@rubytech/taskmaster 1.0.67 → 1.0.69

package/dist/control-ui/index.html

@@ -6,8 +6,8 @@
     <title>Taskmaster Control</title>
     <meta name="color-scheme" content="dark light" />
     <link rel="icon" type="image/png" href="./favicon.png" />
-    <script type="module" crossorigin src="./assets/index-8pJBjxcK.js"></script>
-    <link rel="stylesheet" crossorigin href="./assets/index-Uo_tQYx1.css">
+    <script type="module" crossorigin src="./assets/index-D5tMNwub.js"></script>
+    <link rel="stylesheet" crossorigin href="./assets/index-BCh3mx9Z.css">
   </head>
   <body>
     <taskmaster-app></taskmaster-app>

package/dist/gateway/control-ui.js

@@ -387,11 +387,16 @@ export function handlePublicChatHttpRequest(req, res, opts) {
         res.end("Method Not Allowed");
         return true;
     }
-    // Only /public/chat (the SPA route)
-    if (pathname !== "/public/chat" && !pathname.startsWith("/public/chat/")) {
+    // Only /public/chat/:accountId (the SPA route)
+    if (!pathname.startsWith("/public/chat/")) {
         // /public/widget.js is handled separately
         if (pathname === "/public/widget.js")
             return false;
+        // Bare /public/chat without accountId → 404
+        if (pathname === "/public/chat") {
+            respondNotFound(res);
+            return true;
+        }
         respondNotFound(res);
         return true;
     }
@@ -400,6 +405,12 @@ export function handlePublicChatHttpRequest(req, res, opts) {
         respondNotFound(res);
         return true;
     }
+    // Extract accountId from /public/chat/:accountId
+    const accountId = pathname.slice("/public/chat/".length).split("/")[0]?.trim();
+    if (!accountId || !/^[a-z0-9][a-z0-9_-]{0,63}$/i.test(accountId)) {
+        respondNotFound(res);
+        return true;
+    }
     const root = resolveControlUiRoot();
     if (!root) {
         res.statusCode = 503;
@@ -412,7 +423,7 @@ export function handlePublicChatHttpRequest(req, res, opts) {
         respondNotFound(res);
         return true;
     }
-    const publicAgentId = resolvePublicAgentId(config);
+    const publicAgentId = resolvePublicAgentId(config, accountId);
     const identity = resolveAssistantIdentity({ cfg: config, agentId: publicAgentId });
     // Only inject avatar if it resolves to an actual image URL/path (not a
     // single-letter fallback like "D" which would render as a broken <img>).
@@ -421,7 +432,7 @@ export function handlePublicChatHttpRequest(req, res, opts) {
         agentId: publicAgentId,
         basePath: "",
     });
-    const avatarValue = resolvedAvatar && (/^(https?:\/\/|data:image\/|\/)/i.test(resolvedAvatar))
+    const avatarValue = resolvedAvatar && /^(https?:\/\/|data:image\/|\/)/i.test(resolvedAvatar)
         ? resolvedAvatar
         : undefined;
     const authMode = config.publicChat.auth ?? "anonymous";
@@ -438,15 +449,23 @@ export function handlePublicChatHttpRequest(req, res, opts) {
         brandIconUrl,
         accentColor,
     });
-    // Inject public-chat globals
+    // Inject <base href="/"> right after <head> so relative asset paths (./assets/...)
+    // resolve from root. The URL is /public/chat/:accountId — 3 levels deep, so without
+    // <base> the browser would look for /public/chat/assets/... which doesn't exist.
+    // The <base> tag MUST appear before any tags that use relative URLs.
+    const headOpen = injected.indexOf("<head>");
+    const baseInjected = headOpen !== -1
+        ? `${injected.slice(0, headOpen + 6)}<base href="/">${injected.slice(headOpen + 6)}`
+        : injected;
+    // Inject public-chat globals before </head>
     const publicScript = `<script>` +
         `window.__TASKMASTER_PUBLIC_CHAT__=true;` +
-        `window.__TASKMASTER_PUBLIC_CHAT_CONFIG__=${JSON.stringify({ auth: authMode, cookieTtlDays })};` +
+        `window.__TASKMASTER_PUBLIC_CHAT_CONFIG__=${JSON.stringify({ accountId, auth: authMode, cookieTtlDays })};` +
         `</script>`;
-    const headClose = injected.indexOf("</head>");
+    const headClose = baseInjected.indexOf("</head>");
     const withPublic = headClose !== -1
-        ? `${injected.slice(0, headClose)}${publicScript}${injected.slice(headClose)}`
-        : `${publicScript}${injected}`;
+        ? `${baseInjected.slice(0, headClose)}${publicScript}${baseInjected.slice(headClose)}`
+        : `${publicScript}${baseInjected}`;
     res.setHeader("Content-Type", "text/html; charset=utf-8");
     res.setHeader("Cache-Control", "no-cache");
     res.end(withPublic);
@@ -455,12 +474,13 @@ export function handlePublicChatHttpRequest(req, res, opts) {
 /** Widget script content — self-contained JS for embedding. */
 const WIDGET_SCRIPT = `(function(){
   "use strict";
-  var cfg={server:""};
+  var cfg={server:"",accountId:""};
   var isOpen=false;
   var btn,overlay,iframe;
 
   function init(opts){
     if(opts&&opts.server) cfg.server=opts.server.replace(/\\/$/,"");
+    if(opts&&opts.accountId) cfg.accountId=opts.accountId;
     build();
   }
 
@@ -495,7 +515,7 @@ const WIDGET_SCRIPT = `(function(){
     overlay.className="tm-widget-overlay";
     iframe=document.createElement("iframe");
     iframe.className="tm-widget-iframe";
-    iframe.src=cfg.server+"/public/chat";
+    iframe.src=cfg.server+"/public/chat/"+encodeURIComponent(cfg.accountId);
     overlay.appendChild(iframe);
     document.body.appendChild(overlay);
   }

package/dist/gateway/public-chat/session.js

@@ -1,39 +1,28 @@
 /**
  * Resolve public-chat session keys (anonymous and verified).
  *
- * The public agent is the agent handling WhatsApp DMs for the default account.
+ * The public agent is the agent handling unknown WhatsApp DMs for a given account.
+ * The account is determined by the URL path: /public/chat/:accountId.
  * Anonymous sessions use a cookie-based identifier; verified sessions use the
  * phone number so they share the same DM session as WhatsApp.
  */
-import { resolveDefaultAgentId } from "../../agents/agent-scope.js";
+import { resolveAgentRoute } from "../../routing/resolve-route.js";
 import { normalizeAgentId } from "../../routing/session-key.js";
 /**
- * Find the agent that handles public-facing WhatsApp DMs.
- * Priority: binding to whatsapp DM > agent named "public" > default agent.
+ * Find the agent that handles public-facing WhatsApp DMs for the given account.
+ *
+ * Uses the same routing logic as WhatsApp itself: calls resolveAgentRoute
+ * with a synthetic unknown-peer DM. This guarantees the public chat routes
+ * to the exact same agent that handles unknown WhatsApp DMs for that account.
  */
-export function resolvePublicAgentId(cfg) {
-    const bindings = cfg.bindings ?? [];
-    // Find agent bound to whatsapp DMs (the public-facing agent)
-    for (const binding of bindings) {
-        if (binding.match.channel === "whatsapp" &&
-            binding.match.peer?.kind === "dm" &&
-            !binding.match.peer.id) {
-            return normalizeAgentId(binding.agentId);
-        }
-    }
-    // Any whatsapp binding
-    for (const binding of bindings) {
-        if (binding.match.channel === "whatsapp") {
-            return normalizeAgentId(binding.agentId);
-        }
-    }
-    // Agent explicitly named "public"
-    const agents = cfg.agents?.list ?? [];
-    const publicAgent = agents.find((a) => a.id === "public");
-    if (publicAgent)
-        return normalizeAgentId(publicAgent.id);
-    // Fall back to default agent
-    return resolveDefaultAgentId(cfg);
+export function resolvePublicAgentId(cfg, accountId) {
+    const route = resolveAgentRoute({
+        cfg,
+        channel: "whatsapp",
+        accountId,
+        peer: { kind: "dm", id: "__public_chat__" },
+    });
+    return normalizeAgentId(route.agentId);
 }
 /**
  * Build the session key for a public-chat visitor.

package/dist/gateway/server-methods/chat.js

@@ -11,9 +11,7 @@ import { createReplyDispatcher } from "../../auto-reply/reply/reply-dispatcher.j
 import { extractShortModelName, } from "../../auto-reply/reply/response-prefix-template.js";
 import { resolveSendPolicy } from "../../sessions/send-policy.js";
 import { createInternalHookEvent, triggerInternalHook } from "../../hooks/internal-hooks.js";
-import { loadConfig as loadConfigFn } from "../../config/config.js";
 import { INTERNAL_MESSAGE_CHANNEL } from "../../utils/message-channel.js";
-import { resolvePublicAgentId } from "../public-chat/session.js";
 import { abortChatRunById, abortChatRunsForSessionKey, isChatStopCommandText, resolveChatRunExpiresAtMs, } from "../chat-abort.js";
 import { ErrorCodes, errorShape, formatValidationErrors, validateChatAbortParams, validateChatHistoryParams, validateChatInjectParams, validateChatSendParams, } from "../protocol/index.js";
 import { loadSessionEntry, readSessionMessages, resolveSessionModelRef } from "../session-utils.js";
@@ -127,10 +125,9 @@ function broadcastChatError(params) {
 function validatePublicSessionAccess(role, sessionKey) {
     if (role !== "public")
         return null;
-    const cfg = loadConfigFn();
-    const publicAgentId = resolvePublicAgentId(cfg);
-    const prefix = `agent:${publicAgentId}:dm:`;
-    if (!sessionKey.startsWith(prefix)) {
+    // Public clients can only access agent DM sessions (issued by public.session / public.otp.verify).
+    // Format: agent:{agentId}:dm:{identifier}
+    if (!/^agent:[^:]+:dm:/.test(sessionKey)) {
         return errorShape(ErrorCodes.INVALID_REQUEST, "unauthorized session key");
     }
     return null;

package/dist/gateway/server-methods/memory.js

@@ -20,6 +20,8 @@ export const memoryHandlers = {
                 ok: true,
                 agentId,
                 dirty: status.dirty,
+                syncing: status.syncing,
+                syncProgress: status.syncProgress,
                 files: status.files,
                 chunks: status.chunks,
                 sources: status.sources,

package/dist/gateway/server-methods/public-chat.js

@@ -10,6 +10,14 @@ import { buildPublicSessionKey, resolvePublicAgentId } from "../public-chat/sess
 function isValidPhone(phone) {
     return /^\+\d{7,15}$/.test(phone);
 }
+function validateAccountId(raw) {
+    if (typeof raw !== "string")
+        return null;
+    const trimmed = raw.trim();
+    if (!trimmed || !/^[a-z0-9][a-z0-9_-]{0,63}$/i.test(trimmed))
+        return null;
+    return trimmed;
+}
 export const publicChatHandlers = {
     /**
      * Request an OTP code — sends a 6-digit code to the given phone via WhatsApp.
@@ -43,12 +51,13 @@ export const publicChatHandlers = {
     },
     /**
      * Verify an OTP code and return the session key.
-     * Params: { phone: string, code: string, name?: string }
+     * Params: { phone: string, code: string, accountId: string, name?: string }
      */
     "public.otp.verify": async ({ params, respond }) => {
         const phone = typeof params.phone === "string" ? params.phone.trim() : "";
         const code = typeof params.code === "string" ? params.code.trim() : "";
         const name = typeof params.name === "string" ? params.name.trim() : undefined;
+        const accountId = validateAccountId(params.accountId);
         if (!phone || !isValidPhone(phone)) {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "invalid phone number"));
             return;
@@ -57,6 +66,10 @@ export const publicChatHandlers = {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "code required"));
             return;
         }
+        if (!accountId) {
+            respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "accountId required"));
+            return;
+        }
         const cfg = loadConfig();
         if (!cfg.publicChat?.enabled) {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "public chat disabled"));
@@ -73,7 +86,7 @@ export const publicChatHandlers = {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, messages[result.error] ?? "verification failed"));
             return;
         }
-        const agentId = resolvePublicAgentId(cfg);
+        const agentId = resolvePublicAgentId(cfg, accountId);
         const sessionKey = buildPublicSessionKey(agentId, phone);
         respond(true, {
             ok: true,
@@ -85,20 +98,25 @@ export const publicChatHandlers = {
     },
     /**
      * Resolve a session key for anonymous public chat.
-     * Params: { cookieId: string }
+     * Params: { cookieId: string, accountId: string }
      */
     "public.session": async ({ params, respond }) => {
         const cookieId = typeof params.cookieId === "string" ? params.cookieId.trim() : "";
+        const accountId = validateAccountId(params.accountId);
         if (!cookieId || cookieId.length < 8 || cookieId.length > 128) {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "invalid cookieId"));
             return;
         }
+        if (!accountId) {
+            respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "accountId required"));
+            return;
+        }
         const cfg = loadConfig();
         if (!cfg.publicChat?.enabled) {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "public chat disabled"));
             return;
         }
-        const agentId = resolvePublicAgentId(cfg);
+        const agentId = resolvePublicAgentId(cfg, accountId);
         const identifier = `anon-${cookieId}`;
         const sessionKey = buildPublicSessionKey(agentId, identifier);
         respond(true, {

package/dist/memory/embeddings-gemini.js

@@ -41,6 +41,14 @@ function normalizeGeminiBaseUrl(raw) {
 function buildGeminiModelPath(model) {
     return model.startsWith("models/") ? model : `models/${model}`;
 }
+/** Extract retry delay from a Gemini 429 response body, defaulting to 60s. */
+function parseRetryDelay(body) {
+    // Gemini includes "retryDelay": "52s" in the response.
+    const match = body.match(/"retryDelay"\s*:\s*"(\d+)s?"/);
+    if (match)
+        return Math.max(1, Number(match[1]));
+    return 60;
+}
 export async function createGeminiEmbeddingProvider(options) {
     const client = await resolveGeminiEmbeddingClient(options);
     const baseUrl = client.baseUrl.replace(/\/$/, "");
@@ -49,20 +57,31 @@ export async function createGeminiEmbeddingProvider(options) {
     const embedQuery = async (text) => {
         if (!text.trim())
             return [];
-        const res = await fetch(embedUrl, {
-            method: "POST",
-            headers: client.headers,
-            body: JSON.stringify({
-                content: { parts: [{ text }] },
-                taskType: "RETRIEVAL_QUERY",
-            }),
+        const body = JSON.stringify({
+            content: { parts: [{ text }] },
+            taskType: "RETRIEVAL_QUERY",
         });
-        if (!res.ok) {
-            const payload = await res.text();
-            throw new Error(`gemini embeddings failed: ${res.status} ${payload}`);
+        const maxRetries = 3;
+        for (let attempt = 0; attempt <= maxRetries; attempt++) {
+            const res = await fetch(embedUrl, {
+                method: "POST",
+                headers: client.headers,
+                body,
+            });
+            if (res.status === 429 && attempt < maxRetries) {
+                const retryAfter = parseRetryDelay(await res.text());
+                log.info(`gemini rate limit hit; retrying in ${retryAfter}s`);
+                await new Promise((resolve) => setTimeout(resolve, retryAfter * 1000));
+                continue;
+            }
+            if (!res.ok) {
+                const payload = await res.text();
+                throw new Error(`gemini embeddings failed: ${res.status} ${payload}`);
+            }
+            const payload = (await res.json());
+            return payload.embedding?.values ?? [];
         }
-        const payload = (await res.json());
-        return payload.embedding?.values ?? [];
+        throw new Error("gemini embeddings: exhausted retries after rate limiting");
     };
     const embedBatch = async (texts) => {
         if (texts.length === 0)
@@ -72,18 +91,31 @@ export async function createGeminiEmbeddingProvider(options) {
             content: { parts: [{ text }] },
             taskType: "RETRIEVAL_DOCUMENT",
         }));
-        const res = await fetch(batchUrl, {
-            method: "POST",
-            headers: client.headers,
-            body: JSON.stringify({ requests }),
-        });
-        if (!res.ok) {
-            const payload = await res.text();
-            throw new Error(`gemini embeddings failed: ${res.status} ${payload}`);
+        const body = JSON.stringify({ requests });
+        // Retry on 429 (rate limit) — Gemini free tier caps at 100 requests/minute.
+        // The initial bulk index can exceed this; retrying after the cooldown lets it complete.
+        const maxRetries = 3;
+        for (let attempt = 0; attempt <= maxRetries; attempt++) {
+            const res = await fetch(batchUrl, {
+                method: "POST",
+                headers: client.headers,
+                body,
+            });
+            if (res.status === 429 && attempt < maxRetries) {
+                const retryAfter = parseRetryDelay(await res.text());
+                log.info(`gemini rate limit hit; retrying in ${retryAfter}s`);
+                await new Promise((resolve) => setTimeout(resolve, retryAfter * 1000));
+                continue;
+            }
+            if (!res.ok) {
+                const payload = await res.text();
+                throw new Error(`gemini embeddings failed: ${res.status} ${payload}`);
+            }
+            const payload = (await res.json());
+            const embeddings = Array.isArray(payload.embeddings) ? payload.embeddings : [];
+            return texts.map((_, index) => embeddings[index]?.values ?? []);
         }
-        const payload = (await res.json());
-        const embeddings = Array.isArray(payload.embeddings) ? payload.embeddings : [];
-        return texts.map((_, index) => embeddings[index]?.values ?? []);
+        throw new Error("gemini embeddings: exhausted retries after rate limiting");
     };
     return {
         provider: {

package/dist/memory/embeddings.js

@@ -2,21 +2,19 @@ import fsSync from "node:fs";
 import os from "node:os";
 import { createSubsystemLogger } from "../logging/subsystem.js";
 import { resolveUserPath } from "../utils.js";
-import { getCustomProviderApiKey } from "../agents/model-auth.js";
 import { createGeminiEmbeddingProvider } from "./embeddings-gemini.js";
 import { createOpenAiEmbeddingProvider } from "./embeddings-openai.js";
 import { importNodeLlamaCpp } from "./node-llama.js";
 /**
- * Default local embedding model. The 0.6B model is small enough to run on
- * any target hardware (Pi 4GB, Pi 8GB, Mac) without GPU and with minimal
- * RAM overhead (~1-2 GB runtime). Larger models (4B, 8B) can be configured
- * explicitly via `local.modelPath` for users who have tested them on their
- * specific hardware — node-llama-cpp's actual memory footprint varies
- * enormously across GPU vendors and Metal/Vulkan backends.
+ * Default local embedding model. embeddinggemma (329 MB) is proven stable on
+ * Intel x64 Macs and ARM Pis via node-llama-cpp's CPU backend. Larger models
+ * (Qwen3-Embedding 0.6B/4B/8B) can be configured explicitly via
+ * `local.modelPath` but are untested across hardware — Qwen3 models caused
+ * runaway memory consumption (40-76 GB) on Intel x64 Mac + AMD GPU.
  */
 const DEFAULT_LOCAL_MODEL = {
-    model: "hf:Qwen/Qwen3-Embedding-0.6B-GGUF/Qwen3-Embedding-0.6B-Q8_0.gguf",
-    label: "Qwen3-Embedding-0.6B",
+    model: "hf:ggml-org/embeddinggemma-300M-Q8_0-GGUF/embeddinggemma-300M-Q8_0.gguf",
+    label: "embeddinggemma-300M",
 };
 function selectDefaultLocalModel() {
     return DEFAULT_LOCAL_MODEL;
@@ -106,7 +104,7 @@ async function createLocalEmbeddingProvider(options) {
     else {
         const selected = selectDefaultLocalModel();
         modelPath = selected.model;
-        log.info(`selected tier ${selected.label} (system RAM: ${(os.totalmem() / (1024 ** 3)).toFixed(1)} GB)`);
+        log.info(`selected tier ${selected.label} (system RAM: ${(os.totalmem() / 1024 ** 3).toFixed(1)} GB)`);
     }
     const modelCacheDir = options.local?.modelCacheDir?.trim();
     // Lazy-load node-llama-cpp to keep startup light unless local is enabled.
@@ -188,15 +186,16 @@ export async function createEmbeddingProvider(options) {
         }
         // 2. Try remote providers — preferred when API keys are available
         //    (faster, no RAM overhead, no model download).
-        //    Only consider providers whose key is in the config (apiKeys section).
-        //    Environment variables are ignored for auto-selection to avoid using
+        //    Only consider providers whose key is in config.apiKeys.
+        //    Environment variables are ignored for auto-selection to avoid
         //    stale dev keys that would fail at runtime.
+        const configKeys = options.config.apiKeys ?? {};
         const remoteProviders = [
             { id: "openai", configKey: "openai" },
             { id: "gemini", configKey: "google" },
         ];
         for (const { id, configKey } of remoteProviders) {
-            if (!getCustomProviderApiKey(options.config, configKey))
+            if (!configKeys[configKey]?.trim())
                 continue;
             try {
                 const result = await createProvider(id);
@@ -214,9 +213,7 @@ export async function createEmbeddingProvider(options) {
         catch (err) {
             errors.push(formatLocalSetupError(err));
         }
-        throw new Error(errors.length > 0
-            ? errors.join("\n\n")
-            : "No embeddings provider available.");
+        throw new Error(errors.length > 0 ? errors.join("\n\n") : "No embeddings provider available.");
     }
     try {
         const primary = await createProvider(requestedProvider);

package/dist/memory/manager.js

@@ -282,6 +282,7 @@ export class MemoryIndexManager {
     sessionDeltas = new Map();
     sessionWarm = new Set();
     syncing = null;
+    syncProgress = null;
     /**
      * Ensure standard memory directory structure exists.
      * Creates: memory/public, memory/shared, memory/admin, memory/users
@@ -509,8 +510,22 @@ export class MemoryIndexManager {
     async sync(params) {
         if (this.syncing)
             return this.syncing;
-        this.syncing = this.runSync(params).finally(() => {
+        this.syncProgress = { completed: 0, total: 0 };
+        const outerProgress = params?.progress;
+        const wrappedParams = {
+            ...params,
+            progress: (update) => {
+                this.syncProgress = {
+                    completed: update.completed,
+                    total: update.total,
+                    label: update.label,
+                };
+                outerProgress?.(update);
+            },
+        };
+        this.syncing = this.runSync(wrappedParams).finally(() => {
             this.syncing = null;
+            this.syncProgress = null;
         });
         return this.syncing;
     }
@@ -663,6 +678,8 @@ export class MemoryIndexManager {
             files: files?.c ?? 0,
             chunks: chunks?.c ?? 0,
             dirty: this.dirty,
+            syncing: this.syncing !== null,
+            syncProgress: this.syncProgress ?? undefined,
             workspaceDir: this.workspaceDir,
             dbPath: this.settings.store.path,
             provider: this.provider.id,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/taskmaster",
-  "version": "1.0.67",
+  "version": "1.0.69",
   "description": "AI-powered business assistant for small businesses",
   "publishConfig": {
     "access": "public"

package/taskmaster-docs/USER-GUIDE.md

@@ -514,7 +514,7 @@ You get 1,000 free search credits per month — more than enough for daily busin
 4. **Copy the key** (it starts with `AIza`)
 5. Go to your Taskmaster **Setup** page, click the **API Keys** row, find **Google**, paste the key, and click **Save**
 
-The free tier is generous — no credit card required and sufficient for small business use.
+The free tier works for low-volume use (a handful of voice notes or images per day). For higher volumes, you'll need to enable billing in your Google Cloud account — see [Google AI pricing](https://ai.google.dev/pricing) for details.
 
 ---
 
@@ -533,7 +533,7 @@ All files are markdown (`.md`) — plain text with simple formatting. You can up
 
 When you add or change a file, your assistant picks it up automatically — no restart needed. The status light on the Files page turns red when files have changed since the last index, so you can see at a glance whether a re-index is needed.
 
-After a fresh install or upgrade, the embedding model downloads automatically (~640 MB for most devices, larger on devices with more RAM). During the download, a full-screen overlay blocks all navigation with a "Downloading embedding model" message — this is a one-time download and typically takes a few minutes. Memory search is unavailable until the download completes.
+After a fresh install or upgrade, the embedding model downloads automatically (~330 MB). During the download, a full-screen overlay blocks all navigation with a "Downloading embedding model" message — this is a one-time download and typically takes a few minutes. Memory search is unavailable until the download completes.
 
 When your assistant writes to **public/** or **shared/**, a shield icon appears in the navigation bar so you can review what was written (see [Data Safety Alert](#data-safety-alert) above).