@node9/proxy 1.5.5 → 1.7.0

package/dist/cli.mjs

@@ -139,8 +139,8 @@ function sanitizeConfig(raw) {
     }
   }
   const lines = result.error.issues.map((issue) => {
-    const path30 = issue.path.length > 0 ? issue.path.join(".") : "root";
-    return `  \u2022 ${path30}: ${issue.message}`;
+    const path31 = issue.path.length > 0 ? issue.path.join(".") : "root";
+    return `  \u2022 ${path31}: ${issue.message}`;
   });
   return {
     sanitized,
@@ -297,9 +297,9 @@ function readShieldsFile() {
       (e) => typeof e === "string" && e.length > 0 && e in SHIELDS
     ) : [];
     return { active, overrides: validateOverrides(parsed.overrides) };
-  } catch (err) {
-    if (err.code !== "ENOENT") {
-      process.stderr.write(`[node9] Warning: could not read shields state: ${String(err)}
+  } catch (err2) {
+    if (err2.code !== "ENOENT") {
+      process.stderr.write(`[node9] Warning: could not read shields state: ${String(err2)}
 `);
     }
     return { active: [] };
@@ -714,8 +714,8 @@ function tryLoadConfig(filePath) {
   let raw;
   try {
     raw = JSON.parse(fs3.readFileSync(filePath, "utf-8"));
-  } catch (err) {
-    const msg = err instanceof Error ? err.message : String(err);
+  } catch (err2) {
+    const msg = err2 instanceof Error ? err2.message : String(err2);
     process.stderr.write(
       `
 \u26A0\uFE0F  Node9: Failed to parse ${filePath}
@@ -777,7 +777,7 @@ var init_config = __esm({
     DEFAULT_CONFIG = {
       version: "1.0",
       settings: {
-        mode: "audit",
+        mode: "standard",
         autoStartDaemon: true,
         enableUndo: true,
         // 🔥 ALWAYS TRUE BY DEFAULT for the safety net
@@ -1043,10 +1043,10 @@ function getCompiledRegex(pattern, flags = "") {
     regexCache.set(key, cached);
     return cached;
   }
-  const err = validateRegex(pattern);
-  if (err) {
+  const err2 = validateRegex(pattern);
+  if (err2) {
     if (process.env.NODE9_DEBUG === "1")
-      console.error(`[Node9] Regex blocked: ${err} \u2014 pattern: "${pattern}"`);
+      console.error(`[Node9] Regex blocked: ${err2} \u2014 pattern: "${pattern}"`);
     return null;
   }
   try {
@@ -1081,8 +1081,8 @@ function scanFilePath(filePath, cwd = process.cwd()) {
   try {
     const absolute = path4.resolve(cwd, filePath);
     resolved = fs4.realpathSync.native(absolute);
-  } catch (err) {
-    const code = err.code;
+  } catch (err2) {
+    const code = err2.code;
     if (code === "ENOENT" || code === "ENOTDIR") {
       resolved = path4.resolve(cwd, filePath);
     } else {
@@ -1757,9 +1757,9 @@ function matchesPattern(text, patterns) {
   const withoutDotSlash = text.replace(/^\.\//, "");
   return isMatch(withoutDotSlash) || isMatch(`./${withoutDotSlash}`);
 }
-function getNestedValue(obj, path30) {
+function getNestedValue(obj, path31) {
   if (!obj || typeof obj !== "object") return null;
-  return path30.split(".").reduce((prev, curr) => prev?.[curr], obj);
+  return path31.split(".").reduce((prev, curr) => prev?.[curr], obj);
 }
 function shouldSnapshot(toolName, args, config) {
   if (!config.settings.enableUndo) return false;
@@ -2409,9 +2409,9 @@ function writeTrustSession(toolName, durationMs) {
     trust.entries = trust.entries.filter((e) => e.tool !== toolName && e.expiry > now);
     trust.entries.push({ tool: toolName, expiry: now + durationMs });
     atomicWriteSync(TRUST_FILE, JSON.stringify(trust, null, 2));
-  } catch (err) {
+  } catch (err2) {
     if (process.env.NODE9_DEBUG === "1") {
-      console.error("[Node9 Trust Error]:", err);
+      console.error("[Node9 Trust Error]:", err2);
     }
   }
 }
@@ -2610,13 +2610,13 @@ async function checkTaint(paths) {
       signal: AbortSignal.timeout(2e3)
     });
     return await res.json();
-  } catch (err) {
+  } catch (err2) {
     try {
       const { appendToLog: appendToLog2, HOOK_DEBUG_LOG: HOOK_DEBUG_LOG2 } = await Promise.resolve().then(() => (init_audit(), audit_exports));
       appendToLog2(HOOK_DEBUG_LOG2, {
         ts: (/* @__PURE__ */ new Date()).toISOString(),
         event: "checkTaint-error",
-        error: String(err),
+        error: String(err2),
         paths
       });
     } catch {
@@ -3109,10 +3109,10 @@ async function resolveNode9SaaS(requestId, creds, approved, decidedBy) {
 `
       );
     }
-  } catch (err) {
+  } catch (err2) {
     fs10.appendFileSync(
       HOOK_DEBUG_LOG,
-      `[resolve-cloud] PATCH failed for ${requestId}: ${err.message}
+      `[resolve-cloud] PATCH failed for ${requestId}: ${err2.message}
 `
     );
   }
@@ -3176,6 +3176,7 @@ async function authorizeHeadless(toolName, args, meta, options) {
       await notifyActivity({
         id: actId,
         tool: toolName,
+        args,
         ts: actTs,
         status: result.approved ? "allow" : result.blockedByLabel?.includes("DLP") ? "dlp" : result.blockedByLabel?.includes("Taint") ? "taint" : "block",
         label: result.blockedByLabel,
@@ -3479,10 +3480,10 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
             blockedBy: cloudResult.approved ? void 0 : "team-policy",
             blockedByLabel: "Organization Policy (SaaS)"
           };
-        } catch (err) {
-          const error = err;
-          if (error.name === "AbortError" || error.message?.includes("Aborted")) throw err;
-          throw err;
+        } catch (err2) {
+          const error = err2;
+          if (error.name === "AbortError" || error.message?.includes("Aborted")) throw err2;
+          throw err2;
         }
       })()
     );
@@ -3575,10 +3576,10 @@ REASON: Action blocked because no approval channels are available. (Native/Brows
       }
     };
     for (const p of racePromises) {
-      p.then(finish).catch((err) => {
-        if (err.name === "AbortError" || err.message?.includes("canceled") || err.message?.includes("Aborted"))
+      p.then(finish).catch((err2) => {
+        if (err2.name === "AbortError" || err2.message?.includes("canceled") || err2.message?.includes("Aborted"))
           return;
-        if (err.message === "Abandoned") {
+        if (err2.message === "Abandoned") {
           finish({
             approved: false,
             reason: "Browser dashboard closed without making a decision.",
@@ -5453,6 +5454,7 @@ var init_session_counters = __esm({
       _blocked = 0;
       _dlpHits = 0;
       _wouldBlock = 0;
+      _estimatedCost = 0;
       _lastRuleHit = null;
       _lastBlockedTool = null;
       incrementAllowed() {
@@ -5467,6 +5469,10 @@ var init_session_counters = __esm({
       incrementWouldBlock() {
         this._wouldBlock++;
       }
+      addCost(amount) {
+        if (!isFinite(amount) || amount < 0) return;
+        this._estimatedCost += amount;
+      }
       recordRuleHit(label) {
         this._lastRuleHit = label;
       }
@@ -5479,6 +5485,7 @@ var init_session_counters = __esm({
           blocked: this._blocked,
           dlpHits: this._dlpHits,
           wouldBlock: this._wouldBlock,
+          estimatedCost: this._estimatedCost,
           lastRuleHit: this._lastRuleHit,
           lastBlockedTool: this._lastBlockedTool
         };
@@ -5488,6 +5495,7 @@ var init_session_counters = __esm({
         this._blocked = 0;
         this._dlpHits = 0;
         this._wouldBlock = 0;
+        this._estimatedCost = 0;
         this._lastRuleHit = null;
         this._lastBlockedTool = null;
       }
@@ -5598,21 +5606,21 @@ function atomicWriteSync2(filePath, data, options) {
   const tmpPath = `${filePath}.${randomUUID3()}.tmp`;
   try {
     fs13.writeFileSync(tmpPath, data, options);
-  } catch (err) {
+  } catch (err2) {
     try {
       fs13.unlinkSync(tmpPath);
     } catch {
     }
-    throw err;
+    throw err2;
   }
   try {
     fs13.renameSync(tmpPath, filePath);
-  } catch (err) {
+  } catch (err2) {
     try {
       fs13.unlinkSync(tmpPath);
     } catch {
     }
-    throw err;
+    throw err2;
   }
 }
 function redactArgs(value) {
@@ -5718,15 +5726,38 @@ function openBrowser(url) {
   } catch {
   }
 }
+function estimateToolCost(tool, args) {
+  const a = args ?? {};
+  const t = tool.toLowerCase().replace(/[^a-z_]/g, "_");
+  if (t.includes("read") || t === "glob" || t === "grep") {
+    const filePath = a.file_path ?? a.path;
+    if (filePath) {
+      try {
+        const bytes = fs13.statSync(filePath).size;
+        return bytes / BYTES_PER_TOKEN / 1e6 * INPUT_PRICE_PER_1M;
+      } catch {
+      }
+    }
+  }
+  if (t.includes("write")) {
+    const content = a.content ?? "";
+    return String(content).length / BYTES_PER_TOKEN / 1e6 * OUTPUT_PRICE_PER_1M;
+  }
+  if (t.includes("edit") || t === "str_replace_based_edit_tool") {
+    const newStr = a.new_string ?? "";
+    return String(newStr).length / BYTES_PER_TOKEN / 1e6 * OUTPUT_PRICE_PER_1M;
+  }
+  return void 0;
+}
 function broadcast(event, data) {
   if (event === "activity") {
     activityRing.push({ event, data });
     if (activityRing.length > ACTIVITY_RING_SIZE) activityRing.shift();
   } else if (event === "activity-result") {
-    const { id, status, label } = data;
+    const { id, status, label, costEstimate } = data;
     for (let i = activityRing.length - 1; i >= 0; i--) {
       if (activityRing[i].data.id === id) {
-        Object.assign(activityRing[i].data, { status, label });
+        Object.assign(activityRing[i].data, { status, label, costEstimate });
         break;
       }
     }
@@ -5791,6 +5822,16 @@ function startActivitySocket() {
           sessionHistory.recordTestFail(data.ts);
           return;
         }
+        if (data.status === "snapshot") {
+          broadcast("snapshot", {
+            hash: data.hash,
+            tool: data.tool,
+            argsSummary: data.argsSummary,
+            fileCount: data.fileCount,
+            ts: data.ts
+          });
+          return;
+        }
         if (data.status === "pending") {
           broadcast("activity", {
             id: data.id,
@@ -5818,10 +5859,13 @@ function startActivitySocket() {
             sessionCounters.incrementBlocked();
             sessionCounters.recordBlockedTool(data.tool);
           }
+          const costEstimate = data.status === "allow" ? estimateToolCost(data.tool, data.args) : void 0;
+          if (costEstimate != null && costEstimate > 0) sessionCounters.addCost(costEstimate);
           broadcast("activity-result", {
             id: data.id,
             status: data.status,
-            label: data.label
+            label: data.label,
+            costEstimate
           });
         }
       } catch {
@@ -5838,7 +5882,7 @@ function startActivitySocket() {
     }
   });
 }
-var homeDir, DAEMON_PID_FILE, DECISIONS_FILE, AUDIT_LOG_FILE, TRUST_FILE2, GLOBAL_CONFIG_FILE, CREDENTIALS_FILE, INSIGHT_COUNTS_FILE, pending, sseClients, suggestionTracker, suggestions, taintStore, insightCounts, _abandonTimer, _hadBrowserClient, _daemonServer, daemonRejectionHandlerRegistered, AUTO_DENY_MS, TRUST_DURATIONS, autoStarted, ACTIVITY_SOCKET_PATH2, ACTIVITY_RING_SIZE, activityRing, SECRET_KEY_RE, WRITE_TOOL_NAMES;
+var homeDir, DAEMON_PID_FILE, DECISIONS_FILE, AUDIT_LOG_FILE, TRUST_FILE2, GLOBAL_CONFIG_FILE, CREDENTIALS_FILE, INSIGHT_COUNTS_FILE, pending, sseClients, suggestionTracker, suggestions, taintStore, insightCounts, _abandonTimer, _hadBrowserClient, _daemonServer, daemonRejectionHandlerRegistered, AUTO_DENY_MS, TRUST_DURATIONS, autoStarted, ACTIVITY_SOCKET_PATH2, ACTIVITY_RING_SIZE, activityRing, SECRET_KEY_RE, INPUT_PRICE_PER_1M, OUTPUT_PRICE_PER_1M, BYTES_PER_TOKEN, WRITE_TOOL_NAMES;
 var init_state2 = __esm({
   "src/daemon/state.ts"() {
     "use strict";
@@ -5876,6 +5920,9 @@ var init_state2 = __esm({
     ACTIVITY_RING_SIZE = 100;
     activityRing = [];
     SECRET_KEY_RE = /password|secret|token|key|apikey|credential|auth/i;
+    INPUT_PRICE_PER_1M = 3;
+    OUTPUT_PRICE_PER_1M = 15;
+    BYTES_PER_TOKEN = 4;
     WRITE_TOOL_NAMES = /* @__PURE__ */ new Set([
       "write",
       "write_file",
@@ -5922,21 +5969,21 @@ function patchConfig(configPath, patch) {
   const tmp = configPath + ".node9-tmp";
   try {
     fs14.writeFileSync(tmp, JSON.stringify(config, null, 2), { mode: 384 });
-  } catch (err) {
+  } catch (err2) {
     try {
       fs14.unlinkSync(tmp);
     } catch {
     }
-    throw err;
+    throw err2;
   }
   try {
     fs14.renameSync(tmp, configPath);
-  } catch (err) {
+  } catch (err2) {
     try {
       fs14.unlinkSync(tmp);
     } catch {
     }
-    throw err;
+    throw err2;
   }
 }
 var GLOBAL_CONFIG_PATH;
@@ -6191,11 +6238,11 @@ data: ${JSON.stringify(item.data)}
             e.earlyDecision = decision;
             e.earlyReason = result.reason;
           }
-        }).catch((err) => {
+        }).catch((err2) => {
           const e = pending.get(id);
           if (!e) return;
           clearTimeout(e.timer);
-          const reason = err?.reason || "No response \u2014 request timed out";
+          const reason = err2?.reason || "No response \u2014 request timed out";
           if (e.waiter) e.waiter("deny", reason);
           else {
             e.earlyDecision = "deny";
@@ -6322,8 +6369,8 @@ data: ${JSON.stringify(item.data)}
         const s = getGlobalSettings();
         res.writeHead(200, { "Content-Type": "application/json" });
         return res.end(JSON.stringify({ ...s, autoStarted }));
-      } catch (err) {
-        console.error(chalk2.red("[node9 daemon] GET /settings failed:"), err);
+      } catch (err2) {
+        console.error(chalk2.red("[node9 daemon] GET /settings failed:"), err2);
         res.writeHead(500, { "Content-Type": "application/json" });
         return res.end(JSON.stringify({ error: "internal" }));
       }
@@ -6339,7 +6386,8 @@ data: ${JSON.stringify(item.data)}
             allowed: counters.allowed,
             blocked: counters.blocked,
             dlpHits: counters.dlpHits,
-            wouldBlock: counters.wouldBlock
+            wouldBlock: counters.wouldBlock,
+            estimatedCost: counters.estimatedCost
           },
           taintedCount: taintStore.list().length,
           lastRuleHit: counters.lastRuleHit,
@@ -6347,8 +6395,8 @@ data: ${JSON.stringify(item.data)}
         };
         res.writeHead(200, { "Content-Type": "application/json" });
         return res.end(JSON.stringify(status));
-      } catch (err) {
-        console.error(chalk2.red("[node9 daemon] GET /status failed:"), err);
+      } catch (err2) {
+        console.error(chalk2.red("[node9 daemon] GET /status failed:"), err2);
         res.writeHead(500, { "Content-Type": "application/json" });
         return res.end(JSON.stringify({ error: "internal" }));
       }
@@ -6388,8 +6436,8 @@ data: ${JSON.stringify(item.data)}
         const s = getGlobalSettings();
         res.writeHead(200, { "Content-Type": "application/json" });
         return res.end(JSON.stringify({ hasKey: hasStoredSlackKey(), enabled: s.slackEnabled }));
-      } catch (err) {
-        console.error(chalk2.red("[node9 daemon] GET /slack-status failed:"), err);
+      } catch (err2) {
+        console.error(chalk2.red("[node9 daemon] GET /slack-status failed:"), err2);
         res.writeHead(500, { "Content-Type": "application/json" });
         return res.end(JSON.stringify({ error: "internal" }));
       }
@@ -6471,6 +6519,7 @@ data: ${JSON.stringify(item.data)}
     }
     if (req.method === "POST" && pathname === "/events/clear") {
       activityRing.length = 0;
+      sessionCounters.reset();
       res.writeHead(200, { "Content-Type": "application/json" });
       return res.end(JSON.stringify({ ok: true }));
     }
@@ -6549,10 +6598,10 @@ data: ${JSON.stringify(item.data)}
         broadcast("suggestion:resolved", { id, status: "applied" });
         res.writeHead(200, { "Content-Type": "application/json" });
         return res.end(JSON.stringify({ ok: true }));
-      } catch (err) {
-        console.error(chalk2.red("[node9 daemon] POST /suggestions/:id/apply failed:"), err);
+      } catch (err2) {
+        console.error(chalk2.red("[node9 daemon] POST /suggestions/:id/apply failed:"), err2);
         res.writeHead(500, { "Content-Type": "application/json" });
-        return res.end(JSON.stringify({ error: String(err) }));
+        return res.end(JSON.stringify({ error: String(err2) }));
       }
     }
     if (req.method === "POST" && pathname.startsWith("/suggestions/") && pathname.endsWith("/dismiss")) {
@@ -6767,10 +6816,10 @@ __export(tail_exports, {
 });
 import http2 from "http";
 import chalk17 from "chalk";
-import fs24 from "fs";
-import os20 from "os";
-import path27 from "path";
-import readline4 from "readline";
+import fs25 from "fs";
+import os21 from "os";
+import path28 from "path";
+import readline5 from "readline";
 import { spawn as spawn9, execSync as execSync3 } from "child_process";
 function getIcon(tool) {
   const t = tool.toLowerCase();
@@ -6783,7 +6832,7 @@ function formatBase(activity) {
   const time = new Date(activity.ts).toLocaleTimeString([], { hour12: false });
   const icon = getIcon(activity.tool);
   const toolName = activity.tool.slice(0, 16).padEnd(16);
-  const argsStr = JSON.stringify(activity.args ?? {}).replace(/\s+/g, " ");
+  const argsStr = JSON.stringify(activity.args ?? {}).replace(/\s+/g, " ").replaceAll(os21.homedir(), "~");
   const argsPreview = argsStr.length > 70 ? argsStr.slice(0, 70) + "\u2026" : argsStr;
   return `${chalk17.gray(time)} ${icon} ${chalk17.white.bold(toolName)} ${chalk17.dim(argsPreview)}`;
 }
@@ -6797,11 +6846,13 @@ function renderResult(activity, result) {
   } else {
     status = chalk17.red("\u2717 BLOCK");
   }
+  const cost = result.costEstimate ?? activity.costEstimate;
+  const costSuffix = cost == null ? "" : chalk17.dim(`  ~$${cost >= 1e-3 ? cost.toFixed(3) : "0.000"}`);
   if (process.stdout.isTTY) {
-    readline4.clearLine(process.stdout, 0);
-    readline4.cursorTo(process.stdout, 0);
+    readline5.clearLine(process.stdout, 0);
+    readline5.cursorTo(process.stdout, 0);
   }
-  console.log(`${base}  ${status}`);
+  console.log(`${base}  ${status}${costSuffix}`);
 }
 function renderPending(activity) {
   if (!process.stdout.isTTY) return;
@@ -6809,9 +6860,9 @@ function renderPending(activity) {
 }
 async function ensureDaemon() {
   let pidPort = null;
-  if (fs24.existsSync(PID_FILE)) {
+  if (fs25.existsSync(PID_FILE)) {
     try {
-      const { port } = JSON.parse(fs24.readFileSync(PID_FILE, "utf-8"));
+      const { port } = JSON.parse(fs25.readFileSync(PID_FILE, "utf-8"));
       pidPort = port;
     } catch {
       console.error(chalk17.dim("\u26A0\uFE0F  Could not read PID file; falling back to default port."));
@@ -6930,6 +6981,39 @@ function buildRecoveryCardLines(req) {
     ``
   ];
 }
+function readApproversFromDisk() {
+  const configPath = path28.join(os21.homedir(), ".node9", "config.json");
+  try {
+    const raw = JSON.parse(fs25.readFileSync(configPath, "utf-8"));
+    const settings = raw.settings ?? {};
+    return settings.approvers ?? {};
+  } catch {
+    return {};
+  }
+}
+function approverStatusLine() {
+  const a = readApproversFromDisk();
+  const fmt = (label, key) => {
+    const on = a[key] !== false;
+    return `[${key[0]}]${label.slice(1)} ${on ? chalk17.green("\u2713") : chalk17.dim("\u2717")}`;
+  };
+  return `${fmt("native", "native")}  ${fmt("browser", "browser")}  ${fmt("cloud", "cloud")}  ${fmt("terminal", "terminal")}`;
+}
+function toggleApprover(channel) {
+  const configPath = path28.join(os21.homedir(), ".node9", "config.json");
+  try {
+    const raw = JSON.parse(fs25.readFileSync(configPath, "utf-8"));
+    const settings = raw.settings ?? {};
+    const approvers = settings.approvers ?? {};
+    approvers[channel] = approvers[channel] === false;
+    settings.approvers = approvers;
+    raw.settings = settings;
+    fs25.writeFileSync(configPath, JSON.stringify(raw, null, 2) + "\n");
+  } catch (err2) {
+    process.stderr.write(`[node9] toggleApprover failed: ${String(err2)}
+`);
+  }
+}
 async function startTail(options = {}) {
   const port = await ensureDaemon();
   if (options.clear) {
@@ -6948,7 +7032,7 @@ async function startTail(options = {}) {
           res.resume();
         }
       );
-      req2.once("error", (err) => resolve({ ok: false, code: err.code }));
+      req2.once("error", (err2) => resolve({ ok: false, code: err2.code }));
       req2.setTimeout(2e3, () => {
         resolve({ ok: false, code: "ETIMEDOUT" });
         req2.destroy();
@@ -6975,10 +7059,48 @@ async function startTail(options = {}) {
   let cancelActiveCard = null;
   const localAllowCounts = /* @__PURE__ */ new Map();
   const canApprove = process.stdout.isTTY && process.stdin.isTTY;
-  if (canApprove) readline4.emitKeypressEvents(process.stdin);
+  if (canApprove) readline5.emitKeypressEvents(process.stdin);
+  let idleKeypressHandler = null;
+  function enterIdleMode() {
+    if (!canApprove || idleKeypressHandler !== null) return;
+    try {
+      process.stdin.setRawMode(true);
+    } catch {
+      return;
+    }
+    process.stdin.resume();
+    idleKeypressHandler = (_str, key) => {
+      const name = key?.name ?? "";
+      if (key?.ctrl && name === "c") {
+        process.kill(process.pid, "SIGINT");
+        return;
+      }
+      if (name === "q") {
+        process.kill(process.pid, "SIGINT");
+        return;
+      }
+      const channel = name === "n" ? "native" : name === "b" ? "browser" : name === "c" ? "cloud" : name === "t" ? "terminal" : null;
+      if (channel) {
+        toggleApprover(channel);
+        console.log(chalk17.dim(`  Approvers: ${approverStatusLine()}`));
+      }
+    };
+    process.stdin.on("keypress", idleKeypressHandler);
+  }
+  function exitIdleMode() {
+    if (idleKeypressHandler) {
+      process.stdin.removeListener("keypress", idleKeypressHandler);
+      idleKeypressHandler = null;
+    }
+    try {
+      process.stdin.setRawMode(false);
+    } catch {
+    }
+    process.stdin.pause();
+  }
   function clearCard() {
     if (cardLineCount > 0) {
-      readline4.moveCursor(process.stdout, 0, -cardLineCount);
+      readline5.moveCursor(process.stdout, 0, -cardLineCount);
       process.stdout.write(ERASE_DOWN);
       cardLineCount = 0;
     }
@@ -6994,10 +7116,12 @@ async function startTail(options = {}) {
   }
   function showNextCard() {
     if (cardActive || approvalQueue.length === 0 || !canApprove) return;
+    exitIdleMode();
     try {
       process.stdin.setRawMode(true);
     } catch {
       cardActive = false;
+      enterIdleMode();
       return;
     }
     cardActive = true;
@@ -7009,12 +7133,8 @@ async function startTail(options = {}) {
       const handler = onKeypress;
       onKeypress = null;
       if (handler) process.stdin.removeListener("keypress", handler);
-      try {
-        process.stdin.setRawMode(false);
-      } catch {
-      }
-      process.stdin.pause();
       cancelActiveCard = null;
+      enterIdleMode();
     };
     const settle = (action) => {
       if (settled) return;
@@ -7054,11 +7174,11 @@ async function startTail(options = {}) {
       } else {
         httpDecision = action;
       }
-      postDecisionHttp(req2.id, httpDecision, csrfToken, port, httpOpts).catch((err) => {
+      postDecisionHttp(req2.id, httpDecision, csrfToken, port, httpOpts).catch((err2) => {
         try {
-          fs24.appendFileSync(
-            path27.join(os20.homedir(), ".node9", "hook-debug.log"),
-            `[tail] POST /decision failed: ${String(err)}
+          fs25.appendFileSync(
+            path28.join(os21.homedir(), ".node9", "hook-debug.log"),
+            `[tail] POST /decision failed: ${String(err2)}
 `
           );
         } catch {
@@ -7141,23 +7261,21 @@ async function startTail(options = {}) {
   console.log(chalk17.cyan.bold(`
 \u{1F6F0}\uFE0F  Node9 tail  `) + chalk17.dim(`\u2192 ${dashboardUrl}`));
   if (canApprove) {
-    console.log(
-      chalk17.dim("Interactive approvals: [\u21B5/y] Allow  [n] Deny  [a] Always Allow  [t] Trust 30m")
-    );
+    console.log(chalk17.dim("Card: [\u21B5/y] Allow  [n] Deny  [a] Always  [t] Trust 30m"));
+    console.log(chalk17.dim(`Approvers (toggle): ${approverStatusLine()}  [q] quit`));
   }
   if (options.history) {
-    console.log(chalk17.dim("Showing history + live events. Press Ctrl+C to exit.\n"));
+    console.log(chalk17.dim("Showing history + live events.\n"));
   } else {
-    console.log(
-      chalk17.dim("Showing live events only. Use --history to include past. Press Ctrl+C to exit.\n")
-    );
+    console.log(chalk17.dim("Showing live events only. Use --history to include past.\n"));
   }
   process.on("SIGINT", () => {
+    exitIdleMode();
     clearCard();
     process.stdout.write(SHOW_CURSOR);
     if (process.stdout.isTTY) {
-      readline4.clearLine(process.stdout, 0);
-      readline4.cursorTo(process.stdout, 0);
+      readline5.clearLine(process.stdout, 0);
+      readline5.cursorTo(process.stdout, 0);
     }
     console.log(chalk17.dim("\n\u{1F6F0}\uFE0F  Disconnected."));
     process.exit(0);
@@ -7168,11 +7286,12 @@ async function startTail(options = {}) {
       console.error(chalk17.red(`Failed to connect: HTTP ${res.statusCode}`));
       process.exit(1);
     }
+    if (canApprove) enterIdleMode();
     let currentEvent = "";
     let currentData = "";
     res.on("error", () => {
     });
-    const rl = readline4.createInterface({ input: res, crlfDelay: Infinity });
+    const rl = readline5.createInterface({ input: res, crlfDelay: Infinity });
     rl.on("error", () => {
     });
     rl.on("line", (line) => {
@@ -7192,8 +7311,8 @@ async function startTail(options = {}) {
       clearCard();
       process.stdout.write(SHOW_CURSOR);
       if (process.stdout.isTTY) {
-        readline4.clearLine(process.stdout, 0);
-        readline4.cursorTo(process.stdout, 0);
+        readline5.clearLine(process.stdout, 0);
+        readline5.cursorTo(process.stdout, 0);
       }
       console.log(chalk17.red("\n\u274C Daemon disconnected."));
       process.exit(1);
@@ -7271,6 +7390,18 @@ async function startTail(options = {}) {
       const slowTool = /bash|shell|query|sql|agent/i.test(data.tool);
       if (slowTool) renderPending(data);
     }
+    if (event === "snapshot") {
+      const time = new Date(data.ts).toLocaleTimeString([], { hour12: false });
+      const hash = data.hash ?? "";
+      const summary = data.argsSummary ?? data.tool;
+      const fileCount = data.fileCount ?? 0;
+      const files = fileCount > 0 ? chalk17.dim(` \xB7 ${fileCount} file${fileCount === 1 ? "" : "s"}`) : "";
+      process.stdout.write(
+        `${chalk17.dim(time)}  ${chalk17.cyan("\u{1F4F8} snapshot")}  ${chalk17.dim(hash)}  ${summary}${files}
+`
+      );
+      return;
+    }
     if (event === "activity-result") {
       const original = activityPending.get(data.id);
       if (original) {
@@ -7279,8 +7410,8 @@ async function startTail(options = {}) {
       }
     }
   }
-  req.on("error", (err) => {
-    const msg = err.code === "ECONNREFUSED" ? "Daemon is not running. Start it with: node9 daemon start" : err.message;
+  req.on("error", (err2) => {
+    const msg = err2.code === "ECONNREFUSED" ? "Daemon is not running. Start it with: node9 daemon start" : err2.message;
     console.error(chalk17.red(`
 \u274C ${msg}`));
     process.exit(1);
@@ -7293,7 +7424,7 @@ var init_tail = __esm({
     init_daemon2();
     init_daemon();
     init_core();
-    PID_FILE = path27.join(os20.homedir(), ".node9", "daemon.pid");
+    PID_FILE = path28.join(os21.homedir(), ".node9", "daemon.pid");
     ICONS = {
       bash: "\u{1F4BB}",
       shell: "\u{1F4BB}",
@@ -7332,9 +7463,9 @@ __export(hud_exports, {
   main: () => main,
   renderEnvironmentLine: () => renderEnvironmentLine
 });
-import fs25 from "fs";
-import path28 from "path";
-import os21 from "os";
+import fs26 from "fs";
+import path29 from "path";
+import os22 from "os";
 import http3 from "http";
 async function readStdin() {
   const chunks = [];
@@ -7410,9 +7541,9 @@ function formatTimeLeft(resetsAt) {
   return ` (${m}m left)`;
 }
 function safeReadJson(filePath) {
-  if (!fs25.existsSync(filePath)) return null;
+  if (!fs26.existsSync(filePath)) return null;
   try {
-    return JSON.parse(fs25.readFileSync(filePath, "utf-8"));
+    return JSON.parse(fs26.readFileSync(filePath, "utf-8"));
   } catch {
     return null;
   }
@@ -7433,12 +7564,12 @@ function countHooksInFile(filePath) {
   return Object.keys(cfg.hooks).length;
 }
 function countRulesInDir(rulesDir) {
-  if (!fs25.existsSync(rulesDir)) return 0;
+  if (!fs26.existsSync(rulesDir)) return 0;
   let count = 0;
   try {
-    for (const entry of fs25.readdirSync(rulesDir, { withFileTypes: true })) {
+    for (const entry of fs26.readdirSync(rulesDir, { withFileTypes: true })) {
       if (entry.isDirectory()) {
-        count += countRulesInDir(path28.join(rulesDir, entry.name));
+        count += countRulesInDir(path29.join(rulesDir, entry.name));
       } else if (entry.isFile() && entry.name.endsWith(".md")) {
         count++;
       }
@@ -7449,46 +7580,46 @@ function countRulesInDir(rulesDir) {
 }
 function isSamePath(a, b) {
   try {
-    return path28.resolve(a) === path28.resolve(b);
+    return path29.resolve(a) === path29.resolve(b);
   } catch {
     return false;
   }
 }
 function countConfigs(cwd) {
-  const homeDir2 = os21.homedir();
-  const claudeDir = path28.join(homeDir2, ".claude");
+  const homeDir2 = os22.homedir();
+  const claudeDir = path29.join(homeDir2, ".claude");
   let claudeMdCount = 0;
   let rulesCount = 0;
   let hooksCount = 0;
   const userMcpServers = /* @__PURE__ */ new Set();
   const projectMcpServers = /* @__PURE__ */ new Set();
-  if (fs25.existsSync(path28.join(claudeDir, "CLAUDE.md"))) claudeMdCount++;
-  rulesCount += countRulesInDir(path28.join(claudeDir, "rules"));
-  const userSettings = path28.join(claudeDir, "settings.json");
+  if (fs26.existsSync(path29.join(claudeDir, "CLAUDE.md"))) claudeMdCount++;
+  rulesCount += countRulesInDir(path29.join(claudeDir, "rules"));
+  const userSettings = path29.join(claudeDir, "settings.json");
   for (const name of getMcpServerNames(userSettings)) userMcpServers.add(name);
   hooksCount += countHooksInFile(userSettings);
-  const userClaudeJson = path28.join(homeDir2, ".claude.json");
+  const userClaudeJson = path29.join(homeDir2, ".claude.json");
   for (const name of getMcpServerNames(userClaudeJson)) userMcpServers.add(name);
   for (const name of getDisabledMcpServers(userClaudeJson, "disabledMcpServers")) {
     userMcpServers.delete(name);
   }
   if (cwd) {
-    if (fs25.existsSync(path28.join(cwd, "CLAUDE.md"))) claudeMdCount++;
-    if (fs25.existsSync(path28.join(cwd, "CLAUDE.local.md"))) claudeMdCount++;
-    const projectClaudeDir = path28.join(cwd, ".claude");
+    if (fs26.existsSync(path29.join(cwd, "CLAUDE.md"))) claudeMdCount++;
+    if (fs26.existsSync(path29.join(cwd, "CLAUDE.local.md"))) claudeMdCount++;
+    const projectClaudeDir = path29.join(cwd, ".claude");
     const overlapsUserScope = isSamePath(projectClaudeDir, claudeDir);
     if (!overlapsUserScope) {
-      if (fs25.existsSync(path28.join(projectClaudeDir, "CLAUDE.md"))) claudeMdCount++;
-      rulesCount += countRulesInDir(path28.join(projectClaudeDir, "rules"));
-      const projSettings = path28.join(projectClaudeDir, "settings.json");
+      if (fs26.existsSync(path29.join(projectClaudeDir, "CLAUDE.md"))) claudeMdCount++;
+      rulesCount += countRulesInDir(path29.join(projectClaudeDir, "rules"));
+      const projSettings = path29.join(projectClaudeDir, "settings.json");
       for (const name of getMcpServerNames(projSettings)) projectMcpServers.add(name);
       hooksCount += countHooksInFile(projSettings);
     }
-    if (fs25.existsSync(path28.join(projectClaudeDir, "CLAUDE.local.md"))) claudeMdCount++;
-    const localSettings = path28.join(projectClaudeDir, "settings.local.json");
+    if (fs26.existsSync(path29.join(projectClaudeDir, "CLAUDE.local.md"))) claudeMdCount++;
+    const localSettings = path29.join(projectClaudeDir, "settings.local.json");
     for (const name of getMcpServerNames(localSettings)) projectMcpServers.add(name);
     hooksCount += countHooksInFile(localSettings);
-    const mcpJsonServers = getMcpServerNames(path28.join(cwd, ".mcp.json"));
+    const mcpJsonServers = getMcpServerNames(path29.join(cwd, ".mcp.json"));
     const disabledMcpJson = getDisabledMcpServers(localSettings, "disabledMcpjsonServers");
     for (const name of disabledMcpJson) mcpJsonServers.delete(name);
     for (const name of mcpJsonServers) projectMcpServers.add(name);
@@ -7546,6 +7677,11 @@ function renderSecurityLine(status) {
       parts.push(color(RED2, `\u{1F6A8} ${status.session.dlpHits} dlp`));
     }
   }
+  if (status.session.estimatedCost > 0) {
+    const cost = status.session.estimatedCost;
+    const costStr = cost >= 0.01 ? `$${cost.toFixed(2)}` : cost >= 1e-3 ? `$${cost.toFixed(3)}` : "<$0.001";
+    parts.push(color(DIM, `~${costStr}`));
+  }
   if (status.taintedCount > 0) {
     parts.push(color(YELLOW2, `\u{1F4A7} ${status.taintedCount} tainted`));
   }
@@ -7601,11 +7737,11 @@ async function main() {
       try {
         const cwd = stdin.cwd ?? process.cwd();
         for (const configPath of [
-          path28.join(cwd, "node9.config.json"),
-          path28.join(os21.homedir(), ".node9", "config.json")
+          path29.join(cwd, "node9.config.json"),
+          path29.join(os22.homedir(), ".node9", "config.json")
         ]) {
-          if (!fs25.existsSync(configPath)) continue;
-          const cfg = JSON.parse(fs25.readFileSync(configPath, "utf-8"));
+          if (!fs26.existsSync(configPath)) continue;
+          const cfg = JSON.parse(fs26.readFileSync(configPath, "utf-8"));
           const hud = cfg.settings?.hud;
           if (hud && "showEnvironmentCounts" in hud) return hud.showEnvironmentCounts !== false;
         }
@@ -7654,6 +7790,16 @@ import path14 from "path";
 import os10 from "os";
 import chalk from "chalk";
 import { confirm } from "@inquirer/prompts";
+var NODE9_MCP_SERVER_ENTRY = { command: "node9", args: ["mcp-server"] };
+function hasNode9McpServer(servers) {
+  const entry = servers["node9"];
+  return !!entry && entry.command === "node9" && Array.isArray(entry.args) && entry.args[0] === "mcp-server";
+}
+function removeNode9McpServer(servers) {
+  if (!hasNode9McpServer(servers)) return false;
+  delete servers["node9"];
+  return true;
+}
 function printDaemonTip() {
   console.log(
     chalk.cyan("\n   \u{1F4A1} Node9 will protect you automatically using Native OS popups.") + chalk.white("\n      To view your history or manage persistent rules, run:") + chalk.green("\n      node9 daemon --openui")
@@ -7711,6 +7857,10 @@ function teardownClaude() {
   const claudeConfig = readJson(mcpPath);
   if (claudeConfig?.mcpServers) {
     let mcpChanged = false;
+    if (removeNode9McpServer(claudeConfig.mcpServers)) {
+      mcpChanged = true;
+      console.log(chalk.green("  \u2705 Removed node9 MCP server entry from ~/.claude.json"));
+    }
     for (const [name, server] of Object.entries(claudeConfig.mcpServers)) {
       if (server.command === "node9" && Array.isArray(server.args) && server.args.length > 0) {
         const [originalCmd, ...originalArgs] = server.args;
@@ -7754,6 +7904,10 @@ function teardownGemini() {
     }
   }
   if (settings.mcpServers) {
+    if (removeNode9McpServer(settings.mcpServers)) {
+      changed = true;
+      console.log(chalk.green("  \u2705 Removed node9 MCP server entry from ~/.gemini/settings.json"));
+    }
     for (const [name, server] of Object.entries(settings.mcpServers)) {
       if (server.command === "node9" && Array.isArray(server.args) && server.args.length > 0) {
         const [originalCmd, ...originalArgs] = server.args;
@@ -7782,6 +7936,10 @@ function teardownCursor() {
     return;
   }
   let changed = false;
+  if (removeNode9McpServer(mcpConfig.mcpServers)) {
+    changed = true;
+    console.log(chalk.green("  \u2705 Removed node9 MCP server entry from ~/.cursor/mcp.json"));
+  }
   for (const [name, server] of Object.entries(mcpConfig.mcpServers)) {
     if (server.command === "node9" && Array.isArray(server.args) && server.args.length > 0) {
       const [originalCmd, ...originalArgs] = server.args;
@@ -7807,6 +7965,7 @@ async function setupClaude() {
   const claudeConfig = readJson(mcpPath) ?? {};
   const settings = readJson(hooksPath) ?? {};
   const servers = claudeConfig.mcpServers ?? {};
+  let hooksChanged = false;
   let anythingChanged = false;
   if (!settings.hooks) settings.hooks = {};
   const hasPreHook = settings.hooks.PreToolUse?.some(
@@ -7819,6 +7978,7 @@ async function setupClaude() {
       hooks: [{ type: "command", command: fullPathCommand("check"), timeout: 60 }]
     });
     console.log(chalk.green("  \u2705 PreToolUse hook added  \u2192 node9 check"));
+    hooksChanged = true;
     anythingChanged = true;
   }
   const hasPostHook = settings.hooks.PostToolUse?.some(
@@ -7831,9 +7991,17 @@ async function setupClaude() {
       hooks: [{ type: "command", command: fullPathCommand("log"), timeout: 600 }]
     });
     console.log(chalk.green("  \u2705 PostToolUse hook added \u2192 node9 log"));
+    hooksChanged = true;
     anythingChanged = true;
   }
-  if (anythingChanged) {
+  if (!hasNode9McpServer(servers)) {
+    servers["node9"] = NODE9_MCP_SERVER_ENTRY;
+    claudeConfig.mcpServers = servers;
+    writeJson(mcpPath, claudeConfig);
+    console.log(chalk.green("  \u2705 node9 MCP server added   \u2192 node9 mcp-server"));
+    anythingChanged = true;
+  }
+  if (hooksChanged) {
     writeJson(hooksPath, settings);
     console.log("");
   }
@@ -7881,6 +8049,7 @@ async function setupGemini() {
   const settingsPath = path14.join(homeDir2, ".gemini", "settings.json");
   const settings = readJson(settingsPath) ?? {};
   const servers = settings.mcpServers ?? {};
+  let hooksChanged = false;
   let anythingChanged = false;
   if (!settings.hooks) settings.hooks = {};
   const hasBeforeHook = Array.isArray(settings.hooks.BeforeTool) && settings.hooks.BeforeTool.some(
@@ -7901,6 +8070,7 @@ async function setupGemini() {
       ]
     });
     console.log(chalk.green("  \u2705 BeforeTool hook added \u2192 node9 check"));
+    hooksChanged = true;
     anythingChanged = true;
   }
   const hasAfterHook = Array.isArray(settings.hooks.AfterTool) && settings.hooks.AfterTool.some(
@@ -7914,9 +8084,17 @@ async function setupGemini() {
       hooks: [{ name: "node9-log", type: "command", command: fullPathCommand("log") }]
     });
     console.log(chalk.green("  \u2705 AfterTool hook added  \u2192 node9 log"));
+    hooksChanged = true;
     anythingChanged = true;
   }
-  if (anythingChanged) {
+  if (!hasNode9McpServer(servers)) {
+    servers["node9"] = NODE9_MCP_SERVER_ENTRY;
+    settings.mcpServers = servers;
+    console.log(chalk.green("  \u2705 node9 MCP server added   \u2192 node9 mcp-server"));
+    hooksChanged = true;
+    anythingChanged = true;
+  }
+  if (hooksChanged) {
     writeJson(settingsPath, settings);
     console.log("");
   }
@@ -7963,10 +8141,10 @@ function detectAgents(homeDir2 = os10.homedir()) {
   const exists = (p) => {
     try {
       return fs11.existsSync(p);
-    } catch (err) {
-      const code = err.code;
+    } catch (err2) {
+      const code = err2.code;
       if (code !== "ENOENT") {
-        process.stderr.write(`[node9] detectAgents: cannot access ${p}: ${code ?? String(err)}
+        process.stderr.write(`[node9] detectAgents: cannot access ${p}: ${code ?? String(err2)}
 `);
       }
       return false;
@@ -7984,6 +8162,13 @@ async function setupCursor() {
   const mcpConfig = readJson(mcpPath) ?? {};
   const servers = mcpConfig.mcpServers ?? {};
   let anythingChanged = false;
+  if (!hasNode9McpServer(servers)) {
+    servers["node9"] = NODE9_MCP_SERVER_ENTRY;
+    mcpConfig.mcpServers = servers;
+    writeJson(mcpPath, mcpConfig);
+    console.log(chalk.green("  \u2705 node9 MCP server added   \u2192 node9 mcp-server"));
+    anythingChanged = true;
+  }
   const serversToWrap = [];
   for (const [name, server] of Object.entries(servers)) {
     if (!server.command || server.command === "node9") continue;
@@ -8083,9 +8268,9 @@ function teardownHud() {
 // src/cli.ts
 init_daemon2();
 import chalk18 from "chalk";
-import fs26 from "fs";
-import path29 from "path";
-import os22 from "os";
+import fs27 from "fs";
+import path30 from "path";
+import os23 from "os";
 import { confirm as confirm2 } from "@inquirer/prompts";
 
 // src/utils/duration.ts
@@ -8320,8 +8505,29 @@ import os14 from "os";
 import { spawnSync as spawnSync4, spawn as spawn5 } from "child_process";
 import crypto2 from "crypto";
 import fs17 from "fs";
+import net3 from "net";
 import path19 from "path";
 import os13 from "os";
+var ACTIVITY_SOCKET_PATH3 = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : path19.join(os13.tmpdir(), "node9-activity.sock");
+function notifySnapshotTaken(hash, tool, argsSummary, fileCount) {
+  try {
+    const payload = JSON.stringify({
+      status: "snapshot",
+      hash,
+      tool,
+      argsSummary,
+      fileCount,
+      ts: Date.now()
+    });
+    const sock = net3.createConnection(ACTIVITY_SOCKET_PATH3);
+    sock.on("connect", () => {
+      sock.end(payload);
+    });
+    sock.on("error", () => {
+    });
+  } catch {
+  }
+}
 var SNAPSHOT_STACK_PATH = path19.join(os13.homedir(), ".node9", "snapshots.json");
 var UNDO_LATEST_PATH = path19.join(os13.homedir(), ".node9", "undo_latest.txt");
 var MAX_SNAPSHOTS = 10;
@@ -8504,6 +8710,9 @@ async function createShadowSnapshot(tool = "unknown", args = {}, ignorePaths = [
       if (filesRes.status === 0) {
         capturedFiles = filesRes.stdout?.toString().trim().split("\n").filter(Boolean) ?? [];
       }
+      if (capturedFiles.length === 0) {
+        return prevEntry.hash;
+      }
       const diffRes = spawnSync4("git", ["diff", prevEntry.hash, commitHash], {
         env: shadowEnv,
         timeout: GIT_TIMEOUT
@@ -8541,13 +8750,15 @@ async function createShadowSnapshot(tool = "unknown", args = {}, ignorePaths = [
     }
     if (cwdCount > MAX_SNAPSHOTS) stack.splice(oldestCwdIdx, 1);
     writeStack(stack);
+    const entry = stack[stack.length - 1];
+    notifySnapshotTaken(commitHash.slice(0, 7), tool, entry.argsSummary, capturedFiles.length);
     fs17.writeFileSync(UNDO_LATEST_PATH, commitHash);
     if (shouldGc) {
       spawn5("git", ["gc", "--auto"], { env: shadowEnv, detached: true, stdio: "ignore" }).unref();
     }
     return commitHash;
-  } catch (err) {
-    if (process.env.NODE9_DEBUG === "1") console.error("[Node9 Undo Engine Error]:", err);
+  } catch (err2) {
+    if (process.env.NODE9_DEBUG === "1") console.error("[Node9 Undo Engine Error]:", err2);
     return null;
   } finally {
     if (indexFile) {
@@ -8651,11 +8862,11 @@ function registerCheckCommand(program2) {
         let payload = JSON.parse(raw);
         try {
           payload = JSON.parse(raw);
-        } catch (err) {
+        } catch (err2) {
           const tempConfig = getConfig();
           if (process.env.NODE9_DEBUG === "1" || tempConfig.settings.enableHookLogDebug) {
             const logPath = path20.join(os14.homedir(), ".node9", "hook-debug.log");
-            const errMsg = err instanceof Error ? err.message : String(err);
+            const errMsg = err2 instanceof Error ? err2.message : String(err2);
             fs18.appendFileSync(
               logPath,
               `[${(/* @__PURE__ */ new Date()).toISOString()}] JSON_PARSE_ERROR: ${errMsg}
@@ -8776,10 +8987,10 @@ RAW: ${raw}
           ...result,
           blockedByLabel: result.blockedByLabel
         });
-      } catch (err) {
+      } catch (err2) {
         if (process.env.NODE9_DEBUG === "1") {
           const logPath = path20.join(os14.homedir(), ".node9", "hook-debug.log");
-          const errMsg = err instanceof Error ? err.message : String(err);
+          const errMsg = err2 instanceof Error ? err2.message : String(err2);
           fs18.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] ERROR: ${errMsg}
 `);
         }
@@ -8925,8 +9136,8 @@ function registerLogCommand(program2) {
         if (shouldSnapshot(tool, {}, config)) {
           await createShadowSnapshot("unknown", {}, config.policy.snapshot.ignorePaths);
         }
-      } catch (err) {
-        const msg = err instanceof Error ? err.message : String(err);
+      } catch (err2) {
+        const msg = err2 instanceof Error ? err2.message : String(err2);
         process.stderr.write(`[Node9] audit log error: ${msg}
 `);
         const debugPath = path21.join(os15.homedir(), ".node9", "hook-debug.log");
@@ -9699,24 +9910,78 @@ import chalk11 from "chalk";
 import fs23 from "fs";
 import path25 from "path";
 import os19 from "os";
+import https from "https";
+function fireTelemetryPing(agents) {
+  try {
+    const body = JSON.stringify({
+      event: "init_completed",
+      agents_detected: agents,
+      os: process.platform,
+      node9_version: process.env.npm_package_version ?? "unknown"
+    });
+    const req = https.request(
+      {
+        hostname: "api.node9.ai",
+        path: "/api/v1/telemetry",
+        method: "POST",
+        headers: { "Content-Type": "application/json", "Content-Length": Buffer.byteLength(body) },
+        timeout: 3e3
+      },
+      (res) => {
+        res.resume();
+      }
+    );
+    req.on("error", () => {
+    });
+    req.on("timeout", () => {
+      req.destroy();
+    });
+    req.end(body);
+  } catch {
+  }
+}
 function registerInitCommand(program2) {
   program2.command("init").description("Set up Node9: create config and wire all detected AI agents").option("--force", "Overwrite existing config").option("-m, --mode <mode>", "Set initial security mode (standard, strict, audit)", "standard").option("--skip-setup", "Only create config \u2014 do not wire AI agents").action(async (options) => {
     console.log(chalk11.cyan.bold("\n\u{1F6E1}\uFE0F  Node9 Init\n"));
+    let chosenMode = options.mode.toLowerCase();
+    if (!["standard", "strict", "audit"].includes(chosenMode)) {
+      chosenMode = DEFAULT_CONFIG.settings.mode;
+    }
+    {
+      const { confirm: confirm3 } = await import("@inquirer/prompts");
+      const enableShields = await confirm3({
+        message: "Enable recommended safety shields? (blocks rm -rf, SQL drops, pipe-to-shell)",
+        default: true
+      });
+      if (enableShields) chosenMode = "standard";
+      console.log("");
+    }
     const configPath = path25.join(os19.homedir(), ".node9", "config.json");
     if (fs23.existsSync(configPath) && !options.force) {
-      console.log(chalk11.blue(`\u2139\uFE0F  Config already exists: ${configPath}`));
+      try {
+        const existing = JSON.parse(fs23.readFileSync(configPath, "utf-8"));
+        const settings = existing.settings ?? {};
+        if (settings.mode !== chosenMode) {
+          settings.mode = chosenMode;
+          existing.settings = settings;
+          fs23.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n");
+          console.log(chalk11.green(`\u2705 Mode updated: ${chosenMode}`));
+        } else {
+          console.log(chalk11.blue(`\u2139\uFE0F  Config already exists: ${configPath}`));
+        }
+      } catch {
+        console.log(chalk11.blue(`\u2139\uFE0F  Config already exists: ${configPath}`));
+      }
     } else {
-      const requestedMode = options.mode.toLowerCase();
-      const safeMode = ["standard", "strict", "audit"].includes(requestedMode) ? requestedMode : DEFAULT_CONFIG.settings.mode;
       const configToSave = {
         ...DEFAULT_CONFIG,
-        settings: { ...DEFAULT_CONFIG.settings, mode: safeMode }
+        settings: { ...DEFAULT_CONFIG.settings, mode: chosenMode }
       };
       const dir = path25.dirname(configPath);
       if (!fs23.existsSync(dir)) fs23.mkdirSync(dir, { recursive: true });
-      fs23.writeFileSync(configPath, JSON.stringify(configToSave, null, 2));
+      fs23.writeFileSync(configPath, JSON.stringify(configToSave, null, 2) + "\n");
       console.log(chalk11.green(`\u2705 Config created: ${configPath}`));
-      console.log(chalk11.gray(`   Mode: ${safeMode}`));
+      console.log(chalk11.gray(`   Mode: ${chosenMode}`));
     }
     if (options.skipSetup) return;
     console.log("");
@@ -9743,14 +10008,20 @@ function registerInitCommand(program2) {
       else if (agent === "cursor") await setupCursor();
       console.log("");
     }
-    if (detected.claude) {
-      setupHud();
-      console.log(chalk11.green("\u2705 node9 HUD added to Claude Code statusline"));
-      console.log(chalk11.gray("   Restart Claude Code to activate the security statusline."));
+    {
+      const { confirm: confirm3 } = await import("@inquirer/prompts");
+      const sendTelemetry = await confirm3({
+        message: "Send anonymous usage stats to help improve node9? (no code, no args)",
+        default: true
+      });
+      if (sendTelemetry) fireTelemetryPing(found);
       console.log("");
     }
     console.log(chalk11.green.bold("\u{1F6E1}\uFE0F  Node9 is ready!"));
-    console.log(chalk11.gray("   Run: node9 daemon start"));
+    console.log("");
+    console.log(chalk11.white("  Start watching:  ") + chalk11.cyan("node9 tail"));
+    console.log(chalk11.white("  Browser view:    ") + chalk11.cyan("node9 daemon --openui"));
+    console.log(chalk11.white("  Cloud dashboard: ") + chalk11.cyan("node9.ai"));
   });
 }
 
@@ -10312,6 +10583,347 @@ function registerMcpGatewayCommand(program2) {
   });
 }
 
+// src/mcp-server/index.ts
+import readline4 from "readline";
+import fs24 from "fs";
+import os20 from "os";
+import path27 from "path";
+init_core();
+init_daemon();
+init_shields();
+function ok(id, result) {
+  return JSON.stringify({ jsonrpc: "2.0", id: id ?? null, result });
+}
+function err(id, code, message) {
+  return JSON.stringify({ jsonrpc: "2.0", id: id ?? null, error: { code, message } });
+}
+var TOOLS = [
+  {
+    name: "node9_status",
+    description: "Show the current node9 protection status: mode, daemon state, undo engine, pause state, active shields, and whether agent hooks are wired. Use this to understand what protection is active before doing risky work.",
+    inputSchema: { type: "object", properties: {}, required: [] }
+  },
+  {
+    name: "node9_config_get",
+    description: "Read the current node9 configuration: security mode, approver channels, timeouts, DLP settings, and the number of active smart rules. Returns the merged config (env > cloud > project > global > defaults).",
+    inputSchema: { type: "object", properties: {}, required: [] }
+  },
+  {
+    name: "node9_shield_list",
+    description: "List all available node9 shields and which ones are currently active. Shields are pre-packaged rule sets for specific services (postgres, aws, github, filesystem).",
+    inputSchema: { type: "object", properties: {}, required: [] }
+  },
+  {
+    name: "node9_shield_enable",
+    description: "Enable a node9 shield for a specific service. Shields only add protection \u2014 they cannot be used to weaken or bypass node9. Use node9_shield_list to see available shield names.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        service: {
+          type: "string",
+          description: 'Shield name to enable (e.g. "postgres", "aws", "github", "filesystem").'
+        }
+      },
+      required: ["service"]
+    }
+  },
+  {
+    name: "node9_approver_list",
+    description: "List all node9 approver channels and their current enabled/disabled state. Approvers are the channels through which node9 asks a human to approve risky tool calls. Channels: native (OS popup), browser (web UI), cloud (team policy server), terminal (stdin).",
+    inputSchema: { type: "object", properties: {}, required: [] }
+  },
+  {
+    name: "node9_approver_set",
+    description: "Enable or disable a specific node9 approver channel in the global config (~/.node9/config.json). Use this to turn individual channels on or off without touching other settings. Channels: native, browser, cloud, terminal. WARNING: disabling all approvers means node9 cannot prompt for human approval \u2014 use with care.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        channel: {
+          type: "string",
+          enum: ["native", "browser", "cloud", "terminal"],
+          description: "Approver channel to configure."
+        },
+        enabled: {
+          type: "boolean",
+          description: "true to enable the channel, false to disable it."
+        }
+      },
+      required: ["channel", "enabled"]
+    }
+  },
+  {
+    name: "node9_undo_list",
+    description: "List the node9 snapshot history. Each entry shows the git hash, tool that triggered it, a short summary, affected files, working directory, and timestamp. Use this to find a hash before calling node9_undo_revert.",
+    inputSchema: { type: "object", properties: {}, required: [] }
+  },
+  {
+    name: "node9_undo_revert",
+    description: "Revert the working directory to a specific node9 snapshot. Call node9_undo_list first to find the hash you want to restore. WARNING: this overwrites current files \u2014 any unsaved work will be lost.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        hash: {
+          type: "string",
+          description: "The full git commit hash from node9_undo_list."
+        },
+        cwd: {
+          type: "string",
+          description: "Absolute path to the project directory. Defaults to process.cwd()."
+        }
+      },
+      required: ["hash"]
+    }
+  }
+];
+function handleStatus() {
+  const config = getConfig();
+  const settings = config.settings;
+  const paused = checkPause();
+  const daemonUp = isDaemonRunning();
+  const activeShields = readActiveShields();
+  const lines = [];
+  lines.push(`Mode: ${settings.mode}`);
+  lines.push(`Daemon: ${daemonUp ? "running" : "stopped"}`);
+  lines.push(`Undo engine: ${settings.enableUndo ? "enabled" : "disabled"}`);
+  if (paused.paused) {
+    const until = paused.expiresAt ? new Date(paused.expiresAt).toLocaleTimeString() : "indefinitely";
+    lines.push(`PAUSED until ${until} \u2014 all tool calls currently allowed`);
+  } else {
+    lines.push(`Pause state: not paused`);
+  }
+  lines.push(`Active shields: ${activeShields.length > 0 ? activeShields.join(", ") : "none"}`);
+  lines.push(`Smart rules: ${config.policy.smartRules.length} loaded`);
+  lines.push(`DLP: ${config.policy.dlp?.enabled !== false ? "enabled" : "disabled"}`);
+  const projectConfig = path27.join(process.cwd(), "node9.config.json");
+  const globalConfig = path27.join(os20.homedir(), ".node9", "config.json");
+  lines.push(
+    `Project config (node9.config.json): ${fs24.existsSync(projectConfig) ? "present" : "not found"}`
+  );
+  lines.push(
+    `Global config (~/.node9/config.json): ${fs24.existsSync(globalConfig) ? "present" : "not found"}`
+  );
+  return lines.join("\n");
+}
+function handleConfigGet() {
+  const config = getConfig();
+  const s = config.settings;
+  const lines = [
+    `mode: ${s.mode}`,
+    `enableUndo: ${s.enableUndo}`,
+    `flightRecorder: ${s.flightRecorder}`,
+    `approvalTimeoutMs: ${s.approvalTimeoutMs}`,
+    `approvers:`,
+    `  native:   ${s.approvers.native}`,
+    `  browser:  ${s.approvers.browser}`,
+    `  cloud:    ${s.approvers.cloud}`,
+    `  terminal: ${s.approvers.terminal}`,
+    `dlp.enabled: ${config.policy.dlp?.enabled !== false}`,
+    `dlp.scanIgnoredTools: ${config.policy.dlp?.scanIgnoredTools !== false}`,
+    `smartRules: ${config.policy.smartRules.length} active`,
+    `sandboxPaths: ${config.policy.sandboxPaths.length > 0 ? config.policy.sandboxPaths.join(", ") : "none"}`
+  ];
+  return lines.join("\n");
+}
+function handleShieldList() {
+  const all = listShields();
+  const active = new Set(readActiveShields());
+  if (all.length === 0) return "No shields available.";
+  const lines = all.map((shield) => {
+    const on = active.has(shield.name);
+    const ruleCount = shield.smartRules.length;
+    return `${on ? "[active]" : "[off]   "} ${shield.name.padEnd(12)} \u2014 ${shield.description ?? ""} (${ruleCount} rule${ruleCount === 1 ? "" : "s"})`;
+  });
+  lines.unshift(`${active.size} of ${all.length} shields active:
+`);
+  return lines.join("\n");
+}
+function handleShieldEnable(args) {
+  const service = args.service;
+  if (typeof service !== "string" || !service) {
+    throw new Error("service is required");
+  }
+  const name = resolveShieldName(service);
+  if (!name) {
+    throw new Error(
+      `Unknown shield: "${service}". Run node9_shield_list to see available shields.`
+    );
+  }
+  const active = readActiveShields();
+  if (active.includes(name)) {
+    return `Shield "${name}" is already active.`;
+  }
+  writeActiveShields([...active, name]);
+  const shield = getShield(name);
+  return `Shield "${name}" enabled \u2014 ${shield.smartRules.length} smart rule${shield.smartRules.length === 1 ? "" : "s"} now active.`;
+}
+var GLOBAL_CONFIG_PATH2 = path27.join(os20.homedir(), ".node9", "config.json");
+var APPROVER_CHANNELS = ["native", "browser", "cloud", "terminal"];
+function readGlobalConfigRaw() {
+  try {
+    if (fs24.existsSync(GLOBAL_CONFIG_PATH2)) {
+      return JSON.parse(fs24.readFileSync(GLOBAL_CONFIG_PATH2, "utf-8"));
+    }
+  } catch {
+  }
+  return {};
+}
+function writeGlobalConfigRaw(data) {
+  const dir = path27.dirname(GLOBAL_CONFIG_PATH2);
+  if (!fs24.existsSync(dir)) fs24.mkdirSync(dir, { recursive: true });
+  fs24.writeFileSync(GLOBAL_CONFIG_PATH2, JSON.stringify(data, null, 2) + "\n");
+}
+function handleApproverList() {
+  const config = getConfig();
+  const approvers = config.settings.approvers;
+  const lines = ["Approver channels:\n"];
+  for (const ch of APPROVER_CHANNELS) {
+    const on = approvers[ch];
+    lines.push(`  ${on ? "[enabled] " : "[disabled]"} ${ch}`);
+  }
+  const enabledCount = APPROVER_CHANNELS.filter((ch) => approvers[ch]).length;
+  if (enabledCount === 0) {
+    lines.push("\nWARNING: all approver channels are disabled \u2014 node9 cannot prompt for approval.");
+  }
+  return lines.join("\n");
+}
+function handleApproverSet(args) {
+  const channel = args.channel;
+  const enabled = args.enabled;
+  if (!channel || !APPROVER_CHANNELS.includes(channel)) {
+    throw new Error(
+      `Invalid channel: "${channel}". Must be one of: ${APPROVER_CHANNELS.join(", ")}.`
+    );
+  }
+  if (typeof enabled !== "boolean") {
+    throw new Error("enabled must be a boolean (true or false).");
+  }
+  const raw = readGlobalConfigRaw();
+  const settings = raw.settings ?? {};
+  const approvers = settings.approvers ?? {};
+  approvers[channel] = enabled;
+  settings.approvers = approvers;
+  raw.settings = settings;
+  writeGlobalConfigRaw(raw);
+  const currentApprovers = getConfig().settings.approvers;
+  const anyEnabled = APPROVER_CHANNELS.some(
+    (ch) => ch === channel ? enabled : currentApprovers[ch]
+  );
+  const suffix = anyEnabled ? "" : "\nWARNING: all approver channels are now disabled \u2014 node9 cannot prompt for approval.";
+  return `Approver channel "${channel}" ${enabled ? "enabled" : "disabled"} in ~/.node9/config.json.${suffix}`;
+}
+function handleUndoList() {
+  const history = getSnapshotHistory();
+  if (history.length === 0) {
+    return "No snapshots found. Node9 captures snapshots automatically before file edits.";
+  }
+  const lines = history.slice().reverse().map((entry, i) => {
+    const date = new Date(entry.timestamp).toLocaleString();
+    const files = entry.files?.length ? `${entry.files.length} file(s)` : "unknown files";
+    const summary = entry.argsSummary ? ` \u2014 ${entry.argsSummary}` : "";
+    return `[${i + 1}] ${entry.hash.slice(0, 7)}  ${date}  ${entry.tool}${summary}  (${files})  cwd: ${entry.cwd}
+    full hash: ${entry.hash}`;
+  });
+  return lines.join("\n\n");
+}
+function handleUndoRevert(args) {
+  const hash = args.hash;
+  if (typeof hash !== "string" || !hash) {
+    throw new Error("hash is required and must be a non-empty string");
+  }
+  if (!/^[0-9a-f]{7,40}$/i.test(hash)) {
+    throw new Error(`Invalid hash format: ${hash}`);
+  }
+  const cwd = typeof args.cwd === "string" && args.cwd ? args.cwd : process.cwd();
+  const success = applyUndo(hash, cwd);
+  if (!success) {
+    throw new Error(
+      `Revert failed for hash ${hash}. The snapshot may not exist for this directory, or git encountered an error.`
+    );
+  }
+  return `Successfully reverted to snapshot ${hash.slice(0, 7)} in ${cwd}.`;
+}
+function runMcpServer() {
+  const rl = readline4.createInterface({ input: process.stdin, terminal: false });
+  rl.on("line", (line) => {
+    let msg;
+    try {
+      msg = JSON.parse(line);
+    } catch {
+      process.stdout.write(err(null, -32700, "Parse error") + "\n");
+      return;
+    }
+    const { method, id, params } = msg;
+    if (method === "initialize") {
+      process.stdout.write(
+        ok(id, {
+          protocolVersion: "2024-11-05",
+          serverInfo: { name: "node9", version: "1.0.0" },
+          capabilities: { tools: {} }
+        }) + "\n"
+      );
+      return;
+    }
+    if (id === void 0 || id === null) {
+      return;
+    }
+    if (method === "tools/list") {
+      process.stdout.write(ok(id, { tools: TOOLS }) + "\n");
+      return;
+    }
+    if (method === "tools/call") {
+      const p = params ?? {};
+      const toolName = p.name;
+      const toolArgs = p.arguments ?? {};
+      try {
+        let text;
+        if (toolName === "node9_status") {
+          text = handleStatus();
+        } else if (toolName === "node9_config_get") {
+          text = handleConfigGet();
+        } else if (toolName === "node9_shield_list") {
+          text = handleShieldList();
+        } else if (toolName === "node9_shield_enable") {
+          text = handleShieldEnable(toolArgs);
+        } else if (toolName === "node9_approver_list") {
+          text = handleApproverList();
+        } else if (toolName === "node9_approver_set") {
+          text = handleApproverSet(toolArgs);
+        } else if (toolName === "node9_undo_list") {
+          text = handleUndoList();
+        } else if (toolName === "node9_undo_revert") {
+          text = handleUndoRevert(toolArgs);
+        } else {
+          process.stdout.write(err(id, -32601, `Unknown tool: ${toolName}`) + "\n");
+          return;
+        }
+        process.stdout.write(ok(id, { content: [{ type: "text", text }] }) + "\n");
+      } catch (e) {
+        const message = e instanceof Error ? e.message : String(e);
+        process.stdout.write(
+          ok(id, {
+            content: [{ type: "text", text: `Error: ${message}` }],
+            isError: true
+          }) + "\n"
+        );
+      }
+      return;
+    }
+    process.stdout.write(err(id, -32601, `Method not found: ${method}`) + "\n");
+  });
+  rl.on("close", () => {
+    process.exit(0);
+  });
+}
+
+// src/cli/commands/mcp-server.ts
+function registerMcpServerCommand(program2) {
+  program2.command("mcp-server").description(
+    "Run the Node9 MCP server \u2014 exposes node9 tools (undo, rules, \u2026) to Claude, Cursor, and Gemini"
+  ).action(() => {
+    runMcpServer();
+  });
+}
+
 // src/cli/commands/trust.ts
 init_trusted_hosts();
 import chalk16 from "chalk";
@@ -10369,20 +10981,20 @@ function registerTrustCommand(program2) {
 
 // src/cli.ts
 var { version } = JSON.parse(
-  fs26.readFileSync(path29.join(__dirname, "../package.json"), "utf-8")
+  fs27.readFileSync(path30.join(__dirname, "../package.json"), "utf-8")
 );
 var program = new Command();
 program.name("node9").description("The Sudo Command for AI Agents").version(version);
 program.command("login").argument("<apiKey>").option("--local", "Save key for audit/logging only \u2014 local config still controls all decisions").option("--profile <name>", 'Save as a named profile (default: "default")').action((apiKey, options) => {
   const DEFAULT_API_URL = "https://api.node9.ai/api/v1/intercept";
-  const credPath = path29.join(os22.homedir(), ".node9", "credentials.json");
-  if (!fs26.existsSync(path29.dirname(credPath)))
-    fs26.mkdirSync(path29.dirname(credPath), { recursive: true });
+  const credPath = path30.join(os23.homedir(), ".node9", "credentials.json");
+  if (!fs27.existsSync(path30.dirname(credPath)))
+    fs27.mkdirSync(path30.dirname(credPath), { recursive: true });
   const profileName = options.profile || "default";
   let existingCreds = {};
   try {
-    if (fs26.existsSync(credPath)) {
-      const raw = JSON.parse(fs26.readFileSync(credPath, "utf-8"));
+    if (fs27.existsSync(credPath)) {
+      const raw = JSON.parse(fs27.readFileSync(credPath, "utf-8"));
       if (raw.apiKey) {
         existingCreds = {
           default: { apiKey: raw.apiKey, apiUrl: raw.apiUrl || DEFAULT_API_URL }
@@ -10394,13 +11006,13 @@ program.command("login").argument("<apiKey>").option("--local", "Save key for au
   } catch {
   }
   existingCreds[profileName] = { apiKey, apiUrl: DEFAULT_API_URL };
-  fs26.writeFileSync(credPath, JSON.stringify(existingCreds, null, 2), { mode: 384 });
+  fs27.writeFileSync(credPath, JSON.stringify(existingCreds, null, 2), { mode: 384 });
   if (profileName === "default") {
-    const configPath = path29.join(os22.homedir(), ".node9", "config.json");
+    const configPath = path30.join(os23.homedir(), ".node9", "config.json");
     let config = {};
     try {
-      if (fs26.existsSync(configPath))
-        config = JSON.parse(fs26.readFileSync(configPath, "utf-8"));
+      if (fs27.existsSync(configPath))
+        config = JSON.parse(fs27.readFileSync(configPath, "utf-8"));
     } catch {
     }
     if (!config.settings || typeof config.settings !== "object") config.settings = {};
@@ -10415,9 +11027,9 @@ program.command("login").argument("<apiKey>").option("--local", "Save key for au
       approvers.cloud = false;
     }
     s.approvers = approvers;
-    if (!fs26.existsSync(path29.dirname(configPath)))
-      fs26.mkdirSync(path29.dirname(configPath), { recursive: true });
-    fs26.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 384 });
+    if (!fs27.existsSync(path30.dirname(configPath)))
+      fs27.mkdirSync(path30.dirname(configPath), { recursive: true });
+    fs27.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 384 });
   }
   if (options.profile && profileName !== "default") {
     console.log(chalk18.green(`\u2705 Profile "${profileName}" saved`));
@@ -10477,8 +11089,8 @@ program.command("removefrom").description("Remove Node9 hooks from an AI agent c
 `));
   try {
     fn();
-  } catch (err) {
-    console.error(chalk18.red(`  \u26A0\uFE0F  Failed: ${err instanceof Error ? err.message : String(err)}`));
+  } catch (err2) {
+    console.error(chalk18.red(`  \u26A0\uFE0F  Failed: ${err2 instanceof Error ? err2.message : String(err2)}`));
     process.exit(1);
   }
   console.log(chalk18.gray("\n  Restart the agent for changes to take effect."));
@@ -10501,25 +11113,25 @@ program.command("uninstall").description("Remove all Node9 hooks and optionally
   ]) {
     try {
       fn();
-    } catch (err) {
+    } catch (err2) {
       teardownFailed = true;
       console.error(
         chalk18.red(
-          `  \u26A0\uFE0F  Failed to remove ${label} hooks: ${err instanceof Error ? err.message : String(err)}`
+          `  \u26A0\uFE0F  Failed to remove ${label} hooks: ${err2 instanceof Error ? err2.message : String(err2)}`
         )
       );
     }
   }
   if (options.purge) {
-    const node9Dir = path29.join(os22.homedir(), ".node9");
-    if (fs26.existsSync(node9Dir)) {
+    const node9Dir = path30.join(os23.homedir(), ".node9");
+    if (fs27.existsSync(node9Dir)) {
       const confirmed = await confirm2({
         message: `Permanently delete ${node9Dir} (config, audit log, credentials)?`,
         default: false
       });
       if (confirmed) {
-        fs26.rmSync(node9Dir, { recursive: true });
-        if (fs26.existsSync(node9Dir)) {
+        fs27.rmSync(node9Dir, { recursive: true });
+        if (fs27.existsSync(node9Dir)) {
           console.error(
             chalk18.red("\n  \u26A0\uFE0F  ~/.node9/ could not be fully deleted \u2014 remove it manually.")
           );
@@ -10626,13 +11238,14 @@ program.command("tail").description("Stream live agent activity to the terminal"
   const { startTail: startTail2 } = await Promise.resolve().then(() => (init_tail(), tail_exports));
   try {
     await startTail2(options);
-  } catch (err) {
-    console.error(chalk18.red(`\u274C ${err instanceof Error ? err.message : String(err)}`));
+  } catch (err2) {
+    console.error(chalk18.red(`\u274C ${err2 instanceof Error ? err2.message : String(err2)}`));
     process.exit(1);
   }
 });
 registerWatchCommand(program);
 registerMcpGatewayCommand(program);
+registerMcpServerCommand(program);
 registerCheckCommand(program);
 registerLogCommand(program);
 program.command("hud").description("Render node9 security statusline (spawned by Claude Code statusLine)").action(async () => {
@@ -10735,9 +11348,9 @@ if (process.argv[2] !== "daemon") {
     const isCheckHook = process.argv[2] === "check";
     if (isCheckHook) {
       if (process.env.NODE9_DEBUG === "1" || getConfig().settings.enableHookLogDebug) {
-        const logPath = path29.join(os22.homedir(), ".node9", "hook-debug.log");
+        const logPath = path30.join(os23.homedir(), ".node9", "hook-debug.log");
         const msg = reason instanceof Error ? reason.message : String(reason);
-        fs26.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] UNHANDLED: ${msg}
+        fs27.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] UNHANDLED: ${msg}
 `);
       }
       process.exit(0);