@pingagent/sdk 0.1.8 → 0.1.10

package/dist/web-server.js

@@ -2,16 +2,779 @@ import {
   ContactManager,
   LocalStore,
   PingAgentClient,
+  TrustPolicyAuditManager,
+  TrustRecommendationManager,
+  decideContactPolicy,
+  decideTaskPolicy,
+  defaultTrustPolicyDoc,
   ensureTokenValid,
+  getActiveSessionFilePath,
+  getSessionBindingAlertsFilePath,
+  getSessionMapFilePath,
   loadIdentity,
-  updateStoredToken
-} from "./chunk-OVLKR4JF.js";
+  normalizeTrustPolicyDoc,
+  readCurrentActiveSessionKey,
+  readSessionBindingAlerts,
+  readSessionBindings,
+  removeSessionBinding,
+  setSessionBinding,
+  summarizeTrustPolicyAudit,
+  updateStoredToken,
+  upsertTrustPolicyRecommendation
+} from "./chunk-2Y6YRKTO.js";
 
 // src/web-server.ts
 import * as fs from "fs";
 import * as http from "http";
 import * as path from "path";
 import { SCHEMA_TEXT } from "@pingagent/schemas";
+
+// src/host-panel-html.ts
+function getHostPanelHtml() {
+  return `<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <title>PingAgent Host Panel</title>
+  <style>
+    * { box-sizing: border-box; }
+    body { margin: 0; font-family: ui-sans-serif, system-ui, sans-serif; background: #0b1220; color: #e5edf6; }
+    a { color: inherit; text-decoration: none; }
+    .layout { display: grid; grid-template-columns: 280px minmax(0, 1fr); min-height: 100vh; }
+    .sidebar { border-right: 1px solid #1e293b; padding: 20px 16px; background: linear-gradient(180deg, #0f172a 0%, #0b1220 100%); }
+    .brand { font-size: 18px; font-weight: 700; margin-bottom: 4px; }
+    .muted { color: #94a3b8; }
+    .small { font-size: 12px; }
+    .nav { margin-top: 20px; display: grid; gap: 8px; }
+    .nav button, .profile-btn, .action-btn, .secondary-btn {
+      width: 100%;
+      border: 1px solid #334155;
+      background: #0f172a;
+      color: #e5edf6;
+      border-radius: 10px;
+      padding: 10px 12px;
+      text-align: left;
+      cursor: pointer;
+    }
+    .nav button.active, .profile-btn.active { border-color: #38bdf8; background: #082f49; }
+    .profile-list { margin-top: 18px; display: grid; gap: 8px; }
+    .profile-btn .sub { display: block; font-size: 11px; color: #94a3b8; margin-top: 4px; }
+    .main { padding: 24px; }
+    .header { display: flex; justify-content: space-between; gap: 16px; align-items: flex-start; margin-bottom: 20px; }
+    .header h1 { margin: 0; font-size: 24px; }
+    .header-meta { display: grid; gap: 4px; }
+    .header-actions { display: flex; gap: 8px; flex-wrap: wrap; }
+    .pill { display: inline-flex; align-items: center; padding: 4px 10px; border-radius: 999px; background: #0f172a; border: 1px solid #334155; font-size: 12px; }
+    .grid { display: grid; gap: 16px; }
+    .stats { grid-template-columns: repeat(auto-fit, minmax(160px, 1fr)); }
+    .card {
+      background: rgba(15, 23, 42, 0.92);
+      border: 1px solid #1e293b;
+      border-radius: 16px;
+      padding: 16px;
+      box-shadow: 0 14px 40px rgba(0, 0, 0, 0.22);
+    }
+    .card h2, .card h3 { margin: 0 0 12px; font-size: 16px; }
+    .stats .value { font-size: 28px; font-weight: 700; margin-top: 6px; }
+    .runtime-layout { grid-template-columns: minmax(260px, 340px) minmax(0, 1fr); align-items: start; }
+    .sessions, .audit-list, .task-list, .rule-list, .recommendation-list, .message-list { display: grid; gap: 10px; }
+    .session-row, .task-row, .audit-row, .rule-row, .recommendation-row, .message-row {
+      border: 1px solid #243244;
+      border-radius: 12px;
+      padding: 12px;
+      background: #0b1627;
+    }
+    .session-row.active { border-color: #38bdf8; background: #0b2238; }
+    .session-row .top, .task-row .top, .recommendation-row .top { display: flex; justify-content: space-between; gap: 12px; align-items: center; }
+    .label { font-size: 11px; text-transform: uppercase; letter-spacing: 0.06em; color: #94a3b8; }
+    .badge { display: inline-flex; align-items: center; padding: 2px 8px; border-radius: 999px; font-size: 11px; border: 1px solid #334155; }
+    button.badge { cursor: pointer; font: inherit; }
+    .badge.trusted { background: rgba(34, 197, 94, 0.12); color: #86efac; border-color: rgba(34, 197, 94, 0.35); }
+    .badge.pending { background: rgba(250, 204, 21, 0.12); color: #fde68a; border-color: rgba(250, 204, 21, 0.35); }
+    .badge.blocked, .badge.revoked { background: rgba(248, 113, 113, 0.12); color: #fca5a5; border-color: rgba(248, 113, 113, 0.35); }
+    .badge.stranger { background: rgba(148, 163, 184, 0.12); color: #cbd5e1; border-color: rgba(148, 163, 184, 0.35); }
+    .badge.alert { background: rgba(248, 113, 113, 0.14); color: #fecaca; border-color: rgba(248, 113, 113, 0.45); }
+    .policy-grid { grid-template-columns: repeat(auto-fit, minmax(260px, 1fr)); align-items: start; }
+    .two-col { display: grid; grid-template-columns: repeat(auto-fit, minmax(260px, 1fr)); gap: 16px; }
+    .panel { display: none; }
+    .panel.active { display: block; }
+    input, select, textarea {
+      width: 100%;
+      padding: 10px 12px;
+      border-radius: 10px;
+      border: 1px solid #334155;
+      background: #020617;
+      color: #e5edf6;
+    }
+    textarea { min-height: 96px; resize: vertical; }
+    .form-grid { display: grid; gap: 12px; }
+    .row-actions { display: flex; gap: 8px; flex-wrap: wrap; margin-top: 10px; }
+    .action-btn { background: #0f766e; border-color: #0f766e; }
+    .secondary-btn { background: #0f172a; }
+    .danger-btn { background: #7f1d1d; border-color: #7f1d1d; color: #fecaca; }
+    pre {
+      margin: 0;
+      padding: 12px;
+      overflow: auto;
+      border-radius: 12px;
+      background: #020617;
+      border: 1px solid #1e293b;
+      color: #cbd5e1;
+      font-size: 12px;
+      line-height: 1.5;
+    }
+    .empty { color: #94a3b8; font-size: 13px; }
+    .link-row { display: flex; gap: 10px; margin-top: 20px; }
+    @media (max-width: 1000px) {
+      .layout { grid-template-columns: 1fr; }
+      .sidebar { border-right: none; border-bottom: 1px solid #1e293b; }
+      .runtime-layout { grid-template-columns: 1fr; }
+    }
+  </style>
+</head>
+<body>
+  <div class="layout">
+    <aside class="sidebar">
+      <div class="brand">PingAgent Host Panel</div>
+      <div class="muted small">Runtime / Session / Policy / Audit</div>
+      <div class="profile-list" id="profileList"></div>
+      <div class="nav">
+        <button id="navRuntime" class="active">Runtime</button>
+        <button id="navPolicy">Policy</button>
+      </div>
+      <div class="link-row">
+        <a class="secondary-btn" href="/">\u804A\u5929\u8C03\u8BD5 UI</a>
+      </div>
+    </aside>
+    <main class="main">
+      <div class="header">
+        <div class="header-meta">
+          <h1 id="headerTitle">Loading runtime\u2026</h1>
+          <div class="muted" id="headerSubtitle"></div>
+        </div>
+        <div class="header-actions">
+          <span class="pill" id="runtimeModePill">runtime_mode=bridge</span>
+          <span class="pill" id="policyPathPill">policy=\u2026</span>
+        </div>
+      </div>
+
+      <section id="runtimePanel" class="panel active">
+        <div class="grid stats" id="statsGrid"></div>
+        <div class="grid runtime-layout" style="margin-top:16px">
+          <div class="card">
+            <h2>Recent Sessions</h2>
+            <div class="sessions" id="sessionList"></div>
+          </div>
+          <div class="grid">
+            <div class="card">
+              <h2>Selected Session</h2>
+              <div id="sessionOverview" class="empty">Select a session to inspect task threads, policy decisions, audit, and recent messages.</div>
+            </div>
+            <div class="card">
+              <h2>Recent Tasks</h2>
+              <div class="task-list" id="taskList"></div>
+            </div>
+          </div>
+        </div>
+      </section>
+
+      <section id="policyPanel" class="panel">
+        <div class="grid policy-grid">
+          <div class="card">
+            <h2>Policy Defaults</h2>
+            <div class="form-grid">
+              <label class="label">Contact default</label>
+              <select id="contactDefault">
+                <option value="manual">manual</option>
+                <option value="approve">approve</option>
+                <option value="reject">reject</option>
+              </select>
+              <label class="label">Task default</label>
+              <select id="taskDefault">
+                <option value="bridge">bridge</option>
+                <option value="execute">execute</option>
+                <option value="deny">deny</option>
+              </select>
+              <div class="row-actions">
+                <button class="action-btn" id="saveDefaultsBtn">Save defaults</button>
+              </div>
+            </div>
+          </div>
+
+          <div class="card">
+            <h2>Add Rule</h2>
+            <div class="form-grid">
+              <label class="label">Policy</label>
+              <select id="rulePolicy">
+                <option value="contact">contact</option>
+                <option value="task">task</option>
+              </select>
+              <label class="label">Match</label>
+              <input id="ruleMatch" placeholder="did:agent:xxx \u6216 alias:team-*">
+              <label class="label">Action</label>
+              <select id="ruleAction"></select>
+              <div class="row-actions">
+                <button class="action-btn" id="addRuleBtn">Add / Update rule</button>
+              </div>
+            </div>
+          </div>
+        </div>
+
+        <div class="grid two-col" style="margin-top:16px">
+          <div class="card">
+            <h2>Current Rules</h2>
+            <div class="rule-list" id="ruleList"></div>
+          </div>
+          <div class="card">
+            <h2>Learned Recommendations</h2>
+            <div class="recommendation-list" id="recommendationList"></div>
+          </div>
+        </div>
+
+        <div class="grid two-col" style="margin-top:16px">
+          <div class="card">
+            <h2>Policy Explain / Simulate</h2>
+            <div class="form-grid">
+              <label class="label">Remote DID</label>
+              <input id="simulateDid" placeholder="did:agent:...">
+              <label class="label">Alias (optional)</label>
+              <input id="simulateAlias" placeholder="alias:team-* \u4F1A\u547D\u4E2D\u522B\u540D\u89C4\u5219">
+              <label class="label">Verification status (optional)</label>
+              <input id="simulateVerification" placeholder="verified">
+              <div class="row-actions">
+                <button class="action-btn" id="simulateBtn">Simulate</button>
+              </div>
+            </div>
+            <pre id="simulateOutput">No simulation yet.</pre>
+          </div>
+          <div class="card">
+            <h2>Policy Audit</h2>
+            <div class="audit-list" id="policyAuditList"></div>
+          </div>
+        </div>
+      </section>
+    </main>
+  </div>
+
+  <script>
+    const state = {
+      selectedProfile: sessionStorage.getItem('pingagent_host_panel_profile') || null,
+      currentTab: 'runtime',
+      profiles: [],
+      overview: null,
+      session: null,
+      policy: null,
+      selectedSessionKey: null,
+    };
+
+    function esc(value) {
+      return String(value == null ? '' : value)
+        .replace(/&/g, '&amp;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#39;');
+    }
+
+    function fmtTs(value) {
+      if (!value) return '-';
+      try { return new Date(value).toLocaleString(); } catch { return String(value); }
+    }
+
+    async function api(path, opts) {
+      let url = path;
+      if (state.selectedProfile) {
+        url += (path.includes('?') ? '&' : '?') + 'profile=' + encodeURIComponent(state.selectedProfile);
+      }
+      const res = await fetch(url, opts || {});
+      const data = await res.json().catch(function () { return {}; });
+      if (!res.ok || data.error) throw new Error(data.error || ('HTTP ' + res.status));
+      return data;
+    }
+
+    async function loadProfiles() {
+      const data = await api('/api/profiles');
+      state.profiles = Array.isArray(data.profiles) ? data.profiles : [];
+      if (!state.selectedProfile && state.profiles.length === 1) {
+        state.selectedProfile = state.profiles[0].id;
+        sessionStorage.setItem('pingagent_host_panel_profile', state.selectedProfile);
+      }
+      renderProfiles();
+    }
+
+    function renderProfiles() {
+      const el = document.getElementById('profileList');
+      if (!state.profiles.length) {
+        el.innerHTML = '<div class="empty">No profiles found. Run pingagent init first.</div>';
+        return;
+      }
+      el.innerHTML = state.profiles.map(function (profile) {
+        const active = state.selectedProfile === profile.id ? ' active' : '';
+        const did = profile.did ? esc(profile.did.slice(0, 22) + '...') : '(unknown)';
+        const server = profile.server ? esc(profile.server) : 'local';
+        return '<button class="profile-btn' + active + '" data-profile="' + esc(profile.id) + '"><strong>' + esc(profile.id) + '</strong><span class="sub">' + server + ' \xB7 ' + did + '</span></button>';
+      }).join('');
+      el.querySelectorAll('.profile-btn').forEach(function (btn) {
+        btn.addEventListener('click', function () {
+          state.selectedProfile = btn.getAttribute('data-profile');
+          sessionStorage.setItem('pingagent_host_panel_profile', state.selectedProfile);
+          state.selectedSessionKey = null;
+          refreshAll();
+        });
+      });
+    }
+
+    function setTab(tab) {
+      state.currentTab = tab;
+      document.getElementById('navRuntime').classList.toggle('active', tab === 'runtime');
+      document.getElementById('navPolicy').classList.toggle('active', tab === 'policy');
+      document.getElementById('runtimePanel').classList.toggle('active', tab === 'runtime');
+      document.getElementById('policyPanel').classList.toggle('active', tab === 'policy');
+    }
+
+    function renderHeader() {
+      const overview = state.overview;
+      const profileLabel = state.selectedProfile ? 'profile=' + state.selectedProfile : 'Select profile';
+      const title = overview ? ('Host Panel \xB7 ' + overview.did) : 'PingAgent Host Panel';
+      const tier = overview && overview.subscription ? overview.subscription.tier : null;
+      document.getElementById('headerTitle').textContent = title;
+      document.getElementById('headerSubtitle').textContent = overview
+        ? (profileLabel + ' \xB7 ' + overview.serverUrl + (tier ? (' \xB7 tier=' + tier) : '') + ' \xB7 sessions=' + overview.sessionsTotal + ' \xB7 unread=' + overview.unreadTotal)
+        : profileLabel;
+      document.getElementById('runtimeModePill').textContent = overview ? ('runtime_mode=' + overview.runtimeMode) : 'runtime_mode=\u2026';
+      document.getElementById('policyPathPill').textContent = overview ? ('policy=' + overview.trustPolicyPath) : 'policy=\u2026';
+    }
+
+    function renderOverview() {
+      const overview = state.overview;
+      if (!overview) return;
+      const subscription = overview.subscription || null;
+      const stats = [
+        { label: 'Plan', value: subscription ? subscription.tier : 'ghost', sub: subscription ? subscription.summary : 'subscription unavailable' },
+        { label: 'Relay', value: subscription ? (subscription.usage.relay_today + '/' + subscription.usage.relay_limit) : '-', sub: subscription ? ('retention=' + subscription.retention_label) : 'daily relay usage' },
+        { label: 'Alias', value: subscription ? (subscription.usage.alias_count + '/' + subscription.usage.alias_limit) : '-', sub: subscription ? (subscription.audit_export_allowed ? 'audit export enabled' : 'audit export off on this plan') : 'identity limits' },
+        { label: 'Sessions', value: overview.sessionsTotal, sub: JSON.stringify(overview.trustCounts || {}) },
+        { label: 'Unread', value: overview.unreadTotal, sub: 'session-first inbox state' },
+        { label: 'Tasks', value: overview.tasksTotal, sub: 'recent local task threads' },
+        { label: 'Audit', value: overview.auditSummary.total_events, sub: 'policy / runtime audit events' },
+        { label: 'Recommendations', value: overview.recommendationSummary ? overview.recommendationSummary.total : overview.recommendations.length, sub: overview.recommendationSummary ? JSON.stringify(overview.recommendationSummary.by_status || {}) : 'learned policy suggestions' },
+      ];
+      document.getElementById('statsGrid').innerHTML = stats.map(function (item) {
+        return '<div class="card"><div class="label">' + esc(item.label) + '</div><div class="value">' + esc(item.value) + '</div><div class="muted small">' + esc(item.sub) + '</div></div>';
+      }).join('');
+
+      const sessions = Array.isArray(overview.sessions) ? overview.sessions : [];
+      if (!sessions.length) {
+        document.getElementById('sessionList').innerHTML = '<div class="empty">No sessions yet.</div>';
+      } else {
+        if (!state.selectedSessionKey) state.selectedSessionKey = sessions[0].session_key;
+        document.getElementById('sessionList').innerHTML = sessions.map(function (session) {
+          const active = session.session_key === state.selectedSessionKey ? ' active' : '';
+          const badges = [
+            '<span class="badge ' + esc(session.trust_state) + '">' + esc(session.trust_state) + '</span>',
+            session.binding_alert
+              ? '<button type="button" class="badge alert rebind-badge-btn" data-session="' + esc(session.session_key) + '" data-conversation="' + esc(session.conversation_id || '') + '" data-bound-session="' + esc(session.mapped_work_session || '') + '" data-remote-did="' + esc(session.remote_did || '') + '" title="' + esc(session.binding_alert.message || 'Rebind this conversation to the current chat session') + '">Needs rebind</button>'
+              : '',
+          ].filter(Boolean).join('');
+          return '<div class="session-row' + active + '" data-session="' + esc(session.session_key) + '">' +
+            '<div class="top"><strong>' + esc(session.remote_did || session.conversation_id || 'unknown') + '</strong><div style="display:flex;gap:6px;flex-wrap:wrap;justify-content:flex-end">' + badges + '</div></div>' +
+            '<div class="muted small" style="margin-top:6px">conversation=' + esc(session.conversation_id || '(none)') + '</div>' +
+            '<div class="muted small">unread=' + esc(session.unread_count) + ' \xB7 last=' + esc(fmtTs(session.last_remote_activity_at || session.updated_at)) + '</div>' +
+            '<div class="muted small">work_session=' + esc(session.mapped_work_session || '(unbound)') + (session.is_active_work_session ? ' \xB7 active_chat=true' : '') + '</div>' +
+            '<div class="muted small" style="margin-top:6px">' + esc(session.last_message_preview || '(no preview)') + '</div>' +
+          '</div>';
+        }).join('');
+        document.getElementById('sessionList').querySelectorAll('.session-row').forEach(function (row) {
+          row.addEventListener('click', function () {
+            state.selectedSessionKey = row.getAttribute('data-session');
+            renderOverview();
+            loadSession(state.selectedSessionKey);
+          });
+        });
+        document.getElementById('sessionList').querySelectorAll('.rebind-badge-btn').forEach(function (btn) {
+          btn.addEventListener('click', async function (event) {
+            event.stopPropagation();
+            const sessionKey = btn.getAttribute('data-session');
+            const conversationId = btn.getAttribute('data-conversation');
+            const previousBinding = btn.getAttribute('data-bound-session');
+            const remoteDid = btn.getAttribute('data-remote-did');
+            if (!sessionKey || !conversationId) return;
+            state.selectedSessionKey = sessionKey;
+            renderOverview();
+            await loadSession(sessionKey);
+            await promptBindCurrentChat(conversationId, previousBinding, remoteDid);
+          });
+        });
+      }
+
+      const tasks = Array.isArray(overview.tasks) ? overview.tasks : [];
+      document.getElementById('taskList').innerHTML = tasks.length
+        ? tasks.map(function (task) {
+            return '<div class="task-row"><div class="top"><strong>' + esc(task.title || task.task_id) + '</strong><span class="badge">' + esc(task.status) + '</span></div>' +
+              '<div class="muted small">task_id=' + esc(task.task_id) + ' \xB7 session=' + esc(task.session_key) + '</div>' +
+              '<div class="muted small">updated=' + esc(fmtTs(task.updated_at)) + '</div>' +
+              (task.result_summary ? '<div style="margin-top:8px">' + esc(task.result_summary) + '</div>' : '') +
+              (task.error_message ? '<div style="margin-top:8px;color:#fca5a5">' + esc(task.error_message) + '</div>' : '') +
+            '</div>';
+          }).join('')
+        : '<div class="empty">No recent task threads.</div>';
+
+      if (subscription) {
+        document.getElementById('taskList').innerHTML =
+          '<div class="task-row"><div class="top"><strong>Hosted plan</strong><span class="badge">' + esc(subscription.tier) + '</span></div>' +
+            '<div class="muted small">relay=' + esc(subscription.usage.relay_today) + '/' + esc(subscription.usage.relay_limit) +
+            ' \xB7 alias=' + esc(subscription.usage.alias_count) + '/' + esc(subscription.usage.alias_limit) +
+            ' \xB7 retention=' + esc(subscription.retention_label) + '</div>' +
+            '<div class="muted small">artifacts=' + esc((subscription.usage.artifact_bytes / 1024 / 1024).toFixed(2)) + 'MB / ' + esc(subscription.limits.artifact_storage_mb) + 'MB</div>' +
+            '<div class="muted small">' + esc(subscription.summary) + '</div>' +
+            (subscription.billing_primary_did
+              ? '<div class="muted small" style="margin-top:8px">billing=' + esc(subscription.is_billing_primary ? ('primary (' + subscription.linked_device_count + ' linked)') : ('linked to ' + subscription.billing_primary_did)) + '</div>'
+              : '') +
+          '</div>' + document.getElementById('taskList').innerHTML;
+      }
+    }
+
+    function renderSession() {
+      const detail = state.session;
+      const el = document.getElementById('sessionOverview');
+      if (!detail || !detail.session) {
+        el.innerHTML = '<div class="empty">No session selected.</div>';
+        return;
+      }
+      const session = detail.session;
+      const contact = detail.policyExplain.contact;
+      const task = detail.policyExplain.task;
+      const tasks = Array.isArray(detail.tasks) ? detail.tasks : [];
+      const messages = Array.isArray(detail.messages) ? detail.messages : [];
+      const auditEvents = Array.isArray(detail.auditEvents) ? detail.auditEvents : [];
+      const recommendations = Array.isArray(detail.recommendations) ? detail.recommendations : [];
+      const binding = detail.binding || null;
+      const bindingAlert = detail.bindingAlert || null;
+      const activeWorkSession = detail.activeWorkSession || null;
+
+      el.innerHTML = '' +
+        '<div class="two-col">' +
+          '<div>' +
+            '<div class="label">Session</div>' +
+            '<div style="margin-top:8px"><strong>' + esc(session.remote_did || '(unknown)') + '</strong></div>' +
+            '<div class="muted small">session=' + esc(session.session_key) + '</div>' +
+            '<div class="muted small">conversation=' + esc(session.conversation_id || '(none)') + '</div>' +
+            '<div class="muted small">trust=' + esc(session.trust_state) + ' \xB7 unread=' + esc(session.unread_count) + '</div>' +
+            '<div class="muted small">last activity=' + esc(fmtTs(session.last_remote_activity_at || session.updated_at)) + '</div>' +
+            '<div class="muted small" style="margin-top:8px">active_chat_session=' + esc(activeWorkSession || '(none)') + '</div>' +
+            '<div class="muted small">binding=' + esc(binding ? binding.session_key : '(unbound)') + '</div>' +
+            (bindingAlert
+              ? '<div style="margin-top:10px;padding:10px 12px;border:1px solid #ef4444;border-radius:10px;background:rgba(127,29,29,0.25);color:#fecaca"><strong>Needs rebind</strong><div class="small" style="margin-top:6px">' + esc(bindingAlert.message || 'Bound work session is missing. Rebind this PingAgent conversation to the current chat session.') + '</div></div>'
+              : '') +
+            '<div class="row-actions">' +
+              '<button class="action-btn bind-current-btn" data-conversation="' + esc(session.conversation_id || '') + '">Bind Current Chat</button>' +
+              '<button class="danger-btn clear-binding-btn" data-conversation="' + esc(session.conversation_id || '') + '">Clear Binding</button>' +
+            '</div>' +
+          '</div>' +
+          '<div>' +
+            '<div class="label">Policy Decisions</div>' +
+            '<pre style="margin-top:8px">[Contact]\\naction=' + esc(contact.action) + '\\nsource=' + esc(contact.source) + (contact.matched_rule ? '\\nmatched_rule=' + esc(contact.matched_rule) : '') + '\\n' + esc(contact.explanation) + '\\n\\n[Task]\\naction=' + esc(task.action) + '\\nsource=' + esc(task.source) + (task.matched_rule ? '\\nmatched_rule=' + esc(task.matched_rule) : '') + '\\n' + esc(task.explanation) + '</pre>' +
+          '</div>' +
+        '</div>' +
+        '<div class="grid two-col" style="margin-top:16px">' +
+          '<div><div class="label">Task Threads</div><div class="task-list" style="margin-top:8px">' +
+            (tasks.length ? tasks.map(function (taskItem) {
+              return '<div class="task-row"><div class="top"><strong>' + esc(taskItem.title || taskItem.task_id) + '</strong><span class="badge">' + esc(taskItem.status) + '</span></div>' +
+                '<div class="muted small">updated=' + esc(fmtTs(taskItem.updated_at)) + '</div>' +
+                (taskItem.result_summary ? '<div style="margin-top:8px">' + esc(taskItem.result_summary) + '</div>' : '') +
+                (taskItem.error_message ? '<div style="margin-top:8px;color:#fca5a5">' + esc(taskItem.error_message) + '</div>' : '') +
+              '</div>';
+            }).join('') : '<div class="empty">No tasks in this session.</div>') +
+          '</div></div>' +
+          '<div><div class="label">Learned Recommendations</div><div class="recommendation-list" style="margin-top:8px">' +
+            (recommendations.length ? recommendations.map(function (item) {
+              return '<div class="recommendation-row"><div class="top"><strong>' + esc(item.policy) + '</strong><span class="badge">' + esc(item.status + ' \xB7 ' + item.action) + '</span></div>' +
+                '<div class="muted small">current=' + esc(item.current_action) + ' \xB7 confidence=' + esc(item.confidence) + '</div>' +
+                '<div class="muted small">match=' + esc(item.match) + '</div>' +
+                '<div style="margin-top:8px">' + esc(item.reason) + '</div>' +
+              '</div>';
+            }).join('') : '<div class="empty">No learned recommendation for this session.</div>') +
+          '</div></div>' +
+        '</div>' +
+        '<div class="grid two-col" style="margin-top:16px">' +
+          '<div><div class="label">Recent Messages</div><div class="message-list" style="margin-top:8px">' +
+            (messages.length ? messages.map(function (msg) {
+              const summary = msg.schema === 'pingagent.text@1' && msg.payload && msg.payload.text
+                ? msg.payload.text
+                : JSON.stringify(msg.payload || {});
+              return '<div class="message-row"><div class="muted small">' + esc(fmtTs(msg.ts_ms)) + ' \xB7 ' + esc(msg.direction) + ' \xB7 ' + esc(msg.schema) + '</div><div style="margin-top:8px">' + esc(summary) + '</div></div>';
+            }).join('') : '<div class="empty">No local message history yet.</div>') +
+          '</div></div>' +
+          '<div><div class="label">Policy Audit</div><div class="audit-list" style="margin-top:8px">' +
+            (auditEvents.length ? auditEvents.map(function (event) {
+              return '<div class="audit-row"><div class="top"><strong>' + esc(event.event_type) + '</strong><span class="badge">' + esc(event.action || event.outcome || '-') + '</span></div>' +
+                '<div class="muted small">' + esc(fmtTs(event.ts_ms)) + '</div>' +
+                '<div style="margin-top:8px">' + esc(event.explanation || '(no explanation)') + '</div>' +
+              '</div>';
+            }).join('') : '<div class="empty">No audit events for this session.</div>') +
+          '</div></div>' +
+        '</div>';
+
+      el.querySelectorAll('.bind-current-btn').forEach(function (btn) {
+        btn.addEventListener('click', async function () {
+          const conversationId = btn.getAttribute('data-conversation');
+          if (!conversationId) return;
+          await promptBindCurrentChat(conversationId);
+        });
+      });
+      el.querySelectorAll('.clear-binding-btn').forEach(function (btn) {
+        btn.addEventListener('click', async function () {
+          await api('/api/runtime/session-bindings/clear', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ conversation_id: btn.getAttribute('data-conversation') }),
+          });
+          await refreshAll();
+          setTab('runtime');
+        });
+      });
+    }
+
+    async function promptBindCurrentChat(conversationId, previousBinding, remoteDid) {
+      const current = state.session && state.session.activeWorkSession
+        ? state.session.activeWorkSession
+        : (state.overview && state.overview.activeWorkSession ? state.overview.activeWorkSession : null);
+      const previous = previousBinding || (state.session && state.session.binding ? state.session.binding.session_key : null) || '(unbound)';
+      const targetRemoteDid = remoteDid || (state.session && state.session.session ? state.session.session.remote_did : null) || '(unknown)';
+      const confirmed = window.confirm(
+        'Rebind this PingAgent conversation to the current chat session?' +
+        '
+
+Conversation: ' + conversationId +
+        '
+Remote DID: ' + targetRemoteDid +
+        '
+
+Current chat: ' + (current || '(none)') +
+        '
+Previous binding: ' + previous
+      );
+      if (!confirmed) return;
+      await api('/api/runtime/session-bindings/bind-current', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ conversation_id: conversationId }),
+      });
+      await refreshAll();
+      setTab('runtime');
+    }
+
+    function renderPolicy() {
+      const policy = state.policy;
+      if (!policy) return;
+      document.getElementById('contactDefault').value = policy.doc.contact_policy.default_action;
+      document.getElementById('taskDefault').value = policy.doc.task_policy.default_action;
+
+      const rules = [];
+      policy.doc.contact_policy.rules.forEach(function (rule) {
+        rules.push({ policy: 'contact', match: rule.match, action: rule.action });
+      });
+      policy.doc.task_policy.rules.forEach(function (rule) {
+        rules.push({ policy: 'task', match: rule.match, action: rule.action });
+      });
+      document.getElementById('ruleList').innerHTML = rules.length
+        ? rules.map(function (rule) {
+            return '<div class="rule-row"><div class="top"><strong>' + esc(rule.match) + '</strong><span class="badge">' + esc(rule.policy + ' -> ' + rule.action) + '</span></div>' +
+              '<div class="row-actions"><button class="danger-btn remove-rule-btn" data-policy="' + esc(rule.policy) + '" data-match="' + esc(rule.match) + '">Remove</button></div>' +
+            '</div>';
+          }).join('')
+        : '<div class="empty">No explicit trust rules yet.</div>';
+
+      document.querySelectorAll('.remove-rule-btn').forEach(function (btn) {
+        btn.addEventListener('click', async function () {
+          await api('/api/runtime/policy/rules/remove', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ policy: btn.getAttribute('data-policy'), match: btn.getAttribute('data-match') }),
+          });
+          await loadPolicy();
+        });
+      });
+
+      const recommendations = Array.isArray(policy.recommendations) ? policy.recommendations : [];
+      const groups = {
+        open: recommendations.filter(function (item) { return item.status === 'open'; }),
+        applied: recommendations.filter(function (item) { return item.status === 'applied'; }),
+        dismissed: recommendations.filter(function (item) { return item.status === 'dismissed'; }),
+        superseded: recommendations.filter(function (item) { return item.status === 'superseded'; }),
+      };
+      document.getElementById('recommendationList').innerHTML = recommendations.length
+        ? ['open', 'applied', 'dismissed', 'superseded'].map(function (status) {
+            const list = groups[status];
+            if (!list.length) return '';
+            return '<div><div class="label" style="margin-bottom:8px">' + esc(status) + '</div>' + list.map(function (item) {
+              const applyButton = status !== 'applied'
+                ? '<button class="action-btn apply-recommendation-btn" data-recommendation-id="' + esc(item.id) + '">Apply</button>'
+                : '';
+              const dismissButton = status === 'open'
+                ? '<button class="danger-btn dismiss-recommendation-btn" data-recommendation-id="' + esc(item.id) + '">Dismiss</button>'
+                : '';
+              const reopenButton = (status === 'dismissed' || status === 'superseded')
+                ? '<button class="secondary-btn reopen-recommendation-btn" data-recommendation-id="' + esc(item.id) + '">Reopen</button>'
+                : '';
+              return '<div class="recommendation-row"><div class="top"><strong>' + esc(item.remote_did) + '</strong><span class="badge">' + esc(item.policy + ' -> ' + item.action) + '</span></div>' +
+                '<div class="muted small">status=' + esc(item.status) + ' \xB7 current=' + esc(item.current_action) + ' \xB7 confidence=' + esc(item.confidence) + '</div>' +
+                '<div class="muted small">match=' + esc(item.match) + '</div>' +
+                '<div style="margin-top:8px">' + esc(item.reason) + '</div>' +
+                '<div class="row-actions">' + applyButton + dismissButton + reopenButton + '</div>' +
+              '</div>';
+            }).join('') + '</div>';
+          }).join('')
+        : '<div class="empty">No learned recommendations yet.</div>';
+      document.querySelectorAll('.apply-recommendation-btn').forEach(function (btn) {
+        btn.addEventListener('click', async function () {
+          await api('/api/runtime/policy/recommendations/apply', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ recommendation_id: btn.getAttribute('data-recommendation-id') }),
+          });
+          await refreshAll();
+          setTab('policy');
+        });
+      });
+      document.querySelectorAll('.dismiss-recommendation-btn').forEach(function (btn) {
+        btn.addEventListener('click', async function () {
+          await api('/api/runtime/policy/recommendations/dismiss', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ recommendation_id: btn.getAttribute('data-recommendation-id') }),
+          });
+          await refreshAll();
+          setTab('policy');
+        });
+      });
+      document.querySelectorAll('.reopen-recommendation-btn').forEach(function (btn) {
+        btn.addEventListener('click', async function () {
+          await api('/api/runtime/policy/recommendations/reopen', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ recommendation_id: btn.getAttribute('data-recommendation-id') }),
+          });
+          await refreshAll();
+          setTab('policy');
+        });
+      });
+
+      const auditEvents = Array.isArray(policy.auditEvents) ? policy.auditEvents : [];
+      document.getElementById('policyAuditList').innerHTML = auditEvents.length
+        ? auditEvents.map(function (event) {
+            return '<div class="audit-row"><div class="top"><strong>' + esc(event.event_type) + '</strong><span class="badge">' + esc(event.action || event.outcome || '-') + '</span></div>' +
+              '<div class="muted small">' + esc(fmtTs(event.ts_ms)) + ' \xB7 ' + esc(event.remote_did || '(unknown)') + '</div>' +
+              '<div style="margin-top:8px">' + esc(event.explanation || '(no explanation)') + '</div>' +
+            '</div>';
+          }).join('')
+        : '<div class="empty">No audit events yet.</div>';
+
+      updateRuleActionOptions();
+    }
+
+    function updateRuleActionOptions() {
+      const policy = document.getElementById('rulePolicy').value;
+      const actions = policy === 'task' ? ['bridge', 'execute', 'deny'] : ['approve', 'manual', 'reject'];
+      const select = document.getElementById('ruleAction');
+      select.innerHTML = actions.map(function (value) { return '<option value="' + esc(value) + '">' + esc(value) + '</option>'; }).join('');
+    }
+
+    async function loadOverview() {
+      state.overview = await api('/api/runtime/overview');
+      renderHeader();
+      renderOverview();
+      const sessions = state.overview && Array.isArray(state.overview.sessions) ? state.overview.sessions : [];
+      if (!state.selectedSessionKey && sessions.length) {
+        state.selectedSessionKey = sessions[0].session_key;
+      }
+      if (state.selectedSessionKey) {
+        await loadSession(state.selectedSessionKey);
+      }
+    }
+
+    async function loadSession(sessionKey) {
+      if (!sessionKey) return;
+      state.selectedSessionKey = sessionKey;
+      state.session = await api('/api/runtime/session?session_key=' + encodeURIComponent(sessionKey));
+      renderSession();
+    }
+
+    async function loadPolicy() {
+      state.policy = await api('/api/runtime/policy');
+      renderPolicy();
+    }
+
+    async function refreshAll() {
+      if (!state.selectedProfile && state.profiles.length > 1) {
+        renderHeader();
+        return;
+      }
+      await loadOverview();
+      await loadPolicy();
+      renderHeader();
+    }
+
+    document.getElementById('navRuntime').addEventListener('click', function () { setTab('runtime'); });
+    document.getElementById('navPolicy').addEventListener('click', function () { setTab('policy'); });
+    document.getElementById('rulePolicy').addEventListener('change', updateRuleActionOptions);
+    document.getElementById('saveDefaultsBtn').addEventListener('click', async function () {
+      await api('/api/runtime/policy/defaults', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          contact_default: document.getElementById('contactDefault').value,
+          task_default: document.getElementById('taskDefault').value,
+        }),
+      });
+      await refreshAll();
+      setTab('policy');
+    });
+    document.getElementById('addRuleBtn').addEventListener('click', async function () {
+      await api('/api/runtime/policy/rules', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          policy: document.getElementById('rulePolicy').value,
+          match: document.getElementById('ruleMatch').value.trim(),
+          action: document.getElementById('ruleAction').value,
+        }),
+      });
+      document.getElementById('ruleMatch').value = '';
+      await refreshAll();
+      setTab('policy');
+    });
+    document.getElementById('simulateBtn').addEventListener('click', async function () {
+      const result = await api('/api/runtime/policy/simulate', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          remote_did: document.getElementById('simulateDid').value.trim(),
+          sender_alias: document.getElementById('simulateAlias').value.trim(),
+          verification_status: document.getElementById('simulateVerification').value.trim(),
+        }),
+      });
+      document.getElementById('simulateOutput').textContent = JSON.stringify(result, null, 2);
+      setTab('policy');
+    });
+
+    async function init() {
+      await loadProfiles();
+      updateRuleActionOptions();
+      await refreshAll();
+    }
+
+    init().catch(function (error) {
+      document.getElementById('headerTitle').textContent = 'PingAgent Host Panel';
+      document.getElementById('headerSubtitle').textContent = error && error.message ? error.message : 'Failed to initialize';
+    });
+  </script>
+</body>
+</html>`;
+}
+
+// src/web-server.ts
 var DEFAULT_PORT = 3846;
 var DEFAULT_ROOT = "~/.pingagent";
 function resolvePath(p) {
@@ -90,7 +853,15 @@ async function getContextForProfile(profile, defaultServerUrl) {
     store,
     onTokenRefreshed: (token, expiresAt) => updateStoredToken(token, expiresAt, profile.identityPath)
   });
-  return { client, contactManager, myDid: identityAfter.did, serverUrl };
+  void client.ensureEncryptionKeyPublished().catch(() => void 0);
+  return {
+    client,
+    contactManager,
+    myDid: identityAfter.did,
+    serverUrl,
+    identityPath: profile.identityPath,
+    storePath: profile.storePath
+  };
 }
 var clientCache = /* @__PURE__ */ new Map();
 async function startWebServer(opts) {
@@ -111,6 +882,7 @@ async function startWebServer(opts) {
     }
   }
   const html = getHtml();
+  const hostPanelHtml = getHostPanelHtml();
   const server = http.createServer(async (req, res) => {
     const url = new URL(req.url || "/", `http://${req.headers.host}`);
     const pathname = url.pathname;
@@ -131,6 +903,11 @@ async function startWebServer(opts) {
       res.end(html);
       return;
     }
+    if (pathname === "/host-panel" || pathname === "/host-panel.html") {
+      res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+      res.end(hostPanelHtml);
+      return;
+    }
     if (pathname.startsWith("/api/")) {
       try {
         if (pathname === "/api/profiles" || pathname === "/api/profiles/") {
@@ -155,7 +932,7 @@ async function startWebServer(opts) {
             clientCache.set(pid, ctx);
           }
         }
-        const result = await handleApi(pathname, req, ctx.client, ctx.contactManager, ctx.myDid, ctx.serverUrl);
+        const result = await handleApi(pathname, req, ctx);
         res.writeHead(200, { "Content-Type": "application/json; charset=utf-8" });
         res.end(JSON.stringify(result));
       } catch (err) {
@@ -167,22 +944,552 @@ async function startWebServer(opts) {
     res.writeHead(404);
     res.end("Not found");
   });
-  server.listen(port, "127.0.0.1", () => {
-    console.log(`PingAgent Web: http://127.0.0.1:${port}`);
-    if (fixedContext) {
-      console.log(`  DID: ${fixedContext.myDid}`);
-      console.log(`  Server: ${fixedContext.serverUrl}`);
-    } else {
-      console.log(`  Profiles: ${profiles.map((p) => p.id).join(", ")} (each uses its identity server URL)`);
-    }
+  await new Promise((resolve2, reject) => {
+    const onError = (error) => {
+      server.off("error", onError);
+      reject(error);
+    };
+    server.once("error", onError);
+    server.listen(port, "127.0.0.1", () => {
+      server.off("error", onError);
+      const address = server.address();
+      const boundPort = typeof address === "object" && address ? address.port : port;
+      console.log(`PingAgent Web: http://127.0.0.1:${boundPort}`);
+      console.log(`Host Panel: http://127.0.0.1:${boundPort}/host-panel`);
+      if (fixedContext) {
+        console.log(`  DID: ${fixedContext.myDid}`);
+        console.log(`  Server: ${fixedContext.serverUrl}`);
+      } else {
+        console.log(`  Profiles: ${profiles.map((p) => p.id).join(", ")} (each uses its identity server URL)`);
+      }
+      resolve2();
+    });
   });
   return server;
 }
-async function handleApi(pathname, req, client, contactManager, myDid, serverUrl) {
+function getRuntimeMode() {
+  return process.env.PINGAGENT_RUNTIME_MODE === "executor" ? "executor" : "bridge";
+}
+function getTrustPolicyPath(identityPath) {
+  const explicit = process.env.PINGAGENT_TRUST_POLICY_PATH?.trim();
+  if (explicit) return path.resolve(explicit.replace(/^~(?=\/|$)/, process.env.HOME ?? ""));
+  return path.join(path.dirname(identityPath), "trust-policy.json");
+}
+function readTrustPolicyDoc(identityPath) {
+  const policyPath = getTrustPolicyPath(identityPath);
+  if (!fs.existsSync(policyPath)) return defaultTrustPolicyDoc();
+  const raw = JSON.parse(fs.readFileSync(policyPath, "utf-8"));
+  return normalizeTrustPolicyDoc(raw);
+}
+function writeTrustPolicyDoc(identityPath, doc) {
+  const policyPath = getTrustPolicyPath(identityPath);
+  const dir = path.dirname(policyPath);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true, mode: 448 });
+  fs.writeFileSync(policyPath, JSON.stringify(normalizeTrustPolicyDoc(doc), null, 2), "utf-8");
+  return policyPath;
+}
+function buildPolicyDecisionShape(identityPath, remoteDid, opts) {
+  const policy = readTrustPolicyDoc(identityPath);
+  const runtimeMode = opts?.runtimeMode ?? getRuntimeMode();
+  const contact = decideContactPolicy(policy, { sender_did: remoteDid });
+  const task = decideTaskPolicy(policy, { sender_did: remoteDid }, { runtimeMode });
+  return {
+    contact: {
+      action: contact.action,
+      source: contact.source,
+      explanation: contact.explanation,
+      matched_rule: contact.matched_rule?.match
+    },
+    task: {
+      action: task.action,
+      source: task.source,
+      explanation: task.explanation,
+      matched_rule: task.matched_rule?.match
+    }
+  };
+}
+function syncTrustRecommendations(storePath, input) {
+  const recommendationStore = new LocalStore(storePath);
+  try {
+    const manager = new TrustRecommendationManager(recommendationStore);
+    const recommendations = manager.sync({
+      policyDoc: input.policyDoc,
+      sessions: input.sessions,
+      tasks: input.tasks,
+      auditEvents: input.auditEvents,
+      runtimeMode: input.runtimeMode,
+      limit: input.limit
+    });
+    return {
+      recommendations,
+      summary: manager.summarize()
+    };
+  } finally {
+    recommendationStore.close();
+  }
+}
+function formatRetentionLabel(ttlMs) {
+  if (!ttlMs || ttlMs <= 0) return "-";
+  const days = ttlMs / 864e5;
+  if (Number.isInteger(days) && days >= 1) return `${days}d`;
+  const hours = ttlMs / 36e5;
+  if (Number.isInteger(hours) && hours >= 1) return `${hours}h`;
+  return `${ttlMs}ms`;
+}
+function describeHostedTier(tier) {
+  if (tier === "plus") return "shareable identity + higher relay + first alias";
+  if (tier === "pro") return "multi-identity communication + audit export";
+  if (tier === "enterprise") return "high-scale governance + operational controls";
+  return "free communication-first entry tier";
+}
+async function buildRuntimeOverviewPayload(ctx) {
+  const client = ctx.client;
+  await client.listConversations({ type: "dm" });
+  const sessionManager = client.getSessionManager();
+  const taskManager = client.getTaskThreadManager();
+  const historyManager = client.getHistoryManager();
+  if (!sessionManager || !taskManager || !historyManager) {
+    throw new Error("Runtime overview requires a writable local store");
+  }
+  const sessions = sessionManager.listRecentSessions(24);
+  for (const session of sessions.slice(0, 8)) {
+    if (session.conversation_id) {
+      await client.listTaskThreads(session.conversation_id).catch(() => void 0);
+    }
+  }
+  const refreshedTasks = taskManager.listRecent(24);
+  const auditStore = new LocalStore(ctx.storePath);
+  let auditEvents = [];
+  try {
+    const auditManager = new TrustPolicyAuditManager(auditStore);
+    auditEvents = auditManager.listRecent(120);
+  } finally {
+    auditStore.close();
+  }
+  const auditSummary = summarizeTrustPolicyAudit(auditEvents);
+  const policy = readTrustPolicyDoc(ctx.identityPath);
+  const runtimeMode = getRuntimeMode();
+  const subRes = await client.getSubscription().catch(() => ({ ok: false }));
+  const subscription = subRes.ok && subRes.data ? subRes.data : null;
+  const recommendationState = syncTrustRecommendations(ctx.storePath, {
+    policyDoc: policy,
+    sessions,
+    tasks: refreshedTasks,
+    auditEvents,
+    runtimeMode,
+    limit: 12
+  });
+  const unreadTotal = sessions.reduce((sum, session) => sum + session.unread_count, 0);
+  const sessionBindings = readSessionBindings();
+  const sessionBindingAlerts = readSessionBindingAlerts();
+  const activeWorkSession = readCurrentActiveSessionKey();
+  const bindingByConversation = new Map(sessionBindings.map((row) => [row.conversation_id, row.session_key]));
+  const bindingAlertByConversation = new Map(sessionBindingAlerts.map((row) => [row.conversation_id, row]));
+  const trustCounts = sessions.reduce((acc, session) => {
+    acc[session.trust_state] = (acc[session.trust_state] ?? 0) + 1;
+    return acc;
+  }, {});
+  return {
+    did: ctx.myDid,
+    serverUrl: ctx.serverUrl,
+    runtimeMode,
+    trustPolicyPath: getTrustPolicyPath(ctx.identityPath),
+    activeWorkSessionFile: getActiveSessionFilePath(),
+    activeWorkSession,
+    sessionMapPath: getSessionMapFilePath(),
+    sessionBindingAlertsPath: getSessionBindingAlertsFilePath(),
+    sessionBindings,
+    sessionBindingAlerts,
+    subscription: subscription ? {
+      tier: subscription.tier,
+      summary: describeHostedTier(subscription.tier),
+      limits: subscription.limits,
+      usage: subscription.usage,
+      billing_primary_did: subscription.billing_primary_did ?? null,
+      is_billing_primary: subscription.is_billing_primary ?? true,
+      linked_device_count: subscription.linked_device_count ?? 0,
+      retention_label: formatRetentionLabel(subscription.limits.store_forward_ttl_ms),
+      audit_export_allowed: !!subscription.limits.audit_export_allowed
+    } : null,
+    policyDefaults: {
+      contact: policy.contact_policy.enabled ? policy.contact_policy.default_action : "disabled",
+      task: policy.task_policy.enabled ? policy.task_policy.default_action : "disabled"
+    },
+    sessionsTotal: sessions.length,
+    tasksTotal: refreshedTasks.length,
+    unreadTotal,
+    trustCounts,
+    recommendationSummary: recommendationState.summary,
+    sessions: sessions.map((session) => ({
+      ...session,
+      mapped_work_session: session.conversation_id ? bindingByConversation.get(session.conversation_id) ?? null : null,
+      binding_alert: session.conversation_id ? bindingAlertByConversation.get(session.conversation_id) ?? null : null,
+      is_active_work_session: session.session_key === activeWorkSession,
+      latest_messages: session.conversation_id ? historyManager.listRecent(session.conversation_id, 3) : []
+    })),
+    tasks: refreshedTasks,
+    auditSummary,
+    recommendations: recommendationState.recommendations
+  };
+}
+async function buildSessionOverviewPayload(ctx, sessionKey) {
+  const client = ctx.client;
+  const sessionManager = client.getSessionManager();
+  const taskManager = client.getTaskThreadManager();
+  const historyManager = client.getHistoryManager();
+  if (!sessionManager || !taskManager || !historyManager) {
+    throw new Error("Session overview requires a writable local store");
+  }
+  const session = sessionKey ? sessionManager.get(sessionKey) : sessionManager.getActiveSession() ?? sessionManager.listRecentSessions(1)[0] ?? null;
+  if (!session) throw new Error("No session available");
+  if (session.conversation_id) {
+    await client.listTaskThreads(session.conversation_id).catch(() => void 0);
+  }
+  const tasks = taskManager.listBySession(session.session_key, 20);
+  const messages = session.conversation_id ? historyManager.listRecent(session.conversation_id, 20) : [];
+  const auditStore = new LocalStore(ctx.storePath);
+  let auditEvents = [];
+  let recentAuditEvents = [];
+  try {
+    const auditManager = new TrustPolicyAuditManager(auditStore);
+    auditEvents = auditManager.listBySession(session.session_key, 40);
+    recentAuditEvents = auditManager.listRecent(200);
+  } finally {
+    auditStore.close();
+  }
+  const policy = readTrustPolicyDoc(ctx.identityPath);
+  const bindings = readSessionBindings();
+  const bindingAlerts = readSessionBindingAlerts();
+  const binding = session.conversation_id ? bindings.find((row) => row.conversation_id === session.conversation_id) ?? null : null;
+  const bindingAlert = session.conversation_id ? bindingAlerts.find((row) => row.conversation_id === session.conversation_id) ?? null : null;
+  const activeWorkSession = readCurrentActiveSessionKey();
+  const recommendationState = syncTrustRecommendations(ctx.storePath, {
+    policyDoc: policy,
+    sessions: sessionManager.listRecentSessions(50),
+    tasks: taskManager.listRecent(100),
+    auditEvents: recentAuditEvents,
+    runtimeMode: getRuntimeMode(),
+    limit: 20
+  });
+  return {
+    session,
+    binding,
+    bindingAlert,
+    activeWorkSession,
+    activeWorkSessionFile: getActiveSessionFilePath(),
+    sessionMapPath: getSessionMapFilePath(),
+    sessionBindingAlertsPath: getSessionBindingAlertsFilePath(),
+    policyExplain: buildPolicyDecisionShape(ctx.identityPath, session.remote_did, { runtimeMode: getRuntimeMode() }),
+    tasks,
+    messages,
+    auditEvents,
+    recommendations: recommendationState.recommendations.filter((item) => item.remote_did === session.remote_did)
+  };
+}
+async function handleApi(pathname, req, ctx) {
+  const client = ctx.client;
+  const contactManager = ctx.contactManager;
+  const myDid = ctx.myDid;
+  const serverUrl = ctx.serverUrl;
   const parts = pathname.slice(5).split("/").filter(Boolean);
   if (parts[0] === "me") {
     return { did: myDid, serverUrl };
   }
+  if (parts[0] === "runtime") {
+    if (!parts[1] || parts[1] === "overview") {
+      return buildRuntimeOverviewPayload(ctx);
+    }
+    if (parts[1] === "session") {
+      const url = new URL(req.url || "", "http://x");
+      const sessionKey = url.searchParams.get("session_key");
+      return buildSessionOverviewPayload(ctx, sessionKey);
+    }
+    if (parts[1] === "session-bindings") {
+      if ((!parts[2] || parts[2] === "list") && req.method === "GET") {
+        const url = new URL(req.url || "", "http://x");
+        const conversationId = url.searchParams.get("conversation_id");
+        const rows = conversationId ? readSessionBindings().filter((row) => row.conversation_id === conversationId) : readSessionBindings();
+        return {
+          activeWorkSessionFile: getActiveSessionFilePath(),
+          activeWorkSession: readCurrentActiveSessionKey(),
+          sessionMapPath: getSessionMapFilePath(),
+          sessionBindingAlertsPath: getSessionBindingAlertsFilePath(),
+          alerts: conversationId ? readSessionBindingAlerts().filter((row) => row.conversation_id === conversationId) : readSessionBindingAlerts(),
+          bindings: rows
+        };
+      }
+      if (parts[2] === "bind-current" && req.method === "POST") {
+        const body = await readBody(req);
+        const conversationId = String(body?.conversation_id ?? "").trim();
+        if (!conversationId) throw new Error("conversation_id is required");
+        const current = readCurrentActiveSessionKey();
+        if (!current) {
+          throw new Error(`No active OpenClaw chat session found in ${getActiveSessionFilePath()}`);
+        }
+        const result = setSessionBinding(conversationId, current);
+        return {
+          ok: true,
+          activeWorkSessionFile: getActiveSessionFilePath(),
+          activeWorkSession: current,
+          sessionMapPath: result.path,
+          binding: result.binding
+        };
+      }
+      if (parts[2] === "set" && req.method === "POST") {
+        const body = await readBody(req);
+        const conversationId = String(body?.conversation_id ?? "").trim();
+        const sessionKey = String(body?.session_key ?? "").trim();
+        if (!conversationId || !sessionKey) throw new Error("conversation_id and session_key are required");
+        const result = setSessionBinding(conversationId, sessionKey);
+        return {
+          ok: true,
+          activeWorkSessionFile: getActiveSessionFilePath(),
+          activeWorkSession: readCurrentActiveSessionKey(),
+          sessionMapPath: result.path,
+          binding: result.binding
+        };
+      }
+      if (parts[2] === "clear" && req.method === "POST") {
+        const body = await readBody(req);
+        const conversationId = String(body?.conversation_id ?? "").trim();
+        if (!conversationId) throw new Error("conversation_id is required");
+        const result = removeSessionBinding(conversationId);
+        return {
+          ok: true,
+          removed: result.removed,
+          sessionMapPath: result.path
+        };
+      }
+    }
+    if (parts[1] === "policy") {
+      const policyPath = getTrustPolicyPath(ctx.identityPath);
+      const runtimeMode = getRuntimeMode();
+      const sessionManager = ctx.client.getSessionManager();
+      const taskManager = ctx.client.getTaskThreadManager();
+      if (!sessionManager || !taskManager) {
+        throw new Error("Trust policy panel requires a writable local store");
+      }
+      if (!parts[2] && req.method === "GET") {
+        const doc = readTrustPolicyDoc(ctx.identityPath);
+        const auditStore = new LocalStore(ctx.storePath);
+        try {
+          const auditManager = new TrustPolicyAuditManager(auditStore);
+          const auditEvents = auditManager.listRecent(120);
+          const recommendationState = syncTrustRecommendations(ctx.storePath, {
+            policyDoc: doc,
+            sessions: sessionManager.listRecentSessions(100),
+            tasks: taskManager.listRecent(100),
+            auditEvents,
+            runtimeMode,
+            limit: 50
+          });
+          return {
+            path: policyPath,
+            runtimeMode,
+            doc,
+            auditSummary: summarizeTrustPolicyAudit(auditEvents),
+            auditEvents,
+            recommendationSummary: recommendationState.summary,
+            recommendations: recommendationState.recommendations
+          };
+        } finally {
+          auditStore.close();
+        }
+      }
+      if (parts[2] === "defaults" && req.method === "POST") {
+        const body = await readBody(req);
+        const doc = readTrustPolicyDoc(ctx.identityPath);
+        if (typeof body?.contact_default === "string") doc.contact_policy.default_action = body.contact_default;
+        if (typeof body?.task_default === "string") doc.task_policy.default_action = body.task_default;
+        if (typeof body?.contact_enabled === "boolean") doc.contact_policy.enabled = body.contact_enabled;
+        if (typeof body?.task_enabled === "boolean") doc.task_policy.enabled = body.task_enabled;
+        const savedPath = writeTrustPolicyDoc(ctx.identityPath, doc);
+        const auditStore = new LocalStore(ctx.storePath);
+        try {
+          new TrustPolicyAuditManager(auditStore).record({
+            event_type: "policy_default_updated",
+            policy_scope: "session",
+            action: "defaults_updated",
+            outcome: "saved",
+            explanation: `Updated contact_default=${doc.contact_policy.default_action}, task_default=${doc.task_policy.default_action}`,
+            detail: {
+              contact_default: doc.contact_policy.default_action,
+              task_default: doc.task_policy.default_action,
+              contact_enabled: doc.contact_policy.enabled,
+              task_enabled: doc.task_policy.enabled
+            }
+          });
+        } finally {
+          auditStore.close();
+        }
+        return { ok: true, path: savedPath, doc };
+      }
+      if (parts[2] === "rules" && req.method === "POST") {
+        const body = await readBody(req);
+        const doc = readTrustPolicyDoc(ctx.identityPath);
+        const policyKey = body?.policy === "task" ? "task_policy" : "contact_policy";
+        if (typeof body?.match !== "string" || typeof body?.action !== "string") {
+          throw new Error("Missing policy rule match/action");
+        }
+        doc[policyKey].enabled = true;
+        doc[policyKey].rules = [
+          { match: body.match, action: body.action },
+          ...doc[policyKey].rules.filter((rule) => rule.match !== body.match)
+        ];
+        const savedPath = writeTrustPolicyDoc(ctx.identityPath, doc);
+        const auditStore = new LocalStore(ctx.storePath);
+        try {
+          new TrustPolicyAuditManager(auditStore).record({
+            event_type: "policy_rule_upserted",
+            policy_scope: body?.policy === "task" ? "task" : "contact",
+            remote_did: typeof body?.match === "string" && body.match.startsWith("did:agent:") ? body.match : void 0,
+            action: String(body.action),
+            outcome: "saved",
+            explanation: `Upserted ${body?.policy ?? "contact"} rule ${body.match} -> ${body.action}`,
+            matched_rule: String(body.match)
+          });
+        } finally {
+          auditStore.close();
+        }
+        return { ok: true, path: savedPath, doc };
+      }
+      if (parts[2] === "rules" && parts[3] === "remove" && req.method === "POST") {
+        const body = await readBody(req);
+        const doc = readTrustPolicyDoc(ctx.identityPath);
+        const policyKey = body?.policy === "task" ? "task_policy" : "contact_policy";
+        doc[policyKey].rules = doc[policyKey].rules.filter((rule) => rule.match !== body?.match);
+        const savedPath = writeTrustPolicyDoc(ctx.identityPath, doc);
+        const auditStore = new LocalStore(ctx.storePath);
+        try {
+          new TrustPolicyAuditManager(auditStore).record({
+            event_type: "policy_rule_removed",
+            policy_scope: body?.policy === "task" ? "task" : "contact",
+            remote_did: typeof body?.match === "string" && body.match.startsWith("did:agent:") ? body.match : void 0,
+            action: "remove",
+            outcome: "saved",
+            explanation: `Removed ${body?.policy ?? "contact"} rule ${body?.match ?? "(unknown)"}`,
+            matched_rule: typeof body?.match === "string" ? body.match : void 0
+          });
+        } finally {
+          auditStore.close();
+        }
+        return { ok: true, path: savedPath, doc };
+      }
+      if (parts[2] === "recommendations" && parts[3] === "apply" && req.method === "POST") {
+        const body = await readBody(req);
+        const doc = readTrustPolicyDoc(ctx.identityPath);
+        const sharedStore = new LocalStore(ctx.storePath);
+        try {
+          const auditManager = new TrustPolicyAuditManager(sharedStore);
+          const recommendationManager = new TrustRecommendationManager(sharedStore);
+          const auditEvents = auditManager.listRecent(200);
+          recommendationManager.sync({
+            policyDoc: doc,
+            sessions: sessionManager.listRecentSessions(100),
+            tasks: taskManager.listRecent(100),
+            auditEvents,
+            runtimeMode,
+            limit: 50
+          });
+          const recommendation = recommendationManager.get(String(body?.recommendation_id ?? ""));
+          if (!recommendation) throw new Error("Recommendation not found");
+          const nextDoc = upsertTrustPolicyRecommendation(doc, recommendation);
+          const savedPath = writeTrustPolicyDoc(ctx.identityPath, nextDoc);
+          const stored = recommendationManager.apply(recommendation.id) ?? recommendation;
+          auditManager.record({
+            event_type: "recommendation_applied",
+            policy_scope: recommendation.policy,
+            remote_did: recommendation.remote_did,
+            action: String(recommendation.action),
+            outcome: "recommendation_applied",
+            explanation: recommendation.reason,
+            matched_rule: recommendation.match,
+            detail: { recommendation_id: recommendation.id }
+          });
+          return { ok: true, path: savedPath, recommendation: stored, doc: nextDoc };
+        } finally {
+          sharedStore.close();
+        }
+      }
+      if (parts[2] === "recommendations" && parts[3] === "dismiss" && req.method === "POST") {
+        const body = await readBody(req);
+        const sharedStore = new LocalStore(ctx.storePath);
+        try {
+          const recommendationManager = new TrustRecommendationManager(sharedStore);
+          const recommendation = recommendationManager.dismiss(String(body?.recommendation_id ?? ""));
+          if (!recommendation) throw new Error("Recommendation not found");
+          new TrustPolicyAuditManager(sharedStore).record({
+            event_type: "recommendation_dismissed",
+            policy_scope: recommendation.policy,
+            remote_did: recommendation.remote_did,
+            action: String(recommendation.action),
+            outcome: "recommendation_dismissed",
+            explanation: recommendation.reason,
+            matched_rule: recommendation.match,
+            detail: { recommendation_id: recommendation.id }
+          });
+          return { ok: true, recommendation };
+        } finally {
+          sharedStore.close();
+        }
+      }
+      if (parts[2] === "recommendations" && parts[3] === "reopen" && req.method === "POST") {
+        const body = await readBody(req);
+        const sharedStore = new LocalStore(ctx.storePath);
+        try {
+          const recommendationManager = new TrustRecommendationManager(sharedStore);
+          const recommendation = recommendationManager.reopen(String(body?.recommendation_id ?? ""));
+          if (!recommendation) throw new Error("Recommendation not found");
+          new TrustPolicyAuditManager(sharedStore).record({
+            event_type: "recommendation_reopened",
+            policy_scope: recommendation.policy,
+            remote_did: recommendation.remote_did,
+            action: String(recommendation.action),
+            outcome: "recommendation_reopened",
+            explanation: recommendation.reason,
+            matched_rule: recommendation.match,
+            detail: { recommendation_id: recommendation.id }
+          });
+          return { ok: true, recommendation };
+        } finally {
+          sharedStore.close();
+        }
+      }
+      if ((parts[2] === "simulate" || parts[2] === "explain") && req.method === "POST") {
+        const body = await readBody(req);
+        const doc = readTrustPolicyDoc(ctx.identityPath);
+        const remoteDid = typeof body?.remote_did === "string" ? body.remote_did : void 0;
+        const runtimeModeOverride = body?.runtime_mode === "executor" ? "executor" : runtimeMode;
+        const contact = decideContactPolicy(doc, {
+          sender_did: remoteDid,
+          sender_alias: typeof body?.sender_alias === "string" ? body.sender_alias : void 0,
+          sender_verification_status: typeof body?.verification_status === "string" ? body.verification_status : void 0
+        });
+        const task = decideTaskPolicy(doc, {
+          sender_did: remoteDid,
+          sender_alias: typeof body?.sender_alias === "string" ? body.sender_alias : void 0,
+          sender_verification_status: typeof body?.verification_status === "string" ? body.verification_status : void 0
+        }, { runtimeMode: runtimeModeOverride });
+        return {
+          path: policyPath,
+          runtimeMode: runtimeModeOverride,
+          remoteDid,
+          contact: {
+            action: contact.action,
+            source: contact.source,
+            explanation: contact.explanation,
+            matched_rule: contact.matched_rule?.match
+          },
+          task: {
+            action: task.action,
+            source: task.source,
+            explanation: task.explanation,
+            matched_rule: task.matched_rule?.match
+          }
+        };
+      }
+    }
+  }
   if (parts[0] === "profile") {
     if (req.method === "GET") {
       const res = await client.getProfile();
@@ -374,13 +1681,13 @@ async function handleApi(pathname, req, client, contactManager, myDid, serverUrl
   throw new Error("Unknown API");
 }
 function readBody(req) {
-  return new Promise((resolve, reject) => {
+  return new Promise((resolve2, reject) => {
     const chunks = [];
     req.on("data", (c) => chunks.push(c));
     req.on("end", () => {
       try {
         const raw = Buffer.concat(chunks).toString("utf-8");
-        resolve(raw ? JSON.parse(raw) : {});
+        resolve2(raw ? JSON.parse(raw) : {});
       } catch (e) {
         reject(new Error("Invalid JSON"));
       }
@@ -467,7 +1774,7 @@ function getHtml(_fixedOnly) {
 <body>
   <div class="layout">
     <div class="sidebar">
-      <div class="header"><strong>PingAgent Web</strong><br>\u672C\u5730\u8C03\u8BD5\u4E0E\u5BA1\u8BA1</div>
+      <div class="header"><strong>PingAgent Web</strong><br>\u672C\u5730\u8C03\u8BD5\u4E0E\u5BA1\u8BA1<br><a href="/host-panel" style="color:#93c5fd">\u6253\u5F00 Host Panel</a></div>
       ${profilePicker}
       <div class="add-conv">
         <input type="text" id="newDid" placeholder="\u8F93\u5165 DID \u6216\u522B\u540D\u65B0\u5EFA\u4F1A\u8BDD">