@pleri/olam-cli 0.1.134 → 0.1.136

package/dist/mcp-server.js

@@ -11142,7 +11142,7 @@ function loadRepoManifest(repoDir) {
   }
   return { ...body, source };
 }
-var runtimeSchema, appSchema, serviceSchema, deploySchema, BootstrapKindSchema, BootstrapStepSchema, RepoManifestSchema, KNOWN_TOP_LEVEL_KEYS, FORBIDDEN_KEYS;
+var runtimeSchema, appSchema, serviceSchema, deploySchema, planChatSchema, BootstrapKindSchema, BootstrapStepSchema, RepoManifestSchema, KNOWN_TOP_LEVEL_KEYS, FORBIDDEN_KEYS;
 var init_repo_manifest = __esm({
   "../core/dist/world/repo-manifest.js"() {
     "use strict";
@@ -11248,6 +11248,9 @@ var init_repo_manifest = __esm({
     deploySchema = external_exports.object({
       tags: external_exports.array(external_exports.string()).optional()
     }).passthrough();
+    planChatSchema = external_exports.object({
+      enabled: external_exports.boolean()
+    }).strict();
     BootstrapKindSchema = external_exports.enum(["gems", "node", "pg"]);
     BootstrapStepSchema = external_exports.union([
       external_exports.string(),
@@ -11270,7 +11273,8 @@ var init_repo_manifest = __esm({
       secrets: external_exports.string().optional(),
       bootstrap: external_exports.array(BootstrapStepSchema).optional(),
       start: external_exports.string().optional(),
-      deploy: deploySchema.optional()
+      deploy: deploySchema.optional(),
+      plan_chat: planChatSchema.optional()
       // TODO(phase-C): runtime field consumed by stack-install.ts (T16).
       // TODO(phase-D): app.fixed (sticky port) consumed by port-allocation.
       // TODO(phase-D): idempotent_check on bootstrap steps in bootstrap-runner.
@@ -11278,11 +11282,11 @@ var init_repo_manifest = __esm({
     }).passthrough().superRefine((val, ctx) => {
       refineForbiddenKeys(val, [], ctx, true);
     }).superRefine((val, ctx) => {
-      const hasContent = val.version !== void 0 || val.runtime !== void 0 || val.app !== void 0 || val.services !== void 0 || val.env !== void 0 || val.secrets !== void 0 || val.bootstrap !== void 0 || val.start !== void 0 || val.deploy !== void 0;
+      const hasContent = val.version !== void 0 || val.runtime !== void 0 || val.app !== void 0 || val.services !== void 0 || val.env !== void 0 || val.secrets !== void 0 || val.bootstrap !== void 0 || val.start !== void 0 || val.deploy !== void 0 || val.plan_chat !== void 0;
       if (!hasContent) {
         ctx.addIssue({
           code: external_exports.ZodIssueCode.custom,
-          message: "Manifest must declare at least one of: version, runtime, app, services, env, secrets, bootstrap, start, deploy"
+          message: "Manifest must declare at least one of: version, runtime, app, services, env, secrets, bootstrap, start, deploy, plan_chat"
         });
       }
     });
@@ -11296,6 +11300,10 @@ var init_repo_manifest = __esm({
       "bootstrap",
       "start",
       "deploy",
+      // olam-plan-chat-chunks-substrate Phase A task A4: opt-in for the chunks
+      // thought substrate. Read by `resolveThoughtSubstrate` in
+      // `packages/core/src/thought/substrate-router.ts`.
+      "plan_chat",
       // F-7 (olam-hybrid-shared-postgres dogfood finding): native inheritance —
       // `.olam.yaml` may declare `inherits: .adb.yaml` to deep-merge an adb-shaped
       // base manifest into itself. Retires the atlas-one `bin/olam-create-wrap.sh`
@@ -11576,7 +11584,24 @@ var init_schema2 = __esm({
        * (B1/C4) reads this file and forwards the value as
        * `AGENTMEMORY_SECRET` into worlds.
        */
-      secret_ref: external_exports.string().min(1).optional().default("~/.olam/cloud-memory-secret")
+      secret_ref: external_exports.string().min(1).optional().default("~/.olam/cloud-memory-secret"),
+      /**
+       * DO SQLite write-through bridge toggle. Defaults to `true` (bridge
+       * active — every state-mutating call captures the engine's export to
+       * a DO snapshot, restored on cold-start).
+       *
+       * Operators set `bridge: false` to bisect bridge vs engine bugs:
+       * the CLI threads this into the Worker as `OLAM_BRIDGE_DISABLED=1`,
+       * which makes `AgentMemoryContainer.fetch` a plain pass-through
+       * (no capture, no restore). The next deploy with `bridge: true`
+       * resumes captures automatically.
+       *
+       * See `docs/design/olam-agent-memory-do-bridge-schema.md` for the
+       * full storage contract; the bridge is OFF only as a diagnosis aid.
+       *
+       * Plan reference: docs/plans/olam-agent-memory-do-sqlite-bridge/phase-c-tasks.md C3
+       */
+      bridge: external_exports.boolean().optional().default(true)
     });
     MemorySchema = external_exports.object({
       mode: external_exports.enum(["local", "cloud"]).optional().default("local"),
@@ -24222,6 +24247,10 @@ var createWorldContainer = async (docker, worldId, worldName, image, env, resour
             opts.push(`size=${m.size}`);
           if (m.mode !== void 0)
             opts.push(`mode=${m.mode.toString(8).padStart(4, "0")}`);
+          if (m.uid !== void 0)
+            opts.push(`uid=${m.uid}`);
+          if (m.gid !== void 0)
+            opts.push(`gid=${m.gid}`);
           acc[m.target] = opts.join(",");
           return acc;
         }, {})
@@ -30679,6 +30708,119 @@ function createServer4(ctx, initError) {
   return server;
 }
 
+// ../mcp-server/src/utils/native-probe.ts
+import { createRequire as createRequire4 } from "node:module";
+var PROBE_REQUIRE = createRequire4(import.meta.url);
+function runtimeModuleVersion() {
+  return Number.parseInt(process.versions.modules, 10);
+}
+function parseAbiMessage(message) {
+  const compiledMatch = message.match(/NODE_MODULE_VERSION\s+(\d+)/);
+  const requiredMatch = message.match(/requires\s+NODE_MODULE_VERSION\s+(\d+)/);
+  const compiledRaw = compiledMatch?.[1];
+  const requiredRaw = requiredMatch?.[1];
+  return {
+    compiledFor: compiledRaw !== void 0 ? Number.parseInt(compiledRaw, 10) : void 0,
+    required: requiredRaw !== void 0 ? Number.parseInt(requiredRaw, 10) : void 0
+  };
+}
+function classifyLoadError(err, bindingPath) {
+  const message = typeof err.message === "string" ? err.message : "";
+  if (err.code === "MODULE_NOT_FOUND" || /Cannot find module 'better-sqlite3'/.test(message)) {
+    return {
+      kind: "missing",
+      diagnostic: formatMissingPackage(err)
+    };
+  }
+  const abi = parseAbiMessage(message);
+  if (err.code === "ERR_DLOPEN_FAILED" || abi.compiledFor !== void 0 || abi.required !== void 0) {
+    return {
+      kind: "abi",
+      diagnostic: formatAbiMismatch(err, abi.compiledFor, abi.required, bindingPath),
+      compiledFor: abi.compiledFor,
+      required: abi.required
+    };
+  }
+  return { kind: "unclassified", diagnostic: "" };
+}
+function formatMissingPackage(err) {
+  return [
+    "",
+    "\u274C MCP olam server cannot start.",
+    "   Reason:  better-sqlite3 native module is not installed.",
+    `   Runtime: ${process.version} (NODE_MODULE_VERSION ${runtimeModuleVersion()})`,
+    `   Detail:  ${err.message}`,
+    "",
+    "Fix:",
+    "   Run `npm install` in the workspace that hosts this binary,",
+    "   or reinstall the CLI: `npm install -g @pleri/olam-cli`.",
+    ""
+  ].join("\n");
+}
+function formatAbiMismatch(err, compiledFor, required2, bindingPath) {
+  const lines = [
+    "",
+    "\u274C MCP olam server cannot start.",
+    "   Reason:  better-sqlite3 native binding is ABI-incompatible.",
+    `   Runtime: ${process.version} (NODE_MODULE_VERSION ${required2 ?? runtimeModuleVersion()})`
+  ];
+  if (compiledFor !== void 0) {
+    lines.push(`   Binding: compiled for NODE_MODULE_VERSION ${compiledFor}`);
+  }
+  lines.push(`   Path:    ${bindingPath}`);
+  lines.push(`   Node:    ${process.execPath}`);
+  lines.push("");
+  lines.push("Fix:");
+  lines.push("   Rebuild the native binding against the runtime Node version:");
+  lines.push("     npm rebuild better-sqlite3");
+  lines.push("");
+  lines.push("   If you installed under a different Node version (via nvm/asdf/mise),");
+  lines.push("   switch to that version first, then rebuild, OR reinstall the package");
+  lines.push("   so prebuild-install fetches the correct binary for the current Node.");
+  lines.push("");
+  lines.push(`   Underlying error: ${err.message.split("\n")[0]}`);
+  lines.push("");
+  return lines.join("\n");
+}
+function defaultResolver() {
+  try {
+    return PROBE_REQUIRE.resolve("better-sqlite3");
+  } catch {
+    return "(unresolved)";
+  }
+}
+function defaultLoader() {
+  return PROBE_REQUIRE("better-sqlite3");
+}
+function defaultEmit(message) {
+  process.stderr.write(message.endsWith("\n") ? message : `${message}
+`);
+}
+var defaultExit = (code) => process.exit(code);
+function assertBetterSqlite3Loadable(deps = {}) {
+  const loader = deps.loader ?? defaultLoader;
+  const resolver = deps.resolver ?? defaultResolver;
+  const emit = deps.emit ?? defaultEmit;
+  const exit = deps.exit ?? defaultExit;
+  try {
+    const Database = loader();
+    const db = new Database(":memory:");
+    try {
+      db.prepare("SELECT 1").get();
+    } finally {
+      db.close();
+    }
+  } catch (raw) {
+    const err = raw;
+    const classified = classifyLoadError(err, resolver());
+    if (classified.kind === "unclassified") {
+      throw err;
+    }
+    emit(classified.diagnostic);
+    exit(1);
+  }
+}
+
 // ../mcp-server/src/index.ts
 init_loader();
 
@@ -31707,18 +31849,18 @@ function computeFingerprint(runtimes) {
   const joined = parts.join("_");
   return sanitizeTag(joined);
 }
-function computeImageTag(runtimes) {
-  const baseDigest = getBaseImageDigest();
+function computeImageTag(runtimes, baseImageRef = `${BASE_IMAGE}:latest`) {
+  const baseDigest = getImageDigest(baseImageRef);
   const prefix = baseDigest.slice(0, 8);
   const fingerprint = computeFingerprint(runtimes);
   const tag = `${prefix}_${fingerprint}`;
   return sanitizeTag(tag);
 }
-function computeImageName(runtimes) {
-  return `${BASE_IMAGE}:${computeImageTag(runtimes)}`;
+function computeImageName(runtimes, baseImageRef = `${BASE_IMAGE}:latest`) {
+  return `${BASE_IMAGE}:${computeImageTag(runtimes, baseImageRef)}`;
 }
-function lookupCachedImage(runtimes) {
-  const tag = computeImageTag(runtimes);
+function lookupCachedImage(runtimes, baseImageRef = `${BASE_IMAGE}:latest`) {
+  const tag = computeImageTag(runtimes, baseImageRef);
   const imageName = `${BASE_IMAGE}:${tag}`;
   try {
     execSync3(`docker image inspect ${imageName} > /dev/null 2>&1`, {
@@ -31735,19 +31877,25 @@ function commitAsImage(containerName, imageName) {
   const now = (/* @__PURE__ */ new Date()).toISOString();
   execSync3(`docker commit --change 'LABEL ${LABEL_PREFIX}=true' --change 'LABEL ${LABEL_PREFIX}.created-at=${now}' --change 'LABEL ${LABEL_PREFIX}.base-digest=${baseDigest}' ${containerName} ${imageName}`, { stdio: "pipe", timeout: 12e4 });
 }
-var cachedBaseDigest;
-function getBaseImageDigest() {
-  if (cachedBaseDigest)
-    return cachedBaseDigest;
+var cachedImageDigests = /* @__PURE__ */ new Map();
+function getImageDigest(imageRef) {
+  const memo = cachedImageDigests.get(imageRef);
+  if (memo)
+    return memo;
   try {
-    const digest = execSync3(`docker inspect ${BASE_IMAGE}:latest --format '{{.Id}}'`, { encoding: "utf-8", timeout: 5e3 }).trim();
-    cachedBaseDigest = digest.replace("sha256:", "").slice(0, 16);
-    return cachedBaseDigest;
+    const digest = execSync3(`docker inspect ${imageRef} --format '{{.Id}}'`, { encoding: "utf-8", timeout: 5e3 }).trim();
+    const short = digest.replace("sha256:", "").slice(0, 16);
+    cachedImageDigests.set(imageRef, short);
+    return short;
   } catch {
-    cachedBaseDigest = crypto4.createHash("sha256").update("unknown").digest("hex").slice(0, 16);
-    return cachedBaseDigest;
+    const fallback = crypto4.createHash("sha256").update(imageRef).digest("hex").slice(0, 16);
+    cachedImageDigests.set(imageRef, fallback);
+    return fallback;
   }
 }
+function getBaseImageDigest() {
+  return getImageDigest(`${BASE_IMAGE}:latest`);
+}
 function sanitizeTag(raw) {
   let tag = raw.toLowerCase().replace(/[^a-z0-9._-]/g, "-");
   if (tag.length > MAX_TAG_LENGTH) {
@@ -32664,6 +32812,75 @@ function formatPoliciesBrief(policies) {
   return lines.join("\n");
 }
 
+// ../core/dist/world/auto-dispatch-task.js
+var TaskDispatchError = class extends Error {
+  kind;
+  detail;
+  constructor(message, kind, detail) {
+    super(message);
+    this.kind = kind;
+    this.detail = detail;
+    this.name = "TaskDispatchError";
+  }
+};
+var DEFAULT_SLEEP = (ms) => new Promise((resolve10) => setTimeout(resolve10, ms));
+async function probeHealth(containerName, dockerExec, budgetMs, sleep3) {
+  const deadline = Date.now() + budgetMs;
+  const cadenceMs = 100;
+  let lastErr = "";
+  while (Date.now() < deadline) {
+    try {
+      const out = dockerExec(containerName, `curl -s -o /dev/null -w '%{http_code}' http://localhost:8080/health`).trim();
+      if (out === "200")
+        return;
+      lastErr = `HTTP ${out || "(no response)"}`;
+    } catch (err) {
+      lastErr = err instanceof Error ? err.message.slice(0, 200) : String(err).slice(0, 200);
+    }
+    await sleep3(cadenceMs);
+  }
+  throw new TaskDispatchError(`container-cp /health did not return 200 within ${budgetMs}ms`, "health-probe", lastErr || "no response");
+}
+function startAgent(containerName, dockerExec) {
+  const out = dockerExec(containerName, `curl -s -o /dev/null -w '%{http_code}' -X POST http://localhost:8080/session/start-agent`).trim();
+  if (out !== "200" && out !== "202") {
+    throw new TaskDispatchError(`/session/start-agent returned HTTP ${out || "(no response)"}`, "start-agent", `out=${out}`);
+  }
+}
+function dispatch2(containerName, prompt, dockerExec) {
+  const body = JSON.stringify({ prompt });
+  const b64 = Buffer.from(body, "utf8").toString("base64");
+  const tmpFile = "/tmp/olam-auto-dispatch.json";
+  dockerExec(containerName, `echo '${b64}' | base64 -d > ${tmpFile}`);
+  const out = dockerExec(containerName, `curl -s -o /dev/null -w '%{http_code}' -X POST -H 'Content-Type: application/json' -d @${tmpFile} http://localhost:8080/dispatch`).trim();
+  if (out !== "202" && out !== "200") {
+    throw new TaskDispatchError(`/dispatch returned HTTP ${out || "(no response)"}`, "dispatch-post", `out=${out}`);
+  }
+}
+function composeTaskPrompt(task, policies, formatPoliciesBrief2) {
+  if (policies.length === 0 || !formatPoliciesBrief2)
+    return task;
+  const seen = /* @__PURE__ */ new Set();
+  const unique = policies.filter((p) => {
+    if (seen.has(p.id))
+      return false;
+    seen.add(p.id);
+    return true;
+  });
+  if (unique.length === 0)
+    return task;
+  return `${formatPoliciesBrief2(unique)}## Your task
+${task}`;
+}
+async function autoDispatchTask(opts) {
+  const { containerName, task, policies, dockerExec, healthBudgetMs = 15e3, sleep: sleep3 = DEFAULT_SLEEP, logger: logger2 = console, formatPoliciesBrief: formatPoliciesBrief2 } = opts;
+  const finalPrompt = composeTaskPrompt(task, policies, formatPoliciesBrief2);
+  await probeHealth(containerName, dockerExec, healthBudgetMs, sleep3);
+  startAgent(containerName, dockerExec);
+  dispatch2(containerName, finalPrompt, dockerExec);
+  logger2.log(`[world] Task auto-dispatched (${finalPrompt.length} chars)`);
+}
+
 // ../core/dist/global-config/runbook-resolver.js
 import * as fs23 from "node:fs";
 import * as os14 from "node:os";
@@ -33567,9 +33784,32 @@ ${detail}`);
       }
     }
     const repoSecretUrls = enrichedRepos.filter((r) => typeof r.manifest?.secrets === "string" && r.manifest.secrets.length > 0).map((r) => ({ repoName: r.name, secretsUrl: r.manifest.secrets }));
-    let stackCacheHit = false;
     let selectedImage;
+    let cacheArchOverride;
+    const selected = selectDevboxImageForWorld({
+      config: this.config,
+      repos,
+      worldspec: opts.worldspec
+    });
+    if (selected) {
+      selectedImage = selected.image;
+      cacheArchOverride = selected.cacheArch;
+      if (selected.source === "worldspec") {
+        console.log(`[WorldManager] worldspec override \u2014 using ${selected.image} (tag=${selected.tag})`);
+      } else {
+        console.log(`[WorldManager] image_selector matched \u2014 using ${selected.image} (tag=${selected.tag}${selected.cacheArch ? `, cache_arch=${selected.cacheArch}` : ""})`);
+      }
+    } else {
+      const hasRailsRepo = repos.some((r) => r.type === "rails");
+      if (hasRailsRepo) {
+        selectedImage = resolveDevboxImage(this.config, "amd64");
+        cacheArchOverride = "x64";
+        console.log(`[WorldManager] Rails repo detected \u2014 using ${selectedImage} + x64 mise-cache (Rosetta path)`);
+      }
+    }
+    let stackCacheHit = false;
     const preDetectedStacks = /* @__PURE__ */ new Map();
+    const cacheBaseRef = selectedImage ?? "olam-devbox:latest";
     if (this.provider.capabilities.supportsCustomImages) {
       try {
         const hostExec = makeHostExecFn();
@@ -33584,7 +33824,7 @@ ${detail}`);
         }
         const runtimes = collectUniqueRuntimes(Array.from(preDetectedStacks.values()));
         if (runtimes.size > 0) {
-          const cacheResult = lookupCachedImage(runtimes);
+          const cacheResult = lookupCachedImage(runtimes, cacheBaseRef);
           if (cacheResult.hit) {
             selectedImage = cacheResult.imageName;
             stackCacheHit = true;
@@ -33598,30 +33838,6 @@ ${detail}`);
         console.warn(`[WorldManager] host-side stack detection failed: ${msg}`);
       }
     }
-    let cacheArchOverride;
-    if (!stackCacheHit) {
-      const selected = selectDevboxImageForWorld({
-        config: this.config,
-        repos,
-        worldspec: opts.worldspec
-      });
-      if (selected) {
-        selectedImage = selected.image;
-        cacheArchOverride = selected.cacheArch;
-        if (selected.source === "worldspec") {
-          console.log(`[WorldManager] worldspec override \u2014 using ${selected.image} (tag=${selected.tag})`);
-        } else {
-          console.log(`[WorldManager] image_selector matched \u2014 using ${selected.image} (tag=${selected.tag}${selected.cacheArch ? `, cache_arch=${selected.cacheArch}` : ""})`);
-        }
-      } else {
-        const hasRailsRepo = repos.some((r) => r.type === "rails");
-        if (hasRailsRepo) {
-          selectedImage = resolveDevboxImage(this.config, "amd64");
-          cacheArchOverride = "x64";
-          console.log(`[WorldManager] Rails repo detected \u2014 using ${selectedImage} + x64 mise-cache (Rosetta path)`);
-        }
-      }
-    }
     const appPorts = [];
     for (const repo of enrichedRepos) {
       const manifestPort = repo.manifest?.app?.port;
@@ -33775,12 +33991,22 @@ ${detail}`);
         ...extraNetworks ? { extraNetworks } : {},
         // Closes SEC-002 residual: hybrid worlds get a tmpfs mount at
         // /run/olam to receive the per-world postgres credentials. Size
-        // 256K is generous for a few env files; mode 0700 means only
-        // root (the container's PID 1, which then drops to the app user
-        // via the entrypoint) can list the directory. Non-hybrid worlds
-        // skip this entirely — no behavior change.
+        // 256K is generous for a few env files; mode 0700 keeps the dir
+        // owner-only. uid/gid 999 matches the `olam` user from the Phase
+        // E E4 base image contract — without setting these, the tmpfs is
+        // root-owned and `docker exec` (which runs as the image's USER,
+        // i.e. olam) hits EACCES on credential writes. Non-hybrid worlds
+        // skip the mount entirely — no behavior change.
         ...tmpfsPostgresCredContent ? {
-          tmpfsMounts: [{ target: "/run/olam", size: 256 * 1024, mode: 448 }],
+          tmpfsMounts: [
+            {
+              target: "/run/olam",
+              size: 256 * 1024,
+              mode: 448,
+              uid: 999,
+              gid: 999
+            }
+          ],
           tmpfsCredentialWrites: [
             { path: "/run/olam/postgres.env", content: tmpfsPostgresCredContent }
           ]
@@ -33992,48 +34218,38 @@ ${detail}`);
         }
       }
     }
-    if (credentialsInjected.claude) {
-      try {
-        execSync5(`docker exec ${containerName} curl -sf -X POST http://localhost:8080/session/start-agent 2>/dev/null || true`, { stdio: "pipe", timeout: 45e3 });
-      } catch {
-      }
-      if (opts.task) {
-        let taskWithPolicies = opts.task;
+    if (opts.task) {
+      const allPolicies = repos.flatMap((repo) => {
+        const repoWorktree = path28.join(workspacePath, repo.name);
         try {
-          const allPolicies = repos.flatMap((repo) => {
-            const repoWorktree = path28.join(workspacePath, repo.name);
-            return loadPolicies(repoWorktree);
-          });
-          const seen = /* @__PURE__ */ new Set();
-          const uniquePolicies = allPolicies.filter((p) => {
-            if (seen.has(p.id))
-              return false;
-            seen.add(p.id);
-            return true;
-          });
-          if (uniquePolicies.length > 0) {
-            const brief = formatPoliciesBrief(uniquePolicies);
-            taskWithPolicies = `${brief}## Your task
-${opts.task}`;
-            execSync5(`docker exec ${containerName} mkdir -p /home/olam/.olam/policies`, { stdio: "pipe", timeout: 1e4 });
-            for (const repo of repos) {
-              const policiesDir = path28.join(workspacePath, repo.name, ".olam", "policies");
-              if (fs25.existsSync(policiesDir)) {
-                execSync5(`docker cp "${policiesDir}/." "${containerName}:/home/olam/.olam/policies/"`, { stdio: "pipe", timeout: 15e3 });
-              }
-            }
-          }
+          return loadPolicies(repoWorktree);
         } catch (err) {
           const msg = err instanceof Error ? err.message : String(err);
-          console.warn(`[world] policy injection failed (non-fatal): ${msg}`);
+          console.warn(`[world] policy load failed for ${repo.name} (non-fatal): ${msg}`);
+          return [];
         }
+      });
+      if (allPolicies.length > 0) {
         try {
-          const payload = JSON.stringify({ prompt: taskWithPolicies }).replace(/'/g, "'\\''");
-          execSync5(`docker exec ${containerName} curl -sf -X POST -H 'Content-Type: application/json' -d '${payload}' http://localhost:8080/dispatch 2>/dev/null || true`, { stdio: "pipe", timeout: 3e4 });
-          console.log("[world] Task auto-dispatched");
-        } catch {
+          execSync5(`docker exec ${containerName} mkdir -p /home/olam/.olam/policies`, { stdio: "pipe", timeout: 1e4 });
+          for (const repo of repos) {
+            const policiesDir = path28.join(workspacePath, repo.name, ".olam", "policies");
+            if (fs25.existsSync(policiesDir)) {
+              execSync5(`docker cp "${policiesDir}/." "${containerName}:/home/olam/.olam/policies/"`, { stdio: "pipe", timeout: 15e3 });
+            }
+          }
+        } catch (err) {
+          const msg = err instanceof Error ? err.message : String(err);
+          console.warn(`[world] policy copy failed (non-fatal): ${msg}`);
         }
       }
+      await autoDispatchTask({
+        containerName,
+        task: opts.task,
+        policies: allPolicies,
+        dockerExec: this.dockerExec,
+        formatPoliciesBrief
+      });
     }
     const controlPlanePort = 19080 + portOffset;
     const dashboardPort = controlPlanePort;
@@ -35856,6 +36072,7 @@ function loadProjectEnv(startDir = process.cwd()) {
 
 // ../mcp-server/src/index.ts
 async function main() {
+  assertBetterSqlite3Loadable();
   let ctx;
   let initError;
   try {

package/host-cp/src/plan-chat-secret.mjs

@@ -0,0 +1,92 @@
+// Bearer-secret management for plan-chat-service.mjs.
+//
+// Mirrors the agent-memory-service pattern from the sibling olam-agent-memory
+// repo: a single 0600 file at ~/.olam/plan-chat-secret holds the bearer
+// hex string. Helpers generate, read, and rotate atomically. Rotation
+// writes to a tmpfile and renames; mid-rotation reads see either the old
+// or new value, never a partial write.
+
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+import crypto from 'node:crypto';
+
+export const SECRET_DIR = path.join(os.homedir(), '.olam');
+export const SECRET_PATH = path.join(SECRET_DIR, 'plan-chat-secret');
+const SECRET_BYTES = 32; // 64 hex chars
+const SECRET_MODE = 0o600;
+
+/**
+ * Generate a fresh hex bearer (64 chars; 256 bits of entropy).
+ */
+export function generateSecret() {
+  return crypto.randomBytes(SECRET_BYTES).toString('hex');
+}
+
+/**
+ * Read the on-disk bearer. Returns null if absent. Throws on permission errors.
+ */
+export function readSecret(secretPath = SECRET_PATH) {
+  try {
+    const value = fs.readFileSync(secretPath, 'utf8').trim();
+    if (!value) return null;
+    return value;
+  } catch (err) {
+    if (err && typeof err === 'object' && 'code' in err && err.code === 'ENOENT') return null;
+    throw err;
+  }
+}
+
+/**
+ * Write the bearer to disk atomically. Creates `~/.olam` if missing. Enforces
+ * 0600 perms on the destination (older mode permissions on the tmpfile are
+ * tightened immediately after write).
+ */
+export function writeSecret(value, secretPath = SECRET_PATH) {
+  if (typeof value !== 'string' || value.length === 0) {
+    throw new Error('plan-chat-secret: refusing to write empty bearer');
+  }
+  fs.mkdirSync(path.dirname(secretPath), { recursive: true, mode: 0o700 });
+  const tmp = `${secretPath}.tmp-${process.pid}-${Date.now()}`;
+  fs.writeFileSync(tmp, value + '\n', { mode: SECRET_MODE });
+  try {
+    fs.chmodSync(tmp, SECRET_MODE);
+    fs.renameSync(tmp, secretPath);
+  } catch (err) {
+    try { fs.unlinkSync(tmp); } catch { /* swallow */ }
+    throw err;
+  }
+}
+
+/**
+ * Read the bearer if it exists, else generate, write, and return it.
+ * Idempotent across processes; first writer wins (rename is atomic).
+ */
+export function ensureSecret(secretPath = SECRET_PATH) {
+  const existing = readSecret(secretPath);
+  if (existing) return existing;
+  const fresh = generateSecret();
+  writeSecret(fresh, secretPath);
+  return fresh;
+}
+
+/**
+ * Rotate: generate a new bearer, write atomically, return the new value.
+ * Callers should restart any running plan-chat-service so it re-reads.
+ */
+export function rotateSecret(secretPath = SECRET_PATH) {
+  const fresh = generateSecret();
+  writeSecret(fresh, secretPath);
+  return fresh;
+}
+
+/**
+ * Constant-time compare. Returns true iff both strings are non-empty and
+ * byte-equal. Avoids leaking timing on bearer comparison.
+ */
+export function timingSafeEqual(a, b) {
+  if (typeof a !== 'string' || typeof b !== 'string') return false;
+  if (a.length === 0 || b.length === 0) return false;
+  if (a.length !== b.length) return false;
+  return crypto.timingSafeEqual(Buffer.from(a), Buffer.from(b));
+}