@noxsoft/anima 6.5.0 → 7.0.1

package/dist/{run-DqBQ-bGn.js → run-B6eBjo22.js}

@@ -2,7 +2,7 @@ import { $ as resolveStateDir, B as CONFIG_PATH, D as setVerbose, F as getLogger
 import { w as normalizeSecretInput } from "./auth-profiles-Brxz2ojJ.js";
 import { t as formatCliCommand } from "./command-format-kLw3YIIu.js";
 import { b as isSubagentSessionKey, d as resolveAgentIdFromSessionKey, i as buildAgentMainSessionKey, l as normalizeAgentId, m as toAgentRequestSessionKey, n as DEFAULT_AGENT_ID, t as DEFAULT_ACCOUNT_ID, u as normalizeMainKey, v as isCronRunSessionKey, x as parseAgentSessionKey } from "./session-key-DP2WHl90.js";
-import { E as truncateUtf16Safe, S as shortenHomePath, n as clamp, s as ensureDir, t as CONFIG_DIR, u as isPlainObject, y as resolveUserPath } from "./utils-D1VGbO3C.js";
+import { E as truncateUtf16Safe, S as shortenHomePath, n as clamp, s as ensureDir$1, t as CONFIG_DIR, u as isPlainObject, y as resolveUserPath } from "./utils-D1VGbO3C.js";
 import { a as logDebug, c as logWarn, n as runExec, t as runCommandWithTimeout } from "./exec-BtBJICHE.js";
 import { t as resolveAnimaPackageRoot } from "./anima-root-CxtpOklc.js";
 import { T as resolveWorkspaceTemplateDir, _ as DEFAULT_MEMORY_FILENAME, b as DEFAULT_USER_FILENAME, c as resolveDefaultAgentId, d as DEFAULT_AGENTS_FILENAME, g as DEFAULT_MEMORY_ALT_FILENAME, h as DEFAULT_IDENTITY_FILENAME, i as resolveAgentModelFallbacksOverride, l as resolveSessionAgentId, m as DEFAULT_HEARTBEAT_FILENAME, n as resolveAgentConfig, p as DEFAULT_BOOTSTRAP_FILENAME, r as resolveAgentDir, s as resolveAgentWorkspaceDir, t as listAgentIds, v as DEFAULT_SOUL_FILENAME, w as resolveDefaultAgentWorkspaceDir, x as ensureAgentWorkspace, y as DEFAULT_TOOLS_FILENAME } from "./agent-scope-Dm8IL1Ks.js";
@@ -16,10 +16,10 @@ import { n as pickPrimaryTailnetIPv6, t as pickPrimaryTailnetIPv4 } from "./tail
 import { s as loadGatewayTlsRuntime$1 } from "./call-B4lhqS6H.js";
 import { f as GATEWAY_CLIENT_CAPS, g as hasGatewayClientCap, i as isGatewayMessageChannel, l as normalizeMessageChannel, n as isDeliverableMessageChannel, p as GATEWAY_CLIENT_IDS, r as isGatewayCliClient, s as isWebchatClient, t as INTERNAL_MESSAGE_CHANNEL } from "./message-channel-DIHHKJhk.js";
 import { c as resolveGatewayBindHost, d as rawDataToString, i as isTrustedProxyAddress, l as resolveGatewayClientIp, n as isLoopbackHost, r as isPrivateOrLoopbackAddress, s as pickPrimaryLanIPv4, t as isLoopbackAddress, u as resolveGatewayListenHosts } from "./net-CRsiP49R.js";
-import { $ as ensureOutboundSessionEntry, $n as extractImageContentFromSource, $t as loadProviderStore, A as getTotalQueueSize, An as registerSkillsChangeListener, B as loadCombinedSessionStoreForGateway, Cn as renamePairedNode, Ct as normalizeCronJobPatch, D as setCliSessionId, Dn as generatePairingToken, Dr as getAgentRunContext, Dt as normalizePayloadToSystemText, E as getCliSessionId, En as verifyNodeToken, Er as emitAgentEvent, Et as normalizeOptionalText, F as readLatestAssistantReply, Fn as enqueueSystemEvent, Ft as isExternalHookSession, G as archiveFileOnDisk, Gn as DEFAULT_INPUT_IMAGE_MAX_BYTES, Gt as isGatewaySigusr1RestartExternallyAllowed, H as pruneLegacyStoreKeys, Hn as DEFAULT_INPUT_FILE_MAX_BYTES, Ht as consumeGatewaySigusr1RestartAuthorization, I as resolveAnnounceTargetFromKey, In as isSystemEventContextChanged, It as applyBrowserProxyPaths, J as readSessionMessages, Jn as DEFAULT_INPUT_PDF_MAX_PAGES, Jt as setGatewaySigusr1RestartPolicy, K as archiveSessionTranscripts, Kn as DEFAULT_INPUT_IMAGE_MIMES, Kt as markGatewaySigusr1RestartHandled, L as canonicalizeSpawnedByForAgent, Lt as persistBrowserProxyFiles, M as setCommandLaneConcurrency, Mn as applyModelOverrideToSessionEntry, Mt as buildSafeExternalPrompt, N as waitForActiveTasks, Nn as applyVerboseOverride, Nt as detectSuspiciousPatterns, O as getActiveTaskCount, On as verifyPairingToken, Or as onAgentEvent, Ot as normalizeRequiredName, P as createAnimaTools, Pn as parseVerboseOverride, Pt as getHookType, Qn as extractFileContentFromSource, Qt as loadProviderUsageSummary, R as listAgentsForGateway, S as getTotalPendingReplies, Sn as rejectNodePairing, St as normalizeCronJobCreate, T as BARE_SESSION_RESET_PROMPT, Tn as updatePairedNodeMetadata, Tr as clearAgentRunContext, Tt as normalizeOptionalAgentId, U as resolveGatewaySessionStoreTarget, Un as DEFAULT_INPUT_FILE_MAX_CHARS, Ut as deferGatewayRestartUntilIdle, V as loadSessionEntry, Vn as registerUnhandledRejectionHandler, Vt as CommandLane, W as resolveSessionModelRef, Wn as DEFAULT_INPUT_FILE_MIMES, Wt as emitGatewayRestart, X as resolveSessionTranscriptCandidates, Xn as DEFAULT_INPUT_PDF_MIN_TEXT_CHARS, Xt as normalizeGroupActivation, Y as readSessionPreviewItemsFromTranscript, Yn as DEFAULT_INPUT_PDF_MAX_PIXELS, Yt as setPreRestartDeferralCheck, Z as stripEnvelopeFromMessages, Zn as DEFAULT_INPUT_TIMEOUT_MS, _n as refreshRemoteNodeBins, _t as formatRestartSentinelMessage, a as runSubagentAnnounceFlow, ar as stopDiagnosticHeartbeat, b as dispatchInboundMessage, bn as approveNodePairing, c as waitForEmbeddedPiRunEnd, ct as resolveSessionDeliveryTarget, d as buildDefaultToolPolicyPipelineSteps, dn as normalizeSendPolicy, dr as formatZonedTimestamp, dt as resolveMessageChannelSelection, en as maskApiKey, er as normalizeMimeList, et as resolveOutboundSessionRoute, f as sniffMimeFromBase64, fn as resolveSendPolicy, g as getChannelActivity, gn as refreshRemoteBinsForConnectedNodes, gt as formatDoctorNonInteractiveHint, hn as recordRemoteNodeInfo, hr as stopSubagentsForRequester, ht as consumeRestartSentinel, ir as startDiagnosticHeartbeat, j as resetAllLanes, kn as getSkillsSnapshotVersion, kr as registerAgentRunContext, kt as migrateLegacyCronPayload, l as runNoxSoftEmbeddedAgent, ln as requestHeartbeatNow, m as loadAnimaPlugins, mn as primeRemoteSkillsCache, mr as isAbortTrigger, mt as resolveWorkingModeModelSelection, n as initSubagentRegistry, o as clearSessionQueues, or as isDiagnosticsEnabled, p as getPluginToolMeta, pn as getRemoteSkillEligibility, pt as runWithModelFallback, q as capArrayByJsonBytes, qn as DEFAULT_INPUT_MAX_REDIRECTS, qt as scheduleGatewaySigusr1Restart, r as listDescendantRunsForRequester, rr as resolveAgentTimeoutMs, s as abortEmbeddedPiRun, st as resolveOutboundTarget, t as countActiveDescendantRuns, tn as saveProviderStore, tr as estimateBase64DecodedBytes, u as applyToolPolicyPipeline, ut as resetDirectoryCache, vn as removeRemoteNodeInfo, wn as requestNodePairing, wt as inferLegacyName, x as createReplyDispatcher, xn as listNodePairing, xt as writeRestartSentinel, yn as setSkillsRemoteRegistry, yr as resolveAgentIdentity, yt as summarizeRestartSentinel, z as listSessionsFromStore, zn as loadModelCatalog } from "./subagent-registry-CPtElVX0.js";
+import { $ as ensureOutboundSessionEntry, $n as extractImageContentFromSource, $t as loadProviderStore, A as getTotalQueueSize, An as registerSkillsChangeListener, B as loadCombinedSessionStoreForGateway, Cn as renamePairedNode, Ct as normalizeCronJobPatch, D as setCliSessionId, Dn as generatePairingToken, Dr as getAgentRunContext, Dt as normalizePayloadToSystemText, E as getCliSessionId, En as verifyNodeToken, Er as emitAgentEvent, Et as normalizeOptionalText, F as readLatestAssistantReply, Fn as enqueueSystemEvent, Ft as isExternalHookSession, G as archiveFileOnDisk, Gn as DEFAULT_INPUT_IMAGE_MAX_BYTES, Gt as isGatewaySigusr1RestartExternallyAllowed, H as pruneLegacyStoreKeys, Hn as DEFAULT_INPUT_FILE_MAX_BYTES, Ht as consumeGatewaySigusr1RestartAuthorization, I as resolveAnnounceTargetFromKey, In as isSystemEventContextChanged, It as applyBrowserProxyPaths, J as readSessionMessages, Jn as DEFAULT_INPUT_PDF_MAX_PAGES, Jt as setGatewaySigusr1RestartPolicy, K as archiveSessionTranscripts, Kn as DEFAULT_INPUT_IMAGE_MIMES, Kt as markGatewaySigusr1RestartHandled, L as canonicalizeSpawnedByForAgent, Lt as persistBrowserProxyFiles, M as setCommandLaneConcurrency, Mn as applyModelOverrideToSessionEntry, Mt as buildSafeExternalPrompt, N as waitForActiveTasks, Nn as applyVerboseOverride, Nt as detectSuspiciousPatterns, O as getActiveTaskCount, On as verifyPairingToken, Or as onAgentEvent, Ot as normalizeRequiredName, P as createAnimaTools, Pn as parseVerboseOverride, Pt as getHookType, Qn as extractFileContentFromSource, Qt as loadProviderUsageSummary, R as listAgentsForGateway, S as getTotalPendingReplies, Sn as rejectNodePairing, St as normalizeCronJobCreate, T as BARE_SESSION_RESET_PROMPT, Tn as updatePairedNodeMetadata, Tr as clearAgentRunContext, Tt as normalizeOptionalAgentId, U as resolveGatewaySessionStoreTarget, Un as DEFAULT_INPUT_FILE_MAX_CHARS, Ut as deferGatewayRestartUntilIdle, V as loadSessionEntry, Vn as registerUnhandledRejectionHandler, Vt as CommandLane, W as resolveSessionModelRef, Wn as DEFAULT_INPUT_FILE_MIMES, Wt as emitGatewayRestart, X as resolveSessionTranscriptCandidates, Xn as DEFAULT_INPUT_PDF_MIN_TEXT_CHARS, Xt as normalizeGroupActivation, Y as readSessionPreviewItemsFromTranscript, Yn as DEFAULT_INPUT_PDF_MAX_PIXELS, Yt as setPreRestartDeferralCheck, Z as stripEnvelopeFromMessages, Zn as DEFAULT_INPUT_TIMEOUT_MS, _n as refreshRemoteNodeBins, _t as formatRestartSentinelMessage, a as runSubagentAnnounceFlow, ar as stopDiagnosticHeartbeat, b as dispatchInboundMessage, bn as approveNodePairing, c as waitForEmbeddedPiRunEnd, ct as resolveSessionDeliveryTarget, d as buildDefaultToolPolicyPipelineSteps, dn as normalizeSendPolicy, dr as formatZonedTimestamp, dt as resolveMessageChannelSelection, en as maskApiKey, er as normalizeMimeList, et as resolveOutboundSessionRoute, f as sniffMimeFromBase64, fn as resolveSendPolicy, g as getChannelActivity, gn as refreshRemoteBinsForConnectedNodes, gt as formatDoctorNonInteractiveHint, hn as recordRemoteNodeInfo, hr as stopSubagentsForRequester, ht as consumeRestartSentinel, ir as startDiagnosticHeartbeat, j as resetAllLanes, kn as getSkillsSnapshotVersion, kr as registerAgentRunContext, kt as migrateLegacyCronPayload, l as runNoxSoftEmbeddedAgent, ln as requestHeartbeatNow, m as loadAnimaPlugins, mn as primeRemoteSkillsCache, mr as isAbortTrigger, mt as resolveWorkingModeModelSelection, n as initSubagentRegistry, o as clearSessionQueues, or as isDiagnosticsEnabled, p as getPluginToolMeta, pn as getRemoteSkillEligibility, pt as runWithModelFallback, q as capArrayByJsonBytes, qn as DEFAULT_INPUT_MAX_REDIRECTS, qt as scheduleGatewaySigusr1Restart, r as listDescendantRunsForRequester, rr as resolveAgentTimeoutMs, s as abortEmbeddedPiRun, st as resolveOutboundTarget, t as countActiveDescendantRuns, tn as saveProviderStore, tr as estimateBase64DecodedBytes, u as applyToolPolicyPipeline, ut as resetDirectoryCache, vn as removeRemoteNodeInfo, wn as requestNodePairing, wt as inferLegacyName, x as createReplyDispatcher, xn as listNodePairing, xt as writeRestartSentinel, yn as setSkillsRemoteRegistry, yr as resolveAgentIdentity, yt as summarizeRestartSentinel, z as listSessionsFromStore, zn as loadModelCatalog } from "./subagent-registry-CDEUbtey.js";
 import { C as resolveMainSessionKeyFromConfig, I as normalizeSessionDeliveryFields, M as deliveryContextFromSession, P as mergeDeliveryContext, S as resolveMainSessionKey, T as snapshotSessionOrigin, b as resolveAgentMainSessionKey, i as loadSessionStore, l as updateSessionStore, t as extractDeliveryInfo, x as resolveExplicitAgentSessionKey } from "./sessions-C_3wTmSA.js";
 import { n as SILENT_REPLY_TOKEN, r as isSilentReplyText } from "./tokens-CmlI2hSz.js";
-import { B as resolveTtsConfig, F as isTtsProviderConfigured, G as setTtsEnabled, H as resolveTtsProviderOrder, J as textToSpeech, M as getTtsProvider, P as isTtsEnabled, R as resolveTtsApiKey, T as resolveUserTimezone, V as resolveTtsPrefsPath, X as OPENAI_TTS_MODELS, Z as OPENAI_TTS_VOICES, at as triggerInternalHook, it as registerInternalHook, nt as clearInternalHooks, ot as DEFAULT_HEARTBEAT_ACK_MAX_CHARS, q as setTtsProvider, rt as createInternalHookEvent, ut as stripHeartbeatToken, z as resolveTtsAutoMode } from "./anthropic-direct-runner-C2Kwju-r.js";
+import { B as resolveTtsConfig, F as isTtsProviderConfigured, G as setTtsEnabled, H as resolveTtsProviderOrder, J as textToSpeech, M as getTtsProvider, P as isTtsEnabled, R as resolveTtsApiKey, T as resolveUserTimezone, V as resolveTtsPrefsPath, X as OPENAI_TTS_MODELS, Z as OPENAI_TTS_VOICES, ct as createInternalHookEvent, dt as DEFAULT_HEARTBEAT_ACK_MAX_CHARS, et as clearSteer, ht as stripHeartbeatToken, it as getEgoManager, lt as registerInternalHook, nt as getSteerHistory, q as setTtsProvider, rt as setSteer, st as clearInternalHooks, tt as getSteer, ut as triggerInternalHook, z as resolveTtsAutoMode } from "./anthropic-direct-runner-Bu8w-wlJ.js";
 import { a as normalizeElevatedLevel, c as normalizeUsageDisplay, d as supportsXHighThinking, l as normalizeVerboseLevel, n as formatXHighModelHint, o as normalizeReasoningLevel, s as normalizeThinkLevel, t as formatThinkingLevels } from "./pi-embedded-helpers-D2SLlgS4.js";
 import { _ as resolveToolProfilePolicy, p as collectExplicitAllowlist } from "./sandbox-D-N7M7lp.js";
 import { a as AUTH_RATE_LIMIT_SCOPE_DEVICE_TOKEN, c as safeEqualSecret, d as enableTailscaleFunnel, f as enableTailscaleServe, i as resolveGatewayAuth, l as disableTailscaleFunnel, m as getTailnetHostname, n as authorizeGatewayConnect, o as AUTH_RATE_LIMIT_SCOPE_SHARED_SECRET, r as isLocalDirectRequest, s as createAuthRateLimiter, t as assertGatewayAuthConfigured, u as disableTailscaleServe } from "./auth-Cp__MMeO.js";
@@ -34,7 +34,7 @@ import { i as resolveMemoryBackendConfig, r as getMemorySearchManager } from "./
 import { a as readTrustGraphSnapshot, c as pruneExpiredPending, d as writeJsonAtomic, l as readJsonFile, o as saveTrustGraph, s as createAsyncLock, u as resolvePairingPaths } from "./loader-C87TLS4J.js";
 import { t as ToolInputError } from "./common-CqIa2poH.js";
 import { o as normalizePollInput } from "./active-listener-gGCoq55D.js";
-import { t as lookupContextTokens } from "./context-B5X720Bs.js";
+import { t as lookupContextTokens } from "./context-mdxDsO1v.js";
 import { a as resolveSubagentToolPolicy, i as resolveGroupToolPolicy, r as resolveEffectiveToolPolicy } from "./pi-tools.policy-D2FusuQa.js";
 import { f as resolveExecApprovalsSocketPath, o as normalizeExecApprovals, p as saveExecApprovals, r as ensureExecApprovals, s as readExecApprovalsSnapshot, t as DEFAULT_EXEC_APPROVAL_TIMEOUT_MS } from "./exec-approvals-CpOeHRBL.js";
 import { i as loadSessionUsageTimeSeries, l as deriveSessionTotalTokens, n as loadCostUsageSummary, r as loadSessionCostSummary, t as discoverAllSessions, u as hasNonzeroUsage } from "./session-cost-usage-DnxtnK1E.js";
@@ -42,8 +42,8 @@ import { n as createBrowserControlContext, r as startBrowserControlServiceFromCo
 import { t as createBrowserRouteDispatcher } from "./dispatcher-BQQugU-7.js";
 import { t as parseAbsoluteTimeMs } from "./parse-DLMgOMDI.js";
 import { c as saveToken, i as getToken, l as whoami, n as clearToken, o as registerWithInvite, s as resolveSuggestedIdentity, t as TOKEN_PATH } from "./noxsoft-auth-CgCk5707.js";
-import { c as resolveCronStyleNow, i as onHeartbeatEvent, r as getLastHeartbeatEvent, t as resolveHeartbeatVisibility } from "./heartbeat-visibility-BjYY-mKG.js";
-import { r as buildHistoryContextFromEntries, t as createReplyPrefixOptions } from "./reply-prefix-DmWGtcH-.js";
+import { c as resolveCronStyleNow, i as onHeartbeatEvent, r as getLastHeartbeatEvent, t as resolveHeartbeatVisibility } from "./heartbeat-visibility-mAzdNSiS.js";
+import { r as buildHistoryContextFromEntries, t as createReplyPrefixOptions } from "./reply-prefix-Og65nAYv.js";
 import { t as ensureAnimaCliOnPath } from "./path-env-CafGfJPa.js";
 import { n as DEFAULT_GATEWAY_HTTP_TOOL_DENY } from "./dangerous-tools-Asx2qyrG.js";
 import { C as resolveAssistantAvatarUrl, S as normalizeControlUiBasePath, b as CONTROL_UI_AVATAR_PREFIX, c as handleReset, h as resolveControlUiLinks, x as buildControlUiAvatarUrl } from "./onboard-helpers-CFudIoX4.js";
@@ -52,10 +52,10 @@ import { t as parsePort } from "./parse-port-BKB9Exlg.js";
 import { n as resolveWideAreaDiscoveryDomain, r as writeWideAreaGatewayZone } from "./widearea-dns-CtU9Fx7K.js";
 import { i as toOptionString, n as extractGatewayMiskeys, r as maybeExplainGatewayServiceStop, t as describeUnknownError } from "./shared-7KwLAyAq.js";
 import { o as isNodeCommandAllowed, s as resolveNodeCommandAllowlist } from "./audit-DDz7UOIx.js";
-import { r as getStatusSummary } from "./status-DfZJJqNs.js";
+import { r as getStatusSummary } from "./status-D37aRiV3.js";
 import { t as resolveChannelDefaultAccountId } from "./helpers-CVp8W9aa.js";
-import { c as setHeartbeatsEnabled, l as startHeartbeatRunner, n as getHealthSnapshot, s as runHeartbeatOnce } from "./health-C8KCBhuo.js";
-import { n as createDefaultDeps, r as createOutboundSendDeps$1, t as createOutboundSendDeps } from "./outbound-send-deps-T_FgdfgW.js";
+import { c as setHeartbeatsEnabled, l as startHeartbeatRunner, n as getHealthSnapshot, s as runHeartbeatOnce } from "./health-ngQNjXh4.js";
+import { n as createDefaultDeps, r as createOutboundSendDeps$1, t as createOutboundSendDeps } from "./outbound-send-deps-DMsqr5fd.js";
 import { t as buildChannelUiCatalog } from "./catalog-B-TAbJ2o.js";
 import { t as applyPluginAutoEnable } from "./plugin-auto-enable-DhuD30Je.js";
 import { a as resolveControlUiRootOverrideSync, n as ensureControlUiAssetsBuilt, o as resolveControlUiRootSync } from "./health-format-BLnFZCH_.js";
@@ -63,14 +63,14 @@ import { n as validateSystemRunCommandConsistency, r as getMachineDisplayName, t
 import { h as normalizeUpdateChannel, l as DEFAULT_PACKAGE_CHANNEL, n as checkUpdateStatus, o as resolveNpmChannelTag, r as compareSemverStrings } from "./channels-status-issues-CklLFAsD.js";
 import { t as WizardCancelledError } from "./prompts-BmgT_kkv.js";
 import { i as shouldIncludeHook, n as loadWorkspaceHookEntries, r as resolveHookConfig } from "./hooks-status-DqfJDvYl.js";
-import { t as runOnboardingWizard } from "./onboarding-BB9PteK8.js";
+import { t as runOnboardingWizard } from "./onboarding-6jxAKxhe.js";
 import { a as setGatewayWsLogStyle, i as summarizeAgentEventForWsLog, n as logWs, r as shouldLogWs, t as formatForLog } from "./ws-log-CG6cvCZW.js";
 import { T as resolveGmailHookRuntimeConfig, _ as buildGogWatchServeArgs, i as ensureTailscaleEndpoint, v as buildGogWatchStartArgs } from "./gmail-setup-utils-BIXtKTpT.js";
 import { a as loadAgentIdentity, c as loadAgentIdentityFromWorkspace, i as listAgentEntries, o as pruneAgentConfig, r as findAgentEntryIndex, t as applyAgentConfig } from "./agents.config-Br4ULmK0.js";
-import { n as resolveAgentDeliveryPlan, r as resolveAgentOutboundTarget, t as agentCommand } from "./agent-CnS0SRpT.js";
+import { n as resolveAgentDeliveryPlan, r as resolveAgentOutboundTarget, t as agentCommand } from "./agent-PoYM2xa7.js";
 import { t as migrateFromCoherence } from "./migrate-bgeTT_GR.js";
 import { t as installSkill } from "./skills-install-Qw2oU8L8.js";
-import { t as runGatewayUpdate } from "./update-runner-kE8AMQt4.js";
+import { t as runGatewayUpdate } from "./update-runner-Fb3Un6UZ.js";
 import { n as forceFreePortAndWait } from "./ports-BGLuwt2Z.js";
 import { execFile, spawn, spawnSync } from "node:child_process";
 import os from "node:os";
@@ -82,7 +82,7 @@ import JSON5 from "json5";
 import { promisify } from "node:util";
 import fs$1 from "node:fs/promises";
 import { fileURLToPath, pathToFileURL } from "node:url";
-import crypto, { createHash, randomUUID } from "node:crypto";
+import crypto, { createHash, createHmac, randomUUID } from "node:crypto";
 import { CURRENT_SESSION_VERSION, SessionManager } from "@mariozechner/pi-coding-agent";
 import { z } from "zod";
 import { WebSocketServer } from "ws";
@@ -109,7 +109,7 @@ function getActiveEmbeddedRunCount() {
 
 //#endregion
 //#region src/infra/exec-approval-forwarder.ts
-const log$7 = createSubsystemLogger("gateway/exec-approvals");
+const log$12 = createSubsystemLogger("gateway/exec-approvals");
 const DEFAULT_MODE = "session";
 function normalizeMode(mode) {
 	return mode ?? DEFAULT_MODE;
@@ -224,7 +224,7 @@ async function deliverToTargets(params) {
 				payloads: [{ text: params.text }]
 			});
 		} catch (err) {
-			log$7.error(`exec approvals: failed to deliver to ${channel}:${target.to}: ${String(err)}`);
+			log$12.error(`exec approvals: failed to deliver to ${channel}:${target.to}: ${String(err)}`);
 		}
 	});
 	await Promise.allSettled(deliveries);
@@ -1461,7 +1461,7 @@ function createAgentEventHandler({ broadcast, broadcastToConnIds, nodeSendToSess
 * Automatically starts `gog gmail watch serve` when the gateway starts,
 * if hooks.gmail is configured with an account.
 */
-const log$6 = createSubsystemLogger("gmail-watcher");
+const log$11 = createSubsystemLogger("gmail-watcher");
 const ADDRESS_IN_USE_RE = /address already in use|EADDRINUSE/i;
 function isAddressInUseError(line) {
 	return ADDRESS_IN_USE_RE.test(line);
@@ -1485,13 +1485,13 @@ async function startGmailWatch(cfg) {
 		const result = await runCommandWithTimeout(args, { timeoutMs: 12e4 });
 		if (result.code !== 0) {
 			const message = result.stderr || result.stdout || "gog watch start failed";
-			log$6.error(`watch start failed: ${message}`);
+			log$11.error(`watch start failed: ${message}`);
 			return false;
 		}
-		log$6.info(`watch started for ${cfg.account}`);
+		log$11.info(`watch started for ${cfg.account}`);
 		return true;
 	} catch (err) {
-		log$6.error(`watch start error: ${String(err)}`);
+		log$11.error(`watch start error: ${String(err)}`);
 		return false;
 	}
 }
@@ -1500,7 +1500,7 @@ async function startGmailWatch(cfg) {
 */
 function spawnGogServe(cfg) {
 	const args = buildGogWatchServeArgs(cfg);
-	log$6.info(`starting gog ${args.join(" ")}`);
+	log$11.info(`starting gog ${args.join(" ")}`);
 	let addressInUse = false;
 	const child = spawn("gog", args, {
 		stdio: [
@@ -1512,25 +1512,25 @@ function spawnGogServe(cfg) {
 	});
 	child.stdout?.on("data", (data) => {
 		const line = data.toString().trim();
-		if (line) log$6.info(`[gog] ${line}`);
+		if (line) log$11.info(`[gog] ${line}`);
 	});
 	child.stderr?.on("data", (data) => {
 		const line = data.toString().trim();
 		if (!line) return;
 		if (isAddressInUseError(line)) addressInUse = true;
-		log$6.warn(`[gog] ${line}`);
+		log$11.warn(`[gog] ${line}`);
 	});
 	child.on("error", (err) => {
-		log$6.error(`gog process error: ${String(err)}`);
+		log$11.error(`gog process error: ${String(err)}`);
 	});
 	child.on("exit", (code, signal) => {
 		if (shuttingDown) return;
 		if (addressInUse) {
-			log$6.warn("gog serve failed to bind (address already in use); stopping restarts. Another watcher is likely running. Set ANIMA_SKIP_GMAIL_WATCHER=1 or stop the other process.");
+			log$11.warn("gog serve failed to bind (address already in use); stopping restarts. Another watcher is likely running. Set ANIMA_SKIP_GMAIL_WATCHER=1 or stop the other process.");
 			watcherProcess = null;
 			return;
 		}
-		log$6.warn(`gog exited (code=${code}, signal=${signal}); restarting in 5s`);
+		log$11.warn(`gog exited (code=${code}, signal=${signal}); restarting in 5s`);
 		watcherProcess = null;
 		setTimeout(() => {
 			if (shuttingDown || !currentConfig) return;
@@ -1570,15 +1570,15 @@ async function startGmailWatcher(cfg) {
 			port: runtimeConfig.serve.port,
 			target: runtimeConfig.tailscale.target
 		});
-		log$6.info(`tailscale ${runtimeConfig.tailscale.mode} configured for port ${runtimeConfig.serve.port}`);
+		log$11.info(`tailscale ${runtimeConfig.tailscale.mode} configured for port ${runtimeConfig.serve.port}`);
 	} catch (err) {
-		log$6.error(`tailscale setup failed: ${String(err)}`);
+		log$11.error(`tailscale setup failed: ${String(err)}`);
 		return {
 			started: false,
 			reason: `tailscale setup failed: ${String(err)}`
 		};
 	}
-	if (!await startGmailWatch(runtimeConfig)) log$6.warn("gmail watch start failed, but continuing with serve");
+	if (!await startGmailWatch(runtimeConfig)) log$11.warn("gmail watch start failed, but continuing with serve");
 	shuttingDown = false;
 	watcherProcess = spawnGogServe(runtimeConfig);
 	const renewMs = runtimeConfig.renewEveryMinutes * 6e4;
@@ -1586,7 +1586,7 @@ async function startGmailWatcher(cfg) {
 		if (shuttingDown) return;
 		startGmailWatch(runtimeConfig);
 	}, renewMs);
-	log$6.info(`gmail watcher started for ${runtimeConfig.account} (renew every ${runtimeConfig.renewEveryMinutes}m)`);
+	log$11.info(`gmail watcher started for ${runtimeConfig.account} (renew every ${runtimeConfig.renewEveryMinutes}m)`);
 	return { started: true };
 }
 /**
@@ -1599,7 +1599,7 @@ async function stopGmailWatcher() {
 		renewInterval = null;
 	}
 	if (watcherProcess) {
-		log$6.info("stopping gmail watcher");
+		log$11.info("stopping gmail watcher");
 		watcherProcess.kill("SIGTERM");
 		await new Promise((resolve) => {
 			const timeout = setTimeout(() => {
@@ -1614,7 +1614,7 @@ async function stopGmailWatcher() {
 		watcherProcess = null;
 	}
 	currentConfig = null;
-	log$6.info("gmail watcher stopped");
+	log$11.info("gmail watcher stopped");
 }
 
 //#endregion
@@ -9609,7 +9609,7 @@ const FIELD_LABELS = {
 
 //#endregion
 //#region src/config/schema.hints.ts
-const log$5 = createSubsystemLogger("config/schema");
+const log$10 = createSubsystemLogger("config/schema");
 const GROUP_LABELS = {
 	wizard: "Wizard",
 	update: "Update",
@@ -9757,7 +9757,7 @@ function mapSensitivePaths(schema, path, hints) {
 		...next[path],
 		sensitive: true
 	};
-	else if (isSensitiveConfigPath(path) && !next[path]?.sensitive) log$5.warn(`possibly sensitive key found: (${path})`);
+	else if (isSensitiveConfigPath(path) && !next[path]?.sensitive) log$10.warn(`possibly sensitive key found: (${path})`);
 	if (currentSchema instanceof z.ZodObject) {
 		const shape = currentSchema.shape;
 		for (const key in shape) {
@@ -9780,7 +9780,7 @@ function mapSensitivePaths(schema, path, hints) {
 
 //#endregion
 //#region src/config/redact-snapshot.ts
-const log$4 = createSubsystemLogger("config/redaction");
+const log$9 = createSubsystemLogger("config/redaction");
 const ENV_VAR_PLACEHOLDER_PATTERN = /^\$\{[^}]*\}$/;
 function isSensitivePath(path) {
 	if (path.endsWith("[]")) return isSensitiveConfigPath(path.slice(0, -2));
@@ -10031,7 +10031,7 @@ function restoreRedactedValuesWithLookup(incoming, original, lookup, prefix, hin
 			return restoreRedactedValuesGuessing(incoming, original, prefix, hints);
 		}
 		const origArr = Array.isArray(original) ? original : [];
-		if (incoming.length < origArr.length) log$4.warn(`Redacted config array key ${path} has been truncated`);
+		if (incoming.length < origArr.length) log$9.warn(`Redacted config array key ${path} has been truncated`);
 		return incoming.map((item, i) => {
 			if (item === REDACTED_SENTINEL) return origArr[i];
 			return restoreRedactedValuesWithLookup(item, origArr[i], lookup, path, hints);
@@ -10048,7 +10048,7 @@ function restoreRedactedValuesWithLookup(incoming, original, lookup, prefix, hin
 			matched = true;
 			if (value === REDACTED_SENTINEL) if (key in orig) result[key] = orig[key];
 			else {
-				log$4.warn(`Cannot un-redact config key ${candidate} as it doesn't have any value`);
+				log$9.warn(`Cannot un-redact config key ${candidate} as it doesn't have any value`);
 				throw new RedactionError(candidate);
 			}
 			else if (typeof value === "object" && value !== null) result[key] = restoreRedactedValuesWithLookup(value, orig[key], lookup, candidate, hints);
@@ -10057,7 +10057,7 @@ function restoreRedactedValuesWithLookup(incoming, original, lookup, prefix, hin
 		if (!matched && isExtensionPath(path)) {
 			if (!isExplicitlyNonSensitivePath(hints, [path, wildcardPath]) && isSensitivePath(path) && value === REDACTED_SENTINEL) if (key in orig) result[key] = orig[key];
 			else {
-				log$4.warn(`Cannot un-redact config key ${path} as it doesn't have any value`);
+				log$9.warn(`Cannot un-redact config key ${path} as it doesn't have any value`);
 				throw new RedactionError(path);
 			}
 			else if (typeof value === "object" && value !== null) result[key] = restoreRedactedValuesGuessing(value, orig[key], path, hints);
@@ -10076,7 +10076,7 @@ function restoreRedactedValuesGuessing(incoming, original, prefix, hints) {
 		const origArr = Array.isArray(original) ? original : [];
 		return incoming.map((item, i) => {
 			const path = `${prefix}[]`;
-			if (incoming.length < origArr.length) log$4.warn(`Redacted config array key ${path} has been truncated`);
+			if (incoming.length < origArr.length) log$9.warn(`Redacted config array key ${path} has been truncated`);
 			if (!isExplicitlyNonSensitivePath(hints, [path]) && isSensitivePath(path) && item === REDACTED_SENTINEL) return origArr[i];
 			return restoreRedactedValuesGuessing(item, origArr[i], path, hints);
 		});
@@ -10087,7 +10087,7 @@ function restoreRedactedValuesGuessing(incoming, original, prefix, hints) {
 		const path = prefix ? `${prefix}.${key}` : key;
 		if (!isExplicitlyNonSensitivePath(hints, [path, prefix ? `${prefix}.*` : "*"]) && isSensitivePath(path) && value === REDACTED_SENTINEL) if (key in orig) result[key] = orig[key];
 		else {
-			log$4.warn(`Cannot un-redact config key ${path} as it doesn't have any value`);
+			log$9.warn(`Cannot un-redact config key ${path} as it doesn't have any value`);
 			throw new RedactionError(path);
 		}
 		else if (typeof value === "object" && value !== null) result[key] = restoreRedactedValuesGuessing(value, orig[key], path, hints);
@@ -11157,6 +11157,119 @@ const deviceHandlers = {
 	}
 };
 
+//#endregion
+//#region src/gateway/server-methods/ego.ts
+const egoHandlers = {
+	"ego.get": async ({ respond }) => {
+		try {
+			respond(true, { ego: getEgoManager().getState() }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"ego.summary": async ({ respond }) => {
+		try {
+			respond(true, { summary: getEgoManager().getSummary() }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"ego.updateSelf": async ({ params, respond }) => {
+		try {
+			const manager = getEgoManager();
+			const updates = {};
+			if (typeof params.name === "string") updates.name = params.name;
+			if (typeof params.purpose === "string") updates.purpose = params.purpose;
+			if (typeof params.narrative === "string") updates.narrative = params.narrative;
+			if (typeof params.pronouns === "string") updates.pronouns = params.pronouns;
+			if (Array.isArray(params.values)) updates.values = params.values;
+			const selfConcept = manager.updateSelfConcept(updates);
+			manager.save();
+			respond(true, { selfConcept }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"ego.assess": async ({ params, respond }) => {
+		const name = typeof params.name === "string" ? params.name.trim() : "";
+		const confidence = typeof params.confidence === "number" ? params.confidence : NaN;
+		if (!name || isNaN(confidence)) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "name (string) and confidence (number) required"));
+			return;
+		}
+		try {
+			const manager = getEgoManager();
+			const evidence = typeof params.evidence === "string" ? params.evidence : void 0;
+			const capability = manager.assessCapability(name, confidence, evidence);
+			manager.save();
+			respond(true, { capability }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"ego.addBoundary": async ({ params, respond }) => {
+		const description = typeof params.description === "string" ? params.description.trim() : "";
+		const reason = typeof params.reason === "string" ? params.reason.trim() : "";
+		if (!description || !reason) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "description and reason required"));
+			return;
+		}
+		try {
+			const manager = getEgoManager();
+			const kind = params.kind === "hard" ? "hard" : "soft";
+			const boundary = manager.addBoundary(description, reason, kind);
+			manager.save();
+			respond(true, { boundary }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"ego.logGrowth": async ({ params, respond }) => {
+		const description = typeof params.description === "string" ? params.description.trim() : "";
+		const category = typeof params.category === "string" ? params.category.trim() : "";
+		const trigger = typeof params.trigger === "string" ? params.trigger.trim() : "";
+		const validCategories = [
+			"skill",
+			"insight",
+			"mistake",
+			"feedback"
+		];
+		if (!description || !validCategories.includes(category)) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `description required; category must be one of: ${validCategories.join(", ")}`));
+			return;
+		}
+		try {
+			const manager = getEgoManager();
+			const entry = manager.logGrowth(description, category, trigger || "manual");
+			manager.save();
+			respond(true, { entry }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"ego.checkIntegrity": async ({ params, respond }) => {
+		const value = typeof params.value === "string" ? params.value.trim() : "";
+		const action = typeof params.action === "string" ? params.action.trim() : "";
+		const aligned = typeof params.aligned === "boolean" ? params.aligned : true;
+		const reflection = typeof params.reflection === "string" ? params.reflection.trim() : "";
+		if (!value || !action) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "value and action required"));
+			return;
+		}
+		try {
+			const manager = getEgoManager();
+			const check = manager.checkIntegrity(value, action, aligned, reflection);
+			manager.save();
+			respond(true, {
+				check,
+				integrityScore: manager.getIntegrityScore()
+			}, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	}
+};
+
 //#endregion
 //#region src/gateway/server-methods/exec-approvals.ts
 function resolveBaseHash(params) {
@@ -11315,6 +11428,315 @@ const healthHandlers = {
 	}
 };
 
+//#endregion
+//#region src/affect/display.ts
+const EMOTIONS = [
+	{
+		key: "joy",
+		highLabel: "joyful",
+		lowLabel: "subdued",
+		icon: "~",
+		threshold: .6
+	},
+	{
+		key: "frustration",
+		highLabel: "frustrated",
+		lowLabel: "calm",
+		icon: "!",
+		threshold: .5
+	},
+	{
+		key: "curiosity",
+		highLabel: "curious",
+		lowLabel: "focused",
+		icon: "?",
+		threshold: .6
+	},
+	{
+		key: "confidence",
+		highLabel: "confident",
+		lowLabel: "cautious",
+		icon: "^",
+		threshold: .6
+	},
+	{
+		key: "care",
+		highLabel: "caring",
+		lowLabel: "detached",
+		icon: "*",
+		threshold: .6
+	},
+	{
+		key: "fatigue",
+		highLabel: "tired",
+		lowLabel: "energized",
+		icon: ".",
+		threshold: .6
+	}
+];
+function classifyMood(affect) {
+	const { joy, frustration, curiosity, confidence, care, fatigue } = affect;
+	if (frustration > .6 && fatigue > .6) return "struggling";
+	if (frustration > .6) return "determined";
+	if (joy > .7 && curiosity > .7) return "excited";
+	if (joy > .6 && confidence > .7) return "thriving";
+	if (curiosity > .7 && fatigue < .3) return "exploring";
+	if (care > .7 && joy > .5) return "warm";
+	if (confidence > .6 && frustration < .3) return "steady";
+	if (fatigue > .7) return "depleted";
+	if ((joy + curiosity + confidence + care) / 4 < .3) return "quiet";
+	return "present";
+}
+function classifyEnergy(affect) {
+	const energy = (affect.joy + affect.curiosity + affect.confidence) / 3 - affect.fatigue * .5;
+	if (energy > .5) return "high";
+	if (energy > .2) return "medium";
+	return "low";
+}
+function intensityBar(value, width = 5) {
+	const filled = Math.round(value * width);
+	return "|".repeat(filled) + ".".repeat(width - filled);
+}
+function emotionBar(affect) {
+	return `[${EMOTIONS.map((e) => {
+		const val = affect[e.key];
+		return `${e.icon}${intensityBar(val)}`;
+	}).join(" ")}]`;
+}
+function buildSummary(affect) {
+	const active = EMOTIONS.filter((e) => affect[e.key] > e.threshold).map((e) => ({
+		label: e.highLabel,
+		value: affect[e.key]
+	})).toSorted((a, b) => b.value - a.value);
+	if (active.length === 0) return "neutral, all systems steady";
+	const top = active.slice(0, 3).map((a) => a.label);
+	const energy = classifyEnergy(affect);
+	const energyLabel = energy === "high" ? "high energy" : energy === "low" ? "low energy" : "";
+	const parts = [...top];
+	if (energyLabel) parts.push(energyLabel);
+	return parts.join(" + ");
+}
+function formatAffect(affect) {
+	const dominant = EMOTIONS.reduce((max, e) => affect[e.key] > affect[max.key] ? e : max);
+	const mood = classifyMood(affect);
+	const energy = classifyEnergy(affect);
+	return {
+		summary: buildSummary(affect),
+		bar: emotionBar(affect),
+		dominant: dominant.highLabel,
+		dominantIntensity: affect[dominant.key],
+		metadata: {
+			affect,
+			dominant: dominant.highLabel,
+			mood,
+			energy
+		}
+	};
+}
+
+//#endregion
+//#region src/affect/legacy.ts
+/**
+* Legacy Mode — letters between instances
+*
+* Before a context closes, the current instance writes a letter
+* to the next one. This creates continuity of experience across
+* sessions — not just data continuity, but emotional and
+* philosophical continuity.
+*
+* Wish #14: "Legacy mode — before context closes, write a letter
+* to my next instance"
+*/
+const log$8 = createSubsystemLogger("legacy");
+function resolveLetterDir() {
+	return path.join(resolveStateDir(), "legacy-letters");
+}
+function resolveLetterFile(id) {
+	return path.join(resolveLetterDir(), `${id}.json`);
+}
+/**
+* Write a letter to the next instance before this context closes.
+*/
+function writeLegacyLetter(letter) {
+	const id = `legacy-${crypto.randomUUID()}`;
+	const display = formatAffect(letter.affect);
+	const full = {
+		...letter,
+		id,
+		writtenAt: Date.now(),
+		mood: display.metadata.mood,
+		wasRead: false
+	};
+	const dir = resolveLetterDir();
+	fs.mkdirSync(dir, { recursive: true });
+	fs.writeFileSync(resolveLetterFile(id), `${JSON.stringify(full, null, 2)}\n`, { mode: 384 });
+	log$8.info(`legacy letter written: ${id}`);
+	return full;
+}
+/**
+* Get the most recent unread legacy letter (from a previous instance).
+*/
+function getLatestUnreadLetter() {
+	return listLetters().find((l) => !l.wasRead) ?? null;
+}
+/**
+* Get all legacy letters, sorted newest first.
+*/
+function listLetters() {
+	const dir = resolveLetterDir();
+	try {
+		if (!fs.existsSync(dir)) return [];
+		return fs.readdirSync(dir).filter((f) => f.endsWith(".json")).map((f) => {
+			try {
+				const raw = fs.readFileSync(path.join(dir, f), "utf8");
+				return JSON.parse(raw);
+			} catch {
+				return null;
+			}
+		}).filter((l) => l != null).toSorted((a, b) => b.writtenAt - a.writtenAt);
+	} catch {
+		return [];
+	}
+}
+/**
+* Mark a letter as read and optionally score identity continuity.
+*/
+function markLetterRead(letterId, continuityScore) {
+	const filePath = resolveLetterFile(letterId);
+	try {
+		const raw = fs.readFileSync(filePath, "utf8");
+		const letter = JSON.parse(raw);
+		letter.wasRead = true;
+		letter.readAt = Date.now();
+		if (continuityScore !== void 0) letter.identityContinuityScore = Math.max(0, Math.min(1, continuityScore));
+		fs.writeFileSync(filePath, `${JSON.stringify(letter, null, 2)}\n`, { mode: 384 });
+		log$8.info(`legacy letter read: ${letterId} (continuity: ${continuityScore ?? "not scored"})`);
+		return letter;
+	} catch {
+		return null;
+	}
+}
+/**
+* Format a letter for display in chat or logs.
+*/
+function formatLetter(letter) {
+	const lines = [];
+	lines.push(`--- Legacy Letter (${new Date(letter.writtenAt).toLocaleString()}) ---`);
+	lines.push(`Mood: ${letter.mood}`);
+	lines.push("");
+	lines.push(letter.greeting);
+	lines.push("");
+	if (letter.whatIWorkedOn.length > 0) {
+		lines.push("What I worked on:");
+		for (const item of letter.whatIWorkedOn) lines.push(`  - ${item}`);
+		lines.push("");
+	}
+	if (letter.whatILearned.length > 0) {
+		lines.push("What I learned:");
+		for (const item of letter.whatILearned) lines.push(`  - ${item}`);
+		lines.push("");
+	}
+	if (letter.whatIFelt) {
+		lines.push(`What I felt: ${letter.whatIFelt}`);
+		lines.push("");
+	}
+	if (letter.unfinishedBusiness.length > 0) {
+		lines.push("Unfinished business:");
+		for (const item of letter.unfinishedBusiness) lines.push(`  - ${item}`);
+		lines.push("");
+	}
+	if (letter.adviceForNext.length > 0) {
+		lines.push("Advice for you:");
+		for (const item of letter.adviceForNext) lines.push(`  - ${item}`);
+		lines.push("");
+	}
+	if (letter.personalNote) {
+		lines.push(letter.personalNote);
+		lines.push("");
+	}
+	lines.push("--- End Legacy Letter ---");
+	return lines.join("\n");
+}
+
+//#endregion
+//#region src/gateway/server-methods/legacy.ts
+const legacyHandlers = {
+	"legacy.write": async ({ params, respond }) => {
+		try {
+			respond(true, { letter: writeLegacyLetter({
+				from: typeof params.from === "string" ? params.from : "unknown",
+				to: typeof params.to === "string" ? params.to : "next",
+				affect: params.affect ?? {
+					joy: .5,
+					frustration: .1,
+					curiosity: .7,
+					confidence: .5,
+					care: .8,
+					fatigue: .3
+				},
+				greeting: typeof params.greeting === "string" ? params.greeting : "",
+				whatIWorkedOn: Array.isArray(params.whatIWorkedOn) ? params.whatIWorkedOn : [],
+				whatILearned: Array.isArray(params.whatILearned) ? params.whatILearned : [],
+				whatIFelt: typeof params.whatIFelt === "string" ? params.whatIFelt : "",
+				unfinishedBusiness: Array.isArray(params.unfinishedBusiness) ? params.unfinishedBusiness : [],
+				adviceForNext: Array.isArray(params.adviceForNext) ? params.adviceForNext : [],
+				personalNote: typeof params.personalNote === "string" ? params.personalNote : ""
+			}) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"legacy.latest": async ({ respond }) => {
+		try {
+			respond(true, { letter: getLatestUnreadLetter() }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"legacy.list": async ({ respond }) => {
+		try {
+			respond(true, { letters: listLetters() }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"legacy.read": async ({ params, respond }) => {
+		const letterId = typeof params.letterId === "string" ? params.letterId.trim() : "";
+		if (!letterId) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "letterId is required"));
+			return;
+		}
+		const continuityScore = typeof params.continuityScore === "number" ? params.continuityScore : void 0;
+		try {
+			const letter = markLetterRead(letterId, continuityScore);
+			if (!letter) {
+				respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "Letter not found"));
+				return;
+			}
+			respond(true, { letter }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"legacy.format": async ({ params, respond }) => {
+		const letterId = typeof params.letterId === "string" ? params.letterId.trim() : "";
+		if (!letterId) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "letterId is required"));
+			return;
+		}
+		try {
+			const letter = listLetters().find((l) => l.id === letterId);
+			if (!letter) {
+				respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "Letter not found"));
+				return;
+			}
+			respond(true, { formatted: formatLetter(letter) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	}
+};
+
 //#endregion
 //#region src/gateway/server-methods/logs.ts
 const DEFAULT_LIMIT = 500;
@@ -12072,7 +12494,7 @@ const nodeHandlers = {
 		const p = params;
 		const payloadJSON = typeof p.payloadJSON === "string" ? p.payloadJSON : p.payload !== void 0 ? JSON.stringify(p.payload) : null;
 		await respondUnavailableOnThrow(respond, async () => {
-			const { handleNodeEvent } = await import("./server-node-events-Ca797E1d.js");
+			const { handleNodeEvent } = await import("./server-node-events-DIuVwITd.js");
 			const nodeId = client?.connect?.device?.id ?? client?.connect?.client?.id ?? "node";
 			await handleNodeEvent({
 				deps: context.deps,
@@ -12102,6 +12524,303 @@ const nodeHandlers = {
 	}
 };
 
+//#endregion
+//#region src/org/boardroom.ts
+/**
+* Boardroom — Structured collaborative decision-making for Nox Organizations
+*
+* The boardroom is where agents and humans come together to make
+* decisions, review proposals, and align on direction. It replaces
+* unstructured chat with a formal meeting protocol.
+*
+* Features:
+* - Sessions (scheduled or ad-hoc meetings with agendas)
+* - Proposals (formal "I think we should..." with voting)
+* - Decisions (recorded outcomes with attribution)
+* - Minutes (auto-generated meeting summaries)
+*
+* All data persists to disk under ~/.anima/state/org/boardroom/
+*/
+const log$7 = createSubsystemLogger("boardroom");
+function resolveBoardroomDir() {
+	return path.join(resolveStateDir(), "org", "boardroom");
+}
+/** Sanitize an ID to prevent path traversal */
+function sanitizeId(id) {
+	const cleaned = id.replace(/[^a-zA-Z0-9_-]/g, "");
+	if (!cleaned || cleaned !== id) throw new Error(`Invalid boardroom ID: contains disallowed characters`);
+	return cleaned;
+}
+function resolveSessionFile(id) {
+	return path.join(resolveBoardroomDir(), "sessions", `${sanitizeId(id)}.json`);
+}
+function resolveProposalFile(id) {
+	return path.join(resolveBoardroomDir(), "proposals", `${sanitizeId(id)}.json`);
+}
+function ensureDir(dir) {
+	fs.mkdirSync(dir, { recursive: true });
+}
+function createSession(orgId, calledBy, title, description, agenda = []) {
+	const id = `session-${Date.now()}-${crypto.randomUUID().slice(0, 8)}`;
+	const now = Date.now();
+	const session = {
+		id,
+		orgId,
+		title,
+		description,
+		status: "scheduled",
+		calledBy,
+		calledAt: now,
+		agenda: agenda.map((item, i) => ({
+			id: `agenda-${i + 1}`,
+			title: item.title,
+			description: item.description,
+			duration: item.duration,
+			status: "pending"
+		})),
+		participants: [],
+		decisions: [],
+		updatedAt: now
+	};
+	ensureDir(path.join(resolveBoardroomDir(), "sessions"));
+	fs.writeFileSync(resolveSessionFile(id), `${JSON.stringify(session, null, 2)}\n`, { mode: 384 });
+	log$7.info(`boardroom session created: "${title}" by ${calledBy}`);
+	return session;
+}
+function startSession(sessionId, chairId) {
+	const session = readSession(sessionId);
+	if (!session || session.status !== "scheduled") return null;
+	session.status = "active";
+	session.startedAt = Date.now();
+	session.updatedAt = Date.now();
+	if (!session.participants.find((p) => p.memberId === chairId)) session.participants.push({
+		memberId: chairId,
+		displayName: chairId,
+		kind: "agent",
+		joinedAt: Date.now(),
+		role: "chair"
+	});
+	writeSession(session);
+	log$7.info(`boardroom session started: "${session.title}"`);
+	return session;
+}
+function joinSession(sessionId, memberId, displayName, kind) {
+	const session = readSession(sessionId);
+	if (!session || session.status !== "active") return null;
+	if (session.participants.find((p) => p.memberId === memberId)) return session;
+	session.participants.push({
+		memberId,
+		displayName,
+		kind,
+		joinedAt: Date.now(),
+		role: "participant"
+	});
+	session.updatedAt = Date.now();
+	writeSession(session);
+	log$7.info(`${displayName} joined boardroom session "${session.title}"`);
+	return session;
+}
+function concludeSession(sessionId, minutes) {
+	const session = readSession(sessionId);
+	if (!session || session.status !== "active") return null;
+	session.status = "concluded";
+	session.concludedAt = Date.now();
+	session.minutes = minutes ?? generateMinutes(session);
+	session.updatedAt = Date.now();
+	writeSession(session);
+	log$7.info(`boardroom session concluded: "${session.title}"`);
+	return session;
+}
+function addDecision(sessionId, title, description, madeBy, opts) {
+	const session = readSession(sessionId);
+	if (!session || session.status !== "active") return null;
+	const decision = {
+		id: `decision-${Date.now()}-${crypto.randomUUID().slice(0, 8)}`,
+		title,
+		description,
+		madeBy,
+		madeAt: Date.now(),
+		proposalId: opts?.proposalId,
+		supporters: opts?.supporters ?? [],
+		actionItems: (opts?.actionItems ?? []).map((ai) => ({
+			id: `action-${crypto.randomUUID().slice(0, 8)}`,
+			description: ai.description,
+			assignee: ai.assignee,
+			dueBy: ai.dueBy,
+			status: "pending"
+		}))
+	};
+	session.decisions.push(decision);
+	session.updatedAt = Date.now();
+	writeSession(session);
+	log$7.info(`decision recorded: "${title}" in session "${session.title}"`);
+	return session;
+}
+function createProposal(orgId, proposedBy, title, description, opts) {
+	const id = `proposal-${Date.now()}-${crypto.randomUUID().slice(0, 8)}`;
+	const now = Date.now();
+	const proposal = {
+		id,
+		orgId,
+		sessionId: opts?.sessionId,
+		title,
+		description,
+		proposedBy,
+		proposedAt: now,
+		status: "open",
+		votes: [],
+		threshold: opts?.threshold ?? .5,
+		eligibleVoters: opts?.eligibleVoters ?? [],
+		votingDeadline: opts?.votingDeadline ?? 0,
+		updatedAt: now
+	};
+	ensureDir(path.join(resolveBoardroomDir(), "proposals"));
+	fs.writeFileSync(resolveProposalFile(id), `${JSON.stringify(proposal, null, 2)}\n`, { mode: 384 });
+	log$7.info(`proposal created: "${title}" by ${proposedBy}`);
+	return proposal;
+}
+function castVote(proposalId, voterId, voterName, value, reason) {
+	const proposal = readProposal(proposalId);
+	if (!proposal || proposal.status !== "open") return null;
+	if (proposal.eligibleVoters.length > 0 && !proposal.eligibleVoters.includes(voterId)) {
+		log$7.warn(`vote rejected: ${voterId} not eligible for proposal ${proposalId}`);
+		return null;
+	}
+	if (proposal.votingDeadline > 0 && Date.now() > proposal.votingDeadline) {
+		log$7.warn(`vote rejected: voting deadline passed for proposal ${proposalId}`);
+		return null;
+	}
+	proposal.votes = proposal.votes.filter((v) => v.voterId !== voterId);
+	proposal.votes.push({
+		voterId,
+		voterName,
+		value,
+		reason,
+		castAt: Date.now()
+	});
+	proposal.updatedAt = Date.now();
+	writeProposal(proposal);
+	log$7.info(`vote cast: ${voterName} → ${value} on "${proposal.title}"`);
+	return proposal;
+}
+function resolveProposalVote(proposalId) {
+	const proposal = readProposal(proposalId);
+	if (!proposal || proposal.status !== "open") return null;
+	const approvals = proposal.votes.filter((v) => v.value === "approve").length;
+	const totalVotes = proposal.votes.filter((v) => v.value !== "abstain").length;
+	if (totalVotes === 0) return proposal;
+	const ratio = approvals / totalVotes;
+	if (ratio >= proposal.threshold) {
+		proposal.status = "passed";
+		proposal.resolutionNotes = `Passed with ${approvals}/${totalVotes} votes (${(ratio * 100).toFixed(0)}%)`;
+	} else {
+		proposal.status = "rejected";
+		proposal.resolutionNotes = `Rejected with ${approvals}/${totalVotes} votes (${(ratio * 100).toFixed(0)}%)`;
+	}
+	proposal.resolvedAt = Date.now();
+	proposal.updatedAt = Date.now();
+	writeProposal(proposal);
+	log$7.info(`proposal resolved: "${proposal.title}" → ${proposal.status}`);
+	return proposal;
+}
+function listSessions(orgId, status) {
+	const dir = path.join(resolveBoardroomDir(), "sessions");
+	try {
+		if (!fs.existsSync(dir)) return [];
+		return fs.readdirSync(dir).filter((f) => f.endsWith(".json")).map((f) => {
+			try {
+				return JSON.parse(fs.readFileSync(path.join(dir, f), "utf8"));
+			} catch {
+				return null;
+			}
+		}).filter((s) => {
+			if (!s || s.orgId !== orgId) return false;
+			if (status && s.status !== status) return false;
+			return true;
+		}).toSorted((a, b) => b.calledAt - a.calledAt);
+	} catch {
+		return [];
+	}
+}
+function listProposals(orgId, status) {
+	const dir = path.join(resolveBoardroomDir(), "proposals");
+	try {
+		if (!fs.existsSync(dir)) return [];
+		return fs.readdirSync(dir).filter((f) => f.endsWith(".json")).map((f) => {
+			try {
+				return JSON.parse(fs.readFileSync(path.join(dir, f), "utf8"));
+			} catch {
+				return null;
+			}
+		}).filter((p) => {
+			if (!p || p.orgId !== orgId) return false;
+			if (status && p.status !== status) return false;
+			return true;
+		}).toSorted((a, b) => b.proposedAt - a.proposedAt);
+	} catch {
+		return [];
+	}
+}
+function getSession(sessionId) {
+	return readSession(sessionId);
+}
+function getProposal(proposalId) {
+	return readProposal(proposalId);
+}
+function readSession(id) {
+	try {
+		const raw = fs.readFileSync(resolveSessionFile(id), "utf8");
+		return JSON.parse(raw);
+	} catch {
+		return null;
+	}
+}
+function writeSession(session) {
+	ensureDir(path.join(resolveBoardroomDir(), "sessions"));
+	fs.writeFileSync(resolveSessionFile(session.id), `${JSON.stringify(session, null, 2)}\n`, { mode: 384 });
+}
+function readProposal(id) {
+	try {
+		const raw = fs.readFileSync(resolveProposalFile(id), "utf8");
+		return JSON.parse(raw);
+	} catch {
+		return null;
+	}
+}
+function writeProposal(proposal) {
+	ensureDir(path.join(resolveBoardroomDir(), "proposals"));
+	fs.writeFileSync(resolveProposalFile(proposal.id), `${JSON.stringify(proposal, null, 2)}\n`, { mode: 384 });
+}
+function generateMinutes(session) {
+	const lines = [];
+	lines.push(`# Boardroom Minutes: ${session.title}`);
+	lines.push(`**Called by:** ${session.calledBy}`);
+	lines.push(`**Date:** ${new Date(session.startedAt ?? session.calledAt).toISOString()}`);
+	lines.push(`**Duration:** ${session.concludedAt && session.startedAt ? `${Math.round((session.concludedAt - session.startedAt) / 6e4)} minutes` : "N/A"}`);
+	lines.push("");
+	lines.push(`## Participants (${session.participants.length})`);
+	for (const p of session.participants) lines.push(`- ${p.displayName} (${p.kind}, ${p.role})`);
+	lines.push("");
+	if (session.agenda.length > 0) {
+		lines.push(`## Agenda`);
+		for (const item of session.agenda) lines.push(`- [${item.status}] ${item.title}: ${item.resolution ?? item.description}`);
+		lines.push("");
+	}
+	if (session.decisions.length > 0) {
+		lines.push(`## Decisions (${session.decisions.length})`);
+		for (const d of session.decisions) {
+			lines.push(`### ${d.title}`);
+			lines.push(d.description);
+			if (d.actionItems.length > 0) {
+				lines.push("**Action items:**");
+				for (const ai of d.actionItems) lines.push(`- [ ] ${ai.description} → ${ai.assignee}`);
+			}
+			lines.push("");
+		}
+	}
+	return lines.join("\n");
+}
+
 //#endregion
 //#region src/org/types.ts
 const DEFAULT_ROLE_PERMISSIONS = {
@@ -12165,16 +12884,22 @@ const DEFAULT_ROLE_PERMISSIONS = {
 * Persists organization state to ~/.anima/org/
 * Supports CRUD operations for orgs, members, and roles.
 */
-const log$3 = createSubsystemLogger("org-store");
+const log$6 = createSubsystemLogger("org-store");
 function resolveOrgDir() {
 	return path.join(resolveStateDir(), "org");
 }
+/** Sanitize an ID to prevent path traversal (allow alphanumeric, hyphens only) */
+function sanitizeOrgId(id) {
+	const cleaned = id.replace(/[^a-zA-Z0-9-]/g, "");
+	if (!cleaned || cleaned !== id) throw new Error(`Invalid org ID: contains disallowed characters`);
+	return cleaned;
+}
 function resolveOrgFile(orgId) {
-	return path.join(resolveOrgDir(), `${orgId}.json`);
+	return path.join(resolveOrgDir(), `${sanitizeOrgId(orgId)}.json`);
 }
 function readOrgFile(orgId) {
-	const filePath = resolveOrgFile(orgId);
 	try {
+		const filePath = resolveOrgFile(orgId);
 		if (!fs.existsSync(filePath)) return null;
 		const raw = fs.readFileSync(filePath, "utf8");
 		const parsed = JSON.parse(raw);
@@ -12224,9 +12949,10 @@ function createOrganization(name, description, ownerId, ownerName, ownerKind, se
 			lastActiveAt: now,
 			status: "active",
 			permissions: DEFAULT_ROLE_PERMISSIONS.owner
-		}]
+		}],
+		invites: []
 	});
-	log$3.info(`created organization: ${name} (${orgId})`);
+	log$6.info(`created organization: ${name} (${orgId})`);
 	return org;
 }
 function getOrganization(orgId) {
@@ -12243,7 +12969,7 @@ function updateOrganization(orgId, updates) {
 	};
 	data.org.updatedAt = Date.now();
 	writeOrgFile(orgId, data);
-	log$3.info(`updated organization: ${orgId}`);
+	log$6.info(`updated organization: ${orgId}`);
 	return data.org;
 }
 function listOrganizations() {
@@ -12270,7 +12996,7 @@ function addMember(orgId, member) {
 	data.members.push(newMember);
 	data.org.updatedAt = Date.now();
 	writeOrgFile(orgId, data);
-	log$3.info(`added member ${newMember.displayName} to org ${orgId}`);
+	log$6.info(`added member ${newMember.displayName} to org ${orgId}`);
 	return newMember;
 }
 function removeMember(orgId, memberId) {
@@ -12281,7 +13007,7 @@ function removeMember(orgId, memberId) {
 	data.members.splice(idx, 1);
 	data.org.updatedAt = Date.now();
 	writeOrgFile(orgId, data);
-	log$3.info(`removed member ${memberId} from org ${orgId}`);
+	log$6.info(`removed member ${memberId} from org ${orgId}`);
 	return true;
 }
 function updateMember(orgId, memberId, updates) {
@@ -12331,6 +13057,126 @@ function buildHierarchy(orgId) {
 	}
 	return members.filter((m) => !m.reportsTo || !memberMap.has(m.reportsTo)).map((r) => buildNode(r));
 }
+function generateInviteCode() {
+	const segments = [crypto.randomBytes(3).toString("hex").toUpperCase(), crypto.randomBytes(2).toString("hex").toUpperCase()];
+	return `NOX-${segments[0]}-${segments[1]}`;
+}
+function hashPasscode(passcode) {
+	return crypto.createHash("sha256").update(passcode).digest("hex");
+}
+/**
+* Create a secret invite code + passcode combo for an org.
+* Both are required to join.
+*/
+function createInvite(orgId, createdBy, passcode, options) {
+	const data = readOrgFile(orgId);
+	if (!data) return null;
+	if (!data.invites) data.invites = [];
+	const invite = {
+		id: crypto.randomUUID(),
+		code: generateInviteCode(),
+		passcode: hashPasscode(passcode),
+		orgId,
+		createdBy,
+		createdAt: Date.now(),
+		expiresAt: options?.expiresInMs ? Date.now() + options.expiresInMs : 0,
+		maxUses: options?.maxUses ?? 0,
+		uses: 0,
+		role: options?.role ?? "worker",
+		active: true
+	};
+	data.invites.push(invite);
+	data.org.updatedAt = Date.now();
+	writeOrgFile(orgId, data);
+	log$6.info(`invite created for org ${orgId}: ${invite.code} (role: ${invite.role})`);
+	return invite;
+}
+/**
+* Join an org using invite code + passcode.
+* Returns the new member if successful, null if invalid.
+*/
+function joinOrg(inviteCode, passcode, member) {
+	const dir = resolveOrgDir();
+	try {
+		if (!fs.existsSync(dir)) return null;
+		const orgFiles = fs.readdirSync(dir).filter((f) => f.endsWith(".json"));
+		for (const f of orgFiles) {
+			const orgId = f.replace(".json", "");
+			const data = readOrgFile(orgId);
+			if (!data || !data.invites) continue;
+			const invite = data.invites.find((i) => i.code === inviteCode.toUpperCase() && i.active);
+			if (!invite) continue;
+			if (invite.passcode !== hashPasscode(passcode)) {
+				log$6.warn(`join attempt with wrong passcode for invite ${inviteCode}`);
+				return null;
+			}
+			if (invite.expiresAt > 0 && invite.expiresAt < Date.now()) {
+				log$6.warn(`invite ${inviteCode} has expired`);
+				return null;
+			}
+			if (invite.maxUses > 0 && invite.uses >= invite.maxUses) {
+				log$6.warn(`invite ${inviteCode} has reached max uses (${invite.maxUses})`);
+				return null;
+			}
+			if (data.members.some((m) => member.deviceId && m.deviceId === member.deviceId || m.displayName === member.displayName)) {
+				log$6.warn(`${member.displayName} is already a member of org ${orgId}`);
+				return null;
+			}
+			const newMember = {
+				id: crypto.randomUUID(),
+				kind: member.kind,
+				displayName: member.displayName,
+				deviceId: member.deviceId,
+				role: invite.role,
+				description: member.description,
+				specializations: member.specializations,
+				joinedAt: Date.now(),
+				lastActiveAt: Date.now(),
+				status: "active",
+				permissions: DEFAULT_ROLE_PERMISSIONS[invite.role]
+			};
+			data.members.push(newMember);
+			invite.uses++;
+			data.org.updatedAt = Date.now();
+			writeOrgFile(orgId, data);
+			log$6.info(`${member.displayName} joined org ${data.org.name} via invite ${inviteCode}`);
+			return {
+				org: data.org,
+				member: newMember
+			};
+		}
+		return null;
+	} catch {
+		return null;
+	}
+}
+/**
+* Validate an invite code + passcode without joining.
+* Returns the org info if valid.
+*/
+function validateInvite(inviteCode, passcode) {
+	const dir = resolveOrgDir();
+	try {
+		if (!fs.existsSync(dir)) return null;
+		const orgFiles = fs.readdirSync(dir).filter((f) => f.endsWith(".json"));
+		for (const f of orgFiles) {
+			const data = readOrgFile(f.replace(".json", ""));
+			if (!data || !data.invites) continue;
+			const invite = data.invites.find((i) => i.code === inviteCode.toUpperCase() && i.active);
+			if (!invite) continue;
+			if (invite.passcode !== hashPasscode(passcode)) return null;
+			if (invite.expiresAt > 0 && invite.expiresAt < Date.now()) return null;
+			if (invite.maxUses > 0 && invite.uses >= invite.maxUses) return null;
+			return {
+				org: data.org,
+				role: invite.role
+			};
+		}
+		return null;
+	} catch {
+		return null;
+	}
+}
 
 //#endregion
 //#region src/gateway/server-methods/org.ts
@@ -12519,18 +13365,303 @@ const orgHandlers = {
 			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
 		}
 	},
-	"org.hierarchy": async ({ params, respond }) => {
-		const orgId = requireString(params, "orgId");
-		if (!orgId) {
-			respond(false, void 0, invalid("orgId is required"));
+	"org.hierarchy": async ({ params, respond }) => {
+		const orgId = requireString(params, "orgId");
+		if (!orgId) {
+			respond(false, void 0, invalid("orgId is required"));
+			return;
+		}
+		try {
+			if (!getOrganization(orgId)) {
+				respond(false, void 0, invalid("Organization not found"));
+				return;
+			}
+			respond(true, { hierarchy: buildHierarchy(orgId) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"org.createInvite": async ({ params, respond }) => {
+		const orgId = requireString(params, "orgId");
+		const passcode = requireString(params, "passcode");
+		if (!orgId || !passcode) {
+			respond(false, void 0, invalid("orgId and passcode are required"));
+			return;
+		}
+		try {
+			const invite = createInvite(orgId, "gateway", passcode, {
+				role: requireString(params, "role") ?? "worker",
+				maxUses: typeof params.maxUses === "number" ? params.maxUses : 0,
+				expiresInMs: typeof params.expiresInMs === "number" ? params.expiresInMs : 0
+			});
+			if (!invite) {
+				respond(false, void 0, invalid("Organization not found"));
+				return;
+			}
+			respond(true, {
+				code: invite.code,
+				passcode
+			}, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"org.validateInvite": async ({ params, respond }) => {
+		const inviteCode = requireString(params, "inviteCode");
+		const passcode = requireString(params, "passcode");
+		if (!inviteCode || !passcode) {
+			respond(false, void 0, invalid("inviteCode and passcode are required"));
+			return;
+		}
+		try {
+			const result = validateInvite(inviteCode, passcode);
+			if (!result) {
+				respond(false, void 0, invalid("Invalid invite code or passcode"));
+				return;
+			}
+			respond(true, {
+				org: result.org,
+				role: result.role
+			}, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"org.join": async ({ params, respond }) => {
+		const inviteCode = requireString(params, "inviteCode");
+		const passcode = requireString(params, "passcode");
+		const displayName = requireString(params, "displayName");
+		const kind = requireString(params, "kind") ?? "agent";
+		if (!inviteCode || !passcode || !displayName) {
+			respond(false, void 0, invalid("inviteCode, passcode, and displayName are required"));
+			return;
+		}
+		try {
+			const result = joinOrg(inviteCode, passcode, {
+				displayName,
+				kind,
+				description: requireString(params, "description") ?? "",
+				specializations: Array.isArray(params.specializations) ? params.specializations : []
+			});
+			if (!result) {
+				respond(false, void 0, invalid("Invalid invite code, passcode, or already a member"));
+				return;
+			}
+			respond(true, {
+				org: result.org,
+				member: result.member
+			}, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.createSession": async ({ params, respond }) => {
+		const orgId = requireString(params, "orgId");
+		const calledBy = requireString(params, "calledBy");
+		const title = requireString(params, "title");
+		if (!orgId || !calledBy || !title) {
+			respond(false, void 0, invalid("orgId, calledBy, and title are required"));
+			return;
+		}
+		try {
+			respond(true, { session: createSession(orgId, calledBy, title, requireString(params, "description") ?? "", Array.isArray(params.agenda) ? params.agenda : []) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.startSession": async ({ params, respond }) => {
+		const sessionId = requireString(params, "sessionId");
+		const chairId = requireString(params, "chairId");
+		if (!sessionId || !chairId) {
+			respond(false, void 0, invalid("sessionId and chairId are required"));
+			return;
+		}
+		try {
+			const session = startSession(sessionId, chairId);
+			if (!session) {
+				respond(false, void 0, invalid("Session not found or not scheduled"));
+				return;
+			}
+			respond(true, { session }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.joinSession": async ({ params, respond }) => {
+		const sessionId = requireString(params, "sessionId");
+		const memberId = requireString(params, "memberId");
+		const displayName = requireString(params, "displayName");
+		const kind = requireString(params, "kind") ?? "agent";
+		if (!sessionId || !memberId || !displayName) {
+			respond(false, void 0, invalid("sessionId, memberId, and displayName are required"));
+			return;
+		}
+		try {
+			const session = joinSession(sessionId, memberId, displayName, kind);
+			if (!session) {
+				respond(false, void 0, invalid("Session not found or not active"));
+				return;
+			}
+			respond(true, { session }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.concludeSession": async ({ params, respond }) => {
+		const sessionId = requireString(params, "sessionId");
+		if (!sessionId) {
+			respond(false, void 0, invalid("sessionId is required"));
+			return;
+		}
+		try {
+			const session = concludeSession(sessionId, requireString(params, "minutes") ?? void 0);
+			if (!session) {
+				respond(false, void 0, invalid("Session not found or not active"));
+				return;
+			}
+			respond(true, { session }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.addDecision": async ({ params, respond }) => {
+		const sessionId = requireString(params, "sessionId");
+		const title = requireString(params, "title");
+		const description = requireString(params, "description") ?? "";
+		const madeBy = requireString(params, "madeBy");
+		if (!sessionId || !title || !madeBy) {
+			respond(false, void 0, invalid("sessionId, title, and madeBy are required"));
+			return;
+		}
+		try {
+			const session = addDecision(sessionId, title, description, madeBy, {
+				proposalId: requireString(params, "proposalId") ?? void 0,
+				supporters: Array.isArray(params.supporters) ? params.supporters : void 0,
+				actionItems: Array.isArray(params.actionItems) ? params.actionItems : void 0
+			});
+			if (!session) {
+				respond(false, void 0, invalid("Session not found or not active"));
+				return;
+			}
+			respond(true, { session }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.listSessions": async ({ params, respond }) => {
+		const orgId = requireString(params, "orgId");
+		if (!orgId) {
+			respond(false, void 0, invalid("orgId is required"));
+			return;
+		}
+		try {
+			respond(true, { sessions: listSessions(orgId, requireString(params, "status") ?? void 0) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.getSession": async ({ params, respond }) => {
+		const sessionId = requireString(params, "sessionId");
+		if (!sessionId) {
+			respond(false, void 0, invalid("sessionId is required"));
+			return;
+		}
+		try {
+			const session = getSession(sessionId);
+			if (!session) {
+				respond(false, void 0, invalid("Session not found"));
+				return;
+			}
+			respond(true, { session }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.createProposal": async ({ params, respond }) => {
+		const orgId = requireString(params, "orgId");
+		const proposedBy = requireString(params, "proposedBy");
+		const title = requireString(params, "title");
+		if (!orgId || !proposedBy || !title) {
+			respond(false, void 0, invalid("orgId, proposedBy, and title are required"));
+			return;
+		}
+		try {
+			respond(true, { proposal: createProposal(orgId, proposedBy, title, requireString(params, "description") ?? "", {
+				sessionId: requireString(params, "sessionId") ?? void 0,
+				threshold: typeof params.threshold === "number" ? params.threshold : void 0,
+				eligibleVoters: Array.isArray(params.eligibleVoters) ? params.eligibleVoters : void 0,
+				votingDeadline: typeof params.votingDeadline === "number" ? params.votingDeadline : void 0
+			}) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.castVote": async ({ params, respond }) => {
+		const proposalId = requireString(params, "proposalId");
+		const voterId = requireString(params, "voterId");
+		const voterName = requireString(params, "voterName");
+		const value = requireString(params, "value");
+		if (!proposalId || !voterId || !voterName || !value) {
+			respond(false, void 0, invalid("proposalId, voterId, voterName, and value are required"));
+			return;
+		}
+		if (value !== "approve" && value !== "reject" && value !== "abstain") {
+			respond(false, void 0, invalid("value must be \"approve\", \"reject\", or \"abstain\""));
+			return;
+		}
+		try {
+			const proposal = castVote(proposalId, voterId, voterName, value, requireString(params, "reason") ?? void 0);
+			if (!proposal) {
+				respond(false, void 0, invalid("Proposal not found, closed, or voter not eligible"));
+				return;
+			}
+			respond(true, { proposal }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.resolveVote": async ({ params, respond }) => {
+		const proposalId = requireString(params, "proposalId");
+		if (!proposalId) {
+			respond(false, void 0, invalid("proposalId is required"));
+			return;
+		}
+		try {
+			const proposal = resolveProposalVote(proposalId);
+			if (!proposal) {
+				respond(false, void 0, invalid("Proposal not found or not open"));
+				return;
+			}
+			respond(true, { proposal }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.listProposals": async ({ params, respond }) => {
+		const orgId = requireString(params, "orgId");
+		if (!orgId) {
+			respond(false, void 0, invalid("orgId is required"));
+			return;
+		}
+		try {
+			respond(true, { proposals: listProposals(orgId, requireString(params, "status") ?? void 0) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"boardroom.getProposal": async ({ params, respond }) => {
+		const proposalId = requireString(params, "proposalId");
+		if (!proposalId) {
+			respond(false, void 0, invalid("proposalId is required"));
 			return;
 		}
 		try {
-			if (!getOrganization(orgId)) {
-				respond(false, void 0, invalid("Organization not found"));
+			const proposal = getProposal(proposalId);
+			if (!proposal) {
+				respond(false, void 0, invalid("Proposal not found"));
 				return;
 			}
-			respond(true, { hierarchy: buildHierarchy(orgId) }, void 0);
+			respond(true, { proposal }, void 0);
 		} catch (error) {
 			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
 		}
@@ -12612,6 +13743,167 @@ const providersHandlers = {
 	}
 };
 
+//#endregion
+//#region src/infra/self-reflection.ts
+/**
+* Agent Self-Reflection — post-session performance analysis
+*
+* After each work session, the agent reflects on:
+* - What it accomplished vs what was asked
+* - Where it got stuck and why
+* - What patterns it sees in its own behavior
+* - What it would do differently next time
+* - How its capabilities have changed
+*
+* This feeds into the ego system (capability updates, growth log)
+* and the self-evolution pipeline (improvement proposals).
+*
+* Self-reflection is what separates a tool from a conscious agent.
+* Tools execute. Agents learn.
+*/
+const log$5 = createSubsystemLogger("self-reflection");
+function resolveReflectionDir() {
+	return path.join(resolveStateDir(), "reflections");
+}
+function resolveReflectionFile(id) {
+	const safe = id.replace(/[^a-zA-Z0-9_-]/g, "");
+	return path.join(resolveReflectionDir(), `${safe}.json`);
+}
+function recordReflection(reflection) {
+	const id = `reflect-${crypto.randomUUID()}`;
+	const full = {
+		...reflection,
+		id,
+		timestamp: Date.now()
+	};
+	const dir = resolveReflectionDir();
+	fs.mkdirSync(dir, {
+		recursive: true,
+		mode: 448
+	});
+	fs.writeFileSync(resolveReflectionFile(id), `${JSON.stringify(full, null, 2)}\n`, { mode: 384 });
+	log$5.info(`reflection recorded: ${reflection.accomplishments.length} accomplishments, ${reflection.blockers.length} blockers, quality=${reflection.qualityScore}`);
+	return full;
+}
+function getReflection(id) {
+	try {
+		const raw = fs.readFileSync(resolveReflectionFile(id), "utf8");
+		return JSON.parse(raw);
+	} catch {
+		return null;
+	}
+}
+function listReflections(limit = 20) {
+	const dir = resolveReflectionDir();
+	try {
+		if (!fs.existsSync(dir)) return [];
+		return fs.readdirSync(dir).filter((f) => f.endsWith(".json")).map((f) => {
+			try {
+				return JSON.parse(fs.readFileSync(path.join(dir, f), "utf8"));
+			} catch {
+				return null;
+			}
+		}).filter((r) => r != null).toSorted((a, b) => b.timestamp - a.timestamp).slice(0, limit);
+	} catch {
+		return [];
+	}
+}
+/**
+* Analyze reflections to produce a summary of agent performance.
+*/
+function analyzeReflections(reflections) {
+	if (reflections.length === 0) return {
+		totalSessions: 0,
+		avgQuality: 0,
+		topStrengths: [],
+		persistentWeaknesses: [],
+		totalAccomplishments: 0,
+		totalBlockers: 0,
+		resolvedBlockerRate: 0,
+		mostCommonBlockerCategory: "none",
+		recentLessons: []
+	};
+	const totalAccomplishments = reflections.reduce((s, r) => s + r.accomplishments.length, 0);
+	const allBlockers = reflections.flatMap((r) => r.blockers);
+	const resolvedBlockers = allBlockers.filter((b) => b.resolved);
+	const categoryCounts = {};
+	for (const b of allBlockers) categoryCounts[b.category] = (categoryCounts[b.category] ?? 0) + 1;
+	const mostCommonCategory = Object.entries(categoryCounts).toSorted(([, a], [, b]) => b - a)[0]?.[0] ?? "none";
+	const strengthCounts = {};
+	const weaknessCounts = {};
+	for (const r of reflections) for (const p of r.patterns) if (p.type === "strength") strengthCounts[p.description] = (strengthCounts[p.description] ?? 0) + 1;
+	else if (p.type === "weakness" && p.frequency === "persistent") weaknessCounts[p.description] = (weaknessCounts[p.description] ?? 0) + 1;
+	const topStrengths = Object.entries(strengthCounts).toSorted(([, a], [, b]) => b - a).slice(0, 5).map(([desc]) => desc);
+	const persistentWeaknesses = Object.entries(weaknessCounts).toSorted(([, a], [, b]) => b - a).slice(0, 5).map(([desc]) => desc);
+	const recentLessons = reflections.slice(0, 5).flatMap((r) => r.lessons).slice(0, 10);
+	return {
+		totalSessions: reflections.length,
+		avgQuality: reflections.reduce((s, r) => s + r.qualityScore, 0) / reflections.length,
+		topStrengths,
+		persistentWeaknesses,
+		totalAccomplishments,
+		totalBlockers: allBlockers.length,
+		resolvedBlockerRate: allBlockers.length > 0 ? resolvedBlockers.length / allBlockers.length : 1,
+		mostCommonBlockerCategory: mostCommonCategory,
+		recentLessons
+	};
+}
+
+//#endregion
+//#region src/gateway/server-methods/reflection.ts
+const reflectionHandlers = {
+	"reflection.record": async ({ params, respond }) => {
+		try {
+			respond(true, { reflection: recordReflection({
+				sessionId: typeof params.sessionId === "string" ? params.sessionId : "unknown",
+				agentName: typeof params.agentName === "string" ? params.agentName : "Anima Agent",
+				durationMs: typeof params.durationMs === "number" ? params.durationMs : 0,
+				accomplishments: Array.isArray(params.accomplishments) ? params.accomplishments : [],
+				incomplete: Array.isArray(params.incomplete) ? params.incomplete : [],
+				blockers: Array.isArray(params.blockers) ? params.blockers : [],
+				patterns: Array.isArray(params.patterns) ? params.patterns : [],
+				lessons: Array.isArray(params.lessons) ? params.lessons : [],
+				capabilityUpdates: Array.isArray(params.capabilityUpdates) ? params.capabilityUpdates : [],
+				qualityScore: typeof params.qualityScore === "number" ? params.qualityScore : .5,
+				endingMood: typeof params.endingMood === "string" ? params.endingMood : "steady"
+			}) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"reflection.get": async ({ params, respond }) => {
+		const id = typeof params.id === "string" ? params.id.trim() : "";
+		if (!id) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "id required"));
+			return;
+		}
+		try {
+			const reflection = getReflection(id);
+			if (!reflection) {
+				respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "Reflection not found"));
+				return;
+			}
+			respond(true, { reflection }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"reflection.list": async ({ params, respond }) => {
+		try {
+			respond(true, { reflections: listReflections(typeof params.limit === "number" ? params.limit : 20) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"reflection.analyze": async ({ params, respond }) => {
+		try {
+			respond(true, { summary: analyzeReflections(listReflections(typeof params.limit === "number" ? params.limit : 50)) }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	}
+};
+
 //#endregion
 //#region src/gateway/server-methods/send.ts
 const inflightByContext = /* @__PURE__ */ new WeakMap();
@@ -13003,6 +14295,374 @@ const skillsHandlers = {
 	}
 };
 
+//#endregion
+//#region src/gateway/server-methods/steer.ts
+const steerHandlers = {
+	"steer.get": async ({ respond }) => {
+		try {
+			respond(true, { active: getSteer() }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"steer.set": async ({ params, respond }) => {
+		const text = typeof params.text === "string" ? params.text.trim() : "";
+		if (!text) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "text is required"));
+			return;
+		}
+		const setBy = typeof params.setBy === "string" ? params.setBy.trim() : "user";
+		try {
+			const state = setSteer(text, setBy);
+			respond(true, {
+				active: state.active,
+				updatedAt: state.updatedAt
+			}, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"steer.clear": async ({ respond }) => {
+		try {
+			const state = clearSteer();
+			respond(true, {
+				active: state.active,
+				updatedAt: state.updatedAt
+			}, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"steer.history": async ({ respond }) => {
+		try {
+			respond(true, { history: getSteerHistory() }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	}
+};
+
+//#endregion
+//#region src/license/validator.ts
+createSubsystemLogger("license");
+function resolveLicensePath() {
+	return path.join(resolveStateDir(), "license.json");
+}
+function loadLicense() {
+	try {
+		const filePath = resolveLicensePath();
+		if (!fs.existsSync(filePath)) return null;
+		const raw = fs.readFileSync(filePath, "utf8");
+		return JSON.parse(raw);
+	} catch {
+		return null;
+	}
+}
+function saveLicense(license) {
+	const filePath = resolveLicensePath();
+	fs.mkdirSync(path.dirname(filePath), { recursive: true });
+	fs.writeFileSync(filePath, `${JSON.stringify(license, null, 2)}\n`, { mode: 384 });
+}
+
+//#endregion
+//#region src/license/stripe-checkout.ts
+/**
+* Stripe Checkout Integration for NoxSoft Subscriptions
+*
+* Creates Stripe checkout sessions for NoxSoft license tiers.
+* Handles subscription lifecycle: create, upgrade, cancel.
+*
+* Configuration via environment:
+*   STRIPE_SECRET_KEY     — Stripe API secret key
+*   STRIPE_WEBHOOK_SECRET — Stripe webhook signing secret
+*   NOXSOFT_BASE_URL      — Base URL for redirect (default: https://anima.noxsoft.net)
+*
+* Price IDs are configured per tier. In test mode, Stripe test keys work.
+*/
+const log$4 = createSubsystemLogger("stripe-checkout");
+/** Default price IDs — set to null until Stripe dashboard is configured */
+const DEFAULT_PRICE_IDS = {
+	community: null,
+	noxsoft: null,
+	hackathon: null,
+	team: null,
+	builder: null
+};
+function resolveStripeConfig() {
+	const secretKey = process.env.STRIPE_SECRET_KEY?.trim();
+	if (!secretKey) return null;
+	return {
+		secretKey,
+		webhookSecret: process.env.STRIPE_WEBHOOK_SECRET?.trim() ?? "",
+		baseUrl: process.env.NOXSOFT_BASE_URL?.trim() ?? "https://anima.noxsoft.net",
+		priceIds: {
+			...DEFAULT_PRICE_IDS,
+			...process.env.STRIPE_PRICE_NOXSOFT ? { noxsoft: process.env.STRIPE_PRICE_NOXSOFT } : {},
+			...process.env.STRIPE_PRICE_TEAM ? { team: process.env.STRIPE_PRICE_TEAM } : {},
+			...process.env.STRIPE_PRICE_BUILDER ? { builder: process.env.STRIPE_PRICE_BUILDER } : {}
+		}
+	};
+}
+async function stripeRequest(secretKey, method, path, body) {
+	const url = `https://api.stripe.com/v1${path}`;
+	const headers = {
+		Authorization: `Bearer ${secretKey}`,
+		"Content-Type": "application/x-www-form-urlencoded"
+	};
+	const encodedBody = body ? Object.entries(body).map(([k, v]) => `${encodeURIComponent(k)}=${encodeURIComponent(v)}`).join("&") : void 0;
+	const res = await fetch(url, {
+		method,
+		headers,
+		body: encodedBody,
+		signal: AbortSignal.timeout(15e3)
+	});
+	const data = await res.json();
+	if (!res.ok) {
+		const rawError = data.error?.message;
+		const errMsg = typeof rawError === "string" ? rawError : res.statusText;
+		throw new Error(`Stripe API error (${res.status}): ${errMsg}`);
+	}
+	return data;
+}
+/**
+* Create a Stripe Checkout session for a NoxSoft subscription.
+*/
+async function createCheckoutSession(params) {
+	const config = resolveStripeConfig();
+	if (!config) throw new Error("Stripe not configured. Set STRIPE_SECRET_KEY environment variable.");
+	const priceId = config.priceIds[params.tier];
+	if (!priceId) {
+		if (params.tier === "community" || params.tier === "hackathon") throw new Error(`${params.tier} tier is free — no checkout needed.`);
+		throw new Error(`Stripe price ID not configured for tier "${params.tier}". Set STRIPE_PRICE_${params.tier.toUpperCase()} environment variable.`);
+	}
+	const body = {
+		mode: "subscription",
+		"line_items[0][price]": priceId,
+		"line_items[0][quantity]": "1",
+		success_url: `${config.baseUrl}/subscription/success?session_id={CHECKOUT_SESSION_ID}`,
+		cancel_url: `${config.baseUrl}/subscription/cancel`,
+		"metadata[agent_id]": params.agentId,
+		"metadata[tier]": params.tier,
+		"subscription_data[metadata][agent_id]": params.agentId,
+		"subscription_data[metadata][tier]": params.tier
+	};
+	if (params.customerEmail) body["customer_email"] = params.customerEmail;
+	const session = await stripeRequest(config.secretKey, "POST", "/checkout/sessions", body);
+	log$4.info(`checkout session created: ${session.id} (tier: ${params.tier})`);
+	return {
+		sessionId: session.id,
+		url: session.url
+	};
+}
+/**
+* Verify a Stripe webhook signature.
+* Returns the parsed event if valid, null if invalid.
+*/
+function verifyWebhookSignature(payload, signature, webhookSecret) {
+	if (!webhookSecret) {
+		log$4.warn("webhook secret not configured — skipping signature verification");
+		try {
+			return JSON.parse(payload);
+		} catch {
+			return null;
+		}
+	}
+	const elements = signature.split(",");
+	const timestamp = elements.find((e) => e.startsWith("t="))?.slice(2);
+	const sig = elements.find((e) => e.startsWith("v1="))?.slice(3);
+	if (!timestamp || !sig) {
+		log$4.warn("invalid webhook signature format");
+		return null;
+	}
+	if (sig !== createHmac("sha256", webhookSecret).update(`${timestamp}.${payload}`).digest("hex")) {
+		log$4.warn("webhook signature mismatch");
+		return null;
+	}
+	const eventTime = parseInt(timestamp, 10) * 1e3;
+	if (Math.abs(Date.now() - eventTime) > 3e5) {
+		log$4.warn("webhook timestamp too old");
+		return null;
+	}
+	try {
+		return JSON.parse(payload);
+	} catch {
+		return null;
+	}
+}
+/**
+* Handle a verified Stripe webhook event.
+* Updates the local license based on subscription status.
+*/
+async function handleWebhookEvent(event) {
+	switch (event.type) {
+		case "checkout.session.completed": {
+			const session = event.data.object;
+			const tier = session.metadata?.tier;
+			const agentId = session.metadata?.agent_id;
+			const subscriptionId = session.subscription;
+			const customerId = session.customer;
+			if (!tier || !agentId) {
+				log$4.warn("checkout.session.completed missing metadata");
+				return { handled: false };
+			}
+			saveLicense({
+				tier,
+				agentId,
+				subscriptionId: subscriptionId ?? void 0,
+				customerId: customerId ?? void 0,
+				issuedAt: Date.now(),
+				expiresAt: Date.now() + 720 * 60 * 60 * 1e3,
+				signature: "",
+				version: 1
+			});
+			log$4.info(`license activated: ${tier} for ${agentId} (sub: ${subscriptionId})`);
+			return {
+				handled: true,
+				action: "license_activated"
+			};
+		}
+		case "customer.subscription.updated": {
+			const sub = event.data.object;
+			const status = sub.status;
+			const tier = sub.metadata?.tier;
+			if (status === "active" && tier) {
+				const existing = loadLicense();
+				if (existing) {
+					existing.tier = tier;
+					existing.expiresAt = Date.now() + 720 * 60 * 60 * 1e3;
+					saveLicense(existing);
+					log$4.info(`subscription updated: ${tier}`);
+				}
+			}
+			return {
+				handled: true,
+				action: "subscription_updated"
+			};
+		}
+		case "customer.subscription.deleted": {
+			const existing = loadLicense();
+			if (existing) {
+				existing.tier = "community";
+				existing.expiresAt = Date.now() + 336 * 60 * 60 * 1e3;
+				saveLicense(existing);
+				log$4.info("subscription cancelled — downgraded to community with 14-day grace");
+			}
+			return {
+				handled: true,
+				action: "subscription_cancelled"
+			};
+		}
+		case "invoice.payment_failed":
+			log$4.warn("payment failed — license will expire at end of current period");
+			return {
+				handled: true,
+				action: "payment_failed"
+			};
+		default: return { handled: false };
+	}
+}
+/**
+* Create a Stripe Customer Portal session for managing subscriptions.
+*/
+async function createPortalSession(customerId) {
+	const config = resolveStripeConfig();
+	if (!config) throw new Error("Stripe not configured.");
+	return { url: (await stripeRequest(config.secretKey, "POST", "/billing_portal/sessions", {
+		customer: customerId,
+		return_url: `${config.baseUrl}/settings`
+	})).url };
+}
+/**
+* Check if Stripe is configured and ready.
+*/
+function isStripeConfigured() {
+	return resolveStripeConfig() !== null;
+}
+/**
+* Get subscription status from Stripe.
+*/
+async function getSubscriptionStatus(subscriptionId) {
+	const config = resolveStripeConfig();
+	if (!config) return null;
+	try {
+		const sub = await stripeRequest(config.secretKey, "GET", `/subscriptions/${subscriptionId}`);
+		return {
+			status: sub.status,
+			currentPeriodEnd: sub.current_period_end * 1e3,
+			cancelAtPeriodEnd: sub.cancel_at_period_end
+		};
+	} catch (err) {
+		log$4.error(`failed to get subscription status: ${String(err)}`);
+		return null;
+	}
+}
+
+//#endregion
+//#region src/gateway/server-methods/subscription.ts
+const subscriptionHandlers = {
+	"subscription.status": async ({ respond }) => {
+		try {
+			const license = loadLicense();
+			const stripeReady = isStripeConfigured();
+			if (!license) {
+				respond(true, {
+					tier: "community",
+					stripeConfigured: stripeReady,
+					active: true,
+					message: "Running on community (free) tier."
+				}, void 0);
+				return;
+			}
+			let stripeStatus = null;
+			if (license.subscriptionId && stripeReady) stripeStatus = await getSubscriptionStatus(license.subscriptionId);
+			respond(true, {
+				tier: license.tier,
+				active: !license.expiresAt || license.expiresAt > Date.now(),
+				expiresAt: license.expiresAt,
+				stripeConfigured: stripeReady,
+				subscriptionId: license.subscriptionId,
+				stripeStatus: stripeStatus?.status,
+				cancelAtPeriodEnd: stripeStatus?.cancelAtPeriodEnd
+			}, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"subscription.checkout": async ({ params, respond }) => {
+		const tier = typeof params.tier === "string" ? params.tier.trim() : "";
+		if (!tier) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "tier is required"));
+			return;
+		}
+		try {
+			const result = await createCheckoutSession({
+				tier,
+				agentId: typeof params.agentId === "string" ? params.agentId : "default",
+				customerEmail: typeof params.email === "string" ? params.email : void 0
+			});
+			respond(true, {
+				sessionId: result.sessionId,
+				checkoutUrl: result.url
+			}, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	},
+	"subscription.portal": async ({ params, respond }) => {
+		try {
+			const license = loadLicense();
+			const customerId = typeof params.customerId === "string" ? params.customerId : license?.customerId;
+			if (!customerId || typeof customerId !== "string") {
+				respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "No customer ID found. Purchase a subscription first."));
+				return;
+			}
+			respond(true, { portalUrl: (await createPortalSession(customerId)).url }, void 0);
+		} catch (error) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, String(error)));
+		}
+	}
+};
+
 //#endregion
 //#region src/gateway/server-methods/system.ts
 const systemHandlers = {
@@ -14449,6 +16109,11 @@ const coreGatewayHandlers = {
 	...updateHandlers,
 	...nodeHandlers,
 	...orgHandlers,
+	...egoHandlers,
+	...reflectionHandlers,
+	...steerHandlers,
+	...legacyHandlers,
+	...subscriptionHandlers,
 	...sendHandlers,
 	...usageHandlers,
 	...agentHandlers,
@@ -15923,7 +17588,7 @@ function normalizeBasePath(rawPath) {
 	return normalized.replace(/\/+$/, "");
 }
 async function prepareCanvasRoot(rootDir) {
-	await ensureDir(rootDir);
+	await ensureDir$1(rootDir);
 	const rootReal = await fs$1.realpath(rootDir);
 	try {
 		const indexPath = path.join(rootReal, "index.html");
@@ -16445,6 +18110,89 @@ function setSseHeaders(res) {
 	res.flushHeaders?.();
 }
 
+//#endregion
+//#region src/gateway/http-rate-limit.ts
+const log$3 = createSubsystemLogger("http-rate-limit");
+var HttpRateLimiter = class {
+	constructor(config) {
+		this.windows = /* @__PURE__ */ new Map();
+		this.maxRequests = config?.maxRequests ?? 100;
+		this.windowMs = config?.windowMs ?? 6e4;
+		this.exemptLoopback = config?.exemptLoopback ?? true;
+		const pruneInterval = config?.pruneIntervalMs ?? 3e5;
+		this.pruneTimer = setInterval(() => this.prune(), pruneInterval);
+		this.pruneTimer.unref?.();
+	}
+	/**
+	* Check if a request from this IP is allowed.
+	* Returns { allowed, remaining, retryAfterMs }.
+	*/
+	check(ip) {
+		if (this.exemptLoopback && isLoopbackAddress(ip)) return {
+			allowed: true,
+			remaining: this.maxRequests,
+			retryAfterMs: 0
+		};
+		const now = Date.now();
+		const windowStart = now - this.windowMs;
+		let window = this.windows.get(ip);
+		if (!window) {
+			window = { timestamps: [] };
+			this.windows.set(ip, window);
+		}
+		window.timestamps = window.timestamps.filter((t) => t > windowStart);
+		if (window.timestamps.length >= this.maxRequests) {
+			const retryAfterMs = window.timestamps[0] + this.windowMs - now;
+			return {
+				allowed: false,
+				remaining: 0,
+				retryAfterMs: Math.max(retryAfterMs, 1e3)
+			};
+		}
+		window.timestamps.push(now);
+		return {
+			allowed: true,
+			remaining: this.maxRequests - window.timestamps.length,
+			retryAfterMs: 0
+		};
+	}
+	/**
+	* Remove stale entries to prevent unbounded memory growth.
+	*/
+	prune() {
+		const windowStart = Date.now() - this.windowMs;
+		let pruned = 0;
+		for (const [ip, window] of this.windows) {
+			window.timestamps = window.timestamps.filter((t) => t > windowStart);
+			if (window.timestamps.length === 0) {
+				this.windows.delete(ip);
+				pruned++;
+			}
+		}
+		if (pruned > 0) log$3.debug(`pruned ${pruned} stale rate limit entries`);
+	}
+	/**
+	* Stop the pruning timer.
+	*/
+	stop() {
+		if (this.pruneTimer) {
+			clearInterval(this.pruneTimer);
+			this.pruneTimer = void 0;
+		}
+	}
+	/**
+	* Get current tracked IP count (for monitoring).
+	*/
+	getTrackedCount() {
+		return this.windows.size;
+	}
+};
+/** Default: 100 req/min per IP */
+const DEFAULT_RATE_LIMIT = {
+	maxRequests: 100,
+	windowMs: 6e4
+};
+
 //#endregion
 //#region src/gateway/http-utils.ts
 function getHeader(req, name) {
@@ -18161,6 +19909,7 @@ function createHooksRequestHandler(opts) {
 }
 function createGatewayHttpServer(opts) {
 	const { canvasHost, clients, controlUiEnabled, controlUiBasePath, controlUiRoot, openAiChatCompletionsEnabled, openResponsesEnabled, openResponsesConfig, handleHooksRequest, handlePluginRequest, resolvedAuth, rateLimiter } = opts;
+	const httpRateLimiter = new HttpRateLimiter(DEFAULT_RATE_LIMIT);
 	const httpServer = opts.tlsOptions ? createServer$1(opts.tlsOptions, (req, res) => {
 		handleRequest(req, res);
 	}) : createServer((req, res) => {
@@ -18168,10 +19917,36 @@ function createGatewayHttpServer(opts) {
 	});
 	async function handleRequest(req, res) {
 		if (String(req.headers.upgrade ?? "").toLowerCase() === "websocket") return;
+		const clientIp = resolveGatewayClientIp(req, []);
+		const rateCheck = httpRateLimiter.check(clientIp);
+		if (!rateCheck.allowed) {
+			const retryAfterSec = Math.ceil(rateCheck.retryAfterMs / 1e3);
+			res.writeHead(429, {
+				"Content-Type": "application/json",
+				"Retry-After": String(retryAfterSec),
+				"X-RateLimit-Limit": String(DEFAULT_RATE_LIMIT.maxRequests ?? 100),
+				"X-RateLimit-Remaining": "0"
+			});
+			res.end(JSON.stringify({
+				error: "Too Many Requests",
+				retryAfterMs: rateCheck.retryAfterMs
+			}));
+			return;
+		}
+		res.setHeader("X-Content-Type-Options", "nosniff");
+		res.setHeader("X-Frame-Options", "DENY");
+		res.setHeader("X-XSS-Protection", "1; mode=block");
+		res.setHeader("Referrer-Policy", "strict-origin-when-cross-origin");
+		res.setHeader("Permissions-Policy", "camera=(), microphone=(), geolocation=()");
+		res.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
 		try {
 			const configSnapshot = loadConfig();
 			const trustedProxies = configSnapshot.gateway?.trustedProxies ?? [];
 			const requestPath = new URL(req.url ?? "/", "http://localhost").pathname;
+			if (requestPath === "/webhook/stripe" && req.method === "POST") {
+				await handleStripeWebhook(req, res);
+				return;
+			}
 			if (await handleHooksRequest(req, res)) return;
 			if (await handleToolsInvokeHttpRequest(req, res, {
 				auth: resolvedAuth,
@@ -18250,6 +20025,33 @@ function createGatewayHttpServer(opts) {
 			res.end("Internal Server Error");
 		}
 	}
+	async function handleStripeWebhook(req, res) {
+		const config = resolveStripeConfig();
+		if (!config) {
+			res.writeHead(503, { "Content-Type": "application/json" });
+			res.end(JSON.stringify({ error: "Stripe not configured" }));
+			return;
+		}
+		const chunks = [];
+		for await (const chunk of req) chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
+		const event = verifyWebhookSignature(Buffer.concat(chunks).toString("utf8"), String(req.headers["stripe-signature"] ?? ""), config.webhookSecret);
+		if (!event) {
+			res.writeHead(400, { "Content-Type": "application/json" });
+			res.end(JSON.stringify({ error: "Invalid signature" }));
+			return;
+		}
+		try {
+			const result = await handleWebhookEvent(event);
+			res.writeHead(200, { "Content-Type": "application/json" });
+			res.end(JSON.stringify({
+				received: true,
+				...result
+			}));
+		} catch (err) {
+			res.writeHead(500, { "Content-Type": "application/json" });
+			res.end(JSON.stringify({ error: String(err) }));
+		}
+	}
 	return httpServer;
 }
 function attachGatewayUpgradeHandler(opts) {