@secemp/elwood 0.1.0

package/src/instrumenter.js

@@ -0,0 +1,2921 @@
+/**
+ * instrumenter.js
+ *
+ * Intelligent AST instrumentation layer for the Claude Code CLI bundle.
+ *
+ * Design goals:
+ *  - ADDITIVE: every injection is a conditional expression that no-ops when
+ *    the hook object is absent, so the instrumented bundle behaves identically
+ *    to the original unless a caller installs hooks via globalThis.__elwoodHooks.
+ *  - NON-DESTRUCTIVE: original AST nodes are wrapped, never replaced.
+ *  - FAST: visitors make a single pass over the AST.
+ *
+ * Hook injection pattern (all hooks share this shape):
+ *
+ *   if (globalThis.__elwoodHooks?.[hookName])
+ *     globalThis.__elwoodHooks[hookName](/* metadata *\/, /* args *\/);
+ *
+ * The hook object is expected to live on `globalThis` so it survives dynamic
+ * import() boundaries.
+ */
+
+import { traverseBundle, t, PARSER_OPTIONS } from './ast-tools.js';
+import { parse } from '@babel/parser';
+import _traverse from '@babel/traverse';
+
+const traverse = _traverse.default ?? _traverse;
+
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+
+/** Default global hook-registry variable name. */
+const DEFAULT_HOOK_VAR = '__elwoodHooks';
+
+/** Anthropic API hostname — used to identify fetch() calls to the API. */
+const ANTHROPIC_API_HOST = 'api.anthropic.com';
+
+// ---------------------------------------------------------------------------
+// AST builder helpers
+// ---------------------------------------------------------------------------
+
+/**
+ * Build:  `globalThis.<hookVar>?.[hookName]`
+ *
+ * @param {string} hookVar   - e.g. '__elwoodHooks'
+ * @param {string} hookName  - e.g. 'onCall'
+ */
+function buildHookAccess(hookVar, hookName) {
+  // globalThis.__elwoodHooks
+  const registry = t.memberExpression(
+    t.identifier('globalThis'),
+    t.identifier(hookVar)
+  );
+  // globalThis.__elwoodHooks?.[hookName]
+  return t.optionalMemberExpression(
+    registry,
+    t.stringLiteral(hookName),
+    /* computed */ true,
+    /* optional */ true
+  );
+}
+
+/**
+ * Build the statement:
+ *   `if (globalThis.<hookVar>?.[hookName]) globalThis.<hookVar>[hookName](...callArgs);`
+ *
+ * @param {string} hookVar
+ * @param {string} hookName
+ * @param {import('@babel/types').Expression[]} callArgs
+ * @returns {import('@babel/types').IfStatement}
+ */
+function buildHookCall(hookVar, hookName, callArgs) {
+  const guard = buildHookAccess(hookVar, hookName);
+
+  // globalThis.__elwoodHooks[hookName](...callArgs)
+  const call = t.callExpression(
+    t.memberExpression(
+      t.memberExpression(
+        t.identifier('globalThis'),
+        t.identifier(hookVar)
+      ),
+      t.stringLiteral(hookName),
+      /* computed */ true
+    ),
+    callArgs
+  );
+
+  return t.ifStatement(guard, t.expressionStatement(call));
+}
+
+/**
+ * Build a string literal AST node.
+ *
+ * @param {string} s
+ */
+const str = s => t.stringLiteral(s);
+
+/**
+ * Build a spread element `...expr`.
+ *
+ * @param {import('@babel/types').Expression} expr
+ */
+const spread = expr => t.spreadElement(expr);
+
+// ---------------------------------------------------------------------------
+// injectHooks
+// ---------------------------------------------------------------------------
+
+/**
+ * @typedef {Object} InjectHooksOptions
+ * @property {(string|RegExp)[]} [intercept]
+ *   Patterns matched against function identifiers.  Any named function whose
+ *   name matches at least one pattern gets wrapped with before/after hooks.
+ *   Default: intercept nothing (only explicit detectors run).
+ * @property {string} [hookVar]
+ *   Name of the global hook registry object (default: '__elwoodHooks').
+ * @property {boolean} [wrapApiCalls]
+ *   Detect and wrap fetch() calls that appear to target the Anthropic API.
+ *   Default: true.
+ * @property {boolean} [wrapToolExecutions]
+ *   Detect and wrap common tool-execution patterns.
+ *   Default: true.
+ * @property {boolean} [wrapAsyncGenerators]
+ *   Detect and wrap async generator functions (used for streaming).
+ *   Default: true.
+ * @property {boolean} [wrapFunctionCalls]
+ *   Wrap ALL named function/variable declarations matching `intercept`.
+ *   Default: true.
+ */
+
+/**
+ * Primary instrumentation entry point.  Walks the AST and injects
+ * `globalThis.__elwoodHooks` call-sites at detected interesting points.
+ *
+ * @param {import('@babel/types').File} ast - parsed Babel AST (mutated in place)
+ * @param {InjectHooksOptions} [options]
+ * @returns {{ patchCount: number, hookPoints: HookPoint[] }}
+ */
+function injectHooks(ast, options = {}) {
+  const {
+    intercept = [],
+    hookVar = DEFAULT_HOOK_VAR,
+    wrapApiCalls = true,
+    wrapToolExecutions = true,
+    wrapAsyncGenerators = true,
+    wrapFunctionCalls = true,
+  } = options;
+
+  /** @type {HookPoint[]} */
+  const hookPoints = [];
+  let patchCount = 0;
+
+  // Pre-compile intercept patterns
+  const patterns = intercept.map(p =>
+    typeof p === 'string' ? new RegExp(p) : p
+  );
+
+  /**
+   * Check if a name matches any of the user-supplied intercept patterns.
+   *
+   * @param {string | null | undefined} name
+   * @returns {boolean}
+   */
+  function matchesIntercept(name) {
+    if (!name) return false;
+    return patterns.some(re => re.test(name));
+  }
+
+  /**
+   * Infer a human-readable name for a call expression callee.
+   *
+   * @param {import('@babel/types').Expression} callee
+   * @returns {string}
+   */
+  function inferCalleeName(callee) {
+    if (t.isIdentifier(callee)) return callee.name;
+    if (t.isMemberExpression(callee)) {
+      const obj = t.isIdentifier(callee.object) ? callee.object.name : '(obj)';
+      const prop = t.isIdentifier(callee.property)
+        ? callee.property.name
+        : t.isStringLiteral(callee.property)
+          ? callee.property.value
+          : '(prop)';
+      return `${obj}.${prop}`;
+    }
+    return '(anonymous)';
+  }
+
+  /**
+   * Return true if a string literal inside a call expression looks like an
+   * Anthropic API URL.
+   *
+   * @param {import('@babel/types').CallExpression} node
+   * @returns {boolean}
+   */
+  function looksLikeApiCall(node) {
+    if (!t.isCallExpression(node)) return false;
+    const callee = node.callee;
+    // Must be `fetch(...)` or `globalThis.fetch(...)` or `window.fetch(...)`
+    const isNativeFetch =
+      (t.isIdentifier(callee) && callee.name === 'fetch') ||
+      (t.isMemberExpression(callee) &&
+        t.isIdentifier(callee.property) &&
+        callee.property.name === 'fetch');
+    if (!isNativeFetch) return false;
+
+    // Check first argument for a string URL containing the API host
+    const [firstArg] = node.arguments;
+    if (!firstArg) return false;
+
+    if (t.isStringLiteral(firstArg) && firstArg.value.includes(ANTHROPIC_API_HOST)) {
+      return true;
+    }
+
+    // Template literal: check quasi strings
+    if (t.isTemplateLiteral(firstArg)) {
+      return firstArg.quasis.some(q => q.value.cooked?.includes(ANTHROPIC_API_HOST));
+    }
+
+    return false;
+  }
+
+  /**
+   * Return true if a call expression looks like a tool execution.
+   *
+   * Heuristics (conservative — we prefer false negatives over false positives
+   * to avoid breaking callee semantics in the minified bundle):
+   *
+   *  - The callee's inferred name explicitly contains known tool-dispatch
+   *    keywords (execute, runTool, invokeTool, dispatchTool, callTool).
+   *  - The callee is a member expression whose property is one of the above
+   *    keywords: e.g. `obj.execute(...)`, `runner.invokeTool(...)`.
+   *
+   * We deliberately do NOT match on the `(string, ...)` signature alone
+   * because minified module-wrapper calls (e.g. `U(function(){…})` or
+   * `createRequire(import.meta.url)`) share that shape and would flood the
+   * hook with false positives.
+   *
+   * @param {import('@babel/types').CallExpression} node
+   * @returns {boolean}
+   */
+  function looksLikeToolCall(node) {
+    if (!t.isCallExpression(node)) return false;
+    const name = inferCalleeName(node.callee).toLowerCase();
+    // Must have an explicit keyword match — no generic (string,…) heuristic
+    return /\b(execute|runtool|invoketool|dispatchtool|calltool)\b/.test(name);
+  }
+
+  /**
+   * Inject a hook call statement BEFORE `path`'s node inside its parent
+   * block/body.
+   *
+   * @param {import('@babel/traverse').NodePath} path
+   * @param {string} hookName
+   * @param {import('@babel/types').Expression[]} args
+   */
+  function injectBefore(path, hookName, args) {
+    try {
+      const stmt = buildHookCall(hookVar, hookName, args);
+      path.insertBefore(stmt);
+      patchCount++;
+    } catch {
+      // Path may not support insertBefore (e.g. not a statement-level path)
+    }
+  }
+
+  /**
+   * Replace a call expression node with a sequence that fires the hook and
+   * then performs the original call.  Works even when the call is not at
+   * statement level (e.g. used as an argument or right-hand side).
+   *
+   * Pattern:
+   *   (globalThis.__elwoodHooks?.['hookName'] &&
+   *      globalThis.__elwoodHooks['hookName'](meta, originalArgs),
+   *    originalCall)
+   *
+   * Uses the comma operator to stay expression-level.
+   *
+   * @param {import('@babel/traverse').NodePath} path
+   * @param {string} hookName
+   * @param {import('@babel/types').Expression[]} hookArgs
+   */
+  function wrapCallExpression(path, hookName, hookArgs) {
+    try {
+      const original = path.node;
+      const guard = buildHookAccess(hookVar, hookName);
+      const hookCall = t.callExpression(
+        t.memberExpression(
+          t.memberExpression(
+            t.identifier('globalThis'),
+            t.identifier(hookVar)
+          ),
+          t.stringLiteral(hookName),
+          true
+        ),
+        hookArgs
+      );
+
+      // (condition && hookCall, originalCall)
+      const logicalAndCall = t.logicalExpression('&&', guard, hookCall);
+      const seq = t.sequenceExpression([logicalAndCall, original]);
+
+      path.replaceWith(seq);
+      patchCount++;
+
+      // Skip re-traversal of the inserted node to avoid infinite loops
+      path.skip();
+    } catch {
+      // Bail silently — instrumentation is additive, never destructive
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Visitor
+  // ---------------------------------------------------------------------------
+
+  traverseBundle(ast, {
+    // ── Named function declarations ──────────────────────────────────────────
+    FunctionDeclaration(path) {
+      if (!wrapFunctionCalls) return;
+
+      const name = path.node.id?.name;
+      if (!name || !matchesIntercept(name)) return;
+
+      // Inject at the very start of the function body:
+      //   if (globalThis.__elwoodHooks?.['onCall'])
+      //     globalThis.__elwoodHooks['onCall']('fnName', arguments);
+      const body = path.node.body;
+      if (!t.isBlockStatement(body)) return;
+
+      const hookStmt = buildHookCall(hookVar, 'onCall', [
+        str(name),
+        t.identifier('arguments'),
+      ]);
+
+      body.body.unshift(hookStmt);
+      patchCount++;
+
+      hookPoints.push({ type: 'functionDeclaration', name, path: path.toString() });
+    },
+
+    // ── Variable-declared functions / arrow functions ─────────────────────────
+    VariableDeclarator(path) {
+      if (!wrapFunctionCalls) return;
+
+      const id = path.node.id;
+      if (!t.isIdentifier(id)) return;
+      const name = id.name;
+      if (!matchesIntercept(name)) return;
+
+      const init = path.node.init;
+      if (!init) return;
+
+      if (
+        !t.isFunctionExpression(init) &&
+        !t.isArrowFunctionExpression(init)
+      )
+        return;
+
+      // Arrow functions with concise body (expr => expr) can't have statements
+      // prepended without converting to block body first.
+      if (!t.isBlockStatement(init.body)) {
+        // Convert concise body to block body
+        const returnStmt = t.returnStatement(init.body);
+        init.body = t.blockStatement([returnStmt]);
+      }
+
+      const argsExpr = init.params.length > 0
+        ? t.arrayExpression(init.params
+            .filter(p => t.isIdentifier(p))
+            .map(p => t.identifier(p.name)))
+        : t.arrayExpression([]);
+
+      const hookStmt = buildHookCall(hookVar, 'onCall', [str(name), argsExpr]);
+      init.body.body.unshift(hookStmt);
+      patchCount++;
+
+      hookPoints.push({ type: 'variableFunction', name });
+    },
+
+    // ── fetch() calls ─────────────────────────────────────────────────────────
+    CallExpression(path) {
+      if (wrapApiCalls && looksLikeApiCall(path.node)) {
+        // Build a snapshot of the first argument (URL) for the hook
+        const [urlArg] = path.node.arguments;
+        const hookArgs = [
+          str('fetch'),
+          urlArg ? t.cloneNode(urlArg, true) : t.identifier('undefined'),
+        ];
+        wrapCallExpression(path, 'onApiCall', hookArgs);
+        hookPoints.push({ type: 'apiCall', name: 'fetch' });
+        return; // wrapCallExpression calls path.skip()
+      }
+
+      if (wrapToolExecutions && looksLikeToolCall(path.node)) {
+        const calleeName = inferCalleeName(path.node.callee);
+        const [firstArg] = path.node.arguments;
+        const hookArgs = [
+          str(calleeName),
+          firstArg ? t.cloneNode(firstArg, true) : t.identifier('undefined'),
+        ];
+        wrapCallExpression(path, 'onToolCall', hookArgs);
+        hookPoints.push({ type: 'toolCall', name: calleeName });
+      }
+    },
+
+    // ── Async generator functions (streaming) ─────────────────────────────────
+    'FunctionDeclaration|FunctionExpression|ArrowFunctionExpression'(path) {
+      if (!wrapAsyncGenerators) return;
+
+      const node = path.node;
+      if (!node.async || !node.generator) return;
+
+      const body = node.body;
+      if (!t.isBlockStatement(body)) return;
+
+      // Infer a name for the hook payload
+      let name = '(asyncGenerator)';
+      if (t.isFunctionDeclaration(node) && node.id) {
+        name = node.id.name;
+      } else if (
+        t.isVariableDeclarator(path.parent) &&
+        t.isIdentifier(path.parent.id)
+      ) {
+        name = path.parent.id.name;
+      }
+
+      const hookStmt = buildHookCall(hookVar, 'onStream', [str(name)]);
+      body.body.unshift(hookStmt);
+      patchCount++;
+
+      hookPoints.push({ type: 'asyncGenerator', name });
+    },
+  });
+
+  return { patchCount, hookPoints };
+}
+
+// ---------------------------------------------------------------------------
+// detectBundlerPattern
+// ---------------------------------------------------------------------------
+
+/**
+ * @typedef {Object} BundlerInfo
+ * @property {'webpack'|'rollup'|'esbuild'|'bun'|'unknown'} bundler
+ * @property {string[]} wrapperNames  - detected module-wrapper function names
+ * @property {number}   moduleCount   - approximate number of bundled modules
+ * @property {boolean}  hasLazyInits  - true if tF1-style lazy initializers found
+ * @property {string[]} clues         - human-readable detection evidence
+ */
+
+/**
+ * Analyse the top-level AST to detect which bundler produced the bundle and
+ * extract structural metadata (same heuristic as generic-dependency-splitter.js).
+ *
+ * @param {import('@babel/types').File} ast
+ * @returns {BundlerInfo}
+ */
+function detectBundlerPattern(ast) {
+  /** name → { asCallee: number, withFuncArg: number } */
+  const usageStats = new Map();
+  const clues = [];
+
+  // Check imports — esbuild/bun bundles emit a `createRequire` import
+  let hasCreateRequire = false;
+  let hasDefine = false; // webpack/UMD define()
+  let moduleWrapperCandidateCount = 0;
+
+  for (const node of ast.program.body) {
+    if (node.type === 'ImportDeclaration') {
+      for (const spec of node.specifiers) {
+        if (t.isImportSpecifier(spec) && t.isIdentifier(spec.imported)) {
+          if (spec.imported.name === 'createRequire') {
+            hasCreateRequire = true;
+          }
+        }
+      }
+    }
+
+    if (node.type === 'VariableDeclaration') {
+      for (const decl of node.declarations) {
+        if (!t.isIdentifier(decl.id)) continue;
+        if (!decl.init || !t.isCallExpression(decl.init)) continue;
+
+        const callee = decl.init.callee;
+        if (!t.isIdentifier(callee)) continue;
+
+        const name = callee.name;
+        if (!usageStats.has(name)) {
+          usageStats.set(name, { asCallee: 0, withFuncArg: 0 });
+        }
+        const stats = usageStats.get(name);
+        stats.asCallee++;
+
+        const firstArg = decl.init.arguments[0];
+        if (
+          firstArg &&
+          (t.isFunctionExpression(firstArg) || t.isArrowFunctionExpression(firstArg))
+        ) {
+          stats.withFuncArg++;
+        }
+      }
+    }
+
+    if (
+      node.type === 'ExpressionStatement' &&
+      t.isCallExpression(node.expression)
+    ) {
+      const callee = node.expression.callee;
+      if (t.isIdentifier(callee) && callee.name === 'define') {
+        hasDefine = true;
+      }
+    }
+  }
+
+  // Find module-wrapper candidates
+  const wrapperNames = [];
+  for (const [name, stats] of usageStats) {
+    if (stats.withFuncArg >= 5) {
+      wrapperNames.push(name);
+      moduleWrapperCandidateCount += stats.withFuncArg;
+    }
+  }
+
+  // Classify bundler
+  let bundler = 'unknown';
+
+  if (hasCreateRequire && wrapperNames.length > 0) {
+    bundler = 'esbuild';
+    clues.push(`createRequire import detected (esbuild/bun pattern)`);
+    clues.push(`${wrapperNames.length} module-wrapper function(s): ${wrapperNames.slice(0, 3).join(', ')}`);
+  } else if (hasCreateRequire) {
+    bundler = 'esbuild';
+    clues.push(`createRequire import detected`);
+  } else if (wrapperNames.length > 0) {
+    // webpack uses __webpack_require__, rollup uses parenthesized IIFEs
+    const hasWebpackRequire = Array.from(usageStats.keys()).some(n =>
+      n.includes('webpack') || n.includes('__w')
+    );
+    bundler = hasWebpackRequire ? 'webpack' : 'rollup';
+    clues.push(
+      `${wrapperNames.length} module-wrapper(s) with ${moduleWrapperCandidateCount} total uses`
+    );
+  } else if (hasDefine) {
+    bundler = 'webpack';
+    clues.push('define() call detected (UMD/webpack)');
+  }
+
+  if (clues.length === 0) {
+    clues.push('No strong bundler signals found — treating as flat script');
+  }
+
+  // Detect lazy initializers: pattern `var X = tF1(() => { … })`
+  // tF1 is esbuild's lazy init helper name in the Claude Code bundle
+  const hasLazyInits = Array.from(usageStats.keys()).some(n => /^[a-z]{2,4}\d+$/.test(n));
+
+  return {
+    bundler,
+    wrapperNames,
+    moduleCount: moduleWrapperCandidateCount,
+    hasLazyInits,
+    clues,
+  };
+}
+
+// ---------------------------------------------------------------------------
+// extractFunctionMap
+// ---------------------------------------------------------------------------
+
+/**
+ * @typedef {Object} FunctionEntry
+ * @property {import('@babel/types').Node}      node           - the function AST node
+ * @property {string}                           kind           - 'declaration'|'expression'|'arrow'|'method'
+ * @property {string|null}                      inferredPurpose - best-guess description
+ * @property {string[]}                         callees        - names of functions called inside
+ * @property {string[]}                         memberAccesses - obj.prop strings accessed
+ * @property {string[]}                         stringLiterals - string literals found inside
+ */
+
+/**
+ * Find ALL function definitions (named declarations, named arrow functions in
+ * variable declarators, class methods) in a minified bundle and return a Map
+ * keyed by the function's local identifier name.
+ *
+ * "inferredPurpose" is determined by:
+ *  1. What other functions it calls (callees)
+ *  2. What properties it accesses (memberAccesses)
+ *  3. String literals embedded in its body
+ *
+ * Implementation uses a single AST pass with a function-scope stack to
+ * accumulate evidence for each named function without nested traversals.
+ * This keeps memory usage bounded even for 9-13 MB minified bundles.
+ *
+ * @param {import('@babel/types').File} ast
+ * @returns {Map<string, FunctionEntry>}
+ */
+function extractFunctionMap(ast) {
+  /** @type {Map<string, FunctionEntry>} */
+  const fnMap = new Map();
+
+  /**
+   * Each entry on the scope stack represents a named function we are currently
+   * inside.  Evidence (callees / memberAccesses / stringLiterals) collected
+   * while inside this scope is assigned to this function.
+   *
+   * @type {Array<{ name: string, node: import('@babel/types').Node, kind: string }>}
+   */
+  const scopeStack = [];
+
+  /**
+   * Map from function node reference (by object identity key) to its
+   * accumulated evidence arrays.
+   *
+   * @type {Map<import('@babel/types').Node, { callees: string[], memberAccesses: string[], stringLiterals: string[] }>}
+   */
+  const evidence = new Map();
+
+  /**
+   * Heuristically guess the purpose of a function from its internal evidence.
+   *
+   * @param {string[]} callees
+   * @param {string[]} memberAccesses
+   * @param {string[]} stringLiterals
+   * @returns {string | null}
+   */
+  function inferPurpose(callees, memberAccesses, stringLiterals) {
+    const joined = [
+      ...callees,
+      ...memberAccesses,
+      ...stringLiterals,
+    ].join(' ').toLowerCase();
+
+    if (/fetch|request|http|post|get|api/.test(joined)) return 'http/api';
+    if (/stream|chunk|readline|asynciterator/.test(joined)) return 'streaming';
+    if (/tool|execute|dispatch|invoke/.test(joined)) return 'tool-execution';
+    if (/message|prompt|conversation|chat/.test(joined)) return 'messaging';
+    if (/render|jsx|react|component/.test(joined)) return 'ui/render';
+    if (/parse|json|deserializ/.test(joined)) return 'parsing';
+    if (/auth|token|key|credential/.test(joined)) return 'auth';
+    if (/file|read|write|fs|path/.test(joined)) return 'filesystem';
+    if (/error|throw|catch|reject/.test(joined)) return 'error-handling';
+    if (/config|setting|option|prefer/.test(joined)) return 'config';
+    if (/log|debug|warn|info/.test(joined)) return 'logging';
+    return null;
+  }
+
+  /**
+   * Ensure an evidence entry exists for `node` and return it.
+   *
+   * @param {import('@babel/types').Node} node
+   */
+  function ensureEvidence(node) {
+    if (!evidence.has(node)) {
+      evidence.set(node, { callees: [], memberAccesses: [], stringLiterals: [] });
+    }
+    return evidence.get(node);
+  }
+
+  /**
+   * Push a named function node onto the scope stack.
+   *
+   * @param {string} name
+   * @param {import('@babel/types').Node} node
+   * @param {string} kind
+   */
+  function pushScope(name, node, kind) {
+    ensureEvidence(node);
+    scopeStack.push({ name, node, kind });
+  }
+
+  /** Pop the innermost scope and register it in fnMap. */
+  function popScope() {
+    const frame = scopeStack.pop();
+    if (!frame) return;
+
+    // Only register the first definition for each name
+    if (fnMap.has(frame.name)) return;
+
+    const ev = evidence.get(frame.node) ?? { callees: [], memberAccesses: [], stringLiterals: [] };
+    const inferredPurpose = inferPurpose(ev.callees, ev.memberAccesses, ev.stringLiterals);
+
+    fnMap.set(frame.name, {
+      node: frame.node,
+      kind: frame.kind,
+      callees: ev.callees,
+      memberAccesses: ev.memberAccesses,
+      stringLiterals: ev.stringLiterals,
+      inferredPurpose,
+    });
+
+    // Free the evidence node — we no longer need it
+    evidence.delete(frame.node);
+  }
+
+  /**
+   * Add evidence to all functions currently in scope (innermost receives it,
+   * but we attribute to all ancestors for the purposes of inferredPurpose,
+   * which mirrors what a human would see by reading nested functions).
+   *
+   * For memory efficiency we only attribute to the innermost scope frame.
+   *
+   * @param {'callees'|'memberAccesses'|'stringLiterals'} kind
+   * @param {string} value
+   */
+  function addEvidence(kind, value) {
+    if (scopeStack.length === 0) return;
+    const frame = scopeStack[scopeStack.length - 1];
+    const ev = ensureEvidence(frame.node);
+    ev[kind].push(value);
+  }
+
+  // ---------------------------------------------------------------------------
+  // Single-pass traversal
+  // ---------------------------------------------------------------------------
+  traverseBundle(ast, {
+    // Enter handlers: push scope frames
+    FunctionDeclaration: {
+      enter(path) {
+        const name = path.node.id?.name;
+        if (name) pushScope(name, path.node, 'declaration');
+      },
+      exit(path) {
+        if (path.node.id?.name) popScope();
+      },
+    },
+
+    FunctionExpression: {
+      enter(path) {
+        // Only track if the parent is a VariableDeclarator with an Identifier id
+        if (
+          t.isVariableDeclarator(path.parent) &&
+          t.isIdentifier(path.parent.id)
+        ) {
+          pushScope(path.parent.id.name, path.node, 'expression');
+        } else if (path.node.id?.name) {
+          // Named function expression
+          pushScope(path.node.id.name, path.node, 'expression');
+        }
+      },
+      exit(path) {
+        const hasFrame =
+          (t.isVariableDeclarator(path.parent) && t.isIdentifier(path.parent.id)) ||
+          path.node.id?.name;
+        if (hasFrame) popScope();
+      },
+    },
+
+    ArrowFunctionExpression: {
+      enter(path) {
+        if (
+          t.isVariableDeclarator(path.parent) &&
+          t.isIdentifier(path.parent.id)
+        ) {
+          pushScope(path.parent.id.name, path.node, 'arrow');
+        }
+      },
+      exit(path) {
+        if (
+          t.isVariableDeclarator(path.parent) &&
+          t.isIdentifier(path.parent.id)
+        ) {
+          popScope();
+        }
+      },
+    },
+
+    ClassMethod: {
+      enter(path) {
+        const key = path.node.key;
+        const name = t.isIdentifier(key)
+          ? key.name
+          : t.isStringLiteral(key)
+            ? key.value
+            : null;
+        if (name) pushScope(name, path.node, 'method');
+      },
+      exit(path) {
+        const key = path.node.key;
+        if (t.isIdentifier(key) || t.isStringLiteral(key)) popScope();
+      },
+    },
+
+    ObjectMethod: {
+      enter(path) {
+        const key = path.node.key;
+        const name = t.isIdentifier(key)
+          ? key.name
+          : t.isStringLiteral(key)
+            ? key.value
+            : null;
+        if (name) pushScope(name, path.node, 'method');
+      },
+      exit(path) {
+        const key = path.node.key;
+        if (t.isIdentifier(key) || t.isStringLiteral(key)) popScope();
+      },
+    },
+
+    // Evidence collectors (add to innermost scope only)
+    CallExpression(path) {
+      const callee = path.node.callee;
+      if (t.isIdentifier(callee)) {
+        addEvidence('callees', callee.name);
+      } else if (t.isMemberExpression(callee) && t.isIdentifier(callee.property)) {
+        addEvidence('callees', callee.property.name);
+      }
+    },
+
+    MemberExpression(path) {
+      if (
+        t.isIdentifier(path.node.object) &&
+        t.isIdentifier(path.node.property) &&
+        !path.node.computed
+      ) {
+        addEvidence(
+          'memberAccesses',
+          `${path.node.object.name}.${path.node.property.name}`
+        );
+      }
+    },
+
+    StringLiteral(path) {
+      const val = path.node.value;
+      // Keep only short, meaningful strings; discard base64, long hashes, etc.
+      if (
+        val.length > 0 &&
+        val.length < 120 &&
+        !/^[A-Za-z0-9+/]{40,}=*$/.test(val)
+      ) {
+        addEvidence('stringLiterals', val);
+      }
+    },
+  });
+
+  return fnMap;
+}
+
+// ---------------------------------------------------------------------------
+// findCliExports
+// ---------------------------------------------------------------------------
+
+/**
+ * @typedef {Object} CliExportEntry
+ * @property {string|null}                         name        - Minified identifier name, if discoverable
+ * @property {import('@babel/types').Node}          node        - The AST node
+ * @property {import('@babel/traverse').NodePath}   path        - The Babel path
+ * @property {number}                               confidence  - 0.0–1.0 match score
+ * @property {string[]}                             [paramKeys] - (agentLoop only) matched param keys
+ */
+
+/**
+ * @typedef {Object} CliExports
+ * @property {CliExportEntry}           agentLoop        - The main agent loop async generator
+ * @property {CliExportEntry}           appStateFactory  - The app-state initializer
+ * @property {{ path, node }|null}      topLevelGuard    - The top-level CLI invocation guard
+ * @property {{ name: string, count: number }|null}  moduleWrapper  - esbuild lazy-init wrapper
+ * @property {string[]}                 lazyInitWrappers - Names of lazy-init vars (L/p wrappers) that
+ *                                                         need to be called to initialize null-vars used
+ *                                                         by the agent loop (e.g. LRU cache class jN)
+ * @property {string|null}              configEnabler    - Name of the function that sets the config-access
+ *                                                         guard (e.g. h$6) — must be called before agentLoop
+ */
+
+// ---------------------------------------------------------------------------
+// Pass-E fingerprint helpers (utility functions)
+// ---------------------------------------------------------------------------
+
+/** Permission mode strings used as fingerprint evidence */
+const PERMISSION_MODES = ['bypassPermissions', 'acceptEdits', 'plan', 'default'];
+
+/**
+ * Recursively scan a node for string literals matching a target set.
+ * Returns the number of distinct matches found.
+ *
+ * @param {import('@babel/types').Node} node
+ * @param {string[]} targets
+ * @param {number} [maxDepth]
+ * @returns {number}
+ */
+function _countDistinctStrings(node, targets, maxDepth = 10) {
+  const found = new Set();
+  function scan(n, depth) {
+    if (!n || typeof n !== 'object' || depth <= 0) return;
+    if (n.type === 'StringLiteral' && targets.includes(n.value)) found.add(n.value);
+    for (const key of Object.keys(n)) {
+      if (key === 'loc' || key === 'start' || key === 'end' || key === 'type') continue;
+      const child = n[key];
+      if (Array.isArray(child)) { for (const c of child) { if (c?.type) scan(c, depth - 1); } }
+      else if (child?.type) scan(child, depth - 1);
+    }
+  }
+  scan(node, maxDepth);
+  return found.size;
+}
+
+/**
+ * Recursively scan a node for any Identifier with a specific name.
+ *
+ * @param {import('@babel/types').Node} node
+ * @param {string} name
+ * @param {number} [maxDepth]
+ * @returns {boolean}
+ */
+function _hasIdentifier(node, name, maxDepth = 12) {
+  function scan(n, depth) {
+    if (!n || typeof n !== 'object' || depth <= 0) return false;
+    if (n.type === 'Identifier' && n.name === name) return true;
+    for (const key of Object.keys(n)) {
+      if (key === 'loc' || key === 'start' || key === 'end' || key === 'type') continue;
+      const child = n[key];
+      if (Array.isArray(child)) { for (const c of child) { if (c?.type && scan(c, depth - 1)) return true; } }
+      else if (child?.type) { if (scan(child, depth - 1)) return true; }
+    }
+    return false;
+  }
+  return scan(node, maxDepth);
+}
+
+/**
+ * Check if a function node body contains a `switch` on PERMISSION_MODES strings.
+ * This is the fingerprint for setPermissionModeFn (f4A pattern).
+ *
+ * @param {import('@babel/types').Node} body
+ * @returns {boolean}
+ */
+function _hasSwitchOnPermissionModes(body) {
+  if (!body) return false;
+  // Look for SwitchStatement cases with PERMISSION_MODE values
+  function scan(n, depth = 0) {
+    if (!n || typeof n !== 'object' || depth > 6) return false;
+    if (n.type === 'SwitchStatement') {
+      if (!n.cases) return false;
+      const caseVals = n.cases
+        .filter(c => c.test?.type === 'StringLiteral')
+        .map(c => c.test.value);
+      const matched = PERMISSION_MODES.filter(m => caseVals.includes(m));
+      if (matched.length >= 3) return true;
+    }
+    for (const key of Object.keys(n)) {
+      if (key === 'loc' || key === 'start' || key === 'end' || key === 'type') continue;
+      const child = n[key];
+      if (Array.isArray(child)) { for (const c of child) { if (c?.type && scan(c, depth + 1)) return true; } }
+      else if (child?.type) { if (scan(child, depth + 1)) return true; }
+    }
+    return false;
+  }
+  return scan(body);
+}
+
+/**
+ * Check if a function body has a switch statement that RETURNS one of the
+ * PERMISSION_MODE strings directly from its cases (f4A pattern — normalizer).
+ * Returns confidence 0-1.
+ *
+ * @param {import('@babel/types').Node} body
+ * @returns {number}  0 = not a match, 0.9 = strong match
+ */
+function _permissionModeNormalizerConfidence(body) {
+  if (!body) return 0;
+  function scan(n, depth = 0) {
+    if (!n || typeof n !== 'object' || depth > 6) return 0;
+    if (n.type === 'SwitchStatement') {
+      // Cases should return the same string as their test value
+      let matchingCases = 0;
+      for (const c of (n.cases ?? [])) {
+        if (
+          c.test?.type === 'StringLiteral' &&
+          PERMISSION_MODES.includes(c.test.value) &&
+          c.consequent?.length >= 1 &&
+          c.consequent[0]?.type === 'ReturnStatement' &&
+          c.consequent[0].argument?.type === 'StringLiteral' &&
+          PERMISSION_MODES.includes(c.consequent[0].argument.value)
+        ) {
+          matchingCases++;
+        }
+      }
+      if (matchingCases >= 3) return 0.95;
+      if (matchingCases >= 2) return 0.7;
+    }
+    let best = 0;
+    for (const key of Object.keys(n)) {
+      if (key === 'loc' || key === 'start' || key === 'end' || key === 'type') continue;
+      const child = n[key];
+      if (Array.isArray(child)) {
+        for (const c of child) { if (c?.type) { const r = scan(c, depth + 1); if (r > best) best = r; } }
+      } else if (child?.type) { const r = scan(child, depth + 1); if (r > best) best = r; }
+    }
+    return best;
+  }
+  return scan(body);
+}
+
+/**
+ * Check if a function returns a string containing 'claude-' in at least one
+ * return statement. Returns confidence 0-1.
+ *
+ * @param {import('@babel/types').Node} body
+ * @returns {number}
+ */
+function _returnsClaudeString(body) {
+  if (!body) return 0;
+  // For a function body, scan for ReturnStatement → StringLiteral or template literal
+  // containing 'claude-' or returns a call that resolves to such a string
+  let hasDirectReturn = false;
+  let hasIndirectReturn = false;
+
+  function scan(n, depth = 0) {
+    if (!n || typeof n !== 'object' || depth > 8) return;
+    if (n.type === 'ReturnStatement') {
+      const arg = n.argument;
+      if (!arg) return;
+      if (arg.type === 'StringLiteral' && arg.value?.includes('claude-')) {
+        hasDirectReturn = true; return;
+      }
+      // Return of a template literal with claude-
+      if (arg.type === 'TemplateLiteral') {
+        const has = arg.quasis?.some(q => q.value?.cooked?.includes('claude-'));
+        if (has) { hasDirectReturn = true; return; }
+      }
+      // Return of a call expression (RZ pattern: returns Ko(), nu(), etc.)
+      if (arg.type === 'CallExpression') {
+        hasIndirectReturn = true;
+      }
+      // Return of string concat with claude-
+      if (arg.type === 'BinaryExpression' && arg.operator === '+') {
+        function scanBinary(bn, d2 = 0) {
+          if (!bn || d2 > 3) return false;
+          if (bn.type === 'StringLiteral' && bn.value?.includes('claude-')) return true;
+          if (bn.type === 'BinaryExpression') return scanBinary(bn.left, d2+1) || scanBinary(bn.right, d2+1);
+          return false;
+        }
+        if (scanBinary(arg)) hasDirectReturn = true;
+      }
+    }
+    for (const key of Object.keys(n)) {
+      if (key === 'loc' || key === 'start' || key === 'end' || key === 'type') continue;
+      const child = n[key];
+      if (Array.isArray(child)) { for (const c of child) { if (c?.type) scan(c, depth + 1); } }
+      else if (child?.type) scan(child, depth + 1);
+    }
+  }
+  scan(body);
+
+  if (hasDirectReturn) return 0.9;
+  if (hasIndirectReturn && _countDistinctStrings(body, ['claude-3', 'claude-sonnet', 'claude-opus', 'claude-haiku'], 3) > 0) return 0.7;
+  // Indirect: contains 'claude-' in body strings
+  if (_countDistinctStrings(body, ['claude-3', 'claude-sonnet', 'claude-opus'], 5) > 0) return 0.5;
+  return 0;
+}
+
+/**
+ * Keys we expect to find in the agentLoop's destructured parameter object.
+ * These are the real parameter names before minification (the bundle keeps
+ * them as object property keys even though the local variables are renamed).
+ */
+const AGENT_LOOP_PARAM_KEYS = [
+  'prompt', 'cwd', 'tools', 'maxTurns', 'commands', 'mcpClients', 'verbose',
+  'canUseTool', 'mutableMessages', 'abortController', 'getAppState', 'setAppState',
+  'messageQueueManager', 'promptUuid', 'includePartialMessages', 'agents',
+  'replayUserMessages', 'customSystemPrompt', 'appendSystemPrompt',
+  'userSpecifiedModel', 'fallbackModel',
+];
+
+/**
+ * Keys we expect in appStateFactory's return object.
+ */
+const APP_STATE_RETURN_KEYS = [
+  'mainLoopModel', 'toolPermissionContext', 'mcp', 'settings', 'verbose',
+  'plugins', 'todos', 'agentDefinitions',
+];
+
+/**
+ * Perform a single traversal of the AST to fingerprint and locate:
+ *  - agentLoop: the top-level async generator* that accepts the standard
+ *    agent-loop parameter bag (prompt, cwd, tools, getAppState, …)
+ *  - appStateFactory: the factory function that returns the app-state object
+ *    (contains mainLoopModel, toolPermissionContext, …)
+ *  - topLevelGuard: the ExpressionStatement at Program body level whose
+ *    expression is a bare CallExpression (the CLI auto-start guard)
+ *  - moduleWrapper: the most-called esbuild lazy-init wrapper function
+ *
+ * All fingerprinting is evidence-based:  we count how many expected signals
+ * are present and compute a confidence score in [0, 1].
+ *
+ * @param {import('@babel/types').File} ast
+ * @returns {CliExports}
+ */
+function findCliExports(ast) {
+  /** Candidates for agentLoop: async function* with destructured param */
+  const agentLoopCandidates = [];
+  /** Candidates for appStateFactory: sync function that returns a large state object */
+  const appStateCandidates = [];
+  /** Top-level bare CallExpression (the CLI guard) */
+  let topLevelGuard = null;
+  /** esbuild lazy-init wrapper usage counts */
+  const wrapperCounts = new Map();
+
+  // ── Module-wrapper pass: look at top-level VariableDeclarations ────────────
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'VariableDeclaration') continue;
+    for (const decl of stmt.declarations) {
+      if (decl.id?.type !== 'Identifier') continue;
+      if (!decl.init || decl.init.type !== 'CallExpression') continue;
+      const callee = decl.init.callee;
+      if (callee.type !== 'Identifier') continue;
+      const firstArg = decl.init.arguments[0];
+      if (!firstArg) continue;
+      if (
+        firstArg.type !== 'FunctionExpression' &&
+        firstArg.type !== 'ArrowFunctionExpression'
+      ) continue;
+      wrapperCounts.set(callee.name, (wrapperCounts.get(callee.name) ?? 0) + 1);
+    }
+  }
+
+  // Find the top-level guard (last bare CallExpression at program body)
+  // We look for the last ExpressionStatement whose expression is a CallExpression
+  // at the very top level, using a simple loop (no traversal needed).
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'ExpressionStatement') continue;
+    const expr = stmt.expression;
+    if (expr.type !== 'CallExpression') continue;
+    const callee = expr.callee;
+    // Must be a bare Identifier call (not a method call) to be the guard
+    if (callee.type !== 'Identifier') continue;
+    // Keep overwriting — we want the LAST one
+    topLevelGuard = { path: null, node: stmt, callName: callee.name };
+  }
+
+  // ── Pass A: agentLoop + topLevelGuard (no nested path.traverse) ─────────────
+  //
+  // IMPORTANT: We must NOT mix visitors that call path.traverse() internally
+  // with other node-type visitors in the same traverse() call.  Babel's
+  // traversal state can be disturbed by nested path.traverse() calls, causing
+  // some nodes to be silently skipped.
+  //
+  // Therefore agentLoop (pure param inspection — no nesting) and
+  // appStateFactory (needs nested traversal) are kept in SEPARATE passes.
+  traverse(ast, {
+    // ----- Async generators → agentLoop candidates -------------------------
+    FunctionDeclaration(path) {
+      const node = path.node;
+      if (!node.async || !node.generator) return;
+      if (!node.params || node.params.length < 1) return;
+
+      // The agentLoop must have exactly 1 parameter that is an ObjectPattern
+      const param = node.params[0];
+      if (param.type !== 'ObjectPattern') return;
+
+      // Collect the property key names from the destructured parameter
+      const presentKeys = param.properties
+        .filter(p => p.type === 'ObjectProperty' && p.key?.type === 'Identifier')
+        .map(p => p.key.name);
+
+      // Count how many expected keys are present
+      const matched = presentKeys.filter(k => AGENT_LOOP_PARAM_KEYS.includes(k));
+
+      // Need at least 4 to be a real candidate
+      if (matched.length < 4) return;
+
+      // Infer the visible name — FunctionDeclaration always has node.id
+      const name = node.id?.name ?? null;
+      const confidence = matched.length / AGENT_LOOP_PARAM_KEYS.length;
+
+      agentLoopCandidates.push({
+        name,
+        node,
+        path,
+        confidence,
+        paramKeys: presentKeys,
+        matchedKeys: matched,
+      });
+    },
+
+    // ----- ExpressionStatement at Program level → top-level guard ---------
+    ExpressionStatement(path) {
+      if (path.parent?.type !== 'Program') return;
+      const expr = path.node.expression;
+      if (expr.type !== 'CallExpression') return;
+      const callee = expr.callee;
+      if (callee.type !== 'Identifier') return;
+      // Keep overwriting — last one wins
+      topLevelGuard = { path, node: path.node, callName: callee.name };
+    },
+  });
+
+  // ── Pass B: appStateFactory (separate pass to avoid nested-traverse interference)
+  traverse(ast, {
+    // ----- Regular functions → appStateFactory candidates -----------------
+    'FunctionDeclaration|FunctionExpression|ArrowFunctionExpression'(path) {
+      const node = path.node;
+      // Not async generators — the factory is a simple sync function
+      if (node.async && node.generator) return;
+
+      let returnedKeys = [];
+      let hasMainLoopModel = false;
+      let hasToolPermissionContext = false;
+
+      // Use path.traverse() for the inner scan — safe because this is now
+      // in its own dedicated outer-traversal pass.
+      path.traverse({
+        ReturnStatement(innerPath) {
+          const arg = innerPath.node.argument;
+          if (arg?.type === 'ObjectExpression') {
+            for (const prop of arg.properties) {
+              if (prop.type === 'ObjectProperty' && prop.key?.type === 'Identifier') {
+                returnedKeys.push(prop.key.name);
+              }
+            }
+          }
+        },
+        Identifier(innerPath) {
+          if (innerPath.node.name === 'mainLoopModel') hasMainLoopModel = true;
+          if (innerPath.node.name === 'toolPermissionContext') hasToolPermissionContext = true;
+        },
+      });
+
+      if (!hasMainLoopModel) return;
+
+      let name = null;
+      if (node.id?.name) name = node.id.name;
+      else if (
+        t.isVariableDeclarator(path.parent) &&
+        t.isIdentifier(path.parent.id)
+      ) {
+        name = path.parent.id.name;
+      }
+
+      const matchedReturnKeys = returnedKeys.filter(k => APP_STATE_RETURN_KEYS.includes(k));
+      const confidence =
+        (hasMainLoopModel ? 0.4 : 0) +
+        (hasToolPermissionContext ? 0.3 : 0) +
+        Math.min(matchedReturnKeys.length / APP_STATE_RETURN_KEYS.length, 1) * 0.3;
+
+      appStateCandidates.push({ name, node, path, confidence, returnedKeys });
+    },
+  });
+
+  // ── Pass C: find lazy-init wrappers (L/p calls) that initialize null vars
+  //           used by LRU-cache-like constructors (zW4 pattern).
+  //
+  // These wrappers must be called (triggered) before the agentLoop runs, to
+  // ensure that classes like jN (the LRU cache implementation) are assigned.
+  //
+  // Strategy:
+  //   1. Find all null-initialized top-level vars.
+  //   2. Find all L(...)/p(...) wrappers that ASSIGN those vars to a ClassExpression.
+  //   3. Return the wrapper variable names so injectCliExports can call them.
+  //
+  // We use a two-sub-pass approach (no nested traverse) to avoid interference.
+  /** @type {Set<string>} null-initialized variable names at top level */
+  const nullInitVars = new Set();
+  /** @type {Map<string,string>} wrapperVarName → nullVarName it initializes */
+  const lazyInitMap = new Map();
+
+  // Sub-pass C1: collect null-initialized vars
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'VariableDeclaration') continue;
+    for (const decl of stmt.declarations) {
+      if (
+        decl.id?.type === 'Identifier' &&
+        (decl.init === null || decl.init?.type === 'NullLiteral')
+      ) {
+        nullInitVars.add(decl.id.name);
+      }
+    }
+  }
+
+  // Sub-pass C2: find L/p wrapper vars whose arrow body assigns any null-initialized var
+  // to any value.  This catches all module-init wrappers (not just LRU cache classes).
+  //
+  // We collect ALL such wrappers so we can call them all before agentLoop runs,
+  // mimicking the lazy initialization that normally happens during CLI startup.
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'VariableDeclaration') continue;
+    for (const decl of stmt.declarations) {
+      if (decl.id?.type !== 'Identifier') continue;
+      const init = decl.init;
+      if (!init || init.type !== 'CallExpression') continue;
+      const callee = init.callee;
+      if (!callee || callee.type !== 'Identifier') continue;
+      // Must be an L or p wrapper call
+      if (callee.name !== 'L' && callee.name !== 'p') continue;
+      const arg0 = init.arguments[0];
+      if (!arg0 || (arg0.type !== 'ArrowFunctionExpression' && arg0.type !== 'FunctionExpression')) continue;
+
+      // Scan the arg body for any assignment of a null-initialized var to ANY value
+      const body = arg0.body?.body ?? (arg0.body ? [arg0.body] : []);
+      let foundNullVarAssign = false;
+      let assignedVarName = null;
+      for (const s of body) {
+        if (s.type !== 'ExpressionStatement') continue;
+        const expr = s.expression;
+        if (expr?.type !== 'AssignmentExpression') continue;
+        const leftName = expr.left?.type === 'Identifier' ? expr.left.name : null;
+        if (!leftName || !nullInitVars.has(leftName)) continue;
+        // Any right-hand side type counts (ClassExpression, CallExpression, etc.)
+        foundNullVarAssign = true;
+        assignedVarName = leftName;
+        break;
+      }
+
+      if (foundNullVarAssign) {
+        lazyInitMap.set(decl.id.name, assignedVarName);
+      }
+    }
+  }
+
+  const lazyInitWrappers = Array.from(lazyInitMap.keys());
+
+  // ── Pass E: utility function fingerprinting ──────────────────────────────────
+  //
+  // We look for these named functions (all by AST evidence, never by hardcoded
+  // minified names):
+  //
+  //  defaultModelFn   — 0-param function that returns a string containing 'claude-'
+  //                     AND also calls another function (not a simple string literal
+  //                     return, which would be a version string).  The body should
+  //                     contain at least one 'claude-' string in its call-chain.
+  //                     Fingerprint: 0 params, returnClaudeString confidence ≥ 0.5,
+  //                     does NOT contain "claude-cli/" (that's the user-agent fn).
+  //
+  //  supportedModelsFn — 0-param function returning array of {value, label?, description?}
+  //                      objects where value strings contain 'null' or 'sonnet'/'opus'/
+  //                      'haiku' (the model picker options).
+  //                      Fingerprint: 0 params, returns or accesses an array with
+  //                      model option objects (has both 'value' and 'label'/'description').
+  //
+  //  setPermissionModeFn — 1-param function with switch statement on PERMISSION_MODES.
+  //                        The cases return the same string literals (normalization).
+  //                        Fingerprint: 1 param, switch cases map modes → modes.
+  //
+  //  buildPermissionCtxFn — 1-param function that uses PERMISSION_MODE strings and
+  //                         pushes/returns a mode value.  Different from setPermissionModeFn
+  //                         in that it also reads settings (has more complex body).
+  //                         Fingerprint: 1 param, contains PERMISSION_MODE strings,
+  //                         has array push or conditional return of mode strings,
+  //                         contains 'default' as fallback return.
+  //
+  //  resumeSessionFn  — async non-generator function with 1-2 params that contains
+  //                     'resume' and 'session' string literals and involves network/API calls.
+  //                     Fingerprint: async, ≤2 params, contains 'resume' and 'session' strings.
+  //
+  //  commandsArrayVar — The lazy-init var that holds the slash commands array.
+  //                     Fingerprint: top-level var whose init is a call to a lazy-init
+  //                     wrapper with an arrow returning a large array of command objects
+  //                     (has objects with 'name', 'description', 'isEnabled' properties).
+
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let defaultModelFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let supportedModelsFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let setPermissionModeFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let buildPermissionCtxFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let resumeSessionFn = null;
+  /** @type {{ name: string|null, confidence: number }|null} */
+  let commandsArrayVar = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let permissionChecker = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let continueSessionFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let hookRegistrySetterFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let hookClearFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let allowedSettingSourcesSetterFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let mcpConnectFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let permissionPromptToolFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let createLinkedTransportPairFn = null;
+  /** @type {{ name: string|null, node: import('@babel/types').Node, path: import('@babel/traverse').NodePath, confidence: number }|null} */
+  let getAccountInfoFn = null;
+
+  // Helper to check if a function body contains model-list-like content:
+  // returns array with objects having {value, label} or {value, description}
+  function _hasModelListContent(node) {
+    // Look for ObjectExpression with 'value' + ('label' or 'description') keys
+    // where value is null, a string like 'sonnet'/'opus'/'haiku', or a call
+    let count = 0;
+    function scan(n, depth = 0) {
+      if (!n || typeof n !== 'object' || depth > 12) return;
+      if (n.type === 'ObjectExpression') {
+        const keys = n.properties
+          .filter(p => p.type === 'ObjectProperty' && p.key?.type === 'Identifier')
+          .map(p => p.key.name);
+        if (keys.includes('value') && (keys.includes('label') || keys.includes('description'))) {
+          // Value is NullLiteral or string or call returning null
+          const vp = n.properties.find(p => p.type === 'ObjectProperty' && p.key?.name === 'value');
+          if (vp?.value?.type === 'NullLiteral' ||
+              vp?.value?.type === 'StringLiteral' ||
+              vp?.value?.type === 'CallExpression') {
+            count++;
+          }
+        }
+      }
+      for (const key of Object.keys(n)) {
+        if (key === 'loc' || key === 'start' || key === 'end' || key === 'type') continue;
+        const child = n[key];
+        if (Array.isArray(child)) { for (const c of child) { if (c?.type) scan(c, depth + 1); } }
+        else if (child?.type) scan(child, depth + 1);
+      }
+    }
+    scan(node);
+    return count;
+  }
+
+  // Helper: check for command array pattern in a lazy-init arrow body
+  // The commands array has objects with 'name', 'description', 'isEnabled' keys
+  function _isCommandArrayContent(arrayNode) {
+    if (!arrayNode || arrayNode.type !== 'ArrayExpression') return 0;
+    let count = 0;
+    for (const el of (arrayNode.elements ?? [])) {
+      if (!el) continue;
+      if (el.type === 'Identifier') { count += 0.5; continue; } // spread refs count partially
+      if (el.type === 'SpreadElement') { count += 0.5; continue; }
+      if (el.type === 'ObjectExpression') {
+        const keys = el.properties
+          .filter(p => p.type === 'ObjectProperty' && p.key?.type === 'Identifier')
+          .map(p => p.key.name);
+        if (keys.includes('name') && keys.includes('description') && (keys.includes('isEnabled') || keys.includes('type'))) {
+          count++;
+        }
+      }
+    }
+    return count;
+  }
+
+  traverse(ast, {
+    'FunctionDeclaration|FunctionExpression|ArrowFunctionExpression'(path) {
+      const node = path.node;
+      const params = node.params ?? [];
+      const paramCount = params.length;
+
+      // Get the name of this function
+      let name = null;
+      if (node.id?.name) name = node.id.name;
+      else if (
+        t.isVariableDeclarator(path.parent) &&
+        t.isIdentifier(path.parent.id)
+      ) {
+        name = path.parent.id.name;
+      }
+
+      const body = node.body;
+
+      // ── defaultModelFn placeholder — will be filled by sub-pass below ──
+      // (defaultModelFn is found via mainLoopModel context analysis, not inline)
+
+      // ── supportedModelsFn (0 params, body has model-option objects) ──
+      if (paramCount === 0 && !node.async && !node.generator) {
+        const modelObjCount = _hasModelListContent(body);
+        if (modelObjCount >= 1) {
+          const conf = Math.min(0.5 + modelObjCount * 0.15, 0.95);
+          if (!supportedModelsFn || conf > supportedModelsFn.confidence) {
+            supportedModelsFn = { name, node, path, confidence: conf };
+          }
+        }
+      }
+
+      // ── setPermissionModeFn (1 param, switch on permission modes, returns same strings) ──
+      if (paramCount === 1 && !node.async && !node.generator) {
+        const switchConf = _permissionModeNormalizerConfidence(body);
+        if (switchConf >= 0.7) {
+          if (!setPermissionModeFn || switchConf > setPermissionModeFn.confidence) {
+            setPermissionModeFn = { name, node, path, confidence: switchConf };
+          }
+        }
+      }
+
+      // ── buildPermissionCtxFn (1 param, uses PERMISSION_MODE strings, pushes/returns mode) ──
+      // P5B pattern: has 'bypassPermissions' + 'default' + .push() call on an array of modes
+      // The key distinguishing feature: it calls .push() with a permission mode string,
+      // meaning it's BUILDING a priority list rather than mapping/labeling.
+      if (paramCount >= 1 && paramCount <= 3 && !node.async && !node.generator) {
+        const modeCount = _countDistinctStrings(body, PERMISSION_MODES, 8);
+        if (modeCount >= 2) {
+          // Must contain 'bypassPermissions' (the most security-sensitive mode)
+          const hasBypass = _countDistinctStrings(body, ['bypassPermissions'], 6) > 0;
+          // Must NOT be the setPermissionModeFn (which has switch returning same strings)
+          const notNormalizer = _permissionModeNormalizerConfidence(body) < 0.7;
+
+          // Additional distinguisher: must have a .push() call (P5B pattern)
+          // or an array accumulation pattern
+          function _hasPushCall(n, d = 0) {
+            if (!n || typeof n !== 'object' || d > 8) return false;
+            if (n.type === 'CallExpression') {
+              const callee = n.callee;
+              if (callee?.type === 'MemberExpression' && callee.property?.name === 'push') return true;
+            }
+            for (const k of Object.keys(n)) {
+              if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+              const ch = n[k];
+              if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && _hasPushCall(c, d+1)) return true; } }
+              else if (ch?.type) { if (_hasPushCall(ch, d+1)) return true; }
+            }
+            return false;
+          }
+          const hasPush = _hasPushCall(body);
+
+          if (hasBypass && notNormalizer && hasPush) {
+            const conf = Math.min(0.5 + modeCount * 0.15, 0.85);
+            if (!buildPermissionCtxFn || conf > buildPermissionCtxFn.confidence) {
+              buildPermissionCtxFn = { name, node, path, confidence: conf };
+            }
+          }
+        }
+      }
+
+      // ── resumeSessionFn (async, ≤2 params, contains resume-related strings) ──
+      // a56 pattern: async, 2 params, loads session from disk (JSONL) or by session ID.
+      // The primary discriminator vs network-based session loaders:
+      //   - handles `continue` (no session ID) by finding most recent session
+      //   - handles `resume` (with session ID) by loading JSONL from disk
+      //   - calls a hook ('resume') after loading
+      //   - returns { messages, sessionId, ... } with MANY fields
+      if (node.async && !node.generator && paramCount <= 2) {
+        // Use substring matching — 'resume' may appear in longer strings
+        function _hasStringContaining(n, substr, maxD = 10) {
+          function sc(nn, d) {
+            if (!nn || typeof nn !== 'object' || d <= 0) return false;
+            if (nn.type === 'StringLiteral' && typeof nn.value === 'string' && nn.value.includes(substr)) return true;
+            for (const k of Object.keys(nn)) {
+              if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+              const ch = nn[k];
+              if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && sc(c, d-1)) return true; } }
+              else if (ch?.type) { if (sc(ch, d-1)) return true; }
+            }
+            return false;
+          }
+          return sc(n, maxD);
+        }
+        const hasResume = _hasStringContaining(body, 'resume', 10);
+        const hasSession = _hasStringContaining(body, 'session', 10) || _hasStringContaining(body, 'Session', 10);
+
+        if (hasResume && hasSession) {
+          // Primary fingerprint: a56 pattern — returns object with messages + sessionId
+          // and handles both sessionId=undefined (continue) and sessionId=string (resume)
+          // Look for: returns object with 'messages' key AND 'sessionId' key (both are disk-based)
+          function _hasReturnWithKeys(n, keys, maxD = 10) {
+            let found = false;
+            function scan(nn, d) {
+              if (!nn || typeof nn !== 'object' || d <= 0 || found) return;
+              if (nn.type === 'ReturnStatement' && nn.argument?.type === 'ObjectExpression') {
+                const retKeys = nn.argument.properties
+                  .filter(p => p.type === 'ObjectProperty' && p.key?.type === 'Identifier')
+                  .map(p => p.key.name);
+                if (keys.every(k => retKeys.includes(k))) { found = true; return; }
+              }
+              for (const k of Object.keys(nn)) {
+                if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+                const ch = nn[k];
+                if (Array.isArray(ch)) { for (const c of ch) { if (c?.type) scan(c, d-1); } }
+                else if (ch?.type) scan(ch, d-1);
+              }
+            }
+            scan(n, maxD);
+            return found;
+          }
+          const hasSessionIdReturn = _hasReturnWithKeys(body, ['messages', 'sessionId'], 12);
+          const hasContinueHandling = _hasStringContaining(body, 'continue', 8);
+          // Also check for forkSession (a distinctive field in the return object)
+          const hasForkSession = _hasStringContaining(body, 'forkSession', 8);
+
+          // Old tighter fingerprint (for network-based session loaders)
+          const hasAccessToken = _hasStringContaining(body, 'access_token', 8) ||
+                                 _hasStringContaining(body, 'accessToken', 8);
+          const hasTeleport = _hasStringContaining(body, 'TELEPORT', 8) ||
+                              _hasStringContaining(body, 'Sessions API', 8);
+
+          let conf = 0.4;
+          if (hasSessionIdReturn) conf += 0.25;
+          if (hasContinueHandling) conf += 0.15;
+          if (hasForkSession) conf += 0.1;
+          if (hasAccessToken) conf += 0.05;
+          if (hasTeleport) conf += 0.05;
+          // Prefer local-disk based (hasSessionIdReturn) over network-based
+          // If no sessionId in return but has access_token, lower priority
+          if (!hasSessionIdReturn && (hasAccessToken || hasTeleport)) {
+            conf = Math.max(conf, 0.5); // network-based still a candidate
+          }
+          if (!resumeSessionFn || conf > resumeSessionFn.confidence) {
+            resumeSessionFn = { name, node, path, confidence: conf };
+          }
+        }
+      }
+
+      // ── permissionChecker (async, 2-4 params, checks toolPermissionContext.mode,
+      //    returns {behavior, updatedInput}) ──
+      // FWY pattern: async function that checks permission context mode and returns
+      // allow/deny/ask behavior objects.
+      // Key discriminators:
+      //   - async (not generator)
+      //   - 2-4 params
+      //   - has 'bypassPermissions' and 'plan' string literals (mode checks)
+      //   - returns object with 'behavior' and 'updatedInput' keys
+      //   - accesses .mode property on toolPermissionContext
+      if (node.async && !node.generator && paramCount >= 2 && paramCount <= 4) {
+        const hasBypass = _countDistinctStrings(body, ['bypassPermissions'], 10) > 0;
+        const hasPlan = _countDistinctStrings(body, ['plan'], 10) > 0;
+        if (hasBypass && hasPlan) {
+          // Check for {behavior, updatedInput} return
+          function _hasBehaviorUpdatedInput(n, maxD = 10) {
+            let found = false;
+            function sc(nn, d) {
+              if (!nn || typeof nn !== 'object' || d <= 0 || found) return;
+              if (nn.type === 'ObjectExpression') {
+                const keys = nn.properties
+                  .filter(p => p.type === 'ObjectProperty' && p.key?.type === 'Identifier')
+                  .map(p => p.key.name);
+                if (keys.includes('behavior') && keys.includes('updatedInput')) { found = true; return; }
+              }
+              for (const k of Object.keys(nn)) {
+                if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+                const ch = nn[k];
+                if (Array.isArray(ch)) { for (const c of ch) { if (c?.type) sc(c, d-1); } }
+                else if (ch?.type) sc(ch, d-1);
+              }
+            }
+            sc(n, maxD);
+            return found;
+          }
+          const hasBehaviorUI = _hasBehaviorUpdatedInput(body, 12);
+          // Also check for .mode access (not just string literals)
+          function _hasModeAccess(n, maxD = 8) {
+            function sc(nn, d) {
+              if (!nn || typeof nn !== 'object' || d <= 0) return false;
+              if ((nn.type === 'MemberExpression' || nn.type === 'OptionalMemberExpression') &&
+                  nn.property?.name === 'mode') return true;
+              for (const k of Object.keys(nn)) {
+                if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+                const ch = nn[k];
+                if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && sc(c, d-1)) return true; } }
+                else if (ch?.type) { if (sc(ch, d-1)) return true; }
+              }
+              return false;
+            }
+            return sc(n, maxD);
+          }
+          const hasModeAccess = _hasModeAccess(body);
+          // Check for getAppState call (indicator this is the main permission checker)
+          function _hasGetAppState(n, maxD = 8) {
+            function sc(nn, d) {
+              if (!nn || typeof nn !== 'object' || d <= 0) return false;
+              if (nn.type === 'CallExpression' && nn.callee?.type === 'Identifier' &&
+                  nn.callee.name === 'getAppState') return true;
+              // Also check _.getAppState() pattern
+              if (nn.type === 'CallExpression' && nn.callee?.type === 'MemberExpression' &&
+                  nn.callee.property?.name === 'getAppState') return true;
+              for (const k of Object.keys(nn)) {
+                if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+                const ch = nn[k];
+                if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && sc(c, d-1)) return true; } }
+                else if (ch?.type) { if (sc(ch, d-1)) return true; }
+              }
+              return false;
+            }
+            return sc(n, maxD);
+          }
+          const hasGetAppState = _hasGetAppState(body);
+
+          let conf = 0.4;
+          if (hasBehaviorUI) conf += 0.25;
+          if (hasModeAccess) conf += 0.15;
+          if (hasGetAppState) conf += 0.2;
+          conf = Math.min(conf, 0.95);
+
+          if (!permissionChecker || conf > permissionChecker.confidence) {
+            permissionChecker = { name, node, path, confidence: conf };
+          }
+        }
+      }
+
+      // ── continueSessionFn (async, ≤2 params, reads local JSONL session files,
+      //    handles both continue=true and resume=sessionId) ──
+      // a56 pattern: async, 2 params, loads the most recent session when no ID given,
+      // or a specific session by ID/path. Returns { messages, sessionId, ... }.
+      // Key discriminators:
+      //   - async, not generator
+      //   - ≤2 params
+      //   - handles undefined param (continue case)
+      //   - returns object with 'messages' AND 'sessionId' AND 'deferredToolUse'
+      // This is SEPARATE from resumeSessionFn (which may be network-based)
+      if (node.async && !node.generator && paramCount <= 2) {
+        // Checks both StringLiteral values AND Identifier names for a given string
+        function _hascSC(n, substr, maxD = 10) {
+          function sc(nn, d) {
+            if (!nn || typeof nn !== 'object' || d <= 0) return false;
+            if (nn.type === 'StringLiteral' && typeof nn.value === 'string' && nn.value.includes(substr)) return true;
+            // Also check Identifiers (shorthand object property keys, variable names)
+            if (nn.type === 'Identifier' && nn.name === substr) return true;
+            for (const k of Object.keys(nn)) {
+              if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+              const ch = nn[k];
+              if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && sc(c, d-1)) return true; } }
+              else if (ch?.type) { if (sc(ch, d-1)) return true; }
+            }
+            return false;
+          }
+          return sc(n, maxD);
+        }
+        const hasDeferredToolUse = _hascSC(body, 'deferredToolUse', 10);
+        const hasSessionId = _hascSC(body, 'sessionId', 10);
+        const hasMessages = _hascSC(body, 'messages', 10);
+        // fileHistorySnapshots is a very specific field only in a56, not in lz5
+        const hasFileHistorySnapshots = _hascSC(body, 'fileHistorySnapshots', 10);
+
+        if (hasDeferredToolUse && hasSessionId && hasMessages) {
+          // Check for return object with deferredToolUse key (strongest signal)
+          function _hasReturnWithDTU(n, maxD = 10) {
+            let found = false;
+            function sc(nn, d) {
+              if (!nn || typeof nn !== 'object' || d <= 0 || found) return;
+              if (nn.type === 'ReturnStatement' && nn.argument?.type === 'ObjectExpression') {
+                const retKeys = nn.argument.properties
+                  .filter(p => (p.type === 'ObjectProperty' && p.key?.type === 'Identifier') ||
+                               (p.type === 'ObjectProperty' && p.shorthand))
+                  .map(p => p.key?.name ?? (p.value?.type === 'Identifier' ? p.value.name : null))
+                  .filter(Boolean);
+                if (retKeys.includes('deferredToolUse') && retKeys.includes('messages') && retKeys.includes('sessionId')) {
+                  found = true; return;
+                }
+              }
+              for (const k of Object.keys(nn)) {
+                if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+                const ch = nn[k];
+                if (Array.isArray(ch)) { for (const c of ch) { if (c?.type) sc(c, d-1); } }
+                else if (ch?.type) sc(ch, d-1);
+              }
+            }
+            sc(n, maxD);
+            return found;
+          }
+          const hasDTUReturn = _hasReturnWithDTU(body, 12);
+
+          let conf = 0.3;
+          if (hasDTUReturn) conf += 0.25;
+          // fileHistorySnapshots is THE strongest discriminator for a56 vs lz5
+          if (hasFileHistorySnapshots) conf += 0.35;
+          conf = Math.min(conf, 0.95);
+
+          if (!continueSessionFn || conf > continueSessionFn.confidence) {
+            continueSessionFn = { name, node, path, confidence: conf };
+          }
+        }
+      }
+
+      // ── hookRegistrySetterFn ($66 pattern) ───────────────────────────────────
+      // Push-based hook registry adder. Fingerprint:
+      //   - 1 param, not async, not generator
+      //   - body contains a for...of loop
+      //   - body contains Object.entries() call
+      //   - body contains .push(...) call (spreading into array)
+      //   - body assigns to a .registeredHooks member expression
+      // This is $66() in v2.1.x: pushes hook matchers into v8.registeredHooks.
+      if (!node.async && !node.generator && paramCount === 1) {
+        const bodyStmts = (body?.type === 'BlockStatement') ? body.body : null;
+        if (bodyStmts && bodyStmts.length >= 1) {
+          // Check for for...of loop with Object.entries()
+          function _hasForOfObjectEntries(n, maxD = 6) {
+            if (!n || typeof n !== 'object' || maxD <= 0) return false;
+            if (n.type === 'ForOfStatement') {
+              // Right side should contain Object.entries(...)
+              const right = n.right;
+              if (right?.type === 'CallExpression') {
+                const callee = right.callee;
+                if (callee?.type === 'MemberExpression' &&
+                    callee.object?.type === 'Identifier' && callee.object.name === 'Object' &&
+                    callee.property?.type === 'Identifier' && callee.property.name === 'entries') {
+                  return true;
+                }
+              }
+            }
+            for (const k of Object.keys(n)) {
+              if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+              const ch = n[k];
+              if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && _hasForOfObjectEntries(c, maxD-1)) return true; } }
+              else if (ch?.type) { if (_hasForOfObjectEntries(ch, maxD-1)) return true; }
+            }
+            return false;
+          }
+          // Check for .push(...spread) call
+          function _hasPushSpread(n, maxD = 6) {
+            if (!n || typeof n !== 'object' || maxD <= 0) return false;
+            if (n.type === 'CallExpression') {
+              const callee = n.callee;
+              if (callee?.type === 'MemberExpression' && callee.property?.name === 'push') {
+                // Check at least one argument is a SpreadElement
+                if ((n.arguments ?? []).some(a => a.type === 'SpreadElement')) return true;
+              }
+            }
+            for (const k of Object.keys(n)) {
+              if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+              const ch = n[k];
+              if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && _hasPushSpread(c, maxD-1)) return true; } }
+              else if (ch?.type) { if (_hasPushSpread(ch, maxD-1)) return true; }
+            }
+            return false;
+          }
+          // Check for .registeredHooks member assignment
+          function _hasRegisteredHooksAssign(n, maxD = 6) {
+            if (!n || typeof n !== 'object' || maxD <= 0) return false;
+            if (n.type === 'AssignmentExpression' && n.left?.type === 'MemberExpression' &&
+                n.left.property?.name === 'registeredHooks') return true;
+            // Also check simple LogicalExpression like: x.registeredHooks = x.registeredHooks || {}
+            if (n.type === 'MemberExpression' && n.property?.name === 'registeredHooks') return true;
+            for (const k of Object.keys(n)) {
+              if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+              const ch = n[k];
+              if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && _hasRegisteredHooksAssign(c, maxD-1)) return true; } }
+              else if (ch?.type) { if (_hasRegisteredHooksAssign(ch, maxD-1)) return true; }
+            }
+            return false;
+          }
+
+          const hasForOf = _hasForOfObjectEntries(body, 6);
+          const hasPushSpread = _hasPushSpread(body, 6);
+          const hasRegHooks = _hasRegisteredHooksAssign(body, 6);
+
+          if (hasForOf && hasPushSpread && hasRegHooks) {
+            const conf = 0.95;
+            if (!hookRegistrySetterFn || conf > hookRegistrySetterFn.confidence) {
+              hookRegistrySetterFn = { name, node, path, confidence: conf };
+            }
+          }
+        }
+      }
+
+      // ── allowedSettingSourcesSetterFn (Ga0 pattern) ───────────────────────────
+      // 1-param function that assigns to X.allowedSettingSources = param.
+      // Fingerprint: 1 param, body has single AssignmentExpression with
+      // left = MemberExpression where property.name === 'allowedSettingSources'
+      if (!node.async && !node.generator && paramCount === 1) {
+        const bodyStmts2 = (body?.type === 'BlockStatement') ? body.body : null;
+        if (bodyStmts2?.length === 1) {
+          const stmt2 = bodyStmts2[0];
+          if (
+            stmt2?.type === 'ExpressionStatement' &&
+            stmt2.expression?.type === 'AssignmentExpression' &&
+            stmt2.expression.operator === '=' &&
+            stmt2.expression.left?.type === 'MemberExpression' &&
+            stmt2.expression.left.property?.type === 'Identifier' &&
+            stmt2.expression.left.property.name === 'allowedSettingSources'
+          ) {
+            const conf = 0.9;
+            if (!allowedSettingSourcesSetterFn || conf > allowedSettingSourcesSetterFn.confidence) {
+              allowedSettingSourcesSetterFn = { name, node, path, confidence: conf };
+            }
+          }
+        }
+      }
+
+      // ── getAccountInfoFn (hT6 pattern) ─────────────────────────────────────────
+      // 0-param sync function that returns an object with auth account info.
+      // Fingerprint:
+      //   - 0 params, not async, not generator
+      //   - body returns objects with keys from: tokenSource, apiKeySource,
+      //     organization, email, subscription
+      //   - body contains 'firstParty' string (early return guard)
+      //   - body accesses .emailAddress and .organizationName properties
+      if (paramCount === 0 && !node.async && !node.generator) {
+        const hasFirstParty = _countDistinctStrings(body, ['firstParty'], 4) > 0;
+        if (hasFirstParty) {
+          // Check for properties that are unique to getAccountInformation:
+          // returns object with tokenSource, apiKeySource, email, organization
+          function _hasAuthInfoReturn(n, maxD = 8) {
+            let found = false;
+            function sc(nn, d) {
+              if (!nn || typeof nn !== 'object' || d <= 0 || found) return;
+              if (nn.type === 'ObjectExpression') {
+                const keys = nn.properties
+                  .filter(p => p.type === 'ObjectProperty' && p.key?.type === 'Identifier')
+                  .map(p => p.key.name);
+                // Must have at least 2 of: tokenSource, apiKeySource, organization, email, subscription
+                const authKeys = ['tokenSource', 'apiKeySource', 'organization', 'email', 'subscription'];
+                const matched = authKeys.filter(k => keys.includes(k));
+                if (matched.length >= 2) { found = true; return; }
+              }
+              for (const k of Object.keys(nn)) {
+                if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+                const ch = nn[k];
+                if (Array.isArray(ch)) { for (const c of ch) { if (c?.type) sc(c, d-1); } }
+                else if (ch?.type) sc(ch, d-1);
+              }
+            }
+            sc(n, maxD);
+            return found;
+          }
+          // Check for .emailAddress and .organizationName member access
+          function _hasAuthMemberAccess(n, maxD = 8) {
+            let hasEmail = false, hasOrg = false;
+            function sc(nn, d) {
+              if (!nn || typeof nn !== 'object' || d <= 0) return;
+              if ((nn.type === 'MemberExpression' || nn.type === 'OptionalMemberExpression') &&
+                  nn.property?.type === 'Identifier') {
+                if (nn.property.name === 'emailAddress') hasEmail = true;
+                if (nn.property.name === 'organizationName') hasOrg = true;
+              }
+              for (const k of Object.keys(nn)) {
+                if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+                const ch = nn[k];
+                if (Array.isArray(ch)) { for (const c of ch) { if (c?.type) sc(c, d-1); } }
+                else if (ch?.type) sc(ch, d-1);
+              }
+            }
+            sc(n, maxD);
+            return hasEmail && hasOrg;
+          }
+
+          const hasAuthReturn = _hasAuthInfoReturn(body);
+          const hasMemberAccess = _hasAuthMemberAccess(body);
+
+          if (hasAuthReturn || hasMemberAccess) {
+            let conf = 0.5;
+            if (hasAuthReturn) conf += 0.25;
+            if (hasMemberAccess) conf += 0.2;
+            conf = Math.min(conf, 0.95);
+            if (!getAccountInfoFn || conf > getAccountInfoFn.confidence) {
+              getAccountInfoFn = { name, node, path, confidence: conf };
+            }
+          }
+        }
+      }
+
+      // ── permissionPromptToolFn (Be5/Qz5 pattern) ─────────────────────────────────
+      // 2-4 param sync function containing 'stdio' string and '--permission-prompt-tool'
+      // in an error message (template literal), and .createCanUseTool() call.
+      // Fingerprint: 2-4 params, contains 'stdio' literal, contains
+      // '--permission-prompt-tool' in StringLiteral or TemplateLiteral quasi,
+      // contains 'createCanUseTool' property access.
+      // NOTE: In older cli.js versions this was 2-3 params (Be5), newer versions
+      //       have 4 params (Qz5).  Accept 2-4 to cover both.
+      if (!node.async && !node.generator && paramCount >= 2 && paramCount <= 4) {
+        const hasStdio = _countDistinctStrings(body, ['stdio'], 4) > 0;
+        // '--permission-prompt-tool' may appear in a template literal quasi, not just StringLiteral
+        // Note: it can be deeply nested (depth ~9 in Be5), so use maxD=12
+        function _hasPermPromptToolStr(n, maxD = 12) {
+          if (!n || typeof n !== 'object' || maxD <= 0) return false;
+          if (n.type === 'StringLiteral' && n.value?.includes('--permission-prompt-tool')) return true;
+          if (n.type === 'TemplateElement' && n.value?.raw?.includes('--permission-prompt-tool')) return true;
+          for (const k of Object.keys(n)) {
+            if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+            const ch = n[k];
+            if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && _hasPermPromptToolStr(c, maxD-1)) return true; } }
+            else if (ch?.type) { if (_hasPermPromptToolStr(ch, maxD-1)) return true; }
+          }
+          return false;
+        }
+        const hasPermTool = _hasPermPromptToolStr(body);
+        function _hasCreateCanUseTool(n, maxD = 8) {
+          if (!n || typeof n !== 'object' || maxD <= 0) return false;
+          if (n.type === 'MemberExpression' && n.property?.name === 'createCanUseTool') return true;
+          for (const k of Object.keys(n)) {
+            if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+            const ch = n[k];
+            if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && _hasCreateCanUseTool(c, maxD-1)) return true; } }
+            else if (ch?.type) { if (_hasCreateCanUseTool(ch, maxD-1)) return true; }
+          }
+          return false;
+        }
+        const hasCreateCanUseTool = _hasCreateCanUseTool(body);
+        if (hasStdio && hasPermTool && hasCreateCanUseTool) {
+          const conf = 0.9;
+          if (!permissionPromptToolFn || conf > permissionPromptToolFn.confidence) {
+            permissionPromptToolFn = { name, node, path, confidence: conf };
+          }
+        }
+      }
+    },
+  });
+
+  // ── mcpConnectFn (be/vx pattern) ──────────────────────────────────────────────
+  //
+  // Pattern A (older cli.js): top-level VariableDeclaration where init is a
+  //   direct wrapper call with an async function as the first argument:
+  //     var be = t0(async(A,B,Q) => { ... 'SDK servers should be handled' ... })
+  //
+  // Pattern B (newer cli.js): top-level lazy module wrapper where an assignment
+  //   inside the wrapper body assigns the result of a wrapper call with async fn:
+  //     var Tf = L(() => { ... vx = Y1(async(A,B,Q) => { ... SDK string ... }) })
+  //
+  // Discriminating strings in the async function body (both patterns):
+  //   - 'SDK servers should be handled in print.ts'
+  //   - 'sse-ide' AND 'ws-ide' type checks
+  //
+  // Strategy: first try Pattern A (fast, no traverse); if not found, use traverse
+  // to locate the AssignmentExpression containing an async fn with the SDK string.
+  //
+  // Note: _scanForString is defined below (hoisted function declaration).
+
+  // Pattern A: top-level VariableDeclaration with direct async arg
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'VariableDeclaration') continue;
+    for (const decl of stmt.declarations) {
+      if (decl.id?.type !== 'Identifier') continue;
+      const init = decl.init;
+      if (!init || init.type !== 'CallExpression') continue;
+      const arg0 = init.arguments?.[0];
+      if (!arg0 || (!arg0.async)) continue;
+      const fn = arg0;
+      const fnBody = fn.body;
+      if (!fnBody) continue;
+      // Check for the discriminating strings
+      const hasSdkHandled = _scanForString(fnBody, 'SDK servers should be handled in print.ts', 12);
+      if (!hasSdkHandled) continue;
+      const hasSseIde = _countDistinctStrings(fnBody, ['sse-ide'], 8) > 0;
+      const hasWsIde = _countDistinctStrings(fnBody, ['ws-ide'], 8) > 0;
+      const conf = 0.5 + (hasSseIde ? 0.2 : 0) + (hasWsIde ? 0.2 : 0);
+      if (!mcpConnectFn || conf > mcpConnectFn.confidence) {
+        mcpConnectFn = { name: decl.id.name, node: fn, path: null, confidence: conf };
+      }
+    }
+  }
+
+  // Pattern B: traverse looking for AssignmentExpression with async fn arg (new v2.x pattern)
+  if (!mcpConnectFn) {
+    traverse(ast, {
+      AssignmentExpression(path) {
+        const node = path.node;
+        if (node.operator !== '=') return;
+        const left = node.left;
+        const right = node.right;
+        // right must be a CallExpression whose first arg is async
+        if (!right || right.type !== 'CallExpression') return;
+        const arg0 = right.arguments?.[0];
+        if (!arg0 || !arg0.async) return;
+        const fnBody = arg0.body;
+        if (!fnBody) return;
+        // Check discriminating strings
+        const hasSdkHandled = _scanForString(fnBody, 'SDK servers should be handled in print.ts', 15);
+        if (!hasSdkHandled) return;
+        const hasSseIde = _countDistinctStrings(fnBody, ['sse-ide'], 10) > 0;
+        const hasWsIde = _countDistinctStrings(fnBody, ['ws-ide'], 10) > 0;
+        const conf = 0.5 + (hasSseIde ? 0.2 : 0) + (hasWsIde ? 0.2 : 0);
+        // Get the variable name being assigned
+        let name = null;
+        if (left.type === 'Identifier') name = left.name;
+        if (!name) return;
+        if (!mcpConnectFn || conf > mcpConnectFn.confidence) {
+          mcpConnectFn = { name, node: arg0, path: null, confidence: conf };
+        }
+      }
+    });
+  }
+
+  // ── hookClearFn (Jj5 pattern) ────────────────────────────────────────────────
+  //
+  // The hook registry clearer: 0-param function that sets v8.registeredHooks = null.
+  // Fingerprint:
+  //   - 0 params, not async, not generator
+  //   - single statement: assignment of null to <obj>.registeredHooks
+  //   - Only top-level FunctionDeclarations (scan program body directly)
+  //
+  // This is Jj5() in v2.1.x.
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'FunctionDeclaration') continue;
+    if (!stmt.id?.name) continue;
+    if ((stmt.params ?? []).length !== 0) continue;
+    const bodyStmts = stmt.body?.body ?? [];
+    if (bodyStmts.length !== 1) continue;
+    const s = bodyStmts[0];
+    if (
+      s?.type === 'ExpressionStatement' &&
+      s.expression?.type === 'AssignmentExpression' &&
+      s.expression.operator === '=' &&
+      s.expression.left?.type === 'MemberExpression' &&
+      s.expression.left.property?.name === 'registeredHooks' &&
+      s.expression.right?.type === 'NullLiteral'
+    ) {
+      const conf = 0.95;
+      if (!hookClearFn || conf > hookClearFn.confidence) {
+        hookClearFn = { name: stmt.id.name, node: stmt, path: null, confidence: conf };
+      }
+    }
+  }
+
+  // ── createLinkedTransportPair (gfz pattern) ──────────────────────────────────
+  //
+  // 0-param function that creates two linked $c1 transport instances and returns them
+  // as a [client, server] pair. Used for in-process MCP server connections.
+  //
+  // Fingerprint:
+  //   - 0 params, not async, not generator
+  //   - body has exactly 2-3 statements
+  //   - creates two instances with `new <class>()` using the same constructor
+  //   - calls ._setPeer() on each with the other
+  //   - returns [q, K] (array of two identifiers)
+  //
+  // Also look for the module export object: { createLinkedTransportPair: () => gfz }
+  // Strategy: scan program body for FunctionDeclaration matching the fingerprint.
+  //
+  // This is gfz() in v2.1.x.
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'FunctionDeclaration') continue;
+    if (!stmt.id?.name) continue;
+    if ((stmt.params ?? []).length !== 0) continue;
+    const bodyStmts = stmt.body?.body ?? [];
+    if (bodyStmts.length < 1 || bodyStmts.length > 4) continue;
+
+    // Must have a return statement that returns an ArrayExpression with 2 identifiers.
+    // The return may be:
+    //   - Direct: return [q, K]
+    //   - Sequence: return q._setPeer(K), K._setPeer(q), [q, K]
+    // In both cases, we find the ArrayExpression.
+    const retStmt = bodyStmts.find(s => s.type === 'ReturnStatement');
+    if (!retStmt) continue;
+    const retArg = retStmt.argument;
+    let retArray = null;
+    if (retArg?.type === 'ArrayExpression') {
+      retArray = retArg;
+    } else if (retArg?.type === 'SequenceExpression') {
+      const exprs = retArg.expressions ?? [];
+      const last = exprs[exprs.length - 1];
+      if (last?.type === 'ArrayExpression') retArray = last;
+    }
+    if (!retArray || retArray.elements?.length !== 2) continue;
+    if (!retArray.elements.every(e => e?.type === 'Identifier')) continue;
+
+    // Must contain a ._setPeer() call
+    let hasSSetPeer = false;
+    function _hasSetPeer(n, maxD = 4) {
+      if (!n || typeof n !== 'object' || maxD <= 0) return false;
+      if (n.type === 'CallExpression') {
+        const callee = n.callee;
+        if ((callee?.type === 'MemberExpression' || callee?.type === 'OptionalMemberExpression') &&
+            callee.property?.name === '_setPeer') return true;
+      }
+      for (const k of Object.keys(n)) {
+        if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+        const ch = n[k];
+        if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && _hasSetPeer(c, maxD-1)) return true; } }
+        else if (ch?.type) { if (_hasSetPeer(ch, maxD-1)) return true; }
+      }
+      return false;
+    }
+    hasSSetPeer = _hasSetPeer(stmt.body, 5);
+    if (!hasSSetPeer) continue;
+
+    // Must use `new` expression (creates transport instances)
+    let hasNew = false;
+    function _hasNewExpr(n, maxD = 4) {
+      if (!n || typeof n !== 'object' || maxD <= 0) return false;
+      if (n.type === 'NewExpression') return true;
+      for (const k of Object.keys(n)) {
+        if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+        const ch = n[k];
+        if (Array.isArray(ch)) { for (const c of ch) { if (c?.type && _hasNewExpr(c, maxD-1)) return true; } }
+        else if (ch?.type) { if (_hasNewExpr(ch, maxD-1)) return true; }
+      }
+      return false;
+    }
+    hasNew = _hasNewExpr(stmt.body, 5);
+    if (!hasNew) continue;
+
+    const conf = 0.92;
+    if (!createLinkedTransportPairFn || conf > createLinkedTransportPairFn.confidence) {
+      createLinkedTransportPairFn = { name: stmt.id.name, node: stmt, path: null, confidence: conf };
+    }
+  }
+
+  // ── defaultModelFn sub-pass: find the function called as mainLoopModel: fn() ──
+  //
+  // Strategy: scan the appStateFactory's body (and any other function that
+  // contains `mainLoopModel`) for ObjectProperty nodes whose key is
+  // 'mainLoopModel' and whose value is a CallExpression.  The callee of that
+  // call is the defaultModelFn candidate.
+  //
+  // We also look for zero-arg functions that:
+  //   1. Have exactly 3 statements in their body
+  //   2. Declare a variable via a call
+  //   3. Do an if-null-check returning another call
+  //   4. Have a final fallback return call
+  // This matches the RZ pattern precisely.
+
+  traverse(ast, {
+    ObjectProperty(path) {
+      const keyNode = path.node.key;
+      if (keyNode?.type !== 'Identifier' || keyNode.name !== 'mainLoopModel') return;
+      const valNode = path.node.value;
+      if (valNode?.type !== 'CallExpression') return;
+      // The callee should be a zero-arg function call
+      const callee = valNode.callee;
+      if ((callee?.type !== 'Identifier') || valNode.arguments.length !== 0) return;
+      const fnName = callee.name;
+      if (!fnName) return;
+      // Set this as the defaultModelFn with high confidence
+      if (!defaultModelFn || 0.9 > defaultModelFn.confidence) {
+        // We store just the name for now — we'll look up the node separately
+        defaultModelFn = { name: fnName, node: null, path: null, confidence: 0.9 };
+      }
+    },
+  });
+
+  // If we found a name via the ObjectProperty scan, look up the actual node
+  if (defaultModelFn?.name && !defaultModelFn.node) {
+    const targetName = defaultModelFn.name;
+    traverse(ast, {
+      'FunctionDeclaration|FunctionExpression|ArrowFunctionExpression'(path) {
+        const node = path.node;
+        let name = null;
+        if (node.id?.name) name = node.id.name;
+        else if (
+          t.isVariableDeclarator(path.parent) &&
+          t.isIdentifier(path.parent.id)
+        ) name = path.parent.id.name;
+        if (name !== targetName) return;
+        defaultModelFn = { name, node, path, confidence: 0.9 };
+        path.stop();
+      },
+    });
+  }
+
+  // ── commandsArrayVar: find top-level lazy-init var whose arrow returns a large
+  //    array of command objects (v2.0.x pattern: rTB = t0(() => [...cmd refs...]))
+  //    OR an async commands-aggregator function (v2.1.x pattern: Q0(cwd))
+  // ────────────────────────────────────────────────────────────────────────────
+
+  // Pattern A (v2.0.x): top-level var = lazyWrapper(() => [identifiers...])
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'VariableDeclaration') continue;
+    for (const decl of stmt.declarations) {
+      if (decl.id?.type !== 'Identifier') continue;
+      const init = decl.init;
+      if (!init || init.type !== 'CallExpression') continue;
+      const arg0 = init.arguments?.[0];
+      if (!arg0 || arg0.type !== 'ArrowFunctionExpression') continue;
+      // The arrow's body should be an array expression (possibly parenthesized)
+      const arrowBody = arg0.body;
+      if (arrowBody?.type !== 'ArrayExpression') continue;
+      const cmdCount = _isCommandArrayContent(arrowBody);
+      if (cmdCount >= 5) {
+        const conf = Math.min(0.5 + cmdCount * 0.04, 0.95);
+        if (!commandsArrayVar || conf > commandsArrayVar.confidence) {
+          commandsArrayVar = { name: decl.id.name, confidence: conf };
+        }
+      }
+    }
+  }
+
+  // Pattern B (v2.1.x): async named function(cwd) that aggregates built-in + custom commands
+  // Fingerprint: async, 1 named param, body is a BlockStatement that:
+  //   1. Has an await call (calls the base commands loader async)
+  //   2. Has a ReturnStatement returning an ArrayExpression (or spread array)
+  //   3. Has a CallExpression with callee.property.name === 'findIndex' somewhere
+  //   4. Has a CallExpression with callee.property.name === 'filter' somewhere
+  // This matches the Q0 pattern: returns deduped merge of built-in and custom commands.
+  if (!commandsArrayVar) {
+    /**
+     * Recursively check if a node contains a MemberExpression callee with given property.
+     */
+    function _hasMethodCall(node, methodName, maxD = 8) {
+      if (!node || typeof node !== 'object' || maxD <= 0) return false;
+      if (node.type === 'CallExpression') {
+        const callee = node.callee;
+        if (callee?.type === 'MemberExpression' && callee.property?.name === methodName) return true;
+        if (callee?.type === 'OptionalMemberExpression' && callee.property?.name === methodName) return true;
+      }
+      for (const k of Object.keys(node)) {
+        if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+        const ch = node[k];
+        if (Array.isArray(ch)) {
+          for (const c of ch) { if (c?.type && _hasMethodCall(c, methodName, maxD-1)) return true; }
+        } else if (ch?.type) {
+          if (_hasMethodCall(ch, methodName, maxD-1)) return true;
+        }
+      }
+      return false;
+    }
+
+    /**
+     * Check if a body has an await expression anywhere.
+     */
+    function _hasAwait(node, maxD = 6) {
+      if (!node || typeof node !== 'object' || maxD <= 0) return false;
+      if (node.type === 'AwaitExpression') return true;
+      for (const k of Object.keys(node)) {
+        if (k === 'loc' || k === 'start' || k === 'end' || k === 'type') continue;
+        const ch = node[k];
+        if (Array.isArray(ch)) {
+          for (const c of ch) { if (c?.type && _hasAwait(c, maxD-1)) return true; }
+        } else if (ch?.type) {
+          if (_hasAwait(ch, maxD-1)) return true;
+        }
+      }
+      return false;
+    }
+
+    /**
+     * Check if a body has a ReturnStatement returning a spread/concat array.
+     */
+    function _hasReturnArray(body) {
+      if (body?.type !== 'BlockStatement') return false;
+      for (const stmt of body.body ?? []) {
+        if (stmt.type !== 'ReturnStatement') continue;
+        const arg = stmt.argument;
+        if (!arg) continue;
+        // return [...a, ...b] or return [...a, ...b, ...c]
+        if (arg.type === 'ArrayExpression') return true;
+        // return z (a variable holding an array) — less certain but acceptable
+        if (arg.type === 'Identifier') return true;
+      }
+      return false;
+    }
+
+    traverse(ast, {
+      'FunctionDeclaration|FunctionExpression'(path) {
+        const node = path.node;
+        if (!node.async || node.generator) return;
+        if ((node.params ?? []).length !== 1) return;
+        let name = node.id?.name ?? null;
+        if (!name) return;
+        const body = node.body;
+        if (body?.type !== 'BlockStatement') return;
+        // Guard: body should be small (commands aggregator is compact, not a mega function)
+        if ((body.body ?? []).length > 20) return;
+
+        const hasFindIndex = _hasMethodCall(body, 'findIndex');
+        const hasFilter = _hasMethodCall(body, 'filter');
+        const hasAwait = _hasAwait(body);
+        const hasRetArr = _hasReturnArray(body);
+
+        if (hasFindIndex && hasFilter && hasAwait && hasRetArr) {
+          const conf = 0.85;
+          if (!commandsArrayVar || conf > commandsArrayVar.confidence) {
+            commandsArrayVar = { name, confidence: conf };
+          }
+          path.stop();
+        }
+      },
+    });
+  }
+
+  // ── Pass D: find the config enabler function (h$6 pattern) ─────────────────
+  //
+  // The config enabler is a FunctionDeclaration that:
+  //   1. Contains the string literal "enable_configs_started"
+  //   2. Sets a boolean guard to true
+  //
+  // Finding it allows us to call it before agentLoop, ensuring the config
+  // guard is lifted even in SDK mode.
+  let configEnabler = null;
+
+  // Use a simple loop over program body — we only care about FunctionDeclarations
+  // that contain the fingerprint string.  We avoid traverse() here to keep this
+  // pass self-contained and fast.
+  function _scanForString(node, target, maxDepth = 8) {
+    if (!node || typeof node !== 'object' || maxDepth <= 0) return false;
+    if (node.type === 'StringLiteral' && node.value === target) return true;
+    for (const key of Object.keys(node)) {
+      if (key === 'loc' || key === 'start' || key === 'end' || key === 'type') continue;
+      const child = node[key];
+      if (Array.isArray(child)) {
+        for (const c of child) { if (c?.type && _scanForString(c, target, maxDepth - 1)) return true; }
+      } else if (child?.type) {
+        if (_scanForString(child, target, maxDepth - 1)) return true;
+      }
+    }
+    return false;
+  }
+
+  for (const stmt of ast.program.body) {
+    if (stmt.type !== 'FunctionDeclaration') continue;
+    if (!stmt.id?.name) continue;
+    // The function must contain "enable_configs_started" string
+    if (_scanForString(stmt.body, 'enable_configs_started')) {
+      configEnabler = stmt.id.name;
+      break;
+    }
+  }
+
+  // ── Pick best candidates ────────────────────────────────────────────────────
+
+  // Sort by confidence (desc), pick the best
+  agentLoopCandidates.sort((a, b) => b.confidence - a.confidence);
+  appStateCandidates.sort((a, b) => b.confidence - a.confidence);
+
+  const bestAgentLoop = agentLoopCandidates[0] ?? null;
+  const bestAppState = appStateCandidates[0] ?? null;
+
+  // Module wrapper: highest-count name
+  let moduleWrapper = null;
+  let maxCount = 0;
+  for (const [name, count] of wrapperCounts) {
+    if (count > maxCount) {
+      maxCount = count;
+      moduleWrapper = { name, count };
+    }
+  }
+
+  // ── Confidence gate ────────────────────────────────────────────────────────
+  if (!bestAgentLoop || bestAgentLoop.confidence < 0.5) {
+    const allCandidateInfo = agentLoopCandidates.slice(0, 5).map(c =>
+      `  ${c.name ?? '(anon)'}: confidence=${c.confidence.toFixed(2)}, ` +
+      `matchedKeys=[${c.matchedKeys?.join(', ')}]`
+    ).join('\n');
+
+    throw new Error(
+      `elwood: agentLoop not found with sufficient confidence.\n` +
+      `Required confidence ≥ 0.5, best found: ${bestAgentLoop ? bestAgentLoop.confidence.toFixed(2) : 'none'}\n` +
+      `\nTop candidates:\n${allCandidateInfo || '  (none)'}\n\n` +
+      `Run scripts/investigate-ast.js for diagnostic output.`
+    );
+  }
+
+  return {
+    agentLoop: {
+      name: bestAgentLoop.name,
+      node: bestAgentLoop.node,
+      path: bestAgentLoop.path,
+      confidence: bestAgentLoop.confidence,
+      paramKeys: bestAgentLoop.paramKeys,
+    },
+    appStateFactory: bestAppState
+      ? {
+          name: bestAppState.name,
+          node: bestAppState.node,
+          path: bestAppState.path,
+          confidence: bestAppState.confidence,
+        }
+      : null,
+    topLevelGuard,
+    moduleWrapper,
+    lazyInitWrappers,
+    configEnabler,
+    // ── Pass E results ────────────────────────────────────────────────────────
+    defaultModelFn:      defaultModelFn     ? { name: defaultModelFn.name,     node: defaultModelFn.node,     path: defaultModelFn.path,     confidence: defaultModelFn.confidence }     : null,
+    supportedModelsFn:   supportedModelsFn  ? { name: supportedModelsFn.name,  node: supportedModelsFn.node,  path: supportedModelsFn.path,  confidence: supportedModelsFn.confidence }  : null,
+    setPermissionModeFn: setPermissionModeFn? { name: setPermissionModeFn.name, node: setPermissionModeFn.node,path: setPermissionModeFn.path, confidence: setPermissionModeFn.confidence } : null,
+    buildPermissionCtxFn:buildPermissionCtxFn?{ name: buildPermissionCtxFn.name,node: buildPermissionCtxFn.node,path: buildPermissionCtxFn.path,confidence: buildPermissionCtxFn.confidence}: null,
+    resumeSessionFn:     resumeSessionFn    ? { name: resumeSessionFn.name,     node: resumeSessionFn.node,    path: resumeSessionFn.path,    confidence: resumeSessionFn.confidence }    : null,
+    commandsArrayVar:    commandsArrayVar   ? { name: commandsArrayVar.name,    confidence: commandsArrayVar.confidence }                                                                 : null,
+    mcpStateShape:       { accessPatterns: ['mcp.clients'] },
+    // New Pass F results
+    permissionChecker:   permissionChecker  ? { name: permissionChecker.name,   node: permissionChecker.node,  path: permissionChecker.path,  confidence: permissionChecker.confidence }  : null,
+    continueSessionFn:   continueSessionFn  ? { name: continueSessionFn.name,   node: continueSessionFn.node,  path: continueSessionFn.path,  confidence: continueSessionFn.confidence }   : null,
+    // New Pass G results (gap fixes)
+    hookRegistrySetterFn:         hookRegistrySetterFn         ? { name: hookRegistrySetterFn.name,         confidence: hookRegistrySetterFn.confidence }         : null,
+    hookClearFn:                  hookClearFn                  ? { name: hookClearFn.name,                  confidence: hookClearFn.confidence }                  : null,
+    allowedSettingSourcesSetterFn: allowedSettingSourcesSetterFn ? { name: allowedSettingSourcesSetterFn.name, confidence: allowedSettingSourcesSetterFn.confidence } : null,
+    mcpConnectFn:                 mcpConnectFn                 ? { name: mcpConnectFn.name,                 confidence: mcpConnectFn.confidence }                 : null,
+    permissionPromptToolFn:       permissionPromptToolFn       ? { name: permissionPromptToolFn.name,       confidence: permissionPromptToolFn.confidence }       : null,
+    createLinkedTransportPairFn:  createLinkedTransportPairFn  ? { name: createLinkedTransportPairFn.name,  confidence: createLinkedTransportPairFn.confidence }  : null,
+    getAccountInfoFn:             getAccountInfoFn             ? { name: getAccountInfoFn.name,             confidence: getAccountInfoFn.confidence }             : null,
+  };
+}
+
+// ---------------------------------------------------------------------------
+// injectCliExports
+// ---------------------------------------------------------------------------
+
+/**
+ * Mutate `ast` in-place to:
+ *
+ *   A. Wrap the top-level guard statement (CLI auto-start) so it only runs
+ *      when `globalThis.__elwoodImporting` is falsy:
+ *
+ *        if (!globalThis.__elwoodImporting) { <original statement> }
+ *
+ *   B. Append a register call at the END of the program body:
+ *
+ *        if (typeof globalThis.__elwoodRegister === 'function') {
+ *          globalThis.__elwoodRegister({
+ *            agentLoop:       typeof <name> !== 'undefined' ? <name> : undefined,
+ *            appStateFactory: typeof <name> !== 'undefined' ? <name> : undefined,
+ *          });
+ *        }
+ *
+ * Uses `@babel/types` builders throughout — no string templates.
+ *
+ * @param {import('@babel/types').File} ast
+ * @param {CliExports} found  - result of findCliExports()
+ */
+function injectCliExports(ast, found) {
+  // ── A. Suppress auto-execution ────────────────────────────────────────────
+  if (found.topLevelGuard?.path) {
+    const guardPath = found.topLevelGuard.path;
+    const originalNode = found.topLevelGuard.node;
+
+    // Build: !globalThis.__elwoodImporting
+    const notImporting = t.unaryExpression(
+      '!',
+      t.memberExpression(
+        t.identifier('globalThis'),
+        t.identifier('__elwoodImporting')
+      )
+    );
+
+    // Build: if (!globalThis.__elwoodImporting) { <original statement> }
+    const wrapped = t.ifStatement(
+      notImporting,
+      t.blockStatement([t.cloneNode(originalNode, true)])
+    );
+
+    try {
+      guardPath.replaceWith(wrapped);
+    } catch {
+      // Fall back: try removing and re-inserting if replaceWith fails
+      try {
+        guardPath.remove();
+        ast.program.body.push(wrapped);
+      } catch {
+        // Best-effort — if both fail, append to program body
+        ast.program.body.push(wrapped);
+      }
+    }
+  } else if (found.topLevelGuard?.node) {
+    // We have the node but not the path (found via raw loop) — locate it in
+    // program body and wrap it manually
+    const idx = ast.program.body.indexOf(found.topLevelGuard.node);
+    if (idx !== -1) {
+      const notImporting = t.unaryExpression(
+        '!',
+        t.memberExpression(
+          t.identifier('globalThis'),
+          t.identifier('__elwoodImporting')
+        )
+      );
+      const wrapped = t.ifStatement(
+        notImporting,
+        t.blockStatement([t.cloneNode(found.topLevelGuard.node, true)])
+      );
+      ast.program.body[idx] = wrapped;
+    }
+  }
+
+  // ── B. Inject register call at end of program body ────────────────────────
+  //
+  //   if (typeof globalThis.__elwoodRegister === 'function') {
+  //     globalThis.__elwoodRegister({
+  //       agentLoop:       typeof <name> !== 'undefined' ? <name> : undefined,
+  //       appStateFactory: typeof <name> !== 'undefined' ? <name> : undefined,
+  //     });
+  //   }
+
+  /**
+   * Build:  `typeof <name> !== 'undefined' ? <name> : undefined`
+   * If name is null, just build `undefined`.
+   */
+  function safeRef(name) {
+    if (!name) return t.identifier('undefined');
+    return t.conditionalExpression(
+      t.binaryExpression(
+        '!==',
+        t.unaryExpression('typeof', t.identifier(name)),
+        t.stringLiteral('undefined')
+      ),
+      t.identifier(name),
+      t.identifier('undefined')
+    );
+  }
+
+  const agentLoopName                   = found.agentLoop?.name                   ?? null;
+  const appStateFactoryName             = found.appStateFactory?.name             ?? null;
+  const defaultModelFnName              = found.defaultModelFn?.name              ?? null;
+  const supportedModelsFnName           = found.supportedModelsFn?.name           ?? null;
+  const setPermModeFnName               = found.setPermissionModeFn?.name         ?? null;
+  const buildPermCtxFnName              = found.buildPermissionCtxFn?.name        ?? null;
+  const resumeSessionFnName             = found.resumeSessionFn?.name             ?? null;
+  const commandsArrayVarName            = found.commandsArrayVar?.name            ?? null;
+  const permissionCheckerName           = found.permissionChecker?.name           ?? null;
+  const continueSessionFnName           = found.continueSessionFn?.name           ?? null;
+  const hookRegistrySetterFnName        = found.hookRegistrySetterFn?.name        ?? null;
+  const hookClearFnName                 = found.hookClearFn?.name                 ?? null;
+  const allowedSettingSourcesSetterName = found.allowedSettingSourcesSetterFn?.name ?? null;
+  const mcpConnectFnName                = found.mcpConnectFn?.name                ?? null;
+  const permissionPromptToolFnName      = found.permissionPromptToolFn?.name      ?? null;
+  const createLinkedTransportPairFnName = found.createLinkedTransportPairFn?.name  ?? null;
+  const getAccountInfoFnName             = found.getAccountInfoFn?.name             ?? null;
+
+  /**
+   * Build the register object properties list, including all discovered symbols.
+   * Each property uses safeRef() so that missing symbols degrade to `undefined`.
+   *
+   * @param {string|null} sessionClassName - filled in during the second pass
+   * @returns {import('@babel/types').ObjectProperty[]}
+   */
+  function buildRegisterProps(sessionClassName) {
+    const props = [
+      t.objectProperty(t.identifier('agentLoop'),                  safeRef(agentLoopName)),
+      t.objectProperty(t.identifier('appStateFactory'),            safeRef(appStateFactoryName)),
+      t.objectProperty(t.identifier('SessionClass'),               safeRef(sessionClassName ?? null)),
+      t.objectProperty(t.identifier('defaultModelFn'),             safeRef(defaultModelFnName)),
+      t.objectProperty(t.identifier('supportedModelsFn'),          safeRef(supportedModelsFnName)),
+      t.objectProperty(t.identifier('setPermissionModeFn'),        safeRef(setPermModeFnName)),
+      t.objectProperty(t.identifier('buildPermissionCtxFn'),       safeRef(buildPermCtxFnName)),
+      t.objectProperty(t.identifier('resumeSessionFn'),            safeRef(resumeSessionFnName)),
+      t.objectProperty(t.identifier('permissionChecker'),          safeRef(permissionCheckerName)),
+      t.objectProperty(t.identifier('continueSessionFn'),          safeRef(continueSessionFnName)),
+      // Gap-fix exports
+      t.objectProperty(t.identifier('hookRegistrySetterFn'),           safeRef(hookRegistrySetterFnName)),
+      t.objectProperty(t.identifier('hookClearFn'),                    safeRef(hookClearFnName)),
+      t.objectProperty(t.identifier('allowedSettingSourcesSetterFn'),  safeRef(allowedSettingSourcesSetterName)),
+      t.objectProperty(t.identifier('mcpConnectFn'),                   safeRef(mcpConnectFnName)),
+      t.objectProperty(t.identifier('permissionPromptToolFn'),         safeRef(permissionPromptToolFnName)),
+      t.objectProperty(t.identifier('createLinkedTransportPair'),      safeRef(createLinkedTransportPairFnName)),
+      t.objectProperty(t.identifier('getAccountInfoFn'),             safeRef(getAccountInfoFnName)),
+    ];
+    // commandsArrayVar is a lazy-init wrapper — expose as commandsFn so callers
+    // can call it to get the array.
+    props.push(t.objectProperty(t.identifier('commandsFn'), safeRef(commandsArrayVarName)));
+    return props;
+  }
+
+  // Build the object to pass to __elwoodRegister (first pass — no SessionClass yet)
+  const registerArg = t.objectExpression(buildRegisterProps(null));
+
+  // Build: globalThis.__elwoodRegister({ ... })
+  const registerCall = t.callExpression(
+    t.memberExpression(
+      t.identifier('globalThis'),
+      t.identifier('__elwoodRegister')
+    ),
+    [registerArg]
+  );
+
+  // Build: typeof globalThis.__elwoodRegister === 'function'
+  const registerGuard = t.binaryExpression(
+    '===',
+    t.unaryExpression(
+      'typeof',
+      t.memberExpression(
+        t.identifier('globalThis'),
+        t.identifier('__elwoodRegister')
+      )
+    ),
+    t.stringLiteral('function')
+  );
+
+  // ── B-pre. Inject initialization calls BEFORE the register call ──────────
+  //
+  // 1. Config enabler: call the function that sets the config-access guard
+  //    (e.g. h$6()) so that config can be read during agentLoop.  This is
+  //    safe to call even when no config file exists — the function handles
+  //    ENOENT gracefully and uses built-in defaults.
+  //
+  // 2. Lazy-init wrappers: some null-initialized vars (like jN, the LRU
+  //    cache node class) are only assigned inside L(...) lazy-init wrappers.
+  //    Calling them ensures those classes are initialized before agentLoop runs.
+  //
+  // All calls are guarded with `typeof <name> === 'function'` for safety.
+
+  /**
+   * Build:  `if (typeof <name> === 'function') { try { <name>(); } catch {} }`
+   * The try/catch prevents one failing init from aborting the whole chain.
+   */
+  function buildSafeCall(name) {
+    const guard = t.binaryExpression(
+      '===',
+      t.unaryExpression('typeof', t.identifier(name)),
+      t.stringLiteral('function')
+    );
+    const call = t.callExpression(t.identifier(name), []);
+    // Wrap in try/catch so one failure doesn't abort all inits
+    const tryCatch = t.tryStatement(
+      t.blockStatement([t.expressionStatement(call)]),
+      t.catchClause(t.identifier('_elwood_e'), t.blockStatement([]))
+    );
+    return t.ifStatement(guard, t.blockStatement([tryCatch]));
+  }
+
+  for (const wrapperName of found.lazyInitWrappers ?? []) {
+    ast.program.body.push(buildSafeCall(wrapperName));
+  }
+
+  // Call the config enabler AFTER all lazy-init wrappers so that dependencies
+  // like YW (set inside one of the L wrappers) are available.
+  if (found.configEnabler) {
+    ast.program.body.push(buildSafeCall(found.configEnabler));
+  }
+
+  // ── B-mid. Patch be() (mcpConnectFn) to handle type="sdk" in-process ────────
+  //
+  // The be() function throws for type="sdk":
+  //   else if (K.type === "sdk") throw new Error("SDK servers should be handled in print.ts");
+  //
+  // We replace this with a call to a globally-registered handler:
+  //   else if (K.type === "sdk") {
+  //     if (typeof globalThis.__elwoodHandleSdkMcp === 'function') {
+  //       O = await globalThis.__elwoodHandleSdkMcp(q, K);
+  //     } else {
+  //       throw new Error("SDK servers should be handled in print.ts");
+  //     }
+  //   }
+  //
+  // Variable names are extracted DYNAMICALLY from the AST:
+  //   - configVarName:     from the IfStatement test (K.type === "sdk" → K)
+  //   - serverNameVarName: first param of the enclosing async function (q)
+  //   - transportVarName:  the first VariableDeclarator in the enclosing try block
+  //                        whose init is absent (let O, A=...) → O
+  //
+  // __elwoodHandleSdkMcp(name, config) is installed by query.js before agentLoop.
+  // It must return the CLIENT-SIDE transport object and also connect the server side.
+  try {
+    traverse(ast, {
+      StringLiteral(path) {
+        if (path.node.value !== 'SDK servers should be handled in print.ts') return;
+        // Walk up to the IfStatement that contains this throw
+        let ifPath = path;
+        while (ifPath && ifPath.node.type !== 'IfStatement') {
+          ifPath = ifPath.parentPath;
+        }
+        if (!ifPath || ifPath.node.type !== 'IfStatement') return;
+
+        // ── Extract configVarName from the IfStatement test ──────────────────
+        // Test shape: K.type === "sdk"
+        // The test is a BinaryExpression with left = MemberExpression(K, "type")
+        let configVarName = 'K'; // safe default
+        const testNode = ifPath.node.test;
+        if (
+          testNode?.type === 'BinaryExpression' &&
+          (testNode.operator === '===' || testNode.operator === '==') &&
+          testNode.left?.type === 'MemberExpression' &&
+          testNode.left.property?.name === 'type' &&
+          testNode.left.object?.type === 'Identifier'
+        ) {
+          configVarName = testNode.left.object.name;
+        }
+
+        // ── Extract serverNameVarName from enclosing function's first param ──
+        // Walk up to enclosing async function (ArrowFunctionExpression or FunctionExpression)
+        let serverNameVarName = 'q'; // safe default
+        let fnPath = ifPath;
+        while (fnPath && !['ArrowFunctionExpression', 'FunctionExpression', 'FunctionDeclaration'].includes(fnPath.node.type)) {
+          fnPath = fnPath.parentPath;
+        }
+        if (fnPath) {
+          const firstParam = fnPath.node.params?.[0];
+          if (firstParam?.type === 'Identifier') {
+            serverNameVarName = firstParam.name;
+          }
+        }
+
+        // ── Extract transportVarName from the try block ───────────────────────
+        // Look for a TryStatement ancestor; the first statement in its block should
+        // be a VariableDeclaration with the first declarator having no init (e.g. let O, A=...)
+        let transportVarName = 'O'; // safe default
+        let tryPath = ifPath;
+        while (tryPath && tryPath.node.type !== 'TryStatement') {
+          tryPath = tryPath.parentPath;
+        }
+        if (tryPath) {
+          const tryBodyStmts = tryPath.node.block?.body ?? [];
+          for (const stmt of tryBodyStmts) {
+            if (stmt.type === 'VariableDeclaration') {
+              // First declarator with no initializer (e.g. `let O, A = MP()`)
+              const noInitDecl = stmt.declarations.find(d => !d.init && d.id?.type === 'Identifier');
+              if (noInitDecl) {
+                transportVarName = noInitDecl.id.name;
+                break;
+              }
+            }
+          }
+        }
+
+        // Build the handler guard:
+        //   if (typeof globalThis.__elwoodHandleSdkMcp === 'function') {
+        //     <transport> = await globalThis.__elwoodHandleSdkMcp(<serverName>, <config>);
+        //   } else {
+        //     throw new Error("SDK servers should be handled in print.ts");
+        //   }
+        const handlerGuard = t.binaryExpression(
+          '===',
+          t.unaryExpression('typeof', t.memberExpression(
+            t.identifier('globalThis'), t.identifier('__elwoodHandleSdkMcp')
+          )),
+          t.stringLiteral('function')
+        );
+        const handlerCall = t.awaitExpression(t.callExpression(
+          t.memberExpression(t.identifier('globalThis'), t.identifier('__elwoodHandleSdkMcp')),
+          [t.identifier(serverNameVarName), t.identifier(configVarName)]
+        ));
+        const assignTransport = t.expressionStatement(
+          t.assignmentExpression('=', t.identifier(transportVarName), handlerCall)
+        );
+        const fallbackThrow = t.throwStatement(t.newExpression(
+          t.identifier('Error'),
+          [t.stringLiteral('SDK servers should be handled in print.ts')]
+        ));
+
+        const newConsequent = t.blockStatement([
+          t.ifStatement(
+            handlerGuard,
+            t.blockStatement([assignTransport]),
+            t.blockStatement([fallbackThrow])
+          )
+        ]);
+
+        ifPath.node.consequent = newConsequent;
+        path.stop();
+      }
+    });
+  } catch (patchErr) {
+    // Non-fatal: be() patch failed — sdk type MCP servers will still throw,
+    // but all other functionality remains intact.
+  }
+
+  const registerIfStmt = t.ifStatement(
+    registerGuard,
+    t.blockStatement([t.expressionStatement(registerCall)])
+  );
+
+  ast.program.body.push(registerIfStmt);
+
+  // ── C. Also inject Zz5 (session class) if we can find it ─────────────────
+  // We look for the ClassDeclaration that has a submitMessage async generator
+  // method and yield types that include 'result', 'system', 'assistant'.
+  // We inject a second register call that includes the SessionClass reference.
+  //
+  // Strategy: traverse the AST to find the class, then add another register
+  // call that fills in SessionClass.
+
+  let sessionClassName = null;
+
+  traverse(ast, {
+    ClassDeclaration(path) {
+      const cls = path.node;
+      if (!cls.id?.name) return;
+
+      // Look for submitMessage as an async generator method
+      let hasSubmitMessage = false;
+      let hasYieldResult = false;
+
+      for (const member of cls.body.body) {
+        if (
+          member.type === 'ClassMethod' &&
+          member.key?.name === 'submitMessage' &&
+          member.async && member.generator
+        ) {
+          hasSubmitMessage = true;
+
+          // Quick scan of submitMessage for 'result' yield type
+          let found = false;
+          const scan = (node) => {
+            if (!node || typeof node !== 'object' || found) return;
+            if (node.type === 'YieldExpression' && node.argument?.type === 'ObjectExpression') {
+              for (const prop of node.argument.properties) {
+                if (
+                  prop.type === 'ObjectProperty' &&
+                  prop.key?.name === 'type' &&
+                  prop.value?.type === 'StringLiteral' &&
+                  (prop.value.value === 'result' || prop.value.value === 'assistant' || prop.value.value === 'system')
+                ) {
+                  found = true;
+                }
+              }
+            }
+            for (const key of Object.keys(node)) {
+              if (key === 'type' || key === 'loc' || key === 'start' || key === 'end') continue;
+              const child = node[key];
+              if (Array.isArray(child)) child.forEach(c => { if (c?.type) scan(c); });
+              else if (child?.type) scan(child);
+            }
+          };
+          scan(member.body);
+          if (found) hasYieldResult = true;
+        }
+      }
+
+      if (hasSubmitMessage && hasYieldResult) {
+        sessionClassName = cls.id.name;
+        path.stop();
+      }
+    },
+  });
+
+  if (sessionClassName) {
+    // Build a second register call with SessionClass filled in
+    const registerArg2 = t.objectExpression(buildRegisterProps(sessionClassName));
+
+    const registerCall2 = t.callExpression(
+      t.memberExpression(
+        t.identifier('globalThis'),
+        t.identifier('__elwoodRegister')
+      ),
+      [registerArg2]
+    );
+
+    const registerIfStmt2 = t.ifStatement(
+      t.binaryExpression(
+        '===',
+        t.unaryExpression(
+          'typeof',
+          t.memberExpression(
+            t.identifier('globalThis'),
+            t.identifier('__elwoodRegister')
+          )
+        ),
+        t.stringLiteral('function')
+      ),
+      t.blockStatement([t.expressionStatement(registerCall2)])
+    );
+
+    // Replace the first register stmt with this more complete one
+    const lastIdx = ast.program.body.length - 1;
+    if (ast.program.body[lastIdx] === registerIfStmt) {
+      ast.program.body[lastIdx] = registerIfStmt2;
+    } else {
+      ast.program.body.push(registerIfStmt2);
+    }
+  }
+}
+
+// ---------------------------------------------------------------------------
+// Exports
+// ---------------------------------------------------------------------------
+
+export {
+  injectHooks,
+  detectBundlerPattern,
+  extractFunctionMap,
+  findCliExports,
+  injectCliExports,
+  // Re-export constants for callers
+  DEFAULT_HOOK_VAR,
+  ANTHROPIC_API_HOST,
+};