@mrrlin-dev/mcp 0.2.4 → 0.2.6

package/dist/bin.cjs

@@ -18671,11 +18671,11 @@ var require_dist = __commonJS({
 });
 
 // src/bin.ts
-var import_node_path20 = __toESM(require("node:path"), 1);
+var import_node_path19 = __toESM(require("node:path"), 1);
 var import_node_child_process7 = require("node:child_process");
 var import_node_fs14 = require("node:fs");
-var import_node_os10 = require("node:os");
-var import_node_path21 = __toESM(require("node:path"), 1);
+var import_node_os11 = require("node:os");
+var import_node_path20 = __toESM(require("node:path"), 1);
 
 // src/install-codex.ts
 var import_promises = __toESM(require("node:fs/promises"), 1);
@@ -18759,7 +18759,7 @@ async function installCodex(options) {
   const configPath = import_node_path.default.join(codexHome, "config.toml");
   const distribution = await detectInstallDistribution(options);
   await import_promises.default.mkdir(codexHome, { recursive: true, mode: 448 });
-  const writePrompts = async () => installPrompts(codexHome, options.prompts ?? []);
+  const writePrompts = async () => installPrompts(codexHome, options.prompts ?? [], options.forcePrompts === true);
   if (!await pathExists(configPath)) {
     await import_promises.default.writeFile(configPath, renderBlock(options.binPath, distribution).replace(/^\n/, ""), { mode: 384 });
     return { action: "created", configPath, prompts: await writePrompts() };
@@ -18799,7 +18799,7 @@ async function installCodex(options) {
   await import_promises.default.writeFile(realPath, appended, { mode: 384 });
   return { action: "appended", configPath: realPath, prompts: await writePrompts() };
 }
-async function installPrompts(codexHome, prompts) {
+async function installPrompts(codexHome, prompts, forcePrompts) {
   if (prompts.length === 0) return [];
   const promptsDir2 = import_node_path.default.join(codexHome, "prompts");
   await import_promises.default.mkdir(promptsDir2, { recursive: true, mode: 448 });
@@ -18812,12 +18812,21 @@ async function installPrompts(codexHome, prompts) {
     } catch {
       existing = null;
     }
+    if (existing === null) {
+      await import_promises.default.writeFile(promptPath, prompt.content, { mode: 384 });
+      out.push({ name: prompt.name, action: "created", promptPath });
+      continue;
+    }
     if (existing === prompt.content) {
       out.push({ name: prompt.name, action: "noop", promptPath });
       continue;
     }
+    if (!forcePrompts) {
+      out.push({ name: prompt.name, action: "skipped-modified", promptPath });
+      continue;
+    }
     await import_promises.default.writeFile(promptPath, prompt.content, { mode: 384 });
-    out.push({ name: prompt.name, action: existing === null ? "created" : "updated", promptPath });
+    out.push({ name: prompt.name, action: "updated", promptPath });
   }
   return out;
 }
@@ -18838,11 +18847,11 @@ ${block}`;
 }
 
 // src/director-bridge.ts
-var import_node_fs11 = __toESM(require("node:fs"), 1);
+var import_node_fs10 = __toESM(require("node:fs"), 1);
 var import_node_http = __toESM(require("node:http"), 1);
 var import_node_os7 = __toESM(require("node:os"), 1);
-var import_node_path12 = __toESM(require("node:path"), 1);
-var import_node_child_process4 = require("node:child_process");
+var import_node_path11 = __toESM(require("node:path"), 1);
+var import_node_child_process3 = require("node:child_process");
 var import_node_crypto4 = __toESM(require("node:crypto"), 1);
 
 // ../../node_modules/.pnpm/ws@8.21.0/node_modules/ws/wrapper.mjs
@@ -40918,75 +40927,10 @@ var CheckoutRegistry = class {
   }
 };
 
-// src/checkout-scan.ts
-var import_node_fs8 = require("node:fs");
-var import_node_path9 = require("node:path");
-var import_node_child_process3 = require("node:child_process");
-
-// src/git-remote-match.ts
-function normalizeRemote(url2) {
-  const trimmed = url2.trim().replace(/\.git$/i, "");
-  const scp = /^[^@]+@[^:]+:(.+)$/.exec(trimmed);
-  const pathPart = scp ? scp[1] : (() => {
-    try {
-      return new URL(trimmed).pathname.replace(/^\/+/, "");
-    } catch {
-      return null;
-    }
-  })();
-  if (!pathPart) return null;
-  const segs = pathPart.split("/").filter(Boolean);
-  if (segs.length < 2) return null;
-  return `${segs[segs.length - 2]}/${segs[segs.length - 1]}`.toLowerCase();
-}
-function remoteMatchesRepo(remoteUrl, repoFullName) {
-  const a = normalizeRemote(remoteUrl);
-  return a !== null && a === repoFullName.trim().toLowerCase();
-}
-
-// src/checkout-scan.ts
-var SKIP = /* @__PURE__ */ new Set(["node_modules", ".git", ".cache", "Library", ".Trash"]);
-function originUrl(dir) {
-  try {
-    return (0, import_node_child_process3.execFileSync)("git", ["-C", dir, "remote", "get-url", "origin"], {
-      encoding: "utf8",
-      stdio: ["ignore", "pipe", "ignore"]
-    }).trim();
-  } catch {
-    return null;
-  }
-}
-function scanForCheckouts(roots, repoFullName, opts = {}) {
-  const maxDepth = opts.maxDepth ?? 3;
-  const out = [];
-  const walk = (dir, depth) => {
-    if (depth > maxDepth) return;
-    const url2 = originUrl(dir);
-    if (url2) {
-      if (remoteMatchesRepo(url2, repoFullName)) out.push(dir);
-      return;
-    }
-    let entries = [];
-    try {
-      entries = (0, import_node_fs8.readdirSync)(dir, { withFileTypes: true }).filter((e) => e.isDirectory() && !e.name.startsWith(".") && !SKIP.has(e.name)).map((e) => e.name);
-    } catch {
-      return;
-    }
-    for (const name of entries) walk((0, import_node_path9.join)(dir, name), depth + 1);
-  };
-  for (const root of roots) walk(root, 0);
-  return out;
-}
-function defaultScanRoots(home) {
-  const fromEnv = (process.env.MRRLIN_DIRECTOR_BRIDGE_SCAN_ROOTS ?? "").trim();
-  if (fromEnv) return fromEnv.split(":").filter(Boolean);
-  return ["dev", "projects", "src", "work"].map((d) => (0, import_node_path9.join)(home, d));
-}
-
 // src/executor-server.ts
-var import_node_fs9 = require("node:fs");
+var import_node_fs8 = require("node:fs");
 var import_node_os6 = require("node:os");
-var import_node_path10 = require("node:path");
+var import_node_path9 = require("node:path");
 var DENY_READ_GLOBS = [
   "**/.ssh/**",
   "**/.aws/**",
@@ -41019,15 +40963,15 @@ function buildExecutorConfig(opts) {
 }
 function operatorSecretPaths(realHome = (0, import_node_os6.homedir)()) {
   return [
-    (0, import_node_path10.join)(realHome, ".ssh"),
-    (0, import_node_path10.join)(realHome, ".aws"),
-    (0, import_node_path10.join)(realHome, ".config", "gh"),
-    (0, import_node_path10.join)(realHome, ".npmrc"),
-    (0, import_node_path10.join)(realHome, ".netrc"),
-    (0, import_node_path10.join)(realHome, ".gnupg"),
-    (0, import_node_path10.join)(realHome, ".kube"),
-    (0, import_node_path10.join)(realHome, ".docker", "config.json"),
-    (0, import_node_path10.join)(realHome, ".config", "gcloud")
+    (0, import_node_path9.join)(realHome, ".ssh"),
+    (0, import_node_path9.join)(realHome, ".aws"),
+    (0, import_node_path9.join)(realHome, ".config", "gh"),
+    (0, import_node_path9.join)(realHome, ".npmrc"),
+    (0, import_node_path9.join)(realHome, ".netrc"),
+    (0, import_node_path9.join)(realHome, ".gnupg"),
+    (0, import_node_path9.join)(realHome, ".kube"),
+    (0, import_node_path9.join)(realHome, ".docker", "config.json"),
+    (0, import_node_path9.join)(realHome, ".config", "gcloud")
   ];
 }
 var SECRET_DIRECTORY_BASENAMES = /* @__PURE__ */ new Set([".ssh", ".aws", "gh", ".gnupg", ".kube", "gcloud"]);
@@ -41036,8 +40980,8 @@ function isSecretDirectoryPath(p) {
   return SECRET_DIRECTORY_BASENAMES.has(base);
 }
 function writeExecutorCodexHome(scratchDir, opts) {
-  const codexHome = (0, import_node_path10.join)(scratchDir, ".codex");
-  (0, import_node_fs9.mkdirSync)(codexHome, { recursive: true });
+  const codexHome = (0, import_node_path9.join)(scratchDir, ".codex");
+  (0, import_node_fs8.mkdirSync)(codexHome, { recursive: true });
   const hasEgress = opts.egressDomains.length > 0;
   const networkSection = hasEgress ? [
     "[permissions.executor.network]",
@@ -41072,21 +41016,21 @@ function writeExecutorCodexHome(scratchDir, opts) {
     networkSection,
     ""
   ].join("\n");
-  (0, import_node_fs9.writeFileSync)((0, import_node_path10.join)(codexHome, "config.toml"), toml3, "utf8");
+  (0, import_node_fs8.writeFileSync)((0, import_node_path9.join)(codexHome, "config.toml"), toml3, "utf8");
   return codexHome;
 }
 async function startExecutorServer(opts) {
   const egressDomains = opts.egressDomains ?? DEFAULT_EGRESS_DOMAINS;
   const realHome = (0, import_node_os6.homedir)();
   const denySecretPaths = operatorSecretPaths(realHome);
-  const scratchDir = (0, import_node_fs9.mkdtempSync)((0, import_node_path10.join)((0, import_node_os6.tmpdir)(), "mrrlin-executor-"));
+  const scratchDir = (0, import_node_fs8.mkdtempSync)((0, import_node_path9.join)((0, import_node_os6.tmpdir)(), "mrrlin-executor-"));
   const scratchHome = scratchDir;
   let scratchCleaned = false;
   const cleanScratch = () => {
     if (scratchCleaned) return;
     scratchCleaned = true;
     try {
-      (0, import_node_fs9.rmSync)(scratchDir, { recursive: true, force: true });
+      (0, import_node_fs8.rmSync)(scratchDir, { recursive: true, force: true });
     } catch {
     }
   };
@@ -41277,17 +41221,10 @@ function extractVerificationSection(markdown) {
 }
 
 // src/bridge-log.ts
-var import_node_fs10 = require("node:fs");
-var import_node_path11 = require("node:path");
-var NOOP_LOGGER = {
-  logIn() {
-  },
-  logOut() {
-  },
-  close() {
-  }
-};
-var REDACT_DEPTH_CAP = 8;
+var import_node_fs9 = require("node:fs");
+var import_node_path10 = require("node:path");
+
+// src/redact.ts
 var REDACTED = "[REDACTED]";
 var SECRET_PATTERNS = [
   /ghp_[A-Za-z0-9]{20,}/g,
@@ -41303,17 +41240,28 @@ var SECRET_PATTERNS = [
   /\b[A-Za-z0-9+/]{40,}={0,2}\b/g
   // long base64-ish run (opaque tokens)
 ];
-function scrubString(value) {
-  let out = value;
+function redact(input) {
+  let out = input;
   for (const re of SECRET_PATTERNS) out = out.replace(re, REDACTED);
   return out;
 }
+
+// src/bridge-log.ts
+var NOOP_LOGGER = {
+  logIn() {
+  },
+  logOut() {
+  },
+  close() {
+  }
+};
+var REDACT_DEPTH_CAP = 8;
 function redactValue(value, depth) {
-  if (typeof value === "string") return scrubString(value);
+  if (typeof value === "string") return redact(value);
   if (value === null || typeof value !== "object") return value;
   if (depth >= REDACT_DEPTH_CAP) {
     try {
-      return scrubString(JSON.stringify(value));
+      return redact(JSON.stringify(value));
     } catch {
       return REDACTED;
     }
@@ -41351,14 +41299,14 @@ function resolvePromptsEnabled(env) {
 }
 function createBridgeLogger(stateDir, env = process.env) {
   if (!resolveBridgeLogEnabled(env)) return NOOP_LOGGER;
-  const logsDir = (0, import_node_path11.join)(stateDir, "logs");
+  const logsDir = (0, import_node_path10.join)(stateDir, "logs");
   try {
-    (0, import_node_fs10.mkdirSync)(logsDir, { recursive: true });
+    (0, import_node_fs9.mkdirSync)(logsDir, { recursive: true });
   } catch {
     return NOOP_LOGGER;
   }
   const includePrompts = resolvePromptsEnabled(env);
-  const fileFor = () => (0, import_node_path11.join)(logsDir, `bridge-${(/* @__PURE__ */ new Date()).toISOString().slice(0, 10)}.jsonl`);
+  const fileFor = () => (0, import_node_path10.join)(logsDir, `bridge-${(/* @__PURE__ */ new Date()).toISOString().slice(0, 10)}.jsonl`);
   const write = (dir, rec) => {
     try {
       const line = JSON.stringify({
@@ -41370,7 +41318,7 @@ function createBridgeLogger(stateDir, env = process.env) {
         ...rec.ms !== void 0 ? { ms: rec.ms } : {},
         payload: redactMessage(rec.payload, { includePrompts })
       }) + "\n";
-      (0, import_node_fs10.appendFileSync)(fileFor(), line);
+      (0, import_node_fs9.appendFileSync)(fileFor(), line);
     } catch {
     }
   };
@@ -41404,9 +41352,9 @@ function normalizeModel(value) {
   return trimmed ? trimmed : null;
 }
 function neutralCheckoutCwd(stateDir) {
-  const dir = import_node_path12.default.join(stateDir, "no-checkout");
+  const dir = import_node_path11.default.join(stateDir, "no-checkout");
   try {
-    import_node_fs11.default.mkdirSync(dir, { recursive: true });
+    import_node_fs10.default.mkdirSync(dir, { recursive: true });
   } catch {
   }
   return dir;
@@ -41597,7 +41545,7 @@ function resolveDefaultBranch(checkoutPath) {
   if (!checkoutPath) return "main";
   const runGit = (args) => {
     try {
-      return (0, import_node_child_process4.execFileSync)("git", ["-C", checkoutPath, ...args], {
+      return (0, import_node_child_process3.execFileSync)("git", ["-C", checkoutPath, ...args], {
         encoding: "utf8",
         stdio: ["ignore", "pipe", "ignore"],
         timeout: 15e3,
@@ -41629,7 +41577,7 @@ async function runOrphanWorktreeSweep(client, opts) {
   const cutoff = Date.now() - worktreeRetentionMs();
   const isReapable = (worktreePath) => {
     try {
-      return import_node_fs11.default.statSync(worktreePath).mtimeMs < cutoff;
+      return import_node_fs10.default.statSync(worktreePath).mtimeMs < cutoff;
     } catch {
       return false;
     }
@@ -41666,8 +41614,8 @@ async function runOrphanWorktreeSweep(client, opts) {
   }
 }
 function readStateDir() {
-  if (process.env.CODEX_HOME) return import_node_path12.default.join(process.env.CODEX_HOME, "mrrlin", "director-bridge");
-  return import_node_path12.default.join(import_node_os7.default.homedir(), ".mrrlin", "director-bridge");
+  if (process.env.CODEX_HOME) return import_node_path11.default.join(process.env.CODEX_HOME, "mrrlin", "director-bridge");
+  return import_node_path11.default.join(import_node_os7.default.homedir(), ".mrrlin", "director-bridge");
 }
 function readAllowedOrigins() {
   const raw = (process.env.MRRLIN_DIRECTOR_BRIDGE_ALLOWED_ORIGINS ?? "").trim();
@@ -41931,50 +41879,6 @@ function createBridgeMessageHandler(deps) {
         sendForSpan({ type: "reconfigured", directorSessionId: directorSessionId2 });
         return;
       }
-      if (msg.type === "discover-checkouts") {
-        const projectSlug = typeof msg.projectSlug === "string" ? msg.projectSlug.trim() : "";
-        const repo = typeof msg.repo === "string" ? msg.repo.trim() : "";
-        if (!projectSlug || !repo) {
-          sendForSpan({ type: "error", error: "discover-checkouts requires projectSlug and repo." });
-          return;
-        }
-        const roots = deps.scanRoots ?? defaultScanRoots(import_node_os7.default.homedir());
-        const candidates = scanForCheckouts(roots, repo);
-        sendForSpan({ type: "checkout-candidates", projectSlug, candidates });
-        return;
-      }
-      if (msg.type === "confirm-checkout") {
-        const projectSlug = typeof msg.projectSlug === "string" ? msg.projectSlug.trim() : "";
-        const checkoutPath = typeof msg.path === "string" ? msg.path.trim() : "";
-        const repo = typeof msg.repo === "string" ? msg.repo.trim() : "";
-        if (!projectSlug || !checkoutPath) {
-          sendForSpan({ type: "checkout-error", projectSlug, error: "confirm-checkout requires projectSlug and path." });
-          return;
-        }
-        let remoteUrl = null;
-        try {
-          remoteUrl = (0, import_node_child_process4.execFileSync)("git", ["-C", checkoutPath, "remote", "get-url", "origin"], {
-            encoding: "utf8",
-            stdio: ["ignore", "pipe", "ignore"],
-            timeout: 15e3,
-            env: { ...process.env, GIT_TERMINAL_PROMPT: "0" }
-          }).trim();
-        } catch {
-          sendForSpan({ type: "checkout-error", projectSlug, error: `Path is not a git repository or has no origin remote: ${checkoutPath}` });
-          return;
-        }
-        if (repo && !remoteMatchesRepo(remoteUrl, repo)) {
-          sendForSpan({ type: "checkout-error", projectSlug, error: `Origin remote ${remoteUrl} does not match repo ${repo}.` });
-          return;
-        }
-        if (!deps.checkoutRegistry) {
-          sendForSpan({ type: "checkout-error", projectSlug, error: "No checkout registry configured." });
-          return;
-        }
-        deps.checkoutRegistry.confirm(projectSlug, checkoutPath, (/* @__PURE__ */ new Date()).toISOString());
-        sendForSpan({ type: "checkout-confirmed", projectSlug, path: checkoutPath });
-        return;
-      }
       if (msg.type !== "turn" || typeof msg.directorSessionId !== "string" || typeof msg.message !== "string") {
         sendForSpan({ type: "error", error: "Invalid message schema." });
         return;
@@ -42297,8 +42201,8 @@ async function startDirectorBridge() {
     codexCwd: config2.codexCwd,
     codexExecutable: config2.codexExecutable,
     checkoutRegistry,
-    worktreeRoot: import_node_path12.default.join(config2.stateDir, "worktrees"),
-    locksDir: import_node_path12.default.join(config2.stateDir, "locks"),
+    worktreeRoot: import_node_path11.default.join(config2.stateDir, "worktrees"),
+    locksDir: import_node_path11.default.join(config2.stateDir, "locks"),
     // Wire the profile-enforced executor server for code-execution runs. Each run gets its own
     // sandboxed Codex instance (scrubbed env, scratch CODEX_HOME, deny-read, egress allowlist).
     // The returned handle's dispose() shuts down the spawned app-server CHILD (manager.shutdown(),
@@ -42331,13 +42235,13 @@ async function startDirectorBridge() {
       },
       runVerificationTurn: createRunVerificationTurn({
         startSandbox: async (egressDomains) => {
-          const cwd = import_node_fs11.default.mkdtempSync(import_node_path12.default.join(import_node_os7.default.tmpdir(), "mrrlin-verify-"));
+          const cwd = import_node_fs10.default.mkdtempSync(import_node_path11.default.join(import_node_os7.default.tmpdir(), "mrrlin-verify-"));
           let handle;
           try {
             handle = await startExecutorServer({ worktree: cwd, egressDomains });
           } catch (error51) {
             try {
-              import_node_fs11.default.rmSync(cwd, { recursive: true, force: true });
+              import_node_fs10.default.rmSync(cwd, { recursive: true, force: true });
             } catch {
             }
             throw error51;
@@ -42348,7 +42252,7 @@ async function startDirectorBridge() {
             dispose: () => {
               handle.dispose();
               try {
-                import_node_fs11.default.rmSync(cwd, { recursive: true, force: true });
+                import_node_fs10.default.rmSync(cwd, { recursive: true, force: true });
               } catch {
               }
             }
@@ -42581,8 +42485,8 @@ async function startDirectorBridge() {
       enqueueRun(
         () => runOrphanWorktreeSweep(client, {
           checkoutRegistry,
-          worktreeRoot: import_node_path12.default.join(config2.stateDir, "worktrees"),
-          locksDir: import_node_path12.default.join(config2.stateDir, "locks")
+          worktreeRoot: import_node_path11.default.join(config2.stateDir, "worktrees"),
+          locksDir: import_node_path11.default.join(config2.stateDir, "locks")
         })
       );
       scheduleClaimLoop();
@@ -42739,15 +42643,15 @@ function readDispatchBody(req) {
 function readOrCreateBridgeToken(stateDir) {
   const explicit = (process.env.MRRLIN_DIRECTOR_BRIDGE_TOKEN ?? "").trim();
   if (explicit) return explicit;
-  const tokenPath = import_node_path12.default.join(stateDir, "token.txt");
+  const tokenPath = import_node_path11.default.join(stateDir, "token.txt");
   try {
-    const existing = import_node_fs11.default.readFileSync(tokenPath, "utf8").trim();
+    const existing = import_node_fs10.default.readFileSync(tokenPath, "utf8").trim();
     if (existing) return existing;
   } catch {
   }
-  import_node_fs11.default.mkdirSync(stateDir, { recursive: true, mode: 448 });
+  import_node_fs10.default.mkdirSync(stateDir, { recursive: true, mode: 448 });
   const token = import_node_crypto4.default.randomBytes(32).toString("base64url");
-  import_node_fs11.default.writeFileSync(tokenPath, `${token}
+  import_node_fs10.default.writeFileSync(tokenPath, `${token}
 `, { mode: 384 });
   return token;
 }
@@ -46130,14 +46034,17 @@ var StdioServerTransport = class {
 
 // src/tools.ts
 var import_promises3 = require("node:fs/promises");
-var import_node_path15 = __toESM(require("node:path"), 1);
+var import_node_fs12 = require("node:fs");
+var import_node_path14 = __toESM(require("node:path"), 1);
+var import_node_os8 = __toESM(require("node:os"), 1);
+var import_node_child_process6 = require("node:child_process");
 
 // ../../packages/wiki/dist/index.js
 var import_promises2 = __toESM(require("node:fs/promises"), 1);
-var import_node_path13 = __toESM(require("node:path"), 1);
+var import_node_path12 = __toESM(require("node:path"), 1);
 var INCLUDED_DOC_FOLDERS = /* @__PURE__ */ new Set(["_meta", "explanation", "how-to", "reference", "sdd", "tutorials"]);
 function toPosixPath(input) {
-  return input.split(import_node_path13.default.sep).join("/");
+  return input.split(import_node_path12.default.sep).join("/");
 }
 function slugifyWikiSegment(input) {
   return input.trim().toLowerCase().replace(/`/g, "").replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "");
@@ -46151,12 +46058,12 @@ async function pathExists2(input) {
   }
 }
 async function findWorkspaceRoot(start = process.cwd()) {
-  let current = import_node_path13.default.resolve(start);
+  let current = import_node_path12.default.resolve(start);
   while (true) {
-    if (await pathExists2(import_node_path13.default.join(current, "pnpm-workspace.yaml")) && await pathExists2(import_node_path13.default.join(current, "docs"))) {
+    if (await pathExists2(import_node_path12.default.join(current, "pnpm-workspace.yaml")) && await pathExists2(import_node_path12.default.join(current, "docs"))) {
       return current;
     }
-    const parent = import_node_path13.default.dirname(current);
+    const parent = import_node_path12.default.dirname(current);
     if (parent === current) {
       throw new Error(`Unable to find Mrrlin workspace root from ${start}`);
     }
@@ -46165,28 +46072,28 @@ async function findWorkspaceRoot(start = process.cwd()) {
 }
 async function resolveDocsRoot(input) {
   if (input) {
-    return import_node_path13.default.resolve(input);
+    return import_node_path12.default.resolve(input);
   }
   if (process.env.MRRLIN_DOCS_ROOT) {
-    return import_node_path13.default.resolve(process.env.MRRLIN_DOCS_ROOT);
+    return import_node_path12.default.resolve(process.env.MRRLIN_DOCS_ROOT);
   }
-  return import_node_path13.default.join(await findWorkspaceRoot(), "docs");
+  return import_node_path12.default.join(await findWorkspaceRoot(), "docs");
 }
 async function resolveIndexPath(input) {
   if (input) {
-    return import_node_path13.default.resolve(input);
+    return import_node_path12.default.resolve(input);
   }
   if (process.env.MRRLIN_WIKI_INDEX_PATH) {
-    return import_node_path13.default.resolve(process.env.MRRLIN_WIKI_INDEX_PATH);
+    return import_node_path12.default.resolve(process.env.MRRLIN_WIKI_INDEX_PATH);
   }
   const workspaceRoot = await findWorkspaceRoot();
-  return import_node_path13.default.join(workspaceRoot, "apps", "web", "public", "wiki-index.json");
+  return import_node_path12.default.join(workspaceRoot, "apps", "web", "public", "wiki-index.json");
 }
 async function walkMarkdownFiles(root, dir = root) {
   const entries = await import_promises2.default.readdir(dir, { withFileTypes: true });
   const files = [];
   for (const entry of entries) {
-    const absolute = import_node_path13.default.join(dir, entry.name);
+    const absolute = import_node_path12.default.join(dir, entry.name);
     if (entry.isDirectory()) {
       files.push(...await walkMarkdownFiles(root, absolute));
       continue;
@@ -46205,7 +46112,7 @@ function parseTitle(markdown, sourcePath) {
   return title;
 }
 function documentFromFile(docsRoot, absolutePath, markdown) {
-  const relativePath = toPosixPath(import_node_path13.default.relative(docsRoot, absolutePath));
+  const relativePath = toPosixPath(import_node_path12.default.relative(docsRoot, absolutePath));
   const [section, fileName] = relativePath.split("/");
   if (!section || !fileName || !INCLUDED_DOC_FOLDERS.has(section)) {
     return null;
@@ -46620,7 +46527,7 @@ async function runCodeGate(_target, deps) {
 }
 
 // src/consensus/codex-exec.ts
-var import_node_child_process5 = require("node:child_process");
+var import_node_child_process4 = require("node:child_process");
 function extractFinalMessage(stdout) {
   let last = null;
   for (const rawLine of stdout.split(/\r?\n/)) {
@@ -46665,7 +46572,7 @@ function firstString(...values) {
   return null;
 }
 function runCodexExec(input, deps) {
-  const spawn2 = deps?.spawn ?? import_node_child_process5.spawn;
+  const spawn2 = deps?.spawn ?? import_node_child_process4.spawn;
   const executable = input.codexExecutable ?? "codex";
   const sandbox = input.sandbox ?? "read-only";
   const fullPrompt = input.developerInstructions.trim() ? `${input.developerInstructions.trim()}
@@ -46737,12 +46644,12 @@ function errMessage(err) {
 }
 
 // src/consensus/wiring.ts
-var import_node_fs12 = __toESM(require("node:fs"), 1);
-var import_node_path14 = __toESM(require("node:path"), 1);
+var import_node_fs11 = __toESM(require("node:fs"), 1);
+var import_node_path13 = __toESM(require("node:path"), 1);
 var import_node_url = require("node:url");
 
 // src/consensus/code-gate-git.ts
-var import_node_child_process6 = require("node:child_process");
+var import_node_child_process5 = require("node:child_process");
 var DIFF_MAX_BYTES = 2e5;
 var FASTGATE_OUTPUT_MAX_BYTES = 16e3;
 var GIT_TIMEOUT_MS = 6e4;
@@ -46758,7 +46665,7 @@ var defaultRunCmd = (cmd, args, opts) => new Promise((resolve) => {
   };
   let child;
   try {
-    child = (0, import_node_child_process6.spawn)(cmd, args, {
+    child = (0, import_node_child_process5.spawn)(cmd, args, {
       cwd: opts.cwd,
       env: process.env,
       shell: false,
@@ -46973,15 +46880,15 @@ ${res.stdout}${res.stderr}`);
 var import_meta = {};
 function getPersonasDir() {
   if (typeof __dirname !== "undefined") {
-    return import_node_path14.default.join(__dirname, "consensus", "personas");
+    return import_node_path13.default.join(__dirname, "consensus", "personas");
   }
-  return import_node_path14.default.join(import_node_path14.default.dirname((0, import_node_url.fileURLToPath)(import_meta.url)), "personas");
+  return import_node_path13.default.join(import_node_path13.default.dirname((0, import_node_url.fileURLToPath)(import_meta.url)), "personas");
 }
 var personaCache = /* @__PURE__ */ new Map();
 function loadPersona(name) {
   const cached2 = personaCache.get(name);
   if (cached2 !== void 0) return cached2;
-  const content = import_node_fs12.default.readFileSync(import_node_path14.default.join(getPersonasDir(), `${name}.md`), "utf8");
+  const content = import_node_fs11.default.readFileSync(import_node_path13.default.join(getPersonasDir(), `${name}.md`), "utf8");
   personaCache.set(name, content);
   return content;
 }
@@ -47290,6 +47197,27 @@ async function enqueueAsyncTool(client, descriptor2, input) {
   }
 }
 
+// src/git-remote-match.ts
+function normalizeRemote(url2) {
+  const trimmed = url2.trim().replace(/\.git$/i, "");
+  const scp = /^[^@]+@[^:]+:(.+)$/.exec(trimmed);
+  const pathPart = scp ? scp[1] : (() => {
+    try {
+      return new URL(trimmed).pathname.replace(/^\/+/, "");
+    } catch {
+      return null;
+    }
+  })();
+  if (!pathPart) return null;
+  const segs = pathPart.split("/").filter(Boolean);
+  if (segs.length < 2) return null;
+  return `${segs[segs.length - 2]}/${segs[segs.length - 1]}`.toLowerCase();
+}
+function remoteMatchesRepo(remoteUrl, repoFullName) {
+  const a = normalizeRemote(remoteUrl);
+  return a !== null && a === repoFullName.trim().toLowerCase();
+}
+
 // src/tools.ts
 registerAsyncTool(consensusDescriptor);
 var mcpToolNames = {
@@ -47350,7 +47278,8 @@ var mcpToolNames = {
   runCodeReviewerGate: "run_code_reviewer_gate",
   uploadArtifact: "upload_artifact",
   listArtifactFiles: "list_artifact_files",
-  resolveHandoff: "resolve_handoff"
+  resolveHandoff: "resolve_handoff",
+  registerLocalCheckout: "register_local_checkout"
 };
 var projectScopedSchema = external_exports.object({ projectSlug: mrrlinProjectSlugSchema });
 var taskScopedSchema = projectScopedSchema.extend({ taskId: mrrlinTaskIdSchema });
@@ -47448,6 +47377,10 @@ var listInboxItemsInputSchema = projectScopedSchema.merge(mrrlinInboxItemListFil
 var createInboxItemInputSchema = projectScopedSchema.merge(mrrlinInboxItemCreateSchema);
 var decideInboxItemInputSchema = projectScopedSchema.extend({ itemId: mrrlinInboxItemIdSchema }).merge(mrrlinInboxItemDecideSchema);
 var resolveHandoffInputSchema = projectScopedSchema.extend({ runId: mrrlinExecutionRunIdSchema }).merge(mrrlinResolveHandoffSchema);
+var registerLocalCheckoutInputSchema = projectScopedSchema.extend({
+  path: external_exports.string().min(1).describe("Absolute path to the local git checkout (must be a git repo whose origin matches `repo`)."),
+  repo: external_exports.string().min(1).describe("The project's bound GitHub repo full name in `owner/repo` form.")
+});
 var mcpToolInputSchemas = {
   [mcpToolNames.appendExecutionArtifact]: appendExecutionArtifactInputSchema,
   [mcpToolNames.archivePlan]: archivePlanInputSchema,
@@ -47506,7 +47439,8 @@ var mcpToolInputSchemas = {
   [mcpToolNames.decideInboxItem]: decideInboxItemInputSchema,
   [mcpToolNames.uploadArtifact]: uploadArtifactInputSchema,
   [mcpToolNames.listArtifactFiles]: listArtifactFilesInputSchema,
-  [mcpToolNames.resolveHandoff]: resolveHandoffInputSchema
+  [mcpToolNames.resolveHandoff]: resolveHandoffInputSchema,
+  [mcpToolNames.registerLocalCheckout]: registerLocalCheckoutInputSchema
 };
 var mcpToolOperationIds = {
   [mcpToolNames.appendExecutionArtifact]: openApiOperationIds.appendExecutionArtifact,
@@ -47624,7 +47558,8 @@ var mcpToolDescriptions = {
   [mcpToolNames.decideInboxItem]: "Approve, reject, or acknowledge an operator-inbox item. Rejection requires a reason.",
   [mcpToolNames.uploadArtifact]: "Upload a local file (md/txt/html/csv/json/pdf/png/jpg/webp/gif, <=5MB) as a project artifact. Returns a stable markdown link to embed in chat/spec/handoff text. Use class=temp for one-off hand-offs, class=durable for anything referenced by specs or evidence. Pass runId to record the file in that run's artifact history; pass taskId to surface it on the task's Artifacts list.",
   [mcpToolNames.listArtifactFiles]: "List uploaded artifact files for the project (optionally filtered by taskId/runId), newest first.",
-  [mcpToolNames.resolveHandoff]: "Resolve a tool_assisted handoff for an execution run (outcome success|failure). Success returns the task to the board; failure opens a new handoff cycle. Idempotent."
+  [mcpToolNames.resolveHandoff]: "Resolve a tool_assisted handoff for an execution run (outcome success|failure). Success returns the task to the board; failure opens a new handoff cycle. Idempotent.",
+  [mcpToolNames.registerLocalCheckout]: "Register the operator-local git checkout path for `projectSlug` so execution-run workers run code on this machine instead of the cloud. Validates the path is a git repo whose `origin` remote matches `repo`, then writes the (slug -> absolute path) entry to the operator-local checkout registry. Call this after locating the checkout on disk (e.g. via filesystem search) and confirming the choice with the user in chat \u2014 they should NOT have to paste the path into Settings. Returns `{ projectSlug, path, confirmedAt }`. Idempotent: re-registering overwrites the prior entry."
 };
 var ARTIFACT_EXTENSION_TYPES = {
   ".md": "text/markdown",
@@ -48186,7 +48121,7 @@ function createMrrlinTools(options) {
       "ARTIFACT_FILE_UPLOAD_FAILED",
       "Unable to upload artifact file.",
       async (c, { projectSlug, path: filePath, class: artifactClass, taskId, runId, description }) => {
-        const extension2 = import_node_path15.default.extname(filePath).toLowerCase();
+        const extension2 = import_node_path14.default.extname(filePath).toLowerCase();
         const contentType = ARTIFACT_EXTENSION_TYPES[extension2];
         if (!contentType) {
           throw new McpToolCodedError(
@@ -48214,7 +48149,7 @@ function createMrrlinTools(options) {
             "Artifact exceeds 5MB; split or summarize instead."
           );
         }
-        const filename = import_node_path15.default.basename(filePath);
+        const filename = import_node_path14.default.basename(filePath);
         const created = await c.createArtifactFile(projectSlug, {
           class: artifactClass,
           contentType,
@@ -48289,6 +48224,55 @@ function createMrrlinTools(options) {
       "HANDOFF_RESOLVE_FAILED",
       "Unable to resolve handoff.",
       async (c, { projectSlug, runId, ...input }) => await c.resolveHandoff(projectSlug, runId, input)
+    ),
+    [mcpToolNames.registerLocalCheckout]: makeTool(
+      client,
+      mcpToolNames.registerLocalCheckout,
+      "LOCAL_CHECKOUT_REGISTER_FAILED",
+      "Unable to register local checkout.",
+      async (_c, { projectSlug, path: checkoutPath, repo }) => {
+        const trimmedPath = checkoutPath.trim();
+        if (!import_node_path14.default.isAbsolute(trimmedPath)) {
+          throw new McpToolCodedError(
+            "LOCAL_CHECKOUT_PATH_NOT_ABSOLUTE",
+            `Path must be absolute, got: ${trimmedPath}`
+          );
+        }
+        let resolvedPath;
+        try {
+          resolvedPath = (0, import_node_fs12.realpathSync)(trimmedPath);
+        } catch {
+          throw new McpToolCodedError(
+            "LOCAL_CHECKOUT_PATH_NOT_FOUND",
+            `Path does not exist or is not accessible: ${trimmedPath}`
+          );
+        }
+        let remoteUrl;
+        try {
+          remoteUrl = (0, import_node_child_process6.execFileSync)("git", ["-C", resolvedPath, "remote", "get-url", "origin"], {
+            encoding: "utf8",
+            stdio: ["ignore", "pipe", "ignore"],
+            timeout: 15e3,
+            env: { ...process.env, GIT_TERMINAL_PROMPT: "0" }
+          }).trim();
+        } catch {
+          throw new McpToolCodedError(
+            "LOCAL_CHECKOUT_NOT_A_GIT_REPO",
+            `Path is not a git repository or has no origin remote: ${resolvedPath}`
+          );
+        }
+        if (!remoteMatchesRepo(remoteUrl, repo)) {
+          throw new McpToolCodedError(
+            "LOCAL_CHECKOUT_REMOTE_MISMATCH",
+            `Origin remote ${remoteUrl} does not match repo ${repo}.`
+          );
+        }
+        const stateDir = process.env.CODEX_HOME ? import_node_path14.default.join(process.env.CODEX_HOME, "mrrlin", "director-bridge") : import_node_path14.default.join(import_node_os8.default.homedir(), ".mrrlin", "director-bridge");
+        const registry3 = new CheckoutRegistry(stateDir);
+        const confirmedAt = (/* @__PURE__ */ new Date()).toISOString();
+        registry3.confirm(projectSlug, resolvedPath, confirmedAt);
+        return { projectSlug, path: resolvedPath, confirmedAt };
+      }
     )
   };
 }
@@ -48450,13 +48434,13 @@ function runSetCredential(args) {
 }
 
 // src/install-service.ts
-var import_node_os8 = __toESM(require("node:os"), 1);
-var import_node_path17 = __toESM(require("node:path"), 1);
+var import_node_os9 = __toESM(require("node:os"), 1);
+var import_node_path16 = __toESM(require("node:path"), 1);
 
 // src/service-paths.ts
-var import_node_path16 = __toESM(require("node:path"), 1);
+var import_node_path15 = __toESM(require("node:path"), 1);
 function isWorktreePath(p) {
-  const norm = import_node_path16.default.normalize(p).split(import_node_path16.default.sep).join("/");
+  const norm = import_node_path15.default.normalize(p).split(import_node_path15.default.sep).join("/");
   return norm.includes("/.claude/worktrees/");
 }
 function resolveServiceCwd(opts) {
@@ -48509,7 +48493,7 @@ function installService(deps) {
     deps.log(resolved.reason);
     return { ok: false };
   }
-  const home = deps.env.HOME ?? import_node_os8.default.homedir();
+  const home = deps.env.HOME ?? import_node_os9.default.homedir();
   const bins = ["node", "codex", "mrrlin-mcp"].map((b) => deps.which(b));
   if (bins.some((b) => !b)) {
     deps.log("Could not resolve absolute paths for node/codex/mrrlin-mcp on PATH. Install them or fix PATH.");
@@ -48520,7 +48504,7 @@ function installService(deps) {
     return { ok: false };
   }
   const resolvedBins = bins.filter((b) => b !== null);
-  const pathEnv = Array.from(new Set(resolvedBins.map((b) => import_node_path17.default.dirname(b)))).join(":");
+  const pathEnv = Array.from(new Set(resolvedBins.map((b) => import_node_path16.default.dirname(b)))).join(":");
   const text = renderEcosystemConfig({
     cwd: resolved.cwd,
     home,
@@ -48529,7 +48513,7 @@ function installService(deps) {
     staging: deps.env.MRRLIN_STAGING === "1",
     apiBaseUrl: deps.env.MRRLIN_API_BASE_URL?.trim() || void 0
   });
-  const ecoPath = import_node_path17.default.join(home, ".mrrlin", "ecosystem.config.cjs");
+  const ecoPath = import_node_path16.default.join(home, ".mrrlin", "ecosystem.config.cjs");
   deps.writeFile(ecoPath, text);
   const start = deps.runPm2(["startOrReload", ecoPath]);
   if (start.code !== 0) {
@@ -48560,13 +48544,13 @@ function uninstallService(deps) {
 
 // src/uninstall-codex.ts
 var import_promises4 = __toESM(require("node:fs/promises"), 1);
-var import_node_os9 = __toESM(require("node:os"), 1);
-var import_node_path18 = __toESM(require("node:path"), 1);
+var import_node_os10 = __toESM(require("node:os"), 1);
+var import_node_path17 = __toESM(require("node:path"), 1);
 var toml2 = __toESM(require_toml(), 1);
 function resolveCodexHome2(options) {
   if (options.codexHome) return options.codexHome;
   if (process.env.CODEX_HOME) return process.env.CODEX_HOME;
-  return import_node_path18.default.join(options.homeDir ?? import_node_os9.default.homedir(), ".codex");
+  return import_node_path17.default.join(options.homeDir ?? import_node_os10.default.homedir(), ".codex");
 }
 async function pathExists3(target) {
   try {
@@ -48579,7 +48563,7 @@ async function pathExists3(target) {
 var MRRLIN_BLOCK_RE2 = /(^|\n)\[mcp_servers\.mrrlin(?:\]|\.[^\]\n]*\])[\s\S]*?(?=\n\[|$)/g;
 async function uninstallCodex(options = {}) {
   const codexHome = resolveCodexHome2(options);
-  const configPath = import_node_path18.default.join(codexHome, "config.toml");
+  const configPath = import_node_path17.default.join(codexHome, "config.toml");
   const removePrompts = async () => uninstallPrompts(codexHome, options.promptNames ?? []);
   if (!await pathExists3(configPath)) {
     return { action: "missing", configPath, prompts: await removePrompts() };
@@ -48607,10 +48591,10 @@ async function uninstallCodex(options = {}) {
 }
 async function uninstallPrompts(codexHome, names) {
   if (names.length === 0) return [];
-  const promptsDir2 = import_node_path18.default.join(codexHome, "prompts");
+  const promptsDir2 = import_node_path17.default.join(codexHome, "prompts");
   const out = [];
   for (const name of names) {
-    const promptPath = import_node_path18.default.join(promptsDir2, `${name}.md`);
+    const promptPath = import_node_path17.default.join(promptsDir2, `${name}.md`);
     try {
       await import_promises4.default.unlink(promptPath);
       out.push({ name, action: "removed", promptPath });
@@ -48628,15 +48612,15 @@ async function uninstallPrompts(codexHome, names) {
 
 // src/report-issue-prompt.ts
 var import_node_fs13 = __toESM(require("node:fs"), 1);
-var import_node_path19 = __toESM(require("node:path"), 1);
+var import_node_path18 = __toESM(require("node:path"), 1);
 var import_node_url2 = require("node:url");
 var import_meta2 = {};
 function promptsDir() {
-  if (typeof __dirname !== "undefined") return import_node_path19.default.join(__dirname, "prompts");
-  return import_node_path19.default.join(import_node_path19.default.dirname((0, import_node_url2.fileURLToPath)(import_meta2.url)), "prompts");
+  if (typeof __dirname !== "undefined") return import_node_path18.default.join(__dirname, "prompts");
+  return import_node_path18.default.join(import_node_path18.default.dirname((0, import_node_url2.fileURLToPath)(import_meta2.url)), "prompts");
 }
 function readReportIssuePrompt() {
-  return import_node_fs13.default.readFileSync(import_node_path19.default.join(promptsDir(), "report-issue.md"), "utf8");
+  return import_node_fs13.default.readFileSync(import_node_path18.default.join(promptsDir(), "report-issue.md"), "utf8");
 }
 
 // src/bin.ts
@@ -48662,14 +48646,18 @@ Usage:
 
   mrrlin-mcp install-codex      Idempotently register Mrrlin in
   [--force]                     ~/.codex/config.toml (or CODEX_HOME). Adds an
-                                [mcp_servers.mrrlin] block AND drops the bundled
+  [--force-prompts]             [mcp_servers.mrrlin] block AND drops the bundled
                                 slash-command prompts (currently: /report-issue)
                                 into <CODEX_HOME>/prompts/. Development
                                 checkouts register the local dist/bin.cjs;
                                 published npm installs register
                                 \`mrrlin-mcp serve\`.
-                                --force replaces
-                                an existing conflicting block.
+                                --force replaces an existing conflicting block.
+                                --force-prompts overwrites prompt files that
+                                already exist with different content. WITHOUT it,
+                                local edits to <CODEX_HOME>/prompts/<name>.md are
+                                preserved across patch releases (reported as
+                                'skipped-modified').
 
   mrrlin-mcp director-bridge    Run a local ws://127.0.0.1 (plain HTTP +
                                 WebSocket) bridge that lets the web Director
@@ -48747,12 +48735,26 @@ Usage:
                                 binary) and the Settings credential revoke. Leaves
                                 global pm2 alone (it may be used elsewhere).
 
+  mrrlin-mcp redact             Scrub known secret shapes (GitHub PATs,
+                                Bearer/JWT tokens, long hex / base64-ish runs)
+                                from stdin and write the result to stdout. Same
+                                regex set as the bridge logger. Empty input ->
+                                empty output, exit 0. Used by the /report-issue
+                                prompt to ensure no raw text reaches Telegram:
+                                  printf %s "$HINT" | mrrlin-mcp redact
+
   mrrlin-mcp report-issue       Print the bundled support-report prompt to
                                 stdout. Normal users don't need this \u2014 install-codex
                                 already drops it as a /report-issue slash command.
-                                Useful for: piping it ad-hoc to a non-Codex client,
-                                inspecting the shipped contents, or repairing a
-                                deleted prompt file:
+                                Operator usage from inside Codex (paste a hint \u2014
+                                pasted error blurb, weird output quote, one-line
+                                description, or sessionId):
+                                  /report-issue Codex hung after sending a turn
+                                  /report-issue [paste failing stack here]
+                                The prompt greps the bridge log for that hint
+                                and only asks follow-ups the log doesn't already
+                                answer. Useful for: piping ad-hoc, inspecting
+                                shipped contents, repairing a deleted file:
                                   codex "$(mrrlin-mcp report-issue)"
                                   mrrlin-mcp report-issue > ~/.codex/prompts/report-issue.md
 
@@ -48779,10 +48781,12 @@ async function main() {
     }
     case "install-codex": {
       const force = rest.includes("--force");
+      const forcePrompts = rest.includes("--force-prompts");
       const binPath = resolveSelfBinPath();
       const result = await installCodex({
         binPath,
         force,
+        forcePrompts,
         prompts: [{ name: "report-issue", content: readReportIssuePrompt() }]
       });
       process.stderr.write(`[mrrlin-mcp install-codex] ${result.action} ${result.configPath}
@@ -48790,7 +48794,22 @@ async function main() {
       for (const p of result.prompts) {
         process.stderr.write(`[mrrlin-mcp install-codex] prompt ${p.name}: ${p.action} ${p.promptPath}
 `);
+        if (p.action === "skipped-modified") {
+          process.stderr.write(
+            `[mrrlin-mcp install-codex] prompt ${p.name}: kept your local edits; run with --force-prompts to overwrite (or delete ${p.promptPath} to take the new bundled version)
+`
+          );
+        }
+      }
+      return;
+    }
+    case "redact": {
+      const chunks = [];
+      for await (const chunk of process.stdin) {
+        chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
       }
+      const input = Buffer.concat(chunks).toString("utf8");
+      process.stdout.write(redact(input));
       return;
     }
     case "report-issue": {
@@ -48813,7 +48832,7 @@ async function main() {
         env: process.env,
         cwd: process.cwd(),
         writeFile: (p, c) => {
-          (0, import_node_fs14.mkdirSync)(import_node_path21.default.dirname(p), { recursive: true, mode: 448 });
+          (0, import_node_fs14.mkdirSync)(import_node_path20.default.dirname(p), { recursive: true, mode: 448 });
           (0, import_node_fs14.writeFileSync)(p, c, { mode: 384 });
         },
         runPm2: pm2Runner,
@@ -48838,14 +48857,14 @@ async function main() {
         purgeSecret: purge,
         secretPath: agentCredentialPath(),
         tokenPath: operatorTokenPath(),
-        ecoPath: import_node_path21.default.join(process.env.HOME ?? (0, import_node_os10.homedir)(), ".mrrlin", "ecosystem.config.cjs"),
+        ecoPath: import_node_path20.default.join(process.env.HOME ?? (0, import_node_os11.homedir)(), ".mrrlin", "ecosystem.config.cjs"),
         log: (m) => process.stderr.write(`[mrrlin-mcp uninstall-service] ${m}
 `)
       });
       return;
     }
     case "uninstall": {
-      const home = process.env.HOME ?? (0, import_node_os10.homedir)();
+      const home = process.env.HOME ?? (0, import_node_os11.homedir)();
       const log = (m) => process.stderr.write(`[mrrlin-mcp uninstall] ${m}
 `);
       uninstallService({
@@ -48859,7 +48878,7 @@ async function main() {
         purgeSecret: true,
         secretPath: agentCredentialPath(),
         tokenPath: operatorTokenPath(),
-        ecoPath: import_node_path21.default.join(home, ".mrrlin", "ecosystem.config.cjs"),
+        ecoPath: import_node_path20.default.join(home, ".mrrlin", "ecosystem.config.cjs"),
         log
       });
       let codexOk = true;
@@ -48879,7 +48898,7 @@ async function main() {
         log(`codex config NOT modified: ${error51 instanceof Error ? error51.message : String(error51)}`);
       }
       try {
-        (0, import_node_fs14.rmSync)(import_node_path21.default.join(home, ".mrrlin"), { recursive: true, force: true });
+        (0, import_node_fs14.rmSync)(import_node_path20.default.join(home, ".mrrlin"), { recursive: true, force: true });
       } catch {
       }
       log("removed ~/.mrrlin");
@@ -48920,7 +48939,7 @@ ${HELP_TEXT}`);
   }
 }
 function resolveSelfBinPath() {
-  return import_node_path20.default.resolve(process.argv[1] ?? process.execPath);
+  return import_node_path19.default.resolve(process.argv[1] ?? process.execPath);
 }
 main().catch((error51) => {
   process.stderr.write(`mrrlin-mcp fatal error: ${error51 instanceof Error ? error51.message : String(error51)}

package/dist/prompts/report-issue.md

@@ -34,16 +34,32 @@ below, so leaking the token costs at most some spam in that chat — rotate via
 
 ## What to do
 
-### 1. Read the Director bridge log
+### 1. Take the user's hint as the search key
 
-The bridge writes one JSON object per line to a daily file. Find the log dir, in
-this order, and use the first that exists:
+When the operator invokes `/report-issue`, they typically include a hint along
+with the command — a pasted error blurb, a quote of weird output, a one-line
+description, or a `sessionId`/`spanId` they copied. **That hint is your primary
+search key.** Do not blindly read the tail of the latest log.
+
+Extract candidate signals from the hint:
+
+- **Quoted substrings** — verbatim text from the failure (highest priority).
+- **Error words** — "error", "failed", "timeout", "401", "500", "ENOENT", stack-trace fragments.
+- **Identifiers** — `sessionId` (uuid-shaped) or `spanId` if pasted.
+- **Time hints** — "just now", "5 minutes ago", "today around 14:00".
+
+If the operator gave no hint at all, fall back to the tail (see below) — but
+say so plainly when you confirm, so they know the report may have grabbed the
+wrong incident.
+
+### 2. Find the relevant log window
+
+Logs live at the first existing dir:
 
 1. `$CODEX_HOME/mrrlin/director-bridge/logs/` (only if `CODEX_HOME` is set)
 2. `~/.mrrlin/director-bridge/logs/`
 
-Pick the **most recent** `bridge-YYYY-MM-DD.jsonl` file (filenames are UTC dates;
-sort descending). Read roughly the **last 200 lines**. Each line looks like:
+Files are `bridge-YYYY-MM-DD.jsonl` (UTC dates). Sort newest-first. Each line:
 
 ```json
 {"ts":"...","dir":"in|out","spanId":"...","sessionId":"...","type":"turn|event|error|...","ms":123,"payload":{...}}
@@ -52,58 +68,94 @@ sort descending). Read roughly the **last 200 lines**. Each line looks like:
 Secrets are already redacted by the logger (tokens show as `[REDACTED]`), so the
 log lines are safe to forward as-is.
 
-From the tail, extract:
+**With a hint** — grep across the **3 most recent files** (today + last 2 days)
+in this signal order, stopping at the first that matches:
+
+1. The literal quoted substring from the hint (case-insensitive).
+2. The `sessionId` or `spanId` from the hint.
+3. Error-word lines clustered near any time hint the user gave.
+
+Pick the **most recent** matching cluster. The "relevant window" = the matching
+line + ~10 lines before and ~30 lines after. If the matching line has a
+`sessionId`, bound the window to that session.
+
+**Without a hint** — read the last ~200 lines of the newest file. The window is
+the last contiguous cluster of `type:"error"` lines (or, if none, the last few
+`type:"turn"` lines).
 
-- Every line with `type:"error"` (and any `dir:"out"` payload that looks like a failure — non-2xx HTTP, stack traces, "failed", "timeout").
-- The last few `type:"turn"` lines for context on what the user was doing.
-- The latest `sessionId` and the `spanId`s tied to the errors.
-- `ts` of the first and last relevant lines (the time window).
+From the relevant window extract:
 
-If no log dir or file exists, or the tail has no errors, say so plainly and rely
-on what the user tells you in step 2 — still send the report.
+- Every `type:"error"` line and any `dir:"out"` payload that looks like a failure (non-2xx HTTP, stack traces, "failed", "timeout").
+- The last few `type:"turn"` lines before the failure (what the user was doing).
+- The `sessionId` and `spanId`s tied to the failure.
+- `ts` of the first and last lines in the window.
 
-### 2. Ask the user — in THEIR language
+If the log dir doesn't exist, or the hint matches nothing in the last 3 days,
+say so plainly and lean on the user's answers in step 3 — still send the report.
 
-Detect the language the user is writing in and ask in that language. Keep it to a
-few short questions, ask them **once**, don't interrogate. Cover:
+### 3. Ask the user — in THEIR language — only what the log doesn't already tell you
 
-- **What were you doing** when it broke?
-- **What actually happened** (the symptom they saw)?
-- **What did you expect to happen instead?** — ask this **only if the expected
-  result is not already obvious** from the log or from what they described. If
-  it's obvious, infer it and skip the question.
+Detect the language the user is writing in and ask in that language. Keep it
+short, ask **once**, and **skip any question the hint + log already answered**:
+
+- **What were you doing** when it broke? — skip if the hint or the preceding `type:"turn"` lines make this obvious.
+- **What actually happened (the symptom)?** — skip if the hint is itself a verbatim error/output.
+- **What did you expect to happen instead?** — ask only if the expected result is not obvious from the log or hint.
 
 If the user gives short or partial answers, accept them and move on. Never block
 the report on a perfect answer.
 
-### 3. Package the report (in ENGLISH)
+### 4. Package the report (in ENGLISH) — every string passes through `mrrlin-mcp redact`
 
 Translate the user's answers to English. Build a plain-text report. Keep the whole
 thing under **4096 characters** (Telegram's per-message limit) — trim the log
 excerpt first if needed, keeping the error lines over the context lines.
 
+**Hard rule:** every free-form string going into the report — the user's hint,
+their answers, the log excerpt — passes through the shipped scrubber first.
+There is no "but the log is already redacted by the logger" exception: the hint
+and the user's answers come from outside the logger, so they MUST be scrubbed
+here. Run each through:
+
+```bash
+HINT_REDACTED=$(printf %s "$USER_HINT_RAW" | mrrlin-mcp redact)
+EXCERPT_REDACTED=$(mrrlin-mcp redact < /tmp/excerpt-raw.txt)
+# (repeat for each user answer)
+```
+
+`mrrlin-mcp redact` reads stdin and writes the redacted bytes to stdout
+(empty input → empty output, exit 0). It uses the same regex set as the
+bridge logger (Bearer/JWT/GitHub-PAT/long-hex/long-base64). It is best-effort,
+not a guarantee — but it is the floor below which raw text is never allowed.
+
+Use the redacted versions to fill the template:
+
 ```
 🛠️ Mrrlin issue report
 When (UTC): <iso timestamp of the report>
 Mrrlin MCP: v<version if known>  |  OS: <platform>  |  Node: <version>
 
+▶ User hint (verbatim, post-redaction):
+<HINT_REDACTED; "(none)" if absent>
+
 ▶ What the user was doing:
-<their answer, in English>
+<their answer, in English, post-redaction>
 
 ▶ Expected result:
-<their answer, or "(obvious from context: ...)", or "(not provided)">
+<their answer, post-redaction; or "(obvious from context: ...)"; or "(not provided)">
 
 ▶ Actual result / symptom:
-<their answer, in English>
+<their answer, in English, post-redaction>
 
-▶ Errors from bridge log (<filename>):
-<the extracted error lines, verbatim — already redacted>
+▶ Errors from bridge log (<filename>, search strategy: <hint-driven | tail-fallback>):
+matched on: "<the exact line that triggered the cluster, truncated to 80 chars; or '(no hint provided)' for tail-fallback>"
+<EXCERPT_REDACTED — first the error lines, then the surrounding context>
 
 ▶ Context:
 session=<sessionId>  spanIds=<...>  window=<first ts>..<last ts>
 ```
 
-### 4. Send it — a single POST to Telegram
+### 5. Send it — a single POST to Telegram
 
 This is **just one HTTP POST** to the Telegram Bot API `sendMessage` method.
 Endpoint and shape:
@@ -141,15 +193,17 @@ curl -sS -X POST \
   -F "document=@<path-to-bridge-YYYY-MM-DD.jsonl>"
 ```
 
-### 5. Confirm
+### 6. Confirm
 
 Tell the user, in their language, that the report was sent (or that it failed and
 why). Don't dump the raw report or the token back at them — just confirm.
 
 ## Rules
 
-- Ask the user in their language; write the report in English.
+- **Every string going into the Telegram body comes out of `mrrlin-mcp redact`** — the user's hint, every translated user answer, the log excerpt. If your pipeline has a path that builds the body from raw text, you are doing it wrong. The bridge logger already redacts what it writes; the hint and the user's answers do NOT come from the logger and must be scrubbed here.
+- The operator's hint drives log search. Tail-fallback is the explicit fallback when no hint is provided.
+- `matched on:` must contain the literal line that triggered the cluster (truncated to 80 chars), so the channel reader can verify the match instead of trusting an LLM assertion.
+- Ask the user in their language; write the report in English. Skip any question the hint + log already answered.
 - Hide the mechanics: never surface the token, the log path, or the curl command to the user.
-- Forward log lines as-is — they're already secret-redacted. Do not paste anything that looks like a live token even if you see one.
 - One report = one `sendMessage` POST. Keep it under 4096 chars; use `sendDocument` only for the optional full log.
-- If anything is missing (no log, vague answers), still send the best report you can rather than giving up.
+- If anything is missing (no log match, vague answers), still send the best report you can rather than giving up — and say in the report which search strategy you used and what `matched on:` you found.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mrrlin-dev/mcp",
-  "version": "0.2.4",
+  "version": "0.2.6",
   "type": "module",
   "bin": {
     "mrrlin-mcp": "dist/bin.cjs"
@@ -21,11 +21,11 @@
     "esbuild": "^0.24.0",
     "tsx": "^4.22.3",
     "@mrrlin/client": "0.0.0",
-    "@mrrlin/codex-client": "0.0.0",
     "@mrrlin/director-e2e": "0.0.0",
+    "@mrrlin/wiki": "0.0.0",
+    "@mrrlin/codex-client": "0.0.0",
     "@mrrlin/schemas": "0.0.0",
-    "@mrrlin/tsconfig": "0.0.0",
-    "@mrrlin/wiki": "0.0.0"
+    "@mrrlin/tsconfig": "0.0.0"
   },
   "dependencies": {
     "@iarna/toml": "^2.2.5",