count = Number.parseInt(String(lines), 10);
+  console.log(raw.split(/\r?\n/).slice(-(Number.isFinite(count) && count > 0 ? count : 100)).join('\n'));
+}
+
+async function main() {
+  const opts = parseArgs(process.argv.slice(2));
+  const [command, subcommand] = opts._;
+
+  if (!command || opts['--help'] || opts['-h']) {
+    printUsage();
+    return;
+  }
+
+  if (command === 'pair') {
+    const serverUrl = String(opts['--server-url'] || '').trim();
+    const code = String(opts['--code'] || '').trim();
+    let machineApiKey = String(opts['--api-key'] || '').trim();
+    if (!serverUrl) {
+      throw new Error('pair_requires_server_url');
+    }
+    let exchangePayload = null;
+    if (!machineApiKey && code) {
+      exchangePayload = await exchangePairingCode({
+        serverUrl,
+        code,
+        name: opts['--name'],
+      });
+      machineApiKey = exchangePayload.apiKey;
+    }
+    if (!machineApiKey) {
+      throw new Error('pair_requires_api_key_or_code');
+    }
+    const config = writeLocalConfig({ serverUrl, machineApiKey });
+    console.log(`Paired with ${config.serverUrl}`);
+    if (exchangePayload?.machine?.id) console.log(`Machine: ${exchangePayload.machine.id}`);
+    console.log('Config saved.');
+    return;
+  }
+
+  if (command === 'status' || (command === 'daemon' && subcommand === 'status')) {
+    const status = getDaemonStatus();
+    if (opts['--json']) return printJson({ ...status, config: redactConfig(readLocalConfig()) });
+    console.log(status.running ? `Daemon running pid=${status.pid}` : 'Daemon stopped');
+    console.log(`Home: ${status.home}`);
+    console.log(`Config: ${status.configPath}`);
+    console.log(`Logs: ${status.logPath}`);
+    return;
+  }
+
+  if (command === 'doctor') {
+    const result = runDoctor();
+    if (opts['--json']) return printJson(result);
+    for (const [name, item] of Object.entries(result.required)) {
+      console.log(`${item.ok ? 'ok' : 'missing'} required ${name}: ${item.version || item.error}`);
+    }
+    for (const [name, item] of Object.entries(result.recommended)) {
+      console.log(`${item.ok ? 'ok' : 'missing'} recommended ${name}: ${item.version || item.error}`);
+    }
+    for (const [name, item] of Object.entries(result.runtimes)) {
+      console.log(`${item.ok ? 'ok' : 'missing'} runtime ${name}: ${item.version || item.error}`);
+    }
+    return;
+  }
+
+  if (command === 'logs') {
+    tailLogs(opts['--lines']);
+    return;
+  }
+
+  if (command === 'daemon') {
+    if (subcommand === 'start') {
+      startDaemon({ foreground: !!opts['--foreground'] });
+      return;
+    }
+    if (subcommand === 'stop') {
+      stopDaemon();
+      return;
+    }
+    if (subcommand === 'restart') {
+      stopDaemon();
+      setTimeout(() => startDaemon(), 1000);
+      return;
+    }
+  }
+
+  throw new Error(`unknown_command:${[command, subcommand].filter(Boolean).join(' ')}`);
+}
+
+main().catch((error) => {
+  console.error(`Error: ${error.message}`);
+  process.exitCode = 1;
+});

package/src/doctor.js

@@ -0,0 +1,52 @@
+import { spawnSync } from 'node:child_process';
+
+function commandExists(command, args = ['--version']) {
+  const result = spawnSync(command, args, {
+    encoding: 'utf8',
+    timeout: 5000,
+  });
+  return {
+    ok: result.status === 0,
+    command,
+    version: String(result.stdout || result.stderr || '').split('\n')[0].trim(),
+    error: result.error?.message || (result.status === 0 ? '' : String(result.stderr || '').trim()),
+  };
+}
+
+function firstAvailable(candidates) {
+  for (const candidate of candidates) {
+    const result = commandExists(candidate.command, candidate.args);
+    if (result.ok) return result;
+  }
+  return {
+    ok: false,
+    command: candidates.map(candidate => candidate.command).join('|'),
+    version: '',
+    error: 'not_found',
+  };
+}
+
+export function runDoctor() {
+  const node = commandExists('node', ['--version']);
+  const npm = commandExists('npm', ['--version']);
+  const chrome = firstAvailable([
+    { command: 'google-chrome', args: ['--version'] },
+    { command: 'google-chrome-stable', args: ['--version'] },
+    { command: 'chromium-browser', args: ['--version'] },
+    { command: 'chromium', args: ['--version'] },
+  ]);
+  const ffmpeg = commandExists('ffmpeg', ['-version']);
+
+  const runtimes = {
+    claude: commandExists('claude', ['--version']),
+    codex: commandExists('codex', ['--version']),
+    kimi: commandExists('kimi', ['--version']),
+  };
+
+  return {
+    ok: node.ok && npm.ok,
+    required: { node, npm },
+    recommended: { chrome, ffmpeg },
+    runtimes,
+  };
+}

package/src/index.js

@@ -5,6 +5,8 @@ import { DaemonConnection } from './connection.js';
 import { AgentManager } from './agent-manager.js';
 import { releaseProfileLocksForProcess } from './profile-lock.js';
 import { resolveLightconeServerUrl } from './runtime-config.js';
+import { readLocalConfig } from './local-config.js';
+import { startLocalApi } from './local-api.js';
 
 const { version } = createRequire(import.meta.url)('../package.json');
 
@@ -30,6 +32,10 @@ function parseArgs(raw) {
 function printUsage() {
   console.log('Usage:');
   console.log('  lightcone-daemon --server-url <url> --api-key <key>');
+  console.log('');
+  console.log('Or configure once and start via:');
+  console.log('  lightcone pair --server-url <url> --code <6-digit>');
+  console.log('  lightcone daemon start');
 }
 
 // ── CLI args ──────────────────────────────────────────────────────────────────
@@ -40,8 +46,26 @@ if (opts['--help'] || opts['-h']) {
   process.exit(0);
 }
 
-const SERVER_URL = String(opts['--server-url'] || resolveLightconeServerUrl()).trim();
-const MACHINE_API_KEY = String(opts['--api-key'] || process.env.MACHINE_API_KEY || '').trim();
+let localConfig = {};
+try {
+  localConfig = readLocalConfig();
+} catch (error) {
+  console.error(`Error: ${error.message}`);
+  process.exit(1);
+}
+
+const SERVER_URL = String(
+  opts['--server-url']
+  || process.env.SERVER_URL
+  || localConfig.serverUrl
+  || resolveLightconeServerUrl()
+).trim();
+const MACHINE_API_KEY = String(
+  opts['--api-key']
+  || process.env.MACHINE_API_KEY
+  || localConfig.machineApiKey
+  || ''
+).trim();
 
 if (!MACHINE_API_KEY) {
   console.error('Error: API key is required.');
@@ -61,6 +85,7 @@ const connection = new DaemonConnection({
   getAgentInventory: () => agentManager.getAgentInventory(),
 });
 
+let localApi = null;
 connection.connect();
 
 let shuttingDown = false;
@@ -68,12 +93,21 @@ async function shutdown(signal) {
   if (shuttingDown) return;
   shuttingDown = true;
   console.log(`[Daemon] Shutting down (${signal})`);
+  try { localApi?.close(); } catch {}
   connection.stop();
   try { await agentManager.stopAll(); } catch (err) { console.error('[Daemon] Shutdown error:', err.message); }
   releaseProfileLocksForProcess();
   process.exit(0);
 }
 
+localApi = startLocalApi({
+  serverUrl: SERVER_URL,
+  version,
+  connection,
+  agentManager,
+  onStop: shutdown,
+});
+
 process.on('SIGINT', () => { shutdown('SIGINT'); });
 process.on('SIGTERM', () => { shutdown('SIGTERM'); });
 process.on('SIGHUP', () => { shutdown('SIGHUP'); });

package/src/local-api.js

@@ -0,0 +1,106 @@
+import http from 'node:http';
+import { readFileSync } from 'node:fs';
+
+import { getDaemonStatus, readLocalConfig, resolveDaemonLogPath } from './local-config.js';
+import { runDoctor } from './doctor.js';
+
+function sendJson(res, statusCode, payload) {
+  const body = `${JSON.stringify(payload, null, 2)}\n`;
+  res.writeHead(statusCode, {
+    'content-type': 'application/json; charset=utf-8',
+    'content-length': Buffer.byteLength(body),
+  });
+  res.end(body);
+}
+
+function bearerToken(req) {
+  const auth = String(req.headers.authorization || '').trim();
+  if (auth.toLowerCase().startsWith('bearer ')) return auth.slice(7).trim();
+  return String(req.headers['x-lightcone-local-token'] || '').trim();
+}
+
+function isAuthorized(req, config) {
+  const expected = String(config.localApiToken || '').trim();
+  return !!expected && bearerToken(req) === expected;
+}
+
+function safeConnectionState(connection) {
+  const ws = connection?.ws;
+  return {
+    stopped: !!connection?.stopped,
+    readyState: ws?.readyState ?? null,
+    connected: ws?.readyState === 1,
+  };
+}
+
+export function startLocalApi({
+  serverUrl,
+  version,
+  connection,
+  agentManager,
+  onStop,
+  env = process.env,
+} = {}) {
+  const config = readLocalConfig(env);
+  const port = Number.parseInt(String(env.LIGHTCONE_LOCAL_API_PORT || config.localApiPort || 19876), 10) || 19876;
+
+  const server = http.createServer((req, res) => {
+    const url = new URL(req.url || '/', `http://${req.headers.host || '127.0.0.1'}`);
+
+    if (req.method === 'GET' && url.pathname === '/health') {
+      return sendJson(res, 200, { ok: true, service: 'lightcone-daemon', version });
+    }
+
+    if (!isAuthorized(req, config)) {
+      return sendJson(res, 401, { error: 'unauthorized' });
+    }
+
+    if (req.method === 'GET' && url.pathname === '/status') {
+      return sendJson(res, 200, {
+        ok: true,
+        version,
+        serverUrl,
+        daemon: getDaemonStatus(env),
+        connection: safeConnectionState(connection),
+        inventory: typeof agentManager?.getAgentInventory === 'function'
+          ? agentManager.getAgentInventory()
+          : [],
+      });
+    }
+
+    if (req.method === 'GET' && url.pathname === '/doctor') {
+      return sendJson(res, 200, runDoctor());
+    }
+
+    if (req.method === 'GET' && url.pathname === '/logs') {
+      const lines = Number.parseInt(url.searchParams.get('lines') || '200', 10);
+      let text = '';
+      try {
+        text = readFileSync(resolveDaemonLogPath(env), 'utf8')
+          .split(/\r?\n/)
+          .slice(-(Number.isFinite(lines) && lines > 0 ? lines : 200))
+          .join('\n');
+      } catch {}
+      res.writeHead(200, { 'content-type': 'text/plain; charset=utf-8' });
+      res.end(text);
+      return;
+    }
+
+    if (req.method === 'POST' && url.pathname === '/stop') {
+      sendJson(res, 202, { ok: true });
+      setTimeout(() => onStop?.('LOCAL_API'), 20);
+      return;
+    }
+
+    return sendJson(res, 404, { error: 'not_found' });
+  });
+
+  server.listen(port, '127.0.0.1', () => {
+    console.log(`[LocalAPI] Listening on http://127.0.0.1:${port}`);
+  });
+  server.on('error', (error) => {
+    console.error(`[LocalAPI] Failed: ${error.message}`);
+  });
+
+  return server;
+}