agent-relay-server 0.15.1 → 0.16.0

package/src/insights-db.ts

@@ -77,7 +77,7 @@ export function recordObservation(input: RecordObservationInput): InsightObserva
   const now = input.createdAt ?? Date.now();
 
   const result = getDb()
-    .prepare(
+    .query(
       `INSERT INTO insights_observations (session_id, agent_id, project, signal, value, outcome, source, created_at)
        VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
     )
@@ -95,7 +95,7 @@ export function recordObservation(input: RecordObservationInput): InsightObserva
 }
 
 export function getObservation(id: number): InsightObservation | null {
-  const row = getDb().prepare("SELECT * FROM insights_observations WHERE id = ?").get(id) as ObservationRow | undefined;
+  const row = getDb().query("SELECT * FROM insights_observations WHERE id = ?").get(id) as ObservationRow | undefined;
   return row ? rowToObservation(row) : null;
 }
 
@@ -124,7 +124,7 @@ export function listObservations(query: ListObservationsQuery = {}): InsightObse
   const where = clauses.length ? `WHERE ${clauses.join(" AND ")}` : "";
   const limit = Math.min(Math.max(query.limit ?? 200, 1), 1000);
   const rows = getDb()
-    .prepare(`SELECT * FROM insights_observations ${where} ORDER BY created_at DESC, id DESC LIMIT ?`)
+    .query(`SELECT * FROM insights_observations ${where} ORDER BY created_at DESC, id DESC LIMIT ?`)
     .all(...args, limit) as ObservationRow[];
   return rows.map(rowToObservation);
 }
@@ -139,7 +139,7 @@ export function getObservationStats(signal?: string): InsightsStats[] {
   const signalFilter = signal ? "WHERE signal = ?" : "";
   const args = signal ? [signal] : [];
   const perProject = getDb()
-    .prepare(
+    .query(
       `SELECT signal, project,
               COUNT(*) AS count,
               AVG(CAST(json_extract(value, '$.ratio') AS REAL)) AS avg_ratio,
@@ -152,7 +152,7 @@ export function getObservationStats(signal?: string): InsightsStats[] {
     .all(...args) as Array<{ signal: string; project: string; count: number; avg_ratio: number | null; last_at: number | null }>;
 
   const global = getDb()
-    .prepare(
+    .query(
       `SELECT signal,
               COUNT(*) AS count,
               AVG(CAST(json_extract(value, '$.ratio') AS REAL)) AS avg_ratio,
@@ -173,7 +173,7 @@ export function getObservationStats(signal?: string): InsightsStats[] {
 /** Distinct projects that have produced at least one observation — feeds per-project baselines. */
 export function listObservationProjects(): string[] {
   const rows = getDb()
-    .prepare("SELECT DISTINCT project FROM insights_observations ORDER BY project ASC")
+    .query("SELECT DISTINCT project FROM insights_observations ORDER BY project ASC")
     .all() as Array<{ project: string }>;
   return rows.map((r) => r.project);
 }

package/src/lifecycle-manager.ts

@@ -472,7 +472,7 @@ export class LifecycleManager {
   }
 
   private lastActivityAt(agentId: string): number {
-    const row = getDb().prepare(`
+    const row = getDb().query(`
       SELECT max(created_at) AS at
       FROM messages
       WHERE from_agent = ? OR to_target = ? OR resolved_to_agent = ?
@@ -481,12 +481,12 @@ export class LifecycleManager {
   }
 
   private hasQueuedMessages(policyName: string): boolean {
-    const row = getDb().prepare("SELECT 1 FROM messages WHERE to_target = ? AND delivery_status = 'queued' LIMIT 1").get(`policy:${policyName}`);
+    const row = getDb().query("SELECT 1 FROM messages WHERE to_target = ? AND delivery_status = 'queued' LIMIT 1").get(`policy:${policyName}`);
     return Boolean(row);
   }
 
   private hasActiveCommand(target: string, type: string): boolean {
-    const row = getDb().prepare("SELECT 1 FROM commands WHERE target = ? AND type = ? AND status IN ('pending', 'accepted', 'running') LIMIT 1").get(target, type);
+    const row = getDb().query("SELECT 1 FROM commands WHERE target = ? AND type = ? AND status IN ('pending', 'accepted', 'running') LIMIT 1").get(target, type);
     return Boolean(row);
   }
 

package/src/maintenance.ts

@@ -26,6 +26,7 @@ import {
   releaseExpiredClaims,
   releaseExpiredMergeLeases,
   releaseOrphanedTasks,
+  runDbMaintenance,
   sendMessage,
   sweepArtifacts,
   updateWorkspaceStatus,
@@ -56,6 +57,11 @@ const OUTBOX_RETENTION_MS = Number(process.env.AGENT_RELAY_OUTBOX_RETENTION_MS)
 const TOKEN_RECORD_RETENTION_SECONDS = Number(process.env.AGENT_RELAY_TOKEN_RECORD_RETENTION_SECONDS) || 7 * 24 * 60 * 60;
 const CONFLICT_SCAN_INTERVAL_MS = Number(process.env.AGENT_RELAY_CONFLICT_SCAN_INTERVAL_MS) || 2 * 60 * 1000;
 const WORKSPACE_RETENTION_MS = Number(process.env.AGENT_RELAY_WORKSPACE_RETENTION_MS) || DAY_MS;
+const DB_MAINTENANCE_INTERVAL_MS = Number(process.env.AGENT_RELAY_DB_MAINTENANCE_INTERVAL_MS) || DAY_MS;
+// VACUUM rewrites the whole file (auto_vacuum is off), so run it sparingly.
+// Default: every 7th db-maintenance pass (~weekly at the default daily interval).
+const DB_VACUUM_EVERY = Number(process.env.AGENT_RELAY_DB_VACUUM_EVERY) || 7;
+let dbMaintenanceRuns = 0;
 const WORKSPACE_REVIEW_TTL_MS = Number(process.env.AGENT_RELAY_WORKSPACE_REVIEW_TTL_MS) || 3 * DAY_MS;
 const WORKSPACE_GC_INTERVAL_MS = Number(process.env.AGENT_RELAY_WORKSPACE_GC_INTERVAL_MS) || 60 * 60 * 1000;
 // Deterministic auto-land (Layer 0): merge clean fast-forwards with no human in
@@ -305,6 +311,19 @@ const definitions: MaintenanceJobDefinition[] = [
       return { prunedMessages: pruneOldMessages(retentionDays * DAY_MS) };
     },
   },
+  {
+    id: "db-maintenance",
+    title: "Database maintenance",
+    description: "Refresh planner stats (ANALYZE + optimize), truncate the WAL, and periodically VACUUM to reclaim space.",
+    intervalMs: DB_MAINTENANCE_INTERVAL_MS,
+    runOnStart: false,
+    timeoutMs: 5 * 60 * 1000,
+    handler() {
+      dbMaintenanceRuns += 1;
+      const vacuum = DB_VACUUM_EVERY > 0 && dbMaintenanceRuns % DB_VACUUM_EVERY === 0;
+      return runDbMaintenance({ vacuum });
+    },
+  },
   {
     id: "bus-outbox-prune",
     title: "Bus outbox prune",
@@ -867,7 +886,7 @@ export function startMaintenanceScheduler(): void {
 
 export function listMaintenanceJobs(): MaintenanceJob[] {
   ensureMaintenanceJobs();
-  const rows = getDb().prepare("SELECT * FROM maintenance_jobs ORDER BY title COLLATE NOCASE ASC").all() as MaintenanceJobRow[];
+  const rows = getDb().query("SELECT * FROM maintenance_jobs ORDER BY title COLLATE NOCASE ASC").all() as MaintenanceJobRow[];
   const now = Date.now();
   return rows.map((row) => rowToJob(row, now));
 }
@@ -895,7 +914,7 @@ async function runMaintenanceJobsNow(ids: string[]): Promise<MaintenanceJobRun[]
 async function runDueMaintenanceJobs(): Promise<void> {
   ensureMaintenanceJobs();
   const now = Date.now();
-  const rows = getDb().prepare(`
+  const rows = getDb().query(`
     SELECT id FROM maintenance_jobs
     WHERE enabled = 1
       AND next_run_at IS NOT NULL
@@ -914,7 +933,7 @@ async function runDueMaintenanceJobs(): Promise<void> {
 function ensureMaintenanceJobs(): void {
   const db = getDb();
   const now = Date.now();
-  const stmt = db.prepare(`
+  const stmt = db.query(`
     INSERT INTO maintenance_jobs (id, title, description, interval_ms, timeout_ms, enabled, run_on_start, next_run_at, updated_at)
     VALUES (?, ?, ?, ?, ?, 1, ?, ?, ?)
     ON CONFLICT(id) DO UPDATE SET
@@ -946,7 +965,7 @@ async function runJob(definition: MaintenanceJobDefinition, options: { force?: b
   const owner = `${process.pid}-${randomUUID()}`;
   const timeoutMs = definition.timeoutMs ?? DEFAULT_TIMEOUT_MS;
   const leaseUntil = startedAt + timeoutMs + 5_000;
-  const claim = db.prepare(`
+  const claim = db.query(`
     UPDATE maintenance_jobs
     SET lease_owner = ?, lease_until = ?, last_status = 'running', updated_at = ?
     WHERE id = ?
@@ -963,7 +982,7 @@ async function runJob(definition: MaintenanceJobDefinition, options: { force?: b
     const result = await withTimeout(Promise.resolve(definition.handler()), timeoutMs);
     const finishedAt = Date.now();
     const durationMs = finishedAt - startedAt;
-    db.prepare(`
+    db.query(`
       UPDATE maintenance_jobs
       SET last_run_at = ?, next_run_at = ?, last_duration_ms = ?, last_status = 'succeeded',
           last_error = NULL, last_result = ?, consecutive_failures = 0,
@@ -975,7 +994,7 @@ async function runJob(definition: MaintenanceJobDefinition, options: { force?: b
     const finishedAt = Date.now();
     const durationMs = finishedAt - startedAt;
     const message = error instanceof Error ? error.message : String(error);
-    db.prepare(`
+    db.query(`
       UPDATE maintenance_jobs
       SET last_run_at = ?, next_run_at = ?, last_duration_ms = ?, last_status = 'failed',
           last_error = ?, consecutive_failures = consecutive_failures + 1,

package/src/memory-sqlite-broker.ts

@@ -86,10 +86,10 @@ export class SqliteMemoryBroker implements MemoryBroker {
       expiresAt: input.ttlMs === undefined ? undefined : now + input.ttlMs,
     }, { now });
     const contentHash = memoryContentHash(memory);
-    const existing = this.db.prepare("SELECT * FROM memories WHERE content_hash = ? ORDER BY updated_at DESC LIMIT 1").get(contentHash) as MemoryRow | undefined;
+    const existing = this.db.query("SELECT * FROM memories WHERE content_hash = ? ORDER BY updated_at DESC LIMIT 1").get(contentHash) as MemoryRow | undefined;
     if (existing) return rowToMemory(existing);
 
-    this.db.prepare(`
+    this.db.query(`
       INSERT INTO memories (
         id, type, scope, title, content, tags, visibility, sensitivity, confidence, redaction_state,
         relevance_score, source_agent, source_task, created_by, content_hash, metadata, access_count,
@@ -124,7 +124,7 @@ export class SqliteMemoryBroker implements MemoryBroker {
   }
 
   async get(id: string, _ctx: MemoryBrokerContext): Promise<Memory | null> {
-    const row = this.db.prepare("SELECT * FROM memories WHERE id = ?").get(id) as MemoryRow | undefined;
+    const row = this.db.query("SELECT * FROM memories WHERE id = ?").get(id) as MemoryRow | undefined;
     return row ? rowToMemory(row) : null;
   }
 
@@ -156,7 +156,7 @@ export class SqliteMemoryBroker implements MemoryBroker {
     }, { now: ctx.now });
     const contentHash = memoryContentHash(next);
 
-    this.db.prepare(`
+    this.db.query(`
       UPDATE memories SET
         title = ?,
         content = ?,
@@ -191,12 +191,12 @@ export class SqliteMemoryBroker implements MemoryBroker {
   }
 
   async delete(id: string, _ctx: MemoryBrokerContext): Promise<void> {
-    this.db.prepare("DELETE FROM memories WHERE id = ?").run(id);
+    this.db.query("DELETE FROM memories WHERE id = ?").run(id);
   }
 
   async stats(ctx: MemoryBrokerContext): Promise<MemoryStats> {
     const memories = filterMemoriesForQuery(
-      (this.db.prepare("SELECT * FROM memories").all() as MemoryRow[]).map(rowToMemory),
+      (this.db.query("SELECT * FROM memories").all() as MemoryRow[]).map(rowToMemory),
       {},
       ctx,
     );
@@ -243,12 +243,12 @@ export class SqliteMemoryBroker implements MemoryBroker {
 
   async markInjected(agentId: string, memoryIds: string[], ctx: MemoryBrokerContext): Promise<void> {
     const uniqueIds = [...new Set(memoryIds)];
-    const insert = this.db.prepare(`
+    const insert = this.db.query(`
       INSERT INTO agent_active_memories (agent_id, memory_id, loaded_at)
       VALUES (?, ?, ?)
       ON CONFLICT(agent_id, memory_id) DO UPDATE SET loaded_at = excluded.loaded_at
     `);
-    const touch = this.db.prepare("UPDATE memories SET access_count = access_count + 1, last_accessed_at = ? WHERE id = ?");
+    const touch = this.db.query("UPDATE memories SET access_count = access_count + 1, last_accessed_at = ? WHERE id = ?");
     const tx = this.db.transaction(() => {
       for (const memoryId of uniqueIds) {
         insert.run(agentId, memoryId, ctx.now);
@@ -259,11 +259,11 @@ export class SqliteMemoryBroker implements MemoryBroker {
   }
 
   async clearActive(agentId: string, _reason: ActiveMemoryClearReason, _ctx: MemoryBrokerContext): Promise<void> {
-    this.db.prepare("DELETE FROM agent_active_memories WHERE agent_id = ?").run(agentId);
+    this.db.query("DELETE FROM agent_active_memories WHERE agent_id = ?").run(agentId);
   }
 
   async listActive(agentId: string, ctx: MemoryBrokerContext): Promise<Memory[]> {
-    const rows = this.db.prepare(`
+    const rows = this.db.query(`
       SELECT memories.*
       FROM agent_active_memories
       JOIN memories ON memories.id = agent_active_memories.memory_id
@@ -274,7 +274,7 @@ export class SqliteMemoryBroker implements MemoryBroker {
   }
 
   listActiveMemoryIds(agentId: string): string[] {
-    return (this.db.prepare("SELECT memory_id FROM agent_active_memories WHERE agent_id = ? ORDER BY loaded_at DESC").all(agentId) as Array<{ memory_id: string }>).map((row) => row.memory_id);
+    return (this.db.query("SELECT memory_id FROM agent_active_memories WHERE agent_id = ? ORDER BY loaded_at DESC").all(agentId) as Array<{ memory_id: string }>).map((row) => row.memory_id);
   }
 
   private queryRows(query: MemoryQuery): MemoryRow[] {
@@ -293,7 +293,7 @@ export class SqliteMemoryBroker implements MemoryBroker {
       params.push(query.visibility);
     }
     sql += " ORDER BY relevance_score DESC, updated_at DESC";
-    return this.db.prepare(sql).all(...params) as MemoryRow[];
+    return this.db.query(sql).all(...params) as MemoryRow[];
   }
 
   private get db(): Database {

package/src/provider-catalog-store.ts

@@ -36,7 +36,7 @@ interface ProviderModelOverrideInput {
 
 function listProviderModelOverrides(): ProviderModelOverride[] {
   const rows = getDb()
-    .prepare("SELECT * FROM provider_model_overrides ORDER BY provider ASC, alias ASC")
+    .query("SELECT * FROM provider_model_overrides ORDER BY provider ASC, alias ASC")
     .all() as ProviderModelOverrideRow[];
   return rows.map(rowToOverride).filter((entry): entry is ProviderModelOverride => Boolean(entry));
 }
@@ -44,7 +44,7 @@ function listProviderModelOverrides(): ProviderModelOverride[] {
 export function upsertProviderModelOverride(input: ProviderModelOverrideInput): ProviderModelOverride {
   const normalized = normalizeOverrideInput(input);
   const now = Date.now();
-  getDb().prepare(`
+  getDb().query(`
     INSERT INTO provider_model_overrides (provider, alias, entry, deleted, updated_at, updated_by)
     VALUES (?, ?, ?, ?, ?, ?)
     ON CONFLICT(provider, alias) DO UPDATE SET

package/src/recipe-db.ts

@@ -53,7 +53,7 @@ export function validateRecipeArtifactRefs(refs: AttachmentRef[]): void {
 export function createRecipeInstance(input: CreateRecipeInstanceInput): RecipeInstance {
   const now = Date.now();
   const id = randomUUID();
-  getDb().prepare(`
+  getDb().query(`
     INSERT INTO recipe_instances (id, recipe_name, recipe_source, cwd, orchestrator_id, status, started_by, started_at)
     VALUES (?, ?, ?, ?, ?, ?, ?, ?)
   `).run(id, input.recipeName, input.recipeSource, input.cwd, input.orchestratorId, "starting", input.startedBy, now);
@@ -81,13 +81,13 @@ export function linkRecipeArtifacts(instanceId: string, refs: AttachmentRef[], c
 
 export function listRecipeInstances(status?: RecipeInstanceStatus): RecipeInstance[] {
   const rows = status
-    ? getDb().prepare("SELECT * FROM recipe_instances WHERE status = ? ORDER BY started_at DESC").all(status)
-    : getDb().prepare("SELECT * FROM recipe_instances ORDER BY started_at DESC").all();
+    ? getDb().query("SELECT * FROM recipe_instances WHERE status = ? ORDER BY started_at DESC").all(status)
+    : getDb().query("SELECT * FROM recipe_instances ORDER BY started_at DESC").all();
   return (rows as RecipeInstanceRow[]).map(rowToRecipeInstance);
 }
 
 export function getRecipeInstance(id: string): RecipeInstance | null {
-  const row = getDb().prepare("SELECT * FROM recipe_instances WHERE id = ?").get(id) as RecipeInstanceRow | undefined;
+  const row = getDb().query("SELECT * FROM recipe_instances WHERE id = ?").get(id) as RecipeInstanceRow | undefined;
   return row ? rowToRecipeInstance(row) : null;
 }
 
@@ -97,7 +97,7 @@ export function updateRecipeInstance(
 ): RecipeInstance | null {
   const existing = getRecipeInstance(id);
   if (!existing) return null;
-  getDb().prepare(`
+  getDb().query(`
     UPDATE recipe_instances
     SET status = ?, error = ?, stopped_at = ?
     WHERE id = ?
@@ -111,7 +111,7 @@ export function updateRecipeInstance(
 }
 
 export function upsertRecipeAgentInstance(input: UpsertRecipeAgentInstanceInput): RecipeAgentInstance {
-  getDb().prepare(`
+  getDb().query(`
     INSERT INTO recipe_agent_instances (instance_id, role, agent_id, provider, status, idx)
     VALUES (?, ?, ?, ?, ?, ?)
     ON CONFLICT(instance_id, role, agent_id) DO UPDATE SET
@@ -128,7 +128,7 @@ export function updateRecipeAgentInstance(
   agentId: string,
   status: RecipeAgentStatus,
 ): RecipeAgentInstance | null {
-  const changed = getDb().prepare(`
+  const changed = getDb().query(`
     UPDATE recipe_agent_instances
     SET status = ?
     WHERE instance_id = ? AND agent_id = ?
@@ -143,7 +143,7 @@ export function replaceRecipeAgentInstanceAgentId(
   nextAgentId: string,
   status: RecipeAgentStatus,
 ): RecipeAgentInstance | null {
-  const changed = getDb().prepare(`
+  const changed = getDb().query(`
     UPDATE recipe_agent_instances
     SET agent_id = ?, status = ?
     WHERE instance_id = ? AND agent_id = ?
@@ -153,7 +153,7 @@ export function replaceRecipeAgentInstanceAgentId(
 }
 
 function listRecipeAgentInstances(instanceId: string): RecipeAgentInstance[] {
-  const rows = getDb().prepare(`
+  const rows = getDb().query(`
     SELECT * FROM recipe_agent_instances
     WHERE instance_id = ?
     ORDER BY role ASC, idx ASC, agent_id ASC

package/src/security.ts

@@ -453,7 +453,7 @@ function isTokenConstraints(value: unknown): value is TokenConstraints {
 
 function isTokenRevoked(jti: string): boolean {
   try {
-    const row = getDb().prepare("SELECT revoked_at FROM tokens WHERE jti = ?").get(jti) as { revoked_at?: number | null } | undefined;
+    const row = getDb().query("SELECT revoked_at FROM tokens WHERE jti = ?").get(jti) as { revoked_at?: number | null } | undefined;
     return Boolean(row?.revoked_at);
   } catch {
     return false;

package/src/token-db.ts

@@ -143,7 +143,7 @@ export function createToken(input: {
     jti,
   };
   const token = signComponentToken(payload);
-  getDb().prepare(`
+  getDb().query(`
     INSERT INTO tokens (jti, sub, role, scope, constraints, profile_id, issued_at, expires_at, created_by)
     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
   `).run(jti, input.sub, role, JSON.stringify(scope), constraints ? JSON.stringify(constraints) : null, profile?.id ?? null, now, expiresAt ?? null, input.createdBy ?? null);
@@ -151,17 +151,17 @@ export function createToken(input: {
 }
 
 export function listTokens(): TokenRecord[] {
-  const rows = getDb().prepare("SELECT * FROM tokens ORDER BY issued_at DESC").all() as TokenRow[];
+  const rows = getDb().query("SELECT * FROM tokens ORDER BY issued_at DESC").all() as TokenRow[];
   return rows.map(rowToToken);
 }
 
 export function getToken(jti: string): TokenRecord | null {
-  const row = getDb().prepare("SELECT * FROM tokens WHERE jti = ?").get(jti) as TokenRow | undefined;
+  const row = getDb().query("SELECT * FROM tokens WHERE jti = ?").get(jti) as TokenRow | undefined;
   return row ? rowToToken(row) : null;
 }
 
 export function revokeToken(jti: string): boolean {
-  return getDb().prepare("UPDATE tokens SET revoked_at = ? WHERE jti = ? AND revoked_at IS NULL").run(Math.floor(Date.now() / 1000), jti).changes > 0;
+  return getDb().query("UPDATE tokens SET revoked_at = ? WHERE jti = ? AND revoked_at IS NULL").run(Math.floor(Date.now() / 1000), jti).changes > 0;
 }
 
 export function renewToken(input: {
@@ -192,7 +192,7 @@ export function pruneExpiredTokenRecords(input: {
   const retentionSeconds = input.retentionSeconds ?? 7 * 24 * 60 * 60;
   const nowSeconds = input.nowSeconds ?? Math.floor(Date.now() / 1000);
   const cutoff = nowSeconds - retentionSeconds;
-  const rows = getDb().prepare(`
+  const rows = getDb().query(`
     DELETE FROM tokens
     WHERE (expires_at IS NOT NULL AND expires_at <= ?)
        OR (revoked_at IS NOT NULL AND revoked_at <= ?)
@@ -203,13 +203,13 @@ export function pruneExpiredTokenRecords(input: {
 
 export function listTokenProfiles(): TokenProfile[] {
   ensureBuiltInTokenProfiles();
-  const rows = getDb().prepare("SELECT * FROM token_profiles ORDER BY built_in DESC, name COLLATE NOCASE ASC").all() as TokenProfileRow[];
+  const rows = getDb().query("SELECT * FROM token_profiles ORDER BY built_in DESC, name COLLATE NOCASE ASC").all() as TokenProfileRow[];
   return rows.map(rowToProfile);
 }
 
 export function getTokenProfile(id: string): TokenProfile | null {
   ensureBuiltInTokenProfiles();
-  const row = getDb().prepare("SELECT * FROM token_profiles WHERE id = ?").get(id) as TokenProfileRow | undefined;
+  const row = getDb().query("SELECT * FROM token_profiles WHERE id = ?").get(id) as TokenProfileRow | undefined;
   return row ? rowToProfile(row) : null;
 }
 
@@ -219,7 +219,7 @@ export function upsertTokenProfile(input: CreateTokenProfileInput): TokenProfile
   const id = input.id ?? slugify(input.name);
   const existing = getTokenProfile(id);
   if (existing?.builtIn) throw new Error("built-in token profiles cannot be modified");
-  getDb().prepare(`
+  getDb().query(`
     INSERT INTO token_profiles (id, name, description, role, scope, constraints, ttl_seconds, built_in, created_at, updated_at, created_by)
     VALUES (?, ?, ?, ?, ?, ?, ?, 0, ?, ?, ?)
     ON CONFLICT(id) DO UPDATE SET
@@ -268,12 +268,12 @@ export function updateTokenProfile(id: string, patch: UpdateTokenProfileInput):
 
 export function deleteTokenProfile(id: string): boolean {
   ensureBuiltInTokenProfiles();
-  return getDb().prepare("DELETE FROM token_profiles WHERE id = ? AND built_in = 0").run(id).changes > 0;
+  return getDb().query("DELETE FROM token_profiles WHERE id = ? AND built_in = 0").run(id).changes > 0;
 }
 
 function ensureBuiltInTokenProfiles(): void {
   const now = Date.now();
-  const stmt = getDb().prepare(`
+  const stmt = getDb().query(`
     INSERT INTO token_profiles (id, name, description, role, scope, constraints, ttl_seconds, built_in, created_at, updated_at, created_by)
     VALUES (?, ?, ?, ?, ?, ?, ?, 1, ?, ?, ?)
     ON CONFLICT(id) DO UPDATE SET