@wipcomputer/wip-ldm-os 0.4.85-alpha.2 → 0.4.85-alpha.21

package/lib/detect.mjs

@@ -15,6 +15,23 @@ function readJSON(path) {
   }
 }
 
+function detectSkillDirectories(repoPath) {
+  const skillsDir = join(repoPath, 'skills');
+  if (!existsSync(skillsDir)) return [];
+
+  try {
+    return readdirSync(skillsDir, { withFileTypes: true })
+      .filter(e => e.isDirectory() && existsSync(join(skillsDir, e.name, 'SKILL.md')))
+      .map(e => ({
+        name: e.name,
+        path: join(skillsDir, e.name),
+        skillPath: join(skillsDir, e.name, 'SKILL.md'),
+      }));
+  } catch {
+    return [];
+  }
+}
+
 /**
  * Detect all interfaces in a repo.
  * Returns { interfaces, pkg } where interfaces is an object keyed by interface type.
@@ -48,9 +65,18 @@ export function detectInterfaces(repoPath) {
     interfaces.openclaw = { config: readJSON(ocPlugin), path: ocPlugin };
   }
 
-  // 5. Skill: SKILL.md exists
-  if (existsSync(join(repoPath, 'SKILL.md'))) {
-    interfaces.skill = { path: join(repoPath, 'SKILL.md') };
+  // 5. Skill: root SKILL.md, or a skills/<name>/SKILL.md collection.
+  const rootSkillPath = join(repoPath, 'SKILL.md');
+  if (existsSync(rootSkillPath)) {
+    interfaces.skill = { path: rootSkillPath };
+  }
+
+  const skillDirs = detectSkillDirectories(repoPath);
+  if (skillDirs.length > 0) {
+    interfaces.skill = {
+      path: join(repoPath, 'skills'),
+      skills: skillDirs,
+    };
   }
 
   // 6. Claude Code Hook: guard.mjs or claudeCode.hook(s) in package.json
@@ -103,7 +129,12 @@ export function describeInterfaces(interfaces) {
   if (interfaces.module) lines.push(`Module: ${JSON.stringify(interfaces.module.main)}`);
   if (interfaces.mcp) lines.push(`MCP Server: ${interfaces.mcp.file}`);
   if (interfaces.openclaw) lines.push(`OpenClaw Plugin: ${interfaces.openclaw.config?.name || 'detected'}`);
-  if (interfaces.skill) lines.push(`Skill: SKILL.md`);
+  if (interfaces.skill?.skills?.length) {
+    const skills = interfaces.skill.skills.map(s => `${s.name} (${s.skillPath})`);
+    lines.push(`Skill: ${skills.join(', ')}`);
+  } else if (interfaces.skill) {
+    lines.push(`Skill: SKILL.md`);
+  }
   if (interfaces.claudeCodeHook) {
     const events = interfaces.claudeCodeHook.map(h => h.event || 'PreToolUse');
     lines.push(`Claude Code Hook: ${events.join(', ')}`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wipcomputer/wip-ldm-os",
-  "version": "0.4.85-alpha.2",
+  "version": "0.4.85-alpha.21",
   "type": "module",
   "description": "LDM OS: identity, memory, and sovereignty infrastructure for AI agents",
   "engines": {
@@ -18,14 +18,25 @@
   "scripts": {
     "build:bridge": "cd src/bridge && npm install && npx tsup core.ts mcp-server.ts cli.ts openclaw.ts --format esm --dts --clean --outDir ../../dist/bridge",
     "build": "npm run build:bridge",
-    "prepublishOnly": "npm run build:bridge && npm run validate:bin-manifest",
+    "prepublishOnly": "npm run build:bridge && npm run validate:bin-manifest && npm run test:install-prompt-policy && npm run test:ldm-status-timeout",
     "validate:bin-manifest": "node scripts/validate-bin-manifest.mjs",
     "test:skill-frontmatter": "node scripts/test-skill-frontmatter.mjs",
+    "test:install-prompt-policy": "node scripts/test-install-prompt-policy.mjs",
+    "test:ldm-status-timeout": "node scripts/test-ldm-status-timeout.mjs",
     "test:installer-update-tracks": "node scripts/test-installer-update-tracks.mjs",
     "test:installer-hook-toolname": "node scripts/test-installer-hook-toolname.mjs",
+    "test:installer-target-self-update": "node scripts/test-installer-target-self-update.mjs",
+    "test:installer-skill-directory": "node scripts/test-installer-skill-directory.mjs",
+    "test:installer-skill-dry-run-destinations": "node scripts/test-installer-skill-dry-run-destinations.mjs",
     "test:ldm-install-bin-shim": "node scripts/test-ldm-install-preserves-foreign-bin.mjs",
     "test:doctor-cron-target": "node scripts/test-doctor-cron-target.mjs",
     "test:bin-manifest": "node scripts/test-bin-manifest.mjs",
+    "test:crc-agentid-tenant-boundary": "node scripts/test-crc-agentid-tenant-boundary.mjs",
+    "test:crc-pair-login-flow": "node scripts/test-crc-pair-login-flow.mjs",
+    "test:crc-pair-status-poll-token": "node scripts/test-crc-pair-status-poll-token.mjs",
+    "test:crc-pair-relink-audit-and-rotation": "node scripts/test-crc-pair-relink-audit-and-rotation.mjs",
+    "test:crc-e2ee-key-persistence": "node scripts/test-crc-e2ee-key-persistence.mjs",
+    "test:crc-e2ee-session-route": "node scripts/test-crc-e2ee-session-route.mjs",
     "fmt": "npx prettier --write 'src/**/*.{ts,mjs}' 'lib/**/*.mjs' 'bin/**/*.js'",
     "fmt:check": "npx prettier --check 'src/**/*.{ts,mjs}' 'lib/**/*.mjs' 'bin/**/*.js'"
   },

package/scripts/test-crc-agentid-tenant-boundary.mjs

@@ -0,0 +1,80 @@
+import { createHash } from "node:crypto";
+import { readFileSync } from "node:fs";
+
+const server = readFileSync("src/hosted-mcp/server.mjs", "utf8");
+
+function assertContains(needle, label) {
+  if (!server.includes(needle)) {
+    throw new Error(`${label} missing expected text: ${needle}`);
+  }
+}
+
+function assertNotContains(needle, label) {
+  if (server.includes(needle)) {
+    throw new Error(`${label} still contains forbidden text: ${needle}`);
+  }
+}
+
+assertContains('const ACCOUNT_TENANT_PREFIX = "acct:";', "account tenant prefix");
+assertContains('const LEGACY_API_KEY_TENANT_PREFIX = "key:";', "legacy key tenant prefix");
+assertContains('function accountTenantIdForUserId(userId)', "account tenant helper");
+assertContains('function identityForApiKey(key)', "api key identity helper");
+assertContains('return identityForApiKey(key);', "http auth uses identity helper");
+assertContains("const agentId = accountTenantIdForUserId(stored.userId);", "registration uses immutable account tenant");
+assertContains("function sanitizeDisplayLabel(raw)", "display label sanitizer");
+assertContains('replace(/[\\u0000-\\u001f\\u007f]/g, "").replace(/\\s+/g, " ").trim().slice(0, 64)', "display label sanitizer preserves label semantics");
+assertContains("const displayLabel = sanitizeDisplayLabel(body?.displayName || body?.username);", "registration treats entered name as display label");
+assertContains("displayLabel,", "registration challenge stores display label");
+assertContains("await saveApiKey(apiKey, agentId, { handle: credentialLabel });", "registration stores handle separately");
+assertContains("p.handle = identity.handle;", "pair stores display handle separately");
+assertContains("handle: identity.handle,", "relay metadata returns display handle");
+assertContains("codexDaemons.has(identity.agentId)", "daemon presence uses tenant id");
+assertContains("codexDaemonPubkeyRegistry.get(identity.agentId)", "daemon pubkey uses tenant id");
+assertContains("agentId: identity.agentId,", "relay tickets bind tenant id");
+assertContains("handle: identity.handle,", "relay tickets preserve display handle");
+assertContains("codexDaemons.set(identity.agentId, ws);", "daemon ws keyed by tenant id");
+assertContains("const key = codexRelayKey(identity.agentId, threadId);", "web ws keyed by tenant id");
+assertContains("const daemonWs = codexDaemons.get(identity.agentId);", "web sends to tenant daemon");
+assertNotContains("const agentId = stored.username || (\"passkey-\"", "registration must not use chosen handle as tenant");
+assertNotContains("const existingKey = Object.entries(API_KEYS).find(([k, v]) => v === agentId);", "oauth must not reuse chosen handle as tenant");
+assertNotContains("function isUsernameTaken", "display labels must not be globally unique usernames");
+assertNotContains("function sanitizeUsername", "display labels must not be modeled as usernames");
+assertNotContains('json(res, 409, { error: "reserved_handle"', "display labels must not be blocked as reserved security handles");
+assertNotContains('json(res, 409, { error: "handle_taken"', "duplicate display labels must be allowed");
+
+function legacyTenantIdForApiKey(key) {
+  return "key:" + createHash("sha256").update(key).digest("base64url").slice(0, 32);
+}
+
+function accountTenantIdForUserId(userId) {
+  return "acct:" + userId;
+}
+
+const chosenHandle = "parker-smoke-test";
+const sharedDisplayLabel = "Parker";
+const accountA = accountTenantIdForUserId("user-a");
+const accountB = accountTenantIdForUserId("user-b");
+const threadId = "thread-019dfa";
+if (accountA === accountB) {
+  throw new Error("different user ids collapsed to one account tenant");
+}
+if (`${sharedDisplayLabel}:${threadId}` === `${accountA}:${threadId}` || `${sharedDisplayLabel}:${threadId}` === `${accountB}:${threadId}`) {
+  throw new Error("display label was used as a relay route key");
+}
+
+const legacyA = legacyTenantIdForApiKey("ck-a");
+const legacyB = legacyTenantIdForApiKey("ck-b");
+if (legacyA === legacyB) {
+  throw new Error("legacy API-key tenants collided");
+}
+
+const webKeyA = `${accountA}:${threadId}`;
+const webKeyB = `${accountB}:${threadId}`;
+if (webKeyA === webKeyB) {
+  throw new Error("same display handle can still collide across account tenants");
+}
+if (`${chosenHandle}:${threadId}` === webKeyA || `${chosenHandle}:${threadId}` === webKeyB) {
+  throw new Error("model still keys relay routes by display handle");
+}
+
+console.log("crc agentId tenant boundary checks passed");

package/scripts/test-crc-e2ee-key-persistence.mjs

@@ -0,0 +1,150 @@
+import { readFileSync } from "node:fs";
+import {
+  buildCodexBootstrapPayload,
+  createCodexDaemonPubkeyRegistry,
+} from "../src/hosted-mcp/codex-relay-e2ee-registry.mjs";
+
+const server = readFileSync("src/hosted-mcp/server.mjs", "utf8");
+const registrySource = readFileSync("src/hosted-mcp/codex-relay-e2ee-registry.mjs", "utf8");
+const deployScript = readFileSync("src/hosted-mcp/deploy.sh", "utf8");
+
+function assertContains(haystack, needle, label) {
+  if (!haystack.includes(needle)) {
+    throw new Error(`${label} missing expected text: ${needle}`);
+  }
+}
+
+function assertBefore(haystack, first, second, label) {
+  const firstIndex = haystack.indexOf(first);
+  const secondIndex = haystack.indexOf(second);
+  if (firstIndex === -1 || secondIndex === -1 || firstIndex >= secondIndex) {
+    throw new Error(`${label} expected "${first}" before "${second}"`);
+  }
+}
+
+function assert(condition, label, detail = "") {
+  if (!condition) throw new Error(`${label}${detail ? ": " + detail : ""}`);
+}
+
+function bootstrapPayloadFor(registry, identity, threadId, daemonOnline = true) {
+  return buildCodexBootstrapPayload({
+    identity,
+    threadId,
+    daemonOnline,
+    daemonKey: registry.get(identity.agentId),
+  });
+}
+
+function createFakePrisma() {
+  const rows = new Map();
+  return {
+    rows,
+    async $executeRawUnsafe(sql, tenantId, pubkey, cryptoVersionsJson) {
+      if (/CREATE TABLE IF NOT EXISTS codex_daemon_e2ee_keys/.test(sql)) return;
+      if (/CREATE TABLE IF NOT EXISTS codex_daemon_e2ee_key_audit/.test(sql)) return;
+      if (/INSERT INTO codex_daemon_e2ee_keys/.test(sql)) {
+        rows.set(tenantId, {
+          tenant_id: tenantId,
+          pubkey,
+          crypto_versions_json: cryptoVersionsJson,
+          registered_at: new Date("2026-05-11T17:37:18.000Z"),
+        });
+        return;
+      }
+      if (/INSERT INTO codex_daemon_e2ee_key_audit/.test(sql)) return;
+      throw new Error("unexpected fake prisma execute: " + sql);
+    },
+    async $queryRawUnsafe(sql) {
+      if (/FROM codex_daemon_e2ee_keys/.test(sql)) return [...rows.values()];
+      throw new Error("unexpected fake prisma query: " + sql);
+    },
+  };
+}
+
+function createSilentLogger() {
+  return { log() {}, error() {} };
+}
+
+assertContains(registrySource, "CREATE TABLE IF NOT EXISTS codex_daemon_e2ee_keys", "persistent key table");
+assertContains(registrySource, "async function loadFromDb()", "boot load helper");
+assertContains(registrySource, "async function persist(agentId, pubkey, cryptoVersions)", "persist helper");
+assertContains(registrySource, "function register(agentId, pubkey, cryptoVersions, source)", "registration helper");
+assertContains(registrySource, "pubkeys.set(agentId, {", "registration updates in-memory bootstrap cache");
+assertContains(registrySource, "return persist(agentId, pubkey, normalizedVersions)", "registration persists after cache update");
+assertContains(server, "await codexDaemonPubkeyRegistry.loadFromDb();", "server boot load call");
+assertContains(server, "await codexDaemonPubkeyRegistry.register(identity.agentId, p.daemon_public_key, p.crypto_versions, \"pair-complete\");", "pair-complete persists key");
+assertContains(server, "if (envelope?.type === \"daemon.identity\") {", "daemon reconnect identity frame");
+assertContains(server, "codexDaemonPubkeyRegistry.register(", "daemon reconnect register call");
+assertContains(server, "buildCodexBootstrapPayload({ identity, threadId, daemonOnline, daemonKey })", "bootstrap uses shared payload builder");
+assertContains(deployScript, "codex-relay-e2ee-registry.mjs", "hosted deploy copies registry module");
+assertBefore(
+  server,
+  "await codexDaemonPubkeyRegistry.loadFromDb();",
+  "function handleCodexBootstrap(req, res, threadId)",
+  "persisted keys load before bootstrap handler",
+);
+
+const identity = {
+  agentId: "acct:test-user-a",
+  tenantId: "acct:test-user-a",
+  handle: "Parker smoke test",
+  apiKey: "ck-test",
+};
+const threadId = "019dfa1e-0c3d-7f01-86b9-9a22cd452bde";
+
+const fakePrisma = createFakePrisma();
+const registryBeforeRestart = createCodexDaemonPubkeyRegistry({
+  usePrisma: true,
+  prisma: fakePrisma,
+  devMode: false,
+  logger: createSilentLogger(),
+});
+await registryBeforeRestart.register(identity.agentId, "spki-key-before-restart", ["e2ee-v1"], "pair-complete");
+
+const beforeRestartBootstrap = bootstrapPayloadFor(registryBeforeRestart, identity, threadId);
+assert(beforeRestartBootstrap.e2ee_available === true, "bootstrap reports e2ee before restart");
+assert(beforeRestartBootstrap.daemon_public_key === "spki-key-before-restart", "bootstrap returns registered daemon key before restart");
+
+const registryAfterRestart = createCodexDaemonPubkeyRegistry({
+  usePrisma: true,
+  prisma: fakePrisma,
+  devMode: false,
+  logger: createSilentLogger(),
+});
+await registryAfterRestart.loadFromDb();
+
+const afterRestartBootstrap = bootstrapPayloadFor(registryAfterRestart, identity, threadId);
+assert(afterRestartBootstrap.e2ee_available === true, "bootstrap reports e2ee after restart from persisted key");
+assert(afterRestartBootstrap.daemon_public_key === "spki-key-before-restart", "bootstrap restores persisted daemon key after restart");
+assert(afterRestartBootstrap.daemon_crypto_versions?.[0] === "e2ee-v1", "bootstrap restores crypto versions after restart");
+
+const emptyFakePrisma = createFakePrisma();
+const registryBeforeReconnect = createCodexDaemonPubkeyRegistry({
+  usePrisma: true,
+  prisma: emptyFakePrisma,
+  devMode: false,
+  logger: createSilentLogger(),
+});
+await registryBeforeReconnect.loadFromDb();
+const beforeReconnectBootstrap = bootstrapPayloadFor(registryBeforeReconnect, identity, threadId);
+assert(beforeReconnectBootstrap.e2ee_available === false, "bootstrap is not e2ee available before daemon reconnect when no key exists");
+assert(beforeReconnectBootstrap.daemon_public_key === null, "bootstrap has no daemon key before daemon reconnect");
+
+await registryBeforeReconnect.register(identity.agentId, "spki-key-from-daemon-reconnect", [], "daemon-reconnect");
+const afterReconnectBootstrap = bootstrapPayloadFor(registryBeforeReconnect, identity, threadId);
+assert(afterReconnectBootstrap.e2ee_available === true, "bootstrap reports e2ee after daemon reconnect self-heal");
+assert(afterReconnectBootstrap.daemon_public_key === "spki-key-from-daemon-reconnect", "bootstrap returns daemon reconnect key");
+assert(afterReconnectBootstrap.daemon_crypto_versions?.[0] === "e2ee-v1", "daemon reconnect defaults crypto version");
+
+const registryAfterReconnectRestart = createCodexDaemonPubkeyRegistry({
+  usePrisma: true,
+  prisma: emptyFakePrisma,
+  devMode: false,
+  logger: createSilentLogger(),
+});
+await registryAfterReconnectRestart.loadFromDb();
+const afterReconnectRestartBootstrap = bootstrapPayloadFor(registryAfterReconnectRestart, identity, threadId);
+assert(afterReconnectRestartBootstrap.e2ee_available === true, "daemon reconnect key is persisted for the next restart");
+assert(afterReconnectRestartBootstrap.daemon_public_key === "spki-key-from-daemon-reconnect", "daemon reconnect key survives restart");
+
+console.log("crc e2ee key persistence restart regression checks passed");

package/scripts/test-crc-e2ee-session-route.mjs

@@ -0,0 +1,129 @@
+import { readFileSync } from "node:fs";
+
+const server = readFileSync("src/hosted-mcp/server.mjs", "utf8");
+
+function assertContains(needle, label) {
+  if (!server.includes(needle)) {
+    throw new Error(`${label} missing expected text: ${needle}`);
+  }
+}
+
+function assertBefore(first, second, label) {
+  const firstIndex = server.indexOf(first);
+  const secondIndex = firstIndex === -1 ? -1 : server.indexOf(second, firstIndex + first.length);
+  if (firstIndex === -1 || secondIndex === -1 || firstIndex >= secondIndex) {
+    throw new Error(`${label} expected "${first}" before "${second}"`);
+  }
+}
+
+assertContains("const codexWebClients = new Map(); // `${agentId}:${threadId}` -> Set<ws>", "thread-keyed web client sets");
+assertContains("const codexE2eeSessionRoutes = new Map(); // `${agentId}:${e2eeSession}` -> { threadId, webKey, ws }", "e2ee session route map");
+assertContains("function registerCodexE2eeSessionRoute(agentId, e2eeSession, threadId, ws)", "route registration helper");
+assertContains("codexE2eeSessionRoutes.set(codexRelayKey(agentId, e2eeSession), { threadId, webKey, ws });", "route map stores e2ee session to thread");
+assertContains("function addCodexWebClient(webKey, ws)", "web client set add helper");
+assertContains("function removeCodexWebClient(webKey, ws)", "web client set remove helper");
+assertContains("function openCodexWebClientsForKey(webKey)", "web client set read helper");
+assertContains("function resolveCodexWebClientsForDaemonFrame(agentId, routeId)", "daemon route resolver");
+assertContains("const routed = codexE2eeSessionRoutes.get(codexRelayKey(agentId, routeId));", "daemon route lookup uses e2ee session map");
+assertContains("if (routed && routed.ws && routed.ws.readyState === routed.ws.OPEN) return [routed.ws];", "daemon route resolves to active owner socket");
+assertContains("return openCodexWebClientsForKey(codexRelayKey(agentId, routeId));", "daemon route keeps direct thread fallback");
+assertContains("const targets = resolveCodexWebClientsForDaemonFrame(identity.agentId, sessionId);", "daemon frames use route resolver");
+assertContains("for (const target of targets) {", "daemon frames send to every resolved target");
+assertContains("if (isCodexE2eeEnvelope(envelope) && envelope.session) {", "web e2ee messages are detected");
+assertContains("envelope.route_thread_id = threadId;", "relay injects ticket-bound thread into e2ee hello");
+assertContains("text = JSON.stringify(envelope);", "relay forwards the route-bound e2ee hello");
+assertContains("registerCodexE2eeSessionRoute(identity.agentId, envelope.session, threadId, ws);", "web e2ee session is registered");
+assertContains("const clientCount = addCodexWebClient(key, ws);", "new web connections are added without replacing existing clients");
+assertContains("removeCodexWebClient(key, ws);", "close cleanup removes only the closing socket");
+assertContains("removeCodexE2eeRoutesForWeb(identity.agentId, threadId, ws);", "close cleanup");
+assertContains("if (route.webKey === webKey && (!ws || route.ws === ws)) {", "cleanup only removes routes owned by the closing socket");
+assertBefore(
+  "envelope.route_thread_id = threadId;",
+  "daemonWs.send(text);",
+  "web route thread is injected before forwarding to daemon",
+);
+assertBefore(
+  "registerCodexE2eeSessionRoute(identity.agentId, envelope.session, threadId, ws);",
+  "daemonWs.send(text);",
+  "web session route registered before forwarding to daemon",
+);
+if (server.includes("const previous = codexWebClients.get(key);")) {
+  throw new Error("web client replacement lookup is still present");
+}
+if (server.includes("codexWebClients.set(key, ws);")) {
+  throw new Error("web client singleton set is still present");
+}
+
+const OPEN = 1;
+const agentId = "parker-smoke-test";
+const threadId = "thread-123";
+const e2eeSession = "e2ee-random-session-456";
+if (e2eeSession === threadId) {
+  throw new Error("test setup must use a random E2EE session distinct from threadId");
+}
+
+const modelWebClients = new Map();
+const modelRoutes = new Map();
+const webSocketA = { readyState: OPEN, OPEN };
+const webSocketB = { readyState: OPEN, OPEN };
+const webSocketC = { readyState: OPEN, OPEN };
+const webKey = `${agentId}:${threadId}`;
+
+function modelAddWebClient(ws) {
+  let clients = modelWebClients.get(webKey);
+  if (!clients) {
+    clients = new Set();
+    modelWebClients.set(webKey, clients);
+  }
+  clients.add(ws);
+}
+
+function modelRegister(session, ws) {
+  modelRoutes.set(`${agentId}:${session}`, { webKey, ws });
+}
+
+function modelResolve(routeId) {
+  const route = modelRoutes.get(`${agentId}:${routeId}`);
+  if (route && route.ws.readyState === route.ws.OPEN) return [route.ws];
+  const clients = modelWebClients.get(`${agentId}:${routeId}`) || new Set();
+  return [...clients].filter((webWs) => webWs.readyState === webWs.OPEN);
+}
+
+function modelRemoveOwnedRoutes(ws) {
+  for (const [routeKey, route] of modelRoutes) {
+    if (route.webKey === webKey && route.ws === ws) modelRoutes.delete(routeKey);
+  }
+}
+
+function modelRemoveWebClient(ws) {
+  const clients = modelWebClients.get(webKey);
+  if (!clients) return;
+  clients.delete(ws);
+  if (clients.size === 0) modelWebClients.delete(webKey);
+}
+
+modelAddWebClient(webSocketA);
+modelAddWebClient(webSocketB);
+modelRegister(e2eeSession, webSocketA);
+if (modelResolve(e2eeSession)[0] !== webSocketA) {
+  throw new Error("random E2EE session did not route to the owning thread web socket");
+}
+const threadTargets = modelResolve(threadId);
+if (threadTargets.length !== 2 || !threadTargets.includes(webSocketA) || !threadTargets.includes(webSocketB)) {
+  throw new Error("direct thread fallback did not broadcast to every thread web socket");
+}
+
+modelRemoveOwnedRoutes(webSocketA);
+modelRemoveWebClient(webSocketA);
+modelAddWebClient(webSocketC);
+modelRegister(e2eeSession, webSocketC);
+modelRemoveOwnedRoutes(webSocketA);
+if (modelResolve(e2eeSession)[0] !== webSocketC) {
+  throw new Error("old socket cleanup removed or stole the replacement E2EE route");
+}
+const remainingThreadTargets = modelResolve(threadId);
+if (remainingThreadTargets.length !== 2 || !remainingThreadTargets.includes(webSocketB) || !remainingThreadTargets.includes(webSocketC)) {
+  throw new Error("closing one web socket removed another browser client");
+}
+
+console.log("crc e2ee session route checks passed");

package/scripts/test-crc-pair-login-flow.mjs

@@ -0,0 +1,40 @@
+import { readFileSync } from "node:fs";
+
+const server = readFileSync("src/hosted-mcp/server.mjs", "utf8");
+const loginFiles = [
+  "src/hosted-mcp/app/kaleidoscope-login.html",
+  "src/hosted-mcp/demo/login.html",
+];
+
+function assertContains(source, needle, label) {
+  if (!source.includes(needle)) {
+    throw new Error(`${label} missing expected text: ${needle}`);
+  }
+}
+
+function assertBefore(source, first, second, label) {
+  const firstIndex = source.indexOf(first);
+  const secondIndex = source.indexOf(second);
+  if (firstIndex === -1 || secondIndex === -1 || firstIndex >= secondIndex) {
+    throw new Error(`${label} expected "${first}" before "${second}"`);
+  }
+}
+
+assertContains(server, "const PAIR_NEXT_REGEX = /^\\/pair\\/[ABCDEFGHJKLMNPQRSTUVWXYZ23456789]{6}$/;", "server pair regex");
+assertContains(server, "const REMOTE_CONTROL_NEXT_REGEX = /^\\/codex-remote-control\\/", "server remote-control regex");
+assertContains(server, "purpose,           // \"pair\" | null", "server stores pair purpose");
+assertContains(server, "next: next || null, // sanitized `/pair/<CODE>` or null", "server stores sanitized next");
+assertContains(server, "json(res, 200, { status: \"approved\", agentId: entry.agentId });", "server strips desktop pair status");
+assertContains(server, "json(res, 200, { ok: true, next: entry.next });", "server returns next to phone approve");
+
+for (const file of loginFiles) {
+  const html = readFileSync(file, "utf8");
+  assertContains(html, "function isPairNextOnDesktop()", `${file} desktop pair helper`);
+  assertContains(html, "} else if (isPairNextOnDesktop()) {", `${file} auto-start desktop pair QR`);
+  assertContains(html, "startQrLogin('', 'signin');", `${file} pair QR uses sign-in mode`);
+  assertContains(html, "if (approveResponse && typeof approveResponse.next === 'string' && isWhitelistedNext(approveResponse.next))", `${file} consumes approve next`);
+  assertContains(html, "if (urlNext && PAIR_NEXT_REGEX.test(urlNext))", `${file} desktop pair approved branch`);
+  assertBefore(html, "if (isPairNextOnDesktop() && !qrSessionMode)", "if (needsCustomQR() && !qrSessionMode)", `${file} create button forces pair QR before normal QR fallback`);
+}
+
+console.log("crc pair login flow checks passed");