@node9/proxy 1.9.3 → 1.10.1

package/dist/cli.mjs

@@ -57,6 +57,11 @@ __export(audit_exports, {
 import fs from "fs";
 import path from "path";
 import os from "os";
+function isTestCall(toolName, args) {
+  if (toolName !== "Bash" && toolName !== "bash") return false;
+  const cmd = args?.command;
+  return typeof cmd === "string" && TEST_COMMAND_RE.test(cmd);
+}
 function redactSecrets(text) {
   if (!text) return text;
   let redacted = text;
@@ -92,12 +97,14 @@ function appendHookDebug(toolName, args, meta, auditHashArgsEnabled) {
 }
 function appendLocalAudit(toolName, args, decision, checkedBy, meta, auditHashArgsEnabled) {
   const argsField = auditHashArgsEnabled ? { argsHash: hashArgs(args) } : { args: args ? JSON.parse(redactSecrets(JSON.stringify(args))) : {} };
+  const testRun = isTestCall(toolName, args) ? { testRun: true } : {};
   appendToLog(LOCAL_AUDIT_LOG, {
     ts: (/* @__PURE__ */ new Date()).toISOString(),
     tool: toolName,
     ...argsField,
     decision,
     checkedBy,
+    ...testRun,
     agent: meta?.agent,
     mcpServer: meta?.mcpServer,
     hostname: os.hostname()
@@ -110,13 +117,14 @@ function appendConfigAudit(entry) {
     hostname: os.hostname()
   });
 }
-var LOCAL_AUDIT_LOG, HOOK_DEBUG_LOG;
+var LOCAL_AUDIT_LOG, HOOK_DEBUG_LOG, TEST_COMMAND_RE;
 var init_audit = __esm({
   "src/audit/index.ts"() {
     "use strict";
     init_hasher();
     LOCAL_AUDIT_LOG = path.join(os.homedir(), ".node9", "audit.log");
     HOOK_DEBUG_LOG = path.join(os.homedir(), ".node9", "hook-debug.log");
+    TEST_COMMAND_RE = /(?:^|\s)(npm\s+(?:run\s+)?test|npx\s+(?:vitest|jest|mocha)|yarn\s+(?:run\s+)?test|pnpm\s+(?:run\s+)?test|vitest|jest|mocha|pytest|py\.test|cargo\s+test|go\s+test|bundle\s+exec\s+rspec|rspec|phpunit|dotnet\s+test)\b/i;
   }
 });
 
@@ -139,8 +147,8 @@ function sanitizeConfig(raw) {
     }
   }
   const lines = result.error.issues.map((issue) => {
-    const path32 = issue.path.length > 0 ? issue.path.join(".") : "root";
-    return `  \u2022 ${path32}: ${issue.message}`;
+    const path35 = issue.path.length > 0 ? issue.path.join(".") : "root";
+    return `  \u2022 ${path35}: ${issue.message}`;
   });
   return {
     sanitized,
@@ -223,7 +231,8 @@ var init_config_schema = __esm({
         slackEnabled: z.boolean().optional(),
         enableTrustSessions: z.boolean().optional(),
         allowGlobalPause: z.boolean().optional(),
-        auditHashArgs: z.boolean().optional()
+        auditHashArgs: z.boolean().optional(),
+        agentPolicy: z.enum(["require_approval", "block_on_rules"]).optional()
       }).optional(),
       policy: z.object({
         sandboxPaths: z.array(z.string()).optional(),
@@ -239,6 +248,11 @@ var init_config_schema = __esm({
         dlp: z.object({
           enabled: z.boolean().optional(),
           scanIgnoredTools: z.boolean().optional()
+        }).optional(),
+        loopDetection: z.object({
+          enabled: z.boolean().optional(),
+          threshold: z.number().min(2).optional(),
+          windowSeconds: z.number().min(10).optional()
         }).optional()
       }).optional(),
       environments: z.record(z.object({ requireApproval: z.boolean().optional() })).optional()
@@ -536,7 +550,8 @@ function getConfig(cwd) {
       onlyPaths: [...DEFAULT_CONFIG.policy.snapshot.onlyPaths],
       ignorePaths: [...DEFAULT_CONFIG.policy.snapshot.ignorePaths]
     },
-    dlp: { ...DEFAULT_CONFIG.policy.dlp }
+    dlp: { ...DEFAULT_CONFIG.policy.dlp },
+    loopDetection: { ...DEFAULT_CONFIG.policy.loopDetection }
   };
   const mergedEnvironments = { ...DEFAULT_CONFIG.environments };
   const applyLayer = (source) => {
@@ -575,6 +590,13 @@ function getConfig(cwd) {
       if (d.enabled !== void 0) mergedPolicy.dlp.enabled = d.enabled;
       if (d.scanIgnoredTools !== void 0) mergedPolicy.dlp.scanIgnoredTools = d.scanIgnoredTools;
     }
+    if (p.loopDetection) {
+      const ld = p.loopDetection;
+      if (ld.enabled !== void 0) mergedPolicy.loopDetection.enabled = ld.enabled;
+      if (ld.threshold !== void 0) mergedPolicy.loopDetection.threshold = ld.threshold;
+      if (ld.windowSeconds !== void 0)
+        mergedPolicy.loopDetection.windowSeconds = ld.windowSeconds;
+    }
     const envs = source.environments || {};
     for (const [envName, envConfig] of Object.entries(envs)) {
       if (envConfig && typeof envConfig === "object") {
@@ -878,7 +900,8 @@ var init_config = __esm({
             description: "The AI wants to download a script from the internet and run it immediately, without you seeing what it contains. This is one of the most common ways malware gets installed."
           }
         ],
-        dlp: { enabled: true, scanIgnoredTools: true }
+        dlp: { enabled: true, scanIgnoredTools: true },
+        loopDetection: { enabled: true, threshold: 5, windowSeconds: 120 }
       },
       environments: {}
     };
@@ -1687,9 +1710,9 @@ function matchesPattern(text, patterns) {
   const withoutDotSlash = text.replace(/^\.\//, "");
   return isMatch(withoutDotSlash) || isMatch(`./${withoutDotSlash}`);
 }
-function getNestedValue(obj, path32) {
+function getNestedValue(obj, path35) {
   if (!obj || typeof obj !== "object") return null;
-  return path32.split(".").reduce((prev, curr) => prev?.[curr], obj);
+  return path35.split(".").reduce((prev, curr) => prev?.[curr], obj);
 }
 function shouldSnapshot(toolName, args, config) {
   if (!config.settings.enableUndo) return false;
@@ -2769,11 +2792,12 @@ ${smartTruncate(str, 500)}`
 function escapePango(text) {
   return text.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
 }
-function buildPlainMessage(toolName, formattedArgs, agent, explainableLabel, locked, allowCount = 1) {
+function buildPlainMessage(toolName, formattedArgs, agent, explainableLabel, locked, allowCount = 1, ruleDescription) {
   const lines = [];
   if (locked) lines.push("\u26A0\uFE0F  LOCKED BY ADMIN POLICY\n");
   lines.push(`\u{1F916} ${agent || "AI Agent"}  |  \u{1F527} ${toolName}`);
   lines.push(`\u{1F6E1}\uFE0F  ${explainableLabel || "Security Policy"}`);
+  if (ruleDescription) lines.push(`\u2139  ${ruleDescription}`);
   lines.push("");
   lines.push(formattedArgs);
   if (allowCount >= 3) {
@@ -2786,7 +2810,7 @@ function buildPlainMessage(toolName, formattedArgs, agent, explainableLabel, loc
   }
   return lines.join("\n");
 }
-function buildPangoMessage(toolName, formattedArgs, agent, explainableLabel, locked, allowCount = 1) {
+function buildPangoMessage(toolName, formattedArgs, agent, explainableLabel, locked, allowCount = 1, ruleDescription) {
   const lines = [];
   if (locked) {
     lines.push('<span foreground="red" weight="bold">\u26A0\uFE0F  LOCKED BY ADMIN POLICY</span>');
@@ -2796,6 +2820,7 @@ function buildPangoMessage(toolName, formattedArgs, agent, explainableLabel, loc
     `<b>\u{1F916} ${escapePango(agent || "AI Agent")}</b>  |  <b>\u{1F527} <tt>${escapePango(toolName)}</tt></b>`
   );
   lines.push(`<i>\u{1F6E1}\uFE0F  ${escapePango(explainableLabel || "Security Policy")}</i>`);
+  if (ruleDescription) lines.push(`<i>\u2139  ${escapePango(ruleDescription)}</i>`);
   lines.push("");
   lines.push(`<tt>${escapePango(formattedArgs)}</tt>`);
   if (allowCount >= 3) {
@@ -2812,7 +2837,7 @@ function buildPangoMessage(toolName, formattedArgs, agent, explainableLabel, loc
   }
   return lines.join("\n");
 }
-async function askNativePopup(toolName, args, agent, explainableLabel, locked = false, signal, matchedField, matchedWord, allowCount = 1) {
+async function askNativePopup(toolName, args, agent, explainableLabel, locked = false, signal, matchedField, matchedWord, allowCount = 1, ruleDescription) {
   if (isTestEnv()) return "deny";
   const { message: formattedArgs, intent } = formatArgs(args, matchedField, matchedWord);
   const intentLabel = intent === "EDIT" ? "Code Edit" : "Action Approval";
@@ -2823,7 +2848,8 @@ async function askNativePopup(toolName, args, agent, explainableLabel, locked =
     agent,
     explainableLabel,
     locked,
-    allowCount
+    allowCount,
+    ruleDescription
   );
   return new Promise((resolve) => {
     let childProcess = null;
@@ -2857,7 +2883,8 @@ end run`;
           agent,
           explainableLabel,
           locked,
-          allowCount
+          allowCount,
+          ruleDescription
         );
         const argsList = [
           locked ? "--info" : "--question",
@@ -2931,7 +2958,7 @@ function auditLocalAllow(toolName, args, checkedBy, creds, meta) {
   }).catch(() => {
   });
 }
-async function initNode9SaaS(toolName, args, creds, meta, riskMetadata) {
+async function initNode9SaaS(toolName, args, creds, meta, riskMetadata, agentPolicy, forceReview) {
   const controller = new AbortController();
   const timeout = setTimeout(() => controller.abort(), 1e4);
   if (!creds.apiKey) throw new Error("Node9 API Key is missing");
@@ -2976,7 +3003,9 @@ async function initNode9SaaS(toolName, args, creds, meta, riskMetadata) {
           platform: os9.platform()
         },
         ...riskMetadata && { riskMetadata },
-        ...ciContext && { ciContext }
+        ...ciContext && { ciContext },
+        ...agentPolicy && { policy: agentPolicy },
+        ...forceReview && { forceReview: true }
       }),
       signal: controller.signal
     });
@@ -3056,6 +3085,58 @@ var init_cloud = __esm({
   }
 });
 
+// src/loop-detector.ts
+import fs11 from "fs";
+import path14 from "path";
+import os10 from "os";
+import crypto2 from "crypto";
+function loopStateFile() {
+  return path14.join(os10.homedir(), ".node9", "loop-state.json");
+}
+function computeArgsHash(args) {
+  const str = JSON.stringify(args ?? "");
+  return crypto2.createHash("sha256").update(str).digest("hex").slice(0, 16);
+}
+function readState() {
+  try {
+    if (!fs11.existsSync(loopStateFile())) return [];
+    const raw = fs11.readFileSync(loopStateFile(), "utf-8");
+    const parsed = JSON.parse(raw);
+    if (!Array.isArray(parsed)) return [];
+    return parsed;
+  } catch {
+    return [];
+  }
+}
+function writeState(records) {
+  const dir = path14.dirname(loopStateFile());
+  if (!fs11.existsSync(dir)) fs11.mkdirSync(dir, { recursive: true });
+  const tmpPath = `${loopStateFile()}.${os10.hostname()}.${process.pid}.tmp`;
+  fs11.writeFileSync(tmpPath, JSON.stringify(records));
+  fs11.renameSync(tmpPath, loopStateFile());
+}
+function recordAndCheck(tool, args, threshold = 3, windowMs = 12e4) {
+  try {
+    const hash = computeArgsHash(args);
+    const now = Date.now();
+    const cutoff = now - windowMs;
+    const records = readState().filter((r) => r.ts >= cutoff);
+    records.push({ t: tool, h: hash, ts: now });
+    const count = records.filter((r) => r.t === tool && r.h === hash).length;
+    writeState(records.slice(-MAX_RECORDS));
+    return { looping: count >= threshold, count };
+  } catch {
+    return { looping: false, count: 0 };
+  }
+}
+var MAX_RECORDS;
+var init_loop_detector = __esm({
+  "src/loop-detector.ts"() {
+    "use strict";
+    MAX_RECORDS = 500;
+  }
+});
+
 // src/auth/orchestrator.ts
 import { randomUUID } from "crypto";
 function isWriteTool(toolName) {
@@ -3144,6 +3225,7 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
   let explainableLabel = "Local Config";
   let policyMatchedField;
   let policyMatchedWord;
+  let policyRuleDescription;
   let riskMetadata;
   let statefulRecoveryCommand;
   let localSmartRuleMatched = false;
@@ -3237,6 +3319,21 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
     return { approved: true, checkedBy: "audit" };
   }
   if (!taintWarning && !isIgnoredTool(toolName)) {
+    const ld = config.policy.loopDetection;
+    if (ld.enabled) {
+      const loopResult = recordAndCheck(toolName, args, ld.threshold, ld.windowSeconds * 1e3);
+      if (loopResult.looping) {
+        const reason = `It looks like you've called "${toolName}" ${loopResult.count} times with identical arguments in the last ${ld.windowSeconds}s. Are you stuck? Step back and reconsider your approach \u2014 what are you actually trying to accomplish, and is there a different way to get there?`;
+        if (!isManual)
+          appendLocalAudit(toolName, args, "deny", "loop-detected", meta, hashAuditArgs);
+        return {
+          approved: false,
+          reason,
+          blockedBy: "loop-detection",
+          blockedByLabel: "\u{1F504} Loop Detected"
+        };
+      }
+    }
     if (getActiveTrustSession(toolName)) {
       if (approvers.cloud && creds?.apiKey)
         await auditLocalAllow(toolName, args, "trust", creds, meta);
@@ -3292,6 +3389,8 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
     policyMatchedField = policyResult.matchedField;
     policyMatchedWord = policyResult.matchedWord;
     if (policyResult.ruleName) localSmartRuleMatched = true;
+    if (policyResult.ruleDescription) policyRuleDescription = policyResult.ruleDescription;
+    else if (policyResult.reason) policyRuleDescription = policyResult.reason;
     riskMetadata = computeRiskMetadata(
       args,
       policyResult.tier ?? 6,
@@ -3300,6 +3399,7 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
       policyMatchedWord,
       policyResult.ruleName
     );
+    if (policyRuleDescription) riskMetadata.ruleDescription = policyRuleDescription.slice(0, 200);
     const persistent = policyResult.ruleName ? null : getPersistentDecision(toolName);
     if (persistent === "allow") {
       if (approvers.cloud && creds?.apiKey)
@@ -3334,9 +3434,18 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
   }
   let cloudRequestId = null;
   const cloudEnforced = approvers.cloud && !!creds?.apiKey;
-  if (cloudEnforced && !localSmartRuleMatched && !options?.localSmartRuleMatched) {
+  const forceReview = localSmartRuleMatched === true || options?.localSmartRuleMatched === true || void 0;
+  if (cloudEnforced) {
     try {
-      const initResult = await initNode9SaaS(toolName, args, creds, meta, riskMetadata);
+      const initResult = await initNode9SaaS(
+        toolName,
+        args,
+        creds,
+        meta,
+        riskMetadata,
+        config.settings.agentPolicy,
+        forceReview
+      );
       if (!initResult.pending) {
         if (initResult.shadowMode) {
           return { approved: true, checkedBy: "cloud" };
@@ -3351,9 +3460,7 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
           };
         }
       }
-      if (!localSmartRuleMatched && !options?.localSmartRuleMatched) {
-        cloudRequestId = initResult.requestId || null;
-      }
+      if (initResult.pending) cloudRequestId = initResult.requestId || null;
       if (!taintWarning) explainableLabel = "Organization Policy (SaaS)";
     } catch {
     }
@@ -3410,7 +3517,7 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
       }
     }
   }
-  if (cloudEnforced && cloudRequestId && !localSmartRuleMatched && !options?.localSmartRuleMatched) {
+  if (cloudEnforced && cloudRequestId) {
     racePromises.push(
       (async () => {
         try {
@@ -3442,7 +3549,8 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
           signal,
           policyMatchedField,
           policyMatchedWord,
-          daemonAllowCount
+          daemonAllowCount,
+          riskMetadata?.ruleDescription
         );
         if (decision === "always_allow") {
           writeTrustSession(toolName, 36e5);
@@ -3555,7 +3663,8 @@ REASON: Action blocked because no approval channels are available. (Native/Brows
       hashAuditArgs
     );
   }
-  return finalResult;
+  const enrichedResult = !finalResult.approved && policyRuleDescription && !finalResult.ruleDescription ? { ...finalResult, ruleDescription: policyRuleDescription } : finalResult;
+  return enrichedResult;
 }
 var WRITE_TOOLS;
 var init_orchestrator = __esm({
@@ -3570,6 +3679,7 @@ var init_orchestrator = __esm({
     init_state();
     init_daemon();
     init_cloud();
+    init_loop_detector();
     WRITE_TOOLS = /* @__PURE__ */ new Set([
       "write",
       "write_file",
@@ -5307,8 +5417,8 @@ var init_suggestion_tracker = __esm({
 });
 
 // src/daemon/taint-store.ts
-import fs12 from "fs";
-import path15 from "path";
+import fs13 from "fs";
+import path16 from "path";
 var DEFAULT_TTL_MS, TaintStore;
 var init_taint_store = __esm({
   "src/daemon/taint-store.ts"() {
@@ -5377,9 +5487,9 @@ var init_taint_store = __esm({
       /** Resolve to absolute path, falling back to path.resolve if file doesn't exist yet. */
       _resolve(filePath) {
         try {
-          return fs12.realpathSync.native(path15.resolve(filePath));
+          return fs13.realpathSync.native(path16.resolve(filePath));
         } catch {
-          return path15.resolve(filePath);
+          return path16.resolve(filePath);
         }
       }
     };
@@ -5496,15 +5606,15 @@ var init_session_history = __esm({
 
 // src/daemon/state.ts
 import net2 from "net";
-import fs13 from "fs";
-import path16 from "path";
-import os11 from "os";
+import fs14 from "fs";
+import path17 from "path";
+import os12 from "os";
 import { spawn as spawn2 } from "child_process";
 import { randomUUID as randomUUID3 } from "crypto";
 function loadInsightCounts() {
   try {
-    if (!fs13.existsSync(INSIGHT_COUNTS_FILE)) return;
-    const data = JSON.parse(fs13.readFileSync(INSIGHT_COUNTS_FILE, "utf-8"));
+    if (!fs14.existsSync(INSIGHT_COUNTS_FILE)) return;
+    const data = JSON.parse(fs14.readFileSync(INSIGHT_COUNTS_FILE, "utf-8"));
     for (const [tool, count] of Object.entries(data)) {
       if (typeof count === "number" && count > 0) insightCounts.set(tool, count);
     }
@@ -5543,23 +5653,23 @@ function markRejectionHandlerRegistered() {
   daemonRejectionHandlerRegistered = true;
 }
 function atomicWriteSync2(filePath, data, options) {
-  const dir = path16.dirname(filePath);
-  if (!fs13.existsSync(dir)) fs13.mkdirSync(dir, { recursive: true });
+  const dir = path17.dirname(filePath);
+  if (!fs14.existsSync(dir)) fs14.mkdirSync(dir, { recursive: true });
   const tmpPath = `${filePath}.${randomUUID3()}.tmp`;
   try {
-    fs13.writeFileSync(tmpPath, data, options);
+    fs14.writeFileSync(tmpPath, data, options);
   } catch (err2) {
     try {
-      fs13.unlinkSync(tmpPath);
+      fs14.unlinkSync(tmpPath);
     } catch {
     }
     throw err2;
   }
   try {
-    fs13.renameSync(tmpPath, filePath);
+    fs14.renameSync(tmpPath, filePath);
   } catch (err2) {
     try {
-      fs13.unlinkSync(tmpPath);
+      fs14.unlinkSync(tmpPath);
     } catch {
     }
     throw err2;
@@ -5583,16 +5693,16 @@ function appendAuditLog(data) {
       decision: data.decision,
       source: "daemon"
     };
-    const dir = path16.dirname(AUDIT_LOG_FILE);
-    if (!fs13.existsSync(dir)) fs13.mkdirSync(dir, { recursive: true });
-    fs13.appendFileSync(AUDIT_LOG_FILE, JSON.stringify(entry) + "\n");
+    const dir = path17.dirname(AUDIT_LOG_FILE);
+    if (!fs14.existsSync(dir)) fs14.mkdirSync(dir, { recursive: true });
+    fs14.appendFileSync(AUDIT_LOG_FILE, JSON.stringify(entry) + "\n");
   } catch {
   }
 }
 function getAuditHistory(limit = 20) {
   try {
-    if (!fs13.existsSync(AUDIT_LOG_FILE)) return [];
-    const lines = fs13.readFileSync(AUDIT_LOG_FILE, "utf-8").trim().split("\n");
+    if (!fs14.existsSync(AUDIT_LOG_FILE)) return [];
+    const lines = fs14.readFileSync(AUDIT_LOG_FILE, "utf-8").trim().split("\n");
     if (lines.length === 1 && lines[0] === "") return [];
     return lines.slice(-limit).map((l) => JSON.parse(l)).reverse();
   } catch {
@@ -5601,19 +5711,19 @@ function getAuditHistory(limit = 20) {
 }
 function getOrgName() {
   try {
-    if (fs13.existsSync(CREDENTIALS_FILE)) return "Node9 Cloud";
+    if (fs14.existsSync(CREDENTIALS_FILE)) return "Node9 Cloud";
   } catch {
   }
   return null;
 }
 function hasStoredSlackKey() {
-  return fs13.existsSync(CREDENTIALS_FILE);
+  return fs14.existsSync(CREDENTIALS_FILE);
 }
 function writeGlobalSetting(key, value) {
   let config = {};
   try {
-    if (fs13.existsSync(GLOBAL_CONFIG_FILE)) {
-      config = JSON.parse(fs13.readFileSync(GLOBAL_CONFIG_FILE, "utf-8"));
+    if (fs14.existsSync(GLOBAL_CONFIG_FILE)) {
+      config = JSON.parse(fs14.readFileSync(GLOBAL_CONFIG_FILE, "utf-8"));
     }
   } catch {
   }
@@ -5625,8 +5735,8 @@ function writeTrustEntry(toolName, durationMs) {
   try {
     let trust = { entries: [] };
     try {
-      if (fs13.existsSync(TRUST_FILE2))
-        trust = JSON.parse(fs13.readFileSync(TRUST_FILE2, "utf-8"));
+      if (fs14.existsSync(TRUST_FILE2))
+        trust = JSON.parse(fs14.readFileSync(TRUST_FILE2, "utf-8"));
     } catch {
     }
     trust.entries = trust.entries.filter((e) => e.tool !== toolName && e.expiry > Date.now());
@@ -5637,8 +5747,8 @@ function writeTrustEntry(toolName, durationMs) {
 }
 function readPersistentDecisions() {
   try {
-    if (fs13.existsSync(DECISIONS_FILE)) {
-      return JSON.parse(fs13.readFileSync(DECISIONS_FILE, "utf-8"));
+    if (fs14.existsSync(DECISIONS_FILE)) {
+      return JSON.parse(fs14.readFileSync(DECISIONS_FILE, "utf-8"));
     }
   } catch {
   }
@@ -5675,7 +5785,7 @@ function estimateToolCost(tool, args) {
     const filePath = a.file_path ?? a.path;
     if (filePath) {
       try {
-        const bytes = fs13.statSync(filePath).size;
+        const bytes = fs14.statSync(filePath).size;
         return bytes / BYTES_PER_TOKEN / 1e6 * INPUT_PRICE_PER_1M;
       } catch {
       }
@@ -5733,7 +5843,7 @@ function abandonPending() {
   });
   if (autoStarted) {
     try {
-      fs13.unlinkSync(DAEMON_PID_FILE);
+      fs14.unlinkSync(DAEMON_PID_FILE);
     } catch {
     }
     setTimeout(() => {
@@ -5744,7 +5854,7 @@ function abandonPending() {
 }
 function startActivitySocket() {
   try {
-    fs13.unlinkSync(ACTIVITY_SOCKET_PATH2);
+    fs14.unlinkSync(ACTIVITY_SOCKET_PATH2);
   } catch {
   }
   const ACTIVITY_MAX_BYTES = 1024 * 1024;
@@ -5825,7 +5935,7 @@ function startActivitySocket() {
   unixServer.listen(ACTIVITY_SOCKET_PATH2);
   process.on("exit", () => {
     try {
-      fs13.unlinkSync(ACTIVITY_SOCKET_PATH2);
+      fs14.unlinkSync(ACTIVITY_SOCKET_PATH2);
     } catch {
     }
   });
@@ -5839,14 +5949,14 @@ var init_state2 = __esm({
     init_taint_store();
     init_session_counters();
     init_session_history();
-    homeDir = os11.homedir();
-    DAEMON_PID_FILE = path16.join(homeDir, ".node9", "daemon.pid");
-    DECISIONS_FILE = path16.join(homeDir, ".node9", "decisions.json");
-    AUDIT_LOG_FILE = path16.join(homeDir, ".node9", "audit.log");
-    TRUST_FILE2 = path16.join(homeDir, ".node9", "trust.json");
-    GLOBAL_CONFIG_FILE = path16.join(homeDir, ".node9", "config.json");
-    CREDENTIALS_FILE = path16.join(homeDir, ".node9", "credentials.json");
-    INSIGHT_COUNTS_FILE = path16.join(homeDir, ".node9", "insight-counts.json");
+    homeDir = os12.homedir();
+    DAEMON_PID_FILE = path17.join(homeDir, ".node9", "daemon.pid");
+    DECISIONS_FILE = path17.join(homeDir, ".node9", "decisions.json");
+    AUDIT_LOG_FILE = path17.join(homeDir, ".node9", "audit.log");
+    TRUST_FILE2 = path17.join(homeDir, ".node9", "trust.json");
+    GLOBAL_CONFIG_FILE = path17.join(homeDir, ".node9", "config.json");
+    CREDENTIALS_FILE = path17.join(homeDir, ".node9", "credentials.json");
+    INSIGHT_COUNTS_FILE = path17.join(homeDir, ".node9", "insight-counts.json");
     pending = /* @__PURE__ */ new Map();
     sseClients = /* @__PURE__ */ new Set();
     suggestionTracker = new SuggestionTracker(3);
@@ -5864,7 +5974,7 @@ var init_state2 = __esm({
       "2h": 2 * 60 * 6e4
     };
     autoStarted = process.env.NODE9_AUTO_STARTED === "1";
-    ACTIVITY_SOCKET_PATH2 = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : path16.join(os11.tmpdir(), "node9-activity.sock");
+    ACTIVITY_SOCKET_PATH2 = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : path17.join(os12.tmpdir(), "node9-activity.sock");
     ACTIVITY_RING_SIZE = 100;
     activityRing = [];
     SECRET_KEY_RE = /password|secret|token|key|apikey|credential|auth/i;
@@ -5886,14 +5996,14 @@ var init_state2 = __esm({
 });
 
 // src/config/patch.ts
-import fs14 from "fs";
-import path17 from "path";
-import os12 from "os";
+import fs15 from "fs";
+import path18 from "path";
+import os13 from "os";
 function patchConfig(configPath, patch) {
   let config = {};
   try {
-    if (fs14.existsSync(configPath)) {
-      config = JSON.parse(fs14.readFileSync(configPath, "utf8"));
+    if (fs15.existsSync(configPath)) {
+      config = JSON.parse(fs15.readFileSync(configPath, "utf8"));
     }
   } catch {
     throw new Error(`Cannot read config at ${configPath} \u2014 file may be corrupted`);
@@ -5912,23 +6022,23 @@ function patchConfig(configPath, patch) {
       ignored.push(patch.toolName);
     }
   }
-  const dir = path17.dirname(configPath);
-  fs14.mkdirSync(dir, { recursive: true });
+  const dir = path18.dirname(configPath);
+  fs15.mkdirSync(dir, { recursive: true });
   const tmp = configPath + ".node9-tmp";
   try {
-    fs14.writeFileSync(tmp, JSON.stringify(config, null, 2), { mode: 384 });
+    fs15.writeFileSync(tmp, JSON.stringify(config, null, 2), { mode: 384 });
   } catch (err2) {
     try {
-      fs14.unlinkSync(tmp);
+      fs15.unlinkSync(tmp);
     } catch {
     }
     throw err2;
   }
   try {
-    fs14.renameSync(tmp, configPath);
+    fs15.renameSync(tmp, configPath);
   } catch (err2) {
     try {
-      fs14.unlinkSync(tmp);
+      fs15.unlinkSync(tmp);
     } catch {
     }
     throw err2;
@@ -5938,18 +6048,185 @@ var GLOBAL_CONFIG_PATH;
 var init_patch = __esm({
   "src/config/patch.ts"() {
     "use strict";
-    GLOBAL_CONFIG_PATH = path17.join(os12.homedir(), ".node9", "config.json");
+    GLOBAL_CONFIG_PATH = path18.join(os13.homedir(), ".node9", "config.json");
+  }
+});
+
+// src/costSync.ts
+import fs16 from "fs";
+import path19 from "path";
+import os14 from "os";
+function normalizeModel(raw) {
+  return raw.replace(/-\d{8}$/, "");
+}
+function pricingFor(model) {
+  const norm = normalizeModel(model);
+  if (PRICING[norm]) return PRICING[norm];
+  let best = null;
+  for (const key of Object.keys(PRICING)) {
+    if (norm.startsWith(key) && (best === null || key.length > best.length)) best = key;
+  }
+  return best ? PRICING[best] : null;
+}
+function parseJSONLFile(filePath) {
+  let content;
+  try {
+    content = fs16.readFileSync(filePath, "utf8");
+  } catch {
+    return /* @__PURE__ */ new Map();
+  }
+  const daily = /* @__PURE__ */ new Map();
+  for (const line of content.split("\n")) {
+    if (!line.trim()) continue;
+    let row;
+    try {
+      row = JSON.parse(line);
+    } catch {
+      continue;
+    }
+    if (row["type"] !== "assistant") continue;
+    const msg = row["message"];
+    if (!msg?.["usage"] || typeof msg["model"] !== "string") continue;
+    const usage = msg["usage"];
+    const model = msg["model"];
+    const timestamp = row["timestamp"];
+    if (typeof timestamp !== "string" || timestamp.length < 10) continue;
+    const date = timestamp.slice(0, 10);
+    const p = pricingFor(model);
+    if (!p) continue;
+    const inp = Number(usage["input_tokens"] ?? 0);
+    const out = Number(usage["output_tokens"] ?? 0);
+    const cw = Number(usage["cache_creation_input_tokens"] ?? 0);
+    const cr = Number(usage["cache_read_input_tokens"] ?? 0);
+    const cost = inp * p[0] + out * p[1] + cw * p[2] + cr * p[3];
+    const norm = normalizeModel(model);
+    const key = `${date}::${norm}`;
+    const prev = daily.get(key);
+    if (prev) {
+      prev.costUSD += cost;
+      prev.inputTokens += inp;
+      prev.outputTokens += out;
+      prev.cacheWriteTokens += cw;
+      prev.cacheReadTokens += cr;
+    } else {
+      daily.set(key, {
+        date,
+        model: norm,
+        costUSD: cost,
+        inputTokens: inp,
+        outputTokens: out,
+        cacheWriteTokens: cw,
+        cacheReadTokens: cr
+      });
+    }
+  }
+  return daily;
+}
+function collectEntries() {
+  const projectsDir = path19.join(os14.homedir(), ".claude", "projects");
+  if (!fs16.existsSync(projectsDir)) return [];
+  const combined = /* @__PURE__ */ new Map();
+  let dirs;
+  try {
+    dirs = fs16.readdirSync(projectsDir);
+  } catch {
+    return [];
+  }
+  for (const dir of dirs) {
+    const dirPath = path19.join(projectsDir, dir);
+    try {
+      if (!fs16.statSync(dirPath).isDirectory()) continue;
+    } catch {
+      continue;
+    }
+    let files;
+    try {
+      files = fs16.readdirSync(dirPath).filter((f) => f.endsWith(".jsonl"));
+    } catch {
+      continue;
+    }
+    for (const file of files) {
+      const entries = parseJSONLFile(path19.join(dirPath, file));
+      for (const [key, e] of entries) {
+        const prev = combined.get(key);
+        if (prev) {
+          prev.costUSD += e.costUSD;
+          prev.inputTokens += e.inputTokens;
+          prev.outputTokens += e.outputTokens;
+          prev.cacheWriteTokens += e.cacheWriteTokens;
+          prev.cacheReadTokens += e.cacheReadTokens;
+        } else {
+          combined.set(key, { ...e });
+        }
+      }
+    }
+  }
+  return [...combined.values()];
+}
+async function syncCost() {
+  const creds = getCredentials();
+  if (!creds?.apiKey || !creds?.apiUrl) return;
+  const entries = collectEntries();
+  if (entries.length === 0) return;
+  let username = "unknown";
+  try {
+    username = os14.userInfo().username;
+  } catch {
+  }
+  const machineId = `${os14.hostname()}:${username}`;
+  try {
+    const res = await fetch(`${creds.apiUrl}/cost-sync`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", Authorization: `Bearer ${creds.apiKey}` },
+      body: JSON.stringify({ machineId, entries }),
+      signal: AbortSignal.timeout(15e3)
+    });
+    if (!res.ok) {
+      fs16.appendFileSync(HOOK_DEBUG_LOG, `[cost-sync] HTTP ${res.status}
+`);
+    }
+  } catch (err2) {
+    fs16.appendFileSync(HOOK_DEBUG_LOG, `[cost-sync] ${err2.message}
+`);
+  }
+}
+function startCostSync() {
+  syncCost().catch(() => {
+  });
+  const timer = setInterval(() => {
+    syncCost().catch(() => {
+    });
+  }, SYNC_INTERVAL_MS);
+  timer.unref();
+}
+var SYNC_INTERVAL_MS, PRICING;
+var init_costSync = __esm({
+  "src/costSync.ts"() {
+    "use strict";
+    init_config();
+    init_audit();
+    SYNC_INTERVAL_MS = 10 * 60 * 1e3;
+    PRICING = {
+      "claude-opus-4": [5e-6, 25e-6, 625e-8, 5e-7],
+      "claude-sonnet-4": [3e-6, 15e-6, 375e-8, 3e-7],
+      "claude-haiku-4": [8e-7, 4e-6, 1e-6, 8e-8],
+      "claude-3-7-sonnet": [3e-6, 15e-6, 375e-8, 3e-7],
+      "claude-3-5-sonnet": [3e-6, 15e-6, 375e-8, 3e-7],
+      "claude-3-5-haiku": [8e-7, 4e-6, 1e-6, 8e-8],
+      "claude-3-haiku": [25e-8, 125e-8, 3e-7, 3e-8]
+    };
   }
 });
 
 // src/daemon/server.ts
 import http from "http";
-import fs15 from "fs";
-import path18 from "path";
+import fs17 from "fs";
+import path20 from "path";
 import { randomUUID as randomUUID4 } from "crypto";
 import { spawnSync as spawnSync2 } from "child_process";
 import chalk2 from "chalk";
 function startDaemon() {
+  startCostSync();
   loadInsightCounts();
   const csrfToken = randomUUID4();
   const internalToken = randomUUID4();
@@ -5965,7 +6242,7 @@ function startDaemon() {
     idleTimer = setTimeout(() => {
       if (autoStarted) {
         try {
-          fs15.unlinkSync(DAEMON_PID_FILE);
+          fs17.unlinkSync(DAEMON_PID_FILE);
         } catch {
         }
       }
@@ -6128,7 +6405,7 @@ data: ${JSON.stringify(item.data)}
             status: "pending"
           });
         }
-        const projectCwd = typeof cwd === "string" && path18.isAbsolute(cwd) ? cwd : void 0;
+        const projectCwd = typeof cwd === "string" && path20.isAbsolute(cwd) ? cwd : void 0;
         const projectConfig = getConfig(projectCwd);
         const browserEnabled = projectConfig.settings.approvers?.browser !== false;
         const terminalEnabled = projectConfig.settings.approvers?.terminal !== false;
@@ -6518,8 +6795,8 @@ data: ${JSON.stringify(item.data)}
         const body = await readBody(req);
         const data = body ? JSON.parse(body) : {};
         const configPath = data.configPath ?? GLOBAL_CONFIG_PATH;
-        const node9Dir = path18.dirname(GLOBAL_CONFIG_PATH);
-        if (!path18.resolve(configPath).startsWith(node9Dir + path18.sep)) {
+        const node9Dir = path20.dirname(GLOBAL_CONFIG_PATH);
+        if (!path20.resolve(configPath).startsWith(node9Dir + path20.sep)) {
           res.writeHead(400, { "Content-Type": "application/json" });
           return res.end(
             JSON.stringify({ error: "configPath must be within the node9 config directory" })
@@ -6630,14 +6907,14 @@ data: ${JSON.stringify(item.data)}
   server.on("error", (e) => {
     if (e.code === "EADDRINUSE") {
       try {
-        if (fs15.existsSync(DAEMON_PID_FILE)) {
-          const { pid } = JSON.parse(fs15.readFileSync(DAEMON_PID_FILE, "utf-8"));
+        if (fs17.existsSync(DAEMON_PID_FILE)) {
+          const { pid } = JSON.parse(fs17.readFileSync(DAEMON_PID_FILE, "utf-8"));
           process.kill(pid, 0);
           return process.exit(0);
         }
       } catch {
         try {
-          fs15.unlinkSync(DAEMON_PID_FILE);
+          fs17.unlinkSync(DAEMON_PID_FILE);
         } catch {
         }
         server.listen(DAEMON_PORT, DAEMON_HOST);
@@ -6705,32 +6982,33 @@ var init_server = __esm({
     init_state2();
     init_patch();
     init_config_schema();
+    init_costSync();
   }
 });
 
 // src/daemon/index.ts
-import fs16 from "fs";
+import fs18 from "fs";
 import chalk3 from "chalk";
 import { spawnSync as spawnSync3 } from "child_process";
 function stopDaemon() {
-  if (!fs16.existsSync(DAEMON_PID_FILE)) return console.log(chalk3.yellow("Not running."));
+  if (!fs18.existsSync(DAEMON_PID_FILE)) return console.log(chalk3.yellow("Not running."));
   try {
-    const { pid } = JSON.parse(fs16.readFileSync(DAEMON_PID_FILE, "utf-8"));
+    const { pid } = JSON.parse(fs18.readFileSync(DAEMON_PID_FILE, "utf-8"));
     process.kill(pid, "SIGTERM");
     console.log(chalk3.green("\u2705 Stopped."));
   } catch {
     console.log(chalk3.gray("Cleaned up stale PID file."));
   } finally {
     try {
-      fs16.unlinkSync(DAEMON_PID_FILE);
+      fs18.unlinkSync(DAEMON_PID_FILE);
     } catch {
     }
   }
 }
 function daemonStatus() {
-  if (fs16.existsSync(DAEMON_PID_FILE)) {
+  if (fs18.existsSync(DAEMON_PID_FILE)) {
     try {
-      const { pid } = JSON.parse(fs16.readFileSync(DAEMON_PID_FILE, "utf-8"));
+      const { pid } = JSON.parse(fs18.readFileSync(DAEMON_PID_FILE, "utf-8"));
       process.kill(pid, 0);
       console.log(chalk3.green("Node9 daemon: running"));
       return;
@@ -6764,10 +7042,10 @@ __export(tail_exports, {
   startTail: () => startTail
 });
 import http2 from "http";
-import chalk18 from "chalk";
-import fs26 from "fs";
-import os22 from "os";
-import path29 from "path";
+import chalk19 from "chalk";
+import fs29 from "fs";
+import os25 from "os";
+import path32 from "path";
 import readline5 from "readline";
 import { spawn as spawn10, execSync as execSync3 } from "child_process";
 function getIcon(tool) {
@@ -6777,44 +7055,64 @@ function getIcon(tool) {
   }
   return "\u{1F6E0}\uFE0F";
 }
+function visibleLength(s) {
+  return s.replace(/\x1B\[[0-9;]*m/g, "").length;
+}
+function wrappedLineCount(text) {
+  const cols = process.stdout.columns;
+  if (!cols) return 1;
+  const len = visibleLength(text);
+  return Math.max(1, Math.ceil(len / cols));
+}
 function formatBase(activity) {
   const time = new Date(activity.ts).toLocaleTimeString([], { hour12: false });
   const icon = getIcon(activity.tool);
   const toolName = activity.tool.slice(0, 16).padEnd(16);
-  const argsStr = JSON.stringify(activity.args ?? {}).replace(/\s+/g, " ").replaceAll(os22.homedir(), "~");
+  const argsStr = JSON.stringify(activity.args ?? {}).replace(/\s+/g, " ").replaceAll(os25.homedir(), "~");
   const argsPreview = argsStr.length > 70 ? argsStr.slice(0, 70) + "\u2026" : argsStr;
-  return `${chalk18.gray(time)} ${icon} ${chalk18.white.bold(toolName)} ${chalk18.dim(argsPreview)}`;
+  return `${chalk19.gray(time)} ${icon} ${chalk19.white.bold(toolName)} ${chalk19.dim(argsPreview)}`;
 }
 function renderResult(activity, result) {
   const base = formatBase(activity);
   let status;
   if (result.status === "allow") {
-    status = chalk18.green("\u2713 ALLOW");
+    status = chalk19.green("\u2713 ALLOW");
   } else if (result.status === "dlp") {
-    status = chalk18.bgRed.white.bold(" \u{1F6E1}\uFE0F  DLP ");
+    status = chalk19.bgRed.white.bold(" \u{1F6E1}\uFE0F  DLP ");
   } else {
-    status = chalk18.red("\u2717 BLOCK");
+    status = chalk19.red("\u2717 BLOCK");
   }
   const cost = result.costEstimate ?? activity.costEstimate;
-  const costSuffix = cost == null ? "" : chalk18.dim(`  ~$${cost >= 1e-3 ? cost.toFixed(3) : "0.000"}`);
+  const costSuffix = cost == null ? "" : chalk19.dim(`  ~$${cost >= 1e-3 ? cost.toFixed(3) : "0.000"}`);
   if (process.stdout.isTTY) {
-    readline5.clearLine(process.stdout, 0);
-    readline5.cursorTo(process.stdout, 0);
+    if (pendingShownForId === activity.id && pendingWrappedLines > 1) {
+      readline5.moveCursor(process.stdout, 0, -(pendingWrappedLines - 1));
+      readline5.cursorTo(process.stdout, 0);
+      process.stdout.write(ERASE_DOWN);
+    } else {
+      readline5.clearLine(process.stdout, 0);
+      readline5.cursorTo(process.stdout, 0);
+    }
+    pendingShownForId = null;
+    pendingWrappedLines = 0;
   }
   console.log(`${base}  ${status}${costSuffix}`);
 }
 function renderPending(activity) {
   if (!process.stdout.isTTY) return;
-  process.stdout.write(`${formatBase(activity)}  ${chalk18.yellow("\u25CF \u2026")}\r`);
+  const line = `${formatBase(activity)}  ${chalk19.yellow("\u25CF \u2026")}`;
+  pendingShownForId = activity.id;
+  pendingWrappedLines = wrappedLineCount(line);
+  process.stdout.write(`${line}\r`);
 }
 async function ensureDaemon() {
   let pidPort = null;
-  if (fs26.existsSync(PID_FILE)) {
+  if (fs29.existsSync(PID_FILE)) {
     try {
-      const { port } = JSON.parse(fs26.readFileSync(PID_FILE, "utf-8"));
+      const { port } = JSON.parse(fs29.readFileSync(PID_FILE, "utf-8"));
       pidPort = port;
     } catch {
-      console.error(chalk18.dim("\u26A0\uFE0F  Could not read PID file; falling back to default port."));
+      console.error(chalk19.dim("\u26A0\uFE0F  Could not read PID file; falling back to default port."));
     }
   }
   const checkPort = pidPort ?? DAEMON_PORT;
@@ -6825,7 +7123,7 @@ async function ensureDaemon() {
     if (res.ok) return checkPort;
   } catch {
   }
-  console.log(chalk18.dim("\u{1F6E1}\uFE0F  Starting Node9 daemon..."));
+  console.log(chalk19.dim("\u{1F6E1}\uFE0F  Starting Node9 daemon..."));
   const child = spawn10(process.execPath, [process.argv[1], "daemon"], {
     detached: true,
     stdio: "ignore",
@@ -6842,7 +7140,7 @@ async function ensureDaemon() {
     } catch {
     }
   }
-  console.error(chalk18.red("\u274C Daemon failed to start. Try: node9 daemon start"));
+  console.error(chalk19.red("\u274C Daemon failed to start. Try: node9 daemon start"));
   process.exit(1);
 }
 function postDecisionHttp(id, decision, csrfToken, port, opts) {
@@ -6888,6 +7186,9 @@ function buildCardLines(req, localCount = 0) {
     `${CYAN}\u2551${RESET2} Tool:    ${BOLD2}${req.toolName}${RESET2}`,
     `${CYAN}\u2551${RESET2} Reason:  ${tierLabel} \u2014 ${blockedBy}${RESET2}`
   ];
+  if (req.riskMetadata?.ruleDescription) {
+    lines.push(`${CYAN}\u2551${RESET2} ${YELLOW}\u2139  ${req.riskMetadata.ruleDescription}${RESET2}`);
+  }
   if (req.riskMetadata?.ruleName && blockedBy.includes("Taint")) {
     lines.push(`${CYAN}\u2551${RESET2} ${YELLOW}\u26A0  ${req.riskMetadata.ruleName}${RESET2}`);
   }
@@ -6931,9 +7232,9 @@ function buildRecoveryCardLines(req) {
   ];
 }
 function readApproversFromDisk() {
-  const configPath = path29.join(os22.homedir(), ".node9", "config.json");
+  const configPath = path32.join(os25.homedir(), ".node9", "config.json");
   try {
-    const raw = JSON.parse(fs26.readFileSync(configPath, "utf-8"));
+    const raw = JSON.parse(fs29.readFileSync(configPath, "utf-8"));
     const settings = raw.settings ?? {};
     return settings.approvers ?? {};
   } catch {
@@ -6944,20 +7245,20 @@ function approverStatusLine() {
   const a = readApproversFromDisk();
   const fmt = (label, key) => {
     const on = a[key] !== false;
-    return `[${key[0]}]${label.slice(1)} ${on ? chalk18.green("\u2713") : chalk18.dim("\u2717")}`;
+    return `[${key[0]}]${label.slice(1)} ${on ? chalk19.green("\u2713") : chalk19.dim("\u2717")}`;
   };
   return `${fmt("native", "native")}  ${fmt("browser", "browser")}  ${fmt("cloud", "cloud")}  ${fmt("terminal", "terminal")}`;
 }
 function toggleApprover(channel) {
-  const configPath = path29.join(os22.homedir(), ".node9", "config.json");
+  const configPath = path32.join(os25.homedir(), ".node9", "config.json");
   try {
-    const raw = JSON.parse(fs26.readFileSync(configPath, "utf-8"));
+    const raw = JSON.parse(fs29.readFileSync(configPath, "utf-8"));
     const settings = raw.settings ?? {};
     const approvers = settings.approvers ?? {};
     approvers[channel] = approvers[channel] === false;
     settings.approvers = approvers;
     raw.settings = settings;
-    fs26.writeFileSync(configPath, JSON.stringify(raw, null, 2) + "\n");
+    fs29.writeFileSync(configPath, JSON.stringify(raw, null, 2) + "\n");
   } catch (err2) {
     process.stderr.write(`[node9] toggleApprover failed: ${String(err2)}
 `);
@@ -6989,7 +7290,7 @@ async function startTail(options = {}) {
       req2.end();
     });
     if (result.ok) {
-      console.log(chalk18.green("\u2713 Flight Recorder buffer cleared."));
+      console.log(chalk19.green("\u2713 Flight Recorder buffer cleared."));
     } else if (result.code === "ECONNREFUSED") {
       throw new Error("Daemon is not running. Start it with: node9 daemon start");
     } else if (result.code === "ETIMEDOUT") {
@@ -7033,7 +7334,7 @@ async function startTail(options = {}) {
       const channel = name === "n" ? "native" : name === "b" ? "browser" : name === "c" ? "cloud" : name === "t" ? "terminal" : null;
       if (channel) {
         toggleApprover(channel);
-        console.log(chalk18.dim(`  Approvers: ${approverStatusLine()}`));
+        console.log(chalk19.dim(`  Approvers: ${approverStatusLine()}`));
       }
     };
     process.stdin.on("keypress", idleKeypressHandler);
@@ -7099,7 +7400,7 @@ async function startTail(options = {}) {
           localAllowCounts.get(req2.toolName) ?? 0
         )
       );
-      const decisionStamp = action === "always-allow" ? chalk18.yellow("\u2605 ALWAYS ALLOW") : action === "trust" ? chalk18.cyan("\u23F1 TRUST 30m") : action === "allow" ? chalk18.green("\u2713 ALLOWED") : action === "redirect" ? chalk18.yellow("\u21A9 REDIRECT AI") : chalk18.red("\u2717 DENIED");
+      const decisionStamp = action === "always-allow" ? chalk19.yellow("\u2605 ALWAYS ALLOW") : action === "trust" ? chalk19.cyan("\u23F1 TRUST 30m") : action === "allow" ? chalk19.green("\u2713 ALLOWED") : action === "redirect" ? chalk19.yellow("\u21A9 REDIRECT AI") : chalk19.red("\u2717 DENIED");
       stampedLines.push(`  ${BOLD2}\u2192${RESET2} ${decisionStamp} ${GRAY}(terminal)${RESET2}`, ``);
       for (const line of stampedLines) process.stdout.write(line + "\n");
       process.stdout.write(SHOW_CURSOR);
@@ -7127,8 +7428,8 @@ async function startTail(options = {}) {
       }
       postDecisionHttp(req2.id, httpDecision, csrfToken, port, httpOpts).catch((err2) => {
         try {
-          fs26.appendFileSync(
-            path29.join(os22.homedir(), ".node9", "hook-debug.log"),
+          fs29.appendFileSync(
+            path32.join(os25.homedir(), ".node9", "hook-debug.log"),
             `[tail] POST /decision failed: ${String(err2)}
 `
           );
@@ -7150,7 +7451,7 @@ async function startTail(options = {}) {
       );
       const stampedLines = buildCardLines(req2, priorCount);
       if (externalDecision) {
-        const source = externalDecision === "allow" ? chalk18.green("\u2713 ALLOWED") : chalk18.red("\u2717 DENIED");
+        const source = externalDecision === "allow" ? chalk19.green("\u2713 ALLOWED") : chalk19.red("\u2717 DENIED");
         stampedLines.push(`  ${BOLD2}\u2192${RESET2} ${source} ${GRAY}(external)${RESET2}`, ``);
       }
       for (const line of stampedLines) process.stdout.write(line + "\n");
@@ -7209,16 +7510,16 @@ async function startTail(options = {}) {
     }
   } catch {
   }
-  console.log(chalk18.cyan.bold(`
-\u{1F6F0}\uFE0F  Node9 tail  `) + chalk18.dim(`\u2192 ${dashboardUrl}`));
+  console.log(chalk19.cyan.bold(`
+\u{1F6F0}\uFE0F  Node9 tail  `) + chalk19.dim(`\u2192 ${dashboardUrl}`));
   if (canApprove) {
-    console.log(chalk18.dim("Card: [\u21B5/y] Allow  [n] Deny  [a] Always  [t] Trust 30m"));
-    console.log(chalk18.dim(`Approvers (toggle): ${approverStatusLine()}  [q] quit`));
+    console.log(chalk19.dim("Card: [\u21B5/y] Allow  [n] Deny  [a] Always  [t] Trust 30m"));
+    console.log(chalk19.dim(`Approvers (toggle): ${approverStatusLine()}  [q] quit`));
   }
   if (options.history) {
-    console.log(chalk18.dim("Showing history + live events.\n"));
+    console.log(chalk19.dim("Showing history + live events.\n"));
   } else {
-    console.log(chalk18.dim("Showing live events only. Use --history to include past.\n"));
+    console.log(chalk19.dim("Showing live events only. Use --history to include past.\n"));
   }
   process.on("SIGINT", () => {
     exitIdleMode();
@@ -7228,13 +7529,13 @@ async function startTail(options = {}) {
       readline5.clearLine(process.stdout, 0);
       readline5.cursorTo(process.stdout, 0);
     }
-    console.log(chalk18.dim("\n\u{1F6F0}\uFE0F  Disconnected."));
+    console.log(chalk19.dim("\n\u{1F6F0}\uFE0F  Disconnected."));
     process.exit(0);
   });
   const sseUrl = `http://127.0.0.1:${port}/events?capabilities=input`;
   const req = http2.get(sseUrl, (res) => {
     if (res.statusCode !== 200) {
-      console.error(chalk18.red(`Failed to connect: HTTP ${res.statusCode}`));
+      console.error(chalk19.red(`Failed to connect: HTTP ${res.statusCode}`));
       process.exit(1);
     }
     if (canApprove) enterIdleMode();
@@ -7265,7 +7566,7 @@ async function startTail(options = {}) {
         readline5.clearLine(process.stdout, 0);
         readline5.cursorTo(process.stdout, 0);
       }
-      console.log(chalk18.red("\n\u274C Daemon disconnected."));
+      console.log(chalk19.red("\n\u274C Daemon disconnected."));
       process.exit(1);
     });
   });
@@ -7357,9 +7658,9 @@ async function startTail(options = {}) {
       const hash = data.hash ?? "";
       const summary = data.argsSummary ?? data.tool;
       const fileCount = data.fileCount ?? 0;
-      const files = fileCount > 0 ? chalk18.dim(` \xB7 ${fileCount} file${fileCount === 1 ? "" : "s"}`) : "";
+      const files = fileCount > 0 ? chalk19.dim(` \xB7 ${fileCount} file${fileCount === 1 ? "" : "s"}`) : "";
       process.stdout.write(
-        `${chalk18.dim(time)}  ${chalk18.cyan("\u{1F4F8} snapshot")}  ${chalk18.dim(hash)}  ${summary}${files}
+        `${chalk19.dim(time)}  ${chalk19.cyan("\u{1F4F8} snapshot")}  ${chalk19.dim(hash)}  ${summary}${files}
 `
       );
       return;
@@ -7376,19 +7677,19 @@ async function startTail(options = {}) {
   }
   req.on("error", (err2) => {
     const msg = err2.code === "ECONNREFUSED" ? "Daemon is not running. Start it with: node9 daemon start" : err2.message;
-    console.error(chalk18.red(`
+    console.error(chalk19.red(`
 \u274C ${msg}`));
     process.exit(1);
   });
 }
-var PID_FILE, ICONS, RESET2, BOLD2, RED, YELLOW, CYAN, GRAY, GREEN, HIDE_CURSOR, SHOW_CURSOR, ERASE_DOWN, DIVIDER;
+var PID_FILE, ICONS, RESET2, BOLD2, RED, YELLOW, CYAN, GRAY, GREEN, HIDE_CURSOR, SHOW_CURSOR, ERASE_DOWN, pendingShownForId, pendingWrappedLines, DIVIDER;
 var init_tail = __esm({
   "src/tui/tail.ts"() {
     "use strict";
     init_daemon2();
     init_daemon();
     init_core();
-    PID_FILE = path29.join(os22.homedir(), ".node9", "daemon.pid");
+    PID_FILE = path32.join(os25.homedir(), ".node9", "daemon.pid");
     ICONS = {
       bash: "\u{1F4BB}",
       shell: "\u{1F4BB}",
@@ -7416,6 +7717,8 @@ var init_tail = __esm({
     HIDE_CURSOR = "\x1B[?25l";
     SHOW_CURSOR = "\x1B[?25h";
     ERASE_DOWN = "\x1B[J";
+    pendingShownForId = null;
+    pendingWrappedLines = 0;
     DIVIDER = "\u2500".repeat(60);
   }
 });
@@ -7427,9 +7730,9 @@ __export(hud_exports, {
   main: () => main,
   renderEnvironmentLine: () => renderEnvironmentLine
 });
-import fs27 from "fs";
-import path30 from "path";
-import os23 from "os";
+import fs30 from "fs";
+import path33 from "path";
+import os26 from "os";
 import http3 from "http";
 async function readStdin() {
   const chunks = [];
@@ -7488,10 +7791,10 @@ function bold(s) {
 function color(c, s) {
   return `${c}${s}${RESET3}`;
 }
-function progressBar(pct, warnAt = 70, critAt = 85) {
-  const filled = Math.round(Math.min(pct, 100) / 100 * BAR_WIDTH);
+function progressBar(pct2, warnAt = 70, critAt = 85) {
+  const filled = Math.round(Math.min(pct2, 100) / 100 * BAR_WIDTH);
   const bar = BAR_FILLED.repeat(filled) + BAR_EMPTY.repeat(BAR_WIDTH - filled);
-  const c = pct >= critAt ? RED2 : pct >= warnAt ? YELLOW2 : GREEN2;
+  const c = pct2 >= critAt ? RED2 : pct2 >= warnAt ? YELLOW2 : GREEN2;
   return `${c}${bar}${RESET3}`;
 }
 function formatTimeLeft(resetsAt) {
@@ -7505,9 +7808,9 @@ function formatTimeLeft(resetsAt) {
   return ` (${m}m left)`;
 }
 function safeReadJson(filePath) {
-  if (!fs27.existsSync(filePath)) return null;
+  if (!fs30.existsSync(filePath)) return null;
   try {
-    return JSON.parse(fs27.readFileSync(filePath, "utf-8"));
+    return JSON.parse(fs30.readFileSync(filePath, "utf-8"));
   } catch {
     return null;
   }
@@ -7528,12 +7831,12 @@ function countHooksInFile(filePath) {
   return Object.keys(cfg.hooks).length;
 }
 function countRulesInDir(rulesDir) {
-  if (!fs27.existsSync(rulesDir)) return 0;
+  if (!fs30.existsSync(rulesDir)) return 0;
   let count = 0;
   try {
-    for (const entry of fs27.readdirSync(rulesDir, { withFileTypes: true })) {
+    for (const entry of fs30.readdirSync(rulesDir, { withFileTypes: true })) {
       if (entry.isDirectory()) {
-        count += countRulesInDir(path30.join(rulesDir, entry.name));
+        count += countRulesInDir(path33.join(rulesDir, entry.name));
       } else if (entry.isFile() && entry.name.endsWith(".md")) {
         count++;
       }
@@ -7544,46 +7847,46 @@ function countRulesInDir(rulesDir) {
 }
 function isSamePath(a, b) {
   try {
-    return path30.resolve(a) === path30.resolve(b);
+    return path33.resolve(a) === path33.resolve(b);
   } catch {
     return false;
   }
 }
 function countConfigs(cwd) {
-  const homeDir2 = os23.homedir();
-  const claudeDir = path30.join(homeDir2, ".claude");
+  const homeDir2 = os26.homedir();
+  const claudeDir = path33.join(homeDir2, ".claude");
   let claudeMdCount = 0;
   let rulesCount = 0;
   let hooksCount = 0;
   const userMcpServers = /* @__PURE__ */ new Set();
   const projectMcpServers = /* @__PURE__ */ new Set();
-  if (fs27.existsSync(path30.join(claudeDir, "CLAUDE.md"))) claudeMdCount++;
-  rulesCount += countRulesInDir(path30.join(claudeDir, "rules"));
-  const userSettings = path30.join(claudeDir, "settings.json");
+  if (fs30.existsSync(path33.join(claudeDir, "CLAUDE.md"))) claudeMdCount++;
+  rulesCount += countRulesInDir(path33.join(claudeDir, "rules"));
+  const userSettings = path33.join(claudeDir, "settings.json");
   for (const name of getMcpServerNames(userSettings)) userMcpServers.add(name);
   hooksCount += countHooksInFile(userSettings);
-  const userClaudeJson = path30.join(homeDir2, ".claude.json");
+  const userClaudeJson = path33.join(homeDir2, ".claude.json");
   for (const name of getMcpServerNames(userClaudeJson)) userMcpServers.add(name);
   for (const name of getDisabledMcpServers(userClaudeJson, "disabledMcpServers")) {
     userMcpServers.delete(name);
   }
   if (cwd) {
-    if (fs27.existsSync(path30.join(cwd, "CLAUDE.md"))) claudeMdCount++;
-    if (fs27.existsSync(path30.join(cwd, "CLAUDE.local.md"))) claudeMdCount++;
-    const projectClaudeDir = path30.join(cwd, ".claude");
+    if (fs30.existsSync(path33.join(cwd, "CLAUDE.md"))) claudeMdCount++;
+    if (fs30.existsSync(path33.join(cwd, "CLAUDE.local.md"))) claudeMdCount++;
+    const projectClaudeDir = path33.join(cwd, ".claude");
     const overlapsUserScope = isSamePath(projectClaudeDir, claudeDir);
     if (!overlapsUserScope) {
-      if (fs27.existsSync(path30.join(projectClaudeDir, "CLAUDE.md"))) claudeMdCount++;
-      rulesCount += countRulesInDir(path30.join(projectClaudeDir, "rules"));
-      const projSettings = path30.join(projectClaudeDir, "settings.json");
+      if (fs30.existsSync(path33.join(projectClaudeDir, "CLAUDE.md"))) claudeMdCount++;
+      rulesCount += countRulesInDir(path33.join(projectClaudeDir, "rules"));
+      const projSettings = path33.join(projectClaudeDir, "settings.json");
       for (const name of getMcpServerNames(projSettings)) projectMcpServers.add(name);
       hooksCount += countHooksInFile(projSettings);
     }
-    if (fs27.existsSync(path30.join(projectClaudeDir, "CLAUDE.local.md"))) claudeMdCount++;
-    const localSettings = path30.join(projectClaudeDir, "settings.local.json");
+    if (fs30.existsSync(path33.join(projectClaudeDir, "CLAUDE.local.md"))) claudeMdCount++;
+    const localSettings = path33.join(projectClaudeDir, "settings.local.json");
     for (const name of getMcpServerNames(localSettings)) projectMcpServers.add(name);
     hooksCount += countHooksInFile(localSettings);
-    const mcpJsonServers = getMcpServerNames(path30.join(cwd, ".mcp.json"));
+    const mcpJsonServers = getMcpServerNames(path33.join(cwd, ".mcp.json"));
     const disabledMcpJson = getDisabledMcpServers(localSettings, "disabledMcpjsonServers");
     for (const name of disabledMcpJson) mcpJsonServers.delete(name);
     for (const name of mcpJsonServers) projectMcpServers.add(name);
@@ -7616,12 +7919,12 @@ function readActiveShieldsHud() {
     return shieldsCache.value;
   }
   try {
-    const shieldsPath = path30.join(os23.homedir(), ".node9", "shields.json");
-    if (!fs27.existsSync(shieldsPath)) {
+    const shieldsPath = path33.join(os26.homedir(), ".node9", "shields.json");
+    if (!fs30.existsSync(shieldsPath)) {
       shieldsCache = { value: [], ts: now };
       return [];
     }
-    const parsed = JSON.parse(fs27.readFileSync(shieldsPath, "utf-8"));
+    const parsed = JSON.parse(fs30.readFileSync(shieldsPath, "utf-8"));
     if (!Array.isArray(parsed.active)) {
       shieldsCache = { value: [], ts: now };
       return [];
@@ -7707,15 +8010,15 @@ function renderContextLine(stdin) {
   }
   const rl = stdin.rate_limits;
   if (rl?.five_hour?.used_percentage !== void 0) {
-    const pct = Math.round(rl.five_hour.used_percentage);
-    const bar = progressBar(pct, 60, 80);
+    const pct2 = Math.round(rl.five_hour.used_percentage);
+    const bar = progressBar(pct2, 60, 80);
     const left = formatTimeLeft(rl.five_hour.resets_at);
-    parts.push(`${dim("\u2502")} 5h ${bar} ${pct}%${left}`);
+    parts.push(`${dim("\u2502")} 5h ${bar} ${pct2}%${left}`);
   }
   if (rl?.seven_day?.used_percentage !== void 0) {
-    const pct = Math.round(rl.seven_day.used_percentage);
-    const bar = progressBar(pct, 60, 80);
-    parts.push(`${dim("\u2502")} 7d ${bar} ${pct}%`);
+    const pct2 = Math.round(rl.seven_day.used_percentage);
+    const bar = progressBar(pct2, 60, 80);
+    parts.push(`${dim("\u2502")} 7d ${bar} ${pct2}%`);
   }
   if (parts.length === 0) return null;
   return parts.join("  ");
@@ -7723,17 +8026,17 @@ function renderContextLine(stdin) {
 async function main() {
   try {
     const [stdin, daemonStatus2] = await Promise.all([readStdin(), queryDaemon()]);
-    if (fs27.existsSync(path30.join(os23.homedir(), ".node9", "hud-debug"))) {
+    if (fs30.existsSync(path33.join(os26.homedir(), ".node9", "hud-debug"))) {
       try {
-        const logPath = path30.join(os23.homedir(), ".node9", "hud-debug.log");
+        const logPath = path33.join(os26.homedir(), ".node9", "hud-debug.log");
         const MAX_LOG_SIZE = 10 * 1024 * 1024;
         let size = 0;
         try {
-          size = fs27.statSync(logPath).size;
+          size = fs30.statSync(logPath).size;
         } catch {
         }
         if (size < MAX_LOG_SIZE) {
-          fs27.appendFileSync(
+          fs30.appendFileSync(
             logPath,
             JSON.stringify({ ts: (/* @__PURE__ */ new Date()).toISOString(), stdin }) + "\n"
           );
@@ -7754,11 +8057,11 @@ async function main() {
       try {
         const cwd = stdin.cwd ?? process.cwd();
         for (const configPath of [
-          path30.join(cwd, "node9.config.json"),
-          path30.join(os23.homedir(), ".node9", "config.json")
+          path33.join(cwd, "node9.config.json"),
+          path33.join(os26.homedir(), ".node9", "config.json")
         ]) {
-          if (!fs27.existsSync(configPath)) continue;
-          const cfg = JSON.parse(fs27.readFileSync(configPath, "utf-8"));
+          if (!fs30.existsSync(configPath)) continue;
+          const cfg = JSON.parse(fs30.readFileSync(configPath, "utf-8"));
           const hud = cfg.settings?.hud;
           if (hud && "showEnvironmentCounts" in hud) return hud.showEnvironmentCounts !== false;
         }
@@ -7804,9 +8107,9 @@ init_core();
 import { Command } from "commander";
 
 // src/setup.ts
-import fs11 from "fs";
-import path14 from "path";
-import os10 from "os";
+import fs12 from "fs";
+import path15 from "path";
+import os11 from "os";
 import chalk from "chalk";
 import { confirm } from "@inquirer/prompts";
 import { parse as parseToml, stringify as stringifyToml } from "smol-toml";
@@ -7834,26 +8137,26 @@ function fullPathCommand(subcommand) {
 }
 function readJson(filePath) {
   try {
-    if (fs11.existsSync(filePath)) {
-      return JSON.parse(fs11.readFileSync(filePath, "utf-8"));
+    if (fs12.existsSync(filePath)) {
+      return JSON.parse(fs12.readFileSync(filePath, "utf-8"));
     }
   } catch {
   }
   return null;
 }
 function writeJson(filePath, data) {
-  const dir = path14.dirname(filePath);
-  if (!fs11.existsSync(dir)) fs11.mkdirSync(dir, { recursive: true });
-  fs11.writeFileSync(filePath, JSON.stringify(data, null, 2) + "\n");
+  const dir = path15.dirname(filePath);
+  if (!fs12.existsSync(dir)) fs12.mkdirSync(dir, { recursive: true });
+  fs12.writeFileSync(filePath, JSON.stringify(data, null, 2) + "\n");
 }
 function isNode9Hook(cmd) {
   if (!cmd) return false;
   return /(?:^|[\s/\\])node9 (?:check|log)/.test(cmd) || /(?:^|[\s/\\])cli\.js (?:check|log)/.test(cmd);
 }
 function teardownClaude() {
-  const homeDir2 = os10.homedir();
-  const hooksPath = path14.join(homeDir2, ".claude", "settings.json");
-  const mcpPath = path14.join(homeDir2, ".claude", ".mcp.json");
+  const homeDir2 = os11.homedir();
+  const hooksPath = path15.join(homeDir2, ".claude", "settings.json");
+  const mcpPath = path15.join(homeDir2, ".claude", ".mcp.json");
   let changed = false;
   const settings = readJson(hooksPath);
   if (settings?.hooks) {
@@ -7901,8 +8204,8 @@ function teardownClaude() {
   }
 }
 function teardownGemini() {
-  const homeDir2 = os10.homedir();
-  const settingsPath = path14.join(homeDir2, ".gemini", "settings.json");
+  const homeDir2 = os11.homedir();
+  const settingsPath = path15.join(homeDir2, ".gemini", "settings.json");
   const settings = readJson(settingsPath);
   if (!settings) {
     console.log(chalk.blue("  \u2139\uFE0F  ~/.gemini/settings.json not found \u2014 nothing to remove"));
@@ -7945,8 +8248,8 @@ function teardownGemini() {
   }
 }
 function teardownCursor() {
-  const homeDir2 = os10.homedir();
-  const mcpPath = path14.join(homeDir2, ".cursor", "mcp.json");
+  const homeDir2 = os11.homedir();
+  const mcpPath = path15.join(homeDir2, ".cursor", "mcp.json");
   const mcpConfig = readJson(mcpPath);
   if (!mcpConfig?.mcpServers) {
     console.log(chalk.blue("  \u2139\uFE0F  ~/.cursor/mcp.json not found \u2014 nothing to remove"));
@@ -7977,9 +8280,9 @@ function teardownCursor() {
   }
 }
 async function setupClaude() {
-  const homeDir2 = os10.homedir();
-  const mcpPath = path14.join(homeDir2, ".claude", ".mcp.json");
-  const hooksPath = path14.join(homeDir2, ".claude", "settings.json");
+  const homeDir2 = os11.homedir();
+  const mcpPath = path15.join(homeDir2, ".claude", ".mcp.json");
+  const hooksPath = path15.join(homeDir2, ".claude", "settings.json");
   const claudeConfig = readJson(mcpPath) ?? {};
   const settings = readJson(hooksPath) ?? {};
   const servers = claudeConfig.mcpServers ?? {};
@@ -8076,8 +8379,8 @@ async function setupClaude() {
   }
 }
 async function setupGemini() {
-  const homeDir2 = os10.homedir();
-  const settingsPath = path14.join(homeDir2, ".gemini", "settings.json");
+  const homeDir2 = os11.homedir();
+  const settingsPath = path15.join(homeDir2, ".gemini", "settings.json");
   const settings = readJson(settingsPath) ?? {};
   const servers = settings.mcpServers ?? {};
   let hooksChanged = false;
@@ -8172,10 +8475,10 @@ async function setupGemini() {
     printDaemonTip();
   }
 }
-function detectAgents(homeDir2 = os10.homedir()) {
+function detectAgents(homeDir2 = os11.homedir()) {
   const exists = (p) => {
     try {
-      return fs11.existsSync(p);
+      return fs12.existsSync(p);
     } catch (err2) {
       const code = err2.code;
       if (code !== "ENOENT") {
@@ -8186,15 +8489,15 @@ function detectAgents(homeDir2 = os10.homedir()) {
     }
   };
   return {
-    claude: exists(path14.join(homeDir2, ".claude")) || exists(path14.join(homeDir2, ".claude.json")),
-    gemini: exists(path14.join(homeDir2, ".gemini")),
-    cursor: exists(path14.join(homeDir2, ".cursor")),
-    codex: exists(path14.join(homeDir2, ".codex"))
+    claude: exists(path15.join(homeDir2, ".claude")) || exists(path15.join(homeDir2, ".claude.json")),
+    gemini: exists(path15.join(homeDir2, ".gemini")),
+    cursor: exists(path15.join(homeDir2, ".cursor")),
+    codex: exists(path15.join(homeDir2, ".codex"))
   };
 }
 async function setupCursor() {
-  const homeDir2 = os10.homedir();
-  const mcpPath = path14.join(homeDir2, ".cursor", "mcp.json");
+  const homeDir2 = os11.homedir();
+  const mcpPath = path15.join(homeDir2, ".cursor", "mcp.json");
   const mcpConfig = readJson(mcpPath) ?? {};
   const servers = mcpConfig.mcpServers ?? {};
   let anythingChanged = false;
@@ -8260,21 +8563,21 @@ async function setupCursor() {
 }
 function readToml(filePath) {
   try {
-    if (fs11.existsSync(filePath)) {
-      return parseToml(fs11.readFileSync(filePath, "utf-8"));
+    if (fs12.existsSync(filePath)) {
+      return parseToml(fs12.readFileSync(filePath, "utf-8"));
     }
   } catch {
   }
   return null;
 }
 function writeToml(filePath, data) {
-  const dir = path14.dirname(filePath);
-  if (!fs11.existsSync(dir)) fs11.mkdirSync(dir, { recursive: true });
-  fs11.writeFileSync(filePath, stringifyToml(data));
+  const dir = path15.dirname(filePath);
+  if (!fs12.existsSync(dir)) fs12.mkdirSync(dir, { recursive: true });
+  fs12.writeFileSync(filePath, stringifyToml(data));
 }
 async function setupCodex() {
-  const homeDir2 = os10.homedir();
-  const configPath = path14.join(homeDir2, ".codex", "config.toml");
+  const homeDir2 = os11.homedir();
+  const configPath = path15.join(homeDir2, ".codex", "config.toml");
   const config = readToml(configPath) ?? {};
   const servers = config.mcp_servers ?? {};
   let anythingChanged = false;
@@ -8339,8 +8642,8 @@ async function setupCodex() {
   }
 }
 function setupHud() {
-  const homeDir2 = os10.homedir();
-  const hooksPath = path14.join(homeDir2, ".claude", "settings.json");
+  const homeDir2 = os11.homedir();
+  const hooksPath = path15.join(homeDir2, ".claude", "settings.json");
   const settings = readJson(hooksPath) ?? {};
   const hudCommand = fullPathCommand("hud");
   const statusLineObj = { type: "command", command: hudCommand };
@@ -8366,8 +8669,8 @@ function setupHud() {
   console.log(chalk.gray("   Restart Claude Code to activate."));
 }
 function teardownHud() {
-  const homeDir2 = os10.homedir();
-  const hooksPath = path14.join(homeDir2, ".claude", "settings.json");
+  const homeDir2 = os11.homedir();
+  const hooksPath = path15.join(homeDir2, ".claude", "settings.json");
   const settings = readJson(hooksPath);
   if (!settings) {
     console.log(chalk.blue("  \u2139\uFE0F  ~/.claude/settings.json not found \u2014 nothing to remove"));
@@ -8387,10 +8690,10 @@ function teardownHud() {
 
 // src/cli.ts
 init_daemon2();
-import chalk19 from "chalk";
-import fs28 from "fs";
-import path31 from "path";
-import os24 from "os";
+import chalk20 from "chalk";
+import fs31 from "fs";
+import path34 from "path";
+import os27 from "os";
 import { confirm as confirm2 } from "@inquirer/prompts";
 
 // src/utils/duration.ts
@@ -8619,19 +8922,19 @@ init_daemon();
 init_config();
 init_policy();
 import chalk5 from "chalk";
-import fs18 from "fs";
+import fs20 from "fs";
 import { spawn as spawn6 } from "child_process";
-import path20 from "path";
-import os14 from "os";
+import path22 from "path";
+import os16 from "os";
 
 // src/undo.ts
 import { spawnSync as spawnSync4, spawn as spawn5 } from "child_process";
-import crypto2 from "crypto";
-import fs17 from "fs";
+import crypto3 from "crypto";
+import fs19 from "fs";
 import net3 from "net";
-import path19 from "path";
-import os13 from "os";
-var ACTIVITY_SOCKET_PATH3 = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : path19.join(os13.tmpdir(), "node9-activity.sock");
+import path21 from "path";
+import os15 from "os";
+var ACTIVITY_SOCKET_PATH3 = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : path21.join(os15.tmpdir(), "node9-activity.sock");
 function notifySnapshotTaken(hash, tool, argsSummary, fileCount) {
   try {
     const payload = JSON.stringify({
@@ -8651,22 +8954,22 @@ function notifySnapshotTaken(hash, tool, argsSummary, fileCount) {
   } catch {
   }
 }
-var SNAPSHOT_STACK_PATH = path19.join(os13.homedir(), ".node9", "snapshots.json");
-var UNDO_LATEST_PATH = path19.join(os13.homedir(), ".node9", "undo_latest.txt");
+var SNAPSHOT_STACK_PATH = path21.join(os15.homedir(), ".node9", "snapshots.json");
+var UNDO_LATEST_PATH = path21.join(os15.homedir(), ".node9", "undo_latest.txt");
 var MAX_SNAPSHOTS = 10;
 var GIT_TIMEOUT = 15e3;
 function readStack() {
   try {
-    if (fs17.existsSync(SNAPSHOT_STACK_PATH))
-      return JSON.parse(fs17.readFileSync(SNAPSHOT_STACK_PATH, "utf-8"));
+    if (fs19.existsSync(SNAPSHOT_STACK_PATH))
+      return JSON.parse(fs19.readFileSync(SNAPSHOT_STACK_PATH, "utf-8"));
   } catch {
   }
   return [];
 }
 function writeStack(stack) {
-  const dir = path19.dirname(SNAPSHOT_STACK_PATH);
-  if (!fs17.existsSync(dir)) fs17.mkdirSync(dir, { recursive: true });
-  fs17.writeFileSync(SNAPSHOT_STACK_PATH, JSON.stringify(stack, null, 2));
+  const dir = path21.dirname(SNAPSHOT_STACK_PATH);
+  if (!fs19.existsSync(dir)) fs19.mkdirSync(dir, { recursive: true });
+  fs19.writeFileSync(SNAPSHOT_STACK_PATH, JSON.stringify(stack, null, 2));
 }
 function extractFilePath(args) {
   if (!args || typeof args !== "object") return null;
@@ -8686,12 +8989,12 @@ function buildArgsSummary(tool, args) {
   return "";
 }
 function findProjectRoot(filePath) {
-  let dir = path19.dirname(filePath);
+  let dir = path21.dirname(filePath);
   while (true) {
-    if (fs17.existsSync(path19.join(dir, ".git")) || fs17.existsSync(path19.join(dir, "package.json"))) {
+    if (fs19.existsSync(path21.join(dir, ".git")) || fs19.existsSync(path21.join(dir, "package.json"))) {
       return dir;
     }
-    const parent = path19.dirname(dir);
+    const parent = path21.dirname(dir);
     if (parent === dir) return process.cwd();
     dir = parent;
   }
@@ -8699,7 +9002,7 @@ function findProjectRoot(filePath) {
 function normalizeCwdForHash(cwd) {
   let normalized;
   try {
-    normalized = fs17.realpathSync(cwd);
+    normalized = fs19.realpathSync(cwd);
   } catch {
     normalized = cwd;
   }
@@ -8708,17 +9011,17 @@ function normalizeCwdForHash(cwd) {
   return normalized;
 }
 function getShadowRepoDir(cwd) {
-  const hash = crypto2.createHash("sha256").update(normalizeCwdForHash(cwd)).digest("hex").slice(0, 16);
-  return path19.join(os13.homedir(), ".node9", "snapshots", hash);
+  const hash = crypto3.createHash("sha256").update(normalizeCwdForHash(cwd)).digest("hex").slice(0, 16);
+  return path21.join(os15.homedir(), ".node9", "snapshots", hash);
 }
 function cleanOrphanedIndexFiles(shadowDir) {
   try {
     const cutoff = Date.now() - 6e4;
-    for (const f of fs17.readdirSync(shadowDir)) {
+    for (const f of fs19.readdirSync(shadowDir)) {
       if (f.startsWith("index_")) {
-        const fp = path19.join(shadowDir, f);
+        const fp = path21.join(shadowDir, f);
         try {
-          if (fs17.statSync(fp).mtimeMs < cutoff) fs17.unlinkSync(fp);
+          if (fs19.statSync(fp).mtimeMs < cutoff) fs19.unlinkSync(fp);
         } catch {
         }
       }
@@ -8730,7 +9033,7 @@ function writeShadowExcludes(shadowDir, ignorePaths) {
   const hardcoded = [".git", ".node9"];
   const lines = [...hardcoded, ...ignorePaths].join("\n");
   try {
-    fs17.writeFileSync(path19.join(shadowDir, "info", "exclude"), lines + "\n", "utf8");
+    fs19.writeFileSync(path21.join(shadowDir, "info", "exclude"), lines + "\n", "utf8");
   } catch {
   }
 }
@@ -8743,25 +9046,25 @@ function ensureShadowRepo(shadowDir, cwd) {
     timeout: 3e3
   });
   if (check.status === 0) {
-    const ptPath = path19.join(shadowDir, "project-path.txt");
+    const ptPath = path21.join(shadowDir, "project-path.txt");
     try {
-      const stored = fs17.readFileSync(ptPath, "utf8").trim();
+      const stored = fs19.readFileSync(ptPath, "utf8").trim();
       if (stored === normalizedCwd) return true;
       if (process.env.NODE9_DEBUG === "1")
         console.error(
           `[Node9] Shadow repo path mismatch: stored="${stored}" expected="${normalizedCwd}" \u2014 reinitializing`
         );
-      fs17.rmSync(shadowDir, { recursive: true, force: true });
+      fs19.rmSync(shadowDir, { recursive: true, force: true });
     } catch {
       try {
-        fs17.writeFileSync(ptPath, normalizedCwd, "utf8");
+        fs19.writeFileSync(ptPath, normalizedCwd, "utf8");
       } catch {
       }
       return true;
     }
   }
   try {
-    fs17.mkdirSync(shadowDir, { recursive: true });
+    fs19.mkdirSync(shadowDir, { recursive: true });
   } catch {
   }
   const init = spawnSync4("git", ["init", "--bare", shadowDir], { timeout: 5e3 });
@@ -8770,7 +9073,7 @@ function ensureShadowRepo(shadowDir, cwd) {
     if (process.env.NODE9_DEBUG === "1") console.error("[Node9] git init --bare failed:", reason);
     return false;
   }
-  const configFile = path19.join(shadowDir, "config");
+  const configFile = path21.join(shadowDir, "config");
   spawnSync4("git", ["config", "--file", configFile, "core.untrackedCache", "true"], {
     timeout: 3e3
   });
@@ -8778,7 +9081,7 @@ function ensureShadowRepo(shadowDir, cwd) {
     timeout: 3e3
   });
   try {
-    fs17.writeFileSync(path19.join(shadowDir, "project-path.txt"), normalizedCwd, "utf8");
+    fs19.writeFileSync(path21.join(shadowDir, "project-path.txt"), normalizedCwd, "utf8");
   } catch {
   }
   return true;
@@ -8798,12 +9101,12 @@ async function createShadowSnapshot(tool = "unknown", args = {}, ignorePaths = [
   let indexFile = null;
   try {
     const rawFilePath = extractFilePath(args);
-    const absFilePath = rawFilePath && path19.isAbsolute(rawFilePath) ? rawFilePath : null;
+    const absFilePath = rawFilePath && path21.isAbsolute(rawFilePath) ? rawFilePath : null;
     const cwd = absFilePath ? findProjectRoot(absFilePath) : process.cwd();
     const shadowDir = getShadowRepoDir(cwd);
     if (!ensureShadowRepo(shadowDir, cwd)) return null;
     writeShadowExcludes(shadowDir, ignorePaths);
-    indexFile = path19.join(shadowDir, `index_${process.pid}_${Date.now()}`);
+    indexFile = path21.join(shadowDir, `index_${process.pid}_${Date.now()}`);
     const shadowEnv = {
       ...process.env,
       GIT_DIR: shadowDir,
@@ -8875,7 +9178,7 @@ async function createShadowSnapshot(tool = "unknown", args = {}, ignorePaths = [
     writeStack(stack);
     const entry = stack[stack.length - 1];
     notifySnapshotTaken(commitHash.slice(0, 7), tool, entry.argsSummary, capturedFiles.length);
-    fs17.writeFileSync(UNDO_LATEST_PATH, commitHash);
+    fs19.writeFileSync(UNDO_LATEST_PATH, commitHash);
     if (shouldGc) {
       spawn5("git", ["gc", "--auto"], { env: shadowEnv, detached: true, stdio: "ignore" }).unref();
     }
@@ -8886,7 +9189,7 @@ async function createShadowSnapshot(tool = "unknown", args = {}, ignorePaths = [
   } finally {
     if (indexFile) {
       try {
-        fs17.unlinkSync(indexFile);
+        fs19.unlinkSync(indexFile);
       } catch {
       }
     }
@@ -8962,9 +9265,9 @@ function applyUndo(hash, cwd) {
       timeout: GIT_TIMEOUT
     }).stdout?.toString().trim().split("\n").filter(Boolean) ?? [];
     for (const file of [...tracked, ...untracked]) {
-      const fullPath = path19.join(dir, file);
-      if (!snapshotFiles.has(file) && fs17.existsSync(fullPath)) {
-        fs17.unlinkSync(fullPath);
+      const fullPath = path21.join(dir, file);
+      if (!snapshotFiles.has(file) && fs19.existsSync(fullPath)) {
+        fs19.unlinkSync(fullPath);
       }
     }
     return true;
@@ -8988,9 +9291,9 @@ function registerCheckCommand(program2) {
         } catch (err2) {
           const tempConfig = getConfig();
           if (process.env.NODE9_DEBUG === "1" || tempConfig.settings.enableHookLogDebug) {
-            const logPath = path20.join(os14.homedir(), ".node9", "hook-debug.log");
+            const logPath = path22.join(os16.homedir(), ".node9", "hook-debug.log");
             const errMsg = err2 instanceof Error ? err2.message : String(err2);
-            fs18.appendFileSync(
+            fs20.appendFileSync(
               logPath,
               `[${(/* @__PURE__ */ new Date()).toISOString()}] JSON_PARSE_ERROR: ${errMsg}
 RAW: ${raw}
@@ -9003,10 +9306,10 @@ RAW: ${raw}
         if (config.settings.autoStartDaemon && !isDaemonRunning() && !process.env.NODE9_NO_AUTO_DAEMON) {
           try {
             const scriptPath = process.argv[1];
-            if (typeof scriptPath !== "string" || !path20.isAbsolute(scriptPath))
+            if (typeof scriptPath !== "string" || !path22.isAbsolute(scriptPath))
               throw new Error("node9: argv[1] is not an absolute path");
-            const resolvedScript = fs18.realpathSync(scriptPath);
-            const expectedCli = fs18.realpathSync(path20.resolve(__dirname, "../../cli.js"));
+            const resolvedScript = fs20.realpathSync(scriptPath);
+            const expectedCli = fs20.realpathSync(path22.resolve(__dirname, "../../cli.js"));
             if (resolvedScript !== expectedCli)
               throw new Error(
                 "node9: daemon spawn aborted \u2014 argv[1] does not resolve to the node9 CLI"
@@ -9032,10 +9335,10 @@ RAW: ${raw}
           }
         }
         if (process.env.NODE9_DEBUG === "1" || config.settings.enableHookLogDebug) {
-          const logPath = path20.join(os14.homedir(), ".node9", "hook-debug.log");
-          if (!fs18.existsSync(path20.dirname(logPath)))
-            fs18.mkdirSync(path20.dirname(logPath), { recursive: true });
-          fs18.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] STDIN: ${raw}
+          const logPath = path22.join(os16.homedir(), ".node9", "hook-debug.log");
+          if (!fs20.existsSync(path22.dirname(logPath)))
+            fs20.mkdirSync(path22.dirname(logPath), { recursive: true });
+          fs20.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] STDIN: ${raw}
 `);
         }
         const toolName = sanitize2(payload.tool_name ?? payload.name ?? "");
@@ -9048,8 +9351,8 @@ RAW: ${raw}
           const isHumanDecision = blockedByContext.toLowerCase().includes("user") || blockedByContext.toLowerCase().includes("daemon") || blockedByContext.toLowerCase().includes("decision");
           let ttyFd = null;
           try {
-            ttyFd = fs18.openSync("/dev/tty", "w");
-            const writeTty = (line) => fs18.writeSync(ttyFd, line + "\n");
+            ttyFd = fs20.openSync("/dev/tty", "w");
+            const writeTty = (line) => fs20.writeSync(ttyFd, line + "\n");
             if (blockedByContext.includes("DLP") || blockedByContext.includes("Secret Detected") || blockedByContext.includes("Credential Review")) {
               writeTty(chalk5.bgRed.white.bold(`
  \u{1F6A8} NODE9 DLP ALERT \u2014 CREDENTIAL DETECTED `));
@@ -9068,7 +9371,7 @@ RAW: ${raw}
           } finally {
             if (ttyFd !== null)
               try {
-                fs18.closeSync(ttyFd);
+                fs20.closeSync(ttyFd);
               } catch {
               }
           }
@@ -9100,7 +9403,7 @@ RAW: ${raw}
         if (shouldSnapshot(toolName, toolInput, config)) {
           await createShadowSnapshot(toolName, toolInput, config.policy.snapshot.ignorePaths);
         }
-        const safeCwdForAuth = typeof payload.cwd === "string" && path20.isAbsolute(payload.cwd) ? payload.cwd : void 0;
+        const safeCwdForAuth = typeof payload.cwd === "string" && path22.isAbsolute(payload.cwd) ? payload.cwd : void 0;
         const result = await authorizeHeadless(toolName, toolInput, meta, {
           cwd: safeCwdForAuth
         });
@@ -9112,12 +9415,12 @@ RAW: ${raw}
         }
         if (result.noApprovalMechanism && !isDaemonRunning() && !process.env.NODE9_NO_AUTO_DAEMON && !process.stdout.isTTY && config.settings.autoStartDaemon) {
           try {
-            const tty = fs18.openSync("/dev/tty", "w");
-            fs18.writeSync(
+            const tty = fs20.openSync("/dev/tty", "w");
+            fs20.writeSync(
               tty,
               chalk5.cyan("\n\u{1F6E1}\uFE0F  Node9: Starting approval daemon automatically...\n")
             );
-            fs18.closeSync(tty);
+            fs20.closeSync(tty);
           } catch {
           }
           const daemonReady = await autoStartDaemonAndWait();
@@ -9144,9 +9447,9 @@ RAW: ${raw}
         });
       } catch (err2) {
         if (process.env.NODE9_DEBUG === "1") {
-          const logPath = path20.join(os14.homedir(), ".node9", "hook-debug.log");
+          const logPath = path22.join(os16.homedir(), ".node9", "hook-debug.log");
           const errMsg = err2 instanceof Error ? err2.message : String(err2);
-          fs18.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] ERROR: ${errMsg}
+          fs20.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] ERROR: ${errMsg}
 `);
         }
         process.exit(0);
@@ -9183,9 +9486,9 @@ RAW: ${raw}
 init_audit();
 init_config();
 init_policy();
-import fs19 from "fs";
-import path21 from "path";
-import os15 from "os";
+import fs21 from "fs";
+import path23 from "path";
+import os17 from "os";
 init_daemon();
 
 // src/utils/cp-mv-parser.ts
@@ -9226,9 +9529,9 @@ function containsShellMetachar(token) {
 }
 
 // src/cli/commands/log.ts
-var TEST_COMMAND_RE = /(?:^|\s)(npm\s+(?:run\s+)?test|npx\s+(?:vitest|jest|mocha)|yarn\s+(?:run\s+)?test|pnpm\s+(?:run\s+)?test|vitest|jest|mocha|pytest|py\.test|cargo\s+test|go\s+test|bundle\s+exec\s+rspec|rspec|phpunit|dotnet\s+test)\b/i;
+var TEST_COMMAND_RE2 = /(?:^|\s)(npm\s+(?:run\s+)?test|npx\s+(?:vitest|jest|mocha)|yarn\s+(?:run\s+)?test|pnpm\s+(?:run\s+)?test|vitest|jest|mocha|pytest|py\.test|cargo\s+test|go\s+test|bundle\s+exec\s+rspec|rspec|phpunit|dotnet\s+test)\b/i;
 function detectTestResult(command, output) {
-  if (!TEST_COMMAND_RE.test(command)) return null;
+  if (!TEST_COMMAND_RE2.test(command)) return null;
   const out = output.toLowerCase();
   if (/\b(tests?\s+passed|all\s+tests?\s+passed|passing|test\s+suites?.*passed|ok\b|\d+\s+passed)/i.test(
     out
@@ -9258,10 +9561,10 @@ function registerLogCommand(program2) {
           decision: "allowed",
           source: "post-hook"
         };
-        const logPath = path21.join(os15.homedir(), ".node9", "audit.log");
-        if (!fs19.existsSync(path21.dirname(logPath)))
-          fs19.mkdirSync(path21.dirname(logPath), { recursive: true });
-        fs19.appendFileSync(logPath, JSON.stringify(entry) + "\n");
+        const logPath = path23.join(os17.homedir(), ".node9", "audit.log");
+        if (!fs21.existsSync(path23.dirname(logPath)))
+          fs21.mkdirSync(path23.dirname(logPath), { recursive: true });
+        fs21.appendFileSync(logPath, JSON.stringify(entry) + "\n");
         if ((tool === "Bash" || tool === "bash") && isDaemonRunning()) {
           const command = typeof rawInput === "object" && rawInput !== null && "command" in rawInput && typeof rawInput.command === "string" ? rawInput.command : null;
           if (command) {
@@ -9277,16 +9580,24 @@ function registerLogCommand(program2) {
           if (bashCommand && output) {
             const testResult = detectTestResult(bashCommand, output);
             if (testResult) {
-              await notifyActivitySocket({
-                id: "test-result",
-                ts: Date.now(),
+              appendToLog(LOCAL_AUDIT_LOG, {
+                ts: (/* @__PURE__ */ new Date()).toISOString(),
                 tool,
-                status: testResult === "pass" ? "test_pass" : "test_fail"
+                testResult,
+                source: "test-result"
               });
+              if (isDaemonRunning()) {
+                await notifyActivitySocket({
+                  id: "test-result",
+                  ts: Date.now(),
+                  tool,
+                  status: testResult === "pass" ? "test_pass" : "test_fail"
+                });
+              }
             }
           }
         }
-        const safeCwd = typeof payload.cwd === "string" && path21.isAbsolute(payload.cwd) ? payload.cwd : void 0;
+        const safeCwd = typeof payload.cwd === "string" && path23.isAbsolute(payload.cwd) ? payload.cwd : void 0;
         const config = getConfig(safeCwd);
         if (shouldSnapshot(tool, {}, config)) {
           await createShadowSnapshot("unknown", {}, config.policy.snapshot.ignorePaths);
@@ -9295,9 +9606,9 @@ function registerLogCommand(program2) {
         const msg = err2 instanceof Error ? err2.message : String(err2);
         process.stderr.write(`[Node9] audit log error: ${msg}
 `);
-        const debugPath = path21.join(os15.homedir(), ".node9", "hook-debug.log");
+        const debugPath = path23.join(os17.homedir(), ".node9", "hook-debug.log");
         try {
-          fs19.appendFileSync(debugPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] LOG_ERROR: ${msg}
+          fs21.appendFileSync(debugPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] LOG_ERROR: ${msg}
 `);
         } catch {
         }
@@ -9698,13 +10009,13 @@ function registerConfigShowCommand(program2) {
 // src/cli/commands/doctor.ts
 init_daemon();
 import chalk7 from "chalk";
-import fs20 from "fs";
-import path22 from "path";
-import os16 from "os";
+import fs22 from "fs";
+import path24 from "path";
+import os18 from "os";
 import { execSync as execSync2 } from "child_process";
 function registerDoctorCommand(program2, version2) {
   program2.command("doctor").description("Check that Node9 is installed and configured correctly").action(() => {
-    const homeDir2 = os16.homedir();
+    const homeDir2 = os18.homedir();
     let failures = 0;
     function pass(msg) {
       console.log(chalk7.green("  \u2705 ") + msg);
@@ -9753,10 +10064,10 @@ function registerDoctorCommand(program2, version2) {
       );
     }
     section("Configuration");
-    const globalConfigPath = path22.join(homeDir2, ".node9", "config.json");
-    if (fs20.existsSync(globalConfigPath)) {
+    const globalConfigPath = path24.join(homeDir2, ".node9", "config.json");
+    if (fs22.existsSync(globalConfigPath)) {
       try {
-        JSON.parse(fs20.readFileSync(globalConfigPath, "utf-8"));
+        JSON.parse(fs22.readFileSync(globalConfigPath, "utf-8"));
         pass("~/.node9/config.json found and valid");
       } catch {
         fail("~/.node9/config.json is invalid JSON", "Run: node9 init --force");
@@ -9764,10 +10075,10 @@ function registerDoctorCommand(program2, version2) {
     } else {
       warn("~/.node9/config.json not found (using defaults)", "Run: node9 init");
     }
-    const projectConfigPath = path22.join(process.cwd(), "node9.config.json");
-    if (fs20.existsSync(projectConfigPath)) {
+    const projectConfigPath = path24.join(process.cwd(), "node9.config.json");
+    if (fs22.existsSync(projectConfigPath)) {
       try {
-        JSON.parse(fs20.readFileSync(projectConfigPath, "utf-8"));
+        JSON.parse(fs22.readFileSync(projectConfigPath, "utf-8"));
         pass("node9.config.json found and valid (project)");
       } catch {
         fail(
@@ -9776,8 +10087,8 @@ function registerDoctorCommand(program2, version2) {
         );
       }
     }
-    const credsPath = path22.join(homeDir2, ".node9", "credentials.json");
-    if (fs20.existsSync(credsPath)) {
+    const credsPath = path24.join(homeDir2, ".node9", "credentials.json");
+    if (fs22.existsSync(credsPath)) {
       pass("Cloud credentials found (~/.node9/credentials.json)");
     } else {
       warn(
@@ -9786,10 +10097,10 @@ function registerDoctorCommand(program2, version2) {
       );
     }
     section("Agent Hooks");
-    const claudeSettingsPath = path22.join(homeDir2, ".claude", "settings.json");
-    if (fs20.existsSync(claudeSettingsPath)) {
+    const claudeSettingsPath = path24.join(homeDir2, ".claude", "settings.json");
+    if (fs22.existsSync(claudeSettingsPath)) {
       try {
-        const cs = JSON.parse(fs20.readFileSync(claudeSettingsPath, "utf-8"));
+        const cs = JSON.parse(fs22.readFileSync(claudeSettingsPath, "utf-8"));
         const hasHook = cs.hooks?.PreToolUse?.some(
           (m) => m.hooks.some((h) => h.command?.includes("node9") || h.command?.includes("cli.js"))
         );
@@ -9805,10 +10116,10 @@ function registerDoctorCommand(program2, version2) {
     } else {
       warn("Claude Code \u2014 not configured", "Run: node9 setup claude");
     }
-    const geminiSettingsPath = path22.join(homeDir2, ".gemini", "settings.json");
-    if (fs20.existsSync(geminiSettingsPath)) {
+    const geminiSettingsPath = path24.join(homeDir2, ".gemini", "settings.json");
+    if (fs22.existsSync(geminiSettingsPath)) {
       try {
-        const gs = JSON.parse(fs20.readFileSync(geminiSettingsPath, "utf-8"));
+        const gs = JSON.parse(fs22.readFileSync(geminiSettingsPath, "utf-8"));
         const hasHook = gs.hooks?.BeforeTool?.some(
           (m) => m.hooks.some((h) => h.command?.includes("node9") || h.command?.includes("cli.js"))
         );
@@ -9824,10 +10135,10 @@ function registerDoctorCommand(program2, version2) {
     } else {
       warn("Gemini CLI  \u2014 not configured", "Run: node9 setup gemini  (skip if not using Gemini)");
     }
-    const cursorHooksPath = path22.join(homeDir2, ".cursor", "hooks.json");
-    if (fs20.existsSync(cursorHooksPath)) {
+    const cursorHooksPath = path24.join(homeDir2, ".cursor", "hooks.json");
+    if (fs22.existsSync(cursorHooksPath)) {
       try {
-        const cur = JSON.parse(fs20.readFileSync(cursorHooksPath, "utf-8"));
+        const cur = JSON.parse(fs22.readFileSync(cursorHooksPath, "utf-8"));
         const hasHook = cur.hooks?.preToolUse?.some(
           (h) => h.command?.includes("node9") || h.command?.includes("cli.js")
         );
@@ -9865,9 +10176,9 @@ function registerDoctorCommand(program2, version2) {
 
 // src/cli/commands/audit.ts
 import chalk8 from "chalk";
-import fs21 from "fs";
-import path23 from "path";
-import os17 from "os";
+import fs23 from "fs";
+import path25 from "path";
+import os19 from "os";
 function formatRelativeTime(timestamp) {
   const diff = Date.now() - new Date(timestamp).getTime();
   const sec = Math.floor(diff / 1e3);
@@ -9880,14 +10191,14 @@ function formatRelativeTime(timestamp) {
 }
 function registerAuditCommand(program2) {
   program2.command("audit").description("View local execution audit log").option("--tail <n>", "Number of entries to show", "20").option("--tool <pattern>", "Filter by tool name (substring match)").option("--deny", "Show only denied actions").option("--json", "Output raw JSON").action((options) => {
-    const logPath = path23.join(os17.homedir(), ".node9", "audit.log");
-    if (!fs21.existsSync(logPath)) {
+    const logPath = path25.join(os19.homedir(), ".node9", "audit.log");
+    if (!fs23.existsSync(logPath)) {
       console.log(
         chalk8.yellow("No audit logs found. Run node9 with an agent to generate entries.")
       );
       return;
     }
-    const raw = fs21.readFileSync(logPath, "utf-8");
+    const raw = fs23.readFileSync(logPath, "utf-8");
     const lines = raw.split("\n").filter((l) => l.trim() !== "");
     let entries = lines.flatMap((line) => {
       try {
@@ -9939,10 +10250,445 @@ function registerAuditCommand(program2) {
   });
 }
 
+// src/cli/commands/report.ts
+import chalk9 from "chalk";
+import fs24 from "fs";
+import path26 from "path";
+import os20 from "os";
+var TEST_COMMAND_RE3 = /(?:^|\s)(npm\s+(?:run\s+)?test|npx\s+(?:vitest|jest|mocha)|yarn\s+(?:run\s+)?test|pnpm\s+(?:run\s+)?test|vitest|jest|mocha|pytest|py\.test|cargo\s+test|go\s+test|bundle\s+exec\s+rspec|rspec|phpunit|dotnet\s+test)\b/i;
+function buildTestTimestamps(allEntries) {
+  const testTs = /* @__PURE__ */ new Set();
+  for (const e of allEntries) {
+    if (e.source !== "post-hook") continue;
+    if (e.tool !== "Bash" && e.tool !== "bash") continue;
+    const cmd = e.args?.command;
+    if (typeof cmd === "string" && TEST_COMMAND_RE3.test(cmd)) {
+      testTs.add(new Date(e.ts).getTime());
+    }
+  }
+  return testTs;
+}
+function isTestEntry(entry, testTs) {
+  if (entry.tool !== "Bash" && entry.tool !== "bash") return false;
+  if (entry.testRun === true) return true;
+  const cmd = entry.args?.command;
+  if (typeof cmd === "string") return TEST_COMMAND_RE3.test(cmd);
+  const t = new Date(entry.ts).getTime();
+  for (const ts of testTs) {
+    if (Math.abs(ts - t) <= 3e3) return true;
+  }
+  return false;
+}
+function getDateRange(period) {
+  const now = /* @__PURE__ */ new Date();
+  const todayStart = new Date(now.getFullYear(), now.getMonth(), now.getDate());
+  const end = new Date(now.getFullYear(), now.getMonth(), now.getDate(), 23, 59, 59, 999);
+  switch (period) {
+    case "today":
+      return { start: todayStart, end };
+    case "7d": {
+      const s = new Date(todayStart);
+      s.setDate(s.getDate() - 6);
+      return { start: s, end };
+    }
+    case "30d": {
+      const s = new Date(todayStart);
+      s.setDate(s.getDate() - 29);
+      return { start: s, end };
+    }
+    case "month":
+      return { start: new Date(now.getFullYear(), now.getMonth(), 1), end };
+  }
+}
+function parseAuditLog(logPath) {
+  if (!fs24.existsSync(logPath)) return [];
+  const raw = fs24.readFileSync(logPath, "utf-8");
+  return raw.split("\n").flatMap((line) => {
+    if (!line.trim()) return [];
+    try {
+      return [JSON.parse(line)];
+    } catch {
+      return [];
+    }
+  });
+}
+function isAllow(decision) {
+  return decision.startsWith("allow");
+}
+function isDlp(checkedBy) {
+  return !!checkedBy?.includes("dlp");
+}
+function barStr(value, max, width) {
+  if (max === 0 || width <= 0) return "\u2591".repeat(width);
+  const filled = Math.max(1, Math.round(value / max * width));
+  return "\u2588".repeat(filled) + "\u2591".repeat(width - filled);
+}
+function colorBar(value, max, width) {
+  const s = barStr(value, max, width);
+  const filled = Math.max(1, Math.round(max > 0 ? value / max * width : 0));
+  return chalk9.cyan(s.slice(0, filled)) + chalk9.dim(s.slice(filled));
+}
+function pct(num2, total) {
+  if (total === 0) return "\u2013";
+  return Math.round(num2 / total * 100) + "%";
+}
+function fmtDate(d) {
+  const date = typeof d === "string" ? /* @__PURE__ */ new Date(d + "T12:00:00") : d;
+  return date.toLocaleDateString("en-US", { month: "short", day: "numeric" });
+}
+function num(n) {
+  return n.toLocaleString();
+}
+function fmtCost(usd) {
+  if (usd < 1e-3) return "< $0.001";
+  if (usd < 1) return "$" + usd.toFixed(4);
+  return "$" + usd.toFixed(2);
+}
+var CLAUDE_PRICING = {
+  "claude-opus-4-6": { i: 5e-6, o: 25e-6, cw: 625e-8, cr: 5e-7 },
+  "claude-opus-4-5": { i: 5e-6, o: 25e-6, cw: 625e-8, cr: 5e-7 },
+  "claude-opus-4": { i: 15e-6, o: 75e-6, cw: 1875e-8, cr: 15e-7 },
+  "claude-sonnet-4-6": { i: 3e-6, o: 15e-6, cw: 375e-8, cr: 3e-7 },
+  "claude-sonnet-4-5": { i: 3e-6, o: 15e-6, cw: 375e-8, cr: 3e-7 },
+  "claude-sonnet-4": { i: 3e-6, o: 15e-6, cw: 375e-8, cr: 3e-7 },
+  "claude-3-7-sonnet": { i: 3e-6, o: 15e-6, cw: 375e-8, cr: 3e-7 },
+  "claude-3-5-sonnet": { i: 3e-6, o: 15e-6, cw: 375e-8, cr: 3e-7 },
+  "claude-haiku-4-5": { i: 1e-6, o: 5e-6, cw: 125e-8, cr: 1e-7 },
+  "claude-3-5-haiku": { i: 8e-7, o: 4e-6, cw: 1e-6, cr: 8e-8 }
+};
+function claudeModelPrice(model) {
+  const base = model.replace(/@.*$/, "").replace(/-\d{8}$/, "");
+  for (const [key, p] of Object.entries(CLAUDE_PRICING)) {
+    if (base === key || base.startsWith(key + "-") || base.startsWith(key)) return p;
+  }
+  return null;
+}
+function loadClaudeCost(start, end) {
+  const empty = {
+    total: 0,
+    byDay: /* @__PURE__ */ new Map(),
+    byModel: /* @__PURE__ */ new Map(),
+    inputTokens: 0,
+    cacheReadTokens: 0
+  };
+  const projectsDir = path26.join(os20.homedir(), ".claude", "projects");
+  if (!fs24.existsSync(projectsDir)) return empty;
+  let dirs;
+  try {
+    dirs = fs24.readdirSync(projectsDir);
+  } catch {
+    return empty;
+  }
+  let total = 0;
+  let inputTokens = 0;
+  let cacheReadTokens = 0;
+  const byDay = /* @__PURE__ */ new Map();
+  const byModel = /* @__PURE__ */ new Map();
+  for (const proj of dirs) {
+    const projPath = path26.join(projectsDir, proj);
+    let files;
+    try {
+      const stat = fs24.statSync(projPath);
+      if (!stat.isDirectory()) continue;
+      files = fs24.readdirSync(projPath).filter((f) => f.endsWith(".jsonl") && !f.startsWith("agent-"));
+    } catch {
+      continue;
+    }
+    for (const file of files) {
+      try {
+        const raw = fs24.readFileSync(path26.join(projPath, file), "utf-8");
+        for (const line of raw.split("\n")) {
+          if (!line.trim()) continue;
+          let entry;
+          try {
+            entry = JSON.parse(line);
+          } catch {
+            continue;
+          }
+          if (entry.type !== "assistant") continue;
+          if (!entry.timestamp) continue;
+          const ts = new Date(entry.timestamp);
+          if (ts < start || ts > end) continue;
+          const usage = entry.message?.usage;
+          const model = entry.message?.model;
+          if (!usage || !model) continue;
+          const p = claudeModelPrice(model);
+          if (!p) continue;
+          const inp = usage.input_tokens ?? 0;
+          const out = usage.output_tokens ?? 0;
+          const cw = usage.cache_creation_input_tokens ?? 0;
+          const cr = usage.cache_read_input_tokens ?? 0;
+          const cost = inp * p.i + out * p.o + cw * p.cw + cr * p.cr;
+          total += cost;
+          inputTokens += inp;
+          cacheReadTokens += cr;
+          const dateKey = entry.timestamp.slice(0, 10);
+          byDay.set(dateKey, (byDay.get(dateKey) ?? 0) + cost);
+          const normModel = model.replace(/@.*$/, "").replace(/-\d{8}$/, "");
+          byModel.set(normModel, (byModel.get(normModel) ?? 0) + cost);
+        }
+      } catch {
+        continue;
+      }
+    }
+  }
+  return { total, byDay, byModel, inputTokens, cacheReadTokens };
+}
+function registerReportCommand(program2) {
+  program2.command("report").description("Activity and security report \u2014 what Claude did, what was blocked").option("--period <period>", "today | 7d | 30d | month", "7d").option("--no-tests", "exclude test runner calls (npm test, vitest, pytest\u2026) from stats").action((options) => {
+    const period = ["today", "7d", "30d", "month"].includes(
+      options.period
+    ) ? options.period : "7d";
+    const logPath = path26.join(os20.homedir(), ".node9", "audit.log");
+    const allEntries = parseAuditLog(logPath);
+    if (allEntries.length === 0) {
+      console.log(
+        chalk9.yellow("\n  No audit data found. Run node9 with Claude Code to generate entries.\n")
+      );
+      return;
+    }
+    const { start, end } = getDateRange(period);
+    const {
+      total: costUSD,
+      byDay: costByDay,
+      byModel: costByModel,
+      inputTokens: costInputTokens,
+      cacheReadTokens: costCacheRead
+    } = loadClaudeCost(start, end);
+    const periodMs = end.getTime() - start.getTime();
+    const priorEnd = new Date(start.getTime() - 1);
+    const priorStart = new Date(start.getTime() - periodMs);
+    const priorEntries = allEntries.filter((e) => {
+      if (e.source === "post-hook") return false;
+      const ts = new Date(e.ts);
+      return ts >= priorStart && ts <= priorEnd;
+    });
+    const priorBlocked = priorEntries.filter((e) => !isAllow(e.decision)).length;
+    const priorBlockRate = priorEntries.length > 0 ? priorBlocked / priorEntries.length : null;
+    const excludeTests = options.tests === false;
+    const testTs = excludeTests ? buildTestTimestamps(allEntries) : /* @__PURE__ */ new Set();
+    let filteredTestCount = 0;
+    const entries = allEntries.filter((e) => {
+      if (e.source === "post-hook") return false;
+      const ts = new Date(e.ts);
+      if (ts < start || ts > end) return false;
+      if (excludeTests && isTestEntry(e, testTs)) {
+        filteredTestCount++;
+        return false;
+      }
+      return true;
+    });
+    if (entries.length === 0) {
+      console.log(chalk9.yellow(`
+  No activity for period "${period}".
+`));
+      return;
+    }
+    let allowed = 0;
+    let blocked = 0;
+    let dlpHits = 0;
+    let loopHits = 0;
+    let testPasses = 0;
+    let testFails = 0;
+    const toolMap = /* @__PURE__ */ new Map();
+    const blockMap = /* @__PURE__ */ new Map();
+    const agentMap = /* @__PURE__ */ new Map();
+    const mcpMap = /* @__PURE__ */ new Map();
+    const dailyMap = /* @__PURE__ */ new Map();
+    const hourMap = /* @__PURE__ */ new Map();
+    for (const e of entries) {
+      const allow = isAllow(e.decision);
+      const dateKey = e.ts.slice(0, 10);
+      if (allow) allowed++;
+      else blocked++;
+      if (isDlp(e.checkedBy)) dlpHits++;
+      if (e.checkedBy === "loop-detected") loopHits++;
+      const t = toolMap.get(e.tool) ?? { calls: 0, blocked: 0 };
+      t.calls++;
+      if (!allow) t.blocked++;
+      toolMap.set(e.tool, t);
+      if (!allow && e.checkedBy) {
+        blockMap.set(e.checkedBy, (blockMap.get(e.checkedBy) ?? 0) + 1);
+      }
+      if (e.agent) agentMap.set(e.agent, (agentMap.get(e.agent) ?? 0) + 1);
+      if (e.mcpServer) mcpMap.set(e.mcpServer, (mcpMap.get(e.mcpServer) ?? 0) + 1);
+      const hour = new Date(e.ts).getHours();
+      hourMap.set(hour, (hourMap.get(hour) ?? 0) + 1);
+      const d = dailyMap.get(dateKey) ?? { calls: 0, blocked: 0 };
+      d.calls++;
+      if (!allow) d.blocked++;
+      dailyMap.set(dateKey, d);
+    }
+    for (const e of allEntries) {
+      if (e.source !== "test-result") continue;
+      const ts = new Date(e.ts);
+      if (ts < start || ts > end) continue;
+      if (e.testResult === "pass") testPasses++;
+      else if (e.testResult === "fail") testFails++;
+    }
+    const total = entries.length;
+    const topTools = [...toolMap.entries()].sort((a, b) => b[1].calls - a[1].calls).slice(0, 8);
+    const topBlocks = [...blockMap.entries()].sort((a, b) => b[1] - a[1]).slice(0, 6);
+    const dailyList = [...dailyMap.entries()].sort((a, b) => a[0].localeCompare(b[0])).slice(-14);
+    const maxTool = Math.max(...topTools.map(([, v]) => v.calls), 1);
+    const maxBlock = Math.max(...topBlocks.map(([, v]) => v), 1);
+    const maxDaily = Math.max(...dailyList.map(([, v]) => v.calls), 1);
+    const W = Math.min(process.stdout.columns || 80, 100);
+    const INNER = W - 4;
+    const COL = Math.floor(INNER / 2) - 1;
+    const LABEL = 24;
+    const BAR = Math.max(6, Math.min(14, COL - LABEL - 8));
+    const TOOL_COUNT_W = Math.max(...topTools.map(([, v]) => num(v.calls).length), 1);
+    const BLOCK_COUNT_W = Math.max(...topBlocks.map(([, v]) => num(v).length), 1);
+    const line = chalk9.dim("\u2500".repeat(W - 2));
+    const periodLabel = {
+      today: "Today",
+      "7d": "Last 7 Days",
+      "30d": "Last 30 Days",
+      month: "This Month"
+    };
+    console.log("");
+    console.log(
+      "  " + chalk9.bold.cyan("\u{1F6E1} node9 Report") + chalk9.dim("  \xB7  ") + chalk9.white(periodLabel[period]) + chalk9.dim(`  ${fmtDate(start)} \u2013 ${fmtDate(end)}`) + chalk9.dim(`  ${num(total)} events`) + (excludeTests ? chalk9.dim(`  \u2013tests (\u2013${filteredTestCount})`) : "")
+    );
+    console.log("  " + line);
+    console.log("");
+    const blockLabel = blocked > 0 ? chalk9.red(`\u{1F6D1} ${num(blocked)} blocked`) : chalk9.dim("\u{1F6D1} 0 blocked");
+    const dlpLabel = dlpHits > 0 ? chalk9.yellow(`\u{1F6A8} ${dlpHits} DLP hits`) : chalk9.dim("\u{1F6A8} 0 DLP hits");
+    const loopLabel = loopHits > 0 ? chalk9.yellow(`\u{1F504} ${loopHits} loops`) : chalk9.dim("\u{1F504} 0 loops");
+    const currentRate = total > 0 ? blocked / total : 0;
+    const trendLabel = (() => {
+      if (priorBlockRate === null) return chalk9.dim(`${pct(blocked, total)} block rate`);
+      const delta = Math.round((currentRate - priorBlockRate) * 100);
+      const arrow = delta > 0 ? chalk9.red(`\u25B2${delta}%`) : delta < 0 ? chalk9.green(`\u25BC${Math.abs(delta)}%`) : chalk9.dim("\u2013");
+      return chalk9.dim(`${pct(blocked, total)} block rate `) + arrow + chalk9.dim(" vs prior");
+    })();
+    const reads = toolMap.get("Read")?.calls ?? 0;
+    const edits = (toolMap.get("Edit")?.calls ?? 0) + (toolMap.get("Write")?.calls ?? 0);
+    const ratioLabel = reads > 0 ? chalk9.dim(`edit/read ${(edits / reads).toFixed(1)}`) : chalk9.dim("edit/read \u2013");
+    const testLabel = testPasses + testFails > 0 ? chalk9.dim("tests ") + chalk9.green(`${testPasses}\u2713`) + (testFails > 0 ? " " + chalk9.red(`${testFails}\u2717`) : "") : chalk9.dim("tests \u2013");
+    console.log(
+      "  " + chalk9.green(`\u2705 ${num(allowed)} allowed`) + "   " + blockLabel + "   " + dlpLabel + "   " + loopLabel + "   " + trendLabel
+    );
+    console.log("  " + ratioLabel + "   " + testLabel);
+    console.log("");
+    const toolHeaderRaw = "Top Tools";
+    const blockHeaderRaw = "Top Blocks";
+    console.log(
+      "  " + chalk9.bold(toolHeaderRaw) + " ".repeat(COL - toolHeaderRaw.length) + "  " + chalk9.bold(blockHeaderRaw)
+    );
+    console.log("  " + chalk9.dim("\u2500".repeat(COL)) + "  " + chalk9.dim("\u2500".repeat(COL)));
+    const rows = Math.max(topTools.length, topBlocks.length, 1);
+    for (let i = 0; i < rows; i++) {
+      let leftStyled = " ".repeat(COL);
+      if (i < topTools.length) {
+        const [tool, { calls }] = topTools[i];
+        const label = tool.length > LABEL - 1 ? tool.slice(0, LABEL - 2) + "\u2026" : tool;
+        const countStr = num(calls).padStart(TOOL_COUNT_W);
+        const b = colorBar(calls, maxTool, BAR);
+        const rawLen = LABEL + BAR + 1 + TOOL_COUNT_W;
+        const pad = Math.max(0, COL - rawLen);
+        leftStyled = chalk9.white(label.padEnd(LABEL)) + b + " " + chalk9.white(countStr) + " ".repeat(pad);
+      }
+      let rightStyled = "";
+      if (i < topBlocks.length) {
+        const [reason, count] = topBlocks[i];
+        const label = reason.length > LABEL - 1 ? reason.slice(0, LABEL - 2) + "\u2026" : reason;
+        const countStr = num(count).padStart(BLOCK_COUNT_W);
+        const b = colorBar(count, maxBlock, BAR);
+        rightStyled = chalk9.white(label.padEnd(LABEL)) + b + " " + chalk9.red(countStr);
+      }
+      console.log("  " + leftStyled + "  " + rightStyled);
+    }
+    if (topBlocks.length === 0) {
+      console.log("  " + " ".repeat(COL) + "  " + chalk9.dim("nothing blocked \u2713"));
+    }
+    if (agentMap.size > 1) {
+      console.log("");
+      console.log("  " + chalk9.bold("Agents"));
+      console.log("  " + chalk9.dim("\u2500".repeat(Math.min(50, W - 4))));
+      const maxAgent = Math.max(...agentMap.values(), 1);
+      for (const [agent, count] of [...agentMap.entries()].sort((a, b) => b[1] - a[1])) {
+        const label = agent.slice(0, LABEL - 1);
+        const b = colorBar(count, maxAgent, BAR);
+        console.log("  " + chalk9.white(label.padEnd(LABEL)) + b + " " + chalk9.white(num(count)));
+      }
+    }
+    if (mcpMap.size > 0) {
+      console.log("");
+      console.log("  " + chalk9.bold("MCP Servers"));
+      console.log("  " + chalk9.dim("\u2500".repeat(Math.min(50, W - 4))));
+      const maxMcp = Math.max(...mcpMap.values(), 1);
+      for (const [server, count] of [...mcpMap.entries()].sort((a, b) => b[1] - a[1])) {
+        const label = server.slice(0, LABEL - 1).padEnd(LABEL);
+        const b = colorBar(count, maxMcp, BAR);
+        console.log("  " + chalk9.white(label) + b + " " + chalk9.white(num(count)));
+      }
+    }
+    if (hourMap.size > 0) {
+      const BLOCKS = " \u2581\u2582\u2583\u2584\u2585\u2586\u2587\u2588";
+      const maxHour = Math.max(...hourMap.values(), 1);
+      const bar = Array.from({ length: 24 }, (_, h) => {
+        const v = hourMap.get(h) ?? 0;
+        return BLOCKS[Math.round(v / maxHour * 8)];
+      }).join("");
+      console.log("");
+      console.log("  " + chalk9.bold("Hour of Day") + chalk9.dim("  (local, 0h \u2013 23h)"));
+      console.log("  " + chalk9.cyan(bar));
+      console.log("  " + chalk9.dim("0h" + " ".repeat(10) + "12h" + " ".repeat(7) + "23h"));
+    }
+    if (dailyList.length > 1) {
+      console.log("");
+      console.log("  " + chalk9.bold("Daily Activity"));
+      console.log("  " + chalk9.dim("\u2500".repeat(W - 2)));
+      const DAY_BAR = Math.max(8, Math.min(30, W - 36));
+      for (const [dateKey, { calls, blocked: db }] of dailyList) {
+        const label = fmtDate(dateKey).padEnd(10);
+        const b = colorBar(calls, maxDaily, DAY_BAR);
+        const dayCost = costByDay.get(dateKey);
+        const costNote = dayCost ? chalk9.magenta(`  ${fmtCost(dayCost)}`) : "";
+        const blockNote = db > 0 ? chalk9.red(`  ${db} blocked`) : "";
+        console.log(
+          "  " + chalk9.dim(label) + "  " + b + "  " + chalk9.white(num(calls)) + blockNote + costNote
+        );
+      }
+    }
+    if (costUSD > 0) {
+      const periodDays = Math.max(1, Math.ceil((end.getTime() - start.getTime()) / 864e5));
+      const avgPerDay = costUSD / periodDays;
+      const cacheHitPct = costInputTokens + costCacheRead > 0 ? Math.round(costCacheRead / (costInputTokens + costCacheRead) * 100) : 0;
+      const costHeaderRight = [
+        chalk9.yellow(fmtCost(costUSD)),
+        chalk9.dim(`avg ${fmtCost(avgPerDay)}/day`),
+        cacheHitPct > 0 ? chalk9.dim(`${cacheHitPct}% cache hit`) : null
+      ].filter(Boolean).join(chalk9.dim("  \xB7  "));
+      console.log("");
+      console.log("  " + chalk9.bold("Cost") + "  " + costHeaderRight);
+      console.log("  " + chalk9.dim("\u2500".repeat(Math.min(50, W - 4))));
+      const modelList = [...costByModel.entries()].sort((a, b) => b[1] - a[1]);
+      const maxModelCost = Math.max(...modelList.map(([, v]) => v), 1e-9);
+      const MODEL_LABEL = 22;
+      const MODEL_BAR = Math.max(6, Math.min(20, W - MODEL_LABEL - 12));
+      for (const [model, cost] of modelList) {
+        const label = model.length > MODEL_LABEL - 1 ? model.slice(0, MODEL_LABEL - 2) + "\u2026" : model;
+        const b = colorBar(cost, maxModelCost, MODEL_BAR);
+        console.log(
+          "  " + chalk9.white(label.padEnd(MODEL_LABEL)) + b + "  " + chalk9.yellow(fmtCost(cost))
+        );
+      }
+    }
+    console.log("");
+    console.log(
+      "  " + chalk9.dim("node9 audit --deny") + chalk9.dim("  \xB7  ") + chalk9.dim("node9 report --period today|7d|30d|month  --no-tests")
+    );
+    console.log("");
+  });
+}
+
 // src/cli/commands/daemon-cmd.ts
 init_daemon2();
 init_daemon();
-import chalk9 from "chalk";
+import chalk10 from "chalk";
 import { spawn as spawn7 } from "child_process";
 function registerDaemonCommand(program2) {
   program2.command("daemon").description("Run the local approval server").argument("[action]", "start | stop | status (default: start)").option("-b, --background", "Start the daemon in the background (detached)").option("-o, --openui", "Start in background and open browser").option(
@@ -9955,7 +10701,7 @@ function registerDaemonCommand(program2) {
       if (cmd === "status") return daemonStatus();
       if (cmd !== "start" && action !== void 0) {
         console.error(
-          chalk9.red(`Unknown daemon action: "${action}". Use: start | stop | status`)
+          chalk10.red(`Unknown daemon action: "${action}". Use: start | stop | status`)
         );
         process.exit(1);
       }
@@ -9963,7 +10709,7 @@ function registerDaemonCommand(program2) {
         process.env.NODE9_WATCH_MODE = "1";
         setTimeout(() => {
           openBrowserLocal();
-          console.log(chalk9.cyan(`\u{1F6F0}\uFE0F  Flight Recorder: http://${DAEMON_HOST}:${DAEMON_PORT}/`));
+          console.log(chalk10.cyan(`\u{1F6F0}\uFE0F  Flight Recorder: http://${DAEMON_HOST}:${DAEMON_PORT}/`));
         }, 600);
         startDaemon();
         return;
@@ -9971,7 +10717,7 @@ function registerDaemonCommand(program2) {
       if (options.openui) {
         if (isDaemonRunning()) {
           openBrowserLocal();
-          console.log(chalk9.green(`\u{1F310}  Opened browser: http://${DAEMON_HOST}:${DAEMON_PORT}/`));
+          console.log(chalk10.green(`\u{1F310}  Opened browser: http://${DAEMON_HOST}:${DAEMON_PORT}/`));
           process.exit(0);
         }
         const child = spawn7(process.execPath, [process.argv[1], "daemon"], {
@@ -9984,7 +10730,7 @@ function registerDaemonCommand(program2) {
           if (isDaemonRunning()) break;
         }
         openBrowserLocal();
-        console.log(chalk9.green(`
+        console.log(chalk10.green(`
 \u{1F6E1}\uFE0F  Node9 daemon started + browser opened`));
         process.exit(0);
       }
@@ -9994,7 +10740,7 @@ function registerDaemonCommand(program2) {
           stdio: "ignore"
         });
         child.unref();
-        console.log(chalk9.green(`
+        console.log(chalk10.green(`
 \u{1F6E1}\uFE0F  Node9 daemon started in background  (PID ${child.pid})`));
         process.exit(0);
       }
@@ -10006,13 +10752,13 @@ function registerDaemonCommand(program2) {
 // src/cli/commands/status.ts
 init_core();
 init_daemon();
-import chalk10 from "chalk";
-import fs22 from "fs";
-import path24 from "path";
-import os18 from "os";
+import chalk11 from "chalk";
+import fs25 from "fs";
+import path27 from "path";
+import os21 from "os";
 function readJson2(filePath) {
   try {
-    if (fs22.existsSync(filePath)) return JSON.parse(fs22.readFileSync(filePath, "utf-8"));
+    if (fs25.existsSync(filePath)) return JSON.parse(fs25.readFileSync(filePath, "utf-8"));
   } catch {
   }
   return null;
@@ -10026,21 +10772,21 @@ function wrappedMcpServers(servers) {
   return Object.entries(servers).filter(([, s]) => s.command === "node9" && Array.isArray(s.args) && s.args.length > 0).map(([name, s]) => `${name} \u2192 ${s.args.join(" ")}`);
 }
 function printAgentSection(label, hookPairs, wrapped) {
-  console.log(chalk10.bold(`  ${label}`));
+  console.log(chalk11.bold(`  ${label}`));
   for (const { name, present } of hookPairs) {
     if (present) {
-      console.log(chalk10.green(`    \u2713 ${name}`));
+      console.log(chalk11.green(`    \u2713 ${name}`));
     } else {
-      console.log(chalk10.red(`    \u2717 ${name}`) + chalk10.gray(" (not wired)"));
+      console.log(chalk11.red(`    \u2717 ${name}`) + chalk11.gray(" (not wired)"));
     }
   }
   if (wrapped.length > 0) {
-    console.log(chalk10.cyan(`    MCP proxied:`));
+    console.log(chalk11.cyan(`    MCP proxied:`));
     for (const entry of wrapped) {
-      console.log(chalk10.gray(`      \u2022 ${entry}`));
+      console.log(chalk11.gray(`      \u2022 ${entry}`));
     }
   } else {
-    console.log(chalk10.gray(`    MCP proxied: none`));
+    console.log(chalk11.gray(`    MCP proxied: none`));
   }
 }
 function registerStatusCommand(program2) {
@@ -10051,58 +10797,58 @@ function registerStatusCommand(program2) {
     const settings = mergedConfig.settings;
     console.log("");
     if (creds && settings.approvers.cloud) {
-      console.log(chalk10.green("  \u25CF Agent mode") + chalk10.gray(" \u2014 cloud team policy enforced"));
+      console.log(chalk11.green("  \u25CF Agent mode") + chalk11.gray(" \u2014 cloud team policy enforced"));
     } else if (creds && !settings.approvers.cloud) {
       console.log(
-        chalk10.blue("  \u25CF Privacy mode \u{1F6E1}\uFE0F") + chalk10.gray(" \u2014 all decisions stay on this machine")
+        chalk11.blue("  \u25CF Privacy mode \u{1F6E1}\uFE0F") + chalk11.gray(" \u2014 all decisions stay on this machine")
       );
     } else {
       console.log(
-        chalk10.yellow("  \u25CB Privacy mode \u{1F6E1}\uFE0F") + chalk10.gray(" \u2014 no API key (Local rules only)")
+        chalk11.yellow("  \u25CB Privacy mode \u{1F6E1}\uFE0F") + chalk11.gray(" \u2014 no API key (Local rules only)")
       );
     }
     console.log("");
     if (daemonRunning) {
       console.log(
-        chalk10.green("  \u25CF Daemon running") + chalk10.gray(` \u2192 http://127.0.0.1:${DAEMON_PORT}/`)
+        chalk11.green("  \u25CF Daemon running") + chalk11.gray(` \u2192 http://127.0.0.1:${DAEMON_PORT}/`)
       );
     } else {
-      console.log(chalk10.gray("  \u25CB Daemon stopped"));
+      console.log(chalk11.gray("  \u25CB Daemon stopped"));
     }
     if (settings.enableUndo) {
       console.log(
-        chalk10.magenta("  \u25CF Undo Engine") + chalk10.gray(`    \u2192 Auto-snapshotting Git repos on AI change`)
+        chalk11.magenta("  \u25CF Undo Engine") + chalk11.gray(`    \u2192 Auto-snapshotting Git repos on AI change`)
       );
     }
     console.log("");
-    const modeLabel = settings.mode === "audit" ? chalk10.blue("audit") : settings.mode === "strict" ? chalk10.red("strict") : chalk10.white("standard");
+    const modeLabel = settings.mode === "audit" ? chalk11.blue("audit") : settings.mode === "strict" ? chalk11.red("strict") : chalk11.white("standard");
     console.log(`  Mode:    ${modeLabel}`);
-    const projectConfig = path24.join(process.cwd(), "node9.config.json");
-    const globalConfig = path24.join(os18.homedir(), ".node9", "config.json");
+    const projectConfig = path27.join(process.cwd(), "node9.config.json");
+    const globalConfig = path27.join(os21.homedir(), ".node9", "config.json");
     console.log(
-      `  Local:   ${fs22.existsSync(projectConfig) ? chalk10.green("Active (node9.config.json)") : chalk10.gray("Not present")}`
+      `  Local:   ${fs25.existsSync(projectConfig) ? chalk11.green("Active (node9.config.json)") : chalk11.gray("Not present")}`
     );
     console.log(
-      `  Global:  ${fs22.existsSync(globalConfig) ? chalk10.green("Active (~/.node9/config.json)") : chalk10.gray("Not present")}`
+      `  Global:  ${fs25.existsSync(globalConfig) ? chalk11.green("Active (~/.node9/config.json)") : chalk11.gray("Not present")}`
     );
     if (mergedConfig.policy.sandboxPaths.length > 0) {
       console.log(
-        `  Sandbox: ${chalk10.green(`${mergedConfig.policy.sandboxPaths.length} safe zones active`)}`
+        `  Sandbox: ${chalk11.green(`${mergedConfig.policy.sandboxPaths.length} safe zones active`)}`
       );
     }
-    const homeDir2 = os18.homedir();
+    const homeDir2 = os21.homedir();
     const claudeSettings = readJson2(
-      path24.join(homeDir2, ".claude", "settings.json")
+      path27.join(homeDir2, ".claude", "settings.json")
     );
-    const claudeConfig = readJson2(path24.join(homeDir2, ".claude.json"));
+    const claudeConfig = readJson2(path27.join(homeDir2, ".claude.json"));
     const geminiSettings = readJson2(
-      path24.join(homeDir2, ".gemini", "settings.json")
+      path27.join(homeDir2, ".gemini", "settings.json")
     );
-    const cursorConfig = readJson2(path24.join(homeDir2, ".cursor", "mcp.json"));
+    const cursorConfig = readJson2(path27.join(homeDir2, ".cursor", "mcp.json"));
     const agentFound = claudeSettings || claudeConfig || geminiSettings || cursorConfig;
     if (agentFound) {
       console.log("");
-      console.log(chalk10.bold("  Agent Wiring:"));
+      console.log(chalk11.bold("  Agent Wiring:"));
       console.log("");
       if (claudeSettings || claudeConfig) {
         const preHook = claudeSettings?.hooks?.PreToolUse?.some(
@@ -10148,7 +10894,7 @@ function registerStatusCommand(program2) {
       const expiresAt = pauseState.expiresAt ? new Date(pauseState.expiresAt).toLocaleTimeString() : "indefinitely";
       console.log("");
       console.log(
-        chalk10.yellow(`  \u23F8  PAUSED until ${expiresAt}`) + chalk10.gray(" \u2014 all tool calls allowed")
+        chalk11.yellow(`  \u23F8  PAUSED until ${expiresAt}`) + chalk11.gray(" \u2014 all tool calls allowed")
       );
     }
     console.log("");
@@ -10157,10 +10903,10 @@ function registerStatusCommand(program2) {
 
 // src/cli/commands/init.ts
 init_core();
-import chalk11 from "chalk";
-import fs23 from "fs";
-import path25 from "path";
-import os19 from "os";
+import chalk12 from "chalk";
+import fs26 from "fs";
+import path28 from "path";
+import os22 from "os";
 import https2 from "https";
 init_shields();
 var DEFAULT_SHIELDS = ["bash-safe", "filesystem", "postgres"];
@@ -10195,7 +10941,7 @@ function fireTelemetryPing(agents) {
 }
 function registerInitCommand(program2) {
   program2.command("init").description("Set up Node9: create config and wire all detected AI agents").option("--force", "Overwrite existing config").option("-m, --mode <mode>", "Set initial security mode (standard, strict, audit)", "standard").option("--skip-setup", "Only create config \u2014 do not wire AI agents").action(async (options) => {
-    console.log(chalk11.cyan.bold("\n\u{1F6E1}\uFE0F  Node9 Init\n"));
+    console.log(chalk12.cyan.bold("\n\u{1F6E1}\uFE0F  Node9 Init\n"));
     let chosenMode = options.mode.toLowerCase();
     if (!["standard", "strict", "audit"].includes(chosenMode)) {
       chosenMode = DEFAULT_CONFIG.settings.mode;
@@ -10214,37 +10960,37 @@ function registerInitCommand(program2) {
           const hasNewShields = DEFAULT_SHIELDS.some((s) => !current.includes(s));
           if (hasNewShields) writeActiveShields(merged);
         } catch (err2) {
-          console.log(chalk11.yellow(`  \u26A0\uFE0F  Could not update shields: ${String(err2)}`));
+          console.log(chalk12.yellow(`  \u26A0\uFE0F  Could not update shields: ${String(err2)}`));
         }
       }
       console.log("");
     }
-    const configPath = path25.join(os19.homedir(), ".node9", "config.json");
-    if (fs23.existsSync(configPath) && !options.force) {
+    const configPath = path28.join(os22.homedir(), ".node9", "config.json");
+    if (fs26.existsSync(configPath) && !options.force) {
       try {
-        const existing = JSON.parse(fs23.readFileSync(configPath, "utf-8"));
+        const existing = JSON.parse(fs26.readFileSync(configPath, "utf-8"));
         const settings = existing.settings ?? {};
         if (settings.mode !== chosenMode) {
           settings.mode = chosenMode;
           existing.settings = settings;
-          fs23.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n");
-          console.log(chalk11.green(`\u2705 Mode updated: ${chosenMode}`));
+          fs26.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n");
+          console.log(chalk12.green(`\u2705 Mode updated: ${chosenMode}`));
         } else {
-          console.log(chalk11.blue(`\u2139\uFE0F  Config already exists: ${configPath}`));
+          console.log(chalk12.blue(`\u2139\uFE0F  Config already exists: ${configPath}`));
         }
       } catch {
-        console.log(chalk11.blue(`\u2139\uFE0F  Config already exists: ${configPath}`));
+        console.log(chalk12.blue(`\u2139\uFE0F  Config already exists: ${configPath}`));
       }
     } else {
       const configToSave = {
         ...DEFAULT_CONFIG,
         settings: { ...DEFAULT_CONFIG.settings, mode: chosenMode }
       };
-      const dir = path25.dirname(configPath);
-      if (!fs23.existsSync(dir)) fs23.mkdirSync(dir, { recursive: true });
-      fs23.writeFileSync(configPath, JSON.stringify(configToSave, null, 2) + "\n");
-      console.log(chalk11.green(`\u2705 Config created: ${configPath}`));
-      console.log(chalk11.gray(`   Mode: ${chosenMode}`));
+      const dir = path28.dirname(configPath);
+      if (!fs26.existsSync(dir)) fs26.mkdirSync(dir, { recursive: true });
+      fs26.writeFileSync(configPath, JSON.stringify(configToSave, null, 2) + "\n");
+      console.log(chalk12.green(`\u2705 Config created: ${configPath}`));
+      console.log(chalk12.gray(`   Mode: ${chosenMode}`));
     }
     if (options.skipSetup) return;
     console.log("");
@@ -10254,18 +11000,18 @@ function registerInitCommand(program2) {
     );
     if (found.length === 0) {
       console.log(
-        chalk11.gray("No AI agents detected. Install Claude Code, Gemini CLI, Cursor, or Codex")
+        chalk12.gray("No AI agents detected. Install Claude Code, Gemini CLI, Cursor, or Codex")
       );
-      console.log(chalk11.gray("then run: node9 addto <claude|gemini|cursor|codex>"));
+      console.log(chalk12.gray("then run: node9 addto <claude|gemini|cursor|codex>"));
       return;
     }
-    console.log(chalk11.bold("Detected agents:"));
+    console.log(chalk12.bold("Detected agents:"));
     for (const agent of found) {
-      console.log(chalk11.green(`  \u2713 ${agent}`));
+      console.log(chalk12.green(`  \u2713 ${agent}`));
     }
     console.log("");
     for (const agent of found) {
-      console.log(chalk11.bold(`Wiring ${agent}...`));
+      console.log(chalk12.bold(`Wiring ${agent}...`));
       if (agent === "claude") await setupClaude();
       else if (agent === "gemini") await setupGemini();
       else if (agent === "cursor") await setupCursor();
@@ -10282,26 +11028,26 @@ function registerInitCommand(program2) {
       console.log("");
     }
     const agentList = found.join(", ");
-    console.log(chalk11.green.bold(`\u{1F6E1}\uFE0F  Node9 is protecting ${agentList}!`));
+    console.log(chalk12.green.bold(`\u{1F6E1}\uFE0F  Node9 is protecting ${agentList}!`));
     console.log("");
-    console.log(chalk11.white("  Watch live:  ") + chalk11.cyan("node9 tail"));
-    console.log(chalk11.white("  Local UI:    ") + chalk11.cyan("node9 daemon --openui"));
+    console.log(chalk12.white("  Watch live:  ") + chalk12.cyan("node9 tail"));
+    console.log(chalk12.white("  Local UI:    ") + chalk12.cyan("node9 daemon --openui"));
     console.log("");
-    console.log(chalk11.gray("  \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500"));
+    console.log(chalk12.gray("  \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500"));
     console.log(
-      chalk11.white("  Team dashboard + full audit trail \u2192 ") + chalk11.cyan.bold("https://node9.ai")
+      chalk12.white("  Team dashboard + full audit trail \u2192 ") + chalk12.cyan.bold("https://node9.ai")
     );
-    console.log(chalk11.gray("  \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500"));
+    console.log(chalk12.gray("  \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500"));
   });
 }
 
 // src/cli/commands/undo.ts
-import path26 from "path";
-import chalk13 from "chalk";
+import path29 from "path";
+import chalk14 from "chalk";
 
 // src/tui/undo-navigator.ts
 import readline2 from "readline";
-import chalk12 from "chalk";
+import chalk13 from "chalk";
 var RESET = "\x1B[0m";
 var BOLD = "\x1B[1m";
 var CLEAR_SCREEN = "\x1B[2J\x1B[H";
@@ -10319,15 +11065,15 @@ function renderDiff(raw) {
   );
   for (const line of lines) {
     if (line.startsWith("+++") || line.startsWith("---")) {
-      process.stdout.write(chalk12.bold(line) + "\n");
+      process.stdout.write(chalk13.bold(line) + "\n");
     } else if (line.startsWith("+")) {
-      process.stdout.write(chalk12.green(line) + "\n");
+      process.stdout.write(chalk13.green(line) + "\n");
     } else if (line.startsWith("-")) {
-      process.stdout.write(chalk12.red(line) + "\n");
+      process.stdout.write(chalk13.red(line) + "\n");
     } else if (line.startsWith("@@")) {
-      process.stdout.write(chalk12.cyan(line) + "\n");
+      process.stdout.write(chalk13.cyan(line) + "\n");
     } else {
-      process.stdout.write(chalk12.gray(line) + "\n");
+      process.stdout.write(chalk13.gray(line) + "\n");
     }
   }
 }
@@ -10346,23 +11092,23 @@ function render(entries, idx) {
   const step = idx + 1;
   process.stdout.write(CLEAR_SCREEN);
   process.stdout.write(
-    chalk12.magenta.bold(`\u23EA  Node9 Undo`) + chalk12.gray(`  \u2500\u2500  step ${step} of ${total}`) + (entry.files?.length ? chalk12.gray(
+    chalk13.magenta.bold(`\u23EA  Node9 Undo`) + chalk13.gray(`  \u2500\u2500  step ${step} of ${total}`) + (entry.files?.length ? chalk13.gray(
       `  \u2500\u2500  ${entry.files.slice(0, 2).join(", ")}${entry.files.length > 2 ? ` +${entry.files.length - 2} more` : ""}`
     ) : "") + "\n\n"
   );
   process.stdout.write(
-    `  ${BOLD}Tool:${RESET}  ${chalk12.cyan(entry.tool)}` + (entry.argsSummary ? chalk12.gray("  \u2192  " + entry.argsSummary) : "") + "\n"
+    `  ${BOLD}Tool:${RESET}  ${chalk13.cyan(entry.tool)}` + (entry.argsSummary ? chalk13.gray("  \u2192  " + entry.argsSummary) : "") + "\n"
   );
-  process.stdout.write(`  ${BOLD}When:${RESET}  ${chalk12.gray(formatAge(entry.timestamp))}
+  process.stdout.write(`  ${BOLD}When:${RESET}  ${chalk13.gray(formatAge(entry.timestamp))}
 `);
-  process.stdout.write(`  ${BOLD}Dir: ${RESET}  ${chalk12.gray(entry.cwd)}
+  process.stdout.write(`  ${BOLD}Dir: ${RESET}  ${chalk13.gray(entry.cwd)}
 `);
   if (entry.files && entry.files.length > 0) {
-    process.stdout.write(`  ${BOLD}Files:${RESET} ${chalk12.gray(entry.files.join(", "))}
+    process.stdout.write(`  ${BOLD}Files:${RESET} ${chalk13.gray(entry.files.join(", "))}
 `);
   }
   if (idx < total - 1 && isSessionBoundary(entries, idx + 1)) {
-    process.stdout.write(chalk12.gray("\n  \u2500\u2500 session boundary above \u2500\u2500\n"));
+    process.stdout.write(chalk13.gray("\n  \u2500\u2500 session boundary above \u2500\u2500\n"));
   }
   process.stdout.write("\n");
   const diff = entry.diff ?? computeUndoDiff(entry.hash, entry.cwd);
@@ -10370,12 +11116,12 @@ function render(entries, idx) {
     renderDiff(diff);
   } else {
     process.stdout.write(
-      chalk12.gray("  (no diff \u2014 working tree may already match this snapshot)\n")
+      chalk13.gray("  (no diff \u2014 working tree may already match this snapshot)\n")
     );
   }
   process.stdout.write("\n");
   process.stdout.write(
-    chalk12.gray("  ") + (idx < total - 1 ? chalk12.white("[\u2190] older") : chalk12.gray("[\u2190] older")) + chalk12.gray("   ") + (idx > 0 ? chalk12.white("[\u2192] newer") : chalk12.gray("[\u2192] newer")) + chalk12.gray("   ") + chalk12.green("[\u21B5] restore here") + chalk12.gray("   ") + chalk12.yellow("[s] session start") + chalk12.gray("   ") + chalk12.gray("[q] quit") + "\n"
+    chalk13.gray("  ") + (idx < total - 1 ? chalk13.white("[\u2190] older") : chalk13.gray("[\u2190] older")) + chalk13.gray("   ") + (idx > 0 ? chalk13.white("[\u2192] newer") : chalk13.gray("[\u2192] newer")) + chalk13.gray("   ") + chalk13.green("[\u21B5] restore here") + chalk13.gray("   ") + chalk13.yellow("[s] session start") + chalk13.gray("   ") + chalk13.gray("[q] quit") + "\n"
   );
 }
 async function runUndoNavigator(entries) {
@@ -10429,19 +11175,19 @@ async function runUndoNavigator(entries) {
         cleanup();
         process.stdout.write(CLEAR_SCREEN);
         const entry = display[idx];
-        process.stdout.write(chalk12.magenta.bold("\n\u23EA  Restoring snapshot...\n\n"));
+        process.stdout.write(chalk13.magenta.bold("\n\u23EA  Restoring snapshot...\n\n"));
         if (applyUndo(entry.hash, entry.cwd)) {
-          process.stdout.write(chalk12.green("\u2705  Reverted successfully.\n\n"));
+          process.stdout.write(chalk13.green("\u2705  Reverted successfully.\n\n"));
           resolve({ restored: true });
         } else {
-          process.stdout.write(chalk12.red("\u274C  Undo failed.\n\n"));
+          process.stdout.write(chalk13.red("\u274C  Undo failed.\n\n"));
           resolve({ restored: false });
         }
       } else if (name === "q" || key?.ctrl && name === "c") {
         done = true;
         cleanup();
         process.stdout.write(CLEAR_SCREEN);
-        process.stdout.write(chalk12.gray("\nCancelled.\n\n"));
+        process.stdout.write(chalk13.gray("\nCancelled.\n\n"));
         resolve({ restored: false });
       }
     };
@@ -10455,7 +11201,7 @@ function findMatchingCwd(startDir, history) {
   let dir = startDir;
   while (true) {
     if (cwds.has(dir)) return dir;
-    const parent = path26.dirname(dir);
+    const parent = path29.dirname(dir);
     if (parent === dir) return null;
     dir = parent;
   }
@@ -10477,39 +11223,39 @@ function registerUndoCommand(program2) {
     if (history.length === 0) {
       if (!options.all && allHistory.length > 0) {
         console.log(
-          chalk13.yellow(
+          chalk14.yellow(
             `
 \u2139\uFE0F  No snapshots found for the current directory (${process.cwd()}).
-    Run ${chalk13.cyan("node9 undo --all")} to see snapshots from all projects.
+    Run ${chalk14.cyan("node9 undo --all")} to see snapshots from all projects.
 `
           )
         );
       } else {
-        console.log(chalk13.yellow("\n\u2139\uFE0F  No undo snapshots found.\n"));
+        console.log(chalk14.yellow("\n\u2139\uFE0F  No undo snapshots found.\n"));
       }
       return;
     }
     if (options.list) {
-      console.log(chalk13.magenta.bold("\n\u23EA  Snapshot History\n"));
+      console.log(chalk14.magenta.bold("\n\u23EA  Snapshot History\n"));
       console.log(
-        chalk13.gray(
+        chalk14.gray(
           `  ${"#".padEnd(3)}  ${"File / Command".padEnd(30)}  ${"Tool".padEnd(8)}  ${"When".padEnd(10)}  Dir`
         )
       );
-      console.log(chalk13.gray("  " + "\u2500".repeat(80)));
+      console.log(chalk14.gray("  " + "\u2500".repeat(80)));
       const display = [...history].reverse();
       let prevTs = null;
       for (let i = 0; i < display.length; i++) {
         const e = display[i];
         const isGap = prevTs !== null && prevTs - e.timestamp > 6e4;
-        if (isGap) console.log(chalk13.gray("  \u2500\u2500 earlier \u2500\u2500"));
+        if (isGap) console.log(chalk14.gray("  \u2500\u2500 earlier \u2500\u2500"));
         const label = (e.argsSummary || e.files?.[0] || "\u2014").slice(0, 30).padEnd(30);
         const tool = e.tool.slice(0, 8).padEnd(8);
         const when = formatAge2(e.timestamp).padEnd(10);
         const dir = e.cwd.length > 30 ? "\u2026" + e.cwd.slice(-29) : e.cwd;
         console.log(
-          chalk13.white(
-            `  ${String(i + 1).padEnd(3)}  ${label}  ${chalk13.cyan(tool)}  ${chalk13.gray(when)}  ${chalk13.gray(dir)}`
+          chalk14.white(
+            `  ${String(i + 1).padEnd(3)}  ${label}  ${chalk14.cyan(tool)}  ${chalk14.gray(when)}  ${chalk14.gray(dir)}`
           )
         );
         prevTs = e.timestamp;
@@ -10522,7 +11268,7 @@ function registerUndoCommand(program2) {
       const idx = history.length - steps;
       if (idx < 0) {
         console.log(
-          chalk13.yellow(
+          chalk14.yellow(
             `
 \u2139\uFE0F  Only ${history.length} snapshot(s) available, cannot go back ${steps}.
 `
@@ -10533,47 +11279,47 @@ function registerUndoCommand(program2) {
       const snapshot = history[idx];
       const ageStr = formatAge2(snapshot.timestamp);
       console.log(
-        chalk13.magenta.bold(`
+        chalk14.magenta.bold(`
 \u23EA  Node9 Undo${steps > 1 ? ` (${steps} steps back)` : ""}`)
       );
       console.log(
-        chalk13.white(
-          `    Tool:  ${chalk13.cyan(snapshot.tool)}${snapshot.argsSummary ? chalk13.gray(" \u2192 " + snapshot.argsSummary) : ""}`
+        chalk14.white(
+          `    Tool:  ${chalk14.cyan(snapshot.tool)}${snapshot.argsSummary ? chalk14.gray(" \u2192 " + snapshot.argsSummary) : ""}`
         )
       );
-      console.log(chalk13.white(`    When:  ${chalk13.gray(ageStr)}`));
-      console.log(chalk13.white(`    Dir:   ${chalk13.gray(snapshot.cwd)}`));
+      console.log(chalk14.white(`    When:  ${chalk14.gray(ageStr)}`));
+      console.log(chalk14.white(`    Dir:   ${chalk14.gray(snapshot.cwd)}`));
       if (steps > 1)
         console.log(
-          chalk13.yellow(`    Note:  This will also undo the ${steps - 1} action(s) after it.`)
+          chalk14.yellow(`    Note:  This will also undo the ${steps - 1} action(s) after it.`)
         );
       console.log("");
       const diff = snapshot.diff ?? computeUndoDiff(snapshot.hash, snapshot.cwd);
       if (diff) {
         const lines = diff.split("\n").filter((l) => !l.startsWith("diff --git") && !l.startsWith("index "));
         for (const line of lines) {
-          if (line.startsWith("+++") || line.startsWith("---")) console.log(chalk13.bold(line));
-          else if (line.startsWith("+")) console.log(chalk13.green(line));
-          else if (line.startsWith("-")) console.log(chalk13.red(line));
-          else if (line.startsWith("@@")) console.log(chalk13.cyan(line));
-          else console.log(chalk13.gray(line));
+          if (line.startsWith("+++") || line.startsWith("---")) console.log(chalk14.bold(line));
+          else if (line.startsWith("+")) console.log(chalk14.green(line));
+          else if (line.startsWith("-")) console.log(chalk14.red(line));
+          else if (line.startsWith("@@")) console.log(chalk14.cyan(line));
+          else console.log(chalk14.gray(line));
         }
         console.log("");
       } else {
         console.log(
-          chalk13.gray("    (no diff available \u2014 working tree may already match snapshot)\n")
+          chalk14.gray("    (no diff available \u2014 working tree may already match snapshot)\n")
         );
       }
       const { confirm: confirm3 } = await import("@inquirer/prompts");
       const proceed = await confirm3({ message: `Revert to this snapshot?`, default: false });
       if (proceed) {
         if (applyUndo(snapshot.hash, snapshot.cwd)) {
-          console.log(chalk13.green("\n\u2705 Reverted successfully.\n"));
+          console.log(chalk14.green("\n\u2705 Reverted successfully.\n"));
         } else {
-          console.error(chalk13.red("\n\u274C Undo failed. Ensure you are in a Git repository.\n"));
+          console.error(chalk14.red("\n\u274C Undo failed. Ensure you are in a Git repository.\n"));
         }
       } else {
-        console.log(chalk13.gray("\nCancelled.\n"));
+        console.log(chalk14.gray("\nCancelled.\n"));
       }
       return;
     }
@@ -10583,7 +11329,7 @@ function registerUndoCommand(program2) {
 
 // src/cli/commands/watch.ts
 init_daemon();
-import chalk14 from "chalk";
+import chalk15 from "chalk";
 import { spawn as spawn8, spawnSync as spawnSync5 } from "child_process";
 function registerWatchCommand(program2) {
   program2.command("watch").description("Run a command under Node9 watch mode (daemon stays alive for the session)").argument("<command>", "Command to run").argument("[args...]", "Arguments for the command").action(async (cmd, args) => {
@@ -10599,7 +11345,7 @@ function registerWatchCommand(program2) {
         throw new Error("not running");
       }
     } catch {
-      console.error(chalk14.dim("\u{1F6E1}\uFE0F  Starting Node9 daemon (watch mode)..."));
+      console.error(chalk15.dim("\u{1F6E1}\uFE0F  Starting Node9 daemon (watch mode)..."));
       const child = spawn8(process.execPath, [process.argv[1], "daemon"], {
         detached: true,
         stdio: "ignore",
@@ -10621,12 +11367,12 @@ function registerWatchCommand(program2) {
         }
       }
       if (!ready) {
-        console.error(chalk14.red("\u274C Daemon failed to start. Try: node9 daemon start"));
+        console.error(chalk15.red("\u274C Daemon failed to start. Try: node9 daemon start"));
         process.exit(1);
       }
     }
     console.error(
-      chalk14.cyan.bold("\u{1F6E1}\uFE0F  Node9 watch") + chalk14.dim(` \u2192 localhost:${port}`) + chalk14.dim(
+      chalk15.cyan.bold("\u{1F6E1}\uFE0F  Node9 watch") + chalk15.dim(` \u2192 localhost:${port}`) + chalk15.dim(
         "\n   Tip: run `node9 tail` in another terminal to review and approve AI actions.\n"
       )
     );
@@ -10635,7 +11381,7 @@ function registerWatchCommand(program2) {
       env: { ...process.env, NODE9_WATCH_MODE: "1" }
     });
     if (result.error) {
-      console.error(chalk14.red(`\u274C Failed to run command: ${result.error.message}`));
+      console.error(chalk15.red(`\u274C Failed to run command: ${result.error.message}`));
       process.exit(1);
     }
     process.exit(result.status ?? 0);
@@ -10645,18 +11391,18 @@ function registerWatchCommand(program2) {
 // src/mcp-gateway/index.ts
 init_orchestrator();
 import readline3 from "readline";
-import chalk15 from "chalk";
+import chalk16 from "chalk";
 import { spawn as spawn9 } from "child_process";
 import { execa as execa2 } from "execa";
 init_provenance();
 
 // src/mcp-pin.ts
-import fs24 from "fs";
-import path27 from "path";
-import os20 from "os";
-import crypto3 from "crypto";
+import fs27 from "fs";
+import path30 from "path";
+import os23 from "os";
+import crypto4 from "crypto";
 function getPinsFilePath() {
-  return path27.join(os20.homedir(), ".node9", "mcp-pins.json");
+  return path30.join(os23.homedir(), ".node9", "mcp-pins.json");
 }
 function hashToolDefinitions(tools) {
   const sorted = [...tools].sort((a, b) => {
@@ -10665,15 +11411,15 @@ function hashToolDefinitions(tools) {
     return nameA.localeCompare(nameB);
   });
   const canonical = JSON.stringify(sorted);
-  return crypto3.createHash("sha256").update(canonical).digest("hex");
+  return crypto4.createHash("sha256").update(canonical).digest("hex");
 }
 function getServerKey(upstreamCommand) {
-  return crypto3.createHash("sha256").update(upstreamCommand).digest("hex").slice(0, 16);
+  return crypto4.createHash("sha256").update(upstreamCommand).digest("hex").slice(0, 16);
 }
 function readMcpPinsSafe() {
   const filePath = getPinsFilePath();
   try {
-    const raw = fs24.readFileSync(filePath, "utf-8");
+    const raw = fs27.readFileSync(filePath, "utf-8");
     if (!raw.trim()) {
       return { ok: false, reason: "corrupt", detail: "empty file" };
     }
@@ -10697,10 +11443,10 @@ function readMcpPins() {
 }
 function writeMcpPins(data) {
   const filePath = getPinsFilePath();
-  fs24.mkdirSync(path27.dirname(filePath), { recursive: true });
-  const tmp = `${filePath}.${crypto3.randomBytes(6).toString("hex")}.tmp`;
-  fs24.writeFileSync(tmp, JSON.stringify(data, null, 2), { mode: 384 });
-  fs24.renameSync(tmp, filePath);
+  fs27.mkdirSync(path30.dirname(filePath), { recursive: true });
+  const tmp = `${filePath}.${crypto4.randomBytes(6).toString("hex")}.tmp`;
+  fs27.writeFileSync(tmp, JSON.stringify(data, null, 2), { mode: 384 });
+  fs27.renameSync(tmp, filePath);
 }
 function checkPin(serverKey, currentHash) {
   const result = readMcpPinsSafe();
@@ -10792,13 +11538,13 @@ async function runMcpGateway(upstreamCommand) {
   const prov = checkProvenance(executable);
   if (prov.trustLevel === "suspect") {
     console.error(
-      chalk15.red(
+      chalk16.red(
         `\u26A0\uFE0F  Node9: Upstream MCP server binary is suspect \u2014 ${prov.reason} (${prov.resolvedPath})`
       )
     );
-    console.error(chalk15.red("   Verify this binary is trusted before proceeding."));
+    console.error(chalk16.red("   Verify this binary is trusted before proceeding."));
   }
-  console.error(chalk15.green(`\u{1F680} Node9 MCP Gateway: Monitoring [${upstreamCommand}]`));
+  console.error(chalk16.green(`\u{1F680} Node9 MCP Gateway: Monitoring [${upstreamCommand}]`));
   const UPSTREAM_INJECTOR_VARS = /* @__PURE__ */ new Set([
     "NODE_OPTIONS",
     "NODE_PATH",
@@ -10901,10 +11647,10 @@ async function runMcpGateway(upstreamCommand) {
           mcpServer
         });
         if (!result.approved) {
-          console.error(chalk15.red(`
+          console.error(chalk16.red(`
 \u{1F6D1} Node9 MCP Gateway: Action Blocked`));
-          console.error(chalk15.gray(`   Tool: ${toolName}`));
-          console.error(chalk15.gray(`   Reason: ${result.reason ?? "Security Policy"}
+          console.error(chalk16.gray(`   Tool: ${toolName}`));
+          console.error(chalk16.gray(`   Reason: ${result.reason ?? "Security Policy"}
 `));
           const blockedByLabel = result.blockedByLabel ?? result.reason ?? "Security Policy";
           const isHumanDecision = blockedByLabel.toLowerCase().includes("user") || blockedByLabel.toLowerCase().includes("daemon") || blockedByLabel.toLowerCase().includes("decision");
@@ -10983,7 +11729,7 @@ async function runMcpGateway(upstreamCommand) {
           updatePin(serverKey, upstreamCommand, currentHash, toolNames);
           pinState = "validated";
           console.error(
-            chalk15.green(
+            chalk16.green(
               `\u{1F512} Node9: Pinned ${toolNames.length} tool definition(s) for this MCP server`
             )
           );
@@ -10996,11 +11742,11 @@ async function runMcpGateway(upstreamCommand) {
         } else if (pinStatus === "corrupt") {
           pinState = "quarantined";
           console.error(
-            chalk15.red("\n\u{1F6A8} Node9: MCP pin file is corrupt or unreadable \u2014 session quarantined!")
+            chalk16.red("\n\u{1F6A8} Node9: MCP pin file is corrupt or unreadable \u2014 session quarantined!")
           );
-          console.error(chalk15.red("   Tool calls are blocked until the pin file is repaired."));
+          console.error(chalk16.red("   Tool calls are blocked until the pin file is repaired."));
           console.error(
-            chalk15.yellow(`   Run: node9 mcp pin reset  (to clear and re-pin on next connect)
+            chalk16.yellow(`   Run: node9 mcp pin reset  (to clear and re-pin on next connect)
 `)
           );
           const errorResponse = {
@@ -11017,13 +11763,13 @@ async function runMcpGateway(upstreamCommand) {
         } else {
           pinState = "quarantined";
           console.error(
-            chalk15.red("\n\u{1F6A8} Node9: MCP tool definitions have changed since last verified!")
+            chalk16.red("\n\u{1F6A8} Node9: MCP tool definitions have changed since last verified!")
           );
           console.error(
-            chalk15.red("   This could indicate a supply chain attack (tool poisoning / rug pull).")
+            chalk16.red("   This could indicate a supply chain attack (tool poisoning / rug pull).")
           );
-          console.error(chalk15.red("   Session quarantined \u2014 all tool calls blocked."));
-          console.error(chalk15.yellow(`   Run: node9 mcp pin update ${serverKey}
+          console.error(chalk16.red("   Session quarantined \u2014 all tool calls blocked."));
+          console.error(chalk16.yellow(`   Run: node9 mcp pin update ${serverKey}
 `));
           const errorResponse = {
             jsonrpc: "2.0",
@@ -11072,9 +11818,9 @@ function registerMcpGatewayCommand(program2) {
 
 // src/mcp-server/index.ts
 import readline4 from "readline";
-import fs25 from "fs";
-import os21 from "os";
-import path28 from "path";
+import fs28 from "fs";
+import os24 from "os";
+import path31 from "path";
 init_core();
 init_daemon();
 init_shields();
@@ -11249,13 +11995,13 @@ function handleStatus() {
   lines.push(`Active shields: ${activeShields.length > 0 ? activeShields.join(", ") : "none"}`);
   lines.push(`Smart rules: ${config.policy.smartRules.length} loaded`);
   lines.push(`DLP: ${config.policy.dlp?.enabled !== false ? "enabled" : "disabled"}`);
-  const projectConfig = path28.join(process.cwd(), "node9.config.json");
-  const globalConfig = path28.join(os21.homedir(), ".node9", "config.json");
+  const projectConfig = path31.join(process.cwd(), "node9.config.json");
+  const globalConfig = path31.join(os24.homedir(), ".node9", "config.json");
   lines.push(
-    `Project config (node9.config.json): ${fs25.existsSync(projectConfig) ? "present" : "not found"}`
+    `Project config (node9.config.json): ${fs28.existsSync(projectConfig) ? "present" : "not found"}`
   );
   lines.push(
-    `Global config (~/.node9/config.json): ${fs25.existsSync(globalConfig) ? "present" : "not found"}`
+    `Global config (~/.node9/config.json): ${fs28.existsSync(globalConfig) ? "present" : "not found"}`
   );
   return lines.join("\n");
 }
@@ -11329,21 +12075,21 @@ function handleShieldDisable(args) {
   writeActiveShields(active.filter((s) => s !== name));
   return `Shield "${name}" disabled.`;
 }
-var GLOBAL_CONFIG_PATH2 = path28.join(os21.homedir(), ".node9", "config.json");
+var GLOBAL_CONFIG_PATH2 = path31.join(os24.homedir(), ".node9", "config.json");
 var APPROVER_CHANNELS = ["native", "browser", "cloud", "terminal"];
 function readGlobalConfigRaw() {
   try {
-    if (fs25.existsSync(GLOBAL_CONFIG_PATH2)) {
-      return JSON.parse(fs25.readFileSync(GLOBAL_CONFIG_PATH2, "utf-8"));
+    if (fs28.existsSync(GLOBAL_CONFIG_PATH2)) {
+      return JSON.parse(fs28.readFileSync(GLOBAL_CONFIG_PATH2, "utf-8"));
     }
   } catch {
   }
   return {};
 }
 function writeGlobalConfigRaw(data) {
-  const dir = path28.dirname(GLOBAL_CONFIG_PATH2);
-  if (!fs25.existsSync(dir)) fs25.mkdirSync(dir, { recursive: true });
-  fs25.writeFileSync(GLOBAL_CONFIG_PATH2, JSON.stringify(data, null, 2) + "\n");
+  const dir = path31.dirname(GLOBAL_CONFIG_PATH2);
+  if (!fs28.existsSync(dir)) fs28.mkdirSync(dir, { recursive: true });
+  fs28.writeFileSync(GLOBAL_CONFIG_PATH2, JSON.stringify(data, null, 2) + "\n");
 }
 function handleApproverList() {
   const config = getConfig();
@@ -11386,9 +12132,9 @@ function handleApproverSet(args) {
 }
 function handleAuditGet(args) {
   const limit = Math.min(typeof args.limit === "number" ? args.limit : 20, 100);
-  const auditPath = path28.join(os21.homedir(), ".node9", "audit.log");
-  if (!fs25.existsSync(auditPath)) return "No audit log found.";
-  const lines = fs25.readFileSync(auditPath, "utf-8").trim().split("\n").filter(Boolean);
+  const auditPath = path31.join(os24.homedir(), ".node9", "audit.log");
+  if (!fs28.existsSync(auditPath)) return "No audit log found.";
+  const lines = fs28.readFileSync(auditPath, "utf-8").trim().split("\n").filter(Boolean);
   const recent = lines.slice(-limit);
   const entries = recent.map((line) => {
     try {
@@ -11576,7 +12322,7 @@ function registerMcpServerCommand(program2) {
 
 // src/cli/commands/trust.ts
 init_trusted_hosts();
-import chalk16 from "chalk";
+import chalk17 from "chalk";
 function isValidHost(host) {
   return /^(\*\.)?[a-z0-9][a-z0-9.-]*\.[a-z]{2,}$/.test(host);
 }
@@ -11586,51 +12332,51 @@ function registerTrustCommand(program2) {
     const normalized = normalizeHost(host.trim());
     if (!isValidHost(normalized)) {
       console.error(
-        chalk16.red(`
+        chalk17.red(`
 \u274C Invalid host: "${host}"
-`) + chalk16.gray("   Use an FQDN like api.mycompany.com or *.mycompany.com\n")
+`) + chalk17.gray("   Use an FQDN like api.mycompany.com or *.mycompany.com\n")
       );
       process.exit(1);
     }
     addTrustedHost(normalized);
-    console.log(chalk16.green(`
+    console.log(chalk17.green(`
 \u2705 ${normalized} added to trusted hosts.`));
     console.log(
-      chalk16.gray("   Pipe-chain blocks to this host: critical \u2192 review, high \u2192 allow\n")
+      chalk17.gray("   Pipe-chain blocks to this host: critical \u2192 review, high \u2192 allow\n")
     );
   });
   trustCmd.command("remove <host>").description("Remove a trusted host").action((host) => {
     const normalized = normalizeHost(host.trim());
     const removed = removeTrustedHost(normalized);
     if (!removed) {
-      console.error(chalk16.yellow(`
+      console.error(chalk17.yellow(`
 \u26A0\uFE0F  "${normalized}" is not in the trusted hosts list.
 `));
       process.exit(1);
     }
-    console.log(chalk16.green(`
+    console.log(chalk17.green(`
 \u2705 ${normalized} removed from trusted hosts.
 `));
   });
   trustCmd.command("list").description("Show all trusted hosts").action(() => {
     const hosts = readTrustedHosts();
     if (hosts.length === 0) {
-      console.log(chalk16.gray("\n  No trusted hosts configured.\n"));
-      console.log(`  Add one: ${chalk16.cyan("node9 trust add api.mycompany.com")}
+      console.log(chalk17.gray("\n  No trusted hosts configured.\n"));
+      console.log(`  Add one: ${chalk17.cyan("node9 trust add api.mycompany.com")}
 `);
       return;
     }
-    console.log(chalk16.bold("\n\u{1F513} Trusted Hosts\n"));
+    console.log(chalk17.bold("\n\u{1F513} Trusted Hosts\n"));
     for (const entry of hosts) {
       const date = new Date(entry.addedAt).toLocaleDateString();
-      console.log(`  ${chalk16.cyan(entry.host.padEnd(40))} ${chalk16.gray(`added ${date}`)}`);
+      console.log(`  ${chalk17.cyan(entry.host.padEnd(40))} ${chalk17.gray(`added ${date}`)}`);
     }
     console.log("");
   });
 }
 
 // src/cli/commands/mcp-pin.ts
-import chalk17 from "chalk";
+import chalk18 from "chalk";
 function registerMcpPinCommand(program2) {
   const pinCmd = program2.command("mcp").description("Manage MCP server tool definition pinning (rug pull defense)");
   const pinSubCmd = pinCmd.command("pin").description("Manage pinned MCP server tool definitions");
@@ -11638,31 +12384,31 @@ function registerMcpPinCommand(program2) {
     const result = readMcpPinsSafe();
     if (!result.ok) {
       if (result.reason === "missing") {
-        console.log(chalk17.gray("\nNo MCP servers are pinned yet."));
+        console.log(chalk18.gray("\nNo MCP servers are pinned yet."));
         console.log(
-          chalk17.gray("Pins are created automatically when the MCP gateway first connects.\n")
+          chalk18.gray("Pins are created automatically when the MCP gateway first connects.\n")
         );
         return;
       }
-      console.error(chalk17.red(`
+      console.error(chalk18.red(`
 \u274C Pin file is corrupt: ${result.detail}`));
-      console.error(chalk17.yellow("   Run: node9 mcp pin reset\n"));
+      console.error(chalk18.yellow("   Run: node9 mcp pin reset\n"));
       process.exit(1);
     }
     const entries = Object.entries(result.pins.servers);
     if (entries.length === 0) {
-      console.log(chalk17.gray("\nNo MCP servers are pinned yet."));
+      console.log(chalk18.gray("\nNo MCP servers are pinned yet."));
       console.log(
-        chalk17.gray("Pins are created automatically when the MCP gateway first connects.\n")
+        chalk18.gray("Pins are created automatically when the MCP gateway first connects.\n")
       );
       return;
     }
-    console.log(chalk17.bold("\n\u{1F512} Pinned MCP Servers\n"));
+    console.log(chalk18.bold("\n\u{1F512} Pinned MCP Servers\n"));
     for (const [key, entry] of entries) {
-      console.log(`  ${chalk17.cyan(key)}  ${chalk17.gray(entry.label)}`);
-      console.log(`    Tools (${entry.toolCount}): ${chalk17.white(entry.toolNames.join(", "))}`);
-      console.log(`    Hash:  ${chalk17.gray(entry.toolsHash.slice(0, 16))}...`);
-      console.log(`    Pinned: ${chalk17.gray(entry.pinnedAt)}`);
+      console.log(`  ${chalk18.cyan(key)}  ${chalk18.gray(entry.label)}`);
+      console.log(`    Tools (${entry.toolCount}): ${chalk18.white(entry.toolNames.join(", "))}`);
+      console.log(`    Hash:  ${chalk18.gray(entry.toolsHash.slice(0, 16))}...`);
+      console.log(`    Pinned: ${chalk18.gray(entry.pinnedAt)}`);
       console.log("");
     }
   });
@@ -11673,55 +12419,55 @@ function registerMcpPinCommand(program2) {
     try {
       pins = readMcpPins();
     } catch {
-      console.error(chalk17.red("\n\u274C Pin file is corrupt."));
-      console.error(chalk17.yellow("   Run: node9 mcp pin reset\n"));
+      console.error(chalk18.red("\n\u274C Pin file is corrupt."));
+      console.error(chalk18.yellow("   Run: node9 mcp pin reset\n"));
       process.exit(1);
     }
     if (!pins.servers[serverKey]) {
-      console.error(chalk17.red(`
+      console.error(chalk18.red(`
 \u274C No pin found for server key "${serverKey}"
 `));
-      console.error(`Run ${chalk17.cyan("node9 mcp pin list")} to see pinned servers.
+      console.error(`Run ${chalk18.cyan("node9 mcp pin list")} to see pinned servers.
 `);
       process.exit(1);
     }
     const label = pins.servers[serverKey].label;
     removePin(serverKey);
-    console.log(chalk17.green(`
-\u{1F513} Pin removed for ${chalk17.cyan(serverKey)}`));
-    console.log(chalk17.gray(`   Server: ${label}`));
-    console.log(chalk17.gray("   Next connection will re-pin with current tool definitions.\n"));
+    console.log(chalk18.green(`
+\u{1F513} Pin removed for ${chalk18.cyan(serverKey)}`));
+    console.log(chalk18.gray(`   Server: ${label}`));
+    console.log(chalk18.gray("   Next connection will re-pin with current tool definitions.\n"));
   });
   pinSubCmd.command("reset").description("Clear all MCP pins (next connection to each server will re-pin)").action(() => {
     const result = readMcpPinsSafe();
     if (!result.ok && result.reason === "missing") {
-      console.log(chalk17.gray("\nNo pins to clear.\n"));
+      console.log(chalk18.gray("\nNo pins to clear.\n"));
       return;
     }
     const count = result.ok ? Object.keys(result.pins.servers).length : "?";
     clearAllPins();
-    console.log(chalk17.green(`
+    console.log(chalk18.green(`
 \u{1F513} Cleared ${count} MCP pin(s).`));
-    console.log(chalk17.gray("   Next connection to each server will re-pin.\n"));
+    console.log(chalk18.gray("   Next connection to each server will re-pin.\n"));
   });
 }
 
 // src/cli.ts
 var { version } = JSON.parse(
-  fs28.readFileSync(path31.join(__dirname, "../package.json"), "utf-8")
+  fs31.readFileSync(path34.join(__dirname, "../package.json"), "utf-8")
 );
 var program = new Command();
 program.name("node9").description("The Sudo Command for AI Agents").version(version);
 program.command("login").argument("<apiKey>").option("--local", "Save key for audit/logging only \u2014 local config still controls all decisions").option("--profile <name>", 'Save as a named profile (default: "default")').action((apiKey, options) => {
   const DEFAULT_API_URL = "https://api.node9.ai/api/v1/intercept";
-  const credPath = path31.join(os24.homedir(), ".node9", "credentials.json");
-  if (!fs28.existsSync(path31.dirname(credPath)))
-    fs28.mkdirSync(path31.dirname(credPath), { recursive: true });
+  const credPath = path34.join(os27.homedir(), ".node9", "credentials.json");
+  if (!fs31.existsSync(path34.dirname(credPath)))
+    fs31.mkdirSync(path34.dirname(credPath), { recursive: true });
   const profileName = options.profile || "default";
   let existingCreds = {};
   try {
-    if (fs28.existsSync(credPath)) {
-      const raw = JSON.parse(fs28.readFileSync(credPath, "utf-8"));
+    if (fs31.existsSync(credPath)) {
+      const raw = JSON.parse(fs31.readFileSync(credPath, "utf-8"));
       if (raw.apiKey) {
         existingCreds = {
           default: { apiKey: raw.apiKey, apiUrl: raw.apiUrl || DEFAULT_API_URL }
@@ -11733,13 +12479,13 @@ program.command("login").argument("<apiKey>").option("--local", "Save key for au
   } catch {
   }
   existingCreds[profileName] = { apiKey, apiUrl: DEFAULT_API_URL };
-  fs28.writeFileSync(credPath, JSON.stringify(existingCreds, null, 2), { mode: 384 });
+  fs31.writeFileSync(credPath, JSON.stringify(existingCreds, null, 2), { mode: 384 });
   if (profileName === "default") {
-    const configPath = path31.join(os24.homedir(), ".node9", "config.json");
+    const configPath = path34.join(os27.homedir(), ".node9", "config.json");
     let config = {};
     try {
-      if (fs28.existsSync(configPath))
-        config = JSON.parse(fs28.readFileSync(configPath, "utf-8"));
+      if (fs31.existsSync(configPath))
+        config = JSON.parse(fs31.readFileSync(configPath, "utf-8"));
     } catch {
     }
     if (!config.settings || typeof config.settings !== "object") config.settings = {};
@@ -11754,19 +12500,19 @@ program.command("login").argument("<apiKey>").option("--local", "Save key for au
       approvers.cloud = false;
     }
     s.approvers = approvers;
-    if (!fs28.existsSync(path31.dirname(configPath)))
-      fs28.mkdirSync(path31.dirname(configPath), { recursive: true });
-    fs28.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 384 });
+    if (!fs31.existsSync(path34.dirname(configPath)))
+      fs31.mkdirSync(path34.dirname(configPath), { recursive: true });
+    fs31.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 384 });
   }
   if (options.profile && profileName !== "default") {
-    console.log(chalk19.green(`\u2705 Profile "${profileName}" saved`));
-    console.log(chalk19.gray(`   Switch to it per-session:  NODE9_PROFILE=${profileName} claude`));
+    console.log(chalk20.green(`\u2705 Profile "${profileName}" saved`));
+    console.log(chalk20.gray(`   Switch to it per-session:  NODE9_PROFILE=${profileName} claude`));
   } else if (options.local) {
-    console.log(chalk19.green(`\u2705 Privacy mode \u{1F6E1}\uFE0F`));
-    console.log(chalk19.gray(`   All decisions stay on this machine.`));
+    console.log(chalk20.green(`\u2705 Privacy mode \u{1F6E1}\uFE0F`));
+    console.log(chalk20.gray(`   All decisions stay on this machine.`));
   } else {
-    console.log(chalk19.green(`\u2705 Logged in \u2014 agent mode`));
-    console.log(chalk19.gray(`   Team policy enforced for all calls via Node9 cloud.`));
+    console.log(chalk20.green(`\u2705 Logged in \u2014 agent mode`));
+    console.log(chalk20.gray(`   Team policy enforced for all calls via Node9 cloud.`));
   }
 });
 program.command("addto").description("Integrate Node9 with an AI agent").addHelpText("after", "\n  Supported targets:  claude  gemini  cursor  hud").argument("<target>", "The agent to protect: claude | gemini | cursor | hud").action(async (target) => {
@@ -11774,19 +12520,19 @@ program.command("addto").description("Integrate Node9 with an AI agent").addHelp
   if (target === "claude") return await setupClaude();
   if (target === "cursor") return await setupCursor();
   if (target === "hud") return setupHud();
-  console.error(chalk19.red(`Unknown target: "${target}". Supported: claude, gemini, cursor, hud`));
+  console.error(chalk20.red(`Unknown target: "${target}". Supported: claude, gemini, cursor, hud`));
   process.exit(1);
 });
 program.command("setup").description('Alias for "addto" \u2014 integrate Node9 with an AI agent').addHelpText("after", "\n  Supported targets:  claude  gemini  cursor  hud").argument("[target]", "The agent to protect: claude | gemini | cursor | hud").action(async (target) => {
   if (!target) {
-    console.log(chalk19.cyan("\n\u{1F6E1}\uFE0F  Node9 Setup \u2014 integrate with your AI agent\n"));
-    console.log("  Usage:  " + chalk19.white("node9 setup <target>") + "\n");
+    console.log(chalk20.cyan("\n\u{1F6E1}\uFE0F  Node9 Setup \u2014 integrate with your AI agent\n"));
+    console.log("  Usage:  " + chalk20.white("node9 setup <target>") + "\n");
     console.log("  Targets:");
-    console.log("    " + chalk19.green("claude") + "   \u2014 Claude Code (hook mode)");
-    console.log("    " + chalk19.green("gemini") + "   \u2014 Gemini CLI (hook mode)");
-    console.log("    " + chalk19.green("cursor") + "   \u2014 Cursor (hook mode)");
+    console.log("    " + chalk20.green("claude") + "   \u2014 Claude Code (hook mode)");
+    console.log("    " + chalk20.green("gemini") + "   \u2014 Gemini CLI (hook mode)");
+    console.log("    " + chalk20.green("cursor") + "   \u2014 Cursor (hook mode)");
     process.stdout.write(
-      "    " + chalk19.green("hud") + "     \u2014 Claude Code security statusline\n"
+      "    " + chalk20.green("hud") + "     \u2014 Claude Code security statusline\n"
     );
     console.log("");
     return;
@@ -11796,7 +12542,7 @@ program.command("setup").description('Alias for "addto" \u2014 integrate Node9 w
   if (t === "claude") return await setupClaude();
   if (t === "cursor") return await setupCursor();
   if (t === "hud") return setupHud();
-  console.error(chalk19.red(`Unknown target: "${target}". Supported: claude, gemini, cursor, hud`));
+  console.error(chalk20.red(`Unknown target: "${target}". Supported: claude, gemini, cursor, hud`));
   process.exit(1);
 });
 program.command("removefrom").description("Remove Node9 hooks from an AI agent configuration").addHelpText("after", "\n  Supported targets:  claude  gemini  cursor").argument("<target>", "The agent to remove from: claude | gemini | cursor").action((target) => {
@@ -11807,31 +12553,31 @@ program.command("removefrom").description("Remove Node9 hooks from an AI agent c
   else if (target === "hud") fn = teardownHud;
   else {
     console.error(
-      chalk19.red(`Unknown target: "${target}". Supported: claude, gemini, cursor, hud`)
+      chalk20.red(`Unknown target: "${target}". Supported: claude, gemini, cursor, hud`)
     );
     process.exit(1);
   }
-  console.log(chalk19.cyan(`
+  console.log(chalk20.cyan(`
 \u{1F6E1}\uFE0F  Node9: removing hooks from ${target}...
 `));
   try {
     fn();
   } catch (err2) {
-    console.error(chalk19.red(`  \u26A0\uFE0F  Failed: ${err2 instanceof Error ? err2.message : String(err2)}`));
+    console.error(chalk20.red(`  \u26A0\uFE0F  Failed: ${err2 instanceof Error ? err2.message : String(err2)}`));
     process.exit(1);
   }
-  console.log(chalk19.gray("\n  Restart the agent for changes to take effect."));
+  console.log(chalk20.gray("\n  Restart the agent for changes to take effect."));
 });
 program.command("uninstall").description("Remove all Node9 hooks and optionally delete config files").option("--purge", "Also delete ~/.node9/ directory (config, audit log, credentials)").action(async (options) => {
-  console.log(chalk19.cyan("\n\u{1F6E1}\uFE0F  Node9 Uninstall\n"));
-  console.log(chalk19.bold("Stopping daemon..."));
+  console.log(chalk20.cyan("\n\u{1F6E1}\uFE0F  Node9 Uninstall\n"));
+  console.log(chalk20.bold("Stopping daemon..."));
   try {
     stopDaemon();
-    console.log(chalk19.green("  \u2705 Daemon stopped"));
+    console.log(chalk20.green("  \u2705 Daemon stopped"));
   } catch {
-    console.log(chalk19.blue("  \u2139\uFE0F  Daemon was not running"));
+    console.log(chalk20.blue("  \u2139\uFE0F  Daemon was not running"));
   }
-  console.log(chalk19.bold("\nRemoving hooks..."));
+  console.log(chalk20.bold("\nRemoving hooks..."));
   let teardownFailed = false;
   for (const [label, fn] of [
     ["Claude", teardownClaude],
@@ -11843,45 +12589,45 @@ program.command("uninstall").description("Remove all Node9 hooks and optionally
     } catch (err2) {
       teardownFailed = true;
       console.error(
-        chalk19.red(
+        chalk20.red(
           `  \u26A0\uFE0F  Failed to remove ${label} hooks: ${err2 instanceof Error ? err2.message : String(err2)}`
         )
       );
     }
   }
   if (options.purge) {
-    const node9Dir = path31.join(os24.homedir(), ".node9");
-    if (fs28.existsSync(node9Dir)) {
+    const node9Dir = path34.join(os27.homedir(), ".node9");
+    if (fs31.existsSync(node9Dir)) {
       const confirmed = await confirm2({
         message: `Permanently delete ${node9Dir} (config, audit log, credentials)?`,
         default: false
       });
       if (confirmed) {
-        fs28.rmSync(node9Dir, { recursive: true });
-        if (fs28.existsSync(node9Dir)) {
+        fs31.rmSync(node9Dir, { recursive: true });
+        if (fs31.existsSync(node9Dir)) {
           console.error(
-            chalk19.red("\n  \u26A0\uFE0F  ~/.node9/ could not be fully deleted \u2014 remove it manually.")
+            chalk20.red("\n  \u26A0\uFE0F  ~/.node9/ could not be fully deleted \u2014 remove it manually.")
           );
         } else {
-          console.log(chalk19.green("\n  \u2705 Deleted ~/.node9/ (config, audit log, credentials)"));
+          console.log(chalk20.green("\n  \u2705 Deleted ~/.node9/ (config, audit log, credentials)"));
         }
       } else {
-        console.log(chalk19.yellow("\n  Skipped \u2014 ~/.node9/ was not deleted."));
+        console.log(chalk20.yellow("\n  Skipped \u2014 ~/.node9/ was not deleted."));
       }
     } else {
-      console.log(chalk19.blue("\n  \u2139\uFE0F  ~/.node9/ not found \u2014 nothing to delete"));
+      console.log(chalk20.blue("\n  \u2139\uFE0F  ~/.node9/ not found \u2014 nothing to delete"));
     }
   } else {
     console.log(
-      chalk19.gray("\n  ~/.node9/ kept \u2014 run with --purge to delete config and audit log")
+      chalk20.gray("\n  ~/.node9/ kept \u2014 run with --purge to delete config and audit log")
     );
   }
   if (teardownFailed) {
-    console.error(chalk19.red("\n  \u26A0\uFE0F  Some hooks could not be removed \u2014 see errors above."));
+    console.error(chalk20.red("\n  \u26A0\uFE0F  Some hooks could not be removed \u2014 see errors above."));
     process.exit(1);
   }
-  console.log(chalk19.green.bold("\n\u{1F6E1}\uFE0F  Node9 removed. Run: npm uninstall -g @node9/proxy"));
-  console.log(chalk19.gray("   Restart any open AI agent sessions for changes to take effect.\n"));
+  console.log(chalk20.green.bold("\n\u{1F6E1}\uFE0F  Node9 removed. Run: npm uninstall -g @node9/proxy"));
+  console.log(chalk20.gray("   Restart any open AI agent sessions for changes to take effect.\n"));
 });
 registerDoctorCommand(program, version);
 program.command("explain").description(
@@ -11894,7 +12640,7 @@ program.command("explain").description(
       try {
         args = JSON.parse(trimmed);
       } catch {
-        console.error(chalk19.red(`
+        console.error(chalk20.red(`
 \u274C Invalid JSON: ${trimmed}
 `));
         process.exit(1);
@@ -11905,60 +12651,61 @@ program.command("explain").description(
   }
   const result = await explainPolicy(tool, args);
   console.log("");
-  console.log(chalk19.cyan.bold("\u{1F6E1}\uFE0F  Node9 Explain"));
+  console.log(chalk20.cyan.bold("\u{1F6E1}\uFE0F  Node9 Explain"));
   console.log("");
-  console.log(`   ${chalk19.bold("Tool:")}    ${chalk19.white(result.tool)}`);
+  console.log(`   ${chalk20.bold("Tool:")}    ${chalk20.white(result.tool)}`);
   if (argsRaw) {
     const preview = argsRaw.length > 80 ? argsRaw.slice(0, 77) + "\u2026" : argsRaw;
-    console.log(`   ${chalk19.bold("Input:")}   ${chalk19.gray(preview)}`);
+    console.log(`   ${chalk20.bold("Input:")}   ${chalk20.gray(preview)}`);
   }
   console.log("");
-  console.log(chalk19.bold("Config Sources (Waterfall):"));
+  console.log(chalk20.bold("Config Sources (Waterfall):"));
   for (const tier of result.waterfall) {
-    const num = chalk19.gray(`  ${tier.tier}.`);
+    const num2 = chalk20.gray(`  ${tier.tier}.`);
     const label = tier.label.padEnd(16);
     let statusStr;
     if (tier.tier === 1) {
-      statusStr = chalk19.gray(tier.note ?? "");
+      statusStr = chalk20.gray(tier.note ?? "");
     } else if (tier.status === "active") {
-      const loc = tier.path ? chalk19.gray(tier.path) : "";
-      const note = tier.note ? chalk19.gray(`(${tier.note})`) : "";
-      statusStr = chalk19.green("\u2713 active") + (loc ? "  " + loc : "") + (note ? "  " + note : "");
+      const loc = tier.path ? chalk20.gray(tier.path) : "";
+      const note = tier.note ? chalk20.gray(`(${tier.note})`) : "";
+      statusStr = chalk20.green("\u2713 active") + (loc ? "  " + loc : "") + (note ? "  " + note : "");
     } else {
-      statusStr = chalk19.gray("\u25CB " + (tier.note ?? "not found"));
+      statusStr = chalk20.gray("\u25CB " + (tier.note ?? "not found"));
     }
-    console.log(`${num} ${chalk19.white(label)} ${statusStr}`);
+    console.log(`${num2} ${chalk20.white(label)} ${statusStr}`);
   }
   console.log("");
-  console.log(chalk19.bold("Policy Evaluation:"));
+  console.log(chalk20.bold("Policy Evaluation:"));
   for (const step of result.steps) {
     const isFinal = step.isFinal;
     let icon;
-    if (step.outcome === "allow") icon = chalk19.green("  \u2705");
-    else if (step.outcome === "review") icon = chalk19.red("  \u{1F534}");
-    else if (step.outcome === "skip") icon = chalk19.gray("  \u2500 ");
-    else icon = chalk19.gray("  \u25CB ");
+    if (step.outcome === "allow") icon = chalk20.green("  \u2705");
+    else if (step.outcome === "review") icon = chalk20.red("  \u{1F534}");
+    else if (step.outcome === "skip") icon = chalk20.gray("  \u2500 ");
+    else icon = chalk20.gray("  \u25CB ");
     const name = step.name.padEnd(18);
-    const nameStr = isFinal ? chalk19.white.bold(name) : chalk19.white(name);
-    const detail = isFinal ? chalk19.white(step.detail) : chalk19.gray(step.detail);
-    const arrow = isFinal ? chalk19.yellow("  \u2190 STOP") : "";
+    const nameStr = isFinal ? chalk20.white.bold(name) : chalk20.white(name);
+    const detail = isFinal ? chalk20.white(step.detail) : chalk20.gray(step.detail);
+    const arrow = isFinal ? chalk20.yellow("  \u2190 STOP") : "";
     console.log(`${icon} ${nameStr} ${detail}${arrow}`);
   }
   console.log("");
   if (result.decision === "allow") {
-    console.log(chalk19.green.bold("  Decision: \u2705 ALLOW") + chalk19.gray("  \u2014 no approval needed"));
+    console.log(chalk20.green.bold("  Decision: \u2705 ALLOW") + chalk20.gray("  \u2014 no approval needed"));
   } else {
     console.log(
-      chalk19.red.bold("  Decision: \u{1F534} REVIEW") + chalk19.gray("  \u2014 human approval required")
+      chalk20.red.bold("  Decision: \u{1F534} REVIEW") + chalk20.gray("  \u2014 human approval required")
     );
     if (result.blockedByLabel) {
-      console.log(chalk19.gray(`  Reason:   ${result.blockedByLabel}`));
+      console.log(chalk20.gray(`  Reason:   ${result.blockedByLabel}`));
     }
   }
   console.log("");
 });
 registerInitCommand(program);
 registerAuditCommand(program);
+registerReportCommand(program);
 registerStatusCommand(program);
 registerDaemonCommand(program);
 program.command("tail").description("Stream live agent activity to the terminal").option("--history", "Replay recent history then continue live", false).option("--clear", "Clear the history buffer and exit (does not stream)", false).action(async (options) => {
@@ -11966,7 +12713,7 @@ program.command("tail").description("Stream live agent activity to the terminal"
   try {
     await startTail2(options);
   } catch (err2) {
-    console.error(chalk19.red(`\u274C ${err2 instanceof Error ? err2.message : String(err2)}`));
+    console.error(chalk20.red(`\u274C ${err2 instanceof Error ? err2.message : String(err2)}`));
     process.exit(1);
   }
 });
@@ -11998,14 +12745,14 @@ Claude Code spawns this command every ~300ms and writes a JSON payload to stdin.
 Run "node9 addto claude" to register it as the statusLine.`
 ).argument("[subcommand]", 'Optional: "debug on" / "debug off" to toggle stdin logging').argument("[state]", 'on|off \u2014 used with "debug" subcommand').action(async (subcommand, state) => {
   if (subcommand === "debug") {
-    const flagFile = path31.join(os24.homedir(), ".node9", "hud-debug");
+    const flagFile = path34.join(os27.homedir(), ".node9", "hud-debug");
     if (state === "on") {
-      fs28.mkdirSync(path31.dirname(flagFile), { recursive: true });
-      fs28.writeFileSync(flagFile, "");
+      fs31.mkdirSync(path34.dirname(flagFile), { recursive: true });
+      fs31.writeFileSync(flagFile, "");
       console.log("HUD debug logging enabled \u2192 ~/.node9/hud-debug.log");
       console.log("Tail it with: tail -f ~/.node9/hud-debug.log");
     } else if (state === "off") {
-      if (fs28.existsSync(flagFile)) fs28.unlinkSync(flagFile);
+      if (fs31.existsSync(flagFile)) fs31.unlinkSync(flagFile);
       console.log("HUD debug logging disabled.");
     } else {
       console.error("Usage: node9 hud debug on|off");
@@ -12020,7 +12767,7 @@ program.command("pause").description("Temporarily disable Node9 protection for a
   const ms = parseDuration(options.duration);
   if (ms === null) {
     console.error(
-      chalk19.red(`
+      chalk20.red(`
 \u274C  Invalid duration: "${options.duration}". Use format like 15m, 1h, 30s.
 `)
     );
@@ -12028,20 +12775,20 @@ program.command("pause").description("Temporarily disable Node9 protection for a
   }
   pauseNode9(ms, options.duration);
   const expiresAt = new Date(Date.now() + ms).toLocaleTimeString();
-  console.log(chalk19.yellow(`
+  console.log(chalk20.yellow(`
 \u23F8  Node9 paused until ${expiresAt}`));
-  console.log(chalk19.gray(`   All tool calls will be allowed without review.`));
-  console.log(chalk19.gray(`   Run "node9 resume" to re-enable early.
+  console.log(chalk20.gray(`   All tool calls will be allowed without review.`));
+  console.log(chalk20.gray(`   Run "node9 resume" to re-enable early.
 `));
 });
 program.command("resume").description("Re-enable Node9 protection immediately").action(() => {
   const { paused } = checkPause();
   if (!paused) {
-    console.log(chalk19.gray("\nNode9 is already active \u2014 nothing to resume.\n"));
+    console.log(chalk20.gray("\nNode9 is already active \u2014 nothing to resume.\n"));
     return;
   }
   resumeNode9();
-  console.log(chalk19.green("\n\u25B6  Node9 resumed \u2014 protection is active.\n"));
+  console.log(chalk20.green("\n\u25B6  Node9 resumed \u2014 protection is active.\n"));
 });
 var HOOK_BASED_AGENTS = {
   claude: "claude",
@@ -12054,15 +12801,15 @@ program.argument("[command...]", "The agent command to run (e.g., gemini)").acti
     if (HOOK_BASED_AGENTS[firstArg2] !== void 0) {
       const target = HOOK_BASED_AGENTS[firstArg2];
       console.error(
-        chalk19.yellow(`
+        chalk20.yellow(`
 \u26A0\uFE0F  Node9 proxy mode does not support "${target}" directly.`)
       );
-      console.error(chalk19.white(`
+      console.error(chalk20.white(`
    "${target}" uses its own hook system. Use:`));
       console.error(
-        chalk19.green(`     node9 addto ${target}   `) + chalk19.gray("# one-time setup")
+        chalk20.green(`     node9 addto ${target}   `) + chalk20.gray("# one-time setup")
       );
-      console.error(chalk19.green(`     ${target}              `) + chalk19.gray("# run normally"));
+      console.error(chalk20.green(`     ${target}              `) + chalk20.gray("# run normally"));
       process.exit(1);
     }
     const runArgs = firstArg2 === "shell" ? commandArgs.slice(1) : commandArgs;
@@ -12079,7 +12826,7 @@ program.argument("[command...]", "The agent command to run (e.g., gemini)").acti
       }
     );
     if (result.noApprovalMechanism && !isDaemonRunning() && !process.env.NODE9_NO_AUTO_DAEMON && getConfig().settings.autoStartDaemon) {
-      console.error(chalk19.cyan("\n\u{1F6E1}\uFE0F  Node9: Starting approval daemon automatically..."));
+      console.error(chalk20.cyan("\n\u{1F6E1}\uFE0F  Node9: Starting approval daemon automatically..."));
       const daemonReady = await autoStartDaemonAndWait();
       if (daemonReady) result = await authorizeHeadless("shell", { command: fullCommand });
     }
@@ -12092,12 +12839,12 @@ program.argument("[command...]", "The agent command to run (e.g., gemini)").acti
     }
     if (!result.approved) {
       console.error(
-        chalk19.red(`
+        chalk20.red(`
 \u274C Node9 Blocked: ${result.reason || "Dangerous command detected."}`)
       );
       process.exit(1);
     }
-    console.error(chalk19.green("\n\u2705 Approved \u2014 running command...\n"));
+    console.error(chalk20.green("\n\u2705 Approved \u2014 running command...\n"));
     await runProxy(fullCommand);
   } else {
     program.help();
@@ -12112,9 +12859,9 @@ if (process.argv[2] !== "daemon") {
     const isCheckHook = process.argv[2] === "check";
     if (isCheckHook) {
       if (process.env.NODE9_DEBUG === "1" || getConfig().settings.enableHookLogDebug) {
-        const logPath = path31.join(os24.homedir(), ".node9", "hook-debug.log");
+        const logPath = path34.join(os27.homedir(), ".node9", "hook-debug.log");
         const msg = reason instanceof Error ? reason.message : String(reason);
-        fs28.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] UNHANDLED: ${msg}
+        fs31.appendFileSync(logPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] UNHANDLED: ${msg}
 `);
       }
       process.exit(0);