@pleri/olam-cli 0.1.182 → 0.1.185

package/hermes-bundle/version.json

@@ -1,4 +1,4 @@
 {
-  "bundledAt": "2026-05-26T05:28:12.384Z",
+  "bundledAt": "2026-05-27T14:19:47.128Z",
   "kgFirstSha": "29a9ccce1b115d049e375c4a90eb5cf7c123e610e2d0590270a4db2cdbc64a28"
 }

package/host-cp/k8s/manifests/30-configmap.yaml

@@ -24,12 +24,17 @@ data:
   OLAM_WORLDS_DB: "/data/worlds.db"
   OLAM_PLAN_DB_PATH: "/data/plan.db"
   OLAM_PLAN_DIR: "/data/plan"
-  # Same /data routing for the plan-chat bearer gateway. K8s pod runs as
-  # UID 1000 with readOnlyRootFilesystem: true, so the bearer file CAN
-  # NEVER be created under /home/node/.olam even with mkdir-recursive —
-  # the env override is mandatory here, not optional. Bind-mounted /data
-  # is the writable PVC.
-  OLAM_PLAN_CHAT_SECRET_PATH: "/data/plan-chat-secret"
+  # Phase B Model B: bearer file is now sourced from the shared
+  # olam-plan-chat-secret Kubernetes Secret (mounted at /etc/olam-plan-chat/).
+  # Two readers, one source-of-truth — replaces the per-pod /data/plan-chat-secret
+  # file that couldn't be shared across pods on RWO PVCs. The plan-chat-service
+  # pod also mounts the SAME Secret at the SAME path so bearer comparisons
+  # work both ways.
+  OLAM_PLAN_CHAT_SECRET_PATH: "/etc/olam-plan-chat/secret"
+  # In-cluster plan-chat-service URL. Rewritten by upgrade-kubernetes.ts step 2.5
+  # (buildK8sDnsUrl) — the default below is a sane fallback for raw
+  # `kubectl apply -f` operators who skip the CLI wrapper.
+  PLAN_CHAT_SERVICE_URL: "http://olam-plan-chat-service.olam.svc.cluster.local:3200"
   # NDJSON span sink + recovery ledger — route to the writable PVC mount at
   # /data rather than the default ~/.olam/logs (which resolves to
   # /home/node/.olam/logs and is not writable with readOnlyRootFilesystem: true).

package/host-cp/k8s/manifests/50-deployment.yaml

@@ -118,7 +118,7 @@ spec:
         # k3d), started by `olam upgrade` Step 0.7 — not inside this Pod.
       containers:
         - name: olam-host-cp
-          image: ghcr.io/pleri/olam-host-cp@sha256:20d84b6d490c633bc5a158b0f7f849152aba3cf1d2d45657360f627d8d41ec3f
+          image: ghcr.io/pleri/olam-host-cp@sha256:843bea5159a7b5ec792a7d0a9766c49eb0443180023526c0c21d56e32982fd4e
           imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true
@@ -147,6 +147,13 @@ spec:
               readOnly: true
             - name: tmp
               mountPath: /tmp
+            # Phase B Model B: shared olam-plan-chat-secret mounted read-only
+            # so renderSpaShell can inject window.__OLAM_PLAN_CHAT_BEARER__.
+            # Plan-chat-service mounts the SAME Secret at the SAME path so
+            # bearer compares match across pods.
+            - name: plan-chat-secret
+              mountPath: /etc/olam-plan-chat
+              readOnly: true
             # docker-socket volumeMount REMOVED in olam-k3d-on-mac-substrate-
             # decision Phase B B2. Docker access now goes via TCP to the
             # docker-socket-proxy ExternalName Service in the olam namespace.
@@ -191,6 +198,13 @@ spec:
             type: DirectoryOrCreate
         - name: tmp
           emptyDir: {}
+        - name: plan-chat-secret
+          secret:
+            secretName: olam-plan-chat-secret
+            defaultMode: 0400
+            items:
+              - key: PLAN_CHAT_SECRET
+                path: secret
         # host-colima + docker-socket volumes REMOVED in olam-k3d-on-mac-
         # substrate-decision Phase B B2 (2026-05-21). R3-A's two-volume
         # hostPath approach is fully retracted: round-4 R4-W2-F demonstrated

package/host-cp/k8s/manifests/auth-service/50-deployment.yaml

@@ -70,7 +70,7 @@ spec:
               mountPath: /data
       containers:
         - name: olam-auth-service
-          image: ghcr.io/pleri/olam-auth@sha256:57d5f69395f9d4199035bb1e8156ffa1a4b815e50f6ecef28c2fc082f4d40e23
+          image: ghcr.io/pleri/olam-auth@sha256:59de0618b656c45ed75465aefab637bd3b50ef803ae8d802c828c26d97183328
           imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true

package/host-cp/k8s/manifests/kg-service/50-deployment.yaml

@@ -61,7 +61,7 @@ spec:
               mountPath: /data
       containers:
         - name: olam-kg-service
-          image: ghcr.io/pleri/olam-kg-service@sha256:7b48bc20dead674fb01f5e01f1fc43fee2b589c05156a7b5384504f42e96a18a
+          image: ghcr.io/pleri/olam-kg-service@sha256:b53af63d452bb04420a1f89b5834888a324ee3995f45c908fa9321ec76b84047
           imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true

package/host-cp/k8s/manifests/mcp-auth-service/50-deployment.yaml

@@ -68,7 +68,7 @@ spec:
               mountPath: /data
       containers:
         - name: olam-mcp-auth-service
-          image: ghcr.io/pleri/olam-mcp-auth@sha256:9cbf2fb4c79a6b447282da5f1a190c730eb9c85e5df1c0c16dc238c34352c583
+          image: ghcr.io/pleri/olam-mcp-auth@sha256:635c1518e45cc0a1b5859cfb412d5a6eb9ab389630553eb9cdb6c903d97d8d15
           imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true

package/host-cp/k8s/manifests/memory-service/50-deployment.yaml

@@ -70,7 +70,7 @@ spec:
           # bootstrap-placeholder comment + run `npm run refresh:manifest-digests`
           # once ghcr.io/pleri/olam-memory-service has a real published digest.
           # bootstrap-placeholder: pre-publish; refresh after first release
-          image: ghcr.io/pleri/olam-memory-service@sha256:d94c6699ca3937f67a873b2b6bb28a1d40317f9c0a780f780f45b41c5d103f2d
+          image: ghcr.io/pleri/olam-memory-service@sha256:efad791c760420e6bccc68120621aba97a2532da517eb3f7d0e0349f6a2f8a06
           imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true

package/host-cp/k8s/templates/chunks-postgres-secret-template.yaml

@@ -0,0 +1,24 @@
+# Secret TEMPLATE for olam-chunks-postgres.
+#
+# Generates a random 64-char hex POSTGRES_PASSWORD on first apply (via
+# k8s-secret-render.ts generate-if-missing). The Secret is consumed by:
+#   - chunks-postgres StatefulSet (envFrom → POSTGRES_PASSWORD)
+#   - chunks-electric Deployment   (env: valueFrom.secretKeyRef)
+#   - plan-chat-service Deployment (env: valueFrom.secretKeyRef)
+#
+# All three resolve the SAME random value because the secret-renderer
+# persists generated values in ~/.olam/k8s-secrets-state.json so reapply
+# is idempotent (no rotation unless --rotate-secrets).
+apiVersion: v1
+kind: Secret
+metadata:
+  name: olam-chunks-postgres-secret
+  namespace: olam
+  labels:
+    app: olam-chunks-postgres
+    olam.io/component: substrate
+type: Opaque
+stringData:
+  # Postgres superuser password. Generated by the CLI's secret-renderer on
+  # first apply (no host-side file to read; this is in-cluster-only state).
+  POSTGRES_PASSWORD: "REPLACE_ME_GENERATE_RANDOM_HEX"

package/host-cp/k8s/templates/plan-chat-service-secret-template.yaml

@@ -0,0 +1,35 @@
+# Secret TEMPLATE for olam-plan-chat-secret.
+#
+# This file is a TEMPLATE — it MUST NOT be applied directly without substituting
+# the placeholder values. The placeholders are intentionally invalid; a raw
+# `kubectl apply` will result in auth failures rather than silently shipping
+# fake credentials.
+#
+# Preferred substitution (keeps secrets out of git):
+#   kubectl create secret generic olam-plan-chat-secret -n olam \
+#     --from-literal=PLAN_CHAT_SECRET=$(cat ~/.olam/plan-chat-secret) \
+#     --dry-run=client -o yaml | kubectl apply -f -
+#
+# This template lives in packages/host-cp/k8s/templates/ (NOT manifests/)
+# so that `kubectl apply -f manifests/plan-chat-service/` does NOT apply it —
+# operators must explicitly handle Secret provisioning before applying manifests.
+#
+# Architecture: this Secret is mounted by BOTH the host-cp pod (so its
+# renderSpaShell can inject window.__OLAM_PLAN_CHAT_BEARER__) AND the
+# plan-chat-service pod (so its bearer-auth gate timing-safe-compares incoming
+# Authorization: Bearer headers against the same value). One source-of-truth,
+# two readers — replaces the previous "/data/plan-chat-secret in host-cp PVC"
+# pattern that couldn't be shared across pods (RWO PVC).
+apiVersion: v1
+kind: Secret
+metadata:
+  name: olam-plan-chat-secret
+  namespace: olam
+  labels:
+    olam.io/component: substrate
+type: Opaque
+stringData:
+  # Shared bearer secret for plan-chat-service's POST /v1/chunks and
+  # GET /v1/shape endpoints. host-cp injects this into window.__OLAM_PLAN_CHAT_BEARER__.
+  # Source: cat ~/.olam/plan-chat-secret
+  PLAN_CHAT_SECRET: "REPLACE_ME_FROM_HOME_DOTOLAM_PLAN_CHAT_SECRET"

package/host-cp/src/plan-chat-service.mjs

@@ -327,88 +327,113 @@ export function createHandler({
 
       // B4 — capture message_usage when the adapter forwarded token usage.
       // body.usage is optional (only present on assistant turns with SDK usage).
+      //
+      // perf: SQL-2 through SQL-5 (INSERT message_usage, SUM, dedup check,
+      // INSERT threshold chunk) are batched inside a single BEGIN/COMMIT so
+      // the 4 sequential round-trips share one connection checkout and one
+      // server-side transaction flush instead of 4 independent pool checkouts.
+      // SQL-1 (INSERT chunks above) stays outside the txn so its 23505 dedup
+      // guard reaches the caller independently as a 409 — folding it in would
+      // cause a threshold-chunk PK conflict to silently roll back the primary
+      // chunk write.
       if (body.usage && typeof body.usage === 'object') {
         const usage = body.usage;
         const model = typeof body.model === 'string' && body.model.length > 0
           ? body.model
           : 'claude-sonnet-4-6';
-        await pool.query(
-          `INSERT INTO message_usage
-             (world_id, session_id, message_id, actor_id, model,
-              input_tokens, output_tokens, cache_read_tokens, cache_create_tokens)
-           VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
-           ON CONFLICT (message_id, actor_id) DO NOTHING`,
-          [
-            body.world_id,
-            body.session_id,
-            body.message_id,
-            principal.actorId,
-            model,
-            Number(usage.input_tokens ?? 0),
-            Number(usage.output_tokens ?? 0),
-            Number(usage.cache_read_input_tokens ?? 0),
-            Number(usage.cache_creation_input_tokens ?? 0),
-          ],
-        );
-
-        // B6 — 80% threshold dedup'd system chunk.
-        // After inserting message_usage, check if the per-actor cumulative
-        // token count for this session has crossed 80% of the model's context
-        // cap. If so, and no prior threshold chunk exists for (session_id,
-        // actor_id), emit exactly one dedup'd system chunk.
-        //
-        // Token math: sum(input_tokens + cache_read_tokens + cache_create_tokens)
-        // per (session_id, actor_id), matching Claude Code statusline.
-        const contextCap = CONTEXT_CAPS_LOCAL[model] ?? DEFAULT_CONTEXT_CAP;
-        const sumResult = await pool.query(
-          `SELECT COALESCE(SUM(input_tokens + cache_read_tokens + cache_create_tokens), 0) AS total_used
-           FROM message_usage
-           WHERE session_id = $1 AND actor_id = $2`,
-          [body.session_id, principal.actorId],
-        );
-        const totalUsed = Number(sumResult.rows[0]?.total_used ?? 0);
-        const usedPct = Math.floor((totalUsed / contextCap) * 100);
-
-        if (usedPct >= THRESHOLD_PCT) {
-          // Dedup check: scan chunks for an existing threshold-crossing system
-          // chunk for this (session_id, actor_id). Prefix-match is sufficient
-          // because THRESHOLD_CHUNK_PREFIX is unique to this purpose.
-          const dupResult = await pool.query(
-            `SELECT 1 FROM chunks
-             WHERE session_id = $1 AND actor_id = $2 AND actor_type = 'system'
-               AND chunk LIKE $3
-             LIMIT 1`,
-            [body.session_id, principal.actorId, `${THRESHOLD_CHUNK_PREFIX}%`],
+        const client = await pool.connect();
+        try {
+          await client.query('BEGIN');
+
+          // SQL-2 — INSERT message_usage
+          await client.query(
+            `INSERT INTO message_usage
+               (world_id, session_id, message_id, actor_id, model,
+                input_tokens, output_tokens, cache_read_tokens, cache_create_tokens)
+             VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
+             ON CONFLICT (message_id, actor_id) DO NOTHING`,
+            [
+              body.world_id,
+              body.session_id,
+              body.message_id,
+              principal.actorId,
+              model,
+              Number(usage.input_tokens ?? 0),
+              Number(usage.output_tokens ?? 0),
+              Number(usage.cache_read_input_tokens ?? 0),
+              Number(usage.cache_creation_input_tokens ?? 0),
+            ],
           );
-          const alreadyEmitted = (dupResult.rows ?? []).length > 0;
-
-          if (!alreadyEmitted) {
-            const personaLabel = principal.actorId;
-            const thresholdChunk =
-              `${THRESHOLD_CHUNK_PREFIX} ${personaLabel} at ${usedPct}%`;
-            // Emit the threshold system chunk. Re-use the same message_id +
-            // a seq derived from the current seq + 1 to avoid PK conflict.
-            // Use body.seq + 1000 as a high-offset seq so it sorts AFTER the
-            // triggering chunk but doesn't collide with normal seq values.
-            const thresholdSeq = body.seq + 1000;
-            await pool.query(
-              `INSERT INTO chunks
-                 (world_id, session_id, message_id, seq, actor_id, actor_type, role, chunk, chunk_type)
-               VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
-               ON CONFLICT (message_id, seq) DO NOTHING`,
-              [
-                body.world_id,
-                body.session_id,
-                body.message_id,
-                thresholdSeq,
-                principal.actorId,
-                'system',
-                'system',
-                thresholdChunk,
-                'text',
-              ],
+
+          // B6 — 80% threshold dedup'd system chunk.
+          // After inserting message_usage, check if the per-actor cumulative
+          // token count for this session has crossed 80% of the model's context
+          // cap. If so, and no prior threshold chunk exists for (session_id,
+          // actor_id), emit exactly one dedup'd system chunk.
+          //
+          // Token math: sum(input_tokens + cache_read_tokens + cache_create_tokens)
+          // per (session_id, actor_id), matching Claude Code statusline.
+          //
+          // SQL-3 — SUM cumulative tokens (reads within the same txn so the
+          // just-inserted usage row is visible without waiting for COMMIT).
+          const contextCap = CONTEXT_CAPS_LOCAL[model] ?? DEFAULT_CONTEXT_CAP;
+          const sumResult = await client.query(
+            `SELECT COALESCE(SUM(input_tokens + cache_read_tokens + cache_create_tokens), 0) AS total_used
+             FROM message_usage
+             WHERE session_id = $1 AND actor_id = $2`,
+            [body.session_id, principal.actorId],
+          );
+          const totalUsed = Number(sumResult.rows[0]?.total_used ?? 0);
+          const usedPct = Math.floor((totalUsed / contextCap) * 100);
+
+          if (usedPct >= THRESHOLD_PCT) {
+            // SQL-4 — dedup check: scan chunks for an existing threshold-crossing
+            // system chunk for this (session_id, actor_id). Prefix-match is
+            // sufficient because THRESHOLD_CHUNK_PREFIX is unique to this purpose.
+            const dupResult = await client.query(
+              `SELECT 1 FROM chunks
+               WHERE session_id = $1 AND actor_id = $2 AND actor_type = 'system'
+                 AND chunk LIKE $3
+               LIMIT 1`,
+              [body.session_id, principal.actorId, `${THRESHOLD_CHUNK_PREFIX}%`],
             );
+            const alreadyEmitted = (dupResult.rows ?? []).length > 0;
+
+            if (!alreadyEmitted) {
+              const personaLabel = principal.actorId;
+              const thresholdChunk =
+                `${THRESHOLD_CHUNK_PREFIX} ${personaLabel} at ${usedPct}%`;
+              // SQL-5 — Emit the threshold system chunk. Re-use the same message_id +
+              // a seq derived from the current seq + 1 to avoid PK conflict.
+              // Use body.seq + 1000 as a high-offset seq so it sorts AFTER the
+              // triggering chunk but doesn't collide with normal seq values.
+              const thresholdSeq = body.seq + 1000;
+              await client.query(
+                `INSERT INTO chunks
+                   (world_id, session_id, message_id, seq, actor_id, actor_type, role, chunk, chunk_type)
+                 VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
+                 ON CONFLICT (message_id, seq) DO NOTHING`,
+                [
+                  body.world_id,
+                  body.session_id,
+                  body.message_id,
+                  thresholdSeq,
+                  principal.actorId,
+                  'system',
+                  'system',
+                  thresholdChunk,
+                  'text',
+                ],
+              );
+            }
           }
+
+          await client.query('COMMIT');
+        } catch (txnErr) {
+          await client.query('ROLLBACK').catch(() => undefined);
+          throw txnErr;
+        } finally {
+          client.release();
         }
       }
       // H2 (plan-chat-spa-canonical-surface Phase G) — extract commit_plan /

package/host-cp/src/server.mjs

@@ -95,6 +95,7 @@ import {
 } from './routes/process-port.mjs';
 import { instrumentHandler, renderMetrics } from './metrics.mjs';
 import { handleDispatchFromEmail } from './lib/email-dispatch.mjs';
+import { handleDispatchFromLinear } from './lib/linear-dispatch.mjs';
 import { emitTierSuggestion } from '../dispatch/auto-tier-scheduler.mjs';
 import { isServeOnly, isOrchestrationRoute, ORCHESTRATION_UNAVAILABLE } from './serve-only-config.mjs';
 
@@ -190,6 +191,18 @@ const OLAM_EMAIL_ATTACHMENTS_ROOT =
   (HOST_CP_MODE === 'container'
     ? '/data/email-attachments'
     : path.join(os.homedir(), '.olam', 'email-attachments'));
+// Linear-webhook trigger (POST /v1/dispatch-from-linear).
+// OLAM_LINEAR_WEBHOOK_SECRET — shared secret set in Linear webhook settings.
+// OLAM_LINEAR_WORLD_ID       — optional; when set, route events to this worldId
+//                              instead of spawning a new world each time.
+// See docs/architecture/linear-as-trigger.md.
+const OLAM_LINEAR_WEBHOOK_SECRET = process.env.OLAM_LINEAR_WEBHOOK_SECRET ?? '';
+const OLAM_LINEAR_WORLD_ID = process.env.OLAM_LINEAR_WORLD_ID ?? '';
+
+// In-flight delivery IDs for deduplication. Linear retries on non-2xx;
+// we MUST return 2xx for duplicates so retries terminate. Never use 409.
+const linearInFlight = new Set();
+
 const WORLD_NAMES_PATH =
   process.env.OLAM_WORLD_NAMES_PATH ??
   (HOST_CP_MODE === 'container'
@@ -319,6 +332,28 @@ function readAnthropicBaseUrl() {
   return '';
 }
 
+/**
+ * Resolve the default `repoUrl` to inject into cloud-dispatch bodies. The
+ * cloud Sandbox coding loop clones this repo into `/workspace/repo` before
+ * running claude. Source order: OLAM_DOGFOOD_REPO_URL env, then
+ * ~/.olam/dogfood-repo-url file (one bare URL, chmod 600). Absent → empty
+ * string → no injection (dispatch runs text-only, the pre-coding-default
+ * behaviour). Mirrors readAnthropicBaseUrl() so operators have ONE pattern
+ * for cloud-dispatch defaults.
+ */
+function readDogfoodRepoUrl() {
+  const fromOlamEnv = process.env['OLAM_DOGFOOD_REPO_URL'];
+  if (fromOlamEnv && fromOlamEnv.length > 0) return fromOlamEnv.trim();
+  try {
+    const file = path.join(os.homedir(), '.olam', 'dogfood-repo-url');
+    const content = fs.readFileSync(file, 'utf-8').trim();
+    if (content.length > 0) return content;
+  } catch {
+    // file absent — fall through
+  }
+  return '';
+}
+
 /** @type {Record<string, number>} */
 let WORLDS = {};
 
@@ -974,6 +1009,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
       header_name: 'authorization',
       header_format: 'Bearer <token>',
       hint: 'SPA: set document.cookie = `olam_host_cp_token=${token}; path=/; samesite=strict` then fetch (`/api/world/...`) freely.',
+      cloud_enabled: Boolean(process.env.OLAM_CLOUD_URL && process.env.OLAM_SHOWCASE_PASSWORD),
     });
   }
 
@@ -2447,6 +2483,62 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     return;
   }
 
+  // POST /v1/dispatch-from-linear — Linear webhook receiver.
+  //
+  // Linear POSTs a JSON payload and an HMAC-SHA256 signature in
+  // X-Linear-Signature. host-cp validates the signature, deduplicates
+  // by webhookId (Linear retries on non-2xx — duplicates MUST return 202),
+  // and either routes to a pinned world (OLAM_LINEAR_WORLD_ID) or returns
+  // a spawn_pending descriptor for the MCP/CLI layer.
+  //
+  // Dedup rule: HTTP 202 { action: 'deduplicated' } — NEVER 409.
+  // Body cap: 1 MiB (Linear payloads are small JSON, no attachments).
+  if (url.pathname === '/v1/dispatch-from-linear' && req.method === 'POST') {
+    const chunks = [];
+    let size = 0;
+    const MAX_BODY = 1 * 1024 * 1024;
+    let aborted = false;
+    req.on('data', (chunk) => {
+      size += chunk.length;
+      if (size > MAX_BODY) {
+        aborted = true;
+        jsonReply(res, 413, { error: 'body_too_large', maxBytes: MAX_BODY });
+        req.destroy();
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on('end', async () => {
+      if (aborted) return;
+      const rawBody = Buffer.concat(chunks);
+      const signature = req.headers['x-linear-signature'] ?? '';
+      let payload;
+      try {
+        payload = JSON.parse(rawBody.toString('utf8') || '{}');
+      } catch (err) {
+        return jsonReply(res, 400, { error: 'invalid_json', message: err.message });
+      }
+      try {
+        const result = await handleDispatchFromLinear({
+          rawBody,
+          payload,
+          signature,
+          secret: OLAM_LINEAR_WEBHOOK_SECRET,
+          worlds: WORLDS,
+          inFlight: linearInFlight,
+          targetWorldId: OLAM_LINEAR_WORLD_ID || undefined,
+        });
+        return jsonReply(res, result.status, result.body);
+      } catch (err) {
+        return jsonReply(res, 500, {
+          error: 'dispatch_failed',
+          message: err instanceof Error ? err.message : String(err),
+        });
+      }
+    });
+    return;
+  }
+
   if (url.pathname === '/api/cloud-dispatch' && req.method === 'POST') {
     const cloudUrl = process.env.OLAM_CLOUD_URL;
     const showcasePw = process.env.OLAM_SHOWCASE_PASSWORD;
@@ -2473,14 +2565,38 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
       const planId = parsed.session_id ?? 'default';
       const basicAuth = Buffer.from(`operator:${showcasePw}`).toString('base64');
 
+      // SPA shape → plan-DO shape normalisation: the SPA posts a chat-shaped
+      // body ({ messages: [{ role, content }] }) while plan-DO's /v1/dispatch
+      // expects a top-level `prompt` string. Synthesise `prompt` from
+      // `messages` when it is absent so both call shapes reach plan-DO intact.
+      // Existing curl/CLI callers that already supply `prompt` are unaffected.
+      if (Array.isArray(parsed.messages) && !parsed.prompt) {
+        parsed = {
+          ...parsed,
+          prompt: parsed.messages.map((m) => m?.content ?? '').filter(Boolean).join('\n\n'),
+        };
+        // Keep `messages` too — plan-DO may use it for multi-turn fidelity later.
+      }
+
       // Gap 3: enrich the dispatch body with the operator's anthropicBaseUrl
       // so plan-DO can propagate it to spawned CF Sandbox child worlds.
       // Only injected when not already set by the SPA (SPA has no auth-worker
       // config knowledge — host-cp is the sole injection point).
       const anthropicBaseUrl = readAnthropicBaseUrl();
-      const enriched = anthropicBaseUrl && !parsed.anthropicBaseUrl
-        ? JSON.stringify({ ...parsed, anthropicBaseUrl })
-        : body;
+      // Sibling injection: default repoUrl for the cloud Sandbox coding loop.
+      // The SPA has no repo-config knowledge today (Decision 2 in
+      // olam-builds-olam-cloud-dogfood: no SPA repo-selector); host-cp is the
+      // injection point. Source order: OLAM_DOGFOOD_REPO_URL env, then
+      // ~/.olam/dogfood-repo-url file. Absent → no injection (the dispatch
+      // runs text-only, like before this change).
+      const dogfoodRepoUrl = readDogfoodRepoUrl();
+      let enrichedObj = null;
+      if (anthropicBaseUrl && !parsed.anthropicBaseUrl) enrichedObj = { ...(enrichedObj ?? parsed), anthropicBaseUrl };
+      if (dogfoodRepoUrl && !parsed.repoUrl) enrichedObj = { ...(enrichedObj ?? parsed), repoUrl: dogfoodRepoUrl };
+      // Use `parsed` (not raw `body`) as the no-enrichment fallback so that the
+      // messages→prompt normalisation above is always forwarded even when no
+      // env-var enrichments are applied.
+      const enriched = enrichedObj ? JSON.stringify(enrichedObj) : JSON.stringify(parsed);
 
       // Phase H h2: attach CF Access service-token headers when configured
       // (machine-to-machine auth). Additive alongside Basic auth. CF Access
@@ -3282,6 +3398,25 @@ function buildPlanChatBearerInjection() {
   }
 }
 
+/**
+ * Build the cloud-enabled flag injection. plan-chat-spa's CloudToggleChip
+ * (`getCloudAvailability` in `lib/plan-config.ts`) reads
+ * `window.__OLAM_CLOUD_ENABLED__` to decide whether the Cloud toggle is
+ * live; absent → the chip stays disabled and only links to the setup doc.
+ *
+ * The toggle should be live exactly when host-cp can actually proxy
+ * `/api/cloud-dispatch` → plan-DO — which is the SAME condition the
+ * cloud-dispatch handler guards with its `503 cloud_dispatch_not_configured`:
+ * BOTH `OLAM_CLOUD_URL` and `OLAM_SHOWCASE_PASSWORD` set. Mirror it exactly
+ * so the UI never offers a toggle that would 503 on dispatch.
+ */
+function buildCloudEnabledInjection() {
+  const enabled = Boolean(
+    process.env.OLAM_CLOUD_URL && process.env.OLAM_SHOWCASE_PASSWORD,
+  );
+  return enabled ? `<script>window.__OLAM_CLOUD_ENABLED__=true;</script>` : '';
+}
+
 // Phase E5 (ATOMIC SERVING CUTOVER) — BOOTSTRAP_SCRIPT no longer injected.
 //
 // host-cp now serves plan-chat-spa exclusively. plan-chat-spa's own
@@ -3307,6 +3442,7 @@ function buildPlanChatBearerInjection() {
 async function renderSpaShell(filePath, pathname) {
   const stat = fs.statSync(filePath);
   const bearerInjection = buildPlanChatBearerInjection();
+  const cloudInjection = buildCloudEnabledInjection();
   // Phase E5: BOOTSTRAP_SCRIPT is never injected — plan-chat-spa's own
   // worldFetch.ts shim owns the cookie-bootstrap + path-rewrite contract.
   // We still assert the wildcard invariant so a future re-narrowing of
@@ -3315,7 +3451,7 @@ async function renderSpaShell(filePath, pathname) {
   const skipBootstrap = isPlanningPath(pathname);
   // Cache key includes bearer length (the only per-render-varying input
   // now that bootstrap injection is constant-empty).
-  const cacheKey = stat.mtimeMs + ':' + bearerInjection.length;
+  const cacheKey = stat.mtimeMs + ':' + bearerInjection.length + ':' + cloudInjection.length;
   const cached = _spaCacheByKey.get(cacheKey);
   if (cached !== undefined) return cached;
   let html = fs.readFileSync(filePath, 'utf-8');
@@ -3329,7 +3465,7 @@ async function renderSpaShell(filePath, pathname) {
   // is set before the SPA bundle reads it. No bootstrap shim — see the
   // block comment above (Phase E5 cutover).
   void skipBootstrap; // wildcard invariant: always true; documents intent
-  html = html.replace(/<head>/i, `<head>\n    ${bearerInjection}`);
+  html = html.replace(/<head>/i, `<head>\n    ${bearerInjection}${cloudInjection}`);
   _spaCacheByKey.set(cacheKey, html);
   return html;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pleri/olam-cli",
-  "version": "0.1.182",
+  "version": "0.1.185",
   "type": "module",
   "bin": {
     "olam": "./bin/olam.cjs"
@@ -26,7 +26,8 @@
     "access": "public"
   },
   "scripts": {
-    "build": "tsc",
+    "build": "npm run gen:knowledge-pack && tsc",
+    "gen:knowledge-pack": "node scripts/gen-knowledge-pack.mjs",
     "dev": "tsx src/index.ts",
     "test": "vitest run --passWithNoTests",
     "test:ci": "vitest run --reporter=basic --passWithNoTests",
@@ -45,6 +46,7 @@
     "ssh2": "^1.16.0",
     "yaml": "^2.7.0",
     "@inquirer/prompts": "^7.0.0",
+    "@anthropic-ai/claude-agent-sdk": "^0.2.56",
     "zod-to-json-schema": "^3.24.0",
     "playwright-core": "~1.59.0",
     "@napi-rs/keyring": "^1.1.6"