@rubytech/create-maxy 1.0.796 → 1.0.797

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/create-maxy",
-  "version": "1.0.796",
+  "version": "1.0.797",
   "description": "Install Maxy — AI for Productive People",
   "bin": {
     "create-maxy": "./dist/index.js"

package/payload/platform/plugins/admin/PLUGIN.md

@@ -51,6 +51,10 @@ Platform management tools for both the admin and public agents. The `plugin-read
 
 Tools are available via the `admin` MCP server.
 
+**Three-store admin auth invariant (Task 850).** `admin-add` writes to all three identity stores (`users.json` PIN auth, `account.json` `admins[]` role, Neo4j `:AdminUser`/`:Person` graph identity) with per-leg `[admin-auth-store]` log lines and returns `is_error: true` on any leg failure naming what's already written. `admin-update-pin` writes `users.json` only and emits the same line. Direct `Edit`/`Write` on `account.json` is blocked at the `pre-tool-use` hook — mutations go through `account-update`, `plugin-toggle-enabled`, or the `admin-*` tools. See `.docs/agents.md` § "Three-store admin auth invariant" for the full contract.
+
+`logs-read { type: "agent-stream" }` (Task 850) is the canonical name for the per-conversation tool-use/tool-result archive previously called `system`; both names work and the legacy alias is preserved.
+
 ## Skills
 
 | Task | When to use | Reference |

package/payload/platform/plugins/admin/hooks/pre-tool-use.sh

@@ -47,11 +47,15 @@ if [ "$AGENT_TYPE" = "admin" ]; then
           echo "[entitlement] tool-deny: tool=${TOOL_NAME} path=${FILE_PATH} field=entitlement-file" >&2
           exit 2
           ;;
-        # account.json (Task 831) — agent must use the account-update MCP tool
-        # (or plugin-toggle-enabled for enabledPlugins changes), which whitelists
-        # editable fields server-side. Direct Edit/Write bypasses that whitelist;
-        # deny unconditionally including cwd-relative paths.
-        */data/accounts/*/account.json|*/config/accounts/*/account.json|data/accounts/*/account.json|config/accounts/*/account.json|account.json)
+        # account.json (Task 831 + Task 850) — agent must use the account-update
+        # MCP tool (or plugin-toggle-enabled for enabledPlugins changes), which
+        # whitelists editable fields server-side. Direct Edit/Write bypasses
+        # that whitelist; deny unconditionally including cwd-relative paths.
+        # Task 850 adds */account.json and *account.json as a backstop so any
+        # layout the named patterns miss is still caught — the Adam Mackay
+        # incident showed a tier upgrade via raw Edit on account.json reach
+        # the disk, exactly the failure mode this hook exists to prevent.
+        */data/accounts/*/account.json|*/config/accounts/*/account.json|data/accounts/*/account.json|config/accounts/*/account.json|*/account.json|*account.json|account.json)
           echo "Blocked: Admin agent cannot edit account.json directly. Use the account-update or plugin-toggle-enabled MCP tools — they whitelist editable fields server-side and exclude tier and purchasedPlugins by design." >&2
           echo "[entitlement] tool-deny: tool=${TOOL_NAME} path=${FILE_PATH} field=account-json" >&2
           exit 2

package/payload/platform/plugins/admin/mcp/dist/index.js

@@ -621,7 +621,7 @@ server.tool("plugin-toggle-enabled", "Enable or disable a plugin in this account
 // ===================================================================
 // Admin user management tools
 // ===================================================================
-server.tool("admin-add", "Add a new admin user to this account. Creates a device-level user entry (users.json) and adds them to this account's admins list (account.json). PIN must be at least 4 digits. If no PIN is provided, a unique 4-digit PIN is generated. Returns the userId and PIN to share with the new admin.", {
+server.tool("admin-add", "Add a new admin user to this account. Creates a device-level user entry (users.json) and adds them to this account's admins list (account.json). PIN must be at least 4 digits. If no PIN is provided, a unique 4-digit PIN is generated. Returns the userId and PIN to share with the new admin.\n\nIMPORTANT — retry behaviour: if the user already stated a specific PIN earlier in the conversation and a first admin-add call failed (e.g. tier cap reached, PIN collision), every retry MUST re-pass that PIN as the `pin` parameter. Omitting `pin` on the retry auto-generates a different 4-digit PIN, silently substituting what the user asked for.", {
     name: z.string().describe("Display name for the new admin (stored on the AdminUser node in Neo4j)."),
     pin: z.string().optional().describe("Optional PIN (minimum 4 digits). If omitted, a unique 4-digit PIN is generated."),
 }, async ({ name, pin: rawPin }) => {
@@ -679,14 +679,25 @@ server.tool("admin-add", "Add a new admin user to this account. Creates a device
     }
     const pinHash = hashPin(plaintextPin);
     const userId = crypto.randomUUID();
+    // Three-store admin auth invariant (Task 850): users.json (device-level
+    // PIN auth), account.json admins[] (account-level role), Neo4j AdminUser
+    // (display + graph identity). Each leg emits a [admin-auth-store] line so
+    // a future incident can grep one log to know which leg failed; any leg
+    // failing makes the tool result is_error: true with a cause line citing
+    // what's already been written. No automatic rollback — the cause line is
+    // the manual-recovery diagnostic.
+    const userIdShort = userId.slice(0, 8);
     // 1. Write to users.json (device-level). Auth fields only — `name` lives
     //    on the AdminUser node in Neo4j (Task 829).
     users.push({ userId, pin: pinHash });
     try {
         writeUsersJson(users);
+        console.error(`[admin-auth-store] action=add userId=${userIdShort} result=ok store=users`);
     }
     catch (err) {
-        return { content: [{ type: "text", text: `${TAG} Failed to write users.json: ${err instanceof Error ? err.message : String(err)}` }], isError: true };
+        const errMsg = err instanceof Error ? err.message : String(err);
+        console.error(`[admin-auth-store] action=add userId=${userIdShort} result=fail store=users error=${errMsg}`);
+        return { content: [{ type: "text", text: `${TAG} Failed to write users.json: ${errMsg}` }], isError: true };
     }
     // 2. Write to account.json (account-level)
     try {
@@ -698,10 +709,12 @@ server.tool("admin-add", "Add a new admin user to this account. Creates a device
             const configPath = join(getAccountDir(), "account.json");
             await writeFile(configPath, JSON.stringify(config, null, 2) + "\n", "utf-8");
         }
+        console.error(`[admin-auth-store] action=add userId=${userIdShort} result=ok store=account`);
     }
     catch (err) {
-        console.error(`${TAG} account.json write failed: ${err instanceof Error ? err.message : String(err)}`);
-        return { content: [{ type: "text", text: `${TAG} User created in users.json but failed to add to account: ${err instanceof Error ? err.message : String(err)}` }], isError: true };
+        const errMsg = err instanceof Error ? err.message : String(err);
+        console.error(`[admin-auth-store] action=add userId=${userIdShort} result=fail store=account error=${errMsg}`);
+        return { content: [{ type: "text", text: `${TAG} users.json updated; account.json write FAILED — manual reconciliation needed: ${errMsg}` }], isError: true };
     }
     // 3. Write to Neo4j (graph-level): AdminUser + Person + OWNS atomically,
     //    plus ADMIN_OF edge to the LocalBusiness for this account.
@@ -710,7 +723,12 @@ server.tool("admin-add", "Add a new admin user to this account. Creates a device
     //    in platform/ui/app/lib/neo4j-store.ts (case-insensitive exact match
     //    on givenName + familyName; partial-name ambiguity does NOT match —
     //    rationalisation is a separate agent-mediated concern).
-    let neo4jWarning = "";
+    //    Task 850 — Neo4j-leg failure now returns is_error: true with the
+    //    [admin-auth-store] line; previously it set a soft warning string and
+    //    returned success, which is what hid the Adam Mackay incident from
+    //    the recovery agent. The user is still functional via users.json +
+    //    account.json, but the graph state is divergent and the operator
+    //    must know.
     let personReused = false;
     try {
         const session = getSession();
@@ -759,18 +777,25 @@ server.tool("admin-add", "Add a new admin user to this account. Creates a device
         finally {
             await session.close();
         }
+        console.error(`[admin-auth-store] action=add userId=${userIdShort} result=ok store=neo4j personReused=${personReused}`);
     }
     catch (err) {
         const errMsg = err instanceof Error ? err.message : String(err);
-        console.error(`${TAG} Neo4j sync failed during admin-add: userId=${userId} error=${errMsg} — files written, graph pending`);
-        neo4jWarning = ` Note: Neo4j sync failed (${errMsg}) — the admin user is functional but the graph will need reconciliation on next seed.`;
+        console.error(`[admin-auth-store] action=add userId=${userIdShort} result=fail store=neo4j error=${errMsg}`);
+        return {
+            content: [{
+                    type: "text",
+                    text: `${TAG} users.json + account.json updated for userId ${userId} (PIN: ${plaintextPin}); Neo4j sync FAILED — manual reconciliation needed: ${errMsg}`,
+                }],
+            isError: true,
+        };
     }
-    console.error(`${TAG} [admin-identity] adminuser-bound userId=${userId.slice(0, 8)} name=${name.trim()} personReused=${personReused}`);
+    console.error(`${TAG} [admin-identity] adminuser-bound userId=${userIdShort} name=${name.trim()} personReused=${personReused}`);
     console.error(`${TAG} admin added: userId=${userId} userName=${name.trim()} accountId=${ACCOUNT_ID} role=admin addedBy=${callerUserId ?? "unknown"}`);
     return {
         content: [{
                 type: "text",
-                text: `Admin added successfully.\n\n- **Name:** ${name.trim()}\n- **userId:** ${userId}\n- **PIN:** ${plaintextPin}\n- **Role:** admin\n\nShare the PIN with ${name.trim()} so they can log in.${neo4jWarning}`,
+                text: `Admin added successfully.\n\n- **Name:** ${name.trim()}\n- **userId:** ${userId}\n- **PIN:** ${plaintextPin}\n- **Role:** admin\n\nShare the PIN with ${name.trim()} so they can log in.`,
             }],
     };
 });
@@ -912,18 +937,22 @@ server.tool("admin-update-pin", "Update an existing admin user's PIN. Defaults t
         users = readUsersJson();
     }
     catch (err) {
+        const errMsg = err instanceof Error ? err.message : String(err);
         console.error(`${TAG} userId=${userIdLabel} result=user-not-found reason=users-json-read-failed`);
-        return { content: [{ type: "text", text: `${TAG} ${err instanceof Error ? err.message : String(err)}` }], isError: true };
+        console.error(`[admin-auth-store] action=update-pin userId=${userIdLabel} result=fail store=users error=${errMsg}`);
+        return { content: [{ type: "text", text: `${TAG} ${errMsg}` }], isError: true };
     }
     const targetIndex = users.findIndex(u => u.userId === userId);
     if (targetIndex === -1) {
         console.error(`${TAG} userId=${userIdLabel} result=user-not-found`);
+        console.error(`[admin-auth-store] action=update-pin userId=${userIdLabel} result=fail store=users error=user-not-found`);
         return { content: [{ type: "text", text: `${TAG} User ${userId} not found in users.json.` }], isError: true };
     }
     const newHash = hashPin(newPin);
     const collidesWithOther = users.some((u, i) => i !== targetIndex && u.pin === newHash);
     if (collidesWithOther) {
         console.error(`${TAG} userId=${userIdLabel} result=collision`);
+        console.error(`[admin-auth-store] action=update-pin userId=${userIdLabel} result=fail store=users error=pin-collision`);
         return { content: [{ type: "text", text: `${TAG} That PIN is already in use by another user. Choose a different PIN.` }], isError: true };
     }
     users[targetIndex].pin = newHash;
@@ -931,9 +960,12 @@ server.tool("admin-update-pin", "Update an existing admin user's PIN. Defaults t
         writeUsersJson(users);
     }
     catch (err) {
-        return { content: [{ type: "text", text: `${TAG} Failed to write users.json: ${err instanceof Error ? err.message : String(err)}` }], isError: true };
+        const errMsg = err instanceof Error ? err.message : String(err);
+        console.error(`[admin-auth-store] action=update-pin userId=${userIdLabel} result=fail store=users error=${errMsg}`);
+        return { content: [{ type: "text", text: `${TAG} Failed to write users.json: ${errMsg}` }], isError: true };
     }
     console.error(`${TAG} userId=${userIdLabel} result=ok`);
+    console.error(`[admin-auth-store] action=update-pin userId=${userIdLabel} result=ok store=users`);
     const self = userId === callerUserId;
     return {
         content: [{ type: "text", text: `PIN updated${self ? "" : ` for userId ${userId}`}. The new PIN takes effect on the next login.` }],
@@ -1147,8 +1179,8 @@ server.tool("agent-list", "List all public (non-admin) agents with their full co
         };
     }
 });
-server.tool("logs-read", "Read recent logs. Task 532: the stream logs (type=system/error/session/public) are now per-conversation — pass `conversationId` to retrieve a single conversation's log from first [spawn] to final [process-exit]. type=system: raw Claude stream-json + agent events + [tool-wait]/[tool-wait-diag]/[tool-wait-proc] telemetry + MCP server stderr via tee. type=session: SSE events sent to client. type=error: Claude subprocess stderr (raw — NODE_DEBUG HTTP/NET/UNDICI traces land in system via the stream tee, not here). type=heartbeat: platform event dispatcher (check-due-events cron). type=public: public agent diagnostic log. type=server: platform server log. type=mcp: MCP server stderr (per-plugin raw). type=vnc: VNC browser viewer lifecycle. type=review: log-review detector decisions. sessionKey: grep legacy sessionKey-tagged lines across all logs (useful for pre-Task-532 artefacts). When conversationId is provided, reads the single per-conversation file for the requested type (or dumps all type files for that conversationId if type is omitted).", {
-    type: z.enum(["system", "session", "error", "heartbeat", "public", "server", "mcp", "vnc", "review"]).optional(),
+server.tool("logs-read", "Read recent logs. Task 532: the stream logs (type=agent-stream/error/session/public) are now per-conversation — pass `conversationId` to retrieve a single conversation's log from first [spawn] to final [process-exit]. type=agent-stream: per-conversation tool-use/tool-result archive (every `[tool-use]` and `[tool-result]` pair with full input + output JSON, plus raw Claude stream-json, agent events, and MCP server stderr via tee). USE THIS when investigating what an agent ACTUALLY did with its tools — server.log only carries `[persist] tool-call persisted` markers, not bodies. (`type=system` is a backwards-compatible alias for the same archive.) type=session: SSE events sent to client. type=error: Claude subprocess stderr (raw — NODE_DEBUG HTTP/NET/UNDICI traces land in agent-stream via the stream tee, not here). type=heartbeat: platform event dispatcher (check-due-events cron). type=public: public agent diagnostic log. type=server: platform server log. type=mcp: MCP server stderr (per-plugin raw). type=vnc: VNC browser viewer lifecycle. type=review: log-review detector decisions. sessionKey: grep legacy sessionKey-tagged lines across all logs (useful for pre-Task-532 artefacts). When conversationId is provided, reads the single per-conversation file for the requested type (or dumps all type files for that conversationId if type is omitted).", {
+    type: z.enum(["agent-stream", "system", "session", "error", "heartbeat", "public", "server", "mcp", "vnc", "review"]).optional(),
     lines: z.number().optional(),
     sessionKey: z.string().optional(),
     conversationId: z.string().optional(),
@@ -1181,16 +1213,17 @@ server.tool("logs-read", "Read recent logs. Task 532: the stream logs (type=syst
                 return { content: [{ type: "text", text: `Log directory does not exist: ${LOG_DIR}` }] };
             }
             const prefixMap = {
-                system: "claude-agent-stream",
+                "agent-stream": "claude-agent-stream",
+                system: "claude-agent-stream", // Task 850 — backwards-compatible alias for agent-stream
                 error: "claude-agent-stderr",
                 session: "sse-events",
                 public: "public-agent-stream",
             };
-            const resolvedType = type ?? "system";
+            const resolvedType = type ?? "agent-stream";
             const prefix = prefixMap[resolvedType];
             if (!prefix) {
                 return {
-                    content: [{ type: "text", text: `type=${resolvedType} is not per-conversation. Valid per-conversation types: system, error, session, public. For platform-scoped types (server, vnc, review, heartbeat, mcp) omit conversationId.` }],
+                    content: [{ type: "text", text: `type=${resolvedType} is not per-conversation. Valid per-conversation types: agent-stream, error, session, public. For platform-scoped types (server, vnc, review, heartbeat, mcp) omit conversationId.` }],
                     isError: true,
                 };
             }
@@ -1234,7 +1267,8 @@ server.tool("logs-read", "Read recent logs. Task 532: the stream logs (type=syst
         // --- Session-key filtered mode: grep across log files ---
         if (sessionKey) {
             const prefixes = {
-                system: "claude-agent-stream-",
+                "agent-stream": "claude-agent-stream-",
+                system: "claude-agent-stream-", // Task 850 — backwards-compatible alias
                 error: "claude-agent-stderr-",
                 session: "sse-events-",
                 public: "public-agent-stream-",
@@ -1332,7 +1366,7 @@ server.tool("logs-read", "Read recent logs. Task 532: the stream logs (type=syst
             return { content: [{ type: "text", text: `# Session timeline: ${sessionKey}\n\n${sections.join("\n\n")}` }] };
         }
         // --- Standard mode: tail most recent file of the requested type ---
-        const resolvedType = type ?? "system";
+        const resolvedType = type ?? "agent-stream";
         // Heartbeat log is a single fixed file, not prefix-based
         if (resolvedType === "heartbeat") {
             const logFile = resolve(LOG_DIR, "check-due-events.log");
@@ -1381,6 +1415,8 @@ server.tool("logs-read", "Read recent logs. Task 532: the stream logs (type=syst
             }).toString();
             return { content: [{ type: "text", text: `# review.log\n\n${result}` }] };
         }
+        // Task 850 — agent-stream and the legacy system alias both map to
+        // claude-agent-stream-. The fall-through default also covers them.
         const prefix = resolvedType === "error" ? "claude-agent-stderr-"
             : resolvedType === "session" ? "sse-events-"
                 : resolvedType === "public" ? "public-agent-stream-"