@pleri/olam-cli 0.1.148 → 0.1.151

package/dist/mcp-server.js

@@ -7090,7 +7090,7 @@ var require_compile = __commonJS({
       const schOrFunc = root.refs[ref];
       if (schOrFunc)
         return schOrFunc;
-      let _sch = resolve12.call(this, root, ref);
+      let _sch = resolve13.call(this, root, ref);
       if (_sch === void 0) {
         const schema = (_a3 = root.localRefs) === null || _a3 === void 0 ? void 0 : _a3[ref];
         const { schemaId } = this.opts;
@@ -7117,7 +7117,7 @@ var require_compile = __commonJS({
     function sameSchemaEnv(s1, s2) {
       return s1.schema === s2.schema && s1.root === s2.root && s1.baseId === s2.baseId;
     }
-    function resolve12(root, ref) {
+    function resolve13(root, ref) {
       let sch;
       while (typeof (sch = this.refs[ref]) == "string")
         ref = sch;
@@ -7692,7 +7692,7 @@ var require_fast_uri = __commonJS({
       }
       return uri;
     }
-    function resolve12(baseURI, relativeURI, options) {
+    function resolve13(baseURI, relativeURI, options) {
       const schemelessOptions = options ? Object.assign({ scheme: "null" }, options) : { scheme: "null" };
       const resolved = resolveComponent(parse4(baseURI, schemelessOptions), parse4(relativeURI, schemelessOptions), schemelessOptions, true);
       schemelessOptions.skipEscape = true;
@@ -7919,7 +7919,7 @@ var require_fast_uri = __commonJS({
     var fastUri = {
       SCHEMES,
       normalize,
-      resolve: resolve12,
+      resolve: resolve13,
       resolveComponent,
       equal,
       serialize,
@@ -12417,7 +12417,9 @@ var init_trust_audit_log = __esm({
       "auto-rejected",
       "failed",
       "removed",
-      "meta-hook-stripped"
+      "meta-hook-stripped",
+      "setup-skill-source-picked",
+      "setup-project-sweep-completed"
     ]);
     TrustMethodSchema = external_exports.enum(["flag", "interactive", "auto-reject-tty", "none"]);
     TrustAuditEntrySchema = external_exports.object({
@@ -13797,7 +13799,7 @@ function defaultIsPidAlive(pid) {
   }
 }
 function sleep3(ms) {
-  return new Promise((resolve12) => setTimeout(resolve12, ms));
+  return new Promise((resolve13) => setTimeout(resolve13, ms));
 }
 function readLockMeta(lockPath) {
   try {
@@ -13928,7 +13930,7 @@ function defaultIsPidAlive2(pid) {
   }
 }
 function sleep4(ms) {
-  return new Promise((resolve12) => setTimeout(resolve12, ms));
+  return new Promise((resolve13) => setTimeout(resolve13, ms));
 }
 function readLockMeta2(lockPath) {
   try {
@@ -22075,12 +22077,12 @@ var StdioServerTransport = class {
     this.onclose?.();
   }
   send(message) {
-    return new Promise((resolve12) => {
+    return new Promise((resolve13) => {
       const json = serializeMessage(message);
       if (this._stdout.write(json)) {
-        resolve12();
+        resolve13();
       } else {
-        this._stdout.once("drain", resolve12);
+        this._stdout.once("drain", resolve13);
       }
     });
   }
@@ -24117,7 +24119,7 @@ var Protocol = class {
           return;
         }
         const pollInterval = task2.pollInterval ?? this._options?.defaultTaskPollInterval ?? 1e3;
-        await new Promise((resolve12) => setTimeout(resolve12, pollInterval));
+        await new Promise((resolve13) => setTimeout(resolve13, pollInterval));
         options?.signal?.throwIfAborted();
       }
     } catch (error2) {
@@ -24134,7 +24136,7 @@ var Protocol = class {
    */
   request(request2, resultSchema, options) {
     const { relatedRequestId, resumptionToken, onresumptiontoken, task, relatedTask } = options ?? {};
-    return new Promise((resolve12, reject2) => {
+    return new Promise((resolve13, reject2) => {
       const earlyReject = (error2) => {
         reject2(error2);
       };
@@ -24212,7 +24214,7 @@ var Protocol = class {
           if (!parseResult.success) {
             reject2(parseResult.error);
           } else {
-            resolve12(parseResult.data);
+            resolve13(parseResult.data);
           }
         } catch (error2) {
           reject2(error2);
@@ -24473,12 +24475,12 @@ var Protocol = class {
       }
     } catch {
     }
-    return new Promise((resolve12, reject2) => {
+    return new Promise((resolve13, reject2) => {
       if (signal.aborted) {
         reject2(new McpError(ErrorCode.InvalidRequest, "Request cancelled"));
         return;
       }
-      const timeoutId = setTimeout(resolve12, interval);
+      const timeoutId = setTimeout(resolve13, interval);
       signal.addEventListener("abort", () => {
         clearTimeout(timeoutId);
         reject2(new McpError(ErrorCode.InvalidRequest, "Request cancelled"));
@@ -25578,7 +25580,7 @@ var McpServer = class {
     let task = createTaskResult.task;
     const pollInterval = task.pollInterval ?? 5e3;
     while (task.status !== "completed" && task.status !== "failed" && task.status !== "cancelled") {
-      await new Promise((resolve12) => setTimeout(resolve12, pollInterval));
+      await new Promise((resolve13) => setTimeout(resolve13, pollInterval));
       const updatedTask = await extra.taskStore.getTask(taskId);
       if (!updatedTask) {
         throw new McpError(ErrorCode.InternalError, `Task ${taskId} not found during polling`);
@@ -26543,7 +26545,7 @@ async function safeText(res) {
   }
 }
 function sleep(ms) {
-  return new Promise((resolve12) => setTimeout(resolve12, ms));
+  return new Promise((resolve13) => setTimeout(resolve13, ms));
 }
 
 // ../core/dist/auth/container.js
@@ -26675,7 +26677,7 @@ function resolveAuthServicePath() {
   return path3.join(pkgsDir, "auth-service");
 }
 function sleep2(ms) {
-  return new Promise((resolve12) => setTimeout(resolve12, ms));
+  return new Promise((resolve13) => setTimeout(resolve13, ms));
 }
 
 // ../core/dist/auth/preflight.js
@@ -27862,6 +27864,7 @@ import Dockerode from "dockerode";
 import * as fs7 from "node:fs";
 import * as os5 from "node:os";
 import * as path8 from "node:path";
+import { fileURLToPath as fileURLToPath2 } from "node:url";
 
 // ../adapters/dist/docker/network.js
 var NETWORK_PREFIX = "olam-";
@@ -27919,7 +27922,7 @@ var realDocker = {
   }
 };
 function spawnAsync(cmd, args, opts = {}) {
-  return new Promise((resolve12) => {
+  return new Promise((resolve13) => {
     const child = spawn(cmd, [...args], {
       stdio: ["ignore", "pipe", "pipe"],
       signal: opts.signal
@@ -27933,10 +27936,10 @@ function spawnAsync(cmd, args, opts = {}) {
       stderr += chunk.toString();
     });
     child.on("error", (err) => {
-      resolve12({ exitCode: -1, stdout, stderr: stderr + err.message });
+      resolve13({ exitCode: -1, stdout, stderr: stderr + err.message });
     });
     child.on("close", (code) => {
-      resolve12({ exitCode: code ?? -1, stdout, stderr });
+      resolve13({ exitCode: code ?? -1, stdout, stderr });
     });
   });
 }
@@ -28066,6 +28069,19 @@ function resolveMemoryEnv() {
     return null;
   return { url: AGENTMEMORY_HOST_INTERNAL_URL, secret };
 }
+function resolveAgentStreamDistPath() {
+  if (process.env["OLAM_DEV"] !== "1")
+    return null;
+  const here = fileURLToPath2(import.meta.url);
+  const repoRoot = path8.resolve(path8.dirname(here), "..", "..", "..", "..");
+  if (!fs7.existsSync(path8.join(repoRoot, "packages")) || !fs7.existsSync(path8.join(repoRoot, "package.json"))) {
+    return null;
+  }
+  const distPath = path8.join(repoRoot, "packages", "intelligence", "dist", "agent-stream");
+  if (!fs7.existsSync(distPath))
+    return null;
+  return distPath;
+}
 function sanitizeContainerName(name) {
   return name.replace(/[^a-zA-Z0-9_.-]/g, "-");
 }
@@ -28191,7 +28207,7 @@ async function auditPortsForZombies(docker, hostPorts) {
     }
   }
 }
-var createWorldContainer = async (docker, worldId, worldName, image, env, resources, workspacePath, portOffset, appPorts, cacheArch, tmpfsMounts) => {
+var createWorldContainer = async (docker, worldId, worldName, image, env, resources, workspacePath, portOffset, appPorts, cacheArch, tmpfsMounts, agentStreamDistPath) => {
   const labels = olamLabels(worldId, worldName);
   const authSecret = readAuthSecret();
   const hostCpToken = readHostCpToken();
@@ -28238,6 +28254,10 @@ var createWorldContainer = async (docker, worldId, worldName, image, env, resour
     // OLAM_WORKSPACES KV; docker's is this tmpfs mount.
     `${hostWorkspacesDir}:/host-workspaces:ro`
   ];
+  const resolvedAgentStreamPath = agentStreamDistPath ?? resolveAgentStreamDistPath();
+  if (resolvedAgentStreamPath) {
+    binds.push(`${resolvedAgentStreamPath}:/opt/olam/agent-stream/dist:ro`);
+  }
   binds.push(...buildPackageManagerCacheBinds(olamHomeDir));
   if (workspacePath) {
     binds.push(`${workspacePath}:/home/olam/workspace:rw`);
@@ -28358,7 +28378,7 @@ var stopAndRemove = async (container) => {
 
 // ../adapters/dist/docker/exec.js
 import { PassThrough } from "node:stream";
-var demuxStream = (stream) => new Promise((resolve12, reject2) => {
+var demuxStream = (stream) => new Promise((resolve13, reject2) => {
   const stdoutChunks = [];
   const stderrChunks = [];
   const stdout = new PassThrough();
@@ -28372,7 +28392,7 @@ var demuxStream = (stream) => new Promise((resolve12, reject2) => {
     stream.pipe(stdout);
   }
   stream.on("end", () => {
-    resolve12({
+    resolve13({
       stdout: Buffer.concat(stdoutChunks).toString("utf-8"),
       stderr: Buffer.concat(stderrChunks).toString("utf-8")
     });
@@ -28561,7 +28581,7 @@ var DockerProvider = class extends ComputeProvider {
       }
     }
     const mergedEnv = { ...serviceEnv, ...config2.env };
-    const container = await createWorldContainer(this.docker, id, name, config2.image, mergedEnv, config2.resources, config2.workspacePath, config2.portOffset, config2.appPorts, config2.cacheArch, config2.tmpfsMounts);
+    const container = await createWorldContainer(this.docker, id, name, config2.image, mergedEnv, config2.resources, config2.workspacePath, config2.portOffset, config2.appPorts, config2.cacheArch, config2.tmpfsMounts, config2.agentStreamDistPath);
     for (const networkName3 of config2.extraNetworks ?? []) {
       try {
         const network = this.docker.getNetwork(networkName3);
@@ -28745,7 +28765,7 @@ var SSHConnectionPool = class {
   // -----------------------------------------------------------------------
   async exec(host, command) {
     const client = await this.getConnection(host);
-    return new Promise((resolve12, reject2) => {
+    return new Promise((resolve13, reject2) => {
       client.exec(command, (err, stream) => {
         if (err) {
           reject2(new Error(`SSH exec failed on ${host}: ${err.message}`));
@@ -28760,7 +28780,7 @@ var SSHConnectionPool = class {
           stderr += data.toString();
         });
         stream.on("close", (code) => {
-          resolve12({
+          resolve13({
             exitCode: code ?? 0,
             stdout: stdout.trimEnd(),
             stderr: stderr.trimEnd()
@@ -28791,10 +28811,10 @@ var SSHConnectionPool = class {
       throw new Error(`No SSH configuration found for host: ${host}`);
     }
     const client = new SSHClient();
-    return new Promise((resolve12, reject2) => {
+    return new Promise((resolve13, reject2) => {
       client.on("ready", () => {
         this.connections.set(host, client);
-        resolve12(client);
+        resolve13(client);
       }).on("error", (err) => {
         this.connections.delete(host);
         reject2(new Error(`SSH connection to ${host} failed: ${err.message}`));
@@ -29774,7 +29794,7 @@ function register6(server, ctx, initError) {
                 }
               } catch {
               }
-              await new Promise((resolve12) => setTimeout(resolve12, POLL_INTERVAL_MS));
+              await new Promise((resolve13) => setTimeout(resolve13, POLL_INTERVAL_MS));
             }
           }
           if (authenticated) {
@@ -31675,7 +31695,7 @@ import { createServer as createServer2 } from "node:http";
 import { request as httpRequest } from "node:http";
 import { request as httpsRequest } from "node:https";
 import { connect as netConnect } from "node:net";
-import { dirname as dirname7 } from "node:path";
+import { dirname as dirname8 } from "node:path";
 import { userInfo } from "node:os";
 
 // ../mcp-server/src/tools/_capture/token.ts
@@ -32026,15 +32046,15 @@ ${JSON.stringify({ error: reason })}`
       unlinkSync2(udsPath);
     } catch {
     }
-    await new Promise((resolve12, reject2) => {
-      server.listen(udsPath, () => resolve12());
+    await new Promise((resolve13, reject2) => {
+      server.listen(udsPath, () => resolve13());
       server.once("error", reject2);
     });
     chmodSync3(udsPath, 384);
     port2 = 0;
   } else {
-    await new Promise((resolve12, reject2) => {
-      server.listen(opts.port ?? 0, "127.0.0.1", () => resolve12());
+    await new Promise((resolve13, reject2) => {
+      server.listen(opts.port ?? 0, "127.0.0.1", () => resolve13());
       server.once("error", reject2);
     });
     const addr = server.address();
@@ -32050,10 +32070,10 @@ ${JSON.stringify({ error: reason })}`
     } catch {
     }
     await Promise.race([
-      new Promise((resolve12, reject2) => {
-        server.close((err) => err ? reject2(err) : resolve12());
+      new Promise((resolve13, reject2) => {
+        server.close((err) => err ? reject2(err) : resolve13());
       }),
-      new Promise((resolve12) => setTimeout(resolve12, 5e3))
+      new Promise((resolve13) => setTimeout(resolve13, 5e3))
     ]);
     if (udsPath) {
       try {
@@ -32077,7 +32097,7 @@ ${JSON.stringify({ error: reason })}`
   };
 }
 function ensureUdsParentDirSafe(udsPath) {
-  const parent = dirname7(udsPath);
+  const parent = dirname8(udsPath);
   if (!parent || parent === udsPath || parent === ".") {
     throw new Error(
       `uds_parent_path_invalid: bindUdsPath "${udsPath}" has no manageable parent directory`
@@ -32385,10 +32405,10 @@ async function acquireLaunchSlot() {
     _inFlightLaunches++;
     return releaseLaunchSlot;
   }
-  return new Promise((resolve12) => {
+  return new Promise((resolve13) => {
     _launchQueue.push(() => {
       _inFlightLaunches++;
-      resolve12(releaseLaunchSlot);
+      resolve13(releaseLaunchSlot);
     });
   });
 }
@@ -34923,7 +34943,7 @@ import * as path35 from "node:path";
 
 // ../core/dist/kg/storage-paths.js
 import { homedir as homedir22 } from "node:os";
-import { join as join35, resolve as resolve7 } from "node:path";
+import { join as join35, resolve as resolve8 } from "node:path";
 
 // ../core/dist/world/workspace-name.js
 var InvalidWorkspaceNameError = class extends Error {
@@ -34960,7 +34980,7 @@ function assertWithinPrefix(path46, prefix, label) {
 function kgPristinePath(workspace) {
   validateWorkspaceName(workspace);
   const root = kgRoot();
-  const path46 = resolve7(join35(root, workspace));
+  const path46 = resolve8(join35(root, workspace));
   assertWithinPrefix(path46, root, "kgPristinePath");
   return path46;
 }
@@ -35346,7 +35366,7 @@ import * as path37 from "node:path";
 // ../core/dist/world/templates/_generated.js
 var GH_PR_CREATE = '# Creating PRs from inside an Olam world\n\n## The problem\n\nCalling `gh pr create` directly inside an Olam container **hangs forever** on a\nTTY confirmation prompt that the agent cannot answer. This is a known, reproduced issue.\n\n## The fix\n\nAlways use this exact pattern:\n\n```bash\necho y | timeout 30 gh pr create \\\n  --base main \\\n  --head <branch> \\\n  --title "<title>" \\\n  --body-file /tmp/pr-body.md\n```\n\n## Why each part matters\n\n- **`echo y |`** \u2014 answers the "Submit?" confirmation prompt up front so `gh` never pauses.\n- **`timeout 30`** \u2014 hard deadline. If `gh` hangs anyway, the command exits non-zero so the\n  agent can react instead of stalling the world indefinitely.\n- **`--body-file /tmp/pr-body.md`** \u2014 write the PR body to a temp file first. Avoids\n  shell-escaping bugs that occur with `--body "..."` for long or multi-line bodies.\n- **`--head` and `--base` explicitly** \u2014 removes all interactive prompts; `gh` has nothing to ask.\n\n## Troubleshooting\n\n**"no commits" or "branch not found" error:**\n\n```bash\ngit push -u origin <branch>\n# then retry:\necho y | timeout 30 gh pr create --base main --head <branch> --title "..." --body-file /tmp/pr-body.md\n```\n\n**Timeout exceeded (command exits 124):**\n\n- Check if the branch was pushed: `git log origin/<branch> --oneline -1`\n- Check GitHub CLI auth: `gh auth status`\n- Retry once; if it hangs again, open the PR via the GitHub web UI.\n';
 var LANE_ORCHESTRATION = '# Lane Orchestration\n\nOlam worlds support parallel work via **lanes** \u2014 independent Claude Code sessions\nrunning in isolated git worktrees inside the same container.\n\nUse lanes when a task has 2+ independent scopes that can work simultaneously\nwithout file conflicts.\n\n## Container API\n\nBase URL: `http://localhost:8080`\n\n### Create a lane\n\n```bash\ncurl -s -X POST \\\n  -H \'Content-Type: application/json\' \\\n  -d \'{"name":"auth-fix","task":"Fix auth bugs","scope":["src/auth/**"],"avoids":["tests/**"]}\' \\\n  http://localhost:8080/lanes/create\n```\n\n### List lanes\n\n```bash\ncurl -s http://localhost:8080/lanes\n```\n\n### Dispatch a prompt to a lane\n\n```bash\ncurl -s -X POST \\\n  -H \'Content-Type: application/json\' \\\n  -d \'{"prompt":"Start by reviewing..."}\' \\\n  http://localhost:8080/lanes/auth-fix/dispatch\n```\n\n### Check lane status\n\n```bash\ncurl -s http://localhost:8080/lanes/auth-fix\n```\n\n### Merge a lane\n\n```bash\ncurl -s -X POST http://localhost:8080/lanes/auth-fix/merge\n```\n\n### Destroy a lane\n\n```bash\ncurl -s -X DELETE http://localhost:8080/lanes/auth-fix\n```\n\n## When to use lanes\n\n- Task has 2+ independent scopes (different directories/modules)\n- Work can be done simultaneously without file conflicts\n- Estimated effort > ~30 tool calls per scope\n\n## When NOT to use lanes\n\n- Simple tasks touching few files\n- Sequential work where each step depends on the previous\n- Everything is in one directory\n\n## Orchestration workflow\n\n1. Analyze the task \u2014 identify independent work streams\n2. Create lanes with non-overlapping scope globs\n3. Dispatch initial prompts to each lane\n4. **Monitor progress** \u2014 poll lane status every 30 seconds:\n   ```bash\n   while true; do\n     STATUS=$(curl -s http://localhost:8080/lanes)\n     RUNNING=$(echo "$STATUS" | jq \'[.lanes[] | select(.status == "running")] | length\')\n     echo "Running lanes: $RUNNING"\n     if [ "$RUNNING" = "0" ]; then echo "All lanes complete!"; break; fi\n     sleep 30\n   done\n   ```\n5. **When a lane completes** (status is "completed" or no longer "running"):\n   - Check its output: `curl -s http://localhost:8080/lanes/<name>`\n   - If satisfactory, merge it: `curl -s -X POST http://localhost:8080/lanes/<name>/merge`\n   - The merge automatically triggers a Codex adversarial review\n6. **After ALL lanes are merged**:\n   - Run tests: `npm test` or equivalent\n   - Review combined changes: `git diff main...HEAD --stat`\n   - Create a PR: see `~/.olam/docs/gh-pr-create.md`\n7. Clean up: `curl -s -X DELETE http://localhost:8080/lanes/<name>`\n\n## Act on completion immediately\n\nWhen all lanes are done, immediately start merging and creating the PR.\nDo not wait for the user to tell you to merge. The workflow is:\n**lanes complete \u2192 merge each \u2192 run tests \u2192 create PR \u2192 report to user.**\n';
-var WORLD_CLAUDE_MD = '# Olam World: {{worldName}}\n\n{{taskBlock}}\n\n## Environment\n- World ID: {{worldId}}\n- Branch: {{branch}}{{servicesLine}}{{pleriPlaneLine}}\n\n## Repos in this World\n{{reposList}}\n\n{{planFileBlock}}## Instructions\n1. Work on the task described above\n2. Write tests first (TDD)\n3. Commit frequently to the world branch\n4. When done, push and the work will be available for review\n5. Your `AskUserQuestion` calls are intercepted and surfaced to the operator\'s host CP automatically. The operator answers in the SPA; claude resumes when keys are injected.\n\n## Sandbox & network \u2014 what is actually true\n\nThe olam-devbox container has FULL outbound internet. Confirm any time:\n\n```bash\ncurl -sI https://registry.npmjs.org/  # \u2192 HTTP 200\ncurl -sI https://github.com/         # \u2192 HTTP 200\n```\n\nRules:\n\n- **Never claim "the sandbox blocks X" without proving it.** Capture the actual `npm install` / `curl` error verbatim. A flaky postinstall is not a network block.\n- **Retry transient failures at least once** before falling back to a manual workaround. `npm install <pkg>` flakes happen; one retry catches >90%.\n- **If you genuinely need a workaround**, say so explicitly with the error message and the retry count, NOT "sandbox network blocked it." Truthful attribution = trustable telemetry.\n- **Playwright `chromium` downloads ~140 MB** from playwright.azureedge.net. Disk-space failures (not network) are the usual cause. Check `df -h` before blaming the network.\n\n## Halt semantics \u2014 when to stop and surface\n\nStop and call `AskUserQuestion` (which surfaces in the host CP) when you hit:\n\n- **Halt-N (new pattern)**: a new dep family, framework, or architectural pattern not in the existing codebase. Don\'t silently adopt it \u2014 surface the choice.\n- **Halt-B (business deal-breaker)**: a breaking constraint that makes the task\'s goal unsatisfiable as stated. Surface the conflict; let the operator re-scope.\n- **Halt-C (complexity blowup)**: the diff is exceeding 1.5x of what the task implied. Surface for re-scoping before continuing.\n\nDon\'t halt on every uncertainty \u2014 only on these three classes. Style/naming/error-handling choices are non-load-bearing; pick the simplest option that works and continue.\n\n## Lane Orchestration (advanced \u2014 read on demand)\n\nThis world supports parallel work lanes via the container API at http://localhost:8080.\nUse only when the task has 2+ independent scopes that can run simultaneously.\n\n**Full lane API + workflow**: see `~/.olam/docs/lane-orchestration.md` (mounted into the world).\n\n## Creating PRs from inside this world\n\n`gh pr create` hangs on a TTY prompt inside the container. Always use:\n\n```bash\necho y | timeout 30 gh pr create --base main --head <branch> --title "..." --body-file /tmp/pr-body.md\n```\n\n**Why + full troubleshooting**: see `~/.olam/docs/gh-pr-create.md`.\n\n## Available Skills & Plugins\n\nYour Claude Code session includes the invoker\'s plugins, rules, and skills.\nThese are copied from the host at world creation time.\nUse `/codex:review` or `/codex:adversarial-review` for code reviews.\nUse `/codex:rescue` to delegate tasks to Codex.\n{{extraContextBlock}}';
+var WORLD_CLAUDE_MD = '# Olam World: {{worldName}}\n\n{{taskBlock}}\n\n## Environment\n- World ID: {{worldId}}\n- Branch: {{branch}}{{servicesLine}}{{pleriPlaneLine}}\n\n## Repos in this World\n{{reposList}}\n\n{{planFileBlock}}## Instructions\n1. Work on the task described above\n2. Write tests first (TDD)\n3. Commit frequently to the world branch\n4. When done, push and the work will be available for review\n5. Your `AskUserQuestion` calls are intercepted and surfaced to the operator\'s host CP automatically. The operator answers in the SPA; claude resumes when keys are injected.\n\n## Sandbox & network \u2014 what is actually true\n\nThe olam-devbox container has FULL outbound internet. Confirm any time:\n\n```bash\ncurl -sI https://registry.npmjs.org/  # \u2192 HTTP 200\ncurl -sI https://github.com/         # \u2192 HTTP 200\n```\n\nRules:\n\n- **Never claim "the sandbox blocks X" without proving it.** Capture the actual `npm install` / `curl` error verbatim. A flaky postinstall is not a network block.\n- **Retry transient failures at least once** before falling back to a manual workaround. `npm install <pkg>` flakes happen; one retry catches >90%.\n- **If you genuinely need a workaround**, say so explicitly with the error message and the retry count, NOT "sandbox network blocked it." Truthful attribution = trustable telemetry.\n- **Playwright `chromium` downloads ~140 MB** from playwright.azureedge.net. Disk-space failures (not network) are the usual cause. Check `df -h` before blaming the network.\n\n## Halt semantics \u2014 when to stop and surface\n\nStop and call `AskUserQuestion` (which surfaces in the host CP) when you hit:\n\n- **Halt-N (new pattern)**: a new dep family, framework, or architectural pattern not in the existing codebase. Don\'t silently adopt it \u2014 surface the choice.\n- **Halt-B (business deal-breaker)**: a breaking constraint that makes the task\'s goal unsatisfiable as stated. Surface the conflict; let the operator re-scope.\n- **Halt-C (complexity blowup)**: the diff is exceeding 1.5x of what the task implied. Surface for re-scoping before continuing.\n\nDon\'t halt on every uncertainty \u2014 only on these three classes. Style/naming/error-handling choices are non-load-bearing; pick the simplest option that works and continue.\n\n## Session continuation discipline\n\n**Never ask the operator to sleep, pause, take a break, stop, or close out a\nsession.** Session continuity \u2014 fatigue, time-of-day, when-to-rest \u2014 is managed\noutside the agent. It is not the agent\'s call. No "this might be a good\nstopping point", no "want to pick this up tomorrow", no "you\'ve been at this a\nwhile" framings, no fatigue-flavoured suggestions.\n\n**Respect autonomous / auto-advancing intent at all times.** When the operator\nsays "continue", "push on", "autonomous", "keep going", or has set\n`autonomous: true` on a plan, honour it without re-prompting for confirmation\ngates. Push hard until the work is done OR a real concern surfaces \u2014 do not\nsilently raise the bar for "real concern" to manufacture a pause.\n\n**Real concerns are technical, not energy/time-based.** Surface Halt-N, Halt-B,\nHalt-C (above), or a load-bearing blocker requiring operator decision\n(credentials, ambiguous intent, external-system failure, contradictory\nrequirements). Frame each surfacing in terms of the technical issue. Never in\nterms of the operator\'s energy, attention, or available time.\n\n## Lane Orchestration (advanced \u2014 read on demand)\n\nThis world supports parallel work lanes via the container API at http://localhost:8080.\nUse only when the task has 2+ independent scopes that can run simultaneously.\n\n**Full lane API + workflow**: see `~/.olam/docs/lane-orchestration.md` (mounted into the world).\n\n## Creating PRs from inside this world\n\n`gh pr create` hangs on a TTY prompt inside the container. Always use:\n\n```bash\necho y | timeout 30 gh pr create --base main --head <branch> --title "..." --body-file /tmp/pr-body.md\n```\n\n**Why + full troubleshooting**: see `~/.olam/docs/gh-pr-create.md`.\n\n## Available Skills & Plugins\n\nYour Claude Code session includes the invoker\'s plugins, rules, and skills.\nThese are copied from the host at world creation time.\nUse `/codex:review` or `/codex:adversarial-review` for code reviews.\nUse `/codex:rescue` to delegate tasks to Codex.\n{{extraContextBlock}}';
 
 // ../core/dist/world/context-injection.js
 function injectWorldContext(opts) {
@@ -36688,7 +36708,7 @@ var TaskDispatchError = class extends Error {
     this.name = "TaskDispatchError";
   }
 };
-var DEFAULT_SLEEP = (ms) => new Promise((resolve12) => setTimeout(resolve12, ms));
+var DEFAULT_SLEEP = (ms) => new Promise((resolve13) => setTimeout(resolve13, ms));
 async function probeHealth(containerName, dockerExec, budgetMs, sleep5) {
   const deadline = Date.now() + budgetMs;
   const cadenceMs = 100;
@@ -37892,7 +37912,13 @@ ${detail}`);
         // also pin the mise-cache to x64 so the amd64 container doesn't
         // mount the host's arm64 cache. undefined => provider keys by
         // host process.arch (the pre-existing default).
-        ...cacheArchOverride ? { cacheArch: cacheArchOverride } : {}
+        ...cacheArchOverride ? { cacheArch: cacheArchOverride } : {},
+        // Phase C C2 (olam-world-bundle-freshness): thread the CLI-resolved
+        // agent-stream dist path into WorldConfig so the docker provider's
+        // createWorldContainer uses it directly instead of re-deriving it
+        // internally. Undefined = container.ts falls back to Phase B's
+        // internal source-mode detection (backward compat).
+        ...opts.agentStreamDistPath ? { agentStreamDistPath: opts.agentStreamDistPath } : {}
       });
     } catch (err) {
       try {
@@ -38767,7 +38793,7 @@ import * as http2 from "node:http";
 import * as http from "node:http";
 import * as fs44 from "node:fs";
 import * as path44 from "node:path";
-import { fileURLToPath as fileURLToPath2 } from "node:url";
+import { fileURLToPath as fileURLToPath3 } from "node:url";
 
 // ../core/dist/dashboard/serialize.js
 function serializeTokenUsage(usage) {
@@ -39272,7 +39298,7 @@ function findSessionInWorld(registry2, sessionId) {
 }
 function createDashboardServer(opts) {
   const { port: port2, registry: registry2 } = opts;
-  const thisDir = path44.dirname(fileURLToPath2(import.meta.url));
+  const thisDir = path44.dirname(fileURLToPath3(import.meta.url));
   const defaultPublicDir = path44.resolve(thisDir, "../../../control-plane/public");
   const publicDir = opts.publicDir ?? defaultPublicDir;
   let hasPublicDir = fs44.existsSync(publicDir);
@@ -39624,7 +39650,7 @@ function isCloudflaredAvailable() {
   }
 }
 function startTunnel(port2) {
-  return new Promise((resolve12, reject2) => {
+  return new Promise((resolve13, reject2) => {
     const child = spawn3("cloudflared", ["tunnel", "--url", `http://localhost:${port2}`], {
       stdio: ["ignore", "pipe", "pipe"],
       detached: false
@@ -39646,7 +39672,7 @@ function startTunnel(port2) {
       if (match) {
         resolved = true;
         clearTimeout(timeout);
-        resolve12(match[0]);
+        resolve13(match[0]);
       }
     }
     child.stdout?.on("data", scan);
@@ -39714,8 +39740,8 @@ var DashboardManager = class {
       }
       throw err;
     }
-    await new Promise((resolve12, reject2) => {
-      this.server.on("listening", resolve12);
+    await new Promise((resolve13, reject2) => {
+      this.server.on("listening", resolve13);
       this.server.on("error", reject2);
     });
     this.info = { localUrl: `http://localhost:${port2}` };
@@ -39761,8 +39787,8 @@ var DashboardManager = class {
   async stop() {
     stopTunnel();
     if (this.server) {
-      await new Promise((resolve12) => {
-        this.server.close(() => resolve12());
+      await new Promise((resolve13) => {
+        this.server.close(() => resolve13());
       });
       this.server = null;
     }
@@ -39876,7 +39902,7 @@ var PleriClient = class {
 
 // ../mcp-server/src/env-loader.ts
 import { readFileSync as readFileSync33, existsSync as existsSync42, statSync as statSync12 } from "node:fs";
-import { join as join46, dirname as dirname27, resolve as resolve11 } from "node:path";
+import { join as join46, dirname as dirname28, resolve as resolve12 } from "node:path";
 var PROJECT_MARKERS = [
   ".olam/config.yaml",
   ".olam/config.yml",
@@ -39884,8 +39910,8 @@ var PROJECT_MARKERS = [
   "olam.yml"
 ];
 function findProjectRoot2(startDir) {
-  let dir = resolve11(startDir);
-  const root = resolve11("/");
+  let dir = resolve12(startDir);
+  const root = resolve12("/");
   while (true) {
     for (const marker of PROJECT_MARKERS) {
       if (existsSync42(join46(dir, marker))) return dir;
@@ -39900,7 +39926,7 @@ function findProjectRoot2(startDir) {
       } catch {
       }
     }
-    const parent = dirname27(dir);
+    const parent = dirname28(dir);
     if (parent === dir || parent === root) return null;
     dir = parent;
   }

package/host-cp/compose.yaml

@@ -139,6 +139,12 @@ services:
       # Pointing to /data/ routes all writes through the bind-mount to the host.
       OLAM_PLAN_DB_PATH: "/data/plan.db"
       OLAM_PLAN_DIR: "/data/plan"
+      # Same /root vs /data bind-mount issue applies to the plan-chat bearer
+      # gateway. Without this override, plan-chat-secret.mjs reads from
+      # /root/.olam/plan-chat-secret (container ephemeral, missing) and
+      # /agent-runtime/trigger answers HTTP 500. Routing through /data
+      # surfaces the on-disk bearer created by ensureSecret() on host FS.
+      OLAM_PLAN_CHAT_SECRET_PATH: "/data/plan-chat-secret"
     volumes:
       # ~/.olam/ from operator's home → /data/ inside container. B4
       # writes the startup token here (chmod 600). B6 reads workspaces

package/host-cp/k8s/manifests/30-configmap.yaml

@@ -24,6 +24,12 @@ data:
   OLAM_WORLDS_DB: "/data/worlds.db"
   OLAM_PLAN_DB_PATH: "/data/plan.db"
   OLAM_PLAN_DIR: "/data/plan"
+  # Same /data routing for the plan-chat bearer gateway. K8s pod runs as
+  # UID 1000 with readOnlyRootFilesystem: true, so the bearer file CAN
+  # NEVER be created under /home/node/.olam even with mkdir-recursive —
+  # the env override is mandatory here, not optional. Bind-mounted /data
+  # is the writable PVC.
+  OLAM_PLAN_CHAT_SECRET_PATH: "/data/plan-chat-secret"
   # Tunable defaults.
   OLAM_SECRET_CACHE_TTL_SEC: "300"
   OLAM_PR_POLL_INTERVAL_MS: "300000"

package/host-cp/k8s/manifests/50-deployment.yaml

@@ -18,20 +18,30 @@
 #     before the main container starts, granting UID-1000 write access on the
 #     freshly-provisioned PV. fsGroup alone is insufficient for hostPath volumes.
 #
-#   gh-config (/gh-config) and operator-repo (/operator-repo) remain hostPath
-#   volumes that resolve to paths inside the k3d node container.
-#   OPERATORS MUST pass these volume mounts when creating the k3d cluster:
+#   docker-sock (/var/run/docker.sock): hostPath volume — the operator must
+#     bind the host docker socket into the k3d node container when creating
+#     the cluster (Decision #3 — direct hostPath mount, not docker-socket-proxy):
 #
 #     k3d cluster create olam-host \
+#       --volume /var/run/docker.sock:/var/run/docker.sock@server:* \
 #       --volume ~/.config/gh:/host/.config/gh \
 #       --volume <olam-repo-root>:/host/olam \
 #       --wait --timeout 90s
 #
-#   Without these flags the gh-config and operator-repo mounts will be empty
-#   (the paths exist inside the node container but contain no data from the
-#   operator's host). The pod will still start — features that depend on GitHub
-#   auth or the operator repo will fail gracefully. The Phase D install guide
-#   surfaces this requirement prominently.
+#     An init container (socket-perm) runs `chmod 666 /var/run/docker.sock` as
+#     root BEFORE the main container starts. This grants the non-root main
+#     container (UID 1000) read+write access to the daemon socket.
+#     Deliberate platform-permission concession — see Decision #15:
+#     init container as root is the only way to grant non-root main container
+#     socket access without bake-time UID alignment on a single-tenant machine.
+#
+#   gh-config (/gh-config) and operator-repo (/operator-repo) remain hostPath
+#   volumes that resolve to paths inside the k3d node container.
+#   OPERATORS MUST pass these volume mounts when creating the k3d cluster (see
+#   the k3d command above). Without these flags the gh-config and operator-repo
+#   mounts will be empty. The pod will still start — features that depend on
+#   GitHub auth or the operator repo will fail gracefully. The Phase D install
+#   guide surfaces this requirement prominently.
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -78,9 +88,26 @@ spec:
           volumeMounts:
             - name: olam-home
               mountPath: /data
+        - name: socket-perm
+          # busybox:1.36 — same sha256-pinned image as chown-data above.
+          # Deliberate platform-permission concession — see Decision #15.
+          # Runs as root to chmod the docker socket before the non-root main
+          # container starts. 666 (world-rw) is intentional on a single-tenant
+          # operator machine: UID 1000 must write to a root-owned socket without
+          # UID alignment at image build time.
+          image: busybox@sha256:73aaf090f3d85aa34ee199857f03fa3a95c8ede2ffd4cc2cdb5b94e566b11662
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            runAsUser: 0
+            runAsNonRoot: false
+            allowPrivilegeEscalation: false
+          command: ["sh", "-c", "chmod 666 /var/run/docker.sock"]
+          volumeMounts:
+            - name: docker-sock
+              mountPath: /var/run/docker.sock
       containers:
         - name: olam-host-cp
-          image: ghcr.io/pleri/olam-host-cp@sha256:513b16e1c36c96f4a03b431445da45cabf83c85b5761d1c93fab684a13c7354b
+          image: ghcr.io/pleri/olam-host-cp@sha256:fb5af6e69c63ac1d2a20d6a070e5eae534e948ec2502e5fd3d24640197952208
           imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true
@@ -109,6 +136,8 @@ spec:
               readOnly: true
             - name: tmp
               mountPath: /tmp
+            - name: docker-sock
+              mountPath: /var/run/docker.sock
           readinessProbe:
             httpGet:
               path: /api/version/status
@@ -146,3 +175,11 @@ spec:
             type: DirectoryOrCreate
         - name: tmp
           emptyDir: {}
+        - name: docker-sock
+          # D4 — Direct hostPath docker socket mount (Decision #3, architecture a2).
+          # The operator must bind the host docker socket into the k3d node when
+          # creating the cluster: --volume /var/run/docker.sock:/var/run/docker.sock@server:*
+          # Without this bind-mount the socket path exists inside the node but is empty.
+          hostPath:
+            path: /var/run/docker.sock
+            type: Socket

package/host-cp/k8s/manifests/auth-service/50-deployment.yaml

@@ -1,12 +1,15 @@
 # Deployment for olam-auth-service.
 #
 # Image: pinned to sha256 digest (not :latest or named tag) per T4 threat model.
-# Digest resolves to ghcr.io/pleri/olam-auth-service:0.1.0 (multi-arch index).
+# Digest resolves to ghcr.io/pleri/olam-auth:latest (multi-arch index).
+# NOTE (B1): image name is olam-auth (NOT olam-auth-service) — matches the
+# actual GHCR package name published by release.yml publish-auth job.
 # To update: resolve the new tag's digest via:
-#   TOKEN=$(curl -s "https://ghcr.io/token?scope=repository:pleri/olam-auth-service:pull&service=ghcr.io" | jq -r .token)
+#   TOKEN=$(curl -s "https://ghcr.io/token?scope=repository:pleri/olam-auth:pull&service=ghcr.io" | jq -r .token)
 #   curl -sI -H "Authorization: Bearer $TOKEN" \
 #     -H "Accept: application/vnd.oci.image.index.v1+json,application/vnd.docker.distribution.manifest.list.v2+json" \
-#     https://ghcr.io/v2/pleri/olam-auth-service/manifests/<tag> | grep docker-content-digest
+#     https://ghcr.io/v2/pleri/olam-auth/manifests/<tag> | grep docker-content-digest
+# Or use: node scripts/refresh-manifest-digests.mjs
 #
 # securityContext: conservative defaults per T6/T7 threat model (runAsNonRoot,
 # readOnlyRootFilesystem). /tmp backed by emptyDir for transient write needs.
@@ -60,7 +63,7 @@ spec:
               mountPath: /data
       containers:
         - name: olam-auth-service
-          image: ghcr.io/pleri/olam-auth-service@sha256:a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
+          image: ghcr.io/pleri/olam-auth@sha256:25c8dc7b8725f699c54897423970df4e33b16a31b6f5d2769216fa488db2396c
           imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true

package/host-cp/k8s/manifests/kg-service/50-deployment.yaml

@@ -54,7 +54,7 @@ spec:
               mountPath: /data
       containers:
         - name: olam-kg-service
-          image: ghcr.io/pleri/olam-kg-service@sha256:c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4
+          image: ghcr.io/pleri/olam-kg-service@sha256:2874c019a45e8771ffa07f55150482a75b75a8df02f72cd32084d2cc80f5c5f9
           imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true