@node9/proxy 1.29.0 → 1.30.0

package/dist/cli.js

@@ -74,8 +74,13 @@ __export(audit_exports, {
   appendHookDebug: () => appendHookDebug,
   appendLocalAudit: () => appendLocalAudit,
   appendToLog: () => appendToLog,
+  buildArgsPreview: () => buildArgsPreview,
+  generateEventId: () => generateEventId,
   redactSecrets: () => redactSecrets
 });
+function generateEventId() {
+  return `${Date.now().toString(36)}-${import_crypto2.default.randomBytes(6).toString("hex")}`;
+}
 function isTestCall(toolName, args) {
   if (toolName !== "Bash" && toolName !== "bash") return false;
   const cmd = args?.command;
@@ -94,6 +99,17 @@ function redactSecrets(text) {
   );
   return redacted;
 }
+function buildArgsPreview(args) {
+  try {
+    const o = args && typeof args === "object" ? args : null;
+    const primary = o && (o.command ?? o.file_path ?? o.path ?? o.url ?? o.query);
+    const text = typeof primary === "string" ? primary : args ? JSON.stringify(args) : "";
+    if (!text) return void 0;
+    return redactSecrets(text).slice(0, 120);
+  } catch {
+    return void 0;
+  }
+}
 function appendToLog(logPath, entry) {
   try {
     const dir = import_path.default.dirname(logPath);
@@ -116,11 +132,18 @@ function appendHookDebug(toolName, args, meta, auditHashArgsEnabled) {
   });
 }
 function appendLocalAudit(toolName, args, decision, checkedBy, meta, auditHashArgsEnabled) {
-  const argsField = auditHashArgsEnabled ? { argsHash: hashArgs(args) } : { args: args ? JSON.parse(redactSecrets(JSON.stringify(args))) : {} };
+  const isDlpRow = checkedBy.toLowerCase().includes("dlp") || Boolean(meta?.dlpPattern);
+  const preview2 = auditHashArgsEnabled && !isDlpRow ? buildArgsPreview(args) : void 0;
+  const argsField = auditHashArgsEnabled ? { argsHash: hashArgs(args), ...preview2 ? { argsPreview: preview2 } : {} } : { args: args ? JSON.parse(redactSecrets(JSON.stringify(args))) : {} };
   const testRun = isTestCall(toolName, args) || process.env.NODE9_TESTING === "1" ? { testRun: true } : {};
   const ruleNameField = meta?.ruleName ? { ruleName: meta.ruleName } : {};
   const agentToolNameField = meta?.agentToolName ? { agentToolName: meta.agentToolName } : {};
+  const dlpFields = meta?.dlpPattern ? { dlpPattern: meta.dlpPattern, dlpSample: meta.dlpSample } : {};
+  const cloudLinkField = meta?.cloudRequestId ? { cloudRequestId: meta.cloudRequestId } : {};
   appendToLog(LOCAL_AUDIT_LOG, {
+    // eid first: the outbox shipper dedups on it, and a fixed leading field
+    // makes the JSONL easy to eyeball.
+    eid: generateEventId(),
     ts: (/* @__PURE__ */ new Date()).toISOString(),
     tool: toolName,
     ...agentToolNameField,
@@ -128,6 +151,8 @@ function appendLocalAudit(toolName, args, decision, checkedBy, meta, auditHashAr
     decision,
     checkedBy,
     ...ruleNameField,
+    ...dlpFields,
+    ...cloudLinkField,
     ...testRun,
     agent: meta?.agent,
     mcpServer: meta?.mcpServer,
@@ -142,13 +167,14 @@ function appendConfigAudit(entry) {
     hostname: import_os.default.hostname()
   });
 }
-var import_fs, import_path, import_os, LOCAL_AUDIT_LOG, HOOK_DEBUG_LOG, TEST_COMMAND_RE;
+var import_fs, import_path, import_os, import_crypto2, LOCAL_AUDIT_LOG, HOOK_DEBUG_LOG, TEST_COMMAND_RE;
 var init_audit = __esm({
   "src/audit/index.ts"() {
     "use strict";
     import_fs = __toESM(require("fs"));
     import_path = __toESM(require("path"));
     import_os = __toESM(require("os"));
+    import_crypto2 = __toESM(require("crypto"));
     init_hasher();
     LOCAL_AUDIT_LOG = import_path.default.join(import_os.default.homedir(), ".node9", "audit.log");
     HOOK_DEBUG_LOG = import_path.default.join(import_os.default.homedir(), ".node9", "hook-debug.log");
@@ -174,8 +200,8 @@ function sanitizeConfig(raw) {
     }
   }
   const lines = result.error.issues.map((issue) => {
-    const path50 = issue.path.length > 0 ? issue.path.join(".") : "root";
-    return `  \u2022 ${path50}: ${issue.message}`;
+    const path51 = issue.path.length > 0 ? issue.path.join(".") : "root";
+    return `  \u2022 ${path51}: ${issue.message}`;
   });
   return {
     sanitized,
@@ -261,7 +287,13 @@ var init_config_schema = __esm({
         allowGlobalPause: import_zod.z.boolean().optional(),
         auditHashArgs: import_zod.z.boolean().optional(),
         agentPolicy: import_zod.z.enum(["require_approval", "block_on_rules"]).optional(),
-        cloudSyncIntervalHours: import_zod.z.number().positive().optional()
+        cloudSyncIntervalHours: import_zod.z.number().positive().optional(),
+        // Outbox shipper (audit.log → SaaS batch ingest). enabled defaults
+        // to true; set false to fall back to local-only auditing.
+        shipper: import_zod.z.object({
+          enabled: import_zod.z.boolean().optional(),
+          intervalSeconds: import_zod.z.number().min(5).optional()
+        }).optional()
       }).optional(),
       policy: import_zod.z.object({
         sandboxPaths: import_zod.z.array(import_zod.z.string()).optional(),
@@ -1007,9 +1039,9 @@ function matchesPattern(text, patterns) {
   const withoutDotSlash = text.replace(/^\.\//, "");
   return isMatch(withoutDotSlash) || isMatch(`./${withoutDotSlash}`);
 }
-function getNestedValue(obj, path50) {
+function getNestedValue(obj, path51) {
   if (!obj || typeof obj !== "object") return null;
-  const segments = path50.split(".");
+  const segments = path51.split(".");
   for (const seg of segments) {
     if (FORBIDDEN_PATH_SEGMENTS.has(seg)) return null;
   }
@@ -1371,7 +1403,7 @@ function assertBuiltinShieldRegexesAreSafe() {
 }
 function computeArgsHash(args) {
   const str = JSON.stringify(args ?? "");
-  return import_crypto2.default.createHash("sha256").update(str).digest("hex").slice(0, 16);
+  return import_crypto3.default.createHash("sha256").update(str).digest("hex").slice(0, 16);
 }
 function evaluateLoopWindow(records, tool, args, threshold, windowMs, now) {
   const hash = computeArgsHash(args);
@@ -1853,7 +1885,7 @@ function* stringValues(obj, depth = 0) {
   }
   for (const v of Object.values(obj)) yield* stringValues(v, depth + 1);
 }
-var import_safe_regex2, import_mvdan_sh, import_picomatch, import_safe_regex22, import_safe_regex23, import_crypto2, ASSIGNMENT_CONTEXT_RE, DLP_STOPWORDS, DLP_PATTERNS, DLP_PATTERNS_GLOBAL, SENSITIVE_PATH_PATTERNS, MAX_DEPTH, MAX_STRING_BYTES, MAX_JSON_PARSE_BYTES, syntax, sharedParser, MESSAGE_FLAGS, SHELL_INTERPRETERS, DOWNLOAD_CMDS, NORMALIZE_CACHE_MAX, normalizeCache, AST_CACHE_MAX, astCache, PARSE_FAIL, FS_READ_TOOLS, FS_OP_PRESCREEN_RE, HOME_CACHE_ALLOWLIST, SENSITIVE_PATH_RULES, BASH_TOOL_NAMES, AST_FS_REGEX_RULES, FS_OP_CACHE_MAX, fsOpCache, SOURCE_COMMANDS, SINK_COMMANDS, OBFUSCATORS, SENSITIVE_PATTERNS, FLAGS_WITH_VALUES, MAX_REGEX_LENGTH, REGEX_CACHE_MAX, regexCache, FORBIDDEN_PATH_SEGMENTS, SQL_DML_KEYWORDS, aws_default, bash_safe_default, docker_default, filesystem_default, github_default, k8s_default, mongodb_default, postgres_default, project_jail_default, redis_default, BUILTIN_SHIELDS, LOOP_MAX_RECORDS, FINDING_TO_SIGNAL, SCAN_SIGNAL_WEIGHTS, LOOP_THRESHOLD_FOR_WASTE, COST_PER_LOOP_ITER_USD, DESTRUCTIVE_OP_RE, SENSITIVE_PATH_RE, FILE_TOOLS, PII_EMAIL_RE, PII_SSN_RE, PII_PHONE_RE, PII_CC_RE, LONG_OUTPUT_THRESHOLD_BYTES, CANONICAL_EXTRACTOR_VERSION, DEDUPE_PREVIEW_LEN, TERMINAL_ESCAPE_RE;
+var import_safe_regex2, import_mvdan_sh, import_picomatch, import_safe_regex22, import_safe_regex23, import_crypto3, ASSIGNMENT_CONTEXT_RE, DLP_STOPWORDS, DLP_PATTERNS, DLP_PATTERNS_GLOBAL, SENSITIVE_PATH_PATTERNS, MAX_DEPTH, MAX_STRING_BYTES, MAX_JSON_PARSE_BYTES, syntax, sharedParser, MESSAGE_FLAGS, SHELL_INTERPRETERS, DOWNLOAD_CMDS, NORMALIZE_CACHE_MAX, normalizeCache, AST_CACHE_MAX, astCache, PARSE_FAIL, FS_READ_TOOLS, FS_OP_PRESCREEN_RE, HOME_CACHE_ALLOWLIST, SENSITIVE_PATH_RULES, BASH_TOOL_NAMES, AST_FS_REGEX_RULES, FS_OP_CACHE_MAX, fsOpCache, SOURCE_COMMANDS, SINK_COMMANDS, OBFUSCATORS, SENSITIVE_PATTERNS, FLAGS_WITH_VALUES, MAX_REGEX_LENGTH, REGEX_CACHE_MAX, regexCache, FORBIDDEN_PATH_SEGMENTS, SQL_DML_KEYWORDS, aws_default, bash_safe_default, docker_default, filesystem_default, github_default, k8s_default, mongodb_default, postgres_default, project_jail_default, redis_default, BUILTIN_SHIELDS, LOOP_MAX_RECORDS, FINDING_TO_SIGNAL, SCAN_SIGNAL_WEIGHTS, LOOP_THRESHOLD_FOR_WASTE, COST_PER_LOOP_ITER_USD, DESTRUCTIVE_OP_RE, SENSITIVE_PATH_RE, FILE_TOOLS, PII_EMAIL_RE, PII_SSN_RE, PII_PHONE_RE, PII_CC_RE, LONG_OUTPUT_THRESHOLD_BYTES, CANONICAL_EXTRACTOR_VERSION, DEDUPE_PREVIEW_LEN, TERMINAL_ESCAPE_RE;
 var init_dist = __esm({
   "packages/policy-engine/dist/index.mjs"() {
     "use strict";
@@ -1862,7 +1894,7 @@ var init_dist = __esm({
     import_picomatch = __toESM(require("picomatch"), 1);
     import_safe_regex22 = __toESM(require("safe-regex2"), 1);
     import_safe_regex23 = __toESM(require("safe-regex2"), 1);
-    import_crypto2 = __toESM(require("crypto"), 1);
+    import_crypto3 = __toESM(require("crypto"), 1);
     ASSIGNMENT_CONTEXT_RE = /\b(?:password|passwd|secret|token|api[_-]?key|auth(?:_key|_token)?|credential|private[_-]?key|access[_-]?key|client[_-]?secret)\s*[=:]\s*/i;
     DLP_STOPWORDS = [
       "example",
@@ -3487,7 +3519,7 @@ function readShieldsFile() {
 }
 function writeShieldsFile(data) {
   import_fs2.default.mkdirSync(import_path2.default.dirname(SHIELDS_STATE_FILE), { recursive: true });
-  const tmp = `${SHIELDS_STATE_FILE}.${import_crypto3.default.randomBytes(6).toString("hex")}.tmp`;
+  const tmp = `${SHIELDS_STATE_FILE}.${import_crypto4.default.randomBytes(6).toString("hex")}.tmp`;
   const toWrite = { active: data.active };
   if (data.overrides && Object.keys(data.overrides).length > 0) toWrite.overrides = data.overrides;
   import_fs2.default.writeFileSync(tmp, JSON.stringify(toWrite, null, 2), { mode: 384 });
@@ -3577,18 +3609,18 @@ function installShield(name, shieldJson) {
   }
   import_fs2.default.mkdirSync(USER_SHIELDS_DIR, { recursive: true });
   const filePath = import_path2.default.join(USER_SHIELDS_DIR, `${name}.json`);
-  const tmp = `${filePath}.${import_crypto3.default.randomBytes(6).toString("hex")}.tmp`;
+  const tmp = `${filePath}.${import_crypto4.default.randomBytes(6).toString("hex")}.tmp`;
   import_fs2.default.writeFileSync(tmp, JSON.stringify(shieldJson, null, 2), { mode: 384 });
   import_fs2.default.renameSync(tmp, filePath);
 }
-var import_fs2, import_path2, import_os2, import_crypto3, USER_SHIELDS_DIR, SHIELDS, SHIELDS_STATE_FILE, RULE_KEY_MIGRATIONS;
+var import_fs2, import_path2, import_os2, import_crypto4, USER_SHIELDS_DIR, SHIELDS, SHIELDS_STATE_FILE, RULE_KEY_MIGRATIONS;
 var init_shields = __esm({
   "src/shields.ts"() {
     "use strict";
     import_fs2 = __toESM(require("fs"));
     import_path2 = __toESM(require("path"));
     import_os2 = __toESM(require("os"));
-    import_crypto3 = __toESM(require("crypto"));
+    import_crypto4 = __toESM(require("crypto"));
     init_dist();
     init_dist();
     USER_SHIELDS_DIR = import_path2.default.join(import_os2.default.homedir(), ".node9", "shields");
@@ -3676,7 +3708,8 @@ function getConfig(cwd) {
   const projectConfig = tryLoadConfig(projectPath);
   const mergedSettings = {
     ...DEFAULT_CONFIG.settings,
-    approvers: { ...DEFAULT_CONFIG.settings.approvers }
+    approvers: { ...DEFAULT_CONFIG.settings.approvers },
+    shipper: { ...DEFAULT_CONFIG.settings.shipper }
   };
   const mergedPolicy = {
     sandboxPaths: [...DEFAULT_CONFIG.policy.sandboxPaths],
@@ -3707,6 +3740,7 @@ function getConfig(cwd) {
     if (s.enableHookLogDebug !== void 0)
       mergedSettings.enableHookLogDebug = s.enableHookLogDebug;
     if (s.approvers) mergedSettings.approvers = { ...mergedSettings.approvers, ...s.approvers };
+    if (s.shipper) mergedSettings.shipper = { ...mergedSettings.shipper, ...s.shipper };
     if (s.approvalTimeoutMs !== void 0) mergedSettings.approvalTimeoutMs = s.approvalTimeoutMs;
     if (s.approvalTimeoutSeconds !== void 0 && s.approvalTimeoutMs === void 0)
       mergedSettings.approvalTimeoutMs = s.approvalTimeoutSeconds * 1e3;
@@ -3907,7 +3941,8 @@ var init_config = __esm({
         flightRecorder: true,
         auditHashArgs: true,
         approvers: { native: true, browser: false, cloud: false, terminal: true },
-        cloudSyncIntervalHours: 5
+        cloudSyncIntervalHours: 5,
+        shipper: { enabled: true, intervalSeconds: 20 }
       },
       policy: {
         sandboxPaths: ["/tmp/**", "**/sandbox/**", "**/test-results/**"],
@@ -5450,55 +5485,6 @@ function validateApiUrl(raw) {
   }
   return null;
 }
-function auditLocalAllow(toolName, args, checkedBy, creds, meta, dlpInfo, containsSensitiveArgs = false, riskMetadata) {
-  const validated = validateApiUrl(creds.apiUrl);
-  if (!validated) {
-    try {
-      import_fs10.default.appendFileSync(
-        HOOK_DEBUG_LOG,
-        `[audit] refused to send: invalid apiUrl scheme/host (got "${String(creds.apiUrl).slice(0, 200)}")
-`
-      );
-    } catch {
-    }
-    return Promise.resolve();
-  }
-  const safeArgs = containsSensitiveArgs ? { tool: toolName, redacted: true } : args;
-  const dlpSample = dlpInfo && typeof dlpInfo.redactedSample === "string" ? dlpInfo.redactedSample.slice(0, DLP_SAMPLE_MAX_LEN) : void 0;
-  const dlpPattern = dlpInfo && typeof dlpInfo.pattern === "string" ? dlpInfo.pattern.slice(0, DLP_PATTERN_MAX_LEN) : void 0;
-  const safeCheckedBy = KNOWN_CHECKED_BY.has(checkedBy) ? checkedBy : "unknown";
-  const cleanedRiskMetadata = riskMetadata ? Object.fromEntries(
-    Object.entries(riskMetadata).filter(([, v]) => typeof v === "string" && v.length > 0)
-  ) : void 0;
-  const hasRiskMetadata = cleanedRiskMetadata && Object.keys(cleanedRiskMetadata).length > 0;
-  return fetch(`${validated.toString().replace(/\/$/, "")}/audit`, {
-    method: "POST",
-    headers: { "Content-Type": "application/json", Authorization: `Bearer ${creds.apiKey}` },
-    body: JSON.stringify({
-      toolName,
-      args: safeArgs,
-      checkedBy: safeCheckedBy,
-      ...dlpInfo && { dlpPattern, dlpSample },
-      ...hasRiskMetadata && { riskMetadata: cleanedRiskMetadata },
-      // session_id (Claude Code + Gemini CLI) groups all audit rows from one
-      // agent run; transcript_path is the authoritative pointer to the
-      // session log (survives Gemini resume drift). Both optional —
-      // unsupported agents (MCP-mediated) leave them undefined.
-      ...meta?.sessionId && { runId: meta.sessionId },
-      ...meta?.transcriptPath && { transcriptPath: meta.transcriptPath },
-      context: {
-        agent: meta?.agent,
-        mcpServer: meta?.mcpServer,
-        hostname: import_os9.default.hostname(),
-        cwd: process.cwd(),
-        platform: import_os9.default.platform()
-      }
-    }),
-    signal: AbortSignal.timeout(5e3)
-  }).then(() => {
-  }).catch(() => {
-  });
-}
 async function initNode9SaaS(toolName, args, creds, meta, riskMetadata, agentPolicy, forceReview) {
   const controller = new AbortController();
   const timeout = setTimeout(() => controller.abort(), 1e4);
@@ -5622,7 +5608,7 @@ async function resolveNode9SaaS(requestId, creds, approved, decidedBy) {
     );
   }
 }
-var import_fs10, import_os9, import_path12, DLP_SAMPLE_MAX_LEN, DLP_PATTERN_MAX_LEN, KNOWN_CHECKED_BY;
+var import_fs10, import_os9, import_path12;
 var init_cloud = __esm({
   "src/auth/cloud.ts"() {
     "use strict";
@@ -5630,27 +5616,6 @@ var init_cloud = __esm({
     import_os9 = __toESM(require("os"));
     import_path12 = __toESM(require("path"));
     init_audit();
-    DLP_SAMPLE_MAX_LEN = 200;
-    DLP_PATTERN_MAX_LEN = 100;
-    KNOWN_CHECKED_BY = /* @__PURE__ */ new Set([
-      "dlp-block",
-      "observe-mode-dlp-would-block",
-      "dlp-review-flagged",
-      "loop-detected",
-      "audit-mode",
-      "local-policy",
-      "smart-rule-block",
-      // Smart-rule block was downgraded to review because the daemon was
-      // running and we're not in CI. The block attempt is still recorded;
-      // the user got a popup. Distinct from 'smart-rule-block' so the
-      // dashboard can show "block rule overridden" separately from a hard
-      // block that fired with no human in the loop.
-      "smart-rule-block-override",
-      "persistent",
-      "trust",
-      "observe-mode",
-      "observe-mode-would-block"
-    ]);
   }
 });
 
@@ -5737,7 +5702,7 @@ function notifyActivity(data) {
 }
 async function authorizeHeadless(toolName, args, meta, options) {
   if (!options?.calledFromDaemon) {
-    const actId = (0, import_crypto4.randomUUID)();
+    const actId = (0, import_crypto5.randomUUID)();
     const actTs = Date.now();
     const stripAnsi2 = (s) => s.replace(/\x1b(?:\[[0-9;?]*[a-zA-Z]|\][^\x07\x1b]*(?:\x07|\x1b\\)|[@-_])/g, "");
     const sanitizedAgent = meta?.agent ? stripAnsi2(meta.agent).slice(0, 80) : void 0;
@@ -5832,17 +5797,11 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
             args,
             "deny",
             isObserveMode ? "observe-mode-dlp-would-block" : "dlp-block",
-            meta,
-            true
-          );
-        if (approvers.cloud && creds?.apiKey)
-          auditLocalAllow(
-            toolName,
-            args,
-            isObserveMode ? "observe-mode-dlp-would-block" : "dlp-block",
-            creds,
-            meta,
-            { pattern: dlpMatch.patternName, redactedSample: dlpMatch.redactedSample },
+            {
+              ...meta,
+              dlpPattern: dlpMatch.patternName,
+              dlpSample: dlpMatch.redactedSample
+            },
             true
           );
         if (isWriteTool(toolName) && filePath) {
@@ -5898,9 +5857,6 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
       const policyResult = await evaluatePolicy2(toolName, args, meta?.agent, options?.cwd);
       if (policyResult.decision === "review") {
         appendLocalAudit(toolName, args, "allow", "audit-mode", meta, hashAuditArgs);
-        if (approvers.cloud && creds?.apiKey) {
-          await auditLocalAllow(toolName, args, "audit-mode", creds, meta);
-        }
       }
     }
     return { approved: true, checkedBy: "audit" };
@@ -5913,8 +5869,6 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
         const reason = `It looks like you've called "${toolName}" ${loopResult.count} times with identical arguments in the last ${ld.windowSeconds}s. Are you stuck? Step back and reconsider your approach \u2014 what are you actually trying to accomplish, and is there a different way to get there?`;
         if (!isManual)
           appendLocalAudit(toolName, args, "deny", "loop-detected", meta, hashAuditArgs);
-        if (approvers.cloud && creds?.apiKey)
-          auditLocalAllow(toolName, args, "loop-detected", creds, meta, void 0, true);
         return {
           approved: false,
           reason,
@@ -5933,15 +5887,15 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
       };
     }
     if (policyResult.decision === "allow") {
-      if (approvers.cloud && creds?.apiKey)
-        await auditLocalAllow(toolName, args, "local-policy", creds, meta, void 0, false, {
-          ruleName: policyResult.ruleName,
-          ruleDescription: policyResult.ruleDescription,
-          blockedByLabel: policyResult.blockedByLabel,
-          matchedField: policyResult.matchedField,
-          matchedWord: policyResult.matchedWord
-        });
-      if (!isManual) appendLocalAudit(toolName, args, "allow", "local-policy", meta, hashAuditArgs);
+      if (!isManual)
+        appendLocalAudit(
+          toolName,
+          args,
+          "allow",
+          "local-policy",
+          { ...meta, ruleName: policyResult.ruleName },
+          hashAuditArgs
+        );
       return { approved: true, checkedBy: "local-policy" };
     }
     if (policyResult.decision === "block") {
@@ -5974,23 +5928,6 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
             { ...meta, ruleName: policyResult.ruleName },
             hashAuditArgs
           );
-        if (approvers.cloud && creds?.apiKey)
-          auditLocalAllow(
-            toolName,
-            args,
-            "smart-rule-block-override",
-            creds,
-            meta,
-            void 0,
-            false,
-            {
-              ruleName: policyResult.ruleName,
-              ruleDescription: policyResult.ruleDescription,
-              blockedByLabel: policyResult.blockedByLabel,
-              matchedField: policyResult.matchedField,
-              matchedWord: policyResult.matchedWord
-            }
-          );
         const baseLabel = policyResult.blockedByLabel || "Smart Rule";
         const OVERRIDE_PREFIX = "\u26A0\uFE0F Override block rule: ";
         if (!baseLabel.startsWith(OVERRIDE_PREFIX)) {
@@ -6015,14 +5952,6 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
             { ...meta, ruleName: policyResult.ruleName },
             hashAuditArgs
           );
-        if (approvers.cloud && creds?.apiKey)
-          auditLocalAllow(toolName, args, "smart-rule-block", creds, meta, void 0, false, {
-            ruleName: policyResult.ruleName,
-            ruleDescription: policyResult.ruleDescription,
-            blockedByLabel: policyResult.blockedByLabel,
-            matchedField: policyResult.matchedField,
-            matchedWord: policyResult.matchedWord
-          });
         return {
           approved: false,
           reason: policyResult.reason ?? "Action explicitly blocked by Smart Policy.",
@@ -6051,8 +5980,6 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
     if (policyRuleDescription) riskMetadata.ruleDescription = policyRuleDescription.slice(0, 200);
     const persistent = policyResult.ruleName ? null : getPersistentDecision(toolName);
     if (persistent === "allow") {
-      if (approvers.cloud && creds?.apiKey)
-        await auditLocalAllow(toolName, args, "persistent", creds, meta);
       if (!isManual) appendLocalAudit(toolName, args, "allow", "persistent", meta, hashAuditArgs);
       return { approved: true, checkedBy: "persistent" };
     }
@@ -6085,8 +6012,6 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
     }
   }
   if (!taintWarning && getActiveTrustSession(toolName, args)) {
-    if (approvers.cloud && creds?.apiKey)
-      await auditLocalAllow(toolName, args, "trust", creds, meta);
     if (!isManual) appendLocalAudit(toolName, args, "allow", "trust", meta, hashAuditArgs);
     return { approved: true, checkedBy: "trust" };
   }
@@ -6331,18 +6256,23 @@ REASON: Action blocked because no approval channels are available. (Native/Brows
       args,
       finalResult.approved ? "allow" : "deny",
       finalResult.checkedBy || finalResult.blockedBy || "unknown",
-      meta,
+      // cloudRequestId links this row to the BE-origin AuditLog row the
+      // /intercept handshake created — the shipper hands it to the SaaS so
+      // the BE enriches that row instead of inserting a duplicate. Matters
+      // for EVERY racer outcome, not just cloud wins: a native-popup
+      // decision on a cloud-pending request would otherwise count twice.
+      cloudRequestId ? { ...meta, cloudRequestId } : meta,
       hashAuditArgs
     );
   }
   const enrichedResult = !finalResult.approved && policyRuleDescription && !finalResult.ruleDescription ? { ...finalResult, ruleDescription: policyRuleDescription } : finalResult;
   return enrichedResult;
 }
-var import_crypto4, WRITE_TOOLS;
+var import_crypto5, WRITE_TOOLS;
 var init_orchestrator = __esm({
   "src/auth/orchestrator.ts"() {
     "use strict";
-    import_crypto4 = require("crypto");
+    import_crypto5 = require("crypto");
     init_native();
     init_context_sniper();
     init_dlp();
@@ -6412,10 +6342,10 @@ function hashToolDefinitions(tools) {
     return nameA.localeCompare(nameB);
   });
   const canonical = JSON.stringify(sorted);
-  return import_crypto5.default.createHash("sha256").update(canonical).digest("hex");
+  return import_crypto6.default.createHash("sha256").update(canonical).digest("hex");
 }
 function getServerKey(upstreamCommand) {
-  return import_crypto5.default.createHash("sha256").update(upstreamCommand).digest("hex").slice(0, 16);
+  return import_crypto6.default.createHash("sha256").update(upstreamCommand).digest("hex").slice(0, 16);
 }
 function readPinsFile(filePath) {
   try {
@@ -6446,7 +6376,7 @@ function readMcpPins() {
 }
 function writePinsFile(filePath, data) {
   import_fs12.default.mkdirSync(import_path14.default.dirname(filePath), { recursive: true });
-  const tmp = `${filePath}.${import_crypto5.default.randomBytes(6).toString("hex")}.tmp`;
+  const tmp = `${filePath}.${import_crypto6.default.randomBytes(6).toString("hex")}.tmp`;
   const isHome = filePath === getHomePinsFilePath();
   import_fs12.default.writeFileSync(tmp, JSON.stringify(data, null, 2), isHome ? { mode: 384 } : {});
   import_fs12.default.renameSync(tmp, filePath);
@@ -6529,14 +6459,14 @@ function promotePin(serverKey, cwd) {
   writePinsFile(repoPath, repoPins);
   return { repoPath, created };
 }
-var import_fs12, import_path14, import_os11, import_crypto5;
+var import_fs12, import_path14, import_os11, import_crypto6;
 var init_mcp_pin = __esm({
   "src/mcp-pin.ts"() {
     "use strict";
     import_fs12 = __toESM(require("fs"));
     import_path14 = __toESM(require("path"));
     import_os11 = __toESM(require("os"));
-    import_crypto5 = __toESM(require("crypto"));
+    import_crypto6 = __toESM(require("crypto"));
   }
 });
 
@@ -13169,11 +13099,11 @@ function commonPathPrefix(paths) {
   const prefix = common.join("/").replace(/\/?$/, "/");
   return prefix.length > 1 ? prefix : null;
 }
-var import_crypto6, SuggestionTracker;
+var import_crypto7, SuggestionTracker;
 var init_suggestion_tracker = __esm({
   "src/daemon/suggestion-tracker.ts"() {
     "use strict";
-    import_crypto6 = require("crypto");
+    import_crypto7 = require("crypto");
     SuggestionTracker = class {
       events = /* @__PURE__ */ new Map();
       threshold;
@@ -13219,7 +13149,7 @@ var init_suggestion_tracker = __esm({
           }
         } : { type: "ignoredTool", toolName };
         return {
-          id: (0, import_crypto6.randomUUID)(),
+          id: (0, import_crypto7.randomUUID)(),
           toolName,
           allowCount: events.length,
           suggestedRule,
@@ -13465,7 +13395,7 @@ function markRejectionHandlerRegistered() {
 function atomicWriteSync2(filePath, data, options) {
   const dir = import_path24.default.dirname(filePath);
   if (!import_fs22.default.existsSync(dir)) import_fs22.default.mkdirSync(dir, { recursive: true });
-  const tmpPath = `${filePath}.${(0, import_crypto7.randomUUID)()}.tmp`;
+  const tmpPath = `${filePath}.${(0, import_crypto8.randomUUID)()}.tmp`;
   try {
     import_fs22.default.writeFileSync(tmpPath, data, options);
   } catch (err2) {
@@ -13640,7 +13570,7 @@ function broadcastForensic(finding) {
   const severity = CRITICAL_FORENSIC_CATEGORIES.has(finding.type) ? "critical" : "warning";
   const event = {
     type: "forensic",
-    id: `fnd_${(0, import_crypto7.randomUUID)()}`,
+    id: `fnd_${(0, import_crypto8.randomUUID)()}`,
     ts: Date.now(),
     sessionId: finding.sessionId,
     category: finding.type,
@@ -13832,7 +13762,7 @@ function bindActivitySocket() {
   });
   activitySocketServer = unixServer;
 }
-var import_net2, import_fs22, import_path24, import_os20, import_crypto7, homeDir, DAEMON_PID_FILE, DECISIONS_FILE, AUDIT_LOG_FILE, TRUST_FILE2, GLOBAL_CONFIG_FILE, CREDENTIALS_FILE, INSIGHT_COUNTS_FILE, pending, sseClients, suggestionTracker, taintStore, insightCounts, _abandonTimer, _hadBrowserClient, _daemonServer, daemonRejectionHandlerRegistered, AUTO_DENY_MS, TRUST_DURATIONS, autoStarted, ACTIVITY_SOCKET_PATH2, ACTIVITY_RING_SIZE, activityRing, LARGE_RESPONSE_RING_SIZE, largeResponseRing, cachedScanResult, cachedScanTs, SCAN_CACHE_TTL_MS, SECRET_KEY_RE, INPUT_PRICE_PER_1M, OUTPUT_PRICE_PER_1M, BYTES_PER_TOKEN, CRITICAL_FORENSIC_CATEGORIES, WRITE_TOOL_NAMES, ACTIVITY_REBIND_MAX_ATTEMPTS, ACTIVITY_REBIND_WINDOW_MS, ACTIVITY_HEALTH_PROBE_MS, activitySocketServer, activityHealthInterval, activityRebindAttempts, activityCircuitTripped;
+var import_net2, import_fs22, import_path24, import_os20, import_crypto8, homeDir, DAEMON_PID_FILE, DECISIONS_FILE, AUDIT_LOG_FILE, TRUST_FILE2, GLOBAL_CONFIG_FILE, CREDENTIALS_FILE, INSIGHT_COUNTS_FILE, pending, sseClients, suggestionTracker, taintStore, insightCounts, _abandonTimer, _hadBrowserClient, _daemonServer, daemonRejectionHandlerRegistered, AUTO_DENY_MS, TRUST_DURATIONS, autoStarted, ACTIVITY_SOCKET_PATH2, ACTIVITY_RING_SIZE, activityRing, LARGE_RESPONSE_RING_SIZE, largeResponseRing, cachedScanResult, cachedScanTs, SCAN_CACHE_TTL_MS, SECRET_KEY_RE, INPUT_PRICE_PER_1M, OUTPUT_PRICE_PER_1M, BYTES_PER_TOKEN, CRITICAL_FORENSIC_CATEGORIES, WRITE_TOOL_NAMES, ACTIVITY_REBIND_MAX_ATTEMPTS, ACTIVITY_REBIND_WINDOW_MS, ACTIVITY_HEALTH_PROBE_MS, activitySocketServer, activityHealthInterval, activityRebindAttempts, activityCircuitTripped;
 var init_state2 = __esm({
   "src/daemon/state.ts"() {
     "use strict";
@@ -13840,7 +13770,7 @@ var init_state2 = __esm({
     import_fs22 = __toESM(require("fs"));
     import_path24 = __toESM(require("path"));
     import_os20 = __toESM(require("os"));
-    import_crypto7 = require("crypto");
+    import_crypto8 = require("crypto");
     init_daemon();
     init_suggestion_tracker();
     init_taint_store();
@@ -14282,71 +14212,282 @@ var init_sync = __esm({
   }
 });
 
+// src/daemon/audit-shipper.ts
+var audit_shipper_exports = {};
+__export(audit_shipper_exports, {
+  AUDIT_SHIP_WATERMARK: () => AUDIT_SHIP_WATERMARK,
+  buildWireRows: () => buildWireRows,
+  fileSignature: () => fileSignature,
+  readWatermark: () => readWatermark,
+  shipLagBytes: () => shipLagBytes,
+  shipOnce: () => shipOnce,
+  startAuditShipper: () => startAuditShipper,
+  writeWatermark: () => writeWatermark
+});
+function fileSignature(filePath) {
+  const fd = import_fs24.default.openSync(filePath, "r");
+  try {
+    const buf = Buffer.alloc(512);
+    const read = import_fs24.default.readSync(fd, buf, 0, 512, 0);
+    const slice = buf.subarray(0, read);
+    const nl = slice.indexOf(10);
+    const firstLine = nl === -1 ? slice : slice.subarray(0, nl);
+    return import_crypto9.default.createHash("sha256").update(firstLine).digest("hex").slice(0, 16);
+  } finally {
+    import_fs24.default.closeSync(fd);
+  }
+}
+function readWatermark(watermarkPath) {
+  try {
+    const raw = JSON.parse(import_fs24.default.readFileSync(watermarkPath, "utf-8"));
+    if (typeof raw.fileSig === "string" && typeof raw.offset === "number" && raw.offset >= 0)
+      return raw;
+  } catch {
+  }
+  return null;
+}
+function writeWatermark(watermarkPath, wm) {
+  const tmp = `${watermarkPath}.tmp`;
+  import_fs24.default.writeFileSync(tmp, JSON.stringify(wm));
+  import_fs24.default.renameSync(tmp, watermarkPath);
+}
+function buildWireRows(chunk) {
+  const lastNl = chunk.lastIndexOf(10);
+  if (lastNl === -1) return { rows: [], consumed: 0 };
+  const complete = chunk.subarray(0, lastNl + 1);
+  const rows = [];
+  for (const line of complete.toString("utf-8").split("\n")) {
+    if (!line.trim()) continue;
+    let parsed;
+    try {
+      parsed = JSON.parse(line);
+    } catch {
+      continue;
+    }
+    if (typeof parsed.eid !== "string" || parsed.eid.length < 8) continue;
+    if (typeof parsed.tool !== "string" || !parsed.tool) continue;
+    if (parsed.decision !== "allow" && parsed.decision !== "deny") continue;
+    if (typeof parsed.ts !== "string") continue;
+    if (parsed.testRun === true) continue;
+    const checkedBy = typeof parsed.checkedBy === "string" ? parsed.checkedBy : void 0;
+    if (checkedBy && SKIP_CHECKED_BY.has(checkedBy)) continue;
+    const cloudRequestId = typeof parsed.cloudRequestId === "string" ? parsed.cloudRequestId : void 0;
+    if (checkedBy === "cloud" && !cloudRequestId) continue;
+    rows.push({
+      eid: parsed.eid,
+      ts: parsed.ts,
+      tool: parsed.tool,
+      ...parsed.args && typeof parsed.args === "object" ? { args: parsed.args } : {},
+      ...typeof parsed.argsHash === "string" ? { argsHash: parsed.argsHash } : {},
+      ...typeof parsed.argsPreview === "string" ? { argsPreview: parsed.argsPreview } : {},
+      decision: parsed.decision,
+      ...checkedBy ? { checkedBy } : {},
+      ...typeof parsed.ruleName === "string" ? { ruleName: parsed.ruleName } : {},
+      ...typeof parsed.agent === "string" ? { agent: parsed.agent } : {},
+      ...typeof parsed.mcpServer === "string" ? { mcpServer: parsed.mcpServer } : {},
+      ...typeof parsed.sessionId === "string" ? { sessionId: parsed.sessionId } : {},
+      ...typeof parsed.dlpPattern === "string" ? { dlpPattern: parsed.dlpPattern } : {},
+      ...typeof parsed.dlpSample === "string" ? { dlpSample: parsed.dlpSample } : {},
+      ...cloudRequestId ? { cloudRequestId } : {}
+    });
+  }
+  return { rows, consumed: lastNl + 1 };
+}
+async function shipOnce(deps = {}) {
+  const auditLogPath = deps.auditLogPath ?? LOCAL_AUDIT_LOG;
+  const watermarkPath = deps.watermarkPath ?? AUDIT_SHIP_WATERMARK;
+  const fetchImpl = deps.fetchImpl ?? fetch;
+  let cloudEnabled = deps.cloudEnabled;
+  if (cloudEnabled === void 0) {
+    try {
+      const settings = getConfig().settings;
+      cloudEnabled = settings.shipper.enabled !== false && settings.approvers.cloud;
+    } catch {
+      cloudEnabled = false;
+    }
+  }
+  if (!cloudEnabled) return { status: "disabled", shipped: 0 };
+  const creds = deps.creds !== void 0 ? deps.creds : readCredentials();
+  if (!creds?.apiKey) return { status: "no-creds", shipped: 0 };
+  const validated = validateApiUrl(creds.apiUrl);
+  if (!validated) return { status: "no-creds", shipped: 0 };
+  const endpoint = `${validated.toString().replace(/\/$/, "")}/audit/batch`;
+  if (!import_fs24.default.existsSync(auditLogPath)) return { status: "idle", shipped: 0 };
+  let shipped = 0;
+  try {
+    for (let chunkN = 0; chunkN < MAX_CHUNKS_PER_TICK; chunkN++) {
+      const size = import_fs24.default.statSync(auditLogPath).size;
+      if (size === 0) break;
+      const sig = fileSignature(auditLogPath);
+      const wm = readWatermark(watermarkPath);
+      const offset = wm && wm.fileSig === sig && wm.offset <= size ? wm.offset : 0;
+      if (offset >= size) break;
+      const toRead = Math.min(size - offset, MAX_CHUNK_BYTES);
+      const buf = Buffer.alloc(toRead);
+      const fd = import_fs24.default.openSync(auditLogPath, "r");
+      let read;
+      try {
+        read = import_fs24.default.readSync(fd, buf, 0, toRead, offset);
+      } finally {
+        import_fs24.default.closeSync(fd);
+      }
+      const { rows, consumed } = buildWireRows(buf.subarray(0, read));
+      if (consumed === 0) break;
+      for (let i = 0; i < rows.length; i += MAX_BATCH) {
+        const batch = rows.slice(i, i + MAX_BATCH);
+        const controller = new AbortController();
+        const timer = setTimeout(() => controller.abort(), FETCH_TIMEOUT_MS);
+        try {
+          const res = await fetchImpl(endpoint, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              Authorization: `Bearer ${creds.apiKey}`
+            },
+            body: JSON.stringify({ rows: batch }),
+            signal: controller.signal
+          });
+          if (!res.ok) throw new Error(`audit/batch HTTP ${res.status}`);
+        } finally {
+          clearTimeout(timer);
+        }
+        shipped += batch.length;
+      }
+      writeWatermark(watermarkPath, {
+        fileSig: sig,
+        offset: offset + consumed,
+        lastEid: rows.length > 0 ? rows[rows.length - 1].eid : wm?.lastEid,
+        updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+      });
+      if (consumed < toRead) break;
+    }
+  } catch (err2) {
+    try {
+      appendToLog(HOOK_DEBUG_LOG, {
+        ts: (/* @__PURE__ */ new Date()).toISOString(),
+        shipper: "error",
+        message: err2.message
+      });
+    } catch {
+    }
+    return { status: "error", shipped };
+  }
+  return { status: shipped > 0 ? "shipped" : "idle", shipped };
+}
+function shipLagBytes(auditLogPath = LOCAL_AUDIT_LOG, watermarkPath = AUDIT_SHIP_WATERMARK) {
+  try {
+    if (!import_fs24.default.existsSync(auditLogPath)) return 0;
+    const size = import_fs24.default.statSync(auditLogPath).size;
+    const wm = readWatermark(watermarkPath);
+    if (!wm) return size;
+    if (wm.fileSig !== fileSignature(auditLogPath)) return size;
+    return Math.max(0, size - wm.offset);
+  } catch {
+    return null;
+  }
+}
+function startAuditShipper() {
+  if (shipperStarted) return;
+  shipperStarted = true;
+  const intervalMs = (() => {
+    try {
+      const sec = getConfig().settings.shipper.intervalSeconds;
+      return sec >= 5 ? sec * 1e3 : DEFAULT_INTERVAL_MS;
+    } catch {
+      return DEFAULT_INTERVAL_MS;
+    }
+  })();
+  setTimeout(() => void shipOnce(), 3e3);
+  setInterval(() => void shipOnce(), intervalMs);
+}
+var import_fs24, import_path26, import_os22, import_crypto9, AUDIT_SHIP_WATERMARK, DEFAULT_INTERVAL_MS, MAX_BATCH, MAX_CHUNK_BYTES, MAX_CHUNKS_PER_TICK, FETCH_TIMEOUT_MS, SKIP_CHECKED_BY, shipperStarted;
+var init_audit_shipper = __esm({
+  "src/daemon/audit-shipper.ts"() {
+    "use strict";
+    import_fs24 = __toESM(require("fs"));
+    import_path26 = __toESM(require("path"));
+    import_os22 = __toESM(require("os"));
+    import_crypto9 = __toESM(require("crypto"));
+    init_audit();
+    init_config();
+    init_sync();
+    init_cloud();
+    AUDIT_SHIP_WATERMARK = import_path26.default.join(import_os22.default.homedir(), ".node9", "audit-ship.json");
+    DEFAULT_INTERVAL_MS = 2e4;
+    MAX_BATCH = 500;
+    MAX_CHUNK_BYTES = 4 * 1024 * 1024;
+    MAX_CHUNKS_PER_TICK = 10;
+    FETCH_TIMEOUT_MS = 1e4;
+    SKIP_CHECKED_BY = /* @__PURE__ */ new Set(["ignored"]);
+    shipperStarted = false;
+  }
+});
+
 // src/daemon/dlp-scanner.ts
 function loadIndex() {
   try {
-    return JSON.parse(import_fs24.default.readFileSync(INDEX_FILE, "utf-8"));
+    return JSON.parse(import_fs25.default.readFileSync(INDEX_FILE, "utf-8"));
   } catch {
     return {};
   }
 }
 function saveIndex(index) {
   try {
-    import_fs24.default.writeFileSync(INDEX_FILE, JSON.stringify(index), { encoding: "utf-8", mode: 384 });
+    import_fs25.default.writeFileSync(INDEX_FILE, JSON.stringify(index), { encoding: "utf-8", mode: 384 });
   } catch {
   }
 }
 function appendAuditEntry(entry) {
   try {
-    import_fs24.default.appendFileSync(AUDIT_LOG_FILE, JSON.stringify(entry) + "\n");
+    import_fs25.default.appendFileSync(AUDIT_LOG_FILE, JSON.stringify(entry) + "\n");
   } catch {
   }
 }
 function runDlpScan() {
-  if (!import_fs24.default.existsSync(PROJECTS_DIR2)) return;
+  if (!import_fs25.default.existsSync(PROJECTS_DIR2)) return;
   const index = loadIndex();
   let updated = false;
   let projDirs;
   try {
-    projDirs = import_fs24.default.readdirSync(PROJECTS_DIR2);
+    projDirs = import_fs25.default.readdirSync(PROJECTS_DIR2);
   } catch {
     return;
   }
   for (const proj of projDirs) {
-    const projPath = import_path26.default.join(PROJECTS_DIR2, proj);
+    const projPath = import_path27.default.join(PROJECTS_DIR2, proj);
     try {
-      if (!import_fs24.default.lstatSync(projPath).isDirectory()) continue;
-      const real = import_fs24.default.realpathSync(projPath);
-      if (!real.startsWith(PROJECTS_DIR2 + import_path26.default.sep) && real !== PROJECTS_DIR2) continue;
+      if (!import_fs25.default.lstatSync(projPath).isDirectory()) continue;
+      const real = import_fs25.default.realpathSync(projPath);
+      if (!real.startsWith(PROJECTS_DIR2 + import_path27.default.sep) && real !== PROJECTS_DIR2) continue;
     } catch {
       continue;
     }
     let files;
     try {
-      files = import_fs24.default.readdirSync(projPath).filter((f) => f.endsWith(".jsonl") && !f.startsWith("agent-"));
+      files = import_fs25.default.readdirSync(projPath).filter((f) => f.endsWith(".jsonl") && !f.startsWith("agent-"));
     } catch {
       continue;
     }
     for (const file of files) {
-      const filePath = import_path26.default.join(projPath, file);
+      const filePath = import_path27.default.join(projPath, file);
       const lastOffset = index[filePath] ?? 0;
       let size;
       try {
-        size = import_fs24.default.statSync(filePath).size;
+        size = import_fs25.default.statSync(filePath).size;
       } catch {
         continue;
       }
       if (size <= lastOffset) continue;
       let fd;
       try {
-        fd = import_fs24.default.openSync(filePath, "r");
+        fd = import_fs25.default.openSync(filePath, "r");
       } catch {
         continue;
       }
       try {
         const chunkSize = size - lastOffset;
         const buf = Buffer.alloc(chunkSize);
-        import_fs24.default.readSync(fd, buf, 0, chunkSize, lastOffset);
+        import_fs25.default.readSync(fd, buf, 0, chunkSize, lastOffset);
         const chunk = buf.toString("utf-8");
         for (const line of chunk.split("\n")) {
           if (!line.trim()) continue;
@@ -14366,7 +14507,7 @@ function runDlpScan() {
             if (typeof text !== "string") continue;
             const match = scanText(text);
             if (!match) continue;
-            const projLabel = decodeURIComponent(proj).replace(import_os22.default.homedir(), "~").slice(0, 40);
+            const projLabel = decodeURIComponent(proj).replace(import_os23.default.homedir(), "~").slice(0, 40);
             const ts = entry.timestamp ?? (/* @__PURE__ */ new Date()).toISOString();
             appendAuditEntry({
               ts,
@@ -14391,7 +14532,7 @@ Run: node9 report --period 30d`
         updated = true;
       } finally {
         try {
-          import_fs24.default.closeSync(fd);
+          import_fs25.default.closeSync(fd);
         } catch {
         }
       }
@@ -14417,30 +14558,30 @@ function startDlpScanner() {
   );
   timer.unref();
 }
-var import_fs24, import_path26, import_os22, INDEX_FILE, PROJECTS_DIR2;
+var import_fs25, import_path27, import_os23, INDEX_FILE, PROJECTS_DIR2;
 var init_dlp_scanner = __esm({
   "src/daemon/dlp-scanner.ts"() {
     "use strict";
-    import_fs24 = __toESM(require("fs"));
-    import_path26 = __toESM(require("path"));
-    import_os22 = __toESM(require("os"));
+    import_fs25 = __toESM(require("fs"));
+    import_path27 = __toESM(require("path"));
+    import_os23 = __toESM(require("os"));
     init_dlp();
     init_native();
     init_state2();
-    INDEX_FILE = import_path26.default.join(import_os22.default.homedir(), ".node9", "dlp-index.json");
-    PROJECTS_DIR2 = import_path26.default.join(import_os22.default.homedir(), ".claude", "projects");
+    INDEX_FILE = import_path27.default.join(import_os23.default.homedir(), ".node9", "dlp-index.json");
+    PROJECTS_DIR2 = import_path27.default.join(import_os23.default.homedir(), ".claude", "projects");
   }
 });
 
 // src/daemon/mcp-tools.ts
 function getMcpToolsFile() {
-  return import_path27.default.join(import_os23.default.homedir(), ".node9", "mcp-tools.json");
+  return import_path28.default.join(import_os24.default.homedir(), ".node9", "mcp-tools.json");
 }
 function readMcpToolsConfig() {
   try {
     const file = getMcpToolsFile();
-    if (!import_fs25.default.existsSync(file)) return {};
-    const raw = import_fs25.default.readFileSync(file, "utf-8");
+    if (!import_fs26.default.existsSync(file)) return {};
+    const raw = import_fs26.default.readFileSync(file, "utf-8");
     return JSON.parse(raw);
   } catch {
     return {};
@@ -14449,11 +14590,11 @@ function readMcpToolsConfig() {
 function writeMcpToolsConfig(config) {
   try {
     const file = getMcpToolsFile();
-    const dir = import_path27.default.dirname(file);
-    if (!import_fs25.default.existsSync(dir)) import_fs25.default.mkdirSync(dir, { recursive: true });
-    const tmpPath = `${file}.${import_os23.default.hostname()}.${process.pid}.tmp`;
-    import_fs25.default.writeFileSync(tmpPath, JSON.stringify(config, null, 2));
-    import_fs25.default.renameSync(tmpPath, file);
+    const dir = import_path28.default.dirname(file);
+    if (!import_fs26.default.existsSync(dir)) import_fs26.default.mkdirSync(dir, { recursive: true });
+    const tmpPath = `${file}.${import_os24.default.hostname()}.${process.pid}.tmp`;
+    import_fs26.default.writeFileSync(tmpPath, JSON.stringify(config, null, 2));
+    import_fs26.default.renameSync(tmpPath, file);
   } catch (e) {
     console.error("Failed to write mcp-tools.json", e);
   }
@@ -14492,13 +14633,13 @@ function approveServer(serverKey, disabledTools) {
     writeMcpToolsConfig(config);
   }
 }
-var import_fs25, import_path27, import_os23;
+var import_fs26, import_path28, import_os24;
 var init_mcp_tools = __esm({
   "src/daemon/mcp-tools.ts"() {
     "use strict";
-    import_fs25 = __toESM(require("fs"));
-    import_path27 = __toESM(require("path"));
-    import_os23 = __toESM(require("os"));
+    import_fs26 = __toESM(require("fs"));
+    import_path28 = __toESM(require("path"));
+    import_os24 = __toESM(require("os"));
   }
 });
 
@@ -14507,9 +14648,10 @@ function startDaemon() {
   startCostSync();
   startCloudSync();
   startForensicBroadcast();
+  startAuditShipper();
   startDlpScanner();
   loadInsightCounts();
-  const internalToken = (0, import_crypto8.randomUUID)();
+  const internalToken = (0, import_crypto10.randomUUID)();
   const validToken = (req) => req.headers["x-node9-internal"] === internalToken || req.headers["x-node9-token"] === internalToken;
   const IDLE_TIMEOUT_MS = 12 * 60 * 60 * 1e3;
   const watchMode = process.env.NODE9_WATCH_MODE === "1";
@@ -14520,7 +14662,7 @@ function startDaemon() {
     idleTimer = setTimeout(() => {
       if (autoStarted) {
         try {
-          import_fs26.default.unlinkSync(DAEMON_PID_FILE);
+          import_fs27.default.unlinkSync(DAEMON_PID_FILE);
         } catch {
         }
       }
@@ -14621,7 +14763,7 @@ data: ${JSON.stringify(item.data)}
           cwd,
           localSmartRuleMatched = false
         } = JSON.parse(body);
-        const id = fromCLI && typeof activityId === "string" && activityId || (0, import_crypto8.randomUUID)();
+        const id = fromCLI && typeof activityId === "string" && activityId || (0, import_crypto10.randomUUID)();
         const entry = {
           id,
           toolName,
@@ -14665,7 +14807,7 @@ data: ${JSON.stringify(item.data)}
             mcpServer: entry.mcpServer
           });
         }
-        const projectCwd = typeof cwd === "string" && import_path28.default.isAbsolute(cwd) ? cwd : void 0;
+        const projectCwd = typeof cwd === "string" && import_path29.default.isAbsolute(cwd) ? cwd : void 0;
         const projectConfig = getConfig(projectCwd);
         const browserEnabled = projectConfig.settings.approvers?.browser !== false;
         const terminalEnabled = projectConfig.settings.approvers?.terminal !== false;
@@ -14957,8 +15099,8 @@ data: ${JSON.stringify(item.data)}
       if (!validToken(req)) return res.writeHead(403).end();
       const periodParam = reqUrl.searchParams.get("period") || "7d";
       const period = ["today", "7d", "30d", "month"].includes(periodParam) ? periodParam : "7d";
-      const logPath = import_path28.default.join(import_os24.default.homedir(), ".node9", "audit.log");
-      if (!import_fs26.default.existsSync(logPath)) {
+      const logPath = import_path29.default.join(import_os25.default.homedir(), ".node9", "audit.log");
+      if (!import_fs27.default.existsSync(logPath)) {
         res.writeHead(200, { "Content-Type": "application/json" });
         return res.end(
           JSON.stringify({
@@ -14971,7 +15113,7 @@ data: ${JSON.stringify(item.data)}
         );
       }
       try {
-        const raw = import_fs26.default.readFileSync(logPath, "utf-8");
+        const raw = import_fs27.default.readFileSync(logPath, "utf-8");
         const allEntries = raw.split("\n").flatMap((line) => {
           if (!line.trim()) return [];
           try {
@@ -15206,7 +15348,7 @@ data: ${JSON.stringify(item.data)}
             args: { toolCount: tools.length, status },
             decision: "mcp-discovered"
           });
-          const id = (0, import_crypto8.randomUUID)();
+          const id = (0, import_crypto10.randomUUID)();
           const entry = {
             id,
             type: "mcp-discovery",
@@ -15294,14 +15436,14 @@ data: ${JSON.stringify(item.data)}
   server.on("error", (e) => {
     if (e.code === "EADDRINUSE") {
       try {
-        if (import_fs26.default.existsSync(DAEMON_PID_FILE)) {
-          const { pid } = JSON.parse(import_fs26.default.readFileSync(DAEMON_PID_FILE, "utf-8"));
+        if (import_fs27.default.existsSync(DAEMON_PID_FILE)) {
+          const { pid } = JSON.parse(import_fs27.default.readFileSync(DAEMON_PID_FILE, "utf-8"));
           process.kill(pid, 0);
           return process.exit(0);
         }
       } catch {
         try {
-          import_fs26.default.unlinkSync(DAEMON_PID_FILE);
+          import_fs27.default.unlinkSync(DAEMON_PID_FILE);
         } catch {
         }
         server.listen(DAEMON_PORT, DAEMON_HOST);
@@ -15373,15 +15515,15 @@ data: ${JSON.stringify(item.data)}
   }
   startActivitySocket();
 }
-var import_http, import_fs26, import_path28, import_os24, import_crypto8, import_child_process2, import_chalk6;
+var import_http, import_fs27, import_path29, import_os25, import_crypto10, import_child_process2, import_chalk6;
 var init_server = __esm({
   "src/daemon/server.ts"() {
     "use strict";
     import_http = __toESM(require("http"));
-    import_fs26 = __toESM(require("fs"));
-    import_path28 = __toESM(require("path"));
-    import_os24 = __toESM(require("os"));
-    import_crypto8 = require("crypto");
+    import_fs27 = __toESM(require("fs"));
+    import_path29 = __toESM(require("path"));
+    import_os25 = __toESM(require("os"));
+    import_crypto10 = require("crypto");
     import_child_process2 = require("child_process");
     import_chalk6 = __toESM(require("chalk"));
     init_core();
@@ -15391,6 +15533,7 @@ var init_server = __esm({
     init_state();
     init_costSync();
     init_sync();
+    init_audit_shipper();
     init_dlp_scanner();
     init_mcp_tools();
   }
@@ -15400,8 +15543,8 @@ var init_server = __esm({
 function resolveNode9Binary() {
   try {
     const script = process.argv[1];
-    if (typeof script === "string" && import_path29.default.isAbsolute(script) && import_fs27.default.existsSync(script)) {
-      return import_fs27.default.realpathSync(script);
+    if (typeof script === "string" && import_path30.default.isAbsolute(script) && import_fs28.default.existsSync(script)) {
+      return import_fs28.default.realpathSync(script);
     }
   } catch {
   }
@@ -15419,11 +15562,11 @@ function xmlEscape(s) {
   return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
 }
 function launchdPlist(binaryPath) {
-  const logDir = import_path29.default.join(import_os25.default.homedir(), ".node9");
+  const logDir = import_path30.default.join(import_os26.default.homedir(), ".node9");
   const nodePath = xmlEscape(process.execPath);
   const scriptPath = xmlEscape(binaryPath);
-  const outLog = xmlEscape(import_path29.default.join(logDir, "daemon.log"));
-  const errLog = xmlEscape(import_path29.default.join(logDir, "daemon-error.log"));
+  const outLog = xmlEscape(import_path30.default.join(logDir, "daemon.log"));
+  const errLog = xmlEscape(import_path30.default.join(logDir, "daemon-error.log"));
   return `<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
@@ -15456,9 +15599,9 @@ function launchdPlist(binaryPath) {
 `;
 }
 function installLaunchd(binaryPath) {
-  const dir = import_path29.default.dirname(LAUNCHD_PLIST);
-  if (!import_fs27.default.existsSync(dir)) import_fs27.default.mkdirSync(dir, { recursive: true });
-  import_fs27.default.writeFileSync(LAUNCHD_PLIST, launchdPlist(binaryPath), "utf-8");
+  const dir = import_path30.default.dirname(LAUNCHD_PLIST);
+  if (!import_fs28.default.existsSync(dir)) import_fs28.default.mkdirSync(dir, { recursive: true });
+  import_fs28.default.writeFileSync(LAUNCHD_PLIST, launchdPlist(binaryPath), "utf-8");
   (0, import_child_process3.spawnSync)("launchctl", ["unload", LAUNCHD_PLIST], { encoding: "utf8" });
   const r = (0, import_child_process3.spawnSync)("launchctl", ["load", "-w", LAUNCHD_PLIST], {
     encoding: "utf8",
@@ -15469,13 +15612,13 @@ function installLaunchd(binaryPath) {
   }
 }
 function uninstallLaunchd() {
-  if (import_fs27.default.existsSync(LAUNCHD_PLIST)) {
+  if (import_fs28.default.existsSync(LAUNCHD_PLIST)) {
     (0, import_child_process3.spawnSync)("launchctl", ["unload", "-w", LAUNCHD_PLIST], { encoding: "utf8", timeout: 5e3 });
-    import_fs27.default.unlinkSync(LAUNCHD_PLIST);
+    import_fs28.default.unlinkSync(LAUNCHD_PLIST);
   }
 }
 function isLaunchdInstalled() {
-  return import_fs27.default.existsSync(LAUNCHD_PLIST);
+  return import_fs28.default.existsSync(LAUNCHD_PLIST);
 }
 function systemdUnit(binaryPath) {
   return `[Unit]
@@ -15494,12 +15637,12 @@ WantedBy=default.target
 `;
 }
 function installSystemd(binaryPath) {
-  if (!import_fs27.default.existsSync(SYSTEMD_UNIT_DIR)) {
-    import_fs27.default.mkdirSync(SYSTEMD_UNIT_DIR, { recursive: true });
+  if (!import_fs28.default.existsSync(SYSTEMD_UNIT_DIR)) {
+    import_fs28.default.mkdirSync(SYSTEMD_UNIT_DIR, { recursive: true });
   }
-  import_fs27.default.writeFileSync(SYSTEMD_UNIT, systemdUnit(binaryPath), "utf-8");
+  import_fs28.default.writeFileSync(SYSTEMD_UNIT, systemdUnit(binaryPath), "utf-8");
   try {
-    (0, import_child_process3.execFileSync)("loginctl", ["enable-linger", import_os25.default.userInfo().username], { timeout: 3e3 });
+    (0, import_child_process3.execFileSync)("loginctl", ["enable-linger", import_os26.default.userInfo().username], { timeout: 3e3 });
   } catch {
   }
   const reload = (0, import_child_process3.spawnSync)("systemctl", ["--user", "daemon-reload"], {
@@ -15519,23 +15662,23 @@ function installSystemd(binaryPath) {
   }
 }
 function uninstallSystemd() {
-  if (import_fs27.default.existsSync(SYSTEMD_UNIT)) {
+  if (import_fs28.default.existsSync(SYSTEMD_UNIT)) {
     (0, import_child_process3.spawnSync)("systemctl", ["--user", "disable", "--now", "node9-daemon"], {
       encoding: "utf8",
       timeout: 5e3
     });
     (0, import_child_process3.spawnSync)("systemctl", ["--user", "daemon-reload"], { encoding: "utf8", timeout: 5e3 });
-    import_fs27.default.unlinkSync(SYSTEMD_UNIT);
+    import_fs28.default.unlinkSync(SYSTEMD_UNIT);
   }
 }
 function isSystemdInstalled() {
-  return import_fs27.default.existsSync(SYSTEMD_UNIT);
+  return import_fs28.default.existsSync(SYSTEMD_UNIT);
 }
 function stopRunningDaemon() {
-  const pidFile = import_path29.default.join(import_os25.default.homedir(), ".node9", "daemon.pid");
-  if (!import_fs27.default.existsSync(pidFile)) return;
+  const pidFile = import_path30.default.join(import_os26.default.homedir(), ".node9", "daemon.pid");
+  if (!import_fs28.default.existsSync(pidFile)) return;
   try {
-    const data = JSON.parse(import_fs27.default.readFileSync(pidFile, "utf-8"));
+    const data = JSON.parse(import_fs28.default.readFileSync(pidFile, "utf-8"));
     const pid = data.pid;
     const MAX_PID2 = 4194304;
     if (typeof pid === "number" && Number.isInteger(pid) && pid > 0 && pid <= MAX_PID2) {
@@ -15555,7 +15698,7 @@ function stopRunningDaemon() {
       }
     }
     try {
-      import_fs27.default.unlinkSync(pidFile);
+      import_fs28.default.unlinkSync(pidFile);
     } catch {
     }
   } catch {
@@ -15625,26 +15768,26 @@ function isDaemonServiceInstalled() {
   if (process.platform === "linux") return isSystemdInstalled();
   return false;
 }
-var import_fs27, import_path29, import_os25, import_child_process3, LAUNCHD_LABEL, LAUNCHD_PLIST, SYSTEMD_UNIT_DIR, SYSTEMD_UNIT;
+var import_fs28, import_path30, import_os26, import_child_process3, LAUNCHD_LABEL, LAUNCHD_PLIST, SYSTEMD_UNIT_DIR, SYSTEMD_UNIT;
 var init_service = __esm({
   "src/daemon/service.ts"() {
     "use strict";
-    import_fs27 = __toESM(require("fs"));
-    import_path29 = __toESM(require("path"));
-    import_os25 = __toESM(require("os"));
+    import_fs28 = __toESM(require("fs"));
+    import_path30 = __toESM(require("path"));
+    import_os26 = __toESM(require("os"));
     import_child_process3 = require("child_process");
     LAUNCHD_LABEL = "ai.node9.daemon";
-    LAUNCHD_PLIST = import_path29.default.join(import_os25.default.homedir(), "Library", "LaunchAgents", `${LAUNCHD_LABEL}.plist`);
-    SYSTEMD_UNIT_DIR = import_path29.default.join(import_os25.default.homedir(), ".config", "systemd", "user");
-    SYSTEMD_UNIT = import_path29.default.join(SYSTEMD_UNIT_DIR, "node9-daemon.service");
+    LAUNCHD_PLIST = import_path30.default.join(import_os26.default.homedir(), "Library", "LaunchAgents", `${LAUNCHD_LABEL}.plist`);
+    SYSTEMD_UNIT_DIR = import_path30.default.join(import_os26.default.homedir(), ".config", "systemd", "user");
+    SYSTEMD_UNIT = import_path30.default.join(SYSTEMD_UNIT_DIR, "node9-daemon.service");
   }
 });
 
 // src/daemon/index.ts
 function stopDaemon() {
-  if (!import_fs28.default.existsSync(DAEMON_PID_FILE)) return console.log(import_chalk7.default.yellow("Not running."));
+  if (!import_fs29.default.existsSync(DAEMON_PID_FILE)) return console.log(import_chalk7.default.yellow("Not running."));
   try {
-    const data = JSON.parse(import_fs28.default.readFileSync(DAEMON_PID_FILE, "utf-8"));
+    const data = JSON.parse(import_fs29.default.readFileSync(DAEMON_PID_FILE, "utf-8"));
     const pid = data.pid;
     if (typeof pid !== "number" || !Number.isInteger(pid) || pid <= 0 || pid > MAX_PID) {
       console.log(import_chalk7.default.gray("Cleaned up invalid PID file."));
@@ -15656,7 +15799,7 @@ function stopDaemon() {
     console.log(import_chalk7.default.gray("Cleaned up stale PID file."));
   } finally {
     try {
-      import_fs28.default.unlinkSync(DAEMON_PID_FILE);
+      import_fs29.default.unlinkSync(DAEMON_PID_FILE);
     } catch {
     }
   }
@@ -15665,9 +15808,9 @@ function daemonStatus() {
   const serviceInstalled = isDaemonServiceInstalled();
   const serviceLabel = serviceInstalled ? import_chalk7.default.green("installed (starts on login)") : import_chalk7.default.yellow("not installed \u2014 run: node9 daemon install");
   let processStatus;
-  if (import_fs28.default.existsSync(DAEMON_PID_FILE)) {
+  if (import_fs29.default.existsSync(DAEMON_PID_FILE)) {
     try {
-      const data = JSON.parse(import_fs28.default.readFileSync(DAEMON_PID_FILE, "utf-8"));
+      const data = JSON.parse(import_fs29.default.readFileSync(DAEMON_PID_FILE, "utf-8"));
       const pid = data.pid;
       const port = data.port;
       if (typeof pid !== "number" || !Number.isInteger(pid) || pid <= 0 || pid > MAX_PID) {
@@ -15689,11 +15832,11 @@ function daemonStatus() {
   console.log(`  Service : ${serviceLabel}
 `);
 }
-var import_fs28, import_chalk7, MAX_PID;
+var import_fs29, import_chalk7, MAX_PID;
 var init_daemon2 = __esm({
   "src/daemon/index.ts"() {
     "use strict";
-    import_fs28 = __toESM(require("fs"));
+    import_fs29 = __toESM(require("fs"));
     import_chalk7 = __toESM(require("chalk"));
     init_server();
     init_state2();
@@ -15733,20 +15876,20 @@ function getModelContextLimit(model) {
   return 2e5;
 }
 function readSessionUsage() {
-  const projectsDir = import_path47.default.join(import_os41.default.homedir(), ".claude", "projects");
-  if (!import_fs46.default.existsSync(projectsDir)) return null;
+  const projectsDir = import_path48.default.join(import_os42.default.homedir(), ".claude", "projects");
+  if (!import_fs47.default.existsSync(projectsDir)) return null;
   let latestFile = null;
   let latestMtime = 0;
   try {
-    for (const dir of import_fs46.default.readdirSync(projectsDir)) {
-      const dirPath = import_path47.default.join(projectsDir, dir);
+    for (const dir of import_fs47.default.readdirSync(projectsDir)) {
+      const dirPath = import_path48.default.join(projectsDir, dir);
       try {
-        if (!import_fs46.default.statSync(dirPath).isDirectory()) continue;
-        for (const file of import_fs46.default.readdirSync(dirPath)) {
+        if (!import_fs47.default.statSync(dirPath).isDirectory()) continue;
+        for (const file of import_fs47.default.readdirSync(dirPath)) {
           if (!file.endsWith(".jsonl") || file.startsWith("agent-")) continue;
-          const filePath = import_path47.default.join(dirPath, file);
+          const filePath = import_path48.default.join(dirPath, file);
           try {
-            const mtime = import_fs46.default.statSync(filePath).mtimeMs;
+            const mtime = import_fs47.default.statSync(filePath).mtimeMs;
             if (mtime > latestMtime) {
               latestMtime = mtime;
               latestFile = filePath;
@@ -15761,7 +15904,7 @@ function readSessionUsage() {
   }
   if (!latestFile) return null;
   try {
-    const lines = import_fs46.default.readFileSync(latestFile, "utf-8").split("\n");
+    const lines = import_fs47.default.readFileSync(latestFile, "utf-8").split("\n");
     let lastModel = "";
     let lastInput = 0;
     let lastOutput = 0;
@@ -15822,7 +15965,7 @@ function formatBase(activity) {
   const time = new Date(activity.ts).toLocaleTimeString([], { hour12: false });
   const icon = getIcon(activity.tool);
   const toolName = activity.tool.slice(0, 16).padEnd(16);
-  const argsStr = JSON.stringify(activity.args ?? {}).replace(/\s+/g, " ").replaceAll(import_os41.default.homedir(), "~");
+  const argsStr = JSON.stringify(activity.args ?? {}).replace(/\s+/g, " ").replaceAll(import_os42.default.homedir(), "~");
   const argsPreview = argsStr.length > 70 ? argsStr.slice(0, 70) + "\u2026" : argsStr;
   return `${import_chalk29.default.gray(time)} ${icon} ${agentLabel(activity.agent, activity.mcpServer, activity.sessionId)}${import_chalk29.default.white.bold(toolName)} ${import_chalk29.default.dim(argsPreview)}`;
 }
@@ -15861,9 +16004,9 @@ function renderPending(activity) {
 }
 async function ensureDaemon() {
   let pidPort = null;
-  if (import_fs46.default.existsSync(PID_FILE)) {
+  if (import_fs47.default.existsSync(PID_FILE)) {
     try {
-      const { port } = JSON.parse(import_fs46.default.readFileSync(PID_FILE, "utf-8"));
+      const { port } = JSON.parse(import_fs47.default.readFileSync(PID_FILE, "utf-8"));
       pidPort = port;
     } catch {
       console.error(import_chalk29.default.dim("\u26A0\uFE0F  Could not read PID file; falling back to default port."));
@@ -16019,9 +16162,9 @@ function buildRecoveryCardLines(req) {
   ];
 }
 function readApproversFromDisk() {
-  const configPath = import_path47.default.join(import_os41.default.homedir(), ".node9", "config.json");
+  const configPath = import_path48.default.join(import_os42.default.homedir(), ".node9", "config.json");
   try {
-    const raw = JSON.parse(import_fs46.default.readFileSync(configPath, "utf-8"));
+    const raw = JSON.parse(import_fs47.default.readFileSync(configPath, "utf-8"));
     const settings = raw.settings ?? {};
     return settings.approvers ?? {};
   } catch {
@@ -16037,15 +16180,15 @@ function approverStatusLine() {
   return `${fmt("native", "native")}  ${fmt("cloud", "cloud")}  ${fmt("terminal", "terminal")}`;
 }
 function toggleApprover(channel) {
-  const configPath = import_path47.default.join(import_os41.default.homedir(), ".node9", "config.json");
+  const configPath = import_path48.default.join(import_os42.default.homedir(), ".node9", "config.json");
   try {
-    const raw = JSON.parse(import_fs46.default.readFileSync(configPath, "utf-8"));
+    const raw = JSON.parse(import_fs47.default.readFileSync(configPath, "utf-8"));
     const settings = raw.settings ?? {};
     const approvers = settings.approvers ?? {};
     approvers[channel] = approvers[channel] === false;
     settings.approvers = approvers;
     raw.settings = settings;
-    import_fs46.default.writeFileSync(configPath, JSON.stringify(raw, null, 2) + "\n");
+    import_fs47.default.writeFileSync(configPath, JSON.stringify(raw, null, 2) + "\n");
   } catch (err2) {
     process.stderr.write(`[node9] toggleApprover failed: ${String(err2)}
 `);
@@ -16217,8 +16360,8 @@ async function startTail(options = {}) {
       }
       postDecisionHttp(req2.id, httpDecision, authToken, port, httpOpts).catch((err2) => {
         try {
-          import_fs46.default.appendFileSync(
-            import_path47.default.join(import_os41.default.homedir(), ".node9", "hook-debug.log"),
+          import_fs47.default.appendFileSync(
+            import_path48.default.join(import_os42.default.homedir(), ".node9", "hook-debug.log"),
             `[tail] POST /decision failed: ${String(err2)}
 `
           );
@@ -16282,9 +16425,9 @@ async function startTail(options = {}) {
     };
     process.stdin.on("keypress", onKeypress);
   }
-  const auditLog = import_path47.default.join(import_os41.default.homedir(), ".node9", "audit.log");
+  const auditLog = import_path48.default.join(import_os42.default.homedir(), ".node9", "audit.log");
   try {
-    const unackedDlp = import_fs46.default.readFileSync(auditLog, "utf-8").split("\n").filter((l) => l.includes('"response-dlp"')).length;
+    const unackedDlp = import_fs47.default.readFileSync(auditLog, "utf-8").split("\n").filter((l) => l.includes('"response-dlp"')).length;
     if (unackedDlp > 0) {
       console.log("");
       console.log(
@@ -16324,7 +16467,7 @@ async function startTail(options = {}) {
     if (stallWarned) return;
     if (Date.now() - lastActivityFromDaemon < STALL_THRESHOLD_MS) return;
     try {
-      const auditMtime = import_fs46.default.statSync(auditLog).mtimeMs;
+      const auditMtime = import_fs47.default.statSync(auditLog).mtimeMs;
       if (Date.now() - auditMtime >= STALL_THRESHOLD_MS) return;
       console.log("");
       console.log(
@@ -16509,20 +16652,20 @@ async function startTail(options = {}) {
     process.exit(1);
   });
 }
-var import_http2, import_chalk29, import_fs46, import_os41, import_path47, import_readline6, import_child_process12, PID_FILE, ICONS, MODEL_CONTEXT_LIMITS, RESET2, BOLD2, RED, YELLOW, CYAN, GRAY, GREEN, HIDE_CURSOR, SHOW_CURSOR, ERASE_DOWN, pendingShownForId, pendingWrappedLines, DIVIDER;
+var import_http2, import_chalk29, import_fs47, import_os42, import_path48, import_readline6, import_child_process12, PID_FILE, ICONS, MODEL_CONTEXT_LIMITS, RESET2, BOLD2, RED, YELLOW, CYAN, GRAY, GREEN, HIDE_CURSOR, SHOW_CURSOR, ERASE_DOWN, pendingShownForId, pendingWrappedLines, DIVIDER;
 var init_tail = __esm({
   "src/tui/tail.ts"() {
     "use strict";
     import_http2 = __toESM(require("http"));
     import_chalk29 = __toESM(require("chalk"));
-    import_fs46 = __toESM(require("fs"));
-    import_os41 = __toESM(require("os"));
-    import_path47 = __toESM(require("path"));
+    import_fs47 = __toESM(require("fs"));
+    import_os42 = __toESM(require("os"));
+    import_path48 = __toESM(require("path"));
     import_readline6 = __toESM(require("readline"));
     import_child_process12 = require("child_process");
     init_daemon2();
     init_daemon();
-    PID_FILE = import_path47.default.join(import_os41.default.homedir(), ".node9", "daemon.pid");
+    PID_FILE = import_path48.default.join(import_os42.default.homedir(), ".node9", "daemon.pid");
     ICONS = {
       bash: "\u{1F4BB}",
       shell: "\u{1F4BB}",
@@ -16644,9 +16787,9 @@ function formatTimeLeft(resetsAt) {
   return ` (${m}m left)`;
 }
 function safeReadJson(filePath) {
-  if (!import_fs47.default.existsSync(filePath)) return null;
+  if (!import_fs48.default.existsSync(filePath)) return null;
   try {
-    return JSON.parse(import_fs47.default.readFileSync(filePath, "utf-8"));
+    return JSON.parse(import_fs48.default.readFileSync(filePath, "utf-8"));
   } catch {
     return null;
   }
@@ -16667,12 +16810,12 @@ function countHooksInFile(filePath) {
   return Object.keys(cfg.hooks).length;
 }
 function countRulesInDir(rulesDir) {
-  if (!import_fs47.default.existsSync(rulesDir)) return 0;
+  if (!import_fs48.default.existsSync(rulesDir)) return 0;
   let count = 0;
   try {
-    for (const entry of import_fs47.default.readdirSync(rulesDir, { withFileTypes: true })) {
+    for (const entry of import_fs48.default.readdirSync(rulesDir, { withFileTypes: true })) {
       if (entry.isDirectory()) {
-        count += countRulesInDir(import_path48.default.join(rulesDir, entry.name));
+        count += countRulesInDir(import_path49.default.join(rulesDir, entry.name));
       } else if (entry.isFile() && entry.name.endsWith(".md")) {
         count++;
       }
@@ -16683,46 +16826,46 @@ function countRulesInDir(rulesDir) {
 }
 function isSamePath(a, b) {
   try {
-    return import_path48.default.resolve(a) === import_path48.default.resolve(b);
+    return import_path49.default.resolve(a) === import_path49.default.resolve(b);
   } catch {
     return false;
   }
 }
 function countConfigs(cwd) {
-  const homeDir2 = import_os42.default.homedir();
-  const claudeDir = import_path48.default.join(homeDir2, ".claude");
+  const homeDir2 = import_os43.default.homedir();
+  const claudeDir = import_path49.default.join(homeDir2, ".claude");
   let claudeMdCount = 0;
   let rulesCount = 0;
   let hooksCount = 0;
   const userMcpServers = /* @__PURE__ */ new Set();
   const projectMcpServers = /* @__PURE__ */ new Set();
-  if (import_fs47.default.existsSync(import_path48.default.join(claudeDir, "CLAUDE.md"))) claudeMdCount++;
-  rulesCount += countRulesInDir(import_path48.default.join(claudeDir, "rules"));
-  const userSettings = import_path48.default.join(claudeDir, "settings.json");
+  if (import_fs48.default.existsSync(import_path49.default.join(claudeDir, "CLAUDE.md"))) claudeMdCount++;
+  rulesCount += countRulesInDir(import_path49.default.join(claudeDir, "rules"));
+  const userSettings = import_path49.default.join(claudeDir, "settings.json");
   for (const name of getMcpServerNames(userSettings)) userMcpServers.add(name);
   hooksCount += countHooksInFile(userSettings);
-  const userClaudeJson = import_path48.default.join(homeDir2, ".claude.json");
+  const userClaudeJson = import_path49.default.join(homeDir2, ".claude.json");
   for (const name of getMcpServerNames(userClaudeJson)) userMcpServers.add(name);
   for (const name of getDisabledMcpServers(userClaudeJson, "disabledMcpServers")) {
     userMcpServers.delete(name);
   }
   if (cwd) {
-    if (import_fs47.default.existsSync(import_path48.default.join(cwd, "CLAUDE.md"))) claudeMdCount++;
-    if (import_fs47.default.existsSync(import_path48.default.join(cwd, "CLAUDE.local.md"))) claudeMdCount++;
-    const projectClaudeDir = import_path48.default.join(cwd, ".claude");
+    if (import_fs48.default.existsSync(import_path49.default.join(cwd, "CLAUDE.md"))) claudeMdCount++;
+    if (import_fs48.default.existsSync(import_path49.default.join(cwd, "CLAUDE.local.md"))) claudeMdCount++;
+    const projectClaudeDir = import_path49.default.join(cwd, ".claude");
     const overlapsUserScope = isSamePath(projectClaudeDir, claudeDir);
     if (!overlapsUserScope) {
-      if (import_fs47.default.existsSync(import_path48.default.join(projectClaudeDir, "CLAUDE.md"))) claudeMdCount++;
-      rulesCount += countRulesInDir(import_path48.default.join(projectClaudeDir, "rules"));
-      const projSettings = import_path48.default.join(projectClaudeDir, "settings.json");
+      if (import_fs48.default.existsSync(import_path49.default.join(projectClaudeDir, "CLAUDE.md"))) claudeMdCount++;
+      rulesCount += countRulesInDir(import_path49.default.join(projectClaudeDir, "rules"));
+      const projSettings = import_path49.default.join(projectClaudeDir, "settings.json");
       for (const name of getMcpServerNames(projSettings)) projectMcpServers.add(name);
       hooksCount += countHooksInFile(projSettings);
     }
-    if (import_fs47.default.existsSync(import_path48.default.join(projectClaudeDir, "CLAUDE.local.md"))) claudeMdCount++;
-    const localSettings = import_path48.default.join(projectClaudeDir, "settings.local.json");
+    if (import_fs48.default.existsSync(import_path49.default.join(projectClaudeDir, "CLAUDE.local.md"))) claudeMdCount++;
+    const localSettings = import_path49.default.join(projectClaudeDir, "settings.local.json");
     for (const name of getMcpServerNames(localSettings)) projectMcpServers.add(name);
     hooksCount += countHooksInFile(localSettings);
-    const mcpJsonServers = getMcpServerNames(import_path48.default.join(cwd, ".mcp.json"));
+    const mcpJsonServers = getMcpServerNames(import_path49.default.join(cwd, ".mcp.json"));
     const disabledMcpJson = getDisabledMcpServers(localSettings, "disabledMcpjsonServers");
     for (const name of disabledMcpJson) mcpJsonServers.delete(name);
     for (const name of mcpJsonServers) projectMcpServers.add(name);
@@ -16755,12 +16898,12 @@ function readActiveShieldsHud() {
     return shieldsCache.value;
   }
   try {
-    const shieldsPath = import_path48.default.join(import_os42.default.homedir(), ".node9", "shields.json");
-    if (!import_fs47.default.existsSync(shieldsPath)) {
+    const shieldsPath = import_path49.default.join(import_os43.default.homedir(), ".node9", "shields.json");
+    if (!import_fs48.default.existsSync(shieldsPath)) {
       shieldsCache = { value: [], ts: now };
       return [];
     }
-    const parsed = JSON.parse(import_fs47.default.readFileSync(shieldsPath, "utf-8"));
+    const parsed = JSON.parse(import_fs48.default.readFileSync(shieldsPath, "utf-8"));
     if (!Array.isArray(parsed.active)) {
       shieldsCache = { value: [], ts: now };
       return [];
@@ -16862,17 +17005,17 @@ function renderContextLine(stdin) {
 async function main() {
   try {
     const [stdin, daemonStatus2] = await Promise.all([readStdin(), queryDaemon()]);
-    if (import_fs47.default.existsSync(import_path48.default.join(import_os42.default.homedir(), ".node9", "hud-debug"))) {
+    if (import_fs48.default.existsSync(import_path49.default.join(import_os43.default.homedir(), ".node9", "hud-debug"))) {
       try {
-        const logPath = import_path48.default.join(import_os42.default.homedir(), ".node9", "hud-debug.log");
+        const logPath = import_path49.default.join(import_os43.default.homedir(), ".node9", "hud-debug.log");
         const MAX_LOG_SIZE = 10 * 1024 * 1024;
         let size = 0;
         try {
-          size = import_fs47.default.statSync(logPath).size;
+          size = import_fs48.default.statSync(logPath).size;
         } catch {
         }
         if (size < MAX_LOG_SIZE) {
-          import_fs47.default.appendFileSync(
+          import_fs48.default.appendFileSync(
             logPath,
             JSON.stringify({ ts: (/* @__PURE__ */ new Date()).toISOString(), stdin }) + "\n"
           );
@@ -16893,11 +17036,11 @@ async function main() {
       try {
         const cwd = stdin.cwd ?? process.cwd();
         for (const configPath of [
-          import_path48.default.join(cwd, "node9.config.json"),
-          import_path48.default.join(import_os42.default.homedir(), ".node9", "config.json")
+          import_path49.default.join(cwd, "node9.config.json"),
+          import_path49.default.join(import_os43.default.homedir(), ".node9", "config.json")
         ]) {
-          if (!import_fs47.default.existsSync(configPath)) continue;
-          const cfg = JSON.parse(import_fs47.default.readFileSync(configPath, "utf-8"));
+          if (!import_fs48.default.existsSync(configPath)) continue;
+          const cfg = JSON.parse(import_fs48.default.readFileSync(configPath, "utf-8"));
           const hud = cfg.settings?.hud;
           if (hud && "showEnvironmentCounts" in hud) return hud.showEnvironmentCounts !== false;
         }
@@ -16915,13 +17058,13 @@ async function main() {
     renderOffline();
   }
 }
-var import_fs47, import_path48, import_os42, import_http3, RESET3, BOLD3, DIM, RED2, GREEN2, YELLOW2, BLUE, MAGENTA, CYAN2, WHITE, BAR_FILLED, BAR_EMPTY, BAR_WIDTH, shieldsCache, SHIELDS_CACHE_TTL_MS;
+var import_fs48, import_path49, import_os43, import_http3, RESET3, BOLD3, DIM, RED2, GREEN2, YELLOW2, BLUE, MAGENTA, CYAN2, WHITE, BAR_FILLED, BAR_EMPTY, BAR_WIDTH, shieldsCache, SHIELDS_CACHE_TTL_MS;
 var init_hud = __esm({
   "src/cli/hud.ts"() {
     "use strict";
-    import_fs47 = __toESM(require("fs"));
-    import_path48 = __toESM(require("path"));
-    import_os42 = __toESM(require("os"));
+    import_fs48 = __toESM(require("fs"));
+    import_path49 = __toESM(require("path"));
+    import_os43 = __toESM(require("os"));
     import_http3 = __toESM(require("http"));
     init_daemon();
     RESET3 = "\x1B[0m";
@@ -16948,9 +17091,9 @@ init_core();
 init_setup();
 init_daemon2();
 var import_chalk30 = __toESM(require("chalk"));
-var import_fs48 = __toESM(require("fs"));
-var import_path49 = __toESM(require("path"));
-var import_os43 = __toESM(require("os"));
+var import_fs49 = __toESM(require("fs"));
+var import_path50 = __toESM(require("path"));
+var import_os44 = __toESM(require("os"));
 var import_prompts2 = require("@inquirer/prompts");
 
 // src/utils/duration.ts
@@ -17132,18 +17275,18 @@ async function runProxy(targetCommand) {
 
 // src/cli/daemon-starter.ts
 var import_child_process5 = require("child_process");
-var import_path30 = __toESM(require("path"));
-var import_fs29 = __toESM(require("fs"));
+var import_path31 = __toESM(require("path"));
+var import_fs30 = __toESM(require("fs"));
 init_daemon();
 function isTestingMode() {
   return /^(1|true|yes)$/i.test(process.env.NODE9_TESTING ?? "");
 }
 async function autoStartDaemonAndWait() {
   if (isTestingMode()) return false;
-  if (!import_path30.default.isAbsolute(process.argv[1])) return false;
+  if (!import_path31.default.isAbsolute(process.argv[1])) return false;
   let resolvedArgv1;
   try {
-    resolvedArgv1 = import_fs29.default.realpathSync(process.argv[1]);
+    resolvedArgv1 = import_fs30.default.realpathSync(process.argv[1]);
   } catch {
     return false;
   }
@@ -17170,10 +17313,10 @@ async function autoStartDaemonAndWait() {
 
 // src/cli/commands/check.ts
 var import_chalk9 = __toESM(require("chalk"));
-var import_fs32 = __toESM(require("fs"));
+var import_fs33 = __toESM(require("fs"));
 var import_child_process7 = require("child_process");
-var import_path33 = __toESM(require("path"));
-var import_os28 = __toESM(require("os"));
+var import_path34 = __toESM(require("path"));
+var import_os29 = __toESM(require("os"));
 init_orchestrator();
 init_daemon();
 init_config();
@@ -17181,12 +17324,12 @@ init_policy();
 
 // src/undo.ts
 var import_child_process6 = require("child_process");
-var import_crypto9 = __toESM(require("crypto"));
-var import_fs30 = __toESM(require("fs"));
+var import_crypto11 = __toESM(require("crypto"));
+var import_fs31 = __toESM(require("fs"));
 var import_net3 = __toESM(require("net"));
-var import_path31 = __toESM(require("path"));
-var import_os26 = __toESM(require("os"));
-var ACTIVITY_SOCKET_PATH3 = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : import_path31.default.join(import_os26.default.tmpdir(), "node9-activity.sock");
+var import_path32 = __toESM(require("path"));
+var import_os27 = __toESM(require("os"));
+var ACTIVITY_SOCKET_PATH3 = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : import_path32.default.join(import_os27.default.tmpdir(), "node9-activity.sock");
 function notifySnapshotTaken(hash, tool, argsSummary, fileCount) {
   try {
     const payload = JSON.stringify({
@@ -17206,22 +17349,22 @@ function notifySnapshotTaken(hash, tool, argsSummary, fileCount) {
   } catch {
   }
 }
-var SNAPSHOT_STACK_PATH = import_path31.default.join(import_os26.default.homedir(), ".node9", "snapshots.json");
-var UNDO_LATEST_PATH = import_path31.default.join(import_os26.default.homedir(), ".node9", "undo_latest.txt");
+var SNAPSHOT_STACK_PATH = import_path32.default.join(import_os27.default.homedir(), ".node9", "snapshots.json");
+var UNDO_LATEST_PATH = import_path32.default.join(import_os27.default.homedir(), ".node9", "undo_latest.txt");
 var MAX_SNAPSHOTS = 10;
 var GIT_TIMEOUT = 15e3;
 function readStack() {
   try {
-    if (import_fs30.default.existsSync(SNAPSHOT_STACK_PATH))
-      return JSON.parse(import_fs30.default.readFileSync(SNAPSHOT_STACK_PATH, "utf-8"));
+    if (import_fs31.default.existsSync(SNAPSHOT_STACK_PATH))
+      return JSON.parse(import_fs31.default.readFileSync(SNAPSHOT_STACK_PATH, "utf-8"));
   } catch {
   }
   return [];
 }
 function writeStack(stack) {
-  const dir = import_path31.default.dirname(SNAPSHOT_STACK_PATH);
-  if (!import_fs30.default.existsSync(dir)) import_fs30.default.mkdirSync(dir, { recursive: true });
-  import_fs30.default.writeFileSync(SNAPSHOT_STACK_PATH, JSON.stringify(stack, null, 2));
+  const dir = import_path32.default.dirname(SNAPSHOT_STACK_PATH);
+  if (!import_fs31.default.existsSync(dir)) import_fs31.default.mkdirSync(dir, { recursive: true });
+  import_fs31.default.writeFileSync(SNAPSHOT_STACK_PATH, JSON.stringify(stack, null, 2));
 }
 function extractFilePath(args) {
   if (!args || typeof args !== "object") return null;
@@ -17241,12 +17384,12 @@ function buildArgsSummary(tool, args) {
   return "";
 }
 function findProjectRoot(filePath) {
-  let dir = import_path31.default.dirname(filePath);
+  let dir = import_path32.default.dirname(filePath);
   while (true) {
-    if (import_fs30.default.existsSync(import_path31.default.join(dir, ".git")) || import_fs30.default.existsSync(import_path31.default.join(dir, "package.json"))) {
+    if (import_fs31.default.existsSync(import_path32.default.join(dir, ".git")) || import_fs31.default.existsSync(import_path32.default.join(dir, "package.json"))) {
       return dir;
     }
-    const parent = import_path31.default.dirname(dir);
+    const parent = import_path32.default.dirname(dir);
     if (parent === dir) return process.cwd();
     dir = parent;
   }
@@ -17254,7 +17397,7 @@ function findProjectRoot(filePath) {
 function normalizeCwdForHash(cwd) {
   let normalized;
   try {
-    normalized = import_fs30.default.realpathSync(cwd);
+    normalized = import_fs31.default.realpathSync(cwd);
   } catch {
     normalized = cwd;
   }
@@ -17263,17 +17406,17 @@ function normalizeCwdForHash(cwd) {
   return normalized;
 }
 function getShadowRepoDir(cwd) {
-  const hash = import_crypto9.default.createHash("sha256").update(normalizeCwdForHash(cwd)).digest("hex").slice(0, 16);
-  return import_path31.default.join(import_os26.default.homedir(), ".node9", "snapshots", hash);
+  const hash = import_crypto11.default.createHash("sha256").update(normalizeCwdForHash(cwd)).digest("hex").slice(0, 16);
+  return import_path32.default.join(import_os27.default.homedir(), ".node9", "snapshots", hash);
 }
 function cleanOrphanedIndexFiles(shadowDir) {
   try {
     const cutoff = Date.now() - 6e4;
-    for (const f of import_fs30.default.readdirSync(shadowDir)) {
+    for (const f of import_fs31.default.readdirSync(shadowDir)) {
       if (f.startsWith("index_")) {
-        const fp = import_path31.default.join(shadowDir, f);
+        const fp = import_path32.default.join(shadowDir, f);
         try {
-          if (import_fs30.default.statSync(fp).mtimeMs < cutoff) import_fs30.default.unlinkSync(fp);
+          if (import_fs31.default.statSync(fp).mtimeMs < cutoff) import_fs31.default.unlinkSync(fp);
         } catch {
         }
       }
@@ -17285,7 +17428,7 @@ function writeShadowExcludes(shadowDir, ignorePaths) {
   const hardcoded = [".git", ".node9"];
   const lines = [...hardcoded, ...ignorePaths].join("\n");
   try {
-    import_fs30.default.writeFileSync(import_path31.default.join(shadowDir, "info", "exclude"), lines + "\n", "utf8");
+    import_fs31.default.writeFileSync(import_path32.default.join(shadowDir, "info", "exclude"), lines + "\n", "utf8");
   } catch {
   }
 }
@@ -17298,25 +17441,25 @@ function ensureShadowRepo(shadowDir, cwd) {
     timeout: 3e3
   });
   if (check.status === 0) {
-    const ptPath = import_path31.default.join(shadowDir, "project-path.txt");
+    const ptPath = import_path32.default.join(shadowDir, "project-path.txt");
     try {
-      const stored = import_fs30.default.readFileSync(ptPath, "utf8").trim();
+      const stored = import_fs31.default.readFileSync(ptPath, "utf8").trim();
       if (stored === normalizedCwd) return true;
       if (process.env.NODE9_DEBUG === "1")
         console.error(
           `[Node9] Shadow repo path mismatch: stored="${stored}" expected="${normalizedCwd}" \u2014 reinitializing`
         );
-      import_fs30.default.rmSync(shadowDir, { recursive: true, force: true });
+      import_fs31.default.rmSync(shadowDir, { recursive: true, force: true });
     } catch {
       try {
-        import_fs30.default.writeFileSync(ptPath, normalizedCwd, "utf8");
+        import_fs31.default.writeFileSync(ptPath, normalizedCwd, "utf8");
       } catch {
       }
       return true;
     }
   }
   try {
-    import_fs30.default.mkdirSync(shadowDir, { recursive: true });
+    import_fs31.default.mkdirSync(shadowDir, { recursive: true });
   } catch {
   }
   const init = (0, import_child_process6.spawnSync)("git", ["init", "--bare", shadowDir], { timeout: 5e3 });
@@ -17325,7 +17468,7 @@ function ensureShadowRepo(shadowDir, cwd) {
     if (process.env.NODE9_DEBUG === "1") console.error("[Node9] git init --bare failed:", reason);
     return false;
   }
-  const configFile = import_path31.default.join(shadowDir, "config");
+  const configFile = import_path32.default.join(shadowDir, "config");
   (0, import_child_process6.spawnSync)("git", ["config", "--file", configFile, "core.untrackedCache", "true"], {
     timeout: 3e3
   });
@@ -17333,7 +17476,7 @@ function ensureShadowRepo(shadowDir, cwd) {
     timeout: 3e3
   });
   try {
-    import_fs30.default.writeFileSync(import_path31.default.join(shadowDir, "project-path.txt"), normalizedCwd, "utf8");
+    import_fs31.default.writeFileSync(import_path32.default.join(shadowDir, "project-path.txt"), normalizedCwd, "utf8");
   } catch {
   }
   return true;
@@ -17356,12 +17499,12 @@ async function createShadowSnapshot(tool = "unknown", args = {}, ignorePaths = [
   let indexFile = null;
   try {
     const rawFilePath = extractFilePath(args);
-    const absFilePath = rawFilePath && import_path31.default.isAbsolute(rawFilePath) ? rawFilePath : null;
+    const absFilePath = rawFilePath && import_path32.default.isAbsolute(rawFilePath) ? rawFilePath : null;
     const cwd = absFilePath ? findProjectRoot(absFilePath) : process.cwd();
     const shadowDir = getShadowRepoDir(cwd);
     if (!ensureShadowRepo(shadowDir, cwd)) return null;
     writeShadowExcludes(shadowDir, ignorePaths);
-    indexFile = import_path31.default.join(shadowDir, `index_${process.pid}_${Date.now()}`);
+    indexFile = import_path32.default.join(shadowDir, `index_${process.pid}_${Date.now()}`);
     const shadowEnv = {
       ...process.env,
       GIT_DIR: shadowDir,
@@ -17433,7 +17576,7 @@ async function createShadowSnapshot(tool = "unknown", args = {}, ignorePaths = [
     writeStack(stack);
     const entry = stack[stack.length - 1];
     notifySnapshotTaken(commitHash.slice(0, 7), tool, entry.argsSummary, capturedFiles.length);
-    import_fs30.default.writeFileSync(UNDO_LATEST_PATH, commitHash);
+    import_fs31.default.writeFileSync(UNDO_LATEST_PATH, commitHash);
     if (shouldGc) {
       (0, import_child_process6.spawn)("git", ["gc", "--auto"], { env: shadowEnv, detached: true, stdio: "ignore" }).unref();
     }
@@ -17444,7 +17587,7 @@ async function createShadowSnapshot(tool = "unknown", args = {}, ignorePaths = [
   } finally {
     if (indexFile) {
       try {
-        import_fs30.default.unlinkSync(indexFile);
+        import_fs31.default.unlinkSync(indexFile);
       } catch {
       }
     }
@@ -17520,9 +17663,9 @@ function applyUndo(hash, cwd) {
       timeout: GIT_TIMEOUT
     }).stdout?.toString().trim().split("\n").filter(Boolean) ?? [];
     for (const file of [...tracked, ...untracked]) {
-      const fullPath = import_path31.default.join(dir, file);
-      if (!snapshotFiles.has(file) && import_fs30.default.existsSync(fullPath)) {
-        import_fs30.default.unlinkSync(fullPath);
+      const fullPath = import_path32.default.join(dir, file);
+      if (!snapshotFiles.has(file) && import_fs31.default.existsSync(fullPath)) {
+        import_fs31.default.unlinkSync(fullPath);
       }
     }
     return true;
@@ -17532,17 +17675,17 @@ function applyUndo(hash, cwd) {
 }
 
 // src/skill-pin.ts
-var import_fs31 = __toESM(require("fs"));
-var import_path32 = __toESM(require("path"));
-var import_os27 = __toESM(require("os"));
-var import_crypto10 = __toESM(require("crypto"));
+var import_fs32 = __toESM(require("fs"));
+var import_path33 = __toESM(require("path"));
+var import_os28 = __toESM(require("os"));
+var import_crypto12 = __toESM(require("crypto"));
 function getPinsFilePath2() {
-  return import_path32.default.join(import_os27.default.homedir(), ".node9", "skill-pins.json");
+  return import_path33.default.join(import_os28.default.homedir(), ".node9", "skill-pins.json");
 }
 var MAX_FILES = 5e3;
 var MAX_TOTAL_BYTES = 50 * 1024 * 1024;
 function sha256Bytes(buf) {
-  return import_crypto10.default.createHash("sha256").update(buf).digest("hex");
+  return import_crypto12.default.createHash("sha256").update(buf).digest("hex");
 }
 function walkDir(root) {
   const out = [];
@@ -17551,18 +17694,18 @@ function walkDir(root) {
     if (out.length >= MAX_FILES) return;
     let entries;
     try {
-      entries = import_fs31.default.readdirSync(dir, { withFileTypes: true });
+      entries = import_fs32.default.readdirSync(dir, { withFileTypes: true });
     } catch {
       return;
     }
     entries.sort((a, b) => a.name.localeCompare(b.name));
     for (const entry of entries) {
       if (out.length >= MAX_FILES) return;
-      const full = import_path32.default.join(dir, entry.name);
-      const rel = relDir ? import_path32.default.posix.join(relDir, entry.name) : entry.name;
+      const full = import_path33.default.join(dir, entry.name);
+      const rel = relDir ? import_path33.default.posix.join(relDir, entry.name) : entry.name;
       let lst;
       try {
-        lst = import_fs31.default.lstatSync(full);
+        lst = import_fs32.default.lstatSync(full);
       } catch {
         continue;
       }
@@ -17574,7 +17717,7 @@ function walkDir(root) {
       if (!lst.isFile()) continue;
       if (totalBytes + lst.size > MAX_TOTAL_BYTES) continue;
       try {
-        const buf = import_fs31.default.readFileSync(full);
+        const buf = import_fs32.default.readFileSync(full);
         totalBytes += buf.length;
         out.push({ rel, hash: sha256Bytes(buf) });
       } catch {
@@ -17588,32 +17731,32 @@ function walkDir(root) {
 function hashSkillRoot(absPath) {
   let lst;
   try {
-    lst = import_fs31.default.lstatSync(absPath);
+    lst = import_fs32.default.lstatSync(absPath);
   } catch {
     return { exists: false, contentHash: "", fileCount: 0 };
   }
   if (lst.isSymbolicLink()) return { exists: false, contentHash: "", fileCount: 0 };
   if (lst.isFile()) {
     try {
-      return { exists: true, contentHash: sha256Bytes(import_fs31.default.readFileSync(absPath)), fileCount: 1 };
+      return { exists: true, contentHash: sha256Bytes(import_fs32.default.readFileSync(absPath)), fileCount: 1 };
     } catch {
       return { exists: false, contentHash: "", fileCount: 0 };
     }
   }
   if (lst.isDirectory()) {
     const entries = walkDir(absPath);
-    const contentHash = import_crypto10.default.createHash("sha256").update(entries.join("\n")).digest("hex");
+    const contentHash = import_crypto12.default.createHash("sha256").update(entries.join("\n")).digest("hex");
     return { exists: true, contentHash, fileCount: entries.length };
   }
   return { exists: false, contentHash: "", fileCount: 0 };
 }
 function getRootKey(absPath) {
-  return import_crypto10.default.createHash("sha256").update(absPath).digest("hex").slice(0, 16);
+  return import_crypto12.default.createHash("sha256").update(absPath).digest("hex").slice(0, 16);
 }
 function readSkillPinsSafe() {
   const filePath = getPinsFilePath2();
   try {
-    const raw = import_fs31.default.readFileSync(filePath, "utf-8");
+    const raw = import_fs32.default.readFileSync(filePath, "utf-8");
     if (!raw.trim()) return { ok: false, reason: "corrupt", detail: "empty file" };
     const parsed = JSON.parse(raw);
     if (!parsed.roots || typeof parsed.roots !== "object" || Array.isArray(parsed.roots)) {
@@ -17633,10 +17776,10 @@ function readSkillPins() {
 }
 function writeSkillPins(data) {
   const filePath = getPinsFilePath2();
-  import_fs31.default.mkdirSync(import_path32.default.dirname(filePath), { recursive: true });
-  const tmp = `${filePath}.${import_crypto10.default.randomBytes(6).toString("hex")}.tmp`;
-  import_fs31.default.writeFileSync(tmp, JSON.stringify(data, null, 2), { mode: 384 });
-  import_fs31.default.renameSync(tmp, filePath);
+  import_fs32.default.mkdirSync(import_path33.default.dirname(filePath), { recursive: true });
+  const tmp = `${filePath}.${import_crypto12.default.randomBytes(6).toString("hex")}.tmp`;
+  import_fs32.default.writeFileSync(tmp, JSON.stringify(data, null, 2), { mode: 384 });
+  import_fs32.default.renameSync(tmp, filePath);
 }
 function removePin2(rootKey) {
   const pins = readSkillPins();
@@ -17680,36 +17823,36 @@ function verifyAndPinRoots(roots) {
   return { kind: "verified" };
 }
 function defaultSkillRoots(_cwd) {
-  const marketplaces = import_path32.default.join(import_os27.default.homedir(), ".claude", "plugins", "marketplaces");
+  const marketplaces = import_path33.default.join(import_os28.default.homedir(), ".claude", "plugins", "marketplaces");
   const roots = [];
   let registries;
   try {
-    registries = import_fs31.default.readdirSync(marketplaces, { withFileTypes: true });
+    registries = import_fs32.default.readdirSync(marketplaces, { withFileTypes: true });
   } catch {
     return [];
   }
   for (const registry of registries) {
     if (!registry.isDirectory()) continue;
-    const pluginsDir = import_path32.default.join(marketplaces, registry.name, "plugins");
+    const pluginsDir = import_path33.default.join(marketplaces, registry.name, "plugins");
     let plugins;
     try {
-      plugins = import_fs31.default.readdirSync(pluginsDir, { withFileTypes: true });
+      plugins = import_fs32.default.readdirSync(pluginsDir, { withFileTypes: true });
     } catch {
       continue;
     }
     for (const plugin of plugins) {
       if (!plugin.isDirectory()) continue;
-      roots.push(import_path32.default.join(pluginsDir, plugin.name));
+      roots.push(import_path33.default.join(pluginsDir, plugin.name));
     }
   }
   return roots;
 }
 function resolveUserSkillRoot(entry, cwd) {
   if (!entry) return null;
-  if (entry.startsWith("~/") || entry === "~") return import_path32.default.join(import_os27.default.homedir(), entry.slice(1));
-  if (import_path32.default.isAbsolute(entry)) return entry;
-  if (!cwd || !import_path32.default.isAbsolute(cwd)) return null;
-  return import_path32.default.join(cwd, entry);
+  if (entry.startsWith("~/") || entry === "~") return import_path33.default.join(import_os28.default.homedir(), entry.slice(1));
+  if (import_path33.default.isAbsolute(entry)) return entry;
+  if (!cwd || !import_path33.default.isAbsolute(cwd)) return null;
+  return import_path33.default.join(cwd, entry);
 }
 
 // src/cli/commands/check.ts
@@ -17778,9 +17921,9 @@ function registerCheckCommand(program2) {
         } catch (err2) {
           const tempConfig = getConfig();
           if (process.env.NODE9_DEBUG === "1" || tempConfig.settings.enableHookLogDebug) {
-            const logPath = import_path33.default.join(import_os28.default.homedir(), ".node9", "hook-debug.log");
+            const logPath = import_path34.default.join(import_os29.default.homedir(), ".node9", "hook-debug.log");
             const errMsg = err2 instanceof Error ? err2.message : String(err2);
-            import_fs32.default.appendFileSync(
+            import_fs33.default.appendFileSync(
               logPath,
               `[${(/* @__PURE__ */ new Date()).toISOString()}] JSON_PARSE_ERROR: ${errMsg}
 RAW: ${raw}
@@ -17793,14 +17936,14 @@ RAW: ${raw}
           const prompt = typeof payload.prompt === "string" ? payload.prompt : "";
           if (process.env.NODE9_DEBUG === "1") {
             try {
-              const logPath = import_path33.default.join(import_os28.default.homedir(), ".node9", "hook-debug.log");
-              if (!import_fs32.default.existsSync(import_path33.default.dirname(logPath)))
-                import_fs32.default.mkdirSync(import_path33.default.dirname(logPath), { recursive: true });
+              const logPath = import_path34.default.join(import_os29.default.homedir(), ".node9", "hook-debug.log");
+              if (!import_fs33.default.existsSync(import_path34.default.dirname(logPath)))
+                import_fs33.default.mkdirSync(import_path34.default.dirname(logPath), { recursive: true });
               const sanitized = JSON.stringify({
                 ...payload,
                 prompt: `<redacted, ${prompt.length} bytes>`
               });
-              import_fs32.default.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] STDIN: ${sanitized}
+              import_fs33.default.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] STDIN: ${sanitized}
 `);
             } catch {
             }
@@ -17820,8 +17963,8 @@ RAW: ${raw}
           );
           const reason = `\u{1F6A8} Node9 DLP: ${dlpMatch.patternName} detected in prompt (${dlpMatch.redactedSample}). Prompt was not submitted \u2014 remove the credential and try again.`;
           try {
-            const ttyFd = import_fs32.default.openSync("/dev/tty", "w");
-            import_fs32.default.writeSync(
+            const ttyFd = import_fs33.default.openSync("/dev/tty", "w");
+            import_fs33.default.writeSync(
               ttyFd,
               import_chalk9.default.bgRed.white.bold(`
  \u{1F6A8} NODE9 DLP \u2014 PROMPT BLOCKED 
@@ -17831,7 +17974,7 @@ RAW: ${raw}
 
 `)
             );
-            import_fs32.default.closeSync(ttyFd);
+            import_fs33.default.closeSync(ttyFd);
           } catch {
           }
           const isCodex = agent2 === "Codex";
@@ -17850,16 +17993,16 @@ RAW: ${raw}
           process.exit(2);
         }
         const payloadCwd = typeof payload.cwd === "string" ? payload.cwd : Array.isArray(payload.workspacePaths) && typeof payload.workspacePaths[0] === "string" ? payload.workspacePaths[0] : void 0;
-        const safeCwdForConfig = typeof payloadCwd === "string" && import_path33.default.isAbsolute(payloadCwd) ? payloadCwd : void 0;
+        const safeCwdForConfig = typeof payloadCwd === "string" && import_path34.default.isAbsolute(payloadCwd) ? payloadCwd : void 0;
         const config = getConfig(safeCwdForConfig);
         if (config.settings.autoStartDaemon && !isDaemonRunning() && !process.env.NODE9_NO_AUTO_DAEMON) {
           try {
             const scriptPath = process.argv[1];
-            if (typeof scriptPath !== "string" || !import_path33.default.isAbsolute(scriptPath))
+            if (typeof scriptPath !== "string" || !import_path34.default.isAbsolute(scriptPath))
               throw new Error("node9: argv[1] is not an absolute path");
-            const resolvedScript = import_fs32.default.realpathSync(scriptPath);
-            const packageDist = import_fs32.default.realpathSync(import_path33.default.resolve(__dirname, "../.."));
-            if (!resolvedScript.startsWith(packageDist + import_path33.default.sep) && resolvedScript !== packageDist)
+            const resolvedScript = import_fs33.default.realpathSync(scriptPath);
+            const packageDist = import_fs33.default.realpathSync(import_path34.default.resolve(__dirname, "../.."));
+            if (!resolvedScript.startsWith(packageDist + import_path34.default.sep) && resolvedScript !== packageDist)
               throw new Error(
                 `node9: daemon spawn aborted \u2014 argv[1] (${resolvedScript}) is outside package dist (${packageDist})`
               );
@@ -17881,10 +18024,10 @@ RAW: ${raw}
             });
             d.unref();
           } catch (spawnErr) {
-            const logPath = import_path33.default.join(import_os28.default.homedir(), ".node9", "hook-debug.log");
+            const logPath = import_path34.default.join(import_os29.default.homedir(), ".node9", "hook-debug.log");
             const msg = spawnErr instanceof Error ? spawnErr.message : String(spawnErr);
             try {
-              import_fs32.default.appendFileSync(
+              import_fs33.default.appendFileSync(
                 logPath,
                 `[${(/* @__PURE__ */ new Date()).toISOString()}] daemon-autostart-failed: ${msg}
 `
@@ -17894,10 +18037,10 @@ RAW: ${raw}
           }
         }
         if (process.env.NODE9_DEBUG === "1" || config.settings.enableHookLogDebug) {
-          const logPath = import_path33.default.join(import_os28.default.homedir(), ".node9", "hook-debug.log");
-          if (!import_fs32.default.existsSync(import_path33.default.dirname(logPath)))
-            import_fs32.default.mkdirSync(import_path33.default.dirname(logPath), { recursive: true });
-          import_fs32.default.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] STDIN: ${raw}
+          const logPath = import_path34.default.join(import_os29.default.homedir(), ".node9", "hook-debug.log");
+          if (!import_fs33.default.existsSync(import_path34.default.dirname(logPath)))
+            import_fs33.default.mkdirSync(import_path34.default.dirname(logPath), { recursive: true });
+          import_fs33.default.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] STDIN: ${raw}
 `);
         }
         const rawToolName = sanitize2(extractToolName(payload));
@@ -17911,8 +18054,8 @@ RAW: ${raw}
           const isHumanDecision = blockedByContext.toLowerCase().includes("user") || blockedByContext.toLowerCase().includes("daemon") || blockedByContext.toLowerCase().includes("decision");
           let ttyFd = null;
           try {
-            ttyFd = import_fs32.default.openSync("/dev/tty", "w");
-            const writeTty = (line) => import_fs32.default.writeSync(ttyFd, line + "\n");
+            ttyFd = import_fs33.default.openSync("/dev/tty", "w");
+            const writeTty = (line) => import_fs33.default.writeSync(ttyFd, line + "\n");
             if (blockedByContext.includes("DLP") || blockedByContext.includes("Secret Detected") || blockedByContext.includes("Credential Review")) {
               writeTty(import_chalk9.default.bgRed.white.bold(`
  \u{1F6A8} NODE9 DLP ALERT \u2014 CREDENTIAL DETECTED `));
@@ -17931,7 +18074,7 @@ RAW: ${raw}
           } finally {
             if (ttyFd !== null)
               try {
-                import_fs32.default.closeSync(ttyFd);
+                import_fs33.default.closeSync(ttyFd);
               } catch {
               }
           }
@@ -17982,17 +18125,17 @@ RAW: ${raw}
         const safeSessionId = /^[A-Za-z0-9_\-]{1,128}$/.test(rawSessionId) ? rawSessionId : "";
         if (skillPinCfg.enabled && safeSessionId) {
           try {
-            const sessionsDir = import_path33.default.join(import_os28.default.homedir(), ".node9", "skill-sessions");
-            const flagPath = import_path33.default.join(sessionsDir, `${safeSessionId}.json`);
+            const sessionsDir = import_path34.default.join(import_os29.default.homedir(), ".node9", "skill-sessions");
+            const flagPath = import_path34.default.join(sessionsDir, `${safeSessionId}.json`);
             let flag = null;
             try {
-              flag = JSON.parse(import_fs32.default.readFileSync(flagPath, "utf-8"));
+              flag = JSON.parse(import_fs33.default.readFileSync(flagPath, "utf-8"));
             } catch {
             }
             const writeFlag = (data2) => {
               try {
-                import_fs32.default.mkdirSync(sessionsDir, { recursive: true });
-                import_fs32.default.writeFileSync(
+                import_fs33.default.mkdirSync(sessionsDir, { recursive: true });
+                import_fs33.default.writeFileSync(
                   flagPath,
                   JSON.stringify({ ...data2, timestamp: (/* @__PURE__ */ new Date()).toISOString() }, null, 2),
                   { mode: 384 }
@@ -18003,8 +18146,8 @@ RAW: ${raw}
             const sendSkillWarn = (detail, recoveryCmd) => {
               let ttyFd = null;
               try {
-                ttyFd = import_fs32.default.openSync("/dev/tty", "w");
-                const w = (line) => import_fs32.default.writeSync(ttyFd, line + "\n");
+                ttyFd = import_fs33.default.openSync("/dev/tty", "w");
+                const w = (line) => import_fs33.default.writeSync(ttyFd, line + "\n");
                 w(import_chalk9.default.yellow(`
 \u26A0\uFE0F  Node9: installed skill drift detected`));
                 w(import_chalk9.default.gray(`   ${detail}`));
@@ -18019,7 +18162,7 @@ RAW: ${raw}
               } finally {
                 if (ttyFd !== null)
                   try {
-                    import_fs32.default.closeSync(ttyFd);
+                    import_fs33.default.closeSync(ttyFd);
                   } catch {
                   }
               }
@@ -18035,7 +18178,7 @@ RAW: ${raw}
               return;
             }
             if (!flag || flag.state !== "verified" && flag.state !== "warned") {
-              const absoluteCwd = typeof payloadCwd === "string" && import_path33.default.isAbsolute(payloadCwd) ? payloadCwd : void 0;
+              const absoluteCwd = typeof payloadCwd === "string" && import_path34.default.isAbsolute(payloadCwd) ? payloadCwd : void 0;
               const extraRoots = skillPinCfg.roots;
               const resolvedExtra = extraRoots.map((r) => resolveUserSkillRoot(r, absoluteCwd)).filter((r) => typeof r === "string");
               const roots = [...defaultSkillRoots(absoluteCwd), ...resolvedExtra];
@@ -18076,10 +18219,10 @@ RAW: ${raw}
               }
               try {
                 const cutoff = Date.now() - 7 * 24 * 60 * 60 * 1e3;
-                for (const name of import_fs32.default.readdirSync(sessionsDir)) {
-                  const p = import_path33.default.join(sessionsDir, name);
+                for (const name of import_fs33.default.readdirSync(sessionsDir)) {
+                  const p = import_path34.default.join(sessionsDir, name);
                   try {
-                    if (import_fs32.default.statSync(p).mtimeMs < cutoff) import_fs32.default.unlinkSync(p);
+                    if (import_fs33.default.statSync(p).mtimeMs < cutoff) import_fs33.default.unlinkSync(p);
                   } catch {
                   }
                 }
@@ -18089,9 +18232,9 @@ RAW: ${raw}
           } catch (err2) {
             if (process.env.NODE9_DEBUG === "1") {
               try {
-                const dbg = import_path33.default.join(import_os28.default.homedir(), ".node9", "hook-debug.log");
+                const dbg = import_path34.default.join(import_os29.default.homedir(), ".node9", "hook-debug.log");
                 const msg = err2 instanceof Error ? err2.message : String(err2);
-                import_fs32.default.appendFileSync(dbg, `[${(/* @__PURE__ */ new Date()).toISOString()}] SKILL_PIN_ERROR: ${msg}
+                import_fs33.default.appendFileSync(dbg, `[${(/* @__PURE__ */ new Date()).toISOString()}] SKILL_PIN_ERROR: ${msg}
 `);
               } catch {
               }
@@ -18101,7 +18244,7 @@ RAW: ${raw}
         if (shouldSnapshot(toolName, toolInput, config)) {
           await createShadowSnapshot(toolName, toolInput, config.policy.snapshot.ignorePaths);
         }
-        const safeCwdForAuth = typeof payloadCwd === "string" && import_path33.default.isAbsolute(payloadCwd) ? payloadCwd : void 0;
+        const safeCwdForAuth = typeof payloadCwd === "string" && import_path34.default.isAbsolute(payloadCwd) ? payloadCwd : void 0;
         const result = await authorizeHeadless(toolName, toolInput, meta, {
           cwd: safeCwdForAuth
         });
@@ -18113,12 +18256,12 @@ RAW: ${raw}
         }
         if (result.noApprovalMechanism && !isDaemonRunning() && !process.env.NODE9_NO_AUTO_DAEMON && !process.stdout.isTTY && config.settings.autoStartDaemon) {
           try {
-            const tty = import_fs32.default.openSync("/dev/tty", "w");
-            import_fs32.default.writeSync(
+            const tty = import_fs33.default.openSync("/dev/tty", "w");
+            import_fs33.default.writeSync(
               tty,
               import_chalk9.default.cyan("\n\u{1F6E1}\uFE0F  Node9: Starting approval daemon automatically...\n")
             );
-            import_fs32.default.closeSync(tty);
+            import_fs33.default.closeSync(tty);
           } catch {
           }
           const daemonReady = await autoStartDaemonAndWait();
@@ -18145,9 +18288,9 @@ RAW: ${raw}
         });
       } catch (err2) {
         if (process.env.NODE9_DEBUG === "1") {
-          const logPath = import_path33.default.join(import_os28.default.homedir(), ".node9", "hook-debug.log");
+          const logPath = import_path34.default.join(import_os29.default.homedir(), ".node9", "hook-debug.log");
           const errMsg = err2 instanceof Error ? err2.message : String(err2);
-          import_fs32.default.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] ERROR: ${errMsg}
+          import_fs33.default.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] ERROR: ${errMsg}
 `);
         }
         process.exit(0);
@@ -18181,9 +18324,9 @@ RAW: ${raw}
 }
 
 // src/cli/commands/log.ts
-var import_fs33 = __toESM(require("fs"));
-var import_path34 = __toESM(require("path"));
-var import_os29 = __toESM(require("os"));
+var import_fs34 = __toESM(require("fs"));
+var import_path35 = __toESM(require("path"));
+var import_os30 = __toESM(require("os"));
 init_audit();
 init_config();
 init_daemon();
@@ -18278,10 +18421,10 @@ function registerLogCommand(program2) {
         if (rawToolName !== tool) entry.agentToolName = rawToolName;
         const payloadSessionId = payload.session_id ?? payload.conversationId;
         if (payloadSessionId) entry.sessionId = payloadSessionId;
-        const logPath = import_path34.default.join(import_os29.default.homedir(), ".node9", "audit.log");
-        if (!import_fs33.default.existsSync(import_path34.default.dirname(logPath)))
-          import_fs33.default.mkdirSync(import_path34.default.dirname(logPath), { recursive: true });
-        import_fs33.default.appendFileSync(logPath, JSON.stringify(entry) + "\n");
+        const logPath = import_path35.default.join(import_os30.default.homedir(), ".node9", "audit.log");
+        if (!import_fs34.default.existsSync(import_path35.default.dirname(logPath)))
+          import_fs34.default.mkdirSync(import_path35.default.dirname(logPath), { recursive: true });
+        import_fs34.default.appendFileSync(logPath, JSON.stringify(entry) + "\n");
         if ((tool === "Bash" || tool === "bash") && isDaemonRunning()) {
           const command = typeof rawInput === "object" && rawInput !== null && "command" in rawInput && typeof rawInput.command === "string" ? rawInput.command : null;
           if (command) {
@@ -18315,7 +18458,7 @@ function registerLogCommand(program2) {
           }
         }
         const payloadCwd = typeof payload.cwd === "string" ? payload.cwd : Array.isArray(payload.workspacePaths) && typeof payload.workspacePaths[0] === "string" ? payload.workspacePaths[0] : void 0;
-        const safeCwd = typeof payloadCwd === "string" && import_path34.default.isAbsolute(payloadCwd) ? payloadCwd : void 0;
+        const safeCwd = typeof payloadCwd === "string" && import_path35.default.isAbsolute(payloadCwd) ? payloadCwd : void 0;
         const config = getConfig(safeCwd);
         if ((tool === "Bash" || tool === "bash") && config.settings.enableUndo !== false) {
           const bashCommand = typeof rawInput === "object" && rawInput !== null && "command" in rawInput && typeof rawInput.command === "string" ? rawInput.command : null;
@@ -18336,9 +18479,9 @@ function registerLogCommand(program2) {
         const msg = err2 instanceof Error ? err2.message : String(err2);
         process.stderr.write(`[Node9] audit log error: ${msg}
 `);
-        const debugPath = import_path34.default.join(import_os29.default.homedir(), ".node9", "hook-debug.log");
+        const debugPath = import_path35.default.join(import_os30.default.homedir(), ".node9", "hook-debug.log");
         try {
-          import_fs33.default.appendFileSync(debugPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] LOG_ERROR: ${msg}
+          import_fs34.default.appendFileSync(debugPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] LOG_ERROR: ${msg}
 `);
         } catch {
         }
@@ -18738,14 +18881,15 @@ function registerConfigShowCommand(program2) {
 
 // src/cli/commands/doctor.ts
 var import_chalk11 = __toESM(require("chalk"));
-var import_fs34 = __toESM(require("fs"));
-var import_path35 = __toESM(require("path"));
-var import_os30 = __toESM(require("os"));
+var import_fs35 = __toESM(require("fs"));
+var import_path36 = __toESM(require("path"));
+var import_os31 = __toESM(require("os"));
 var import_child_process8 = require("child_process");
 init_daemon();
+init_config();
 function registerDoctorCommand(program2, version2) {
-  program2.command("doctor").description("Check that Node9 is installed and configured correctly").action(() => {
-    const homeDir2 = import_os30.default.homedir();
+  program2.command("doctor").description("Check that Node9 is installed and configured correctly").action(async () => {
+    const homeDir2 = import_os31.default.homedir();
     let failures = 0;
     function pass(msg) {
       console.log(import_chalk11.default.green("  \u2705 ") + msg);
@@ -18794,10 +18938,10 @@ function registerDoctorCommand(program2, version2) {
       );
     }
     section("Configuration");
-    const globalConfigPath = import_path35.default.join(homeDir2, ".node9", "config.json");
-    if (import_fs34.default.existsSync(globalConfigPath)) {
+    const globalConfigPath = import_path36.default.join(homeDir2, ".node9", "config.json");
+    if (import_fs35.default.existsSync(globalConfigPath)) {
       try {
-        JSON.parse(import_fs34.default.readFileSync(globalConfigPath, "utf-8"));
+        JSON.parse(import_fs35.default.readFileSync(globalConfigPath, "utf-8"));
         pass("~/.node9/config.json found and valid");
       } catch {
         fail("~/.node9/config.json is invalid JSON", "Run: node9 init --force");
@@ -18805,10 +18949,10 @@ function registerDoctorCommand(program2, version2) {
     } else {
       warn("~/.node9/config.json not found (using defaults)", "Run: node9 init");
     }
-    const projectConfigPath = import_path35.default.join(process.cwd(), "node9.config.json");
-    if (import_fs34.default.existsSync(projectConfigPath)) {
+    const projectConfigPath = import_path36.default.join(process.cwd(), "node9.config.json");
+    if (import_fs35.default.existsSync(projectConfigPath)) {
       try {
-        JSON.parse(import_fs34.default.readFileSync(projectConfigPath, "utf-8"));
+        JSON.parse(import_fs35.default.readFileSync(projectConfigPath, "utf-8"));
         pass("node9.config.json found and valid (project)");
       } catch {
         fail(
@@ -18817,8 +18961,8 @@ function registerDoctorCommand(program2, version2) {
         );
       }
     }
-    const credsPath = import_path35.default.join(homeDir2, ".node9", "credentials.json");
-    if (import_fs34.default.existsSync(credsPath)) {
+    const credsPath = import_path36.default.join(homeDir2, ".node9", "credentials.json");
+    if (import_fs35.default.existsSync(credsPath)) {
       pass("Cloud credentials found (~/.node9/credentials.json)");
     } else {
       warn(
@@ -18827,10 +18971,10 @@ function registerDoctorCommand(program2, version2) {
       );
     }
     section("Agent Hooks");
-    const claudeSettingsPath = import_path35.default.join(homeDir2, ".claude", "settings.json");
-    if (import_fs34.default.existsSync(claudeSettingsPath)) {
+    const claudeSettingsPath = import_path36.default.join(homeDir2, ".claude", "settings.json");
+    if (import_fs35.default.existsSync(claudeSettingsPath)) {
       try {
-        const cs = JSON.parse(import_fs34.default.readFileSync(claudeSettingsPath, "utf-8"));
+        const cs = JSON.parse(import_fs35.default.readFileSync(claudeSettingsPath, "utf-8"));
         const hasHook = cs.hooks?.PreToolUse?.some(
           (m) => m.hooks.some((h) => h.command?.includes("node9") || h.command?.includes("cli.js"))
         );
@@ -18846,10 +18990,10 @@ function registerDoctorCommand(program2, version2) {
     } else {
       warn("Claude Code \u2014 not configured", "Run: node9 setup claude");
     }
-    const geminiSettingsPath = import_path35.default.join(homeDir2, ".gemini", "settings.json");
-    if (import_fs34.default.existsSync(geminiSettingsPath)) {
+    const geminiSettingsPath = import_path36.default.join(homeDir2, ".gemini", "settings.json");
+    if (import_fs35.default.existsSync(geminiSettingsPath)) {
       try {
-        const gs = JSON.parse(import_fs34.default.readFileSync(geminiSettingsPath, "utf-8"));
+        const gs = JSON.parse(import_fs35.default.readFileSync(geminiSettingsPath, "utf-8"));
         const hasHook = gs.hooks?.BeforeTool?.some(
           (m) => m.hooks.some((h) => h.command?.includes("node9") || h.command?.includes("cli.js"))
         );
@@ -18865,10 +19009,10 @@ function registerDoctorCommand(program2, version2) {
     } else {
       warn("Gemini CLI  \u2014 not configured", "Run: node9 setup gemini  (skip if not using Gemini)");
     }
-    const cursorHooksPath = import_path35.default.join(homeDir2, ".cursor", "hooks.json");
-    if (import_fs34.default.existsSync(cursorHooksPath)) {
+    const cursorHooksPath = import_path36.default.join(homeDir2, ".cursor", "hooks.json");
+    if (import_fs35.default.existsSync(cursorHooksPath)) {
       try {
-        const cur = JSON.parse(import_fs34.default.readFileSync(cursorHooksPath, "utf-8"));
+        const cur = JSON.parse(import_fs35.default.readFileSync(cursorHooksPath, "utf-8"));
         const hasHook = cur.hooks?.preToolUse?.some(
           (h) => h.command?.includes("node9") || h.command?.includes("cli.js")
         );
@@ -18895,6 +19039,47 @@ function registerDoctorCommand(program2, version2) {
         "Run: node9 daemon --background"
       );
     }
+    section("Cloud audit shipping");
+    try {
+      const { shipLagBytes: shipLagBytes2, readWatermark: readWatermark2, AUDIT_SHIP_WATERMARK: AUDIT_SHIP_WATERMARK2 } = await Promise.resolve().then(() => (init_audit_shipper(), audit_shipper_exports));
+      const cfg = getConfig();
+      const creds = import_fs35.default.existsSync(import_path36.default.join(import_os31.default.homedir(), ".node9", "credentials.json"));
+      if (!creds) {
+        warn("Not logged in \u2014 audit rows stay local", "Run: node9 login <api-key>");
+      } else if (!cfg.settings.approvers.cloud) {
+        warn(
+          "Cloud approvals OFF (settings.approvers.cloud=false) \u2014 nothing syncs to the dashboard",
+          "Privacy mode is a valid choice; set approvers.cloud=true to sync."
+        );
+      } else if (cfg.settings.shipper.enabled === false) {
+        warn("Shipper disabled (settings.shipper.enabled=false) \u2014 audit rows stay local");
+      } else {
+        const lag = shipLagBytes2();
+        const wm = readWatermark2(AUDIT_SHIP_WATERMARK2);
+        if (lag === 0) {
+          pass("Audit shipping caught up \u2014 dashboard matches the local log");
+        } else if (wm && lag !== null) {
+          const ageMin = Math.round((Date.now() - new Date(wm.updatedAt).getTime()) / 6e4);
+          if (ageMin > 5 && !isDaemonRunning()) {
+            warn(
+              `${Math.round(lag / 1024)} KB of audit rows not shipped (last ship ${ageMin}m ago)`,
+              "The daemon ships every ~20s \u2014 start it: node9 daemon --background"
+            );
+          } else {
+            pass(
+              `Shipping in progress \u2014 ${Math.round(lag / 1024)} KB queued, last ship ${ageMin}m ago`
+            );
+          }
+        } else {
+          warn(
+            "Shipper has never run on this machine \u2014 dashboard may lag the local log",
+            "Start the daemon: node9 daemon --background"
+          );
+        }
+      }
+    } catch (err2) {
+      warn(`Shipping status unavailable: ${err2.message}`);
+    }
     console.log("");
     if (failures === 0) {
       console.log(import_chalk11.default.green.bold("  All checks passed. Node9 is ready.\n"));
@@ -18908,9 +19093,9 @@ function registerDoctorCommand(program2, version2) {
 
 // src/cli/commands/audit.ts
 var import_chalk12 = __toESM(require("chalk"));
-var import_fs35 = __toESM(require("fs"));
-var import_path36 = __toESM(require("path"));
-var import_os31 = __toESM(require("os"));
+var import_fs36 = __toESM(require("fs"));
+var import_path37 = __toESM(require("path"));
+var import_os32 = __toESM(require("os"));
 function formatRelativeTime(timestamp) {
   const diff = Date.now() - new Date(timestamp).getTime();
   const sec = Math.floor(diff / 1e3);
@@ -18923,14 +19108,14 @@ function formatRelativeTime(timestamp) {
 }
 function registerAuditCommand(program2) {
   program2.command("audit").description("View local execution audit log").option("--tail <n>", "Number of entries to show", "20").option("--tool <pattern>", "Filter by tool name (substring match)").option("--deny", "Show only denied actions").option("--json", "Output raw JSON").action((options) => {
-    const logPath = import_path36.default.join(import_os31.default.homedir(), ".node9", "audit.log");
-    if (!import_fs35.default.existsSync(logPath)) {
+    const logPath = import_path37.default.join(import_os32.default.homedir(), ".node9", "audit.log");
+    if (!import_fs36.default.existsSync(logPath)) {
       console.log(
         import_chalk12.default.yellow("No audit logs found. Run node9 with an agent to generate entries.")
       );
       return;
     }
-    const raw = import_fs35.default.readFileSync(logPath, "utf-8");
+    const raw = import_fs36.default.readFileSync(logPath, "utf-8");
     const lines = raw.split("\n").filter((l) => l.trim() !== "");
     let entries = lines.flatMap((line) => {
       try {
@@ -18986,9 +19171,9 @@ function registerAuditCommand(program2) {
 var import_chalk13 = __toESM(require("chalk"));
 
 // src/cli/aggregate/report-audit.ts
-var import_fs36 = __toESM(require("fs"));
-var import_os32 = __toESM(require("os"));
-var import_path37 = __toESM(require("path"));
+var import_fs37 = __toESM(require("fs"));
+var import_os33 = __toESM(require("os"));
+var import_path38 = __toESM(require("path"));
 init_costSync();
 init_litellm();
 var TEST_COMMAND_RE3 = /(?:^|\s)(npm\s+(?:run\s+)?test|npx\s+(?:vitest|jest|mocha)|yarn\s+(?:run\s+)?test|pnpm\s+(?:run\s+)?test|vitest|jest|mocha|pytest|py\.test|cargo\s+test|go\s+test|bundle\s+exec\s+rspec|rspec|phpunit|dotnet\s+test)\b/i;
@@ -19070,8 +19255,8 @@ function getDateRange(period, now) {
   }
 }
 function parseAuditLog(logPath) {
-  if (!import_fs36.default.existsSync(logPath)) return [];
-  const raw = import_fs36.default.readFileSync(logPath, "utf-8");
+  if (!import_fs37.default.existsSync(logPath)) return [];
+  const raw = import_fs37.default.readFileSync(logPath, "utf-8");
   return raw.split("\n").flatMap((line) => {
     if (!line.trim()) return [];
     try {
@@ -19131,25 +19316,25 @@ function freezeClaudeCost(acc) {
   };
 }
 function processClaudeCostProject(proj, projectsDir, start, end, acc) {
-  const projPath = import_path37.default.join(projectsDir, proj);
+  const projPath = import_path38.default.join(projectsDir, proj);
   let files;
   try {
-    const stat = import_fs36.default.statSync(projPath);
+    const stat = import_fs37.default.statSync(projPath);
     if (!stat.isDirectory()) return;
-    files = import_fs36.default.readdirSync(projPath).filter((f) => f.endsWith(".jsonl") && !f.startsWith("agent-"));
+    files = import_fs37.default.readdirSync(projPath).filter((f) => f.endsWith(".jsonl") && !f.startsWith("agent-"));
   } catch {
     return;
   }
   const startMs = start.getTime();
   for (const file of files) {
-    const filePath = import_path37.default.join(projPath, file);
+    const filePath = import_path38.default.join(projPath, file);
     try {
-      if (import_fs36.default.statSync(filePath).mtimeMs < startMs) continue;
+      if (import_fs37.default.statSync(filePath).mtimeMs < startMs) continue;
     } catch {
       continue;
     }
     try {
-      const raw = import_fs36.default.readFileSync(filePath, "utf-8");
+      const raw = import_fs37.default.readFileSync(filePath, "utf-8");
       for (const line of raw.split("\n")) {
         if (!line.trim()) continue;
         let entry;
@@ -19199,10 +19384,10 @@ function processClaudeCostProject(proj, projectsDir, start, end, acc) {
 }
 function loadClaudeCost(start, end, projectsDir) {
   const acc = emptyClaudeCostAccumulator();
-  if (!import_fs36.default.existsSync(projectsDir)) return freezeClaudeCost(acc);
+  if (!import_fs37.default.existsSync(projectsDir)) return freezeClaudeCost(acc);
   let dirs;
   try {
-    dirs = import_fs36.default.readdirSync(projectsDir);
+    dirs = import_fs37.default.readdirSync(projectsDir);
   } catch {
     return freezeClaudeCost(acc);
   }
@@ -19214,7 +19399,7 @@ function loadClaudeCost(start, end, projectsDir) {
 function processCodexCostFile(filePath, start, end, acc) {
   let lines;
   try {
-    lines = import_fs36.default.readFileSync(filePath, "utf-8").split("\n");
+    lines = import_fs37.default.readFileSync(filePath, "utf-8").split("\n");
   } catch {
     return;
   }
@@ -19259,31 +19444,31 @@ function processCodexCostFile(filePath, start, end, acc) {
 }
 function listCodexSessionFiles(sessionsBase) {
   const jsonlFiles = [];
-  if (!import_fs36.default.existsSync(sessionsBase)) return jsonlFiles;
+  if (!import_fs37.default.existsSync(sessionsBase)) return jsonlFiles;
   try {
-    for (const year of import_fs36.default.readdirSync(sessionsBase)) {
-      const yearPath = import_path37.default.join(sessionsBase, year);
+    for (const year of import_fs37.default.readdirSync(sessionsBase)) {
+      const yearPath = import_path38.default.join(sessionsBase, year);
       try {
-        if (!import_fs36.default.statSync(yearPath).isDirectory()) continue;
+        if (!import_fs37.default.statSync(yearPath).isDirectory()) continue;
       } catch {
         continue;
       }
-      for (const month of import_fs36.default.readdirSync(yearPath)) {
-        const monthPath = import_path37.default.join(yearPath, month);
+      for (const month of import_fs37.default.readdirSync(yearPath)) {
+        const monthPath = import_path38.default.join(yearPath, month);
         try {
-          if (!import_fs36.default.statSync(monthPath).isDirectory()) continue;
+          if (!import_fs37.default.statSync(monthPath).isDirectory()) continue;
         } catch {
           continue;
         }
-        for (const day of import_fs36.default.readdirSync(monthPath)) {
-          const dayPath = import_path37.default.join(monthPath, day);
+        for (const day of import_fs37.default.readdirSync(monthPath)) {
+          const dayPath = import_path38.default.join(monthPath, day);
           try {
-            if (!import_fs36.default.statSync(dayPath).isDirectory()) continue;
+            if (!import_fs37.default.statSync(dayPath).isDirectory()) continue;
           } catch {
             continue;
           }
-          for (const file of import_fs36.default.readdirSync(dayPath)) {
-            if (file.endsWith(".jsonl")) jsonlFiles.push(import_path37.default.join(dayPath, file));
+          for (const file of import_fs37.default.readdirSync(dayPath)) {
+            if (file.endsWith(".jsonl")) jsonlFiles.push(import_path38.default.join(dayPath, file));
           }
         }
       }
@@ -19336,13 +19521,13 @@ function freezeGeminiCost(acc) {
 function processGeminiCostFile(filePath, projectKey, start, end, acc) {
   const startMs = start.getTime();
   try {
-    if (import_fs36.default.statSync(filePath).mtimeMs < startMs) return;
+    if (import_fs37.default.statSync(filePath).mtimeMs < startMs) return;
   } catch {
     return;
   }
   let raw;
   try {
-    raw = import_fs36.default.readFileSync(filePath, "utf-8");
+    raw = import_fs37.default.readFileSync(filePath, "utf-8");
   } catch {
     return;
   }
@@ -19391,30 +19576,30 @@ function listGeminiSessionFiles(geminiTmpDir) {
   const out = [];
   let dirs;
   try {
-    if (!import_fs36.default.statSync(geminiTmpDir).isDirectory()) return out;
-    dirs = import_fs36.default.readdirSync(geminiTmpDir);
+    if (!import_fs37.default.statSync(geminiTmpDir).isDirectory()) return out;
+    dirs = import_fs37.default.readdirSync(geminiTmpDir);
   } catch {
     return out;
   }
   for (const proj of dirs) {
-    const chatsDir = import_path37.default.join(geminiTmpDir, proj, "chats");
+    const chatsDir = import_path38.default.join(geminiTmpDir, proj, "chats");
     let files;
     try {
-      if (!import_fs36.default.statSync(chatsDir).isDirectory()) continue;
-      files = import_fs36.default.readdirSync(chatsDir);
+      if (!import_fs37.default.statSync(chatsDir).isDirectory()) continue;
+      files = import_fs37.default.readdirSync(chatsDir);
     } catch {
       continue;
     }
     for (const f of files) {
       if (!f.endsWith(".jsonl")) continue;
-      out.push({ projectKey: proj, file: import_path37.default.join(chatsDir, f) });
+      out.push({ projectKey: proj, file: import_path38.default.join(chatsDir, f) });
     }
   }
   return out;
 }
 function loadGeminiCost(start, end, geminiTmpDir) {
   const acc = emptyGeminiAccumulator();
-  if (!import_fs36.default.existsSync(geminiTmpDir)) return freezeGeminiCost(acc);
+  if (!import_fs37.default.existsSync(geminiTmpDir)) return freezeGeminiCost(acc);
   for (const { projectKey, file } of listGeminiSessionFiles(geminiTmpDir)) {
     processGeminiCostFile(file, projectKey, start, end, acc);
   }
@@ -19422,11 +19607,11 @@ function loadGeminiCost(start, end, geminiTmpDir) {
 }
 function aggregateReportFromAudit(period, opts = {}) {
   const now = opts.now ?? /* @__PURE__ */ new Date();
-  const auditLogPath = opts.auditLogPath ?? import_path37.default.join(import_os32.default.homedir(), ".node9", "audit.log");
-  const claudeProjectsDir = opts.claudeProjectsDir ?? import_path37.default.join(import_os32.default.homedir(), ".claude", "projects");
-  const codexSessionsDir = opts.codexSessionsDir ?? import_path37.default.join(import_os32.default.homedir(), ".codex", "sessions");
-  const geminiTmpDir = opts.geminiTmpDir ?? import_path37.default.join(import_os32.default.homedir(), ".gemini", "tmp");
-  const hasAuditFile = import_fs36.default.existsSync(auditLogPath);
+  const auditLogPath = opts.auditLogPath ?? import_path38.default.join(import_os33.default.homedir(), ".node9", "audit.log");
+  const claudeProjectsDir = opts.claudeProjectsDir ?? import_path38.default.join(import_os33.default.homedir(), ".claude", "projects");
+  const codexSessionsDir = opts.codexSessionsDir ?? import_path38.default.join(import_os33.default.homedir(), ".codex", "sessions");
+  const geminiTmpDir = opts.geminiTmpDir ?? import_path38.default.join(import_os33.default.homedir(), ".gemini", "tmp");
+  const hasAuditFile = import_fs37.default.existsSync(auditLogPath);
   const allEntries = opts.preloadedAuditEntries ?? parseAuditLog(auditLogPath);
   const unackedDlp = allEntries.filter((e) => e.source === "response-dlp");
   const { start, end } = getDateRange(period, now);
@@ -20122,14 +20307,14 @@ function registerDaemonCommand(program2) {
 
 // src/cli/commands/status.ts
 var import_chalk15 = __toESM(require("chalk"));
-var import_fs37 = __toESM(require("fs"));
-var import_path38 = __toESM(require("path"));
-var import_os33 = __toESM(require("os"));
+var import_fs38 = __toESM(require("fs"));
+var import_path39 = __toESM(require("path"));
+var import_os34 = __toESM(require("os"));
 init_core();
 init_daemon();
 function readJson2(filePath) {
   try {
-    if (import_fs37.default.existsSync(filePath)) return JSON.parse(import_fs37.default.readFileSync(filePath, "utf-8"));
+    if (import_fs38.default.existsSync(filePath)) return JSON.parse(import_fs38.default.readFileSync(filePath, "utf-8"));
   } catch {
   }
   return null;
@@ -20194,28 +20379,28 @@ function registerStatusCommand(program2) {
     console.log("");
     const modeLabel = settings.mode === "audit" ? import_chalk15.default.blue("audit") : settings.mode === "strict" ? import_chalk15.default.red("strict") : import_chalk15.default.white("standard");
     console.log(`  Mode:    ${modeLabel}`);
-    const projectConfig = import_path38.default.join(process.cwd(), "node9.config.json");
-    const globalConfig = import_path38.default.join(import_os33.default.homedir(), ".node9", "config.json");
+    const projectConfig = import_path39.default.join(process.cwd(), "node9.config.json");
+    const globalConfig = import_path39.default.join(import_os34.default.homedir(), ".node9", "config.json");
     console.log(
-      `  Local:   ${import_fs37.default.existsSync(projectConfig) ? import_chalk15.default.green("Active (node9.config.json)") : import_chalk15.default.gray("Not present")}`
+      `  Local:   ${import_fs38.default.existsSync(projectConfig) ? import_chalk15.default.green("Active (node9.config.json)") : import_chalk15.default.gray("Not present")}`
     );
     console.log(
-      `  Global:  ${import_fs37.default.existsSync(globalConfig) ? import_chalk15.default.green("Active (~/.node9/config.json)") : import_chalk15.default.gray("Not present")}`
+      `  Global:  ${import_fs38.default.existsSync(globalConfig) ? import_chalk15.default.green("Active (~/.node9/config.json)") : import_chalk15.default.gray("Not present")}`
     );
     if (mergedConfig.policy.sandboxPaths.length > 0) {
       console.log(
         `  Sandbox: ${import_chalk15.default.green(`${mergedConfig.policy.sandboxPaths.length} safe zones active`)}`
       );
     }
-    const homeDir2 = import_os33.default.homedir();
+    const homeDir2 = import_os34.default.homedir();
     const claudeSettings = readJson2(
-      import_path38.default.join(homeDir2, ".claude", "settings.json")
+      import_path39.default.join(homeDir2, ".claude", "settings.json")
     );
-    const claudeConfig = readJson2(import_path38.default.join(homeDir2, ".claude.json"));
+    const claudeConfig = readJson2(import_path39.default.join(homeDir2, ".claude.json"));
     const geminiSettings = readJson2(
-      import_path38.default.join(homeDir2, ".gemini", "settings.json")
+      import_path39.default.join(homeDir2, ".gemini", "settings.json")
     );
-    const cursorConfig = readJson2(import_path38.default.join(homeDir2, ".cursor", "mcp.json"));
+    const cursorConfig = readJson2(import_path39.default.join(homeDir2, ".cursor", "mcp.json"));
     const agentFound = claudeSettings || claudeConfig || geminiSettings || cursorConfig;
     if (agentFound) {
       console.log("");
@@ -20274,9 +20459,9 @@ function registerStatusCommand(program2) {
 
 // src/cli/commands/init.ts
 var import_chalk16 = __toESM(require("chalk"));
-var import_fs38 = __toESM(require("fs"));
-var import_path39 = __toESM(require("path"));
-var import_os34 = __toESM(require("os"));
+var import_fs39 = __toESM(require("fs"));
+var import_path40 = __toESM(require("path"));
+var import_os35 = __toESM(require("os"));
 var import_https4 = __toESM(require("https"));
 init_core();
 init_setup();
@@ -20366,16 +20551,16 @@ function registerInitCommand(program2) {
         }
         console.log("");
       }
-      const configPath = import_path39.default.join(import_os34.default.homedir(), ".node9", "config.json");
-      const isFirstInstall = !import_fs38.default.existsSync(configPath);
-      if (import_fs38.default.existsSync(configPath) && !options.force) {
+      const configPath = import_path40.default.join(import_os35.default.homedir(), ".node9", "config.json");
+      const isFirstInstall = !import_fs39.default.existsSync(configPath);
+      if (import_fs39.default.existsSync(configPath) && !options.force) {
         try {
-          const existing = JSON.parse(import_fs38.default.readFileSync(configPath, "utf-8"));
+          const existing = JSON.parse(import_fs39.default.readFileSync(configPath, "utf-8"));
           const settings = existing.settings ?? {};
           if (settings.mode !== chosenMode) {
             settings.mode = chosenMode;
             existing.settings = settings;
-            import_fs38.default.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n");
+            import_fs39.default.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n");
             console.log(import_chalk16.default.green(`\u2705 Mode updated: ${chosenMode}`));
           } else {
             console.log(import_chalk16.default.blue(`\u2139\uFE0F  Config already exists: ${configPath}`));
@@ -20388,9 +20573,9 @@ function registerInitCommand(program2) {
           ...DEFAULT_CONFIG,
           settings: { ...DEFAULT_CONFIG.settings, mode: chosenMode }
         };
-        const dir = import_path39.default.dirname(configPath);
-        if (!import_fs38.default.existsSync(dir)) import_fs38.default.mkdirSync(dir, { recursive: true });
-        import_fs38.default.writeFileSync(configPath, JSON.stringify(configToSave, null, 2) + "\n");
+        const dir = import_path40.default.dirname(configPath);
+        if (!import_fs39.default.existsSync(dir)) import_fs39.default.mkdirSync(dir, { recursive: true });
+        import_fs39.default.writeFileSync(configPath, JSON.stringify(configToSave, null, 2) + "\n");
         console.log(import_chalk16.default.green(`\u2705 Config created: ${configPath}`));
         console.log(import_chalk16.default.gray(`   Mode: ${chosenMode}`));
       }
@@ -20495,7 +20680,7 @@ function registerInitCommand(program2) {
 }
 
 // src/cli/commands/undo.ts
-var import_path40 = __toESM(require("path"));
+var import_path41 = __toESM(require("path"));
 var import_chalk18 = __toESM(require("chalk"));
 
 // src/tui/undo-navigator.ts
@@ -20654,7 +20839,7 @@ function findMatchingCwd(startDir, history) {
   let dir = startDir;
   while (true) {
     if (cwds.has(dir)) return dir;
-    const parent = import_path40.default.dirname(dir);
+    const parent = import_path41.default.dirname(dir);
     if (parent === dir) return null;
     dir = parent;
   }
@@ -21230,9 +21415,9 @@ function registerMcpGatewayCommand(program2) {
 
 // src/mcp-server/index.ts
 var import_readline5 = __toESM(require("readline"));
-var import_fs39 = __toESM(require("fs"));
-var import_os35 = __toESM(require("os"));
-var import_path41 = __toESM(require("path"));
+var import_fs40 = __toESM(require("fs"));
+var import_os36 = __toESM(require("os"));
+var import_path42 = __toESM(require("path"));
 var import_child_process11 = require("child_process");
 init_core();
 init_daemon();
@@ -21483,13 +21668,13 @@ function handleStatus() {
   lines.push(`Active shields: ${activeShields.length > 0 ? activeShields.join(", ") : "none"}`);
   lines.push(`Smart rules: ${config.policy.smartRules.length} loaded`);
   lines.push(`DLP: ${config.policy.dlp?.enabled !== false ? "enabled" : "disabled"}`);
-  const projectConfig = import_path41.default.join(process.cwd(), "node9.config.json");
-  const globalConfig = import_path41.default.join(import_os35.default.homedir(), ".node9", "config.json");
+  const projectConfig = import_path42.default.join(process.cwd(), "node9.config.json");
+  const globalConfig = import_path42.default.join(import_os36.default.homedir(), ".node9", "config.json");
   lines.push(
-    `Project config (node9.config.json): ${import_fs39.default.existsSync(projectConfig) ? "present" : "not found"}`
+    `Project config (node9.config.json): ${import_fs40.default.existsSync(projectConfig) ? "present" : "not found"}`
   );
   lines.push(
-    `Global config (~/.node9/config.json): ${import_fs39.default.existsSync(globalConfig) ? "present" : "not found"}`
+    `Global config (~/.node9/config.json): ${import_fs40.default.existsSync(globalConfig) ? "present" : "not found"}`
   );
   return lines.join("\n");
 }
@@ -21563,21 +21748,21 @@ function handleShieldDisable(args) {
   writeActiveShields(active.filter((s) => s !== name));
   return `Shield "${name}" disabled.`;
 }
-var GLOBAL_CONFIG_PATH = import_path41.default.join(import_os35.default.homedir(), ".node9", "config.json");
+var GLOBAL_CONFIG_PATH = import_path42.default.join(import_os36.default.homedir(), ".node9", "config.json");
 var APPROVER_CHANNELS = ["native", "browser", "cloud", "terminal"];
 function readGlobalConfigRaw() {
   try {
-    if (import_fs39.default.existsSync(GLOBAL_CONFIG_PATH)) {
-      return JSON.parse(import_fs39.default.readFileSync(GLOBAL_CONFIG_PATH, "utf-8"));
+    if (import_fs40.default.existsSync(GLOBAL_CONFIG_PATH)) {
+      return JSON.parse(import_fs40.default.readFileSync(GLOBAL_CONFIG_PATH, "utf-8"));
     }
   } catch {
   }
   return {};
 }
 function writeGlobalConfigRaw(data) {
-  const dir = import_path41.default.dirname(GLOBAL_CONFIG_PATH);
-  if (!import_fs39.default.existsSync(dir)) import_fs39.default.mkdirSync(dir, { recursive: true });
-  import_fs39.default.writeFileSync(GLOBAL_CONFIG_PATH, JSON.stringify(data, null, 2) + "\n");
+  const dir = import_path42.default.dirname(GLOBAL_CONFIG_PATH);
+  if (!import_fs40.default.existsSync(dir)) import_fs40.default.mkdirSync(dir, { recursive: true });
+  import_fs40.default.writeFileSync(GLOBAL_CONFIG_PATH, JSON.stringify(data, null, 2) + "\n");
 }
 function handleApproverList() {
   const config = getConfig();
@@ -21621,9 +21806,9 @@ function handleApproverSet(args) {
 function handleAuditGet(args) {
   const limit = Math.min(typeof args.limit === "number" ? args.limit : 20, 100);
   const filter = typeof args.filter === "string" && args.filter !== "all" ? args.filter : null;
-  const auditPath = import_path41.default.join(import_os35.default.homedir(), ".node9", "audit.log");
-  if (!import_fs39.default.existsSync(auditPath)) return "No audit log found.";
-  const rawLines = import_fs39.default.readFileSync(auditPath, "utf-8").trim().split("\n").filter(Boolean);
+  const auditPath = import_path42.default.join(import_os36.default.homedir(), ".node9", "audit.log");
+  if (!import_fs40.default.existsSync(auditPath)) return "No audit log found.";
+  const rawLines = import_fs40.default.readFileSync(auditPath, "utf-8").trim().split("\n").filter(Boolean);
   const parsed = [];
   for (const line of rawLines) {
     try {
@@ -21958,7 +22143,7 @@ function registerTrustCommand(program2) {
 // src/cli/commands/mcp-pin.ts
 var import_chalk21 = __toESM(require("chalk"));
 init_mcp_pin();
-var import_fs40 = __toESM(require("fs"));
+var import_fs41 = __toESM(require("fs"));
 function registerMcpPinCommand(program2) {
   const pinCmd = program2.command("mcp").description("Manage MCP server tool definition pinning (rug pull defense)");
   const pinSubCmd = pinCmd.command("pin").description("Manage pinned MCP server tool definitions");
@@ -21969,7 +22154,7 @@ function registerMcpPinCommand(program2) {
     let repoCorrupt = false;
     if (found.source === "repo") {
       try {
-        const raw = import_fs40.default.readFileSync(found.path, "utf-8");
+        const raw = import_fs41.default.readFileSync(found.path, "utf-8");
         const parsed = JSON.parse(raw);
         repoEntries = parsed.servers ?? {};
       } catch {
@@ -22282,9 +22467,9 @@ init_scan();
 
 // src/cli/commands/sessions.ts
 var import_chalk24 = __toESM(require("chalk"));
-var import_fs41 = __toESM(require("fs"));
-var import_path42 = __toESM(require("path"));
-var import_os36 = __toESM(require("os"));
+var import_fs42 = __toESM(require("fs"));
+var import_path43 = __toESM(require("path"));
+var import_os37 = __toESM(require("os"));
 init_scan_summary();
 var CLAUDE_PRICING3 = {
   "claude-opus-4-6": { i: 5e-6, o: 25e-6, cw: 625e-8, cr: 5e-7 },
@@ -22326,10 +22511,10 @@ function encodeProjectPath(projectPath) {
 }
 function sessionJsonlPath(projectPath, sessionId) {
   const encoded = encodeProjectPath(projectPath);
-  return import_path42.default.join(import_os36.default.homedir(), ".claude", "projects", encoded, `${sessionId}.jsonl`);
+  return import_path43.default.join(import_os37.default.homedir(), ".claude", "projects", encoded, `${sessionId}.jsonl`);
 }
 function projectLabel(projectPath) {
-  return projectPath.replace(import_os36.default.homedir(), "~");
+  return projectPath.replace(import_os37.default.homedir(), "~");
 }
 function parseHistoryLines(lines) {
   const entries = [];
@@ -22398,10 +22583,10 @@ function parseSessionLines(lines) {
   return { toolCalls, costUSD, hasSnapshot, modifiedFiles };
 }
 function loadAuditEntries(auditPath) {
-  const aPath = auditPath ?? import_path42.default.join(import_os36.default.homedir(), ".node9", "audit.log");
+  const aPath = auditPath ?? import_path43.default.join(import_os37.default.homedir(), ".node9", "audit.log");
   let raw;
   try {
-    raw = import_fs41.default.readFileSync(aPath, "utf-8");
+    raw = import_fs42.default.readFileSync(aPath, "utf-8");
   } catch {
     return [];
   }
@@ -22437,8 +22622,8 @@ function auditEntriesInWindow(entries, windowStart, windowEnd) {
   return result;
 }
 function buildGeminiSessions(days, allAuditEntries) {
-  const tmpDir = import_path42.default.join(import_os36.default.homedir(), ".gemini", "tmp");
-  if (!import_fs41.default.existsSync(tmpDir)) return [];
+  const tmpDir = import_path43.default.join(import_os37.default.homedir(), ".gemini", "tmp");
+  if (!import_fs42.default.existsSync(tmpDir)) return [];
   const cutoff = days !== null ? (() => {
     const d = /* @__PURE__ */ new Date();
     d.setDate(d.getDate() - days);
@@ -22447,35 +22632,35 @@ function buildGeminiSessions(days, allAuditEntries) {
   })() : null;
   let slugDirs;
   try {
-    slugDirs = import_fs41.default.readdirSync(tmpDir);
+    slugDirs = import_fs42.default.readdirSync(tmpDir);
   } catch {
     return [];
   }
   const summaries = [];
   for (const slug of slugDirs) {
-    const slugPath = import_path42.default.join(tmpDir, slug);
+    const slugPath = import_path43.default.join(tmpDir, slug);
     try {
-      if (!import_fs41.default.statSync(slugPath).isDirectory()) continue;
+      if (!import_fs42.default.statSync(slugPath).isDirectory()) continue;
     } catch {
       continue;
     }
-    let projectRoot = import_path42.default.join(import_os36.default.homedir(), slug);
+    let projectRoot = import_path43.default.join(import_os37.default.homedir(), slug);
     try {
-      projectRoot = import_fs41.default.readFileSync(import_path42.default.join(slugPath, ".project_root"), "utf-8").trim();
+      projectRoot = import_fs42.default.readFileSync(import_path43.default.join(slugPath, ".project_root"), "utf-8").trim();
     } catch {
     }
-    const chatsDir = import_path42.default.join(slugPath, "chats");
-    if (!import_fs41.default.existsSync(chatsDir)) continue;
+    const chatsDir = import_path43.default.join(slugPath, "chats");
+    if (!import_fs42.default.existsSync(chatsDir)) continue;
     let chatFiles;
     try {
-      chatFiles = import_fs41.default.readdirSync(chatsDir).filter((f) => f.endsWith(".json"));
+      chatFiles = import_fs42.default.readdirSync(chatsDir).filter((f) => f.endsWith(".json"));
     } catch {
       continue;
     }
     for (const chatFile of chatFiles) {
       let raw;
       try {
-        raw = import_fs41.default.readFileSync(import_path42.default.join(chatsDir, chatFile), "utf-8");
+        raw = import_fs42.default.readFileSync(import_path43.default.join(chatsDir, chatFile), "utf-8");
       } catch {
         continue;
       }
@@ -22555,8 +22740,8 @@ function buildGeminiSessions(days, allAuditEntries) {
   return summaries;
 }
 function buildCodexSessions(days, allAuditEntries) {
-  const sessionsBase = import_path42.default.join(import_os36.default.homedir(), ".codex", "sessions");
-  if (!import_fs41.default.existsSync(sessionsBase)) return [];
+  const sessionsBase = import_path43.default.join(import_os37.default.homedir(), ".codex", "sessions");
+  if (!import_fs42.default.existsSync(sessionsBase)) return [];
   const cutoff = days !== null ? (() => {
     const d = /* @__PURE__ */ new Date();
     d.setDate(d.getDate() - days);
@@ -22565,29 +22750,29 @@ function buildCodexSessions(days, allAuditEntries) {
   })() : null;
   const jsonlFiles = [];
   try {
-    for (const year of import_fs41.default.readdirSync(sessionsBase)) {
-      const yearPath = import_path42.default.join(sessionsBase, year);
+    for (const year of import_fs42.default.readdirSync(sessionsBase)) {
+      const yearPath = import_path43.default.join(sessionsBase, year);
       try {
-        if (!import_fs41.default.statSync(yearPath).isDirectory()) continue;
+        if (!import_fs42.default.statSync(yearPath).isDirectory()) continue;
       } catch {
         continue;
       }
-      for (const month of import_fs41.default.readdirSync(yearPath)) {
-        const monthPath = import_path42.default.join(yearPath, month);
+      for (const month of import_fs42.default.readdirSync(yearPath)) {
+        const monthPath = import_path43.default.join(yearPath, month);
         try {
-          if (!import_fs41.default.statSync(monthPath).isDirectory()) continue;
+          if (!import_fs42.default.statSync(monthPath).isDirectory()) continue;
         } catch {
           continue;
         }
-        for (const day of import_fs41.default.readdirSync(monthPath)) {
-          const dayPath = import_path42.default.join(monthPath, day);
+        for (const day of import_fs42.default.readdirSync(monthPath)) {
+          const dayPath = import_path43.default.join(monthPath, day);
           try {
-            if (!import_fs41.default.statSync(dayPath).isDirectory()) continue;
+            if (!import_fs42.default.statSync(dayPath).isDirectory()) continue;
           } catch {
             continue;
           }
-          for (const file of import_fs41.default.readdirSync(dayPath)) {
-            if (file.endsWith(".jsonl")) jsonlFiles.push(import_path42.default.join(dayPath, file));
+          for (const file of import_fs42.default.readdirSync(dayPath)) {
+            if (file.endsWith(".jsonl")) jsonlFiles.push(import_path43.default.join(dayPath, file));
           }
         }
       }
@@ -22599,7 +22784,7 @@ function buildCodexSessions(days, allAuditEntries) {
   for (const filePath of jsonlFiles) {
     let lines;
     try {
-      lines = import_fs41.default.readFileSync(filePath, "utf-8").split("\n");
+      lines = import_fs42.default.readFileSync(filePath, "utf-8").split("\n");
     } catch {
       continue;
     }
@@ -22677,10 +22862,10 @@ function buildCodexSessions(days, allAuditEntries) {
   return summaries;
 }
 function buildSessions(days, historyPath) {
-  const hPath = historyPath ?? import_path42.default.join(import_os36.default.homedir(), ".claude", "history.jsonl");
+  const hPath = historyPath ?? import_path43.default.join(import_os37.default.homedir(), ".claude", "history.jsonl");
   let historyRaw;
   try {
-    historyRaw = import_fs41.default.readFileSync(hPath, "utf-8");
+    historyRaw = import_fs42.default.readFileSync(hPath, "utf-8");
   } catch {
     return [];
   }
@@ -22705,7 +22890,7 @@ function buildSessions(days, historyPath) {
     const jsonlFile = sessionJsonlPath(entry.project, entry.sessionId);
     let sessionLines = [];
     try {
-      sessionLines = import_fs41.default.readFileSync(jsonlFile, "utf-8").split("\n");
+      sessionLines = import_fs42.default.readFileSync(jsonlFile, "utf-8").split("\n");
     } catch {
     }
     const { toolCalls, costUSD, hasSnapshot, modifiedFiles } = parseSessionLines(sessionLines);
@@ -22973,8 +23158,8 @@ function registerSessionsCommand(program2) {
     console.log("");
     console.log(import_chalk24.default.cyan.bold("\u{1F4CB}  node9 sessions") + import_chalk24.default.dim("  \u2014 what your AI agent did"));
     console.log("");
-    const historyPath = import_path42.default.join(import_os36.default.homedir(), ".claude", "history.jsonl");
-    if (!import_fs41.default.existsSync(historyPath)) {
+    const historyPath = import_path43.default.join(import_os37.default.homedir(), ".claude", "history.jsonl");
+    if (!import_fs42.default.existsSync(historyPath)) {
       console.log(import_chalk24.default.yellow("  No Claude session history found at ~/.claude/history.jsonl"));
       console.log(import_chalk24.default.gray("  Install Claude Code, run a few sessions, then try again.\n"));
       return;
@@ -23011,12 +23196,12 @@ function registerSessionsCommand(program2) {
 
 // src/cli/commands/skill-pin.ts
 var import_chalk25 = __toESM(require("chalk"));
-var import_fs42 = __toESM(require("fs"));
-var import_os37 = __toESM(require("os"));
-var import_path43 = __toESM(require("path"));
+var import_fs43 = __toESM(require("fs"));
+var import_os38 = __toESM(require("os"));
+var import_path44 = __toESM(require("path"));
 function wipeSkillSessions() {
   try {
-    import_fs42.default.rmSync(import_path43.default.join(import_os37.default.homedir(), ".node9", "skill-sessions"), {
+    import_fs43.default.rmSync(import_path44.default.join(import_os38.default.homedir(), ".node9", "skill-sessions"), {
       recursive: true,
       force: true
     });
@@ -23098,15 +23283,15 @@ function registerSkillPinCommand(program2) {
 }
 
 // src/cli/commands/decisions.ts
-var import_fs43 = __toESM(require("fs"));
-var import_os38 = __toESM(require("os"));
-var import_path44 = __toESM(require("path"));
+var import_fs44 = __toESM(require("fs"));
+var import_os39 = __toESM(require("os"));
+var import_path45 = __toESM(require("path"));
 var import_chalk26 = __toESM(require("chalk"));
-var DECISIONS_FILE2 = import_path44.default.join(import_os38.default.homedir(), ".node9", "decisions.json");
+var DECISIONS_FILE2 = import_path45.default.join(import_os39.default.homedir(), ".node9", "decisions.json");
 function readDecisions() {
   try {
-    if (!import_fs43.default.existsSync(DECISIONS_FILE2)) return {};
-    const raw = import_fs43.default.readFileSync(DECISIONS_FILE2, "utf-8");
+    if (!import_fs44.default.existsSync(DECISIONS_FILE2)) return {};
+    const raw = import_fs44.default.readFileSync(DECISIONS_FILE2, "utf-8");
     const parsed = JSON.parse(raw);
     const out = {};
     for (const [k, v] of Object.entries(parsed)) {
@@ -23118,11 +23303,11 @@ function readDecisions() {
   }
 }
 function writeDecisions(d) {
-  const dir = import_path44.default.dirname(DECISIONS_FILE2);
-  if (!import_fs43.default.existsSync(dir)) import_fs43.default.mkdirSync(dir, { recursive: true });
+  const dir = import_path45.default.dirname(DECISIONS_FILE2);
+  if (!import_fs44.default.existsSync(dir)) import_fs44.default.mkdirSync(dir, { recursive: true });
   const tmp = `${DECISIONS_FILE2}.${process.pid}.tmp`;
-  import_fs43.default.writeFileSync(tmp, JSON.stringify(d, null, 2));
-  import_fs43.default.renameSync(tmp, DECISIONS_FILE2);
+  import_fs44.default.writeFileSync(tmp, JSON.stringify(d, null, 2));
+  import_fs44.default.renameSync(tmp, DECISIONS_FILE2);
 }
 function registerDecisionsCommand(program2) {
   const cmd = program2.command("decisions").description('Manage persistent "Always Allow" / "Always Deny" tool decisions');
@@ -23179,18 +23364,18 @@ Persistent decisions  (${entries.length})
 
 // src/cli/commands/dlp.ts
 var import_chalk27 = __toESM(require("chalk"));
-var import_fs44 = __toESM(require("fs"));
-var import_path45 = __toESM(require("path"));
-var import_os39 = __toESM(require("os"));
-var AUDIT_LOG = import_path45.default.join(import_os39.default.homedir(), ".node9", "audit.log");
-var RESOLVED_FILE = import_path45.default.join(import_os39.default.homedir(), ".node9", "dlp-resolved.json");
+var import_fs45 = __toESM(require("fs"));
+var import_path46 = __toESM(require("path"));
+var import_os40 = __toESM(require("os"));
+var AUDIT_LOG = import_path46.default.join(import_os40.default.homedir(), ".node9", "audit.log");
+var RESOLVED_FILE = import_path46.default.join(import_os40.default.homedir(), ".node9", "dlp-resolved.json");
 var ANSI_RE = /\x1b(?:\[[0-9;?]*[a-zA-Z]|\][^\x07\x1b]*(?:\x07|\x1b\\)|[@-_])/g;
 function stripAnsi(s) {
   return s.replace(ANSI_RE, "");
 }
 function loadResolved() {
   try {
-    const raw = JSON.parse(import_fs44.default.readFileSync(RESOLVED_FILE, "utf-8"));
+    const raw = JSON.parse(import_fs45.default.readFileSync(RESOLVED_FILE, "utf-8"));
     return new Set(raw);
   } catch {
     return /* @__PURE__ */ new Set();
@@ -23198,13 +23383,13 @@ function loadResolved() {
 }
 function saveResolved(resolved) {
   try {
-    import_fs44.default.writeFileSync(RESOLVED_FILE, JSON.stringify([...resolved], null, 2), { mode: 384 });
+    import_fs45.default.writeFileSync(RESOLVED_FILE, JSON.stringify([...resolved], null, 2), { mode: 384 });
   } catch {
   }
 }
 function loadDlpFindings() {
-  if (!import_fs44.default.existsSync(AUDIT_LOG)) return [];
-  return import_fs44.default.readFileSync(AUDIT_LOG, "utf-8").split("\n").flatMap((line) => {
+  if (!import_fs45.default.existsSync(AUDIT_LOG)) return [];
+  return import_fs45.default.readFileSync(AUDIT_LOG, "utf-8").split("\n").flatMap((line) => {
     if (!line.trim()) return [];
     try {
       const e = JSON.parse(line);
@@ -23302,15 +23487,15 @@ function registerDlpCommand(program2) {
 
 // src/cli/commands/mask.ts
 var import_chalk28 = __toESM(require("chalk"));
-var import_fs45 = __toESM(require("fs"));
-var import_path46 = __toESM(require("path"));
-var import_os40 = __toESM(require("os"));
+var import_fs46 = __toESM(require("fs"));
+var import_path47 = __toESM(require("path"));
+var import_os41 = __toESM(require("os"));
 init_dlp();
 function findJsonlFiles(dir) {
   const results = [];
-  if (!import_fs45.default.existsSync(dir)) return results;
-  for (const entry of import_fs45.default.readdirSync(dir, { withFileTypes: true })) {
-    const full = import_path46.default.join(dir, entry.name);
+  if (!import_fs46.default.existsSync(dir)) return results;
+  for (const entry of import_fs46.default.readdirSync(dir, { withFileTypes: true })) {
+    const full = import_path47.default.join(dir, entry.name);
     if (entry.isDirectory()) results.push(...findJsonlFiles(full));
     else if (entry.isFile() && entry.name.endsWith(".jsonl")) results.push(full);
   }
@@ -23353,7 +23538,7 @@ function redactJson(obj) {
 function processFile(filePath, dryRun) {
   let raw;
   try {
-    raw = import_fs45.default.readFileSync(filePath, "utf-8");
+    raw = import_fs46.default.readFileSync(filePath, "utf-8");
   } catch {
     return { redactedLines: 0, patterns: [] };
   }
@@ -23385,14 +23570,14 @@ function processFile(filePath, dryRun) {
     }
   }
   if (!dryRun && redactedLines > 0) {
-    import_fs45.default.writeFileSync(filePath, newLines.join("\n"), "utf-8");
+    import_fs46.default.writeFileSync(filePath, newLines.join("\n"), "utf-8");
   }
   return { redactedLines, patterns };
 }
 function processJsonFile(filePath, dryRun) {
   let raw;
   try {
-    raw = import_fs45.default.readFileSync(filePath, "utf-8");
+    raw = import_fs46.default.readFileSync(filePath, "utf-8");
   } catch {
     return { redactedLines: 0, patterns: [] };
   }
@@ -23405,15 +23590,15 @@ function processJsonFile(filePath, dryRun) {
   const { value, modified, found } = redactJson(parsed);
   if (!modified) return { redactedLines: 0, patterns: [] };
   if (!dryRun) {
-    import_fs45.default.writeFileSync(filePath, JSON.stringify(value, null, 2), "utf-8");
+    import_fs46.default.writeFileSync(filePath, JSON.stringify(value, null, 2), "utf-8");
   }
   return { redactedLines: 1, patterns: found };
 }
 function findJsonFiles(dir) {
   const results = [];
-  if (!import_fs45.default.existsSync(dir)) return results;
-  for (const entry of import_fs45.default.readdirSync(dir, { withFileTypes: true })) {
-    const full = import_path46.default.join(dir, entry.name);
+  if (!import_fs46.default.existsSync(dir)) return results;
+  for (const entry of import_fs46.default.readdirSync(dir, { withFileTypes: true })) {
+    const full = import_path47.default.join(dir, entry.name);
     if (entry.isDirectory()) results.push(...findJsonFiles(full));
     else if (entry.isFile() && entry.name.endsWith(".json")) results.push(full);
   }
@@ -23422,9 +23607,9 @@ function findJsonFiles(dir) {
 function registerMaskCommand(program2) {
   program2.command("mask").description("Redact plaintext secrets from local AI session history files").option("--dry-run", "show what would be redacted without making changes").option("--all", "scan all history (default: last 30 days)").action(async (options) => {
     const dryRun = !!options.dryRun;
-    const home = import_os40.default.homedir();
-    const claudeDir = import_path46.default.join(home, ".claude", "projects");
-    const geminiDir = import_path46.default.join(home, ".gemini", "tmp");
+    const home = import_os41.default.homedir();
+    const claudeDir = import_path47.default.join(home, ".claude", "projects");
+    const geminiDir = import_path47.default.join(home, ".gemini", "tmp");
     const allFiles = [
       ...findJsonlFiles(claudeDir).map((p) => ({ path: p, type: "jsonl" })),
       ...findJsonFiles(geminiDir).map((p) => ({ path: p, type: "json" }))
@@ -23432,7 +23617,7 @@ function registerMaskCommand(program2) {
     const cutoff = options.all ? null : new Date(Date.now() - 30 * 24 * 60 * 60 * 1e3);
     const filtered = cutoff ? allFiles.filter((f) => {
       try {
-        return import_fs45.default.statSync(f.path).mtime >= cutoff;
+        return import_fs46.default.statSync(f.path).mtime >= cutoff;
       } catch {
         return false;
       }
@@ -23488,20 +23673,20 @@ function registerMaskCommand(program2) {
 // src/cli.ts
 init_blast();
 var { version } = JSON.parse(
-  import_fs48.default.readFileSync(import_path49.default.join(__dirname, "../package.json"), "utf-8")
+  import_fs49.default.readFileSync(import_path50.default.join(__dirname, "../package.json"), "utf-8")
 );
 var program = new import_commander.Command();
 program.name("node9").description("The Sudo Command for AI Agents").version(version);
 program.command("login").argument("<apiKey>").option("--local", "Save key for audit/logging only \u2014 local config still controls all decisions").option("--profile <name>", 'Save as a named profile (default: "default")').action((apiKey, options) => {
   const DEFAULT_API_URL2 = "https://api.node9.ai/api/v1/intercept";
-  const credPath = import_path49.default.join(import_os43.default.homedir(), ".node9", "credentials.json");
-  if (!import_fs48.default.existsSync(import_path49.default.dirname(credPath)))
-    import_fs48.default.mkdirSync(import_path49.default.dirname(credPath), { recursive: true });
+  const credPath = import_path50.default.join(import_os44.default.homedir(), ".node9", "credentials.json");
+  if (!import_fs49.default.existsSync(import_path50.default.dirname(credPath)))
+    import_fs49.default.mkdirSync(import_path50.default.dirname(credPath), { recursive: true });
   const profileName = options.profile || "default";
   let existingCreds = {};
   try {
-    if (import_fs48.default.existsSync(credPath)) {
-      const raw = JSON.parse(import_fs48.default.readFileSync(credPath, "utf-8"));
+    if (import_fs49.default.existsSync(credPath)) {
+      const raw = JSON.parse(import_fs49.default.readFileSync(credPath, "utf-8"));
       if (raw.apiKey) {
         existingCreds = {
           default: { apiKey: raw.apiKey, apiUrl: raw.apiUrl || DEFAULT_API_URL2 }
@@ -23513,13 +23698,14 @@ program.command("login").argument("<apiKey>").option("--local", "Save key for au
   } catch {
   }
   existingCreds[profileName] = { apiKey, apiUrl: DEFAULT_API_URL2 };
-  import_fs48.default.writeFileSync(credPath, JSON.stringify(existingCreds, null, 2), { mode: 384 });
+  import_fs49.default.writeFileSync(credPath, JSON.stringify(existingCreds, null, 2), { mode: 384 });
+  let effectiveCloud = null;
   if (profileName === "default") {
-    const configPath = import_path49.default.join(import_os43.default.homedir(), ".node9", "config.json");
+    const configPath = import_path50.default.join(import_os44.default.homedir(), ".node9", "config.json");
     let config = {};
     try {
-      if (import_fs48.default.existsSync(configPath))
-        config = JSON.parse(import_fs48.default.readFileSync(configPath, "utf-8"));
+      if (import_fs49.default.existsSync(configPath))
+        config = JSON.parse(import_fs49.default.readFileSync(configPath, "utf-8"));
     } catch {
     }
     if (!config.settings || typeof config.settings !== "object") config.settings = {};
@@ -23534,16 +23720,25 @@ program.command("login").argument("<apiKey>").option("--local", "Save key for au
       approvers.cloud = false;
     }
     s.approvers = approvers;
-    if (!import_fs48.default.existsSync(import_path49.default.dirname(configPath)))
-      import_fs48.default.mkdirSync(import_path49.default.dirname(configPath), { recursive: true });
-    import_fs48.default.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 384 });
+    if (!import_fs49.default.existsSync(import_path50.default.dirname(configPath)))
+      import_fs49.default.mkdirSync(import_path50.default.dirname(configPath), { recursive: true });
+    import_fs49.default.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 384 });
+    effectiveCloud = approvers.cloud === true;
   }
   if (options.profile && profileName !== "default") {
     console.log(import_chalk30.default.green(`\u2705 Profile "${profileName}" saved`));
     console.log(import_chalk30.default.gray(`   Switch to it per-session:  NODE9_PROFILE=${profileName} claude`));
-  } else if (options.local) {
-    console.log(import_chalk30.default.green(`\u2705 Privacy mode \u{1F6E1}\uFE0F`));
-    console.log(import_chalk30.default.gray(`   All decisions stay on this machine.`));
+  } else if (options.local || effectiveCloud === false) {
+    console.log(import_chalk30.default.green(`\u2705 Key saved \u2014 Privacy mode \u{1F6E1}\uFE0F`));
+    console.log(import_chalk30.default.gray(`   All decisions stay on this machine. Nothing syncs to the cloud.`));
+    if (!options.local) {
+      console.log(
+        import_chalk30.default.yellow(`   Your config has cloud approvals OFF (settings.approvers.cloud).`)
+      );
+      console.log(
+        import_chalk30.default.gray(`   To enable team policy + dashboard sync: set it to true, or re-init.`)
+      );
+    }
   } else {
     console.log(import_chalk30.default.green(`\u2705 Logged in \u2014 agent mode`));
     console.log(import_chalk30.default.gray(`   Team policy enforced for all calls via Node9 cloud.`));
@@ -23686,15 +23881,15 @@ program.command("uninstall").description("Remove all Node9 hooks and optionally
     }
   }
   if (options.purge) {
-    const node9Dir = import_path49.default.join(import_os43.default.homedir(), ".node9");
-    if (import_fs48.default.existsSync(node9Dir)) {
+    const node9Dir = import_path50.default.join(import_os44.default.homedir(), ".node9");
+    if (import_fs49.default.existsSync(node9Dir)) {
       const confirmed = await (0, import_prompts2.confirm)({
         message: `Permanently delete ${node9Dir} (config, audit log, credentials)?`,
         default: false
       });
       if (confirmed) {
-        import_fs48.default.rmSync(node9Dir, { recursive: true });
-        if (import_fs48.default.existsSync(node9Dir)) {
+        import_fs49.default.rmSync(node9Dir, { recursive: true });
+        if (import_fs49.default.existsSync(node9Dir)) {
           console.error(
             import_chalk30.default.red("\n  \u26A0\uFE0F  ~/.node9/ could not be fully deleted \u2014 remove it manually.")
           );
@@ -23809,7 +24004,7 @@ program.command("tail").description("Stream live agent activity to the terminal"
 });
 program.command("monitor").description("Live interactive dashboard \u2014 activity feed, approvals, security signals").action(async () => {
   try {
-    const dashboardPath = import_path49.default.join(__dirname, "dashboard.mjs");
+    const dashboardPath = import_path50.default.join(__dirname, "dashboard.mjs");
     const dynamicImport = new Function("id", "return import(id)");
     const mod = await dynamicImport(`file://${dashboardPath}`);
     await mod.startMonitor();
@@ -23847,14 +24042,14 @@ Claude Code spawns this command every ~300ms and writes a JSON payload to stdin.
 Run "node9 addto claude" to register it as the statusLine.`
 ).argument("[subcommand]", 'Optional: "debug on" / "debug off" to toggle stdin logging').argument("[state]", 'on|off \u2014 used with "debug" subcommand').action(async (subcommand, state) => {
   if (subcommand === "debug") {
-    const flagFile = import_path49.default.join(import_os43.default.homedir(), ".node9", "hud-debug");
+    const flagFile = import_path50.default.join(import_os44.default.homedir(), ".node9", "hud-debug");
     if (state === "on") {
-      import_fs48.default.mkdirSync(import_path49.default.dirname(flagFile), { recursive: true });
-      import_fs48.default.writeFileSync(flagFile, "");
+      import_fs49.default.mkdirSync(import_path50.default.dirname(flagFile), { recursive: true });
+      import_fs49.default.writeFileSync(flagFile, "");
       console.log("HUD debug logging enabled \u2192 ~/.node9/hud-debug.log");
       console.log("Tail it with: tail -f ~/.node9/hud-debug.log");
     } else if (state === "off") {
-      if (import_fs48.default.existsSync(flagFile)) import_fs48.default.unlinkSync(flagFile);
+      if (import_fs49.default.existsSync(flagFile)) import_fs49.default.unlinkSync(flagFile);
       console.log("HUD debug logging disabled.");
     } else {
       console.error("Usage: node9 hud debug on|off");
@@ -23971,9 +24166,9 @@ if (process.argv[2] !== "daemon") {
     const isCheckHook = process.argv[2] === "check";
     if (isCheckHook) {
       if (process.env.NODE9_DEBUG === "1" || getConfig().settings.enableHookLogDebug) {
-        const logPath = import_path49.default.join(import_os43.default.homedir(), ".node9", "hook-debug.log");
+        const logPath = import_path50.default.join(import_os44.default.homedir(), ".node9", "hook-debug.log");
         const msg = reason instanceof Error ? reason.message : String(reason);
-        import_fs48.default.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] UNHANDLED: ${msg}
+        import_fs49.default.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] UNHANDLED: ${msg}
 `);
       }
       process.exit(0);