@rubytech/create-maxy 1.0.805 → 1.0.807

package/payload/server/chunk-LTIWPCUF.js

@@ -0,0 +1,3477 @@
+// app/lib/claude-agent/client-pool.ts
+import { query } from "@anthropic-ai/claude-agent-sdk";
+import { appendFileSync as appendFileSync2 } from "fs";
+import { resolve as resolvePath } from "path";
+
+// app/lib/claude-agent/logging.ts
+import { spawnSync } from "child_process";
+import { resolve } from "path";
+import { platform as osPlatform } from "os";
+import { readFileSync, readdirSync, mkdirSync, createWriteStream, statSync, unlinkSync, renameSync, appendFileSync, existsSync } from "fs";
+import { lookup as dnsLookup } from "dns/promises";
+import { createConnection as netConnect } from "net";
+import { StringDecoder } from "string_decoder";
+var LOG_RETENTION_DAYS = 7;
+var isoTs = () => (/* @__PURE__ */ new Date()).toISOString();
+var BROWSER_TOOL_PREFIXES = [
+  "mcp__plugin_playwright_playwright__",
+  "mcp__plugin_chrome-devtools-mcp_chrome-devtools__"
+];
+function isBrowserTool(name) {
+  return BROWSER_TOOL_PREFIXES.some((p) => name.startsWith(p));
+}
+var DIAG_HARD_CAP_MS = 5e3;
+var DIAG_DNS_TIMEOUT_MS = 2e3;
+var DIAG_TCP_TIMEOUT_MS = 3e3;
+var DIAG_HTTP_TIMEOUT_MS = 4e3;
+function quoteDiag(value) {
+  return JSON.stringify(value);
+}
+function extractUrl(toolName, input) {
+  if (input === null || typeof input !== "object") return void 0;
+  const obj = input;
+  if (toolName === "WebFetch" && typeof obj.url === "string") return obj.url;
+  if (isBrowserTool(toolName) && typeof obj.url === "string") return obj.url;
+  if (typeof obj.url === "string" && /^https?:\/\//.test(obj.url)) return obj.url;
+  return void 0;
+}
+var FULL_REDACT_ENV_VARS = /* @__PURE__ */ new Set(["HTTPS_PROXY", "HTTP_PROXY", "NO_PROXY"]);
+function redactEnvField(name) {
+  const value = process.env[name];
+  if (!value) return `${name.toLowerCase()}=absent`;
+  if (FULL_REDACT_ENV_VARS.has(name)) {
+    return `${name.toLowerCase()}=present`;
+  }
+  const suffix = value.length > 40 ? value.slice(-40) : value;
+  return `${name.toLowerCase()}=present suffix=${quoteDiag(suffix)}`;
+}
+async function probeDns(host, family) {
+  const label = family === 4 ? "dns_a" : "dns_aaaa";
+  const start = Date.now();
+  let timer;
+  try {
+    const result = await Promise.race([
+      dnsLookup(host, { family, verbatim: true }),
+      new Promise((_, reject) => {
+        timer = setTimeout(() => reject(new Error("timeout")), DIAG_DNS_TIMEOUT_MS);
+      })
+    ]);
+    if (timer) clearTimeout(timer);
+    const ms = Date.now() - start;
+    return `${label}=${result.address} ${label}_ms=${ms}`;
+  } catch (err) {
+    if (timer) clearTimeout(timer);
+    const ms = Date.now() - start;
+    const msg = err instanceof Error ? err.message : String(err);
+    return `${label}=err ${label}_err=${quoteDiag(msg.slice(0, 60))} ${label}_ms=${ms}`;
+  }
+}
+async function probeTcp(host, port) {
+  const start = Date.now();
+  return new Promise((resolvePromise) => {
+    let settled = false;
+    const sock = netConnect({ host, port, family: 0 });
+    const finish = (result) => {
+      if (settled) return;
+      settled = true;
+      try {
+        sock.destroy();
+      } catch {
+      }
+      resolvePromise(result);
+    };
+    const timer = setTimeout(() => finish(`tcp=timeout tcp_ms=${Date.now() - start}`), DIAG_TCP_TIMEOUT_MS);
+    sock.once("connect", () => {
+      clearTimeout(timer);
+      finish(`tcp=ok tcp_ms=${Date.now() - start}`);
+    });
+    sock.once("error", (err) => {
+      clearTimeout(timer);
+      const msg = err instanceof Error ? err.message : String(err);
+      finish(`tcp=err tcp_err=${quoteDiag(msg.slice(0, 60))} tcp_ms=${Date.now() - start}`);
+    });
+  });
+}
+async function probeHttp(url) {
+  const start = Date.now();
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), DIAG_HTTP_TIMEOUT_MS);
+  try {
+    const res = await fetch(url, { method: "HEAD", redirect: "manual", signal: controller.signal });
+    clearTimeout(timer);
+    return `http_status=${res.status} http_ms=${Date.now() - start}`;
+  } catch (err) {
+    clearTimeout(timer);
+    const msg = err instanceof Error ? err.message : String(err);
+    return `http_status=err http_err=${quoteDiag(msg.slice(0, 60))} http_ms=${Date.now() - start}`;
+  }
+}
+async function runFailureDiagnostic(toolName, toolInput) {
+  const inputKeys = toolInput !== null && typeof toolInput === "object" ? Object.keys(toolInput).join(",") : "";
+  const envFields = [
+    redactEnvField("HTTPS_PROXY"),
+    redactEnvField("HTTP_PROXY"),
+    redactEnvField("NO_PROXY"),
+    redactEnvField("NODE_OPTIONS")
+  ].join(" ");
+  const url = extractUrl(toolName, toolInput);
+  if (!url) {
+    return `diag_url=none input_keys=[${inputKeys}] ${envFields}`;
+  }
+  let host;
+  let port;
+  try {
+    const parsed = new URL(url);
+    host = parsed.hostname;
+    port = parsed.port ? Number(parsed.port) : parsed.protocol === "https:" ? 443 : 80;
+  } catch {
+    return `diag_url=unparseable input_keys=[${inputKeys}] ${envFields}`;
+  }
+  const probes = Promise.allSettled([
+    probeDns(host, 4),
+    probeDns(host, 6),
+    probeTcp(host, port),
+    probeHttp(url)
+  ]);
+  let capTimer;
+  const capped = await Promise.race([
+    probes,
+    new Promise((resolvePromise) => {
+      capTimer = setTimeout(() => resolvePromise("__diag_timeout__"), DIAG_HARD_CAP_MS);
+    })
+  ]);
+  if (capTimer) clearTimeout(capTimer);
+  if (capped === "__diag_timeout__") {
+    return `diag_host=${host} diag_port=${port} diag_timeout=true input_keys=[${inputKeys}] ${envFields}`;
+  }
+  const fields = capped.map((r) => r.status === "fulfilled" ? r.value : `probe_err=${quoteDiag(String(r.reason).slice(0, 40))}`).join(" ");
+  return `diag_host=${host} diag_port=${port} ${fields} input_keys=[${inputKeys}] ${envFields}`;
+}
+function agentLogStream(name, accountDir, conversationId) {
+  if (!conversationId) {
+    throw new Error(`agentLogStream: conversationId is required (name=${name}) \u2014 use preConversationLogStream for pre-session events`);
+  }
+  const logDir = resolve(accountDir, "logs");
+  mkdirSync(logDir, { recursive: true });
+  purgeOldLogs(logDir, `${name}-`);
+  const logPath = resolve(logDir, `${name}-${conversationId}.log`);
+  const stream = createWriteStream(logPath, { flags: "a" });
+  registerStreamLog(stream, { path: logPath, conversationId, name });
+  return stream;
+}
+function preConversationLogStream(name, accountDir) {
+  const logDir = resolve(accountDir, "logs");
+  mkdirSync(logDir, { recursive: true });
+  const date = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+  purgeOldLogs(logDir, `preconversation-${name}-`);
+  const logPath = resolve(logDir, `preconversation-${name}-${date}.log`);
+  const stream = createWriteStream(logPath, { flags: "a" });
+  registerStreamLog(stream, { path: logPath, conversationId: null, name: `preconversation-${name}` });
+  return stream;
+}
+var openStreamLogs = /* @__PURE__ */ new Map();
+function registerStreamLog(stream, entry) {
+  openStreamLogs.set(stream, entry);
+  stream.once("close", () => {
+    openStreamLogs.delete(stream);
+  });
+}
+function sigtermFlushStreamLogs(reason, source) {
+  const ts = (/* @__PURE__ */ new Date()).toISOString();
+  for (const entry of openStreamLogs.values()) {
+    const convPart = entry.conversationId ? ` conversationId=${entry.conversationId}` : "";
+    const line = `[${ts}] [server-sigterm] reason=${reason}${convPart} name=${entry.name} source=${source}
+`;
+    try {
+      appendFileSync(entry.path, line);
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      console.error(`[server-sigterm-flush-err] path=${entry.path} reason=${msg}`);
+    }
+  }
+}
+function purgeOldLogs(logDir, prefix) {
+  const cutoff = Date.now() - LOG_RETENTION_DAYS * 24 * 60 * 60 * 1e3;
+  let entries;
+  try {
+    entries = readdirSync(logDir);
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    console.error(`[log-purge-err] readdir dir=${logDir} prefix=${prefix} reason=${msg}`);
+    return;
+  }
+  for (const file of entries) {
+    if (!file.startsWith(prefix)) continue;
+    const filePath = resolve(logDir, file);
+    try {
+      if (statSync(filePath).mtimeMs < cutoff) unlinkSync(filePath);
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      console.error(`[log-purge-err] file=${file} reason=${msg}`);
+    }
+  }
+}
+function preflushStreamLogKey(sessionKey) {
+  return `preflush-${sessionKey.slice(0, 12)}`;
+}
+function renameStreamLogsOnFlush(accountDir, sessionKey, conversationId) {
+  const STREAM_LOG_NAMES = ["claude-agent-stream", "claude-agent-stderr", "public-agent-stream"];
+  const logDir = resolve(accountDir, "logs");
+  const preflushSuffix = preflushStreamLogKey(sessionKey);
+  const sk8 = sessionKey.slice(0, 8);
+  const cid8 = conversationId.slice(0, 8);
+  for (const name of STREAM_LOG_NAMES) {
+    const fromPath = resolve(logDir, `${name}-${preflushSuffix}.log`);
+    const toPath = resolve(logDir, `${name}-${conversationId}.log`);
+    let result;
+    let reason = "";
+    try {
+      if (!existsSync(fromPath)) {
+        result = "skipped";
+        reason = "no-preflush-file";
+      } else {
+        const targetExisted = existsSync(toPath);
+        renameSync(fromPath, toPath);
+        for (const entry of openStreamLogs.values()) {
+          if (entry.path === fromPath) {
+            entry.path = toPath;
+            entry.conversationId = conversationId;
+          }
+        }
+        result = "renamed";
+        if (targetExisted) reason = "target-existed";
+      }
+    } catch (err) {
+      result = "error";
+      reason = err instanceof Error ? err.message : String(err);
+    }
+    const reasonPart = reason ? ` reason=${JSON.stringify(reason)}` : "";
+    console.log(`[stream-log-rename] ${(/* @__PURE__ */ new Date()).toISOString()} sessionKey=${sk8} conversationId=${cid8} name=${name} result=${result}${reasonPart}`);
+    if (result === "renamed" && existsSync(fromPath)) {
+      console.error(`[stream-log-rename] ${(/* @__PURE__ */ new Date()).toISOString()} outcome=stale-sibling preflush=${JSON.stringify(fromPath)} full=${JSON.stringify(toPath)} reason=${JSON.stringify("rename succeeded but preflush still present")} sessionKey=${sk8} conversationId=${cid8} name=${name}`);
+    }
+  }
+}
+
+// app/lib/claude-agent/session-store.ts
+import { resolve as resolve4 } from "path";
+
+// app/lib/neo4j-store.ts
+import neo4j from "neo4j-driver";
+import { randomUUID } from "crypto";
+import { spawn as spawn2 } from "child_process";
+import { readFileSync as readFileSync2, readdirSync as readdirSync2, existsSync as existsSync2, openSync, readSync, closeSync, statSync as statSync2, rmSync } from "fs";
+import { resolve as resolve2 } from "path";
+
+// ../lib/models/src/index.ts
+var OPUS_MODEL = "claude-opus-4-7";
+var SONNET_MODEL = "claude-sonnet-4-6";
+var HAIKU_MODEL = "claude-haiku-4-5";
+var MODEL_CONTEXT_WINDOW = {
+  [OPUS_MODEL]: 2e5,
+  [SONNET_MODEL]: 2e5,
+  [HAIKU_MODEL]: 2e5
+};
+function contextWindow(model) {
+  return MODEL_CONTEXT_WINDOW[model] ?? 2e5;
+}
+
+// app/lib/neo4j-store.ts
+var PLATFORM_ROOT = process.env.MAXY_PLATFORM_ROOT ?? resolve2(process.cwd(), "..");
+var driver = null;
+function readPassword() {
+  if (process.env.NEO4J_PASSWORD) return process.env.NEO4J_PASSWORD;
+  const passwordFile = resolve2(PLATFORM_ROOT, "config/.neo4j-password");
+  try {
+    return readFileSync2(passwordFile, "utf-8").trim();
+  } catch {
+    throw new Error(
+      `Neo4j password not found. Expected at ${passwordFile} or in NEO4J_PASSWORD env var.`
+    );
+  }
+}
+function getDriver() {
+  if (!driver) {
+    const uri = process.env.NEO4J_URI;
+    if (!uri) {
+      throw new Error(
+        "[ui/neo4j-store] NEO4J_URI unset \u2014 refusing to default to bolt://localhost:7687 (Task 580)"
+      );
+    }
+    const user = process.env.NEO4J_USER ?? "neo4j";
+    const password = readPassword();
+    console.error(`[ui/neo4j-store] resolved neo4j_uri=${uri}`);
+    driver = neo4j.driver(uri, neo4j.auth.basic(user, password), {
+      maxConnectionPoolSize: 5
+    });
+  }
+  return driver;
+}
+function getSession() {
+  return getDriver().session();
+}
+async function runBootMigrations() {
+  const { applyBootMigrations } = await import("./neo4j-migrations-IUSBODOP.js");
+  await applyBootMigrations(getDriver(), PLATFORM_ROOT);
+}
+process.on("SIGINT", async () => {
+  if (driver) {
+    await driver.close();
+    driver = null;
+  }
+});
+var OLLAMA_URL = process.env.OLLAMA_URL ?? "http://localhost:11434";
+var EMBED_MODEL = process.env.EMBED_MODEL ?? "nomic-embed-text";
+async function embed(text) {
+  const res = await fetch(`${OLLAMA_URL}/api/embed`, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ model: EMBED_MODEL, input: text }),
+    signal: AbortSignal.timeout(5e3)
+  });
+  if (!res.ok) {
+    const body = await res.text();
+    throw new Error(`Ollama embedding failed (${res.status}): ${body}`);
+  }
+  const data = await res.json();
+  return data.embeddings[0];
+}
+var sessionStoreRef = null;
+function setSessionStoreRef(ref) {
+  sessionStoreRef = ref;
+}
+function getCachedConversationId(sessionKey) {
+  return sessionStoreRef?.get(sessionKey)?.conversationId;
+}
+function cacheConversationId(sessionKey, conversationId) {
+  const session = sessionStoreRef?.get(sessionKey);
+  if (session) {
+    session.conversationId = conversationId;
+  }
+}
+var GREETING_DIRECTIVE = "[New session. Greet the visitor.]";
+var DIRECTIVE_PREFIX = "[New session.";
+async function ensureConversation(accountId, agentType, sessionKey, visitorId, agentSlug, userId) {
+  const cached = getCachedConversationId(sessionKey);
+  if (cached) return cached;
+  const conversationId = randomUUID();
+  const channel = sessionKey.startsWith("whatsapp:") ? "whatsapp" : sessionKey.startsWith("telegram:") ? "telegram" : "webchat";
+  const conversationSublabel = agentType === "admin" ? "AdminConversation" : "PublicConversation";
+  const wantsHandledByEdge = agentType === "public" && !!agentSlug;
+  const handledByClause = wantsHandledByEdge ? `WITH c
+       OPTIONAL MATCH (a:Agent {accountId: $accountId, slug: $agentSlug})
+       FOREACH (_ IN CASE WHEN a IS NULL THEN [] ELSE [1] END | MERGE (c)-[:HANDLED_BY]->(a))
+       RETURN c.conversationId AS conversationId, a IS NOT NULL AS handledBy` : `RETURN c.conversationId AS conversationId, false AS handledBy`;
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MERGE (c:Conversation {sessionKey: $sessionKey})
+       ON CREATE SET
+         c:${conversationSublabel},
+         c.conversationId = $conversationId,
+         c.accountId = $accountId,
+         c.agentType = $agentType,
+         c.channel = $channel,
+         ${visitorId ? "c.visitorId = $visitorId," : ""}
+         ${agentSlug ? "c.agentSlug = $agentSlug," : ""}
+         ${userId ? "c.userId = $userId," : ""}
+         c.createdAt = datetime(),
+         c.updatedAt = datetime()
+       ON MATCH SET
+         c.updatedAt = datetime()
+       ${handledByClause}`,
+      {
+        sessionKey,
+        conversationId,
+        accountId,
+        agentType,
+        channel,
+        ...visitorId ? { visitorId } : {},
+        ...agentSlug ? { agentSlug } : {},
+        ...userId ? { userId } : {}
+      }
+    );
+    const id = result.records[0]?.get("conversationId");
+    if (id) {
+      cacheConversationId(sessionKey, id);
+      console.error(`[session] ${(/* @__PURE__ */ new Date()).toISOString()} conversation attributed: conversationId=${id.slice(0, 8)}\u2026 userId=${userId ?? "none"} ${agentType}/${accountId.slice(0, 8)}\u2026 sublabel=${conversationSublabel}`);
+      if (wantsHandledByEdge) {
+        const handled = result.records[0]?.get("handledBy");
+        const id8 = id.slice(0, 8);
+        if (handled === true) {
+          console.error(`[agent-graph] handled-by-write conversationId=${id8} slug=${agentSlug}`);
+        } else {
+          console.error(`[agent-graph] handled-by-skip reason=no-agent-node conversationId=${id8} slug=${agentSlug}`);
+        }
+      }
+    }
+    return id ?? null;
+  } catch (err) {
+    console.error(`[persist] ensureConversation failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function findRecentConversation(visitorId, accountId, agentSlug, maxAgeHours = 24) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {visitorId: $visitorId, accountId: $accountId, agentType: 'public'})
+       WHERE c.agentSlug = $agentSlug
+         AND c.updatedAt > datetime() - duration({hours: $maxAgeHours})
+       RETURN c.conversationId AS conversationId, c.sessionKey AS sessionKey
+       ORDER BY c.updatedAt DESC
+       LIMIT 1`,
+      { visitorId, accountId, agentSlug, maxAgeHours: neo4j.int(maxAgeHours) },
+      { timeout: 2e3 }
+    );
+    const record = result.records[0];
+    if (!record) return null;
+    const conversationId = record.get("conversationId");
+    const sessionKey = record.get("sessionKey");
+    if (!conversationId) return null;
+    console.log(`[persist] found recent conversation ${conversationId.slice(0, 8)}\u2026 for visitor ${visitorId.slice(0, 8)}\u2026`);
+    return { conversationId, sessionKey };
+  } catch (err) {
+    console.error(`[persist] findRecentConversation failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function findGroupBySlug(groupSlug, accountId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {groupSlug: $groupSlug, accountId: $accountId, type: 'group'})
+       RETURN c.conversationId AS conversationId, c.groupName AS groupName, c.agentSlug AS agentSlug`,
+      { groupSlug, accountId },
+      { timeout: 2e3 }
+    );
+    const record = result.records[0];
+    if (!record) return null;
+    return {
+      conversationId: record.get("conversationId"),
+      groupName: record.get("groupName"),
+      agentSlug: record.get("agentSlug")
+    };
+  } catch (err) {
+    console.error(`[group] findGroupBySlug failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function getGroupParticipants(conversationId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (p:Person)-[r:PARTICIPATES_IN]->(c:Conversation {conversationId: $conversationId})
+       RETURN p.givenName AS givenName, p.familyName AS familyName,
+              r.displayName AS displayName, r.joinedAt AS joinedAt, r.visitorId AS visitorId`,
+      { conversationId }
+    );
+    return result.records.map((r) => ({
+      displayName: r.get("displayName") || r.get("givenName"),
+      givenName: r.get("givenName"),
+      familyName: r.get("familyName"),
+      joinedAt: String(r.get("joinedAt")),
+      visitorId: r.get("visitorId")
+    }));
+  } catch (err) {
+    console.error(`[group] getGroupParticipants failed: ${err instanceof Error ? err.message : String(err)}`);
+    return [];
+  } finally {
+    await session.close();
+  }
+}
+async function checkGroupMembership(conversationId, visitorId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (p:Person)-[r:PARTICIPATES_IN]->(c:Conversation {conversationId: $conversationId})
+       WHERE r.visitorId = $visitorId
+       RETURN r.displayName AS displayName
+       LIMIT 1`,
+      { conversationId, visitorId }
+    );
+    return result.records[0]?.get("displayName") ?? null;
+  } catch (err) {
+    console.error(`[group] checkGroupMembership failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function bindVisitorToGroup(conversationId, visitorId, personEmail, personPhone) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (p:Person)-[r:PARTICIPATES_IN]->(c:Conversation {conversationId: $conversationId})
+       WHERE ($email IS NOT NULL AND p.email = $email)
+          OR ($phone IS NOT NULL AND p.telephone = $phone)
+       SET r.visitorId = $visitorId
+       RETURN r.displayName AS displayName
+       LIMIT 1`,
+      {
+        conversationId,
+        visitorId,
+        email: personEmail ?? null,
+        phone: personPhone ?? null
+      }
+    );
+    const name = result.records[0]?.get("displayName");
+    if (name) {
+      console.error(`[group] joined id=${conversationId.slice(0, 8)}\u2026 visitor=${visitorId.slice(0, 8)}\u2026`);
+    } else {
+      console.error(`[group] auth-denied id=${conversationId.slice(0, 8)}\u2026 visitor=${visitorId.slice(0, 8)}\u2026`);
+    }
+    return name ? { displayName: name } : null;
+  } catch (err) {
+    console.error(`[group] bindVisitorToGroup failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function getMessagesSince(conversationId, since, limit = 100) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (m:Message)-[:PART_OF]->(c:Conversation {conversationId: $conversationId})
+       WHERE m.createdAt > datetime($since)
+       RETURN m.messageId AS messageId, m.role AS role, m.content AS content,
+              m.senderName AS senderName, m.senderVisitorId AS senderVisitorId,
+              m.createdAt AS createdAt
+       ORDER BY m.createdAt ASC
+       LIMIT $limit`,
+      { conversationId, since, limit: neo4j.int(limit) },
+      { timeout: 3e3 }
+    );
+    return result.records.map((r) => ({
+      messageId: r.get("messageId"),
+      role: r.get("role"),
+      content: r.get("content"),
+      senderName: r.get("senderName"),
+      senderVisitorId: r.get("senderVisitorId"),
+      createdAt: String(r.get("createdAt"))
+    }));
+  } catch (err) {
+    console.error(`[group] getMessagesSince failed: ${err instanceof Error ? err.message : String(err)}`);
+    return [];
+  } finally {
+    await session.close();
+  }
+}
+async function getGroupMessagesForContext(conversationId, limit = 50) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (m:Message)-[:PART_OF]->(c:Conversation {conversationId: $conversationId})
+       WITH m ORDER BY m.createdAt DESC LIMIT $limit
+       RETURN m.role AS role, m.content AS content, m.senderName AS senderName
+       ORDER BY m.createdAt ASC`,
+      { conversationId, limit: neo4j.int(limit) }
+    );
+    return result.records.map((r) => ({
+      role: r.get("role"),
+      content: r.get("content"),
+      senderName: r.get("senderName")
+    }));
+  } catch (err) {
+    console.error(`[group] getGroupMessagesForContext failed: ${err instanceof Error ? err.message : String(err)}`);
+    return [];
+  } finally {
+    await session.close();
+  }
+}
+async function backfillNullUserIdConversations(userId) {
+  if (!userId) {
+    console.warn(`[session] ${(/* @__PURE__ */ new Date()).toISOString()} backfill: skipped \u2014 no userId provided (no Owner in users.json?)`);
+    return 0;
+  }
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {agentType: 'admin'})
+       WHERE c.userId IS NULL
+       SET c.userId = $userId
+       RETURN count(c) AS updated`,
+      { userId }
+    );
+    const updated = result.records[0]?.get("updated")?.toNumber?.() ?? result.records[0]?.get("updated") ?? 0;
+    if (updated > 0) {
+      console.log(`[session] ${(/* @__PURE__ */ new Date()).toISOString()} backfill: set userId on ${updated} admin conversations`);
+    } else {
+      console.log(`[session] ${(/* @__PURE__ */ new Date()).toISOString()} backfill: no orphaned admin conversations found`);
+    }
+    return typeof updated === "number" ? updated : 0;
+  } catch (err) {
+    console.error(`[session] backfillNullUserIdConversations failed: ${err instanceof Error ? err.message : String(err)}`);
+    return 0;
+  } finally {
+    await session.close();
+  }
+}
+async function createNewAdminConversation(userId, accountId, sessionKey, adminName) {
+  if (!userId || !sessionKey || !accountId) {
+    console.error(`[admin/conversation-write] schema-violation userId=${userId ? "set" : "EMPTY"} sessionKey=${sessionKey ? "set" : "EMPTY"} accountId=${accountId ? "set" : "EMPTY"}`);
+    return null;
+  }
+  const conversationId = randomUUID();
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `OPTIONAL MATCH (existing:AdminUser {userId: $userId})
+       WITH existing IS NULL AS adminUserCreated
+       MERGE (au:AdminUser {userId: $userId})
+       ON CREATE SET au.accountId = $accountId,
+                     au.name = COALESCE($adminName, 'Admin'),
+                     au.createdAt = datetime(),
+                     au.scope = 'admin'
+       CREATE (c:Conversation:AdminConversation {
+         conversationId: $conversationId,
+         sessionKey: $sessionKey,
+         accountId: $accountId,
+         agentType: 'admin',
+         userId: $userId,
+         createdBySource: 'admin-conversation',
+         createdAt: datetime(),
+         updatedAt: datetime()
+       })-[:STARTED_BY]->(au)
+       RETURN adminUserCreated`,
+      { conversationId, sessionKey, accountId, userId, adminName: adminName ?? null }
+    );
+    const adminUserCreated = result.records[0]?.get("adminUserCreated") === true;
+    cacheConversationId(sessionKey, conversationId);
+    console.log(`[session] ${(/* @__PURE__ */ new Date()).toISOString()} conversation created: conversationId=${conversationId.slice(0, 8)}\u2026 sessionKey=${sessionKey.slice(0, 8)}\u2026 accountId=${accountId.slice(0, 8)}\u2026 userId=${userId} agentType=admin createdBySource=admin-conversation createdAt=set updatedAt=set sublabel=AdminConversation adminUserCreated=${adminUserCreated}`);
+    return conversationId;
+  } catch (err) {
+    console.error(`[session] createNewAdminConversation failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+var HEX_COLOR_RE = /^#[0-9a-fA-F]{3,8}$/;
+async function fetchBranding(accountId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (b:LocalBusiness {accountId: $accountId})
+       OPTIONAL MATCH (b)-[:HAS_BRAND_ASSET]->(logo:ImageObject {purpose: "logo"})
+       OPTIONAL MATCH (b)-[:HAS_BRAND_ASSET]->(icon:ImageObject {purpose: "icon"})
+       RETURN b.name AS name,
+              b.primaryColor AS primaryColor,
+              b.accentColor AS accentColor,
+              b.backgroundColor AS backgroundColor,
+              b.tagline AS tagline,
+              logo.contentUrl AS logoUrl,
+              icon.contentUrl AS faviconUrl`,
+      { accountId },
+      { timeout: 2e3 }
+    );
+    const record = result.records[0];
+    if (!record) return null;
+    const name = record.get("name");
+    if (!name) return null;
+    const primaryColor = record.get("primaryColor");
+    const accentColor = record.get("accentColor");
+    const backgroundColor = record.get("backgroundColor");
+    const tagline = record.get("tagline");
+    const logoUrl = record.get("logoUrl");
+    const faviconUrl = record.get("faviconUrl");
+    const hasBranding = primaryColor || accentColor || backgroundColor || tagline || logoUrl || faviconUrl;
+    if (!hasBranding) return null;
+    const branding = { name };
+    if (primaryColor && HEX_COLOR_RE.test(primaryColor)) branding.primaryColor = primaryColor;
+    if (accentColor && HEX_COLOR_RE.test(accentColor)) branding.accentColor = accentColor;
+    if (backgroundColor && HEX_COLOR_RE.test(backgroundColor)) branding.backgroundColor = backgroundColor;
+    if (tagline) branding.tagline = tagline;
+    if (logoUrl) branding.logoUrl = logoUrl;
+    if (faviconUrl) branding.faviconUrl = faviconUrl;
+    console.error(`[branding] resolved for accountId=${accountId.slice(0, 8)}\u2026: primary=${branding.primaryColor ?? "\u2013"} logo=${branding.logoUrl ? "yes" : "no"}`);
+    return branding;
+  } catch (err) {
+    console.error(`[branding] fetchBranding failed for accountId=${accountId.slice(0, 8)}\u2026: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function persistToolCall(record) {
+  const session = getSession();
+  try {
+    const optionalFields = [
+      record.pluginName != null ? ", pluginName: $pluginName" : "",
+      record.error != null ? ", error: $error" : "",
+      record.subagentType != null ? ", subagentType: $subagentType" : "",
+      record.subagentDescription != null ? ", subagentDescription: $subagentDescription" : "",
+      record.approvalState != null ? ", approvalState: $approvalState" : "",
+      record.originalInput != null ? ", originalInput: $originalInput" : ""
+    ].join("");
+    const res = await session.run(
+      `MATCH (c:Conversation {conversationId: $conversationId})
+       CREATE (c)-[:HAS_TOOL_CALL]->(tc:ToolCall {
+         callId: $callId,
+         toolName: $toolName,
+         input: $input,
+         output: $output,
+         isError: $isError,
+         agentType: $agentType,
+         accountId: $accountId,
+         conversationId: $conversationId,
+         createdBySource: 'persist-tool-call',
+         createdBySession: $conversationId,
+         startedAt: datetime($startedAt),
+         completedAt: datetime($completedAt)
+         ${optionalFields}
+       })`,
+      {
+        callId: record.callId,
+        toolName: record.toolName,
+        input: record.input,
+        output: record.output,
+        isError: record.isError,
+        agentType: record.agentType,
+        accountId: record.accountId,
+        conversationId: record.conversationId,
+        startedAt: record.startedAt,
+        completedAt: record.completedAt,
+        ...record.pluginName != null ? { pluginName: record.pluginName } : {},
+        ...record.error != null ? { error: record.error } : {},
+        ...record.subagentType != null ? { subagentType: record.subagentType } : {},
+        ...record.subagentDescription != null ? { subagentDescription: record.subagentDescription } : {},
+        ...record.approvalState != null ? { approvalState: record.approvalState } : {},
+        ...record.originalInput != null ? { originalInput: record.originalInput } : {}
+      }
+    );
+    if (res.summary.counters.updates().nodesCreated === 0) {
+      console.error(
+        `[persist] tool-call skipped: conversation ${record.conversationId.slice(0, 8)}\u2026 not found for tool=${record.toolName}`
+      );
+      return;
+    }
+    console.error(`[persist] tool-call persisted: name=${record.toolName} conversation=${record.conversationId.slice(0, 8)}\u2026${record.approvalState ? ` approval=${record.approvalState}` : ""}`);
+  } catch (err) {
+    console.error(`[persist] tool-call write failed: name=${record.toolName} error=${err instanceof Error ? err.message : String(err)}`);
+  } finally {
+    await session.close();
+  }
+}
+var SUMMARY_MAX_LEN = 200;
+var persistMessageLocks = /* @__PURE__ */ new Map();
+async function persistMessage(conversationId, role, content, accountId, tokens, createdAt, sender, components, attachments) {
+  if (!content) return null;
+  const messageId = randomUUID();
+  const summary = role === "user" ? content.slice(0, SUMMARY_MAX_LEN).trim() : "";
+  let embedding = null;
+  try {
+    embedding = await embed(content);
+  } catch (err) {
+    console.error(`[persist] Embedding failed, storing without: ${err instanceof Error ? err.message : String(err)}`);
+  }
+  const prev = persistMessageLocks.get(conversationId);
+  const waited = prev !== void 0;
+  let release;
+  const mine = new Promise((resolve5) => {
+    release = resolve5;
+  });
+  const chained = (prev ?? Promise.resolve()).then(() => mine);
+  persistMessageLocks.set(conversationId, chained);
+  await prev;
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {conversationId: $conversationId})
+       OPTIONAL MATCH (tail:Message)-[:PART_OF]->(c)
+         WHERE NOT (tail)-[:NEXT]->(:Message)
+           AND (tail:UserMessage OR tail:AssistantMessage)
+       // Task 857 \u2014 sublabel-scope the tail to the agent-path's own sublabels.
+       // Without this, a Task-857 :WhatsAppMessage row (no outgoing :NEXT)
+       // would be picked as tail and the agent-path would chain
+       // :WhatsAppMessage\u2192:UserMessage, crossing the live-channel chain.
+       // The live writer's tail predicate is sublabel-scoped to
+       // :WhatsAppMessage; this clause is the matching defence on the
+       // agent side. Backward-compatible \u2014 pre-Task-857 graphs only carry
+       // UserMessage/AssistantMessage sublabels under :Message.
+       // Capture whether THIS write's guard will fire. Read c.summary
+       // before the SET so the boolean reflects the pre-state, not the
+       // post-state \u2014 a false positive otherwise when a new user message
+       // happens to equal an already-set summary (verbatim retry, short
+       // catchphrase) and fooled a post-state equality check.
+       WITH c, tail, (c.summary IS NULL AND $role = 'user' AND $summary <> '') AS summarySetThisWrite
+       CREATE (m:Message:${role === "user" ? "UserMessage" : "AssistantMessage"} {
+         messageId: $messageId,
+         conversationId: $conversationId,
+         accountId: $accountId,
+         role: $role,
+         content: $content,
+         createdAt: ${createdAt ? "datetime($createdAt)" : "datetime()"}
+         ${embedding ? ", embedding: $embedding" : ""}
+         ${sender ? ", senderVisitorId: $senderVisitorId, senderName: $senderName" : ""}
+         ${tokens?.inputTokens != null ? ", inputTokens: $inputTokens" : ""}
+         ${tokens?.outputTokens != null ? ", outputTokens: $outputTokens" : ""}
+         ${tokens?.cacheReadTokens != null ? ", cacheReadTokens: $cacheReadTokens" : ""}
+         ${tokens?.cacheCreationTokens != null ? ", cacheCreationTokens: $cacheCreationTokens" : ""}
+       })
+       SET c.updatedAt = datetime()
+       CREATE (m)-[:PART_OF]->(c)
+       FOREACH (prev IN CASE WHEN tail IS NULL THEN [] ELSE [tail] END |
+         CREATE (prev)-[:NEXT]->(m)
+       )
+       FOREACH (_ IN CASE WHEN summarySetThisWrite THEN [1] ELSE [] END |
+         SET c.summary = $summary
+       )
+       FOREACH (comp IN $components |
+         CREATE (m)-[:HAS_COMPONENT]->(:Component {
+           componentId: comp.componentId,
+           conversationId: $conversationId,
+           accountId: $accountId,
+           messageId: $messageId,
+           name: comp.name,
+           data: comp.data,
+           ordinal: comp.ordinal,
+           textOffset: comp.textOffset,
+           submitted: false,
+           createdAt: datetime()
+         })
+       )
+       FOREACH (att IN $attachments |
+         CREATE (m)-[:HAS_ATTACHMENT]->(:Attachment {
+           attachmentId: att.attachmentId,
+           conversationId: $conversationId,
+           accountId: $accountId,
+           messageId: $messageId,
+           filename: att.filename,
+           mimeType: att.mimeType,
+           sizeBytes: att.sizeBytes,
+           storagePath: att.storagePath,
+           ordinal: att.ordinal,
+           createdAt: datetime()
+         })
+       )
+       RETURN tail.messageId AS prevMessageId,
+              summarySetThisWrite,
+              size([(m2:Message)-[:PART_OF]->(c) | m2]) AS chainLen`,
+      {
+        messageId,
+        conversationId,
+        accountId,
+        role,
+        content,
+        summary,
+        ...createdAt ? { createdAt } : {},
+        ...embedding ? { embedding } : {},
+        ...sender ? { senderVisitorId: sender.visitorId, senderName: sender.displayName } : {},
+        ...tokens?.inputTokens != null ? { inputTokens: neo4j.int(tokens.inputTokens) } : {},
+        ...tokens?.outputTokens != null ? { outputTokens: neo4j.int(tokens.outputTokens) } : {},
+        ...tokens?.cacheReadTokens != null ? { cacheReadTokens: neo4j.int(tokens.cacheReadTokens) } : {},
+        ...tokens?.cacheCreationTokens != null ? { cacheCreationTokens: neo4j.int(tokens.cacheCreationTokens) } : {},
+        components: (components ?? []).map((comp) => ({
+          componentId: comp.componentId,
+          name: comp.name,
+          data: comp.data,
+          ordinal: neo4j.int(comp.ordinal),
+          textOffset: neo4j.int(comp.textOffset)
+        })),
+        attachments: (attachments ?? []).map((att) => ({
+          attachmentId: att.attachmentId,
+          filename: att.filename,
+          mimeType: att.mimeType,
+          sizeBytes: neo4j.int(att.sizeBytes),
+          storagePath: att.storagePath,
+          ordinal: neo4j.int(att.ordinal)
+        }))
+      }
+    );
+    if (result.records.length === 0) {
+      console.error(`[persist] Neo4j write skipped \u2014 conversation not found: ${conversationId.slice(0, 8)}\u2026`);
+      return null;
+    }
+    const record = result.records[0];
+    const prevMessageId = record.get("prevMessageId") ?? null;
+    const summarySetThisWrite = record.get("summarySetThisWrite") === true;
+    const chainLenRaw = record.get("chainLen");
+    const chainLen = typeof chainLenRaw === "bigint" ? Number(chainLenRaw) : typeof chainLenRaw?.toNumber === "function" ? chainLenRaw.toNumber() : Number(chainLenRaw ?? 0);
+    const messageSublabel = role === "user" ? "UserMessage" : "AssistantMessage";
+    console.error(`[neo4j-store] append-message conversationId=${conversationId.slice(0, 8)}\u2026 messageId=${messageId.slice(0, 8)}\u2026 prev=${prevMessageId ? prevMessageId.slice(0, 8) + "\u2026" : "null"} chainLen=${chainLen} waited=${waited} sublabel=${messageSublabel}`);
+    if (summarySetThisWrite) {
+      console.error(`[neo4j-store] conversation-summary-set conversationId=${conversationId.slice(0, 8)}\u2026 len=${summary.length}`);
+    }
+    const componentList = components ?? [];
+    if (componentList.length > 0) {
+      const relsCreated = result.summary.counters.updates().relationshipsCreated;
+      const expectedComponentEdges = componentList.length;
+      const baseEdges = relsCreated - expectedComponentEdges;
+      if (baseEdges < 1) {
+        console.error(`[neo4j-store] persist-component WARN conversationId=${conversationId.slice(0, 8)}\u2026 messageId=${messageId.slice(0, 8)}\u2026 relsCreated=${relsCreated} expected\u2265${1 + expectedComponentEdges} \u2014 component edges may not have been created`);
+      }
+      for (const comp of componentList) {
+        console.error(`[neo4j-store] persist-component conversationId=${conversationId.slice(0, 8)}\u2026 messageId=${messageId.slice(0, 8)}\u2026 componentId=${comp.componentId.slice(0, 8)}\u2026 name=${comp.name} dataLen=${comp.data.length} ordinal=${comp.ordinal} textOffset=${comp.textOffset}`);
+      }
+    }
+    const attachmentList = attachments ?? [];
+    if (attachmentList.length > 0) {
+      const relsCreated = result.summary.counters.updates().relationshipsCreated;
+      const expectedAttachmentEdges = attachmentList.length;
+      const expectedComponentEdges = (components ?? []).length;
+      const baseEdges = relsCreated - expectedComponentEdges - expectedAttachmentEdges;
+      if (baseEdges < 1) {
+        console.error(`[neo4j-store] persist-attachment WARN conversationId=${conversationId.slice(0, 8)}\u2026 messageId=${messageId.slice(0, 8)}\u2026 relsCreated=${relsCreated} expected\u2265${1 + expectedComponentEdges + expectedAttachmentEdges} \u2014 attachment edges may not have been created`);
+      }
+      for (const att of attachmentList) {
+        console.error(`[neo4j-store] persist-attachment conversationId=${conversationId.slice(0, 8)}\u2026 messageId=${messageId.slice(0, 8)}\u2026 attachmentId=${att.attachmentId.slice(0, 8)}\u2026 filename=${att.filename} mimeType=${att.mimeType} sizeBytes=${att.sizeBytes} ordinal=${att.ordinal}`);
+      }
+    }
+    console.error(`[persist] ${(/* @__PURE__ */ new Date()).toISOString()} conversationId=${conversationId.slice(0, 8)}\u2026 role=${role} len=${content.length}${sender ? ` sender=${sender.displayName}` : ""}`);
+    return messageId;
+  } catch (err) {
+    console.error(`[persist] Neo4j write failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    release();
+    if (persistMessageLocks.get(conversationId) === chained) {
+      persistMessageLocks.delete(conversationId);
+    }
+    await session.close();
+  }
+}
+async function setConversationAgentSessionId(conversationId, agentSessionId) {
+  const prev = persistMessageLocks.get(conversationId);
+  let release;
+  const mine = new Promise((resolve5) => {
+    release = resolve5;
+  });
+  const chained = (prev ?? Promise.resolve()).then(() => mine);
+  persistMessageLocks.set(conversationId, chained);
+  await prev;
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {conversationId: $conversationId})
+       SET c.agentSessionId = $agentSessionId
+       RETURN c.conversationId AS conversationId`,
+      { conversationId, agentSessionId }
+    );
+    if (result.records.length === 0) {
+      console.error(`[persist] agent-session-id convId=${conversationId.slice(0, 8)}\u2026 status=skipped reason=conversation-not-found`);
+      return false;
+    }
+    console.log(`[persist] agent-session-id convId=${conversationId.slice(0, 8)}\u2026 status=ok agentSessionId=${agentSessionId ? agentSessionId.slice(0, 8) + "\u2026" : "null"}`);
+    return true;
+  } catch (err) {
+    console.error(`[persist] agent-session-id convId=${conversationId.slice(0, 8)}\u2026 status=failed error=${err instanceof Error ? err.message : String(err)}`);
+    return false;
+  } finally {
+    release();
+    if (persistMessageLocks.get(conversationId) === chained) {
+      persistMessageLocks.delete(conversationId);
+    }
+    await session.close();
+  }
+}
+async function getAgentSessionIdForConversation(conversationId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {conversationId: $conversationId})
+       RETURN c.agentSessionId AS agentSessionId`,
+      { conversationId }
+    );
+    const value = result.records[0]?.get("agentSessionId");
+    return typeof value === "string" && value.length > 0 ? value : null;
+  } catch (err) {
+    console.error(`[persist] agent-session-id read failed convId=${conversationId.slice(0, 8)}\u2026 error=${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function getRecentMessages(conversationId, limit = 50) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (tail:Message {conversationId: $conversationId})
+         WHERE NOT (tail)-[:NEXT]->(:Message)
+       WITH tail ORDER BY tail.createdAt DESC LIMIT 1
+       MATCH path = (m:Message)-[:NEXT*0..]->(tail)
+         WHERE m.conversationId = $conversationId
+           AND length(path) < $limit
+       WITH m, length(path) AS depthFromTail
+       OPTIONAL MATCH (m)-[:HAS_COMPONENT]->(c:Component)
+       WITH m, depthFromTail, c ORDER BY c.ordinal ASC
+       WITH m, depthFromTail,
+            [comp IN collect(c) WHERE comp IS NOT NULL | comp {.*}] AS components
+       OPTIONAL MATCH (m)-[:HAS_ATTACHMENT]->(a:Attachment)
+       WITH m, depthFromTail, components, a ORDER BY a.ordinal ASC
+       WITH m, depthFromTail, components,
+            [att IN collect(a) WHERE att IS NOT NULL | att {.*}] AS attachments
+       RETURN m.messageId AS messageId, m.role AS role, m.content AS content,
+              m.createdAt AS createdAt, components, attachments
+       ORDER BY depthFromTail DESC`,
+      { conversationId, limit: neo4j.int(limit) }
+    );
+    return result.records.map((r) => {
+      const rawComponents = r.get("components") ?? [];
+      const components = rawComponents.map((c) => ({
+        componentId: String(c.componentId ?? ""),
+        name: String(c.name ?? ""),
+        data: String(c.data ?? ""),
+        ordinal: typeof c.ordinal?.toNumber === "function" ? c.ordinal.toNumber() : Number(c.ordinal ?? 0),
+        textOffset: typeof c.textOffset?.toNumber === "function" ? c.textOffset.toNumber() : Number(c.textOffset ?? 0),
+        submitted: c.submitted === true
+      }));
+      const rawAttachments = r.get("attachments") ?? [];
+      const attachments = rawAttachments.map((a) => ({
+        attachmentId: String(a.attachmentId ?? ""),
+        filename: String(a.filename ?? ""),
+        mimeType: String(a.mimeType ?? ""),
+        sizeBytes: typeof a.sizeBytes?.toNumber === "function" ? a.sizeBytes.toNumber() : Number(a.sizeBytes ?? 0),
+        storagePath: String(a.storagePath ?? ""),
+        ordinal: typeof a.ordinal?.toNumber === "function" ? a.ordinal.toNumber() : Number(a.ordinal ?? 0),
+        accountId: String(a.accountId ?? "")
+      }));
+      return {
+        messageId: r.get("messageId"),
+        role: r.get("role"),
+        content: r.get("content"),
+        createdAt: String(r.get("createdAt")),
+        components,
+        attachments
+      };
+    });
+  } catch (err) {
+    console.error(`[persist] getRecentMessages failed: ${err instanceof Error ? err.message : String(err)}`);
+    return [];
+  } finally {
+    await session.close();
+  }
+}
+async function markComponentSubmitted(conversationId, componentName, accountId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (conv:Conversation {conversationId: $conversationId, accountId: $accountId})
+       MATCH (m:Message)-[:PART_OF]->(conv)
+       MATCH (m)-[:HAS_COMPONENT]->(c:Component {name: $componentName, accountId: $accountId})
+       WHERE c.submitted = false OR c.submitted IS NULL
+       WITH c, m ORDER BY m.createdAt DESC, c.ordinal DESC
+       LIMIT 1
+       SET c.submitted = true, c.submittedAt = datetime()
+       RETURN c.componentId AS componentId`,
+      { conversationId, componentName, accountId }
+    );
+    const componentId = result.records[0]?.get("componentId");
+    if (componentId) {
+      console.error(`[neo4j-store] component-submitted conversationId=${conversationId.slice(0, 8)}\u2026 name=${componentName} componentId=${componentId.slice(0, 8)}\u2026`);
+      return componentId;
+    }
+    console.error(`[neo4j-store] component-submit-skipped conversationId=${conversationId.slice(0, 8)}\u2026 name=${componentName} reason=no-unsubmitted-match`);
+    return null;
+  } catch (err) {
+    console.error(`[neo4j-store] component-submit-failed conversationId=${conversationId.slice(0, 8)}\u2026 name=${componentName} error=${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function verifyConversationOwnership(conversationId, accountId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {conversationId: $conversationId, accountId: $accountId})
+       RETURN c.conversationId AS id LIMIT 1`,
+      { conversationId, accountId }
+    );
+    return result.records.length > 0;
+  } catch (err) {
+    console.error(`[persist] verifyConversationOwnership failed: ${err instanceof Error ? err.message : String(err)}`);
+    return false;
+  } finally {
+    await session.close();
+  }
+}
+async function verifyAndGetConversationUpdatedAt(conversationId, accountId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {conversationId: $conversationId, accountId: $accountId})
+       RETURN toString(c.updatedAt) AS updatedAt LIMIT 1`,
+      { conversationId, accountId }
+    );
+    const record = result.records[0];
+    return record ? record.get("updatedAt") : null;
+  } catch (err) {
+    console.error(`[persist] verifyAndGetConversationUpdatedAt failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function searchMessages(accountId, queryEmbedding, limit = 10) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `CALL db.index.vector.queryNodes('message_embedding', $limit, $embedding)
+       YIELD node, score
+       WHERE node.accountId = $accountId
+       RETURN node.messageId AS messageId,
+              node.role AS role,
+              node.content AS content,
+              node.conversationId AS conversationId,
+              node.createdAt AS createdAt,
+              score
+       ORDER BY score DESC
+       LIMIT $limit`,
+      { embedding: queryEmbedding, limit: neo4j.int(limit), accountId }
+    );
+    return result.records.map((r) => ({
+      messageId: r.get("messageId"),
+      role: r.get("role"),
+      content: r.get("content"),
+      conversationId: r.get("conversationId"),
+      createdAt: String(r.get("createdAt")),
+      score: typeof r.get("score") === "number" ? r.get("score") : Number(r.get("score"))
+    }));
+  } catch (err) {
+    console.error(`[persist] searchMessages failed: ${err instanceof Error ? err.message : String(err)}`);
+    return [];
+  } finally {
+    await session.close();
+  }
+}
+var LIST_BACKFILL_CAP = 3;
+async function listAdminSessions(accountId, userId, limit = 20) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {accountId: $accountId, agentType: 'admin', userId: $userId})
+       WITH c
+       ORDER BY c.updatedAt DESC
+       LIMIT $limit
+       CALL {
+         WITH c
+         OPTIONAL MATCH (m:Message)-[:PART_OF]->(c)
+         WHERE m.role = 'user'
+           AND c.name IS NULL
+           AND NOT (m.content STARTS WITH '[New session.')
+           AND NOT (m.content STARTS WITH '{"')
+           AND size(m.content) >= 4
+         RETURN m.content AS content, m.createdAt AS createdAt
+         ORDER BY m.createdAt ASC
+         LIMIT 1
+       }
+       RETURN c.conversationId AS conversationId,
+              c.name AS name,
+              c.updatedAt AS updatedAt,
+              content AS firstSubstantiveUserMessage`,
+      { accountId, userId, limit: neo4j.int(limit) }
+    );
+    const rows = result.records.map((r) => ({
+      conversationId: r.get("conversationId"),
+      name: r.get("name"),
+      updatedAt: String(r.get("updatedAt")),
+      firstSubstantiveUserMessage: r.get("firstSubstantiveUserMessage")
+    }));
+    let backfillsKicked = 0;
+    for (const row of rows) {
+      if (backfillsKicked >= LIST_BACKFILL_CAP) break;
+      if (row.name !== null) continue;
+      const seed = row.firstSubstantiveUserMessage;
+      if (!seed || !isMessageUseful(seed)) continue;
+      backfillsKicked++;
+      autoLabelSession(row.conversationId, seed).catch(() => {
+      });
+    }
+    return rows.map(({ conversationId, name, updatedAt }) => ({ conversationId, name, updatedAt }));
+  } catch (err) {
+    console.error(`[persist] listAdminSessions failed: ${err instanceof Error ? err.message : String(err)}`);
+    return [];
+  } finally {
+    await session.close();
+  }
+}
+async function deleteConversation(conversationId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (c:Conversation {conversationId: $conversationId})
+       OPTIONAL MATCH (m:Message)-[:PART_OF]->(c)
+       OPTIONAL MATCH (m)-[:HAS_COMPONENT]->(comp:Component)
+       OPTIONAL MATCH (m)-[:HAS_ATTACHMENT]->(att:Attachment)
+       DETACH DELETE att, comp, m, c
+       RETURN count(c) AS deleted`,
+      { conversationId }
+    );
+    const deleted = result.records[0]?.get("deleted");
+    const count = typeof deleted === "object" && deleted !== null ? Number(deleted) : Number(deleted ?? 0);
+    console.error(`[persist] deleteConversation ${conversationId.slice(0, 8)}\u2026: ${count > 0 ? "deleted" : "not found"}`);
+    return count > 0;
+  } catch (err) {
+    console.error(`[persist] deleteConversation failed: ${err instanceof Error ? err.message : String(err)}`);
+    return false;
+  } finally {
+    await session.close();
+  }
+}
+var GENERIC_MESSAGE = /^(h(i|ello|ey|owdy)|yo|sup|thanks|thank you|ok|okay|yes|no|good\s*(morning|afternoon|evening|night)|greetings|what'?s\s*up)[\s!?.,:;]*$/i;
+var SESSION_LABEL_MSG_CAP = 500;
+var SESSION_LABEL_TIMEOUT_MS = 15e3;
+var SESSION_LABEL_MODEL = HAIKU_MODEL;
+var SESSION_LABEL_MAX_WORDS = 6;
+var SESSION_LABEL_MAX_ATTEMPTS = 3;
+var SESSION_LABEL_MAX_STDERR = 2048;
+function isMessageUseful(message) {
+  const trimmed = message.trim();
+  if (trimmed.length < 4) return false;
+  if (trimmed.startsWith('{"')) return false;
+  if (GENERIC_MESSAGE.test(trimmed)) return false;
+  if (trimmed.startsWith(DIRECTIVE_PREFIX)) return false;
+  return true;
+}
+function totalFailures(f) {
+  return f.skip + f.error;
+}
+function failureBreakdown(f) {
+  return `skip:${f.skip} error:${f.error}`;
+}
+var labelAccumulator = /* @__PURE__ */ new Map();
+var _spawnOverride = null;
+var SESSION_LABEL_SYSTEM = `You are a session labeler. Given the opening messages of a conversation with an AI assistant, produce a concise topic label.
+
+Rules:
+- Exactly 3 to 6 words
+- Summarize the user's intent, do not copy verbatim
+- Capitalize the first word only (sentence case)
+- No punctuation, no quotes
+- If the messages are too vague or meaningless to summarize, respond with exactly: SKIP`;
+async function generateSessionLabel(messages) {
+  const cappedMessages = messages.map((m) => m.slice(0, SESSION_LABEL_MSG_CAP));
+  const userContent = cappedMessages.map((m, i) => `Message ${i + 1}: ${m}`).join("\n");
+  const prompt = `${SESSION_LABEL_SYSTEM}
+
+${userContent}`;
+  const args = [
+    "--print",
+    "--model",
+    SESSION_LABEL_MODEL,
+    "--max-turns",
+    "1",
+    "--permission-mode",
+    "dontAsk",
+    prompt
+  ];
+  return new Promise((resolve5) => {
+    let stdout = "";
+    let stderr = "";
+    const spawnFn = _spawnOverride ?? spawn2;
+    const proc = spawnFn("claude", args, {
+      stdio: ["ignore", "pipe", "pipe"]
+    });
+    proc.stdout?.on("data", (chunk) => {
+      stdout += chunk.toString("utf-8");
+    });
+    proc.stderr?.on("data", (chunk) => {
+      if (stderr.length < SESSION_LABEL_MAX_STDERR) {
+        stderr += chunk.toString("utf-8").slice(0, SESSION_LABEL_MAX_STDERR - stderr.length);
+      }
+    });
+    const timer = setTimeout(() => {
+      proc.kill("SIGTERM");
+      console.error("[persist] autoLabel: haiku subprocess timed out");
+      resolve5(null);
+    }, SESSION_LABEL_TIMEOUT_MS);
+    proc.on("error", (err) => {
+      clearTimeout(timer);
+      console.error(`[persist] autoLabel: subprocess error \u2014 ${err.message}`);
+      resolve5(null);
+    });
+    proc.on("close", (code) => {
+      clearTimeout(timer);
+      if (code !== 0) {
+        console.error(`[persist] autoLabel: subprocess exited code=${code}${stderr ? ` stderr=${stderr.trim().slice(0, 200)}` : ""}`);
+        resolve5(null);
+        return;
+      }
+      const text = stdout.trim();
+      if (!text) {
+        console.error("[persist] autoLabel: haiku returned empty response");
+        resolve5(null);
+        return;
+      }
+      if (text === "SKIP") {
+        console.error("[persist] autoLabel: haiku returned SKIP \u2014 messages too vague");
+        resolve5(null);
+        return;
+      }
+      const words = text.split(/\s+/).slice(0, SESSION_LABEL_MAX_WORDS);
+      const label = words.join(" ");
+      console.error(`[persist] autoLabel: haiku response="${label}"`);
+      resolve5(label);
+    });
+  });
+}
+async function autoLabelSession(conversationId, userMessage) {
+  if (!conversationId) return;
+  if (!isMessageUseful(userMessage)) {
+    const trimmed = userMessage.trim();
+    const reason = trimmed.startsWith('{"') ? "JSON envelope" : trimmed.startsWith(DIRECTIVE_PREFIX) ? "directive" : GENERIC_MESSAGE.test(trimmed) ? "greeting" : trimmed.length < 4 ? "too short" : "directive";
+    console.error(`[persist] autoLabel: skipped ${conversationId.slice(0, 8)}\u2026 \u2014 ${reason}`);
+    return;
+  }
+  try {
+    const preCheck = getSession();
+    try {
+      const res = await preCheck.run(
+        `MATCH (c:Conversation {conversationId: $conversationId})
+         OPTIONAL MATCH (m:Message)-[:PART_OF]->(c)
+         WHERE m.role = 'user'
+         WITH c, count(m) AS userCount
+         RETURN c.name AS name, userCount`,
+        { conversationId }
+      );
+      const firstRecord = res.records[0];
+      const existingName = firstRecord?.get("name");
+      const userCountRaw = firstRecord?.get("userCount");
+      const userCount = typeof userCountRaw === "object" && userCountRaw !== null ? Number(userCountRaw) : Number(userCountRaw ?? 0);
+      if (existingName) {
+        console.error(`[persist] autoLabel: already named ${conversationId.slice(0, 8)}\u2026 \u2014 skipping`);
+        labelAccumulator.delete(conversationId);
+        return;
+      }
+      if (userCount > 3) {
+        console.error(`[persist] autoLabel: past autolabel window ${conversationId.slice(0, 8)}\u2026 \u2014 userCount=${userCount}, skipping`);
+        labelAccumulator.delete(conversationId);
+        return;
+      }
+    } finally {
+      await preCheck.close();
+    }
+  } catch (err) {
+    console.error(`[persist] autoLabel: pre-check read failed for ${conversationId.slice(0, 8)}\u2026 \u2014 proceeding: ${err instanceof Error ? err.message : String(err)}`);
+  }
+  let entry = labelAccumulator.get(conversationId);
+  if (!entry) {
+    entry = {
+      messages: [],
+      pending: false,
+      failures: { skip: 0, error: 0 }
+    };
+    labelAccumulator.set(conversationId, entry);
+  }
+  if (totalFailures(entry.failures) >= SESSION_LABEL_MAX_ATTEMPTS) {
+    console.error(`[persist] autoLabel: evicted ${conversationId.slice(0, 8)}\u2026 after ${SESSION_LABEL_MAX_ATTEMPTS} failed-attempts (${failureBreakdown(entry.failures)})`);
+    labelAccumulator.delete(conversationId);
+    return;
+  }
+  entry.messages.push(userMessage.trim());
+  if (entry.pending) {
+    console.error(`[persist] autoLabel: accumulated for ${conversationId.slice(0, 8)}\u2026 (pending, ${entry.messages.length} msgs)`);
+    return;
+  }
+  entry.pending = true;
+  try {
+    const label = await generateSessionLabel(entry.messages);
+    if (!label) {
+      entry.failures.skip++;
+      console.error(`[persist] autoLabel: generateSessionLabel returned null for ${conversationId.slice(0, 8)}\u2026 (failures ${failureBreakdown(entry.failures)}, ${entry.messages.length} msgs)`);
+      entry.pending = false;
+      return;
+    }
+    const fullLabel = `${label} \xB7 ${conversationId.slice(0, 8)}`;
+    let embedding = null;
+    try {
+      embedding = await embed(fullLabel);
+    } catch (err) {
+      console.error(`[persist] Conversation embedding failed, labelling without: ${err instanceof Error ? err.message : String(err)}`);
+    }
+    const session = getSession();
+    try {
+      const result = await session.run(
+        `MATCH (c:Conversation {conversationId: $conversationId})
+         WHERE c.name IS NULL
+         WITH c
+         OPTIONAL MATCH (m:Message)-[:PART_OF]->(c)
+         WHERE m.role = 'user'
+         WITH c, count(m) AS userCount
+         WHERE userCount <= 3
+         SET c.name = $label, c.updatedAt = datetime()
+         ${embedding ? ", c.embedding = $embedding" : ""}
+         RETURN c.name AS name`,
+        { conversationId, label: fullLabel, ...embedding ? { embedding } : {} }
+      );
+      if (result.records.length > 0) {
+        console.error(`[persist] autoLabel: commit ${conversationId.slice(0, 8)}\u2026 name="${fullLabel}"${embedding ? " (embedded)" : ""}`);
+        labelAccumulator.delete(conversationId);
+      } else {
+        console.error(`[persist] autoLabel: no-op commit ${conversationId.slice(0, 8)}\u2026 (name already set or userCount>3)`);
+        labelAccumulator.delete(conversationId);
+      }
+    } catch (err) {
+      entry.failures.error++;
+      console.error(`[persist] autoLabelSession failed: ${err instanceof Error ? err.message : String(err)} (failures ${failureBreakdown(entry.failures)})`);
+    } finally {
+      await session.close();
+    }
+  } catch (err) {
+    const currentEntry = labelAccumulator.get(conversationId);
+    if (currentEntry) currentEntry.failures.error++;
+    console.error(`[persist] autoLabel: unexpected error \u2014 ${err instanceof Error ? err.message : String(err)}${currentEntry ? ` (failures ${failureBreakdown(currentEntry.failures)})` : ""}`);
+  } finally {
+    const currentEntry = labelAccumulator.get(conversationId);
+    if (currentEntry) currentEntry.pending = false;
+  }
+}
+async function renameConversation(conversationId, label) {
+  let embedding = null;
+  try {
+    embedding = await embed(label);
+  } catch (err) {
+    console.error(`[persist] manual-label: embedding failed, persisting without: ${err instanceof Error ? err.message : String(err)}`);
+  }
+  const session = getSession();
+  try {
+    await session.run(
+      `MATCH (c:Conversation {conversationId: $conversationId})
+       SET c.name = $label, c.updatedAt = datetime()
+       ${embedding ? ", c.embedding = $embedding" : ""}`,
+      { conversationId, label, ...embedding ? { embedding } : {} }
+    );
+    console.error(`[persist] manual-label: renamed ${conversationId} to "${label}"${embedding ? " (embedded)" : ""}`);
+  } finally {
+    await session.close();
+  }
+}
+var INITIAL_CONFIDENCE = 0.5;
+var REINFORCEMENT_INCREMENT = 0.15;
+var DECAY_THRESHOLD_DAYS = 14;
+var DECAY_RATE_PER_DAY = 0.05;
+var INJECTION_THRESHOLD = 0.4;
+var MAX_SUMMARY_PREFERENCES = 30;
+var VALID_CATEGORIES = /* @__PURE__ */ new Set([
+  "communication",
+  "scheduling",
+  "decision",
+  "workflow",
+  "content",
+  "interaction"
+]);
+async function getUserTimezone(accountId, userId) {
+  const session = getSession();
+  try {
+    const query2 = userId ? `MATCH (up:UserProfile {accountId: $accountId, userId: $userId})
+         RETURN up.timezone AS timezone` : `MATCH (up:UserProfile {accountId: $accountId})
+         RETURN up.timezone AS timezone ORDER BY up.createdAt LIMIT 1`;
+    const result = await session.run(query2, { accountId, userId: userId ?? "" });
+    if (result.records.length === 0) return null;
+    const tz = result.records[0].get("timezone");
+    return tz && tz.trim().length > 0 ? tz : null;
+  } catch (err) {
+    console.error(`[datetime] getUserTimezone failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function loadAdminUserName(accountId, userId) {
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MATCH (au:AdminUser {userId: $userId})-[:OWNS]->(p:Person {accountId: $accountId})
+       RETURN p.givenName AS givenName, p.familyName AS familyName, p.avatar AS avatar
+       LIMIT 1`,
+      { accountId, userId }
+    );
+    if (result.records.length === 0) {
+      return { source: "fallback", reason: "no-person-node" };
+    }
+    const givenName = result.records[0].get("givenName");
+    const familyName = result.records[0].get("familyName");
+    const avatar = result.records[0].get("avatar");
+    if (!givenName || givenName.trim().length === 0) {
+      return { source: "fallback", reason: "no-givenName" };
+    }
+    const trimmedFamily = familyName && familyName.trim().length > 0 ? familyName.trim() : null;
+    const trimmedAvatar = avatar && avatar.trim().length > 0 ? avatar.trim() : null;
+    const joined = trimmedFamily ? `${givenName.trim()} ${trimmedFamily}` : givenName.trim();
+    return { source: "neo4j", joined, givenName: givenName.trim(), familyName: trimmedFamily, avatar: trimmedAvatar };
+  } catch (err) {
+    console.error(`[admin-identity] loadAdminUserName failed: ${err instanceof Error ? err.message : String(err)}`);
+    return { source: "fallback", reason: "neo4j-unreachable" };
+  } finally {
+    await session.close();
+  }
+}
+async function writeAdminUserAndPerson(params) {
+  const { userId, fullName, accountId } = params;
+  const trimmed = fullName.trim();
+  if (!trimmed) {
+    throw new Error("writeAdminUserAndPerson: fullName cannot be empty");
+  }
+  const firstSpace = trimmed.search(/\s/);
+  const givenName = firstSpace === -1 ? trimmed : trimmed.slice(0, firstSpace).trim();
+  const familyName = firstSpace === -1 ? null : trimmed.slice(firstSpace + 1).trim() || null;
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const session = getSession();
+  try {
+    const result = await session.run(
+      `MERGE (au:AdminUser {userId: $userId})
+       ON CREATE SET au.name = $fullName, au.createdAt = $now
+       ON MATCH SET au.name = $fullName, au.updatedAt = $now
+       WITH au
+
+       // Case-insensitive Person reuse: same accountId, same givenName, same familyName
+       // (null/empty familyName collapsed to '' so 'Joel' does NOT match 'Joel Smalley').
+       OPTIONAL MATCH (existingPerson:Person {accountId: $accountId})
+       WHERE toLower(existingPerson.givenName) = toLower($givenName)
+         AND coalesce(toLower(existingPerson.familyName), '') = coalesce(toLower($familyName), '')
+       WITH au, existingPerson
+
+       CALL {
+         WITH au, existingPerson
+         WITH au, existingPerson WHERE existingPerson IS NOT NULL
+         MERGE (au)-[:OWNS]->(existingPerson)
+         RETURN existingPerson AS p, true AS reused
+         UNION
+         WITH au, existingPerson
+         WITH au WHERE existingPerson IS NULL
+         CREATE (newPerson:Person {
+           accountId: $accountId,
+           givenName: $givenName,
+           familyName: $familyName,
+           role: 'admin-personal',
+           scope: 'admin',
+           createdAt: $now
+         })
+         MERGE (au)-[:OWNS]->(newPerson)
+         RETURN newPerson AS p, false AS reused
+       }
+       RETURN reused, elementId(p) AS personElementId,
+              p.givenName AS givenName, p.familyName AS familyName`,
+      { userId, fullName: trimmed, accountId, givenName, familyName, now }
+    );
+    if (result.records.length === 0) {
+      throw new Error("writeAdminUserAndPerson: no record returned");
+    }
+    const record = result.records[0];
+    return {
+      personReused: record.get("reused"),
+      personElementId: record.get("personElementId"),
+      givenName: record.get("givenName"),
+      familyName: record.get("familyName")
+    };
+  } finally {
+    await session.close();
+  }
+}
+async function loadUserProfile(accountId, userId) {
+  const session = getSession();
+  try {
+    const serverTimezone = Intl.DateTimeFormat().resolvedOptions().timeZone;
+    const mergeResult = await session.run(
+      `MATCH (au:AdminUser {userId: $userId})
+       MERGE (au)-[:HAS_PROFILE]->(up:UserProfile {accountId: $accountId, userId: $userId})
+       ON CREATE SET
+         up.createdAt = $now,
+         up.updatedAt = $now,
+         up.profileVersion = 0,
+         up.scope = 'admin',
+         up.timezone = $serverTimezone
+       ON MATCH SET
+         up.timezone = CASE WHEN up.timezone IS NULL OR trim(up.timezone) = '' THEN $serverTimezone ELSE up.timezone END
+       RETURN up.createdAt = $now AS isNew`,
+      { accountId, userId, now: (/* @__PURE__ */ new Date()).toISOString(), serverTimezone }
+    );
+    if (mergeResult.records.length === 0) {
+      console.error(`[profile] loadUserProfile: AdminUser not found for userId=${userId} accountId=${accountId.slice(0, 8)}\u2026 \u2014 profile not created, invariant violated`);
+      return null;
+    }
+    const isNew = mergeResult.records[0].get("isNew");
+    if (isNew) {
+      console.error(`[profile] created new profile: userId=${userId} accountId=${accountId.slice(0, 8)}\u2026 timezone=${serverTimezone}`);
+    }
+    const nowMs = Date.now();
+    const thresholdMs = DECAY_THRESHOLD_DAYS * 24 * 60 * 60 * 1e3;
+    const staleResult = await session.run(
+      `MATCH (up:UserProfile {accountId: $accountId, userId: $userId})-[:HAS_PREFERENCE]->(pref:Preference)
+       WHERE pref.observedAt IS NOT NULL
+       RETURN pref.preferenceId AS preferenceId,
+              pref.observedAt AS observedAt,
+              pref.confidence AS confidence`,
+      { accountId, userId }
+    );
+    let decayCount = 0;
+    for (const record of staleResult.records) {
+      const observedAt = record.get("observedAt");
+      const confidence = record.get("confidence");
+      const observedMs = new Date(observedAt).getTime();
+      const ageMs = nowMs - observedMs;
+      if (ageMs > thresholdMs && confidence > 0) {
+        const daysPastThreshold = (ageMs - thresholdMs) / (24 * 60 * 60 * 1e3);
+        const decayedConfidence = Math.max(0, confidence - DECAY_RATE_PER_DAY * daysPastThreshold);
+        if (decayedConfidence !== confidence) {
+          await session.run(
+            `MATCH (pref:Preference {preferenceId: $preferenceId, accountId: $accountId})
+             SET pref.confidence = $confidence`,
+            {
+              preferenceId: record.get("preferenceId"),
+              accountId,
+              confidence: decayedConfidence
+            }
+          );
+          decayCount++;
+        }
+      }
+    }
+    const result = await session.run(
+      `MATCH (up:UserProfile {accountId: $accountId, userId: $userId})
+       OPTIONAL MATCH (au:AdminUser {userId: $userId})-[:OWNS]->(p:Person {accountId: $accountId})
+       OPTIONAL MATCH (up)-[:HAS_PREFERENCE]->(pref:Preference)
+       WHERE pref.confidence >= $threshold
+       WITH up, p, pref
+       ORDER BY pref.confidence DESC
+       WITH up, p, collect(pref) AS allPrefs
+       WITH up, p, allPrefs[0..$limit] AS prefs
+       RETURN up, p AS person, prefs`,
+      { accountId, userId, threshold: INJECTION_THRESHOLD, limit: MAX_SUMMARY_PREFERENCES }
+    );
+    if (result.records.length === 0 || !result.records[0].get("up")) {
+      return null;
+    }
+    const upNode = result.records[0].get("up");
+    const profileProps = { ...upNode.properties };
+    const personNode = result.records[0].get("person");
+    if (personNode?.properties) {
+      if (personNode.properties.givenName !== void 0) profileProps.givenName = personNode.properties.givenName;
+      if (personNode.properties.familyName !== void 0) profileProps.familyName = personNode.properties.familyName;
+    }
+    const prefNodes = result.records[0].get("prefs");
+    const preferences = prefNodes.map((p) => ({
+      preferenceId: p.properties.preferenceId,
+      category: p.properties.category,
+      key: p.properties.key,
+      value: p.properties.value,
+      confidence: p.properties.confidence,
+      source: p.properties.source,
+      observedAt: p.properties.observedAt
+    }));
+    const summary = formatProfileSummary(profileProps, preferences);
+    console.error(
+      `[profile] loaded for userId=${userId} accountId=${accountId.slice(0, 8)}\u2026 preferences=${preferences.length} (decay: ${decayCount} updated)`
+    );
+    return summary;
+  } catch (err) {
+    console.error(`[profile] loadUserProfile failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+function formatProfileSummary(profile, preferences) {
+  const givenName = typeof profile.givenName === "string" ? profile.givenName.trim() : "";
+  const familyName = typeof profile.familyName === "string" ? profile.familyName.trim() : "";
+  const joined = familyName ? `${givenName} ${familyName}` : givenName;
+  const name = joined || "Owner";
+  const role = profile.role ? ` (${profile.role})` : "";
+  const tz = profile.timezone ? ` \u2014 ${profile.timezone}` : "";
+  const locale = profile.locale ? `, ${profile.locale}` : "";
+  const expertise = profile.expertise ? `
+Expertise: ${typeof profile.expertise === "string" ? profile.expertise : JSON.stringify(profile.expertise)}` : "";
+  const lines = [`## About the Owner
+`];
+  lines.push(`${name}${role}${tz}${locale}${expertise}
+`);
+  const categories = {};
+  for (const pref of preferences) {
+    if (!categories[pref.category]) categories[pref.category] = [];
+    categories[pref.category].push(pref);
+  }
+  const categoryLabels = {
+    communication: "Communication",
+    scheduling: "Scheduling",
+    decision: "Decisions",
+    workflow: "Workflow",
+    content: "Content",
+    interaction: "Interaction patterns"
+  };
+  const workCategories = ["communication", "scheduling", "decision", "workflow", "content"];
+  const workPrefs = workCategories.filter((c) => categories[c]);
+  if (workPrefs.length > 0) {
+    lines.push(`### How they work`);
+    for (const cat of workPrefs) {
+      const label = categoryLabels[cat] || cat;
+      const items = categories[cat].map((p) => p.value).join("; ");
+      lines.push(`- ${label}: ${items}`);
+    }
+    lines.push("");
+  }
+  if (categories.interaction) {
+    lines.push(`### Interaction patterns`);
+    for (const pref of categories.interaction) {
+      lines.push(`- ${pref.value}`);
+    }
+    lines.push("");
+  }
+  return lines.join("\n");
+}
+var MAX_SESSION_TASKS = 20;
+var MAX_SESSION_REVIEW_ALERTS = 5;
+var MAX_SESSION_PROJECTS = 5;
+var MAX_RECENT_TOOL_FAILURES = 3;
+var RECENT_FAILURES_TAIL_BYTES = 10 * 1024;
+function readRecentToolFailures(accountId, conversationId) {
+  try {
+    const platformRoot = process.env.MAXY_PLATFORM_ROOT ?? resolve2(process.cwd(), "..");
+    const logDir = resolve2(platformRoot, "..", "data/accounts", accountId, "logs");
+    const logPath = resolve2(logDir, `claude-agent-stream-${conversationId}.log`);
+    if (!existsSync2(logPath)) {
+      console.error(`[review-tail-skip] path=${logPath} reason=file-missing \u2014 first turn of conversation, subprocess not yet spawned, or log rotated`);
+      return [];
+    }
+    const st = statSync2(logPath);
+    const size = st.size;
+    const readBytes = Math.min(size, RECENT_FAILURES_TAIL_BYTES);
+    const position = size - readBytes;
+    const fd = openSync(logPath, "r");
+    try {
+      const buf = Buffer.alloc(readBytes);
+      readSync(fd, buf, 0, readBytes, position);
+      const text = buf.toString("utf-8");
+      const lines = text.split("\n");
+      const matches = [];
+      for (let i = lines.length - 1; i >= 0 && matches.length < MAX_RECENT_TOOL_FAILURES; i--) {
+        const line = lines[i];
+        if (line.includes("[tool-failure-diag]")) {
+          matches.push(line);
+        }
+      }
+      return matches.reverse();
+    } finally {
+      closeSync(fd);
+    }
+  } catch (err) {
+    console.error(
+      `[session-context] recent-tool-failures read failed: ${err instanceof Error ? err.message : String(err)}`
+    );
+    return [];
+  }
+}
+async function loadSessionContext(accountId, conversationId) {
+  const session = getSession();
+  try {
+    const digestResult = await session.run(
+      `MATCH (d:CreativeWork {accountId: $accountId})
+       WHERE d.title STARTS WITH 'Chat Review' OR d.title STARTS WITH 'Review Digest'
+       RETURN d.title AS title, d.createdAt AS createdAt, d.abstract AS abstract
+       ORDER BY d.createdAt DESC LIMIT 1`,
+      { accountId }
+    );
+    const tasksResult = await session.run(
+      `MATCH (t:Task {accountId: $accountId})
+       WHERE t.status IN ['pending', 'active']
+       RETURN t.taskId AS taskId, t.name AS name, t.status AS status,
+              t.priority AS priority, t.dueDate AS dueDate
+       ORDER BY
+         CASE t.priority
+           WHEN 'urgent' THEN 0
+           WHEN 'high' THEN 1
+           WHEN 'normal' THEN 2
+           WHEN 'low' THEN 3
+           ELSE 4
+         END,
+         t.createdAt DESC
+       LIMIT $limit`,
+      { accountId, limit: neo4j.int(MAX_SESSION_TASKS) }
+    );
+    const alertsResult = await session.run(
+      `MATCH (a:ReviewAlert {accountId: $accountId})
+       WHERE a.resolvedAt IS NULL
+         AND (a.suppressedUntil IS NULL OR a.suppressedUntil < datetime())
+         AND a.lastMatchAt > datetime() - duration('P1D')
+       RETURN a.ruleId AS ruleId, a.ruleName AS ruleName, a.lastMatchAt AS lastMatchAt,
+              a.cumulativeMatchCount AS cumulativeMatchCount, a.sampleEvidence AS sampleEvidence,
+              a.suggestedAction AS suggestedAction
+       ORDER BY a.lastMatchAt DESC
+       LIMIT $limit`,
+      { accountId, limit: neo4j.int(MAX_SESSION_REVIEW_ALERTS) }
+    );
+    let projectsCount = 0;
+    let projectLines = [];
+    try {
+      const projectsResult = await session.run(
+        `MATCH (p:Project:Task {accountId: $accountId})
+         WHERE p.status IN ['pending', 'active']
+         OPTIONAL MATCH (p)-[:HAS_TASK]->(child:Task)
+         WITH p,
+           count(child) AS totalTasks,
+           count(CASE WHEN child.status = 'completed' THEN 1 END) AS completedTasks,
+           count(CASE WHEN child.dueDate IS NOT NULL
+             AND date(child.dueDate) < date()
+             AND child.status <> 'completed' THEN 1 END) AS overdueTasks,
+           count(CASE WHEN child.status IN ['pending', 'active'] AND EXISTS {
+             MATCH (blocker:Task)-[:BLOCKS]->(child)
+             WHERE blocker.status IN ['pending', 'active']
+           } THEN 1 END) AS blockedTasks
+         RETURN p.name AS name, p.phase AS phase, p.tier AS tier,
+                p.clientRef AS clientRef, p.status AS status,
+                totalTasks, completedTasks, overdueTasks, blockedTasks
+         ORDER BY p.updatedAt DESC
+         LIMIT $limit`,
+        { accountId, limit: neo4j.int(MAX_SESSION_PROJECTS) }
+      );
+      projectsCount = projectsResult.records.length;
+      if (projectsCount > 0) {
+        projectLines = projectsResult.records.map((r) => {
+          const name = r.get("name") || "Unnamed project";
+          const phase = r.get("phase") || "planning";
+          const tier = r.get("tier") || "standard";
+          const clientRef = r.get("clientRef");
+          const total = typeof r.get("totalTasks") === "number" ? r.get("totalTasks") : r.get("totalTasks")?.toNumber?.() ?? 0;
+          const completed = typeof r.get("completedTasks") === "number" ? r.get("completedTasks") : r.get("completedTasks")?.toNumber?.() ?? 0;
+          const overdue = typeof r.get("overdueTasks") === "number" ? r.get("overdueTasks") : r.get("overdueTasks")?.toNumber?.() ?? 0;
+          const blocked = typeof r.get("blockedTasks") === "number" ? r.get("blockedTasks") : r.get("blockedTasks")?.toNumber?.() ?? 0;
+          let signal;
+          const hasDueDates = overdue > 0 || total > 0;
+          if (!hasDueDates && total === 0) {
+            signal = "grey";
+          } else if (overdue > 1 || blocked > 1) {
+            signal = "red";
+          } else if (overdue > 0 || blocked > 0) {
+            signal = "amber";
+          } else {
+            signal = "green";
+          }
+          const client = clientRef ? ` (${clientRef})` : "";
+          const health = signal !== "grey" ? ` [${signal.toUpperCase()}]` : "";
+          return `- **${name}**${client} \u2014 ${tier}, ${phase}${health}, ${completed}/${total} done${overdue > 0 ? `, ${overdue} overdue` : ""}${blocked > 0 ? `, ${blocked} blocked` : ""}`;
+        });
+      }
+    } catch (projectErr) {
+      console.error(
+        `[session-context] project query failed: ${projectErr instanceof Error ? projectErr.message : String(projectErr)}`
+      );
+    }
+    const sections = [];
+    if (digestResult.records.length > 0) {
+      const rec = digestResult.records[0];
+      const title = rec.get("title");
+      const createdAt = rec.get("createdAt");
+      const abstract = rec.get("abstract");
+      if (abstract) {
+        const dateSuffix = createdAt ? ` (${createdAt.slice(0, 10)})` : "";
+        const heading = title?.startsWith("Review Digest") ? `## Recent Review Digest${dateSuffix}` : `## Recent Public Chat Digest${dateSuffix}`;
+        sections.push(`${heading}
+${abstract}`);
+      }
+    }
+    if (tasksResult.records.length > 0) {
+      const taskLines = tasksResult.records.map((r) => {
+        const priority = (r.get("priority") || "normal").toUpperCase();
+        const status = r.get("status");
+        const name = r.get("name");
+        const dueDate = r.get("dueDate");
+        const due = dueDate ? ` due:${dueDate.slice(0, 10)}` : "";
+        const taskId = r.get("taskId");
+        return `- [${priority}] ${status} \u2014 ${name}${due} (${taskId})`;
+      });
+      sections.push(`## Open Tasks (${tasksResult.records.length})
+${taskLines.join("\n")}`);
+    }
+    let pendingCount = 0;
+    let pendingLines = [];
+    try {
+      const platformRoot = process.env.MAXY_PLATFORM_ROOT ?? resolve2(process.cwd(), "..");
+      const pendingDir = resolve2(platformRoot, "..", "data/accounts", accountId, "pending-actions");
+      if (existsSync2(pendingDir)) {
+        const files = readdirSync2(pendingDir).filter((f) => f.endsWith(".json") && !f.startsWith("."));
+        for (const file of files) {
+          try {
+            const raw = readFileSync2(resolve2(pendingDir, file), "utf-8");
+            const action = JSON.parse(raw);
+            if (action.state === "pending") {
+              const inputSummary = JSON.stringify(action.hookPayload?.tool_input ?? {}).slice(0, 150);
+              pendingLines.push(`- **${action.toolName}** (${action.actionId.slice(0, 8)}\u2026) queued ${action.createdAt?.slice(0, 16) ?? "unknown"}
+  Input: ${inputSummary}`);
+              pendingCount++;
+            }
+          } catch {
+          }
+        }
+      }
+    } catch (pendingErr) {
+      console.error(
+        `[session-context] pending actions read failed: ${pendingErr instanceof Error ? pendingErr.message : String(pendingErr)}`
+      );
+    }
+    if (pendingCount > 0) {
+      sections.push(`## Pending Actions (${pendingCount})
+Actions queued for your approval. Use action-approve, action-reject, or action-edit.
+${pendingLines.join("\n")}`);
+    }
+    if (projectLines.length > 0) {
+      sections.push(`## Active Projects (${projectLines.length})
+${projectLines.join("\n")}`);
+    }
+    if (alertsResult.records.length > 0) {
+      const alertLines = alertsResult.records.map((r) => {
+        const ruleName = r.get("ruleName");
+        const count = r.get("cumulativeMatchCount");
+        const countValue = typeof count === "number" ? count : count?.toNumber?.() ?? 0;
+        const sample = r.get("sampleEvidence") ?? "";
+        const action = r.get("suggestedAction");
+        const shortSample = sample.length > 160 ? sample.slice(0, 160) + "\u2026" : sample;
+        return `- **${ruleName}** (fired ${countValue}\xD7): ${shortSample}
+  \u2192 ${action}`;
+      });
+      sections.push(`## Active Review Alerts (${alertsResult.records.length})
+${alertLines.join("\n")}`);
+    }
+    let recentFailuresCount = 0;
+    if (conversationId) {
+      const failureLines = readRecentToolFailures(accountId, conversationId);
+      if (failureLines.length > 0) {
+        recentFailuresCount = failureLines.length;
+        const guidance = "These tool calls failed in the current conversation. Inspect the diagnostic fields before retrying the same tool against the same target \u2014 if you do retry, narrate explicitly why the diagnostic suggests a retry will now succeed. A second identical failure is evidence the path is broken, not evidence another attempt is warranted.";
+        sections.push(`## Recent Tool Failures (${failureLines.length})
+${guidance}
+
+${failureLines.map((l) => `- ${l.trim()}`).join("\n")}`);
+      }
+    }
+    if (sections.length === 0) return null;
+    console.error(
+      `[session-context] Loaded for ${accountId.slice(0, 8)}\u2026: digest=${digestResult.records.length > 0 ? "yes" : "no"}, tasks=${tasksResult.records.length}, projects=${projectsCount}, reviewAlerts=${alertsResult.records.length}, pendingActions=${pendingCount}, recentFailures=${recentFailuresCount}`
+    );
+    return `<previous-context>
+${sections.join("\n\n")}
+</previous-context>`;
+  } catch (err) {
+    console.error(`[session-context] loadSessionContext failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function consumeStep7FlagUI(session, accountId) {
+  const accountDir = resolve2(PLATFORM_ROOT, "..", "data/accounts", accountId);
+  const flagPath = resolve2(accountDir, "onboarding", "step7-complete");
+  if (!existsSync2(flagPath)) return false;
+  let completedAt = (/* @__PURE__ */ new Date()).toISOString();
+  try {
+    const raw = readFileSync2(flagPath, "utf-8").trim();
+    if (raw) {
+      const parsed = JSON.parse(raw);
+      if (typeof parsed.completedAt === "string") {
+        completedAt = parsed.completedAt;
+      }
+    }
+  } catch {
+  }
+  const result = await session.run(
+    `MATCH (o:OnboardingState {accountId: $accountId})
+     SET o.step7CompletedAt = CASE WHEN o.step7CompletedAt IS NULL THEN $completedAt ELSE o.step7CompletedAt END,
+         o.currentStep = CASE WHEN 7 > o.currentStep THEN 7 ELSE o.currentStep END,
+         o.updatedAt = $completedAt
+     RETURN count(o) AS updated`,
+    { accountId, completedAt }
+  );
+  const updatedRaw = result.records[0]?.get("updated");
+  const updated = typeof updatedRaw === "number" ? updatedRaw : updatedRaw && typeof updatedRaw === "object" && "toNumber" in updatedRaw ? updatedRaw.toNumber() : 0;
+  if (updated === 0) {
+    console.log(
+      `[onboarding-flag-consumed] accountId=${accountId.slice(0, 8)}\u2026 step=7 source=filesystem flagPath=${flagPath} skipped=no-node`
+    );
+    return false;
+  }
+  console.log(
+    `[onboarding-flag-consumed] accountId=${accountId.slice(0, 8)}\u2026 step=7 source=filesystem flagPath=${flagPath} completedAt=${completedAt}`
+  );
+  try {
+    rmSync(flagPath);
+  } catch (err) {
+    console.error(
+      `[onboarding-flag-consumed] warn: failed to delete ${flagPath}: ${err instanceof Error ? err.message : String(err)}`
+    );
+  }
+  return true;
+}
+async function loadOnboardingStep(accountId) {
+  const session = getSession();
+  try {
+    await consumeStep7FlagUI(session, accountId);
+    const result = await session.run(
+      `MATCH (o:OnboardingState {accountId: $accountId})
+       RETURN o.currentStep AS currentStep`,
+      { accountId }
+    );
+    if (result.records.length === 0) {
+      return -1;
+    }
+    const raw = result.records[0].get("currentStep");
+    if (typeof raw === "number") return raw;
+    if (raw && typeof raw === "object" && "toNumber" in raw) {
+      return raw.toNumber();
+    }
+    return 0;
+  } catch (err) {
+    console.error(`[onboarding-inject] loadOnboardingStep failed: ${err instanceof Error ? err.message : String(err)}`);
+    return null;
+  } finally {
+    await session.close();
+  }
+}
+async function writeReflectionPreferences(accountId, userId, conversationId, updates) {
+  if (updates.length === 0) return 0;
+  const session = getSession();
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  let written = 0;
+  try {
+    const VALID_MODES = /* @__PURE__ */ new Set(["reinforce", "update", "contradict", "merge"]);
+    for (const update of updates) {
+      if (!VALID_CATEGORIES.has(update.category)) {
+        console.error(`[profile-reflection] Skipping invalid category "${update.category}"`);
+        continue;
+      }
+      if (update.mode && !VALID_MODES.has(update.mode)) {
+        console.error(`[profile-reflection] Skipping invalid mode "${update.mode}" for ${update.category}/${update.key}`);
+        continue;
+      }
+      if (!update.value || update.value.trim().length === 0) {
+        console.error(`[profile-reflection] Skipping empty value for ${update.category}/${update.key}`);
+        continue;
+      }
+      try {
+        if (update.mode === "merge" && update.mergeSourceIds?.length) {
+          const txc = session.beginTransaction();
+          try {
+            const sourcesResult = await txc.run(
+              `MATCH (pref:Preference)
+               WHERE pref.preferenceId IN $sourceIds AND pref.accountId = $accountId
+               OPTIONAL MATCH (pref)-[:OBSERVED_IN]->(conv:Conversation)
+               RETURN pref.confidence AS confidence,
+                      collect(DISTINCT conv.conversationId) AS convIds`,
+              { sourceIds: update.mergeSourceIds, accountId }
+            );
+            const maxConf = sourcesResult.records.reduce(
+              (max, r) => Math.max(max, r.get("confidence")),
+              INITIAL_CONFIDENCE
+            );
+            const allConvIds = /* @__PURE__ */ new Set();
+            for (const r of sourcesResult.records) {
+              for (const id of r.get("convIds")) {
+                if (id) allConvIds.add(id);
+              }
+            }
+            if (conversationId) allConvIds.add(conversationId);
+            const preferenceId = randomUUID();
+            let embedding2 = null;
+            try {
+              embedding2 = await embed(`${update.category}: ${update.key} \u2014 ${update.value}`);
+            } catch {
+            }
+            const props = {
+              preferenceId,
+              accountId,
+              userId,
+              category: update.category,
+              key: update.key,
+              value: update.value,
+              confidence: maxConf,
+              source: update.source,
+              observedAt: now,
+              createdAt: now,
+              updatedAt: now,
+              scope: "admin"
+            };
+            if (embedding2) props.embedding = embedding2;
+            await txc.run(
+              `MATCH (up:UserProfile {accountId: $accountId, userId: $userId})
+               CREATE (pref:Preference $props)
+               CREATE (up)-[:HAS_PREFERENCE]->(pref)`,
+              { accountId, userId, props }
+            );
+            for (const convId of allConvIds) {
+              await txc.run(
+                `MATCH (pref:Preference {preferenceId: $preferenceId})
+                 MATCH (conv:Conversation {conversationId: $convId})
+                 MERGE (pref)-[:OBSERVED_IN]->(conv)`,
+                { preferenceId, convId }
+              );
+            }
+            await txc.run(
+              `MATCH (pref:Preference)
+               WHERE pref.preferenceId IN $sourceIds AND pref.accountId = $accountId
+               DETACH DELETE pref`,
+              { sourceIds: update.mergeSourceIds, accountId }
+            );
+            await txc.commit();
+            written++;
+          } catch (mergeErr) {
+            await txc.rollback();
+            console.error(`[profile-reflection] Merge failed for ${update.category}/${update.key}: ${mergeErr instanceof Error ? mergeErr.message : String(mergeErr)}`);
+          }
+          continue;
+        }
+        let embedding = null;
+        try {
+          embedding = await embed(`${update.category}: ${update.key} \u2014 ${update.value}`);
+        } catch {
+        }
+        const newPrefId = randomUUID();
+        const mode = update.mode || "reinforce";
+        const mergeParams = {
+          accountId,
+          userId,
+          category: update.category,
+          key: update.key,
+          newPrefId,
+          value: update.value,
+          source: update.source,
+          initialConfidence: INITIAL_CONFIDENCE,
+          increment: REINFORCEMENT_INCREMENT,
+          decrement: 0.3,
+          mode,
+          now
+        };
+        if (embedding) mergeParams.embedding = embedding;
+        const mergeResult = await session.run(
+          `MATCH (up:UserProfile {accountId: $accountId, userId: $userId})
+           MERGE (up)-[:HAS_PREFERENCE]->(pref:Preference {accountId: $accountId, userId: $userId, category: $category, key: $key})
+           ON CREATE SET
+             pref.preferenceId = $newPrefId,
+             pref.value = $value,
+             pref.confidence = $initialConfidence,
+             pref.source = $source,
+             pref.observedAt = $now,
+             pref.createdAt = $now,
+             pref.updatedAt = $now,
+             pref.scope = 'admin'
+           ON MATCH SET
+             pref.value = $value,
+             pref.source = $source,
+             pref.confidence = CASE $mode
+               WHEN 'reinforce' THEN CASE WHEN pref.confidence + $increment * (1.0 - pref.confidence) > 1.0 THEN 1.0 ELSE pref.confidence + $increment * (1.0 - pref.confidence) END
+               WHEN 'contradict' THEN CASE WHEN pref.confidence - $decrement < 0.0 THEN 0.0 ELSE pref.confidence - $decrement END
+               ELSE pref.confidence
+             END,
+             pref.observedAt = $now,
+             pref.updatedAt = $now
+           ${embedding ? "SET pref.embedding = $embedding" : ""}
+           RETURN pref.preferenceId AS preferenceId`,
+          mergeParams
+        );
+        const writtenPrefId = mergeResult.records[0]?.get("preferenceId");
+        if (conversationId && writtenPrefId) {
+          await session.run(
+            `MATCH (pref:Preference {preferenceId: $preferenceId, accountId: $accountId})
+             MATCH (conv:Conversation {conversationId: $conversationId})
+             MERGE (pref)-[:OBSERVED_IN]->(conv)`,
+            { preferenceId: writtenPrefId, accountId, conversationId }
+          );
+        }
+        written++;
+      } catch (itemErr) {
+        console.error(`[profile-reflection] Failed to write ${update.category}/${update.key}: ${itemErr instanceof Error ? itemErr.message : String(itemErr)}`);
+      }
+    }
+    if (written > 0) {
+      await session.run(
+        `MATCH (up:UserProfile {accountId: $accountId, userId: $userId})
+         SET up.profileVersion = coalesce(up.profileVersion, 0) + 1,
+             up.updatedAt = $now`,
+        { accountId, userId, now }
+      );
+    }
+    console.error(`[profile-reflection] Wrote ${written}/${updates.length} preference updates for userId=${userId} accountId=${accountId.slice(0, 8)}\u2026`);
+    return written;
+  } catch (err) {
+    console.error(`[profile-reflection] writeReflectionPreferences failed: ${err instanceof Error ? err.message : String(err)}`);
+    return written;
+  } finally {
+    await session.close();
+  }
+}
+var AGENT_FILE_ROLES = [
+  { filename: "IDENTITY.md", role: "identity" },
+  { filename: "SOUL.md", role: "soul" },
+  { filename: "KNOWLEDGE.md", role: "knowledge" },
+  { filename: "KNOWLEDGE-SUMMARY.md", role: "knowledge-summary" }
+];
+var ROLE_TO_EDGE = {
+  identity: "HAS_IDENTITY",
+  soul: "HAS_SOUL",
+  knowledge: "HAS_KNOWLEDGE",
+  "knowledge-summary": "HAS_KNOWLEDGE"
+};
+function assertSafeAgentSlug(slug) {
+  if (!slug || slug.includes("/") || slug.includes("\\") || slug.includes("..")) {
+    throw new Error(`[agent-graph] refusing unsafe slug=${JSON.stringify(slug)}`);
+  }
+}
+function agentAttachmentId(accountId, slug, role) {
+  return `agent:${accountId}:${slug}:${role}`;
+}
+async function projectAgent(accountId, accountDir, slug) {
+  const start = Date.now();
+  const account8 = accountId.slice(0, 8);
+  try {
+    assertSafeAgentSlug(slug);
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    console.error(
+      `[agent-graph] project FAILED slug=${slug} account=${account8} error="${msg}"`
+    );
+    return;
+  }
+  const agentDir = resolve2(accountDir, "agents", slug);
+  const configPath = resolve2(agentDir, "config.json");
+  let config;
+  let presentRoles = [];
+  try {
+    if (!existsSync2(configPath)) {
+      console.error(
+        `[agent-graph] project FAILED slug=${slug} account=${account8} error="config.json missing at ${configPath}"`
+      );
+      return;
+    }
+    config = JSON.parse(readFileSync2(configPath, "utf-8"));
+    for (const { filename, role } of AGENT_FILE_ROLES) {
+      const filePath = resolve2(agentDir, filename);
+      if (!existsSync2(filePath)) continue;
+      const body = readFileSync2(filePath, "utf-8");
+      presentRoles.push({ role, body, edge: ROLE_TO_EDGE[role] });
+    }
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    console.error(
+      `[agent-graph] project FAILED slug=${slug} account=${account8} error="${msg}"`
+    );
+    return;
+  }
+  const session = getSession();
+  try {
+    await session.run(
+      `MERGE (a:Agent {accountId: $accountId, slug: $slug})
+       ON CREATE SET a.createdAt = datetime()
+       SET a.displayName = $displayName,
+           a.status = $status,
+           a.model = $model,
+           a.liveMemory = $liveMemory,
+           a.knowledgeKeywords = $knowledgeKeywords,
+           a.role = 'agent',
+           a.updatedAt = datetime()
+       RETURN a.slug AS slug`,
+      {
+        accountId,
+        slug,
+        displayName: config.displayName ?? slug,
+        status: config.status ?? "unknown",
+        model: config.model ?? "",
+        liveMemory: config.liveMemory ?? false,
+        knowledgeKeywords: config.knowledgeKeywords ?? []
+      }
+    );
+    for (const { role, body, edge } of presentRoles) {
+      const attachmentId = agentAttachmentId(accountId, slug, role);
+      await session.run(
+        `MATCH (a:Agent {accountId: $accountId, slug: $slug})
+         MERGE (k:KnowledgeDocument {attachmentId: $attachmentId})
+         ON CREATE SET k.createdAt = datetime()
+         SET k.accountId = $accountId,
+             k.role = $role,
+             k.name = $name,
+             k.text = $text,
+             k.scope = 'admin',
+             k.updatedAt = datetime()
+         MERGE (a)-[:${edge}]->(k)
+         RETURN k.attachmentId AS attachmentId`,
+        {
+          accountId,
+          slug,
+          attachmentId,
+          role,
+          name: `${slug} ${role}`,
+          text: body
+        }
+      );
+    }
+    const usesResult = await session.run(
+      `MATCH (a:Agent {accountId: $accountId, slug: $slug})
+       MATCH (k:KnowledgeDocument {accountId: $accountId})
+       WHERE $slug IN coalesce(k.agents, [])
+         AND NOT k.attachmentId STARTS WITH $namespacePrefix
+       MERGE (a)-[:USES_KNOWLEDGE]->(k)
+       RETURN count(k) AS uses`,
+      {
+        accountId,
+        slug,
+        namespacePrefix: `agent:${accountId}:${slug}:`
+      }
+    );
+    const uses = usesResult.records[0]?.get("uses");
+    const usesCount = typeof uses === "number" ? uses : uses && typeof uses.toNumber === "function" ? uses.toNumber() : 0;
+    const ms = Date.now() - start;
+    console.error(
+      `[agent-graph] project slug=${slug} account=${account8} docs=${presentRoles.length} uses=${usesCount} ms=${ms}`
+    );
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    console.error(
+      `[agent-graph] project FAILED slug=${slug} account=${account8} error="${msg}"`
+    );
+    throw err;
+  } finally {
+    await session.close();
+  }
+}
+async function deleteAgentProjection(accountId, slug) {
+  const start = Date.now();
+  const account8 = accountId.slice(0, 8);
+  assertSafeAgentSlug(slug);
+  const session = getSession();
+  try {
+    await session.run(
+      `MATCH (a:Agent {accountId: $accountId, slug: $slug})
+       DETACH DELETE a
+       WITH 1 AS _
+       UNWIND $attachmentIds AS aid
+       OPTIONAL MATCH (k:KnowledgeDocument {accountId: $accountId, attachmentId: aid})
+       WHERE k.attachmentId STARTS WITH $namespacePrefix
+       DETACH DELETE k`,
+      {
+        accountId,
+        slug,
+        namespacePrefix: `agent:${accountId}:${slug}:`,
+        attachmentIds: ["identity", "soul", "knowledge", "knowledge-summary"].map((role) => agentAttachmentId(accountId, slug, role))
+      }
+    );
+    const ms = Date.now() - start;
+    console.error(
+      `[agent-graph] delete slug=${slug} account=${account8} ms=${ms}`
+    );
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    console.error(
+      `[agent-graph] delete FAILED slug=${slug} account=${account8} error="${msg}"`
+    );
+    throw err;
+  } finally {
+    await session.close();
+  }
+}
+
+// app/lib/claude-agent/account.ts
+import { resolve as resolve3 } from "path";
+import { readFileSync as readFileSync4, readdirSync as readdirSync3, existsSync as existsSync4, statSync as statSync3 } from "fs";
+
+// ../lib/brand-templating/src/index.ts
+import { join } from "path";
+import { existsSync as existsSync3, readFileSync as readFileSync3 } from "fs";
+var PLACEHOLDER = "{{productName}}";
+var cachedProductName = null;
+function brandJsonPath() {
+  const platformRoot = process.env.MAXY_PLATFORM_ROOT;
+  if (!platformRoot) {
+    throw new Error(
+      "[skill-loader] MAXY_PLATFORM_ROOT not set \u2014 cannot resolve brand.json"
+    );
+  }
+  return join(platformRoot, "config", "brand.json");
+}
+function getBrandProductName() {
+  if (cachedProductName !== null) return cachedProductName;
+  const path = brandJsonPath();
+  if (!existsSync3(path)) {
+    throw new Error(`[skill-loader] brand.json missing at ${path}`);
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(readFileSync3(path, "utf-8"));
+  } catch (err) {
+    throw new Error(
+      `[skill-loader] brand.json unreadable at ${path}: ${err instanceof Error ? err.message : String(err)}`
+    );
+  }
+  const value = parsed.productName;
+  if (typeof value !== "string" || value.trim() === "") {
+    throw new Error(
+      `[skill-loader] brand.json at ${path} has missing or empty productName`
+    );
+  }
+  cachedProductName = value;
+  return value;
+}
+function substituteBrandPlaceholders(content, sourcePath) {
+  if (!content.includes(PLACEHOLDER)) return content;
+  let productName;
+  try {
+    productName = getBrandProductName();
+  } catch (err) {
+    console.error(
+      `[skill-loader] ERROR: brand.json missing \u2014 cannot resolve productName for skill ${sourcePath}`
+    );
+    throw err;
+  }
+  const occurrences = content.split(PLACEHOLDER).length - 1;
+  const substituted = content.split(PLACEHOLDER).join(productName);
+  console.log(
+    `[skill-loader] brand-substituted productName=${productName} skill=${sourcePath} occurrences=${occurrences}`
+  );
+  return substituted;
+}
+
+// app/lib/claude-agent/account.ts
+var PLATFORM_ROOT2 = process.env.MAXY_PLATFORM_ROOT ?? resolve3(process.cwd(), "..");
+var ACCOUNTS_DIR = resolve3(PLATFORM_ROOT2, "..", "data/accounts");
+if (!existsSync4(PLATFORM_ROOT2)) {
+  throw new Error(
+    `PLATFORM_ROOT does not exist: ${PLATFORM_ROOT2}
+Set the MAXY_PLATFORM_ROOT environment variable to the absolute path of the platform directory.`
+  );
+}
+function resolveAccount() {
+  if (!existsSync4(ACCOUNTS_DIR)) return null;
+  const usersFilePath = resolve3(PLATFORM_ROOT2, "config", "users.json");
+  let usersJsonUserId = null;
+  if (existsSync4(usersFilePath)) {
+    try {
+      const raw = readFileSync4(usersFilePath, "utf-8").trim();
+      if (raw) {
+        const users = JSON.parse(raw);
+        if (users.length > 0) {
+          usersJsonUserId = users[0].userId;
+        }
+      }
+    } catch {
+    }
+  }
+  const entries = readdirSync3(ACCOUNTS_DIR, { withFileTypes: true });
+  let fallback = null;
+  for (const entry of entries) {
+    if (!entry.isDirectory()) continue;
+    const configPath = resolve3(ACCOUNTS_DIR, entry.name, "account.json");
+    if (!existsSync4(configPath)) continue;
+    const raw = readFileSync4(configPath, "utf-8");
+    let config;
+    try {
+      config = JSON.parse(raw);
+    } catch {
+      console.error(`[maxy] account.json is corrupt at ${configPath} \u2014 skipping`);
+      continue;
+    }
+    if (!config.adminModel || !config.publicModel) {
+      throw new Error(
+        `[maxy] account.json at ${configPath} is missing required model fields (adminModel / publicModel). Update account.json with valid model identifiers.`
+      );
+    }
+    const result = {
+      accountId: config.accountId,
+      accountDir: resolve3(ACCOUNTS_DIR, entry.name),
+      config
+    };
+    if (usersJsonUserId && config.admins?.some((a) => a.userId === usersJsonUserId)) {
+      return result;
+    }
+    if (!fallback) {
+      fallback = result;
+    }
+  }
+  if (usersJsonUserId && fallback) {
+    console.warn(
+      `[maxy] resolveAccount: no account matches users.json userId ${usersJsonUserId} \u2014 falling back to ${fallback.accountId}`
+    );
+  }
+  return fallback;
+}
+function readAgentFile(accountDir, agentName, filename) {
+  const filePath = resolve3(accountDir, "agents", agentName, filename);
+  if (!existsSync4(filePath)) return null;
+  const raw = readFileSync4(filePath, "utf-8");
+  if (filename.endsWith(".md")) {
+    return substituteBrandPlaceholders(raw, filePath);
+  }
+  return raw;
+}
+function readIdentity(accountDir, agentName) {
+  return readAgentFile(accountDir, agentName, "IDENTITY.md");
+}
+var RESERVED_SLUGS = /* @__PURE__ */ new Set(["admin", "api", "assets", "brand", "bot", "privacy"]);
+var SLUG_PATTERN = /^[a-z][a-z0-9-]{2,49}$/;
+function validateAgentSlug(slug) {
+  if (!SLUG_PATTERN.test(slug)) return false;
+  if (RESERVED_SLUGS.has(slug)) return false;
+  return true;
+}
+function resolveDefaultAgentSlug(accountDir) {
+  const configPath = resolve3(accountDir, "account.json");
+  if (!existsSync4(configPath)) {
+    console.error("[agent-resolve] account.json not found \u2014 cannot resolve defaultAgent");
+    return null;
+  }
+  let config;
+  try {
+    config = JSON.parse(readFileSync4(configPath, "utf-8"));
+  } catch (err) {
+    console.error("[agent-resolve] failed to read account.json:", err);
+    return null;
+  }
+  if (!config.defaultAgent) {
+    console.error("[agent-resolve] defaultAgent not configured in account.json \u2014 set it via the connect-whatsapp skill");
+    return null;
+  }
+  const agentConfigPath = resolve3(accountDir, "agents", config.defaultAgent, "config.json");
+  if (!existsSync4(agentConfigPath)) {
+    console.error(`[agent-resolve] defaultAgent="${config.defaultAgent}" has no config.json at ${agentConfigPath}`);
+    return null;
+  }
+  return config.defaultAgent;
+}
+function estimateTokens(text) {
+  return Math.ceil(text.length / 4);
+}
+function resolveAgentConfig(accountDir, agentName) {
+  let model = null;
+  let plugins = null;
+  let status = null;
+  let displayName = null;
+  let image = null;
+  let imageShape = null;
+  let showAgentName = false;
+  let liveMemory = false;
+  let knowledgeKeywords = null;
+  let accessMode = "open";
+  const MAX_KNOWLEDGE_KEYWORDS = 5;
+  const configRaw = readAgentFile(accountDir, agentName, "config.json");
+  if (configRaw) {
+    let parsed;
+    try {
+      parsed = JSON.parse(configRaw);
+    } catch {
+      console.warn(`[agent-config] ${agentName}/config.json: invalid JSON \u2014 using defaults`);
+      parsed = {};
+    }
+    model = typeof parsed.model === "string" ? parsed.model : null;
+    plugins = Array.isArray(parsed.plugins) ? parsed.plugins : null;
+    status = typeof parsed.status === "string" ? parsed.status : null;
+    displayName = typeof parsed.displayName === "string" ? parsed.displayName : null;
+    image = typeof parsed.image === "string" ? parsed.image : null;
+    if (typeof parsed.imageShape === "string" && ["circle", "rounded"].includes(parsed.imageShape)) {
+      imageShape = parsed.imageShape;
+    }
+    if (parsed.showAgentName === true) {
+      showAgentName = true;
+    } else if (parsed.showAgentName === "none") {
+      showAgentName = "none";
+    }
+    if (image || imageShape || showAgentName) {
+      console.log(`[agent-config] ${agentName}: image=${image || "(none)"} imageShape=${imageShape || "(none)"} showAgentName=${showAgentName}`);
+    }
+    if (typeof parsed.accessMode === "string" && ["gated", "paid"].includes(parsed.accessMode)) {
+      accessMode = parsed.accessMode;
+    }
+    if (typeof parsed.liveMemory === "boolean") {
+      liveMemory = parsed.liveMemory;
+    } else if (typeof parsed.liveMemory === "string") {
+      const lower = parsed.liveMemory.toLowerCase();
+      if (lower === "true") {
+        liveMemory = true;
+        console.warn(`[agent-config] ${agentName}: liveMemory is string "true" \u2014 coercing to boolean. Fix the config to use a boolean value.`);
+      } else if (lower === "false") {
+        liveMemory = false;
+        console.warn(`[agent-config] ${agentName}: liveMemory is string "false" \u2014 coercing to boolean. Fix the config to use a boolean value.`);
+      } else {
+        throw new Error(`[agent-config] ${agentName}: liveMemory has invalid string value "${parsed.liveMemory}" \u2014 expected boolean or "true"/"false"`);
+      }
+    } else if (parsed.liveMemory !== void 0 && parsed.liveMemory !== null) {
+      throw new Error(`[agent-config] ${agentName}: liveMemory has invalid type ${typeof parsed.liveMemory} \u2014 expected boolean or "true"/"false"`);
+    }
+    if (Array.isArray(parsed.knowledgeKeywords) && parsed.knowledgeKeywords.length > 0) {
+      const filtered = parsed.knowledgeKeywords.filter((k) => typeof k === "string" && k.trim()).map((k) => k.replace(/,/g, "").trim().toLowerCase()).filter(Boolean);
+      if (filtered.length > MAX_KNOWLEDGE_KEYWORDS) {
+        console.warn(`[agent-config] ${agentName}: knowledgeKeywords has ${filtered.length} entries \u2014 capping at ${MAX_KNOWLEDGE_KEYWORDS}`);
+      }
+      knowledgeKeywords = filtered.length > 0 ? filtered.slice(0, MAX_KNOWLEDGE_KEYWORDS) : null;
+    }
+  }
+  let knowledge = null;
+  let knowledgeBaked = false;
+  const agentDir = resolve3(accountDir, "agents", agentName);
+  const knowledgePath = resolve3(agentDir, "KNOWLEDGE.md");
+  const summaryPath = resolve3(agentDir, "KNOWLEDGE-SUMMARY.md");
+  const hasKnowledge = existsSync4(knowledgePath);
+  const hasSummary = existsSync4(summaryPath);
+  if (hasKnowledge && hasSummary) {
+    const knowledgeMtime = statSync3(knowledgePath).mtimeMs;
+    const summaryMtime = statSync3(summaryPath).mtimeMs;
+    if (summaryMtime >= knowledgeMtime) {
+      knowledge = readFileSync4(summaryPath, "utf-8");
+    } else {
+      console.warn(`[agent-config] ${agentName}: KNOWLEDGE-SUMMARY.md is stale (KNOWLEDGE.md is newer) \u2014 using full knowledge`);
+      knowledge = readFileSync4(knowledgePath, "utf-8");
+    }
+    knowledgeBaked = true;
+  } else if (hasKnowledge) {
+    knowledge = readFileSync4(knowledgePath, "utf-8");
+    knowledgeBaked = true;
+  }
+  let budget = null;
+  const identityRaw = readAgentFile(accountDir, agentName, "IDENTITY.md");
+  const soulRaw = readAgentFile(accountDir, agentName, "SOUL.md");
+  if (identityRaw || soulRaw || knowledge) {
+    const identityTokens = identityRaw ? estimateTokens(identityRaw) : 0;
+    const soulTokens = soulRaw ? estimateTokens(soulRaw) : 0;
+    const knowledgeTokens = knowledge ? estimateTokens(knowledge) : 0;
+    budget = {
+      identity: identityTokens,
+      soul: soulTokens,
+      knowledge: knowledgeTokens,
+      plugins: 0,
+      total: identityTokens + soulTokens + knowledgeTokens
+    };
+  }
+  return { model, plugins, status, displayName, image, imageShape, showAgentName, knowledge, knowledgeBaked, liveMemory, knowledgeKeywords, budget, accessMode };
+}
+function getDefaultAccountId() {
+  return resolveAccount()?.accountId ?? null;
+}
+function resolveUserAccounts(userId) {
+  if (!existsSync4(ACCOUNTS_DIR)) return [];
+  const results = [];
+  const entries = readdirSync3(ACCOUNTS_DIR, { withFileTypes: true });
+  for (const entry of entries) {
+    if (!entry.isDirectory()) continue;
+    const configPath = resolve3(ACCOUNTS_DIR, entry.name, "account.json");
+    if (!existsSync4(configPath)) continue;
+    let config;
+    try {
+      config = JSON.parse(readFileSync4(configPath, "utf-8"));
+    } catch {
+      console.error(`[session] account.json corrupt at ${configPath} \u2014 skipping`);
+      continue;
+    }
+    const adminEntry = config.admins?.find((a) => a.userId === userId);
+    if (adminEntry) {
+      results.push({
+        accountId: config.accountId,
+        accountDir: resolve3(ACCOUNTS_DIR, entry.name),
+        config,
+        role: adminEntry.role
+      });
+    }
+  }
+  return results;
+}
+
+// app/lib/claude-agent/session-store.ts
+function findFirstSubstantiveUserMessage(turns) {
+  for (const t of turns) {
+    if (t.role !== "user") continue;
+    if (isMessageUseful(t.content)) return t.content;
+  }
+  return null;
+}
+var sessionStore = /* @__PURE__ */ new Map();
+function getSession2(sessionKey) {
+  return sessionStore.get(sessionKey);
+}
+setSessionStoreRef(sessionStore);
+function registerSession(sessionKey, agentType, accountId, agentName, userId, userName, role) {
+  const existing = sessionStore.get(sessionKey);
+  if (existing) {
+    existing.agentType = agentType;
+    existing.accountId = accountId;
+    existing.agentName = agentName ?? existing.agentName;
+    existing.userId = userId ?? existing.userId;
+    existing.userName = userName ?? existing.userName;
+    existing.role = role ?? existing.role;
+    return;
+  }
+  sessionStore.set(sessionKey, { createdAt: Date.now(), agentType, accountId, agentName, userId, userName, role });
+}
+function registerResumedSession(sessionKey, accountId, agentName, conversationId, messages) {
+  const messageHistory = messages.map((m) => ({
+    role: m.role,
+    content: m.content,
+    timestamp: m.timestamp ?? Date.now()
+  }));
+  sessionStore.set(sessionKey, {
+    createdAt: Date.now(),
+    agentType: "public",
+    accountId,
+    agentName,
+    conversationId,
+    messageHistory
+  });
+}
+function getSessionMessages(sessionKey) {
+  return sessionStore.get(sessionKey)?.messageHistory;
+}
+function clearSessionHistory(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return void 0;
+  const previousConversationId = session.conversationId;
+  session.agentSessionId = void 0;
+  session.pendingCompactionSummary = void 0;
+  session.stalledSubagents = void 0;
+  session.pendingTrimmedMessages = void 0;
+  session.pendingCommitmentOffers = void 0;
+  session.pendingTurns = void 0;
+  return previousConversationId;
+}
+function bufferPendingTurn(sessionKey, turn) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) {
+    console.error(`[conversation-gate] bufferPendingTurn: session not found sessionKey=${sessionKey.slice(0, 8)}\u2026`);
+    return;
+  }
+  if (!session.pendingTurns) session.pendingTurns = [];
+  session.pendingTurns.push(turn);
+  console.log(`[conversation-gate] ${(/* @__PURE__ */ new Date()).toISOString()} buffered sessionKey=${sessionKey.slice(0, 8)} role=${turn.role} turnCount=${session.pendingTurns.filter((t) => t.role === "user").length}`);
+}
+function getPendingTurnCount(sessionKey) {
+  const buf = sessionStore.get(sessionKey)?.pendingTurns;
+  if (!buf) return 0;
+  let n = 0;
+  for (const t of buf) if (t.role === "user") n++;
+  return n;
+}
+function drainPendingTurns(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (!session?.pendingTurns || session.pendingTurns.length === 0) return void 0;
+  const drained = session.pendingTurns;
+  session.pendingTurns = void 0;
+  return drained;
+}
+async function maybeFlushConversationBuffer(sessionKey, agentType, accountId) {
+  const sk8 = sessionKey.slice(0, 8);
+  const session = sessionStore.get(sessionKey);
+  if (!session) {
+    console.log(`[admin/conversation-flush] sessionKey=${sk8} agentType=${agentType} result=missing-session`);
+    return null;
+  }
+  if (session.conversationId) {
+    console.log(`[admin/conversation-flush] sessionKey=${sk8} agentType=${agentType} result=already-flushed conversationId=${session.conversationId.slice(0, 8)}`);
+    return { conversationId: session.conversationId, buffered: [] };
+  }
+  const bufferedCount = session.pendingTurns?.length ?? 0;
+  if (bufferedCount === 0) {
+    console.log(`[admin/conversation-flush] sessionKey=${sk8} agentType=${agentType} result=empty-buffer`);
+    return null;
+  }
+  if (session.flushInFlight) return session.flushInFlight;
+  const attempt = (async () => {
+    let conversationId = null;
+    if (agentType === "admin") {
+      const userId = session.userId;
+      if (!userId) {
+        console.error(`[admin/conversation-flush] sessionKey=${sk8} agentType=admin result=missing-userId bufferedCount=${bufferedCount}`);
+        return null;
+      }
+      conversationId = await createNewAdminConversation(userId, accountId, sessionKey, session.userName);
+    } else {
+      conversationId = await ensureConversation(accountId, "public", sessionKey, void 0, session.agentName, void 0);
+    }
+    if (!conversationId) {
+      console.error(`[admin/conversation-flush] sessionKey=${sk8} agentType=${agentType} result=writer-failed bufferedCount=${bufferedCount}`);
+      return null;
+    }
+    session.conversationId = conversationId;
+    if (agentType === "admin" && session.agentSessionId) {
+      setConversationAgentSessionId(conversationId, session.agentSessionId).catch(() => {
+      });
+    }
+    renameStreamLogsOnFlush(resolve4(ACCOUNTS_DIR, accountId), sessionKey, conversationId);
+    const buffered = drainPendingTurns(sessionKey) ?? [];
+    for (const turn of buffered) {
+      persistMessage(conversationId, turn.role, turn.content, accountId, turn.tokens, turn.timestamp, turn.sender, turn.components, turn.attachments).catch((err) => {
+        console.error(`[admin/conversation-flush] replay persistMessage failed role=${turn.role}: ${err instanceof Error ? err.message : String(err)}`);
+      });
+    }
+    console.log(`[admin/conversation-flush] sessionKey=${sk8} agentType=${agentType} result=ok conversationId=${conversationId.slice(0, 8)} bufferedMessages=${buffered.length}`);
+    return { conversationId, buffered };
+  })();
+  session.flushInFlight = attempt;
+  try {
+    return await attempt;
+  } finally {
+    if (session.flushInFlight === attempt) session.flushInFlight = void 0;
+  }
+}
+function isDmChannelSessionKey(sessionKey) {
+  return sessionKey.startsWith("whatsapp:") || sessionKey.startsWith("telegram:");
+}
+function getAgentNameForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.agentName;
+}
+function listAdminSessionsInProgress(accountId, userId) {
+  const rows = [];
+  for (const [sessionKey, session] of Array.from(sessionStore.entries())) {
+    if (session.agentType !== "admin") continue;
+    if (session.accountId !== accountId) continue;
+    if (session.userId !== userId) continue;
+    if (session.conversationId) continue;
+    rows.push({ sessionKey, createdAt: session.createdAt });
+  }
+  rows.sort((a, b) => b.createdAt - a.createdAt);
+  return rows;
+}
+function validateSession(sessionKey, agentType) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return { ok: false, reason: "session-not-registered" };
+  if (session.agentType !== agentType) return { ok: false, reason: "agent-type-mismatch" };
+  if (Date.now() - session.createdAt > 24 * 60 * 60 * 1e3) {
+    sessionStore.delete(sessionKey);
+    return { ok: false, reason: "session-expired-age" };
+  }
+  if (session.grantExpiresAt && Date.now() > session.grantExpiresAt) {
+    sessionStore.delete(sessionKey);
+    return { ok: false, reason: "grant-expired" };
+  }
+  return { ok: true };
+}
+function storeAgentSessionId(sessionKey, agentSessionId) {
+  const session = sessionStore.get(sessionKey);
+  if (session) {
+    session.agentSessionId = agentSessionId;
+    console.error(`[session-store] storeAgentSessionId sessionKey=${sessionKey.slice(0, 12)}\u2026 sessionId=${agentSessionId.slice(0, 8)}\u2026`);
+    if (session.agentType === "admin" && session.conversationId) {
+      setConversationAgentSessionId(session.conversationId, agentSessionId).catch(() => {
+      });
+    }
+  } else {
+    console.error(`[session-store] storeAgentSessionId SKIPPED \u2014 no session entry sessionKey=${sessionKey.slice(0, 12)}\u2026 sessionId=${agentSessionId.slice(0, 8)}\u2026`);
+  }
+}
+function getAgentSessionId(sessionKey) {
+  return sessionStore.get(sessionKey)?.agentSessionId;
+}
+function setAgentSessionId(sessionKey, agentSessionId) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return false;
+  session.agentSessionId = agentSessionId;
+  return true;
+}
+function storePendingCompactionSummary(sessionKey, summary) {
+  const session = sessionStore.get(sessionKey);
+  if (session) session.pendingCompactionSummary = summary;
+}
+function consumePendingCompactionSummary(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return void 0;
+  const summary = session.pendingCompactionSummary;
+  delete session.pendingCompactionSummary;
+  return summary;
+}
+function getAccountIdForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.accountId;
+}
+function getUserIdForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.userId;
+}
+function getUserNameForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.userName;
+}
+function getRoleForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.role;
+}
+function getConversationIdForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.conversationId;
+}
+function setConversationIdForSession(sessionKey, conversationId) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return false;
+  session.conversationId = conversationId;
+  return true;
+}
+function unregisterSession(sessionKey) {
+  return sessionStore.delete(sessionKey);
+}
+function getGroupSlugForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.groupSlug;
+}
+function getVisitorIdForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.visitorId;
+}
+function setGroupContextForSession(sessionKey, context) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return false;
+  session.groupSlug = context.groupSlug;
+  session.groupName = context.groupName;
+  session.conversationId = context.conversationId;
+  session.visitorId = context.visitorId;
+  session.senderDisplayName = context.senderDisplayName;
+  return true;
+}
+function registerGrantSession(sessionKey, accountId, agentName, opts) {
+  sessionStore.set(sessionKey, {
+    createdAt: Date.now(),
+    agentType: "public",
+    accountId,
+    agentName,
+    grantId: opts.grantId,
+    grantExpiresAt: opts.grantExpiresAt,
+    grantStatus: opts.grantStatus,
+    grantDisplayName: opts.grantDisplayName,
+    grantContactValue: opts.grantContactValue,
+    setupRequired: opts.setupRequired
+  });
+}
+function getGrantForSession(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (!session?.grantId) return void 0;
+  return {
+    grantId: session.grantId,
+    grantExpiresAt: session.grantExpiresAt,
+    grantStatus: session.grantStatus,
+    grantDisplayName: session.grantDisplayName,
+    grantContactValue: session.grantContactValue,
+    setupRequired: session.setupRequired
+  };
+}
+function completeGrantSetup(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (session) {
+    session.setupRequired = false;
+    session.grantStatus = "active";
+  }
+}
+function getMessageHistory(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return [];
+  if (!session.messageHistory) session.messageHistory = [];
+  return session.messageHistory;
+}
+function appendMessage(sessionKey, role, content, timestamp) {
+  if (!content) return;
+  const session = sessionStore.get(sessionKey);
+  if (!session) {
+    console.error(`[managed] appendMessage: session not found for key ${sessionKey.slice(0, 8)}\u2026 (store size: ${sessionStore.size})`);
+    return;
+  }
+  if (!session.messageHistory) session.messageHistory = [];
+  session.messageHistory.push({ role, content, timestamp: timestamp ?? Date.now() });
+}
+function storePendingTrimmedMessages(sessionKey, messages) {
+  const session = sessionStore.get(sessionKey);
+  if (session) session.pendingTrimmedMessages = messages;
+}
+function consumePendingTrimmedMessages(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return void 0;
+  const messages = session.pendingTrimmedMessages;
+  delete session.pendingTrimmedMessages;
+  return messages;
+}
+function storeStalledSubagent(sessionKey, info) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) {
+    console.error(`[stall-recovery] storeStalledSubagent: session not found for key ${sessionKey.slice(0, 8)}\u2026 \u2014 stall context lost`);
+    return;
+  }
+  if (!session.stalledSubagents) session.stalledSubagents = [];
+  session.stalledSubagents.push(info);
+}
+function consumeStalledSubagents(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (!session) return void 0;
+  const stalls = session.stalledSubagents;
+  delete session.stalledSubagents;
+  return stalls && stalls.length > 0 ? stalls : void 0;
+}
+function setPendingCommitmentOffers(sessionKey, offers) {
+  const session = sessionStore.get(sessionKey);
+  if (session) session.pendingCommitmentOffers = offers;
+}
+function getAgentTypeForSession(sessionKey) {
+  return sessionStore.get(sessionKey)?.agentType;
+}
+function clearMessageHistory(sessionKey) {
+  const session = sessionStore.get(sessionKey);
+  if (session) session.messageHistory = [];
+}
+var clearAgentSessionIdHandlers = [];
+function onClearAgentSessionId(handler) {
+  clearAgentSessionIdHandlers.push(handler);
+}
+function clearAgentSessionId(sessionKey, reason) {
+  const session = sessionStore.get(sessionKey);
+  if (session) {
+    session.agentSessionId = void 0;
+    console.error(`[session-store] clearAgentSessionId sessionKey=${sessionKey.slice(0, 12)}\u2026 reason=${reason}`);
+  } else {
+    console.error(`[session-store] clearAgentSessionId SKIPPED \u2014 no session entry sessionKey=${sessionKey.slice(0, 12)}\u2026 reason=${reason}`);
+  }
+  for (const handler of clearAgentSessionIdHandlers) {
+    try {
+      handler(sessionKey, reason);
+    } catch (err) {
+      console.error(`[session-store] clearAgentSessionId handler threw: ${err instanceof Error ? err.message : String(err)}`);
+    }
+  }
+}
+
+// app/lib/claude-agent/client-pool.ts
+var AsyncQueue = class {
+  buffer = [];
+  resolvers = [];
+  closed = false;
+  push(item) {
+    if (this.closed) return;
+    const resolver = this.resolvers.shift();
+    if (resolver) resolver({ value: item, done: false });
+    else this.buffer.push(item);
+  }
+  close() {
+    if (this.closed) return;
+    this.closed = true;
+    while (this.resolvers.length > 0) {
+      const r = this.resolvers.shift();
+      r({ value: void 0, done: true });
+    }
+  }
+  [Symbol.asyncIterator]() {
+    return {
+      next: () => new Promise((resolve5) => {
+        if (this.buffer.length > 0) {
+          resolve5({ value: this.buffer.shift(), done: false });
+        } else if (this.closed) {
+          resolve5({ value: void 0, done: true });
+        } else {
+          this.resolvers.push(resolve5);
+        }
+      }),
+      return: async () => {
+        this.close();
+        return { value: void 0, done: true };
+      }
+    };
+  }
+};
+var clientPool = /* @__PURE__ */ new Map();
+var DEFAULT_IDLE_MS = 30 * 60 * 1e3;
+var idleEvictMs = (() => {
+  const v = Number(process.env.CLAUDE_CLIENT_IDLE_MS);
+  return Number.isFinite(v) && v > 0 ? v : DEFAULT_IDLE_MS;
+})();
+var ABORT_SDK_TIMEOUT_MS = 2e3;
+function acquireClient(sessionKey, opts, streamLog) {
+  const existing = clientPool.get(sessionKey);
+  if (existing) {
+    existing.lastUsedAt = Date.now();
+    existing.turnsServed += 1;
+    safeWrite(
+      streamLog,
+      `[${isoTs()}] [client-warm-reuse] sessionKey=${sk(sessionKey)} ageMs=${Date.now() - existing.createdAt} turnsServed=${existing.turnsServed} cachedTokens=${existing.cachedTokensLastTurn}
+`
+    );
+    return { entry: existing, isCold: false };
+  }
+  const userQueue = new AsyncQueue();
+  const abortController = new AbortController();
+  let q;
+  try {
+    const sdkOptions = opts.buildSdkOptions();
+    q = query({ prompt: userQueue, options: { ...sdkOptions, abortController } });
+  } catch (err) {
+    const reason = err instanceof Error ? err.message : String(err);
+    safeWrite(
+      streamLog,
+      `[${isoTs()}] [client-spawn-error] sessionKey=${sk(sessionKey)} reason=${JSON.stringify(reason.slice(0, 200))}
+`
+    );
+    throw err;
+  }
+  const entry = {
+    query: q,
+    userQueue,
+    abortController,
+    inflight: null,
+    createdAt: Date.now(),
+    lastUsedAt: Date.now(),
+    turnsServed: 1,
+    resumedFromSessionId: opts.resumedFromSessionId,
+    cachedTokensLastTurn: -1,
+    accountId: opts.accountId,
+    accountDir: opts.accountDir,
+    logKey: opts.logKey
+  };
+  clientPool.set(sessionKey, entry);
+  safeWrite(
+    streamLog,
+    `[${isoTs()}] [client-cold-create] sessionKey=${sk(sessionKey)} resumedFrom=${opts.resumedFromSessionId ?? "none"} createdAtMs=${entry.createdAt}
+`
+  );
+  return { entry, isCold: true };
+}
+function pushUserMessage(entry, content) {
+  const msg = {
+    type: "user",
+    message: { role: "user", content },
+    parent_tool_use_id: null
+  };
+  entry.userQueue.push(msg);
+}
+function setInflight(entry, promise) {
+  entry.inflight = promise;
+  promise.finally(() => {
+    if (entry.inflight === promise) entry.inflight = null;
+  }).catch(() => {
+  });
+}
+function recordCachedTokens(entry, cachedTokens) {
+  entry.cachedTokensLastTurn = cachedTokens;
+}
+function getActiveClient(sessionKey) {
+  return clientPool.get(sessionKey);
+}
+function appendAbortLine(entry, line) {
+  const path = resolvePath(entry.accountDir, "logs", `claude-agent-stream-${entry.logKey}.log`);
+  try {
+    appendFileSync2(path, line);
+  } catch {
+  }
+  console.error(line.trimEnd());
+}
+async function interruptClient(sessionKey, _streamLog) {
+  void _streamLog;
+  const entry = clientPool.get(sessionKey);
+  if (!entry) return;
+  const startedAt = Date.now();
+  let resolved = false;
+  const timeout = new Promise(
+    (resolve5) => setTimeout(() => resolve5("timeout"), ABORT_SDK_TIMEOUT_MS)
+  );
+  const sdkAbort = entry.query.interrupt().then(() => {
+    resolved = true;
+    return "ok";
+  }).catch((err) => {
+    resolved = true;
+    return { error: err instanceof Error ? err.message : String(err) };
+  });
+  const result = await Promise.race([sdkAbort, timeout]);
+  const durationMs = Date.now() - startedAt;
+  if (result === "timeout" && !resolved) {
+    appendAbortLine(
+      entry,
+      `[${isoTs()}] [client-abort] sessionKey=${sk(sessionKey)} method=signal durationMs=${durationMs}
+`
+    );
+    evictClient(sessionKey, "abort-signal-fallback", null);
+    return;
+  }
+  if (typeof result === "object" && "error" in result) {
+    appendAbortLine(
+      entry,
+      `[${isoTs()}] [client-abort] sessionKey=${sk(sessionKey)} method=sdk durationMs=${durationMs} error=${JSON.stringify(result.error.slice(0, 120))}
+`
+    );
+    evictClient(sessionKey, "abort-error", null);
+    return;
+  }
+  appendAbortLine(
+    entry,
+    `[${isoTs()}] [client-abort] sessionKey=${sk(sessionKey)} method=sdk durationMs=${durationMs}
+`
+  );
+}
+function evictClient(sessionKey, reason, streamLog) {
+  const entry = clientPool.get(sessionKey);
+  if (!entry) return false;
+  const ageMs = Date.now() - entry.createdAt;
+  clientPool.delete(sessionKey);
+  try {
+    entry.userQueue.close();
+  } catch {
+  }
+  try {
+    entry.query.close();
+  } catch {
+  }
+  const line = `[${isoTs()}] [client-evict] reason=${reason} sessionKey=${sk(sessionKey)} ageMs=${ageMs} turnsServed=${entry.turnsServed}
+`;
+  if (streamLog) {
+    safeWrite(streamLog, line);
+  } else {
+    appendAbortLine(entry, line);
+  }
+  return true;
+}
+function acquireOneShotClient(sessionKey, opts, streamLog) {
+  const userQueue = new AsyncQueue();
+  const abortController = new AbortController();
+  let q;
+  try {
+    const sdkOptions = opts.buildSdkOptions();
+    q = query({ prompt: userQueue, options: { ...sdkOptions, abortController } });
+  } catch (err) {
+    const reason = err instanceof Error ? err.message : String(err);
+    safeWrite(
+      streamLog,
+      `[${isoTs()}] [client-spawn-error] sessionKey=${sk(sessionKey)} site=compaction-one-shot reason=${JSON.stringify(reason.slice(0, 200))}
+`
+    );
+    throw err;
+  }
+  const entry = {
+    query: q,
+    userQueue,
+    abortController,
+    inflight: null,
+    createdAt: Date.now(),
+    lastUsedAt: Date.now(),
+    turnsServed: 1,
+    resumedFromSessionId: opts.resumedFromSessionId,
+    cachedTokensLastTurn: -1,
+    accountId: opts.accountId,
+    accountDir: opts.accountDir,
+    logKey: opts.logKey
+  };
+  safeWrite(
+    streamLog,
+    `[${isoTs()}] [client-cold-create] reason=compaction-one-shot sessionKey=${sk(sessionKey)} createdAtMs=${entry.createdAt}
+`
+  );
+  let evicted = false;
+  const evict = (reason) => {
+    if (evicted) return;
+    evicted = true;
+    const ageMs = Date.now() - entry.createdAt;
+    try {
+      entry.userQueue.close();
+    } catch {
+    }
+    try {
+      entry.query.close();
+    } catch {
+    }
+    safeWrite(
+      streamLog,
+      `[${isoTs()}] [client-evict] reason=${reason} sessionKey=${sk(sessionKey)} ageMs=${ageMs}
+`
+    );
+  };
+  return { entry, evict };
+}
+function recordCrash(sessionKey, reason, streamLog) {
+  const entry = clientPool.get(sessionKey);
+  if (!entry) return;
+  const tail = JSON.stringify(reason.slice(-512));
+  clientPool.delete(sessionKey);
+  try {
+    entry.userQueue.close();
+  } catch {
+  }
+  try {
+    entry.query.close();
+  } catch {
+  }
+  safeWrite(
+    streamLog,
+    `[${isoTs()}] [client-crash] sessionKey=${sk(sessionKey)} reason=${JSON.stringify(reason.slice(0, 80))} tail=${tail}
+`
+  );
+}
+var IDLE_TICK_MS = 6e4;
+var idleTickHandle = null;
+function evictIdleTick() {
+  const now = Date.now();
+  for (const [sessionKey, entry] of Array.from(clientPool.entries())) {
+    if (entry.inflight !== null) continue;
+    if (now - entry.lastUsedAt < idleEvictMs) continue;
+    const ageMs = now - entry.createdAt;
+    clientPool.delete(sessionKey);
+    try {
+      entry.userQueue.close();
+    } catch {
+    }
+    try {
+      entry.query.close();
+    } catch {
+    }
+    console.error(
+      `[${isoTs()}] [client-evict] reason=idle sessionKey=${sk(sessionKey)} ageMs=${ageMs} idleMs=${now - entry.lastUsedAt} turnsServed=${entry.turnsServed}`
+    );
+  }
+}
+function startIdleEvictTick() {
+  if (idleTickHandle) return;
+  idleTickHandle = setInterval(evictIdleTick, IDLE_TICK_MS);
+  if (idleTickHandle.unref) idleTickHandle.unref();
+}
+function stopIdleEvictTick() {
+  if (idleTickHandle) {
+    clearInterval(idleTickHandle);
+    idleTickHandle = null;
+  }
+}
+startIdleEvictTick();
+onClearAgentSessionId((sessionKey, reason) => {
+  const entry = clientPool.get(sessionKey);
+  if (!entry) return;
+  const ageMs = Date.now() - entry.createdAt;
+  clientPool.delete(sessionKey);
+  try {
+    entry.userQueue.close();
+  } catch {
+  }
+  try {
+    entry.query.close();
+  } catch {
+  }
+  console.error(
+    `[${isoTs()}] [client-evict] reason=clearAgentSessionId-${reason} sessionKey=${sk(sessionKey)} ageMs=${ageMs} turnsServed=${entry.turnsServed}`
+  );
+});
+function sk(sessionKey) {
+  return sessionKey.length > 12 ? sessionKey.slice(0, 12) + "\u2026" : sessionKey;
+}
+function safeWrite(stream, line) {
+  if (!stream || stream.destroyed) return;
+  if (stream.writableEnded) return;
+  try {
+    stream.write(line);
+  } catch {
+  }
+}
+function _poolSnapshotForTest() {
+  const now = Date.now();
+  return Array.from(clientPool.entries()).map(([sessionKey, entry]) => ({
+    sessionKey,
+    ageMs: now - entry.createdAt,
+    idleMs: now - entry.lastUsedAt,
+    turnsServed: entry.turnsServed,
+    inflight: entry.inflight !== null
+  }));
+}
+function _evictAllForTest(reason = "test-tear-down") {
+  for (const sessionKey of Array.from(clientPool.keys())) {
+    const entry = clientPool.get(sessionKey);
+    if (!entry) continue;
+    clientPool.delete(sessionKey);
+    try {
+      entry.userQueue.close();
+    } catch {
+    }
+    try {
+      entry.query.close();
+    } catch {
+    }
+  }
+  void reason;
+}
+
+export {
+  substituteBrandPlaceholders,
+  PLATFORM_ROOT2 as PLATFORM_ROOT,
+  ACCOUNTS_DIR,
+  resolveAccount,
+  readAgentFile,
+  readIdentity,
+  validateAgentSlug,
+  resolveDefaultAgentSlug,
+  resolveAgentConfig,
+  getDefaultAccountId,
+  resolveUserAccounts,
+  HAIKU_MODEL,
+  contextWindow,
+  getSession,
+  runBootMigrations,
+  embed,
+  GREETING_DIRECTIVE,
+  ensureConversation,
+  findRecentConversation,
+  findGroupBySlug,
+  getGroupParticipants,
+  checkGroupMembership,
+  bindVisitorToGroup,
+  getMessagesSince,
+  getGroupMessagesForContext,
+  backfillNullUserIdConversations,
+  fetchBranding,
+  persistToolCall,
+  persistMessage,
+  setConversationAgentSessionId,
+  getAgentSessionIdForConversation,
+  getRecentMessages,
+  markComponentSubmitted,
+  verifyConversationOwnership,
+  verifyAndGetConversationUpdatedAt,
+  searchMessages,
+  listAdminSessions,
+  deleteConversation,
+  generateSessionLabel,
+  autoLabelSession,
+  renameConversation,
+  getUserTimezone,
+  loadAdminUserName,
+  writeAdminUserAndPerson,
+  loadUserProfile,
+  loadSessionContext,
+  loadOnboardingStep,
+  writeReflectionPreferences,
+  projectAgent,
+  deleteAgentProjection,
+  isoTs,
+  isBrowserTool,
+  runFailureDiagnostic,
+  agentLogStream,
+  preConversationLogStream,
+  sigtermFlushStreamLogs,
+  preflushStreamLogKey,
+  findFirstSubstantiveUserMessage,
+  getSession2,
+  registerSession,
+  registerResumedSession,
+  getSessionMessages,
+  clearSessionHistory,
+  bufferPendingTurn,
+  getPendingTurnCount,
+  maybeFlushConversationBuffer,
+  isDmChannelSessionKey,
+  getAgentNameForSession,
+  listAdminSessionsInProgress,
+  validateSession,
+  storeAgentSessionId,
+  getAgentSessionId,
+  setAgentSessionId,
+  storePendingCompactionSummary,
+  consumePendingCompactionSummary,
+  getAccountIdForSession,
+  getUserIdForSession,
+  getUserNameForSession,
+  getRoleForSession,
+  getConversationIdForSession,
+  setConversationIdForSession,
+  unregisterSession,
+  getGroupSlugForSession,
+  getVisitorIdForSession,
+  setGroupContextForSession,
+  registerGrantSession,
+  getGrantForSession,
+  completeGrantSetup,
+  getMessageHistory,
+  appendMessage,
+  storePendingTrimmedMessages,
+  consumePendingTrimmedMessages,
+  storeStalledSubagent,
+  consumeStalledSubagents,
+  setPendingCommitmentOffers,
+  getAgentTypeForSession,
+  clearMessageHistory,
+  clearAgentSessionId,
+  acquireClient,
+  pushUserMessage,
+  setInflight,
+  recordCachedTokens,
+  getActiveClient,
+  interruptClient,
+  evictClient,
+  acquireOneShotClient,
+  recordCrash,
+  startIdleEvictTick,
+  stopIdleEvictTick,
+  _poolSnapshotForTest,
+  _evictAllForTest
+};