@vortex-os/base 0.7.1 → 0.7.2

package/dist/{vectorize-PN4Y7XMO.js → vectorize-RBDBTSTW.js}

@@ -27,4 +27,4 @@ async function vectorizeIndex(ctx, opts) {
 export {
   vectorizeIndex
 };
-//# sourceMappingURL=vectorize-PN4Y7XMO.js.map
+//# sourceMappingURL=vectorize-RBDBTSTW.js.map

package/dist/vectorize-RBDBTSTW.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../plugins/session-rituals/src/vectorize.ts"],"sourcesContent":["import { join } from \"node:path\";\r\nimport type { ModuleContext } from \"@vortex-os/core\";\r\n// Type-only — erased at compile time, so importing it does NOT pull the\r\n// `@vortex-os/memory-extended` add-on (or its native deps) into the module\r\n// graph of consumers that only need the types. The runtime engine is loaded\r\n// lazily inside the function body via `await import(...)`.\r\nimport type { vector } from \"@vortex-os/memory-extended\";\r\n\r\n/**\r\n * Start-of-session vectorization: fold newly-archived sessions and memories\r\n * into the semantic-recall index so `/recall` and the ambient \"did we discuss\r\n * this?\" path stay current without a manual rebuild.\r\n *\r\n * The heavy one-time cost (downloading the embedding model + embedding the\r\n * whole backlog) happens the first time recall is set up — via an explicit\r\n * `/recall`, or via the `vortex vectorize` setup worker that session start\r\n * spawns in the background when the add-on is installed and\r\n * `autoRecord.vectorizeAutoDownload` is on. From then on the model is cached\r\n * and this runs **incrementally** — memory rows whose hash changed, plus\r\n * sessions not yet vectorized (`onlyMissing`) — so the per-session-start cost\r\n * is small.\r\n *\r\n * `allowDownload` defaults false, so the automatic inline session-start call is\r\n * cache-only and never triggers a model download on its own; only the explicit\r\n * setup paths pass `allowDownload: true`. A throw is treated as \"skip\"\r\n * (best-effort): a missing model, a rebuild hiccup, or the add-on being absent\r\n * must never fail session start.\r\n */\r\nexport interface VectorizeResult {\r\n  /** Memory rows (re)embedded this run. */\r\n  readonly memories: number;\r\n  /** Session chunks embedded this run (only the not-yet-vectorized ones). */\r\n  readonly sessionChunks: number;\r\n}\r\n\r\nexport interface VectorizeOptions {\r\n  /**\r\n   * Embedding function. Default: the bundled local model\r\n   * (`vector.createLocalEmbedder()`). Tests inject a deterministic fake so the\r\n   * run needs no model and no network.\r\n   */\r\n  readonly embed?: vector.EmbedFn;\r\n  /** Override the index DB path. Default `<dataDir>/_indexes/memory.sqlite`. */\r\n  readonly dbPath?: string;\r\n  /**\r\n   * Allow the embedder to DOWNLOAD the model when it is not cached. Default\r\n   * `false`: the automatic session-start path stays cache-only (a cache miss\r\n   * throws fast — no ~470 MB download). The explicit `vortex vectorize` setup\r\n   * worker passes `true` to bring the model into the cache the first time.\r\n   * Ignored when `embed` is supplied (tests inject their own embedder).\r\n   */\r\n  readonly allowDownload?: boolean;\r\n}\r\n\r\nexport async function vectorizeIndex(\r\n  ctx: ModuleContext,\r\n  opts?: VectorizeOptions,\r\n): Promise<VectorizeResult> {\r\n  // Lazy-load the optional add-on (mirrors catch-up). Resolves only when\r\n  // `memory-extended` is installed alongside base; a lean install throws here\r\n  // and the call site treats it as \"skip\".\r\n  const { sqlite, vector, sessionArchive } = await import(\"@vortex-os/memory-extended\");\r\n\r\n  const dbPath = opts?.dbPath ?? join(ctx.dataDir, \"_indexes\", \"memory.sqlite\");\r\n  const memoryDir = join(ctx.dataDir, \"_memory\");\r\n  // `localFilesOnly` is the real safety gate for this automatic path: if the\r\n  // embedding model is not already cached, the first embed throws immediately\r\n  // (no ~470 MB download) and the caller skips. So session-start vectorization\r\n  // can never trigger an unprompted download, even if the index db exists for\r\n  // some other reason. The model is downloaded only by the explicit, consented\r\n  // `/recall` setup, which uses the default network-enabled embedder.\r\n  const embed = opts?.embed ?? vector.createLocalEmbedder({ localFilesOnly: !opts?.allowDownload });\r\n\r\n  const sqlStore = new sqlite.MemorySqliteStore(dbPath);\r\n  const vecStore = new vector.MemoryVectorStore({ db: dbPath });\r\n  const archive = new sessionArchive.SessionArchiveStore(ctx.dataDir);\r\n  try {\r\n    // Memory: refresh the sqlite hard-filter index (no model needed) then its\r\n    // vectors. Best-effort per step — a missing _memory dir must not abort the\r\n    // session pass.\r\n    try {\r\n      await sqlite.rebuildFromMemoryDir(sqlStore, memoryDir);\r\n    } catch {\r\n      // no _memory dir yet — nothing to index\r\n    }\r\n    // Both incremental (`onlyMissing`): embed only newly-added memories and\r\n    // not-yet-vectorized sessions, so the per-session-start cost is bounded to\r\n    // what actually changed — usually nothing or a single new session.\r\n    const mem = await vecStore.rebuild(sqlStore, embed, { onlyMissing: true });\r\n    const sess = await vecStore.rebuildSessions(archive, embed, { onlyMissing: true });\r\n    return { memories: mem.indexed, sessionChunks: sess.chunks };\r\n  } finally {\r\n    archive.close();\r\n    vecStore.close();\r\n    sqlStore.close();\r\n  }\r\n}\r\n"],"mappings":";;;AAAA,SAAS,YAAY;AAsDrB,eAAsB,eACpB,KACA,MAAuB;AAKvB,QAAM,EAAE,QAAQ,QAAQ,eAAc,IAAK,MAAM,OAAO,4BAA4B;AAEpF,QAAM,SAAS,MAAM,UAAU,KAAK,IAAI,SAAS,YAAY,eAAe;AAC5E,QAAM,YAAY,KAAK,IAAI,SAAS,SAAS;AAO7C,QAAM,QAAQ,MAAM,SAAS,OAAO,oBAAoB,EAAE,gBAAgB,CAAC,MAAM,cAAa,CAAE;AAEhG,QAAM,WAAW,IAAI,OAAO,kBAAkB,MAAM;AACpD,QAAM,WAAW,IAAI,OAAO,kBAAkB,EAAE,IAAI,OAAM,CAAE;AAC5D,QAAM,UAAU,IAAI,eAAe,oBAAoB,IAAI,OAAO;AAClE,MAAI;AAIF,QAAI;AACF,YAAM,OAAO,qBAAqB,UAAU,SAAS;IACvD,QAAQ;IAER;AAIA,UAAM,MAAM,MAAM,SAAS,QAAQ,UAAU,OAAO,EAAE,aAAa,KAAI,CAAE;AACzE,UAAM,OAAO,MAAM,SAAS,gBAAgB,SAAS,OAAO,EAAE,aAAa,KAAI,CAAE;AACjF,WAAO,EAAE,UAAU,IAAI,SAAS,eAAe,KAAK,OAAM;EAC5D;AACE,YAAQ,MAAK;AACb,aAAS,MAAK;AACd,aAAS,MAAK;EAChB;AACF;","names":[]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vortex-os/base",
-  "version": "0.7.1",
+  "version": "0.7.2",
   "description": "Base entry point for VortEX — a Multi-Agent Personal AI Work OS framework",
   "license": "MIT",
   "author": "vortex-os-project",

package/templates/commands/agenda.md

@@ -1,15 +1,15 @@
----
-description: What should I focus on? Synthesizes open tasks, decisions, and recent activity.
-allowed-tools: Bash(npx vortex:*)
----
-Show the user what to work on, synthesized from their existing records.
-
-1. From the instance root, run: `npx vortex agenda`
-2. Parse the JSON: `openTasks[]`, `openDecisions[]`, `nextUp[]`, `lastWorklog`,
-   `isEmpty`, `nothingOpen`.
-3. Present plainly — never dump raw JSON:
-   - `isEmpty` → it's a fresh instance; nudge them to just start working (a
-     worklog grows on its own; nothing to set up).
-   - `nothingOpen` → say they're clear, and mention the last activity.
-   - Otherwise → a short "today" view (≤8 lines): open tasks first, then active
-     decisions, then what's queued next (`nextUp`).
+---
+description: What should I focus on? Synthesizes open tasks, decisions, and recent activity.
+allowed-tools: Bash(npx vortex:*)
+---
+Show the user what to work on, synthesized from their existing records.
+
+1. From the instance root, run: `npx vortex agenda`
+2. Parse the JSON: `openTasks[]`, `openDecisions[]`, `nextUp[]`, `lastWorklog`,
+   `isEmpty`, `nothingOpen`.
+3. Present plainly — never dump raw JSON:
+   - `isEmpty` → it's a fresh instance; nudge them to just start working (a
+     worklog grows on its own; nothing to set up).
+   - `nothingOpen` → say they're clear, and mention the last activity.
+   - Otherwise → a short "today" view (≤8 lines): open tasks first, then active
+     decisions, then what's queued next (`nextUp`).

package/templates/commands/resume.md

@@ -1,52 +1,52 @@
----
-description: Reconstruct what the PREVIOUS session was doing and whether it was wrapped up — for after a crash / abrupt close when no handoff was written
-allowed-tools: Bash, Read, Grep, Glob
----
-Back-trace the last session to answer three things: **what was being worked on, how far it got, and is anything left unfinished or broken.** Use this after an abrupt close or a crash, or whenever the start-of-session report flags carried-over uncommitted work.
-
-INVARIANTS (never break):
-- **READ-ONLY**: never modify the instance or any repo you inspect, and never commit. (Parsing a transcript into a throwaway scratch file under the OS temp dir is fine — just never touch the user's work or repos.)
-- **OFFER, don't act**: report findings and offer to continue or to commit/record loose ends; fix nothing without the user's go-ahead.
-- **Token-frugal**: lead with the cheap signals; read a transcript ONLY if they're inconclusive, and even then extract just the bounded narrative — never the whole `.jsonl` into context.
-
-## 1. Cheap signals first (almost free — often enough)
-In the instance root and any repo you know you were modifying:
-- `git status --porcelain` — uncommitted changes are work that was **not saved**. List them.
-- Interrupted git op — check via `git rev-parse --git-path MERGE_HEAD` / `… rebase-merge` / `… rebase-apply` (the `.git` dir can be a FILE in worktrees/submodules, so resolve the path, don't hardcode `.git/…`), or a stray `*.lock` in the git dir. `COMMIT_EDITMSG` alone is normal — ignore it; a lock can also be stale from non-crash tooling — treat it as a hint, not proof.
-- `git diff --stat` over the uncommitted files → what was being edited.
-- `git log --oneline -6`; compare to today's worklog under `data/worklog/<YYYY>/<MM>/`. A commit dated today with no matching worklog = a record gap.
-
-If the git-tracked signals are all clean, say "**git-tracked work looks wrapped up**" — but note this only covers git: edits to **non-git folders, gitignored/generated files, or another repo you can't see from here won't show**. So if there's any reason to suspect more (the report flagged a crash, or the user is unsure), continue to step 2 anyway; otherwise you may stop here.
-
-## 2. If inconclusive: find the PREVIOUS session's transcript
-**Prefer the normalized archive** under `data/_session-archive/normalized/.../` — those are PAST sessions (archived at this session's start), so they cannot include the live `/resume` session. Take the most recently modified one there.
-Only if needed, fall back to the live Claude Code transcripts at `~/.claude/projects/<slug>/*.jsonl` (slug = the cwd path with `/`, `\`, `:` replaced by `-`). **The current session's transcript is the newest and still growing — EXCLUDE it**; take the one immediately before it (its last activity predates this session's start).
-
-## 3. Extract ONLY a bounded narrative (the token-saver)
-Do **not** `Read` the raw `.jsonl` into context. Pull just **the first user turn (the original task) plus the last ~12 user/assistant text turns (where it stopped)**, dropping every `tool_use` / `tool_result`, each truncated. Use whatever your platform has — `jq`, a `node` one-liner, or PowerShell `ConvertFrom-Json`. Reference logic (node):
-```js
-// node <script> <transcript.jsonl>  → first user turn + last 12 text turns, tool noise dropped
-import { readFileSync } from "node:fs";
-const turns = [];
-for (const line of readFileSync(process.argv[2], "utf8").split("\n")) {
-  if (!line.trim()) continue;
-  let o; try { o = JSON.parse(line); } catch { continue; }
-  if (o.type !== "user" && o.type !== "assistant") continue;
-  const c = o.message?.content;
-  const text = Array.isArray(c)
-    ? c.filter((x) => x && x.type === "text").map((x) => x.text).join("")
-    : (typeof c === "string" ? c : "");
-  if (text.trim()) turns.push(`### ${o.type}\n${text.slice(0, 600)}`);
-}
-const picked = turns.length > 13 ? [turns[0], "… (middle elided) …", ...turns.slice(-12)] : turns;
-console.log(picked.join("\n\n"));
-```
-Read only that output. The first user turn = the session's original task; the last turns = where it stopped.
-
-## 4. Cross-reference and report (concise)
-- **What it was** — the original task / goal.
-- **How far** — what's done & committed vs. what's in progress.
-- **Loose ends** — uncommitted files, missing worklog, interrupted git op, an unrun build/test — each with *where* it stopped.
-- **Verdict** — "wrapped up", or exactly what remains to finish.
-
-Then **offer** to continue, or to commit / record the loose ends — never act without the user's go-ahead.
+---
+description: Reconstruct what the PREVIOUS session was doing and whether it was wrapped up — for after a crash / abrupt close when no handoff was written
+allowed-tools: Bash, Read, Grep, Glob
+---
+Back-trace the last session to answer three things: **what was being worked on, how far it got, and is anything left unfinished or broken.** Use this after an abrupt close or a crash, or whenever the start-of-session report flags carried-over uncommitted work.
+
+INVARIANTS (never break):
+- **READ-ONLY**: never modify the instance or any repo you inspect, and never commit. (Parsing a transcript into a throwaway scratch file under the OS temp dir is fine — just never touch the user's work or repos.)
+- **OFFER, don't act**: report findings and offer to continue or to commit/record loose ends; fix nothing without the user's go-ahead.
+- **Token-frugal**: lead with the cheap signals; read a transcript ONLY if they're inconclusive, and even then extract just the bounded narrative — never the whole `.jsonl` into context.
+
+## 1. Cheap signals first (almost free — often enough)
+In the instance root and any repo you know you were modifying:
+- `git status --porcelain` — uncommitted changes are work that was **not saved**. List them.
+- Interrupted git op — check via `git rev-parse --git-path MERGE_HEAD` / `… rebase-merge` / `… rebase-apply` (the `.git` dir can be a FILE in worktrees/submodules, so resolve the path, don't hardcode `.git/…`), or a stray `*.lock` in the git dir. `COMMIT_EDITMSG` alone is normal — ignore it; a lock can also be stale from non-crash tooling — treat it as a hint, not proof.
+- `git diff --stat` over the uncommitted files → what was being edited.
+- `git log --oneline -6`; compare to today's worklog under `data/worklog/<YYYY>/<MM>/`. A commit dated today with no matching worklog = a record gap.
+
+If the git-tracked signals are all clean, say "**git-tracked work looks wrapped up**" — but note this only covers git: edits to **non-git folders, gitignored/generated files, or another repo you can't see from here won't show**. So if there's any reason to suspect more (the report flagged a crash, or the user is unsure), continue to step 2 anyway; otherwise you may stop here.
+
+## 2. If inconclusive: find the PREVIOUS session's transcript
+**Prefer the normalized archive** under `data/_session-archive/normalized/.../` — those are PAST sessions (archived at this session's start), so they cannot include the live `/resume` session. Take the most recently modified one there.
+Only if needed, fall back to the live Claude Code transcripts at `~/.claude/projects/<slug>/*.jsonl` (slug = the cwd path with `/`, `\`, `:` replaced by `-`). **The current session's transcript is the newest and still growing — EXCLUDE it**; take the one immediately before it (its last activity predates this session's start).
+
+## 3. Extract ONLY a bounded narrative (the token-saver)
+Do **not** `Read` the raw `.jsonl` into context. Pull just **the first user turn (the original task) plus the last ~12 user/assistant text turns (where it stopped)**, dropping every `tool_use` / `tool_result`, each truncated. Use whatever your platform has — `jq`, a `node` one-liner, or PowerShell `ConvertFrom-Json`. Reference logic (node):
+```js
+// node <script> <transcript.jsonl>  → first user turn + last 12 text turns, tool noise dropped
+import { readFileSync } from "node:fs";
+const turns = [];
+for (const line of readFileSync(process.argv[2], "utf8").split("\n")) {
+  if (!line.trim()) continue;
+  let o; try { o = JSON.parse(line); } catch { continue; }
+  if (o.type !== "user" && o.type !== "assistant") continue;
+  const c = o.message?.content;
+  const text = Array.isArray(c)
+    ? c.filter((x) => x && x.type === "text").map((x) => x.text).join("")
+    : (typeof c === "string" ? c : "");
+  if (text.trim()) turns.push(`### ${o.type}\n${text.slice(0, 600)}`);
+}
+const picked = turns.length > 13 ? [turns[0], "… (middle elided) …", ...turns.slice(-12)] : turns;
+console.log(picked.join("\n\n"));
+```
+Read only that output. The first user turn = the session's original task; the last turns = where it stopped.
+
+## 4. Cross-reference and report (concise)
+- **What it was** — the original task / goal.
+- **How far** — what's done & committed vs. what's in progress.
+- **Loose ends** — uncommitted files, missing worklog, interrupted git op, an unrun build/test — each with *where* it stopped.
+- **Verdict** — "wrapped up", or exactly what remains to finish.
+
+Then **offer** to continue, or to commit / record the loose ends — never act without the user's go-ahead.

package/templates/config/vortex.json

@@ -1,13 +1,13 @@
-{
-  "autoRecord": {
-    "sessionStart": true,
-    "worklog": true,
-    "decision": true,
-    "ambientRecall": true,
-    "archive": true
-  },
-  "updates": {
-    "check": "session"
-  },
-  "environments": []
-}
+{
+  "autoRecord": {
+    "sessionStart": true,
+    "worklog": true,
+    "decision": true,
+    "ambientRecall": true,
+    "archive": true
+  },
+  "updates": {
+    "check": "session"
+  },
+  "environments": []
+}

package/templates/manifest.json

@@ -1,6 +1,6 @@
 {
   "schema": "vortex-template-index/1",
-  "baseVersion": "0.7.1",
+  "baseVersion": "0.7.2",
   "files": [
     {
       "templateId": "commands/agenda.md",
@@ -45,7 +45,7 @@
     {
       "templateId": "routers/CLAUDE.md",
       "path": "routers/CLAUDE.md",
-      "sha256": "36b1b475de280a8e36fe7562574af19a0820c89f4211bef00435ac00c6c95392"
+      "sha256": "c704efa4effc974f0bc0c7c336b0db15e22fc76f582675742c44bd6bfdc79a25"
     },
     {
       "templateId": "routers/GEMINI.md",

package/templates/routers/.cursorrules

@@ -1,14 +1,14 @@
-VortEX Instance — Multi-Agent Personal AI Work OS
-
-When working in this repository, you (Cursor) MUST read AI-RULES.md first. AI-RULES.md is the
-single source of truth for shared behavior across all agents: the data/ layout, conventions,
-default behaviors, and the commands available.
-
-Cursor-specific config lives in .cursor/. Shared agent config lives in .agent/.
-
-Per-agent entry files (CLAUDE.md, AGENTS.md, GEMINI.md, .cursorrules) hold only that agent's
-own supplements; the shared rules live in AI-RULES.md, never duplicated per agent.
-
-This instance was created from the @vortex-os/base framework. The framework code lives in
-node_modules/@vortex-os/; you do not edit it. You work in data/ and use the vortex CLI and
-its slash-commands (run `npx vortex --list` to see them).
+VortEX Instance — Multi-Agent Personal AI Work OS
+
+When working in this repository, you (Cursor) MUST read AI-RULES.md first. AI-RULES.md is the
+single source of truth for shared behavior across all agents: the data/ layout, conventions,
+default behaviors, and the commands available.
+
+Cursor-specific config lives in .cursor/. Shared agent config lives in .agent/.
+
+Per-agent entry files (CLAUDE.md, AGENTS.md, GEMINI.md, .cursorrules) hold only that agent's
+own supplements; the shared rules live in AI-RULES.md, never duplicated per agent.
+
+This instance was created from the @vortex-os/base framework. The framework code lives in
+node_modules/@vortex-os/; you do not edit it. You work in data/ and use the vortex CLI and
+its slash-commands (run `npx vortex --list` to see them).

package/templates/routers/AGENTS.md

@@ -1,27 +1,27 @@
----
-type: agent-entry
-status: active
----
-
-# VortEX Instance — Codex CLI entry
-
-This is the file Codex CLI auto-loads in this VortEX instance. It holds only Codex-specific supplements; the rules shared by **every** agent live in `AI-RULES.md`.
-
-## CRITICAL — load the shared rules first
-
-The shared rules, default behaviors, `data/` layout, and commands for every agent in this instance are defined in **`AI-RULES.md`**. You MUST read and follow `./AI-RULES.md` **before responding to any request** — it is required reading, not optional.
-
-👉 Read now: `./AI-RULES.md`
-
-> Codex CLI has no auto-import directive, so this instruction *is* the load mechanism — do not skip it. Any other `AGENTS.md`-aware tool that reads this file must do the same: treat `AI-RULES.md` as the shared source of truth.
-
-## Codex-specific supplements
-
-- Dedicated dir: `.codex/`
-- Shared dir: `.agent/`
-
-## Cross-check tool (per `AI-RULES.md` → "Cross-check significant decisions")
-
-For a **cross-model** check, Codex can call Claude Code headless: `claude -p "<prompt>"`. Otherwise use a clean-context Codex sub-task with only the relevant facts. Return only the verdict — you still decide and close by verifying against the code/tests. When you shell out to `claude -p`: close stdin (`< /dev/null`) so it doesn't wait ~3s for input, and set your own timeout.
-
-For the **security-review** lens (per `AI-RULES.md` → "Security-review code changes"), run the same kind of pass but focused on security — path traversal / arbitrary write, command / SQL / template injection, secret leakage, SSRF, unsafe deserialization, missing input validation — via `claude -p` (cross-model) or a clean-context Codex sub-task given only the diff + the threat surface.
+---
+type: agent-entry
+status: active
+---
+
+# VortEX Instance — Codex CLI entry
+
+This is the file Codex CLI auto-loads in this VortEX instance. It holds only Codex-specific supplements; the rules shared by **every** agent live in `AI-RULES.md`.
+
+## CRITICAL — load the shared rules first
+
+The shared rules, default behaviors, `data/` layout, and commands for every agent in this instance are defined in **`AI-RULES.md`**. You MUST read and follow `./AI-RULES.md` **before responding to any request** — it is required reading, not optional.
+
+👉 Read now: `./AI-RULES.md`
+
+> Codex CLI has no auto-import directive, so this instruction *is* the load mechanism — do not skip it. Any other `AGENTS.md`-aware tool that reads this file must do the same: treat `AI-RULES.md` as the shared source of truth.
+
+## Codex-specific supplements
+
+- Dedicated dir: `.codex/`
+- Shared dir: `.agent/`
+
+## Cross-check tool (per `AI-RULES.md` → "Cross-check significant decisions")
+
+For a **cross-model** check, Codex can call Claude Code headless: `claude -p "<prompt>"`. Otherwise use a clean-context Codex sub-task with only the relevant facts. Return only the verdict — you still decide and close by verifying against the code/tests. When you shell out to `claude -p`: close stdin (`< /dev/null`) so it doesn't wait ~3s for input, and set your own timeout.
+
+For the **security-review** lens (per `AI-RULES.md` → "Security-review code changes"), run the same kind of pass but focused on security — path traversal / arbitrary write, command / SQL / template injection, secret leakage, SSRF, unsafe deserialization, missing input validation — via `claude -p` (cross-model) or a clean-context Codex sub-task given only the diff + the threat surface.

package/templates/routers/CLAUDE.md

@@ -1,39 +1,39 @@
-# CLAUDE.md
-
-This is the first file Claude Code reads when working in this VortEX instance.
-
-## Shared rules (required — auto-loaded)
-
-The rules shared by every agent in this instance live in `AI-RULES.md`, imported here so Claude Code loads it automatically at launch:
-
-@AI-RULES.md
-
-This `CLAUDE.md` holds only Claude Code-specific supplements; everything shared is in `AI-RULES.md` (above).
-
-## Claude Code-specific config
-
-- Dedicated dir: `.claude/`
-- Shared dir: `.agent/`
-
-`.claude/settings.json` and `.claude/commands/` are populated by `vortex init` — it wires the SessionStart / SessionEnd hooks (`npx --no-install -p @vortex-os/base vortex session-start` / `… session-end`) and installs the agent-mediated slash-commands.
-
-## Reasoning effort
-
-Claude Code exposes a reasoning/effort level you cannot read as a value. When `AI-RULES.md` → "Working style" calls for an effort change, recommend a *target* ("this looks like high-effort work — raise it if you're below that") rather than asserting the current setting. The user changes it on their side; it takes effect from the next turn, not the current one.
-
-## Delegating to sub-agents (context economy)
-
-This is the Claude Code mechanism behind `AI-RULES.md` → "Working style" → *delegate heavy, self-contained work*. The point is to spend the **sub-agent's** context on the heavy part and return only the conclusion, so the main thread stays lean across a long day.
-
-- **Task / Agent tool — the usual first reach for self-contained work.** Spawn a sub-agent for one scoped, fully-specifiable job; it runs in its own context and only its final answer comes back. Use the **Explore** agent for "search across the repo and tell me the conclusion" (it reads excerpts, not whole files), and a **general-purpose** agent for a multi-step job you can spell out up front. Give it a precise spec + what "done" looks like and have it return its evidence; **verify what it returns** before building on it. (Not for fuzzy, judgment-heavy, or tightly-coupled work — see `AI-RULES.md` → "Working style".)
-- **Several at once.** When jobs are independent, launch them in one message so they run in parallel (e.g. explore three subsystems at once), then synthesize on the main thread.
-- **Custom agents (`.claude/agents/*.md`).** For a delegation you repeat, define a named specialist once and reuse it. Not installed by default — add when a pattern recurs.
-- **Workflows (multi-agent orchestration).** For breadth one context can't hold — a broad review, an audit, a migration across many files. Token-heavy and fan-out-y, so **only when the user explicitly asks** for that scale; otherwise prefer a few Task agents.
-
-Do **not** delegate the judgment — the main thread owns the plan, the decisions, and the final synthesis. Delegate the reading, the searching, the bulk generation; keep the deciding.
-
-## Cross-check tool (per `AI-RULES.md` → "Cross-check significant decisions")
-
-For the adversarial cross-check that `AI-RULES.md` calls for: use a **Task sub-agent with a clean context** (give it only the relevant facts + acceptance criteria) for a same-model check; if the **Codex CLI** is installed, `codex exec -C <repo> -s read-only` is a stronger **cross-model** check. Bring back only the verdict — the main thread still decides and closes by verifying against the code/tests. When you shell out to `codex exec`: close stdin (`< /dev/null`) so it doesn't stall waiting for input, set your own timeout (the host's may not stop a runaway), and keep the reviewer read-only (`-s read-only`). On **Windows PowerShell** `< /dev/null` doesn't exist — pipe input instead (`git diff | codex exec …`, or `'' | codex exec …` for a non-diff review) to hand stdin an EOF, and pass the prompt as a **single-quoted here-string** (`@'…'@`, closing `'@` at column 0): a double-quoted prompt makes PowerShell treat the backtick as an escape character, so a prompt containing backticks (e.g. a backticked command name like `update --adopt`) fails to parse with an "invalid Unicode escape" error.
-
-For the **security-review** lens (per `AI-RULES.md` → "Security-review code changes"): Claude Code ships a `/security-review` command that reviews the pending diff on the current branch — use it for the security pass. For a stronger or independent check, the same `codex exec -C <repo> -s read-only` (cross-model) or a clean-context Task sub-agent (give it only the diff + the threat surface) applies, prompted for the security classes rather than general correctness.
+# CLAUDE.md
+
+This is the first file Claude Code reads when working in this VortEX instance.
+
+## Shared rules (required — auto-loaded)
+
+The rules shared by every agent in this instance live in `AI-RULES.md`, imported here so Claude Code loads it automatically at launch:
+
+@AI-RULES.md
+
+This `CLAUDE.md` holds only Claude Code-specific supplements; everything shared is in `AI-RULES.md` (above).
+
+## Claude Code-specific config
+
+- Dedicated dir: `.claude/`
+- Shared dir: `.agent/`
+
+`.claude/settings.json` and `.claude/commands/` are populated by `vortex init` — it wires the SessionStart / SessionEnd hooks (`npx --no-install vortex session-start` / `… session-end`) and installs the agent-mediated slash-commands.
+
+## Reasoning effort
+
+Claude Code exposes a reasoning/effort level you cannot read as a value. When `AI-RULES.md` → "Working style" calls for an effort change, recommend a *target* ("this looks like high-effort work — raise it if you're below that") rather than asserting the current setting. The user changes it on their side; it takes effect from the next turn, not the current one.
+
+## Delegating to sub-agents (context economy)
+
+This is the Claude Code mechanism behind `AI-RULES.md` → "Working style" → *delegate heavy, self-contained work*. The point is to spend the **sub-agent's** context on the heavy part and return only the conclusion, so the main thread stays lean across a long day.
+
+- **Task / Agent tool — the usual first reach for self-contained work.** Spawn a sub-agent for one scoped, fully-specifiable job; it runs in its own context and only its final answer comes back. Use the **Explore** agent for "search across the repo and tell me the conclusion" (it reads excerpts, not whole files), and a **general-purpose** agent for a multi-step job you can spell out up front. Give it a precise spec + what "done" looks like and have it return its evidence; **verify what it returns** before building on it. (Not for fuzzy, judgment-heavy, or tightly-coupled work — see `AI-RULES.md` → "Working style".)
+- **Several at once.** When jobs are independent, launch them in one message so they run in parallel (e.g. explore three subsystems at once), then synthesize on the main thread.
+- **Custom agents (`.claude/agents/*.md`).** For a delegation you repeat, define a named specialist once and reuse it. Not installed by default — add when a pattern recurs.
+- **Workflows (multi-agent orchestration).** For breadth one context can't hold — a broad review, an audit, a migration across many files. Token-heavy and fan-out-y, so **only when the user explicitly asks** for that scale; otherwise prefer a few Task agents.
+
+Do **not** delegate the judgment — the main thread owns the plan, the decisions, and the final synthesis. Delegate the reading, the searching, the bulk generation; keep the deciding.
+
+## Cross-check tool (per `AI-RULES.md` → "Cross-check significant decisions")
+
+For the adversarial cross-check that `AI-RULES.md` calls for: use a **Task sub-agent with a clean context** (give it only the relevant facts + acceptance criteria) for a same-model check; if the **Codex CLI** is installed, `codex exec -C <repo> -s read-only` is a stronger **cross-model** check. Bring back only the verdict — the main thread still decides and closes by verifying against the code/tests. When you shell out to `codex exec`: close stdin (`< /dev/null`) so it doesn't stall waiting for input, set your own timeout (the host's may not stop a runaway), and keep the reviewer read-only (`-s read-only`). On **Windows PowerShell** `< /dev/null` doesn't exist — pipe input instead (`git diff | codex exec …`, or `'' | codex exec …` for a non-diff review) to hand stdin an EOF, and pass the prompt as a **single-quoted here-string** (`@'…'@`, closing `'@` at column 0): a double-quoted prompt makes PowerShell treat the backtick as an escape character, so a prompt containing backticks (e.g. a backticked command name like `update --adopt`) fails to parse with an "invalid Unicode escape" error.
+
+For the **security-review** lens (per `AI-RULES.md` → "Security-review code changes"): Claude Code ships a `/security-review` command that reviews the pending diff on the current branch — use it for the security pass. For a stronger or independent check, the same `codex exec -C <repo> -s read-only` (cross-model) or a clean-context Task sub-agent (give it only the diff + the threat surface) applies, prompted for the security classes rather than general correctness.

package/templates/routers/GEMINI.md

@@ -1,16 +1,16 @@
-# GEMINI.md
-
-This is the first file Gemini CLI reads when working in this VortEX instance.
-
-## Shared rules (required — auto-loaded)
-
-The rules shared by every agent in this instance live in `AI-RULES.md`, imported here so Gemini CLI loads it automatically at launch:
-
-@AI-RULES.md
-
-This `GEMINI.md` holds only Gemini-specific supplements; everything shared is in `AI-RULES.md` (above).
-
-## Gemini-specific config
-
-- Dedicated dir: `.gemini/`
-- Shared dir: `.agent/`
+# GEMINI.md
+
+This is the first file Gemini CLI reads when working in this VortEX instance.
+
+## Shared rules (required — auto-loaded)
+
+The rules shared by every agent in this instance live in `AI-RULES.md`, imported here so Gemini CLI loads it automatically at launch:
+
+@AI-RULES.md
+
+This `GEMINI.md` holds only Gemini-specific supplements; everything shared is in `AI-RULES.md` (above).
+
+## Gemini-specific config
+
+- Dedicated dir: `.gemini/`
+- Shared dir: `.agent/`

package/dist/chunk-3L5DLEGP.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../plugins/session-rituals/src/catch-up.ts"],"sourcesContent":["import type { ModuleContext } from \"@vortex-os/core\";\n// Type-only — erased at compile time, so importing it does NOT pull the\n// `@vortex-os/memory-extended` add-on (or its native sqlite/level deps) into\n// the module graph of consumers that only need the types. The runtime engine\n// is loaded lazily inside the function body via `await import(...)`.\nimport type { sessionArchive } from \"@vortex-os/memory-extended\";\n\n/**\n * Start-of-session \"catch-up\": fold conversation transcripts into the local\n * search archive without the user ever having to wrap up a session.\n *\n * Two sources, one pass:\n *  - **local (a)** — this machine's own transcripts that are not archived yet,\n *    read from every detected agent host's transcript store (Claude Code,\n *    Codex, Gemini) and scoped to the current project. Because all hosts are\n *    swept on every start, a single Claude Code session-start also folds in the\n *    Codex/Gemini sessions you ran in the same project, into one archive.\n *  - **pulled (b)** — transcripts created on another machine that arrived as\n *    normalized text via git sync. Their text is present but this machine's\n *    DB (local, derived, gitignored) has never indexed them.\n *\n * Text only — vectorization is deferred to recall/rebuild so session start\n * stays fast. The whole step is gated by `autoRecord.archive` at the call site\n * and is best-effort: callers should treat a thrown archive backend (e.g. the\n * native sqlite module not built) as \"skip\", never as a fatal start error.\n */\nexport interface CatchUpResult {\n  /** Local transcripts newly archived this run (source a). */\n  readonly ingestedLocal: number;\n  /** Normalized transcripts from another machine newly indexed (source b). */\n  readonly indexedPulled: number;\n  /** Per-session ingest errors (source a). */\n  readonly errors: number;\n}\n\nexport interface CatchUpOptions {\n  /** Restrict local ingest to one project's transcripts. Default: `ctx.repoRoot`. */\n  readonly cwd?: string;\n  /**\n   * Transcript adapters for local ingest. Default: all CLI hosts — Claude Code,\n   * Codex, and Gemini. Each adapter's `detect()` returns false when its host is\n   * absent, so registering all three is ~free on a machine that only uses one.\n   * (Claude Desktop is opt-in — it needs the `classic-level` dependency — so it\n   * is not in the default set; a caller can add it.) Tests inject fakes (or a\n   * sandbox `env.home`) so the scan never touches the real home directory.\n   */\n  readonly adapters?: sessionArchive.IngestParams[\"adapters\"];\n  /** Adapter environment override (e.g. a sandbox HOME). Tests use this. */\n  readonly env?: sessionArchive.IngestParams[\"env\"];\n}\n\nexport async function catchUpSessions(\n  ctx: ModuleContext,\n  opts?: CatchUpOptions,\n): Promise<CatchUpResult> {\n  // Lazy-load the optional add-on. Base ships without `memory-extended`; this\n  // import resolves only when the add-on is installed alongside it. The call\n  // site already gates this step on `autoRecord.archive` and treats a thrown\n  // backend as \"skip\", so a missing add-on surfaces as a normal load error\n  // the caller can catch.\n  const { sessionArchive } = await import(\"@vortex-os/memory-extended\");\n\n  const dataDir = ctx.dataDir;\n  const cwd = opts?.cwd ?? ctx.repoRoot;\n  const adapters = opts?.adapters ?? [\n    sessionArchive.claudeCodeAdapter,\n    sessionArchive.codexAdapter,\n    sessionArchive.geminiAdapter,\n  ];\n\n  // (a) Ingest this machine's not-yet-archived transcripts for the current\n  // project. Writes the normalized copy into the archive (which git syncs) and\n  // a local DB row. Text only — no vectorization here.\n  const ingestResult = await sessionArchive.ingest({ adapters, dataDir, cwd, env: opts?.env });\n\n  // (b) Index normalized transcripts that arrived from another machine via git\n  // pull — their text is on disk but this machine's DB has no row yet.\n  const store = new sessionArchive.SessionArchiveStore(dataDir);\n  let indexedPulled = 0;\n  try {\n    indexedPulled = store.reindexFromNormalized().indexed;\n  } finally {\n    store.close();\n  }\n\n  return {\n    ingestedLocal: ingestResult.sessionsIngested,\n    indexedPulled,\n    errors: ingestResult.errors.length,\n  };\n}\n"],"mappings":";AAmDA,eAAsB,gBACpB,KACA,MAAqB;AAOrB,QAAM,EAAE,eAAc,IAAK,MAAM,OAAO,4BAA4B;AAEpE,QAAM,UAAU,IAAI;AACpB,QAAM,MAAM,MAAM,OAAO,IAAI;AAC7B,QAAM,WAAW,MAAM,YAAY;IACjC,eAAe;IACf,eAAe;IACf,eAAe;;AAMjB,QAAM,eAAe,MAAM,eAAe,OAAO,EAAE,UAAU,SAAS,KAAK,KAAK,MAAM,IAAG,CAAE;AAI3F,QAAM,QAAQ,IAAI,eAAe,oBAAoB,OAAO;AAC5D,MAAI,gBAAgB;AACpB,MAAI;AACF,oBAAgB,MAAM,sBAAqB,EAAG;EAChD;AACE,UAAM,MAAK;EACb;AAEA,SAAO;IACL,eAAe,aAAa;IAC5B;IACA,QAAQ,aAAa,OAAO;;AAEhC;","names":[]}

package/dist/vectorize-PN4Y7XMO.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../plugins/session-rituals/src/vectorize.ts"],"sourcesContent":["import { join } from \"node:path\";\nimport type { ModuleContext } from \"@vortex-os/core\";\n// Type-only — erased at compile time, so importing it does NOT pull the\n// `@vortex-os/memory-extended` add-on (or its native deps) into the module\n// graph of consumers that only need the types. The runtime engine is loaded\n// lazily inside the function body via `await import(...)`.\nimport type { vector } from \"@vortex-os/memory-extended\";\n\n/**\n * Start-of-session vectorization: fold newly-archived sessions and memories\n * into the semantic-recall index so `/recall` and the ambient \"did we discuss\n * this?\" path stay current without a manual rebuild.\n *\n * The heavy one-time cost (downloading the embedding model + embedding the\n * whole backlog) happens the first time recall is set up — via an explicit\n * `/recall`, or via the `vortex vectorize` setup worker that session start\n * spawns in the background when the add-on is installed and\n * `autoRecord.vectorizeAutoDownload` is on. From then on the model is cached\n * and this runs **incrementally** — memory rows whose hash changed, plus\n * sessions not yet vectorized (`onlyMissing`) — so the per-session-start cost\n * is small.\n *\n * `allowDownload` defaults false, so the automatic inline session-start call is\n * cache-only and never triggers a model download on its own; only the explicit\n * setup paths pass `allowDownload: true`. A throw is treated as \"skip\"\n * (best-effort): a missing model, a rebuild hiccup, or the add-on being absent\n * must never fail session start.\n */\nexport interface VectorizeResult {\n  /** Memory rows (re)embedded this run. */\n  readonly memories: number;\n  /** Session chunks embedded this run (only the not-yet-vectorized ones). */\n  readonly sessionChunks: number;\n}\n\nexport interface VectorizeOptions {\n  /**\n   * Embedding function. Default: the bundled local model\n   * (`vector.createLocalEmbedder()`). Tests inject a deterministic fake so the\n   * run needs no model and no network.\n   */\n  readonly embed?: vector.EmbedFn;\n  /** Override the index DB path. Default `<dataDir>/_indexes/memory.sqlite`. */\n  readonly dbPath?: string;\n  /**\n   * Allow the embedder to DOWNLOAD the model when it is not cached. Default\n   * `false`: the automatic session-start path stays cache-only (a cache miss\n   * throws fast — no ~470 MB download). The explicit `vortex vectorize` setup\n   * worker passes `true` to bring the model into the cache the first time.\n   * Ignored when `embed` is supplied (tests inject their own embedder).\n   */\n  readonly allowDownload?: boolean;\n}\n\nexport async function vectorizeIndex(\n  ctx: ModuleContext,\n  opts?: VectorizeOptions,\n): Promise<VectorizeResult> {\n  // Lazy-load the optional add-on (mirrors catch-up). Resolves only when\n  // `memory-extended` is installed alongside base; a lean install throws here\n  // and the call site treats it as \"skip\".\n  const { sqlite, vector, sessionArchive } = await import(\"@vortex-os/memory-extended\");\n\n  const dbPath = opts?.dbPath ?? join(ctx.dataDir, \"_indexes\", \"memory.sqlite\");\n  const memoryDir = join(ctx.dataDir, \"_memory\");\n  // `localFilesOnly` is the real safety gate for this automatic path: if the\n  // embedding model is not already cached, the first embed throws immediately\n  // (no ~470 MB download) and the caller skips. So session-start vectorization\n  // can never trigger an unprompted download, even if the index db exists for\n  // some other reason. The model is downloaded only by the explicit, consented\n  // `/recall` setup, which uses the default network-enabled embedder.\n  const embed = opts?.embed ?? vector.createLocalEmbedder({ localFilesOnly: !opts?.allowDownload });\n\n  const sqlStore = new sqlite.MemorySqliteStore(dbPath);\n  const vecStore = new vector.MemoryVectorStore({ db: dbPath });\n  const archive = new sessionArchive.SessionArchiveStore(ctx.dataDir);\n  try {\n    // Memory: refresh the sqlite hard-filter index (no model needed) then its\n    // vectors. Best-effort per step — a missing _memory dir must not abort the\n    // session pass.\n    try {\n      await sqlite.rebuildFromMemoryDir(sqlStore, memoryDir);\n    } catch {\n      // no _memory dir yet — nothing to index\n    }\n    // Both incremental (`onlyMissing`): embed only newly-added memories and\n    // not-yet-vectorized sessions, so the per-session-start cost is bounded to\n    // what actually changed — usually nothing or a single new session.\n    const mem = await vecStore.rebuild(sqlStore, embed, { onlyMissing: true });\n    const sess = await vecStore.rebuildSessions(archive, embed, { onlyMissing: true });\n    return { memories: mem.indexed, sessionChunks: sess.chunks };\n  } finally {\n    archive.close();\n    vecStore.close();\n    sqlStore.close();\n  }\n}\n"],"mappings":";;;AAAA,SAAS,YAAY;AAsDrB,eAAsB,eACpB,KACA,MAAuB;AAKvB,QAAM,EAAE,QAAQ,QAAQ,eAAc,IAAK,MAAM,OAAO,4BAA4B;AAEpF,QAAM,SAAS,MAAM,UAAU,KAAK,IAAI,SAAS,YAAY,eAAe;AAC5E,QAAM,YAAY,KAAK,IAAI,SAAS,SAAS;AAO7C,QAAM,QAAQ,MAAM,SAAS,OAAO,oBAAoB,EAAE,gBAAgB,CAAC,MAAM,cAAa,CAAE;AAEhG,QAAM,WAAW,IAAI,OAAO,kBAAkB,MAAM;AACpD,QAAM,WAAW,IAAI,OAAO,kBAAkB,EAAE,IAAI,OAAM,CAAE;AAC5D,QAAM,UAAU,IAAI,eAAe,oBAAoB,IAAI,OAAO;AAClE,MAAI;AAIF,QAAI;AACF,YAAM,OAAO,qBAAqB,UAAU,SAAS;IACvD,QAAQ;IAER;AAIA,UAAM,MAAM,MAAM,SAAS,QAAQ,UAAU,OAAO,EAAE,aAAa,KAAI,CAAE;AACzE,UAAM,OAAO,MAAM,SAAS,gBAAgB,SAAS,OAAO,EAAE,aAAa,KAAI,CAAE;AACjF,WAAO,EAAE,UAAU,IAAI,SAAS,eAAe,KAAK,OAAM;EAC5D;AACE,YAAQ,MAAK;AACb,aAAS,MAAK;AACd,aAAS,MAAK;EAChB;AACF;","names":[]}