npm - @rubytech/create-maxy - Versions diffs - 1.0.892 → 1.0.893 - Mend

@rubytech/create-maxy 1.0.892 → 1.0.893

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/payload/server/server.js CHANGED Viewed

@@ -13,7 +13,6 @@ import {
   clearRateLimit,
   clientIpMiddleware,
   compactSession,
-  computeConstraints,
   createRemoteSession,
   deriveComponentAttachmentId,
   deriveComponentMimeType,
@@ -32,11 +31,9 @@ import {
   isRemoteAuthConfigured,
   keyFilePath,
   launchAction,
-  load,
   logPath,
   pickComponentBytes,
   recordFailedAttempt,
-  render,
   renderLoginPage,
   requireAdminSession,
   resolveBrowserTransport,
@@ -60,7 +57,7 @@ import {
   vncLog,
   waitForExit,
   writeChromiumWrapper
-} from "./chunk-73V6BIF6.js";
+} from "./chunk-4S22HQC6.js";
 import {
   ACCOUNTS_DIR,
   CDP_PORT,
@@ -118,7 +115,7 @@ import {
   validateAgentSlug,
   validateSession,
   walkPremiumBundles
-} from "./chunk-XTNLCFCG.js";
+} from "./chunk-FSJLLIEA.js";
 import {
   CLOUDFLARE_TASK_DIAGNOSTICS,
   appendCloudflareSteps,
@@ -7480,7 +7477,7 @@ var app11 = new Hono();
 app11.post("/cancel", requireAdminSession, async (c) => {
   const session_key = c.var.cacheKey;
   try {
-    const { interruptClient: interruptClient2 } = await import("./client-pool-MZQ7CDG3.js");
+    const { interruptClient: interruptClient2 } = await import("./client-pool-XM2AWBV5.js");
     await interruptClient2(session_key);
     return c.json({ ok: true });
   } catch (err) {
@@ -8828,6 +8825,7 @@ app20.delete("/:id", requireAdminSession, async (c) => {
 });
 app20.post("/:id/resume", async (c) => {
   const conversationId = c.req.param("id");
+  const t0 = Date.now();
   const signedSessionToken = c.req.query("session_key") ?? "";
   if (!signedSessionToken) {
     console.error(`[session] middleware-reject status=400 code=session-missing reason="session_key required" path=${c.req.path}`);
@@ -9090,6 +9088,7 @@ app20.post("/:id/resume", async (c) => {
   }
   const age = formatAge(updatedAt);
   console.log(`[admin-resume] ${(/* @__PURE__ */ new Date()).toISOString()} reason=${reason} conversationId=${conversationId.slice(0, 8)}\u2026 age=${age} loaded=${messages.length} messages ${tag} components=${totalComponents} attachments=${totalAttachments} syntheticHidden=${syntheticHidden} jsonlMissing=${jsonlMissing} healMissing=${jsonlHealMissing} cacheKey=${cacheKey.slice(0, 8)}\u2026`);
+  console.log(`[admin-session-restore] cacheKey=${cacheKey.slice(0, 8)} conversationId=${conversationId.slice(0, 8)} messageCount=${rehydrated.length} ms=${Date.now() - t0}`);
   return c.json({
     conversationId,
     messages: rehydrated,
@@ -12307,31 +12306,6 @@ app33.post("/", async (c) => {
 });
 var file_attach_default = app33;
-// server/routes/admin/adherence.ts
-var app34 = new Hono();
-app34.get("/", requireAdminSession, async (c) => {
-  const agent = c.req.query("agent") ?? "admin";
-  const includeBlock = c.req.query("block") === "1";
-  const account = resolveAccount();
-  if (!account) return c.json({ error: "No account configured" }, 500);
-  try {
-    const ledger = load(account.accountDir, account.accountId, agent);
-    const constraints = computeConstraints(ledger);
-    const body = {
-      ledger,
-      constraints
-    };
-    if (includeBlock) {
-      body.rendered = render(ledger, { blockingRuleIds: constraints.blockingRuleIds });
-    }
-    return c.json(body);
-  } catch (err) {
-    console.error(`[adherence-route] error agent=${agent} err=${err instanceof Error ? err.message : String(err)}`);
-    return c.json({ error: "Failed to read adherence ledger", agent }, 500);
-  }
-});
-var adherence_default = app34;
 // server/routes/admin/sidebar-artefacts.ts
 import neo4j3 from "neo4j-driver";
 import { readFile as readFile4, readdir as readdir3, stat as stat4 } from "fs/promises";
@@ -12340,8 +12314,8 @@ import { existsSync as existsSync19 } from "fs";
 var LIMIT = 50;
 var TEXT_MIME_PREFIXES = ["text/", "application/json", "application/markdown"];
 var ADMIN_AGENT_FILES = ["IDENTITY.md", "SOUL.md", "KNOWLEDGE.md"];
-var app35 = new Hono();
-app35.get("/", requireAdminSession, async (c) => {
+var app34 = new Hono();
+app34.get("/", requireAdminSession, async (c) => {
   const cacheKey = c.var.cacheKey;
   const accountId = getAccountIdForSession(cacheKey);
   if (!accountId) {
@@ -12547,7 +12521,7 @@ function isWithin(target, root) {
   const rel = relative2(root, target);
   return !rel.startsWith("..") && !isAbsolute(rel);
 }
-var sidebar_artefacts_default = app35;
+var sidebar_artefacts_default = app34;
 // server/routes/admin/sidebar-artefact-save.ts
 import { mkdir as mkdir3, readdir as readdir4, stat as stat5, writeFile as writeFile4 } from "fs/promises";
@@ -12555,8 +12529,8 @@ import { resolve as resolve16 } from "path";
 import { existsSync as existsSync20 } from "fs";
 var ADMIN_AGENT_FILES2 = /* @__PURE__ */ new Set(["IDENTITY.md", "SOUL.md", "KNOWLEDGE.md"]);
 var UUID_RE8 = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/;
-var app36 = new Hono();
-app36.post("/", requireAdminSession, async (c) => {
+var app35 = new Hono();
+app35.post("/", requireAdminSession, async (c) => {
   const cacheKey = c.var.cacheKey;
   const accountId = getAccountIdForSession(cacheKey);
   if (!accountId) return c.json({ error: "Account not found for session" }, 401);
@@ -12668,15 +12642,15 @@ async function resolveSavePath(id, accountId, accountDir) {
 function relPath(absPath, root) {
   return absPath.startsWith(root) ? absPath.slice(root.length + 1) : absPath;
 }
-var sidebar_artefact_save_default = app36;
+var sidebar_artefact_save_default = app35;
 // server/routes/admin/sidebar-artefact-content.ts
 import { readFile as readFile5, readdir as readdir5 } from "fs/promises";
 import { existsSync as existsSync21 } from "fs";
 import { resolve as resolve17 } from "path";
 var UUID_RE9 = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/;
-var app37 = new Hono();
-app37.get("/", requireAdminSession, async (c) => {
+var app36 = new Hono();
+app36.get("/", requireAdminSession, async (c) => {
   const cacheKey = c.var.cacheKey;
   const accountId = getAccountIdForSession(cacheKey);
   if (!accountId) return new Response("Unauthorized", { status: 401 });
@@ -12717,7 +12691,7 @@ app37.get("/", requireAdminSession, async (c) => {
     }
   });
 });
-var sidebar_artefact_content_default = app37;
+var sidebar_artefact_content_default = app36;
 // server/routes/admin/health.ts
 import { existsSync as existsSync22, readFileSync as readFileSync16 } from "fs";
@@ -12762,8 +12736,8 @@ async function probeConversationDb() {
     });
   }
 }
-var app38 = new Hono();
-app38.get("/", async (c) => {
+var app37 = new Hono();
+app37.get("/", async (c) => {
   const version = readVersion();
   const probe = await probeConversationDb();
   const uptimeMs = Date.now() - new Date(PROCESS_STARTED_AT).getTime();
@@ -12785,40 +12759,39 @@ app38.get("/", async (c) => {
     uptimeMs
   });
 });
-var health_default2 = app38;
+var health_default2 = app37;
 // server/routes/admin/index.ts
-var app39 = new Hono();
-app39.route("/session", session_default2);
-app39.route("/chat", chat_default2);
-app39.route("/chat-failure", chat_failure_default);
-app39.route("/failure-report", failure_report_default);
-app39.route("/sse-telemetry", sse_telemetry_default);
-app39.route("/compact", compact_default);
-app39.route("/logs", logs_default);
-app39.route("/claude-info", claude_info_default);
-app39.route("/attachment", attachment_default);
-app39.route("/agents", agents_default);
-app39.route("/sessions", sessions_default);
-app39.route("/browser", browser_default);
-app39.route("/browser-iframe", browser_iframe_default);
-app39.route("/device-browser", device_browser_default);
-app39.route("/events", events_default);
-app39.route("/cloudflare", cloudflare_default);
-app39.route("/files", files_default);
-app39.route("/graph-search", graph_search_default);
-app39.route("/graph-subgraph", graph_subgraph_default);
-app39.route("/graph-delete", graph_delete_default);
-app39.route("/graph-restore", graph_restore_default);
-app39.route("/graph-labels-in-graph", graph_labels_in_graph_default);
-app39.route("/graph-default-view", graph_default_view_default);
-app39.route("/file-attach", file_attach_default);
-app39.route("/adherence", adherence_default);
-app39.route("/sidebar-artefacts", sidebar_artefacts_default);
-app39.route("/sidebar-artefact-save", sidebar_artefact_save_default);
-app39.route("/sidebar-artefact-content", sidebar_artefact_content_default);
-app39.route("/health-brand", health_default2);
-var admin_default = app39;
+var app38 = new Hono();
+app38.route("/session", session_default2);
+app38.route("/chat", chat_default2);
+app38.route("/chat-failure", chat_failure_default);
+app38.route("/failure-report", failure_report_default);
+app38.route("/sse-telemetry", sse_telemetry_default);
+app38.route("/compact", compact_default);
+app38.route("/logs", logs_default);
+app38.route("/claude-info", claude_info_default);
+app38.route("/attachment", attachment_default);
+app38.route("/agents", agents_default);
+app38.route("/sessions", sessions_default);
+app38.route("/browser", browser_default);
+app38.route("/browser-iframe", browser_iframe_default);
+app38.route("/device-browser", device_browser_default);
+app38.route("/events", events_default);
+app38.route("/cloudflare", cloudflare_default);
+app38.route("/files", files_default);
+app38.route("/graph-search", graph_search_default);
+app38.route("/graph-subgraph", graph_subgraph_default);
+app38.route("/graph-delete", graph_delete_default);
+app38.route("/graph-restore", graph_restore_default);
+app38.route("/graph-labels-in-graph", graph_labels_in_graph_default);
+app38.route("/graph-default-view", graph_default_view_default);
+app38.route("/file-attach", file_attach_default);
+app38.route("/sidebar-artefacts", sidebar_artefacts_default);
+app38.route("/sidebar-artefact-save", sidebar_artefact_save_default);
+app38.route("/sidebar-artefact-content", sidebar_artefact_content_default);
+app38.route("/health-brand", health_default2);
+var admin_default = app38;
 // server/routes/sites.ts
 import { existsSync as existsSync23, readFileSync as readFileSync17, realpathSync as realpathSync4, statSync as statSync7 } from "fs";
@@ -12853,8 +12826,8 @@ function getExt(p) {
   if (idx < p.lastIndexOf("/")) return "";
   return p.slice(idx).toLowerCase();
 }
-var app40 = new Hono();
-app40.get("/:rel{.*}", (c) => {
+var app39 = new Hono();
+app39.get("/:rel{.*}", (c) => {
   const reqPath = c.req.path;
   const rawRel = c.req.param("rel") ?? "";
   const trimmed = rawRel.replace(/^\/+/, "").replace(/\/+$/, "");
@@ -12957,7 +12930,7 @@ app40.get("/:rel{.*}", (c) => {
     "X-Content-Type-Options": "nosniff"
   });
 });
-var sites_default = app40;
+var sites_default = app39;
 // app/lib/graph-health.ts
 var HOUR_MS = 60 * 60 * 1e3;
@@ -13367,9 +13340,9 @@ watchFile(ALIAS_DOMAINS_PATH2, { interval: 2e3 }, () => {
 function isPublicHost(host) {
   return host.startsWith("public.") || aliasDomains.has(host);
 }
-var app41 = new Hono();
-app41.use("*", clientIpMiddleware);
-app41.use("*", async (c, next) => {
+var app40 = new Hono();
+app40.use("*", clientIpMiddleware);
+app40.use("*", async (c, next) => {
   await next();
   c.header("X-Content-Type-Options", "nosniff");
   c.header("Referrer-Policy", "strict-origin-when-cross-origin");
@@ -13379,7 +13352,7 @@ app41.use("*", async (c, next) => {
   );
 });
 var HTTP_LOG_PATHS = /* @__PURE__ */ new Set(["/vnc-viewer.html", "/vnc-popout.html"]);
-app41.use("*", async (c, next) => {
+app40.use("*", async (c, next) => {
   if (!HTTP_LOG_PATHS.has(c.req.path)) {
     await next();
     return;
@@ -13412,7 +13385,7 @@ var PUBLIC_ALLOWED_PREFIXES = [
   "/sites/"
 ];
 var PUBLIC_ALLOWED_EXACT = ["/favicon.ico"];
-app41.use("*", async (c, next) => {
+app40.use("*", async (c, next) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (!isPublicHost(host)) {
     await next();
@@ -13452,7 +13425,7 @@ function resolveRemoteAuthOpts() {
   return brandLoginOpts;
 }
 var MAX_LOGIN_BODY = 8 * 1024;
-app41.post("/__remote-auth/login", async (c) => {
+app40.post("/__remote-auth/login", async (c) => {
   const client = clientFrom(c);
   const clientIp = client.ip || "unknown";
   if (!requestIsTlsTerminated(c)) {
@@ -13497,7 +13470,7 @@ app41.post("/__remote-auth/login", async (c) => {
     }
   });
 });
-app41.get("/__remote-auth/logout", (c) => {
+app40.get("/__remote-auth/logout", (c) => {
   const client = clientFrom(c);
   const clientIp = client.ip || "unknown";
   console.error(`[remote-auth] logout ip=${clientIp}`);
@@ -13510,7 +13483,7 @@ app41.get("/__remote-auth/logout", (c) => {
     }
   });
 });
-app41.post("/__remote-auth/change-password", async (c) => {
+app40.post("/__remote-auth/change-password", async (c) => {
   const client = clientFrom(c);
   const clientIp = client.ip || "unknown";
   const rateLimited = checkRateLimit(client);
@@ -13561,13 +13534,13 @@ app41.post("/__remote-auth/change-password", async (c) => {
     return c.html(renderLoginPage({ ...resolveRemoteAuthOpts(), mode: "change", changeError: "Failed to save password", redirect }), 200);
   }
 });
-app41.get("/__remote-auth/setup", (c) => {
+app40.get("/__remote-auth/setup", (c) => {
   if (isRemoteAuthConfigured()) {
     return c.redirect("/");
   }
   return c.html(renderLoginPage({ ...resolveRemoteAuthOpts(), mode: "setup" }), 200);
 });
-app41.post("/__remote-auth/set-initial-password", async (c) => {
+app40.post("/__remote-auth/set-initial-password", async (c) => {
   if (isRemoteAuthConfigured()) {
     return c.redirect("/");
   }
@@ -13605,10 +13578,10 @@ app41.post("/__remote-auth/set-initial-password", async (c) => {
     return c.html(renderLoginPage({ ...resolveRemoteAuthOpts(), mode: "setup", setupError: "Failed to save password. Please try again." }), 200);
   }
 });
-app41.get("/api/remote-auth/status", (c) => {
+app40.get("/api/remote-auth/status", (c) => {
   return c.json({ configured: isRemoteAuthConfigured() });
 });
-app41.post("/api/remote-auth/set-password", async (c) => {
+app40.post("/api/remote-auth/set-password", async (c) => {
   let body;
   try {
     body = await c.req.json();
@@ -13639,9 +13612,9 @@ app41.post("/api/remote-auth/set-password", async (c) => {
     return c.json({ error: "Failed to save password" }, 500);
   }
 });
-app41.route("/api/_client-error", client_error_default);
+app40.route("/api/_client-error", client_error_default);
 console.log("[client-error-route] mounted");
-app41.use("*", async (c, next) => {
+app40.use("*", async (c, next) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   const path2 = c.req.path;
   if (path2 === "/favicon.ico" || path2.startsWith("/assets/") || path2.startsWith("/brand/")) {
@@ -13681,15 +13654,15 @@ app41.use("*", async (c, next) => {
   console.error(`[remote-auth] login required ip=${clientIp} path=${path2} ${disambig}`);
   return c.html(renderLoginPage({ ...resolveRemoteAuthOpts(), redirect: path2 }), 200);
 });
-app41.route("/api/health", health_default);
-app41.route("/api/session", session_default);
-app41.route("/api/chat", chat_default);
-app41.route("/api/group", group_default);
-app41.route("/api/access", access_default);
-app41.route("/api/telegram", telegram_default);
-app41.route("/api/whatsapp", whatsapp_default);
-app41.route("/api/onboarding", onboarding_default);
-app41.route("/api/admin", admin_default);
+app40.route("/api/health", health_default);
+app40.route("/api/session", session_default);
+app40.route("/api/chat", chat_default);
+app40.route("/api/group", group_default);
+app40.route("/api/access", access_default);
+app40.route("/api/telegram", telegram_default);
+app40.route("/api/whatsapp", whatsapp_default);
+app40.route("/api/onboarding", onboarding_default);
+app40.route("/api/admin", admin_default);
 var SAFE_SLUG_RE = /^[a-z][a-z0-9-]{2,49}$/;
 var SAFE_FILENAME_RE = /^[a-z0-9_][a-z0-9_.-]{0,99}$/i;
 var IMAGE_MIME = {
@@ -13701,7 +13674,7 @@ var IMAGE_MIME = {
   ".svg": "image/svg+xml",
   ".ico": "image/x-icon"
 };
-app41.get("/agent-assets/:slug/:filename", (c) => {
+app40.get("/agent-assets/:slug/:filename", (c) => {
   const slug = c.req.param("slug");
   const filename = c.req.param("filename");
   if (!SAFE_SLUG_RE.test(slug)) {
@@ -13736,7 +13709,7 @@ app41.get("/agent-assets/:slug/:filename", (c) => {
     "Cache-Control": "public, max-age=3600"
   });
 });
-app41.get("/generated/:filename", (c) => {
+app40.get("/generated/:filename", (c) => {
   const filename = c.req.param("filename");
   if (!SAFE_FILENAME_RE.test(filename) || filename.includes("..")) {
     console.error(`[generated] serve file=${filename} status=403`);
@@ -13766,7 +13739,7 @@ app41.get("/generated/:filename", (c) => {
     "Cache-Control": "public, max-age=86400"
   });
 });
-app41.route("/sites", sites_default);
+app40.route("/sites", sites_default);
 var htmlCache = /* @__PURE__ */ new Map();
 var brandLogoPath = "/brand/maxy-monochrome.png";
 var brandIconPath = "/brand/maxy-monochrome.png";
@@ -13903,7 +13876,7 @@ function brandedPublicHtml(agentSlug) {
 function escapeHtml(s) {
   return s.replace(/&/g, "&amp;").replace(/"/g, "&quot;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
 }
-app41.get("/", (c) => {
+app40.get("/", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) {
     const defaultSlug = resolveDefaultSlug();
@@ -13911,12 +13884,12 @@ app41.get("/", (c) => {
   }
   return c.html(cachedHtml("index.html"));
 });
-app41.get("/public", (c) => {
+app40.get("/public", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) return c.text("Not found", 404);
   return c.html(cachedHtml("public.html"));
 });
-app41.get("/chat", (c) => {
+app40.get("/chat", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) return c.text("Not found", 404);
   return c.html(cachedHtml("public.html"));
@@ -13935,9 +13908,9 @@ async function logViewerFetch(c, next) {
     duration_ms: Date.now() - start
   });
 }
-app41.use("/vnc-viewer.html", logViewerFetch);
-app41.use("/vnc-popout.html", logViewerFetch);
-app41.get("/vnc-popout.html", (c) => {
+app40.use("/vnc-viewer.html", logViewerFetch);
+app40.use("/vnc-popout.html", logViewerFetch);
+app40.get("/vnc-popout.html", (c) => {
   let html = htmlCache.get("vnc-popout.html");
   if (!html) {
     html = readFileSync19(resolve21(process.cwd(), "public", "vnc-popout.html"), "utf-8");
@@ -13950,7 +13923,7 @@ app41.get("/vnc-popout.html", (c) => {
   }
   return c.html(html);
 });
-app41.post("/api/vnc/client-event", async (c) => {
+app40.post("/api/vnc/client-event", async (c) => {
   let body;
   try {
     body = await c.req.json();
@@ -13971,20 +13944,20 @@ app41.post("/api/vnc/client-event", async (c) => {
   });
   return c.json({ ok: true });
 });
-app41.get("/g/:slug", (c) => {
+app40.get("/g/:slug", (c) => {
   return c.html(brandedPublicHtml());
 });
-app41.get("/graph", (c) => {
+app40.get("/graph", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) return c.text("Not found", 404);
   return c.html(cachedHtml("graph.html"));
 });
-app41.get("/data", (c) => {
+app40.get("/data", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) return c.text("Not found", 404);
   return c.html(cachedHtml("data.html"));
 });
-app41.get("/:slug", async (c, next) => {
+app40.get("/:slug", async (c, next) => {
   const slug = c.req.param("slug");
   if (AGENT_SLUG_PATTERN.test(`/${slug}`)) {
     const branding = loadBrandingCache(slug);
@@ -13994,15 +13967,15 @@ app41.get("/:slug", async (c, next) => {
   await next();
 });
 if (brandFaviconPath !== "/favicon.ico") {
-  app41.get("/favicon.ico", (c) => {
+  app40.get("/favicon.ico", (c) => {
     c.header("Cache-Control", "public, max-age=300");
     return c.redirect(brandFaviconPath, 302);
   });
 }
-app41.use("/*", serveStatic({ root: "./public" }));
+app40.use("/*", serveStatic({ root: "./public" }));
 var port = parseInt(process.env.MAXY_UI_INTERNAL_PORT ?? process.env.PORT ?? "19199", 10);
 var hostname = process.env.HOSTNAME ?? "127.0.0.1";
-var httpServer = serve({ fetch: app41.fetch, port, hostname });
+var httpServer = serve({ fetch: app40.fetch, port, hostname });
 console.log(`${BRAND.productName} listening on http://${hostname}:${port}`);
 console.log("[boot] auth-mode summary: oauth=8 api-key=1 (api-key consumer: invokePublicAgent only)");
 var SUBAPP_MANIFEST = [
@@ -14023,7 +13996,7 @@ for (const m of SUBAPP_MANIFEST) {
 }
 try {
   const registered = [];
-  for (const r of app41.routes ?? []) {
+  for (const r of app40.routes ?? []) {
     if (typeof r.path !== "string" || r.path.includes(":") || r.path.includes("*")) continue;
     if (AGENT_SLUG_PATTERN.test(r.path)) {
       registered.push({ method: (r.method ?? "ALL").toUpperCase(), path: r.path });

package/payload/platform/plugins/docs/references/adherence.md DELETED Viewed

@@ -1,98 +0,0 @@
-# Adherence Fidelity
-User-facing reference for the attention-weighted correction ledger that makes agent adherence compound. Canonical platform documentation lives at [`.docs/agents.md`](../../../../.docs/agents.md) § Adherence Fidelity — this reference mirrors the same behaviour for operators reading plugin docs.
----
-## What it solves
-The agent's prerogatives (PRECISE, CONCISE, EVIDENCE-BASED) are prose at the top of every system prompt. Without a compounding mechanism, a rule corrected 50 times has the same attention weight as a rule corrected once. Adherence Fidelity adds a per-agent ledger whose rendered summary is inserted into the system prompt every turn, so the agent sees its own recidivism with counts, samples, and recency.
-## How an operator sees it
-**In chat:** ask the agent *"what is my adherence score?"* or *"what are my top rule violations?"* The admin agent answers via the `adherence-read` tool, which reads the ledger file on disk — the number is authoritative.
-**Via API:** `GET /api/admin/adherence?agent=admin` returns the ledger JSON, plus `constraints` (whether capability routing is active for the next turn) and an optional `rendered` block when called with `?block=1`.
-**On the filesystem:** `{accountDir}/agents/{agentName}/adherence-ledger.json` is the source of truth. `jq` queries work directly:
-```bash
-jq '{score, top: (.rules | sort_by(-.count) | .[0])}' \
-  ~/.maxy/<accountId>/agents/admin/adherence-ledger.json
-```
-## Score
-```
-score = 100 × (1 − rules_violating_in_rolling_7d / n_rules)
-```
-An agent with three rules, zero of which have a violation in the last 7 days, scores 100%. One out of three scores 67%. All three scores 0%.
-## Top offenders
-The rendered ledger block bolds the top-3 rules by `count` (all-time, not just the rolling window) and quotes their most recent `last_sample`. Rules 4 through 10 appear as one-liners. Zero-recidivism rules (`count = 0` and `rolling_7d = 0`) are omitted entirely.
-Sort order: `count DESC, last_violated_at DESC`.
-## Capability routing at threshold
-When any rule's `rolling_7d` reaches `5`, the next turn's spawn is clamped:
-- `--max-turns` drops to `5` — the agent has fewer turns to sprawl.
-- Non-core tools drop from the allowed set (currently the specialist roles).
-- The offending rule renders with a `BLOCKING:` prefix in the ledger block so it dominates the prompt.
-The constraint is computed once per turn at the top of `invokeAgent` and frozen for that spawn — one-turn granularity. The next turn reads the updated ledger and re-evaluates, so a single clean turn begins to lift the constraint as `rolling_7d` decays.
-## Data flow per turn
-```
-┌─ Pre-turn ────────────────────────────────────┐
-│ loadAdherenceLedger(accountDir, accountId)    │
-│ renderAdherenceLedger(ledger, blockingRules)  │
-│ → inject at <!-- ADHERENCE-LEDGER-INSERT -->  │
-│ computeConstraints(ledger)                    │
-│ → clamp max-turns, drop tools                 │
-└────────────────────────────────────────────────┘
-                    │
-                    ▼
-              Assistant stream
-                    │
-                    ▼
-┌─ Post-turn ───────────────────────────────────┐
-│ criticAndRecord(responseText) — Haiku         │
-│ → verdict=pass   → recordPass()               │
-│ → verdict=violation → recordViolation()       │
-│ Fire-and-forget. Non-blocking.                │
-└────────────────────────────────────────────────┘
-```
-## What the ledger file looks like
-```json
-{
-  "agent_id": "admin",
-  "account_id": "abc123...",
-  "rules": [
-    {
-      "rule_id": "PRECISE",
-      "canonical_text": "Use exact names...",
-      "rule_family": "prerogative",
-      "count": 7,
-      "violations": ["2026-04-19T10:12:00Z", "..."],
-      "last_violated_at": "2026-04-21T09:30:12Z",
-      "last_sample": "Something that paraphrased tool output…",
-      "current_streak": 2,
-      "rolling_7d": 5
-    }
-  ],
-  "updated_at": "2026-04-21T09:30:13Z"
-}
-```
-## Limits and deferrals
-v1 covers the admin agent only. Specialist subagents (`specialists:personal-assistant`, `specialists:project-manager`, `specialists:research-assistant`, `specialists:content-producer`, `specialists:database-operator`) do not receive their own ledger injection yet — their `.md` templates load via `--plugin-dir` and have no TS-side assembly site. Follow-up task filed.
-No cross-agent rule inheritance, no user-visible correction-ack signal, no blocking-critic retry loop in v1 — each is a separate follow-up task. See [`.docs/agents.md`](../../../../.docs/agents.md) § Adherence Fidelity for the full deferral list with task numbers.

package/payload/server/public/assets/data-LYciLZK9.js DELETED Viewed

	@@ -1 +0,0 @@
1	- import{i as e,t}from"./jsx-runtime-BWYXu1CT.js";import{t as n}from"./page-C4E0CWHe.js";import"./graph-labels-Co03qEv5.js";var r=e(),i=t();(0,r.createRoot)(document.getElementById(`root`)).render((0,i.jsx)(n,{}));

package/payload/server/public/assets/graph-C-SKAbGX.js DELETED Viewed

	@@ -1 +0,0 @@
1	- import{i as e,t}from"./jsx-runtime-BWYXu1CT.js";import{n}from"./page-DGLz4ozf.js";import"./graph-labels-Co03qEv5.js";import"./Checkbox-CeujDRv0.js";var r=e(),i=t();(0,r.createRoot)(document.getElementById(`root`)).render((0,i.jsx)(n,{}));