aiden-runtime 4.9.1 → 4.9.3

package/README.md

@@ -105,6 +105,13 @@ Windows · Linux · WSL · macOS (API Mode)
 
 
 
+https://github.com/user-attachments/assets/1081e5c5-f1ec-4980-b710-1640981ec58b
+
+
+
+
+
+
 > A semi-autonomous AI agent that runs on your machine. Touches your files, browser, and shell. Remembers what matters. Built solo. Open source. Still rough in spots.
 
 <br>
@@ -130,7 +137,13 @@ Drop a file in `~/Documents/inbox/anything.txt` and Aiden acts on it. The agent
 
 <br>
 
-![Aiden in action](docs/screenshots/autonomy.png)
+
+
+
+
+https://github.com/user-attachments/assets/7a66bc19-8b17-4b01-be85-3aa5945a1b3b
+
+
 
 <br>
 
@@ -219,6 +232,13 @@ Full v4.5 internals: [`docs/v4.5/`](docs/v4.5/) (overview, triggers, architectur
 | **MCP** | Model Context Protocol bridge — stdio + HTTP transports, schema discovery, tool dispatch. |
 | **Security moat** | Tiered approval engine (`safe` / `caution` / `dangerous`), dangerous-command pattern classifier, honesty enforcement (post-loop scan rewrites false claims), memory guard, planner-guard tool narrowing, SSRF-safe URL fetcher, secret/PII pre-write scanner, skill-teacher (auto-create skills from successful flows). |
 
+
+
+
+https://github.com/user-attachments/assets/a76bf4a5-28ca-43b5-8975-5ef0a66ee90d
+
+
+
 <br>
 
 ## Architecture
@@ -229,6 +249,13 @@ Detailed diagrams + module map in [`docs/v4.5/architecture.md`](docs/v4.5/archit
 
 <br>
 
+
+
+
+https://github.com/user-attachments/assets/323c9aa7-959a-425a-a5b3-4bae2b1a14bc
+
+
+
 ## Install + first run
 
 ### Linux / WSL / macOS (one-line)
@@ -285,6 +312,10 @@ Remove-Item -Recurse -Force $env:LOCALAPPDATA\aiden
 <img width="938" height="1049" alt="preview (3)" src="https://github.com/user-attachments/assets/4e32ae38-74ad-433d-b986-0a15bc2dffec" />
 
 
+
+https://github.com/user-attachments/assets/398e1d48-cc5a-4fb5-a195-05dbef824198
+
+
 ## Recommended terminal setup
 
 For best visual rendering, Aiden looks crispest with:
@@ -488,6 +519,21 @@ Common issues live in [`docs/v4.5/troubleshooting.md`](docs/v4.5/troubleshooting
 - **`/help` doesn't list a command** — that command likely needs an active session field; run from a real REPL
 - **`npm install` permission errors on Windows** — install into a real folder (not a drive root like `S:\`)
 
+
+
+
+https://github.com/user-attachments/assets/3acc997f-1d71-45d1-9955-11b67abd0c50
+
+
+
+https://github.com/user-attachments/assets/9e734168-cf76-4cc0-975a-379e5402ee90
+
+
+
+https://github.com/user-attachments/assets/5e7011a5-630d-43bd-8ed3-67084c7645db
+
+
+
 <br>
 
 ## The book

package/dist/cli/v4/aidenPrompt.js

@@ -291,6 +291,18 @@ exports.default = (0, core_1.createPrompt)((config, done) => {
         line = `${message} ${theme.style.answer(value)}`;
     }
     else {
+        // v4.9.2 Slice 2 (commit 0d0668f1) attempted to fix cursor
+        // misalignment by post-pending cursorBackward(ghost.length).
+        // Live-REPL diagnostic proved the fix is structurally inert:
+        // @inquirer/core's screen-manager.js:56 appends an ABSOLUTE
+        // cursorTo(this.cursorPos.cols) AFTER our content, overriding
+        // any cursor-positioning escape we emit inline. The real fix
+        // requires either rendering the ghost via a side-channel post-
+        // render write or moving it out of the inline line entirely —
+        // both need the proper save/restore refactor scheduled for v4.10
+        // once the prompt has a real screen-manager-aware test harness.
+        // Reverted here so the shipped v4.9.2 doesn't carry a "fix" that
+        // doesn't fix anything. Bug D status: known, deferred.
         const ghostStr = ghost ? dim(ghost) : '';
         line = `${prefix} ${message}${value}${ghostStr}`;
     }

package/dist/cli/v4/chatSession.js

@@ -82,6 +82,8 @@ const progressBar_1 = require("./display/progressBar");
 const uiBuild_1 = require("./uiBuild");
 const sessionSummaryGate_1 = require("./sessionSummaryGate");
 const aidenPrompt_1 = __importDefault(require("./aidenPrompt"));
+const confirmPrompt_1 = require("./confirmPrompt");
+const greeter_1 = require("./greeter");
 const historyStore_1 = require("./historyStore");
 const modelMetadata_1 = require("../../core/v4/modelMetadata");
 // v4.1.3-prebump: classify provider errors so the catch path can show
@@ -496,17 +498,21 @@ class ChatSession {
                         agent: this.opts.agent,
                         pluginLoader: this.opts.pluginLoader,
                         channelManager: this.opts.channelManager,
-                        confirm: async (msg) => {
-                            // Phase 17.1: bug — was reading `this.opts.promptApi?` which is
-                            // undefined when no override is passed; the chain silently
-                            // resolved to undefined → returned false → "Grant cancelled"
-                            // before the user could type anything. Use the resolved local
-                            // promptApi (which falls back to readline-default) instead.
-                            const r = await promptApi.readLine(msg);
-                            if (typeof r !== 'string')
-                                return false;
-                            return /^(y|yes)$/i.test(r.trim());
-                        },
+                        // v4.9.2 Slice 3 — UX-rebuilt confirmation primitive.
+                        // The stdin/keypress mechanics worked correctly all along;
+                        // users simply couldn't see the prompt was open. The
+                        // extracted `runConfirm` helper now owns the canonical
+                        // y/N hint, the warn-tinted '?' glyph, the
+                        // suggestionsDisabled flag (so confirmations skip ghost-
+                        // match against outer chat history), and the per-input
+                        // honest cancellation message.
+                        //
+                        // Phase 17.1 anchor: the previous primitive read
+                        // `this.opts.promptApi?` (undefined → silently returned
+                        // false → "Grant cancelled" before user could type) —
+                        // fixed by routing through the resolved local `promptApi`.
+                        // That fix stands; Slice 3 adds the UX layer on top.
+                        confirm: (msg) => (0, confirmPrompt_1.runConfirm)(msg, promptApi, this.opts.display),
                         // Phase 18: raw text prompt for /auth login OAuth code paste.
                         prompt: (msg) => promptApi.readLine(msg),
                     });
@@ -1676,6 +1682,22 @@ class ChatSession {
             }
         }
         catch { /* never let a missing marker crash boot */ }
+        // v4.9.3 Slice 1b — boot greeter. Silent on first-ever launch (lets
+        // renderFirstRunHint above own boot #1), silent when /greeter off,
+        // silent when no offer wins. Lazy-required so test-harness sessions
+        // without `paths` wired skip the fs cost. Internal errors are
+        // already swallowed inside renderGreeter; outer try/catch is the
+        // belt-and-braces guarantee against a boot-crash regression.
+        try {
+            if (this.opts.paths) {
+                await (0, greeter_1.renderGreeter)({
+                    paths: this.opts.paths,
+                    version: version_1.VERSION,
+                    display: this.opts.display,
+                });
+            }
+        }
+        catch { /* never let the greeter crash boot */ }
         // v4.9.0 pre-ship UI: hint moved BEFORE the closing rule so the
         // rule sits adjacent to the active prompt (it becomes the visual
         // top of the prompt zone). New order: blank · hint · blank · rule.
@@ -2085,9 +2107,15 @@ function createDefaultPromptApi(opts = {}) {
     // aidenPrompt component (ghost text + slash dropdown + history nav).
     const useLegacyPrompt = (0, uiBuild_1.isNoUiMode)() || !opts.commands;
     return {
-        async readLine(prompt) {
+        async readLine(prompt, readOpts) {
             try {
-                if (useLegacyPrompt) {
+                // v4.9.2 Slice 3 — confirmation prompts (suggestionsDisabled)
+                // always route through the legacy inquirer input path. No
+                // ghost-text (would autocomplete from outer chat history —
+                // wrong context for a y/n question), no slash dropdown
+                // (irrelevant for confirmations). Inquirer's plain input is
+                // the well-tested baseline for single-shot questions.
+                if (readOpts?.suggestionsDisabled || useLegacyPrompt) {
                     return (await inq.input({ message: prompt, theme: promptTheme })) ?? '';
                 }
                 // Fetch history just-in-time so each read sees the latest

package/dist/cli/v4/commands/channel.js

@@ -255,10 +255,9 @@ async function telegramRemove(ctx) {
         return;
     }
     const proceed = await confirm('Remove the Telegram bot token? This stops polling.');
-    if (!proceed) {
-        display.dim('  Cancelled.');
+    // v4.9.2 Slice 3 — confirm() now owns the rejection message.
+    if (!proceed)
         return;
-    }
     // Stop the live adapter first so polling actually halts even if the
     // .env write fails for some reason.
     const manager = ctx.channelManager;
@@ -297,10 +296,9 @@ async function telegramTakeover(ctx) {
     const proceed = confirm
         ? await confirm('Take over Telegram polling? This will boot any other Aiden instance off the bot.')
         : true;
-    if (!proceed) {
-        display.dim('  Cancelled.');
+    // v4.9.2 Slice 3 — confirm() now owns the rejection message.
+    if (!proceed)
         return;
-    }
     const spinner = display.startSpinner('Reclaiming Telegram polling…');
     let result;
     try {

package/dist/cli/v4/commands/cron.js

@@ -327,8 +327,13 @@ async function cmdRemove(ctx, args) {
     else if (ctx.confirm) {
         ok = await ctx.confirm(question);
     }
+    // v4.9.2 Slice 3 — when ctx.confirm was the source, the primitive
+    // already printed a per-input rejection message. The ctx.prompt
+    // branch above does its own y/N parsing, so it still owns its own
+    // "Cancelled." line.
     if (!ok) {
-        ctx.display.dim('Cancelled.');
+        if (ctx.prompt)
+            ctx.display.dim('Cancelled.');
         return;
     }
     if ((0, cronManager_1.deleteJob)(job.id)) {

package/dist/cli/v4/commands/daemonDoctor.js

@@ -85,7 +85,7 @@ function collectDoctorChecks(rootDir) {
             detail: `current=${ver} latest=${migrations_1.LATEST_SCHEMA_VERSION}`,
             fixable: false });
         // 3. Recent incarnation
-        const inc = db.prepare(`SELECT incarnation_id, started_at, ended_at, exit_reason FROM daemon_incarnations
+        const inc = db.prepare(`SELECT incarnation_id, started_at, ended_at, exit_reason FROM daemon_incarnations
         ORDER BY started_at DESC LIMIT 1`).get();
         if (!inc) {
             checks.push({ name: 'recent incarnation', status: 'warn',
@@ -100,7 +100,7 @@ function collectDoctorChecks(rootDir) {
         }
         // 4. Recent crashes (24h)
         const sinceIso = new Date(Date.now() - TWENTY_FOUR_HOURS_MS).toISOString();
-        const crashes = db.prepare(`SELECT COUNT(*) AS c FROM daemon_incarnations
+        const crashes = db.prepare(`SELECT COUNT(*) AS c FROM daemon_incarnations
         WHERE exit_reason = 'crash' AND started_at > ?`).get(sinceIso);
         checks.push({ name: 'recent crashes (24h)',
             status: crashes.c === 0 ? 'ok' : crashes.c > 3 ? 'warn' : 'ok',
@@ -111,7 +111,7 @@ function collectDoctorChecks(rootDir) {
         if (tableExists(db, 'run_attempts')) {
             const currentInc = inc?.incarnation_id ?? '';
             const cutoffIso = new Date(Date.now() - 30 * 60 * 1000).toISOString();
-            stuckAttempts = db.prepare(`SELECT COUNT(*) AS c FROM run_attempts
+            stuckAttempts = db.prepare(`SELECT COUNT(*) AS c FROM run_attempts
           WHERE status='running' AND incarnation_id != ? AND started_at < ?`).get(currentInc, cutoffIso).c;
         }
         checks.push({ name: 'stuck attempts',
@@ -125,7 +125,7 @@ function collectDoctorChecks(rootDir) {
         let orphanSpans = 0;
         if (tableExists(db, 'spans')) {
             const currentInc = inc?.incarnation_id ?? '';
-            orphanSpans = db.prepare(`SELECT COUNT(*) AS c FROM spans
+            orphanSpans = db.prepare(`SELECT COUNT(*) AS c FROM spans
           WHERE status IS NULL AND ended_at IS NULL AND incarnation_id != ?`).get(currentInc).c;
         }
         checks.push({ name: 'orphan spans',
@@ -147,7 +147,7 @@ function collectDoctorChecks(rootDir) {
         // 8. Stale-claimed trigger events
         let staleClaimed = 0;
         if (tableExists(db, 'trigger_events')) {
-            staleClaimed = db.prepare(`SELECT COUNT(*) AS c FROM trigger_events
+            staleClaimed = db.prepare(`SELECT COUNT(*) AS c FROM trigger_events
           WHERE status='claimed' AND claim_expires_at IS NOT NULL AND claim_expires_at < ?`).get(Date.now()).c;
         }
         checks.push({ name: 'stale-claimed trigger events',

package/dist/cli/v4/commands/daemonStatus.js

@@ -150,7 +150,7 @@ function readSnapshot() {
     // Recent runs (last 3).
     const recentRuns = (() => {
         try {
-            const rows = db.prepare(`SELECT id, status, finish_reason, started_at, completed_at FROM runs
+            const rows = db.prepare(`SELECT id, status, finish_reason, started_at, completed_at FROM runs
           ORDER BY id DESC LIMIT 3`).all();
             return rows.map((r) => ({
                 id: r.id,

package/dist/cli/v4/commands/greeter.js

@@ -0,0 +1,86 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * cli/v4/commands/greeter.ts — v4.9.3 SLICE 1a.
+ *
+ * `/greeter on | off | status` — REPL controls for the boot greeter.
+ *   - on     → set disabled: false; init the file if missing
+ *   - off    → confirm-gated (uses v4.9.2 Slice 3 ctx.confirm), set
+ *              disabled: true
+ *   - status → print current state + last greeting + offer summary
+ *
+ * Slice 1a: the slash command operates on the history file even
+ * though the greeter doesn't fire on boot yet (Slice 1b wires that).
+ * `/greeter off` BEFORE Slice 1b still durably disables, so when
+ * Slice 1b lands the user's choice is already honored.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.greeter = void 0;
+const history_1 = require("../greeter/history");
+exports.greeter = {
+    name: 'greeter',
+    description: 'Manage the boot greeter. Actions: on, off, status.',
+    category: 'system',
+    icon: '👋',
+    handler: async (ctx) => {
+        if (!ctx.paths) {
+            ctx.display.printError('Cannot read greeter state — paths not wired in this session.');
+            return;
+        }
+        const sub = (ctx.args[0] ?? 'status').toLowerCase();
+        if (sub === 'on') {
+            const h = (await (0, history_1.readHistory)(ctx.paths)) ?? initial();
+            h.disabled = false;
+            await (0, history_1.writeHistory)(ctx.paths, h);
+            ctx.display.success('Greeter on. Next boot will check for noticeable changes.');
+            return;
+        }
+        if (sub === 'off') {
+            if (!ctx.confirm) {
+                ctx.display.printError('Cannot confirm in this context.');
+                return;
+            }
+            const proceed = await ctx.confirm('Turn the boot greeter off? You can re-enable with /greeter on.');
+            if (!proceed)
+                return; // confirm() already printed the rejection reason
+            const h = (await (0, history_1.readHistory)(ctx.paths)) ?? initial();
+            h.disabled = true;
+            await (0, history_1.writeHistory)(ctx.paths, h);
+            ctx.display.success('Greeter off. No greeting on boot until /greeter on.');
+            return;
+        }
+        if (sub === 'status') {
+            const h = await (0, history_1.readHistory)(ctx.paths);
+            if (!h) {
+                ctx.display.dim('Greeter has not been initialized yet (no boots since v4.9.3).');
+                return;
+            }
+            const state = h.disabled ? 'off' : 'on';
+            const accepted = h.offers.filter((o) => o.response === 'accepted').length;
+            const ignored = h.offers.filter((o) => o.response === 'ignored').length;
+            const pending = h.offers.filter((o) => !o.response).length;
+            ctx.display.write('\n  Greeter status:\n');
+            ctx.display.write(`    state:         ${state}\n`);
+            ctx.display.write(`    first launch:  ${h.firstLaunchAt}\n`);
+            ctx.display.write(`    last greeting: ${h.lastGreetingAt}\n`);
+            ctx.display.write(`    offers:        ${h.offers.length} (${accepted} accepted · ${ignored} ignored · ${pending} pending)\n\n`);
+            return;
+        }
+        ctx.display.printError(`Unknown greeter action '${sub}'.`, 'Try: /greeter on | off | status');
+    },
+};
+function initial() {
+    const now = new Date().toISOString();
+    return {
+        v: 1,
+        firstLaunchAt: now,
+        lastGreetingAt: now,
+        offers: [],
+        disabled: false,
+    };
+}

package/dist/cli/v4/commands/help.js

@@ -79,6 +79,8 @@ exports.SUBSECTION_MAP = {
     // v4.9.1 amendment — REPL surfaces for memory + hooks (daemon already mapped).
     memory: 'System',
     hooks: 'System',
+    // v4.9.3 Slice 1b — boot greeter management.
+    greeter: 'System',
     // ── Authentication ──
     auth: 'Authentication',
     // ── Help ──

package/dist/cli/v4/commands/index.js

@@ -111,6 +111,8 @@ const memorySlash_1 = require("./memorySlash");
 Object.defineProperty(exports, "memory", { enumerable: true, get: function () { return memorySlash_1.memory; } });
 const hooksSlash_1 = require("./hooksSlash");
 Object.defineProperty(exports, "hooks", { enumerable: true, get: function () { return hooksSlash_1.hooks; } });
+// v4.9.3 Slice 1b — boot greeter management.
+const greeter_1 = require("./greeter");
 /** All built-in system commands, in canonical order. */
 exports.allCommands = [
     help_1.help,
@@ -166,6 +168,8 @@ exports.allCommands = [
     // v4.9.1 amendment — REPL slash surfaces mirroring CLI subcommands.
     memorySlash_1.memory,
     hooksSlash_1.hooks,
+    // v4.9.3 Slice 1b — boot greeter management.
+    greeter_1.greeter,
     clear_1.clear,
     quit_1.quit,
 ];

package/dist/cli/v4/commands/mcp.js

@@ -266,8 +266,8 @@ async function wireSubagentFanout(opts) {
     // WAL-coexistence model as REPL — connection.ts caches per-path.
     const mcpInstanceId = `mcp-${(0, node_crypto_1.randomUUID)().slice(0, 8)}`;
     const mcpDb = (0, daemon_1.openDaemonDb)((0, daemon_1.daemonDbPath)(opts.paths.root));
-    mcpDb.prepare(`INSERT OR IGNORE INTO daemon_instances
-       (instance_id, pid, hostname, started_at, last_heartbeat, version)
+    mcpDb.prepare(`INSERT OR IGNORE INTO daemon_instances
+       (instance_id, pid, hostname, started_at, last_heartbeat, version)
      VALUES (?, ?, ?, ?, ?, ?)`).run(mcpInstanceId, process.pid, node_os_1.default.hostname(), Date.now(), Date.now(), version_1.VERSION);
     const mcpRunStore = (0, daemon_1.createRunStore)({ db: mcpDb });
     // v4.6 Phase 3b — self-improvement loop singleton against the

package/dist/cli/v4/commands/plugins.js

@@ -161,10 +161,9 @@ exports.plugins = {
             ctx.display.write('\n');
             const confirmFn = ctx.confirm ?? (async () => false);
             const allow = await confirmFn(`Install ${manifest.name} with the listed permissions? [y/N] `);
-            if (!allow) {
-                ctx.display.dim('Install cancelled.');
+            // v4.9.2 Slice 3 — confirm() now owns the rejection message.
+            if (!allow)
                 return {};
-            }
             // Copy into the user plugins dir.
             const dst = node_path_1.default.join(ctx.paths.pluginsDir, manifest.name);
             try {
@@ -258,10 +257,9 @@ exports.plugins = {
             const allow = await confirmFn(isUpgrade
                 ? `Grant the listed permissions (including ${newPerms.length} new)? [y/N] `
                 : `Grant the listed permissions? [y/N] `);
-            if (!allow) {
-                ctx.display.dim('Grant cancelled.');
+            // v4.9.2 Slice 3 — confirm() now owns the rejection message.
+            if (!allow)
                 return {};
-            }
             await (0, plugins_1.saveGrantedPermissions)(dir, entry.manifest.permissions);
             // Reload so the new state takes effect.
             await ctx.pluginLoader.teardown();

package/dist/cli/v4/commands/trigger.js

@@ -79,9 +79,9 @@ async function runTriggerSubcommand(action, args, argv, opts = {}) {
             spec.paths = spec.paths.map((p) => node_path_1.default.resolve(p));
             const id = (0, node_crypto_1.randomUUID)();
             const now = Date.now();
-            db.prepare(`INSERT INTO triggers
-           (id, source, name, spec_json, enabled, prompt_template, deliver_only,
-            created_at, updated_at)
+            db.prepare(`INSERT INTO triggers
+           (id, source, name, spec_json, enabled, prompt_template, deliver_only,
+            created_at, updated_at)
          VALUES (?, 'file', ?, ?, ?, ?, 0, ?, ?)`).run(id, a.name, JSON.stringify(spec), a.disabled ? 0 : 1, spec.promptTemplate ?? null, now, now);
             out(`trigger added: ${id} (${a.name})\n`);
             out('Restart the daemon to activate the watcher.\n');
@@ -182,11 +182,11 @@ async function runTriggerSubcommand(action, args, argv, opts = {}) {
                 return 1;
             }
             const prefix = `trigger:${trig.source}:${id}:`;
-            const rows = db.prepare(`SELECT re.ts, re.kind, re.payload, r.id AS run_id
-           FROM run_events re
-           JOIN runs r ON re.run_id = r.id
-          WHERE r.session_id LIKE ?
-          ORDER BY re.ts DESC
+            const rows = db.prepare(`SELECT re.ts, re.kind, re.payload, r.id AS run_id
+           FROM run_events re
+           JOIN runs r ON re.run_id = r.id
+          WHERE r.session_id LIKE ?
+          ORDER BY re.ts DESC
           LIMIT 50`).all(`${prefix}%`);
             if (rows.length === 0) {
                 out(`No run events recorded for trigger ${id} (${trig.name}).\n`);
@@ -213,10 +213,10 @@ async function runTriggerSubcommand(action, args, argv, opts = {}) {
                 return 1;
             }
             const prefix = `trigger:${trig.source}:${id}:`;
-            const rows = db.prepare(`SELECT id, status, finish_reason, started_at, completed_at
-           FROM runs
-          WHERE session_id LIKE ?
-          ORDER BY started_at DESC
+            const rows = db.prepare(`SELECT id, status, finish_reason, started_at, completed_at
+           FROM runs
+          WHERE session_id LIKE ?
+          ORDER BY started_at DESC
           LIMIT 50`).all(`${prefix}%`);
             if (rows.length === 0) {
                 out(`No runs recorded for trigger ${id} (${trig.name}).\n`);
@@ -261,9 +261,9 @@ function runAddWebhook(db, argv, out, err) {
     });
     const id = (0, node_crypto_1.randomUUID)();
     const now = Date.now();
-    db.prepare(`INSERT INTO triggers
-       (id, source, name, spec_json, enabled, prompt_template, deliver_only,
-        created_at, updated_at)
+    db.prepare(`INSERT INTO triggers
+       (id, source, name, spec_json, enabled, prompt_template, deliver_only,
+        created_at, updated_at)
      VALUES (?, 'webhook', ?, ?, ?, ?, ?, ?, ?)`).run(id, a.name, JSON.stringify(spec), a.disabled ? 0 : 1, spec.promptTemplate ?? null, spec.deliverOnly ? 1 : 0, now, now);
     const cfg = (0, daemon_1.getDaemonConfig)();
     const host = process.env.AIDEN_DAEMON_BIND ?? '127.0.0.1';
@@ -359,9 +359,9 @@ async function runAddEmail(db, argv, out, err) {
     }
     const id = (0, node_crypto_1.randomUUID)();
     const now = Date.now();
-    db.prepare(`INSERT INTO triggers
-       (id, source, name, spec_json, enabled, prompt_template, deliver_only,
-        created_at, updated_at)
+    db.prepare(`INSERT INTO triggers
+       (id, source, name, spec_json, enabled, prompt_template, deliver_only,
+        created_at, updated_at)
      VALUES (?, 'email', ?, ?, ?, ?, ?, ?, ?)`).run(id, a.name, JSON.stringify(spec), a.disabled ? 0 : 1, spec.promptTemplate ?? null, spec.deliverOnly ? 1 : 0, now, now);
     out(`trigger added: ${id} (${a.name})\n`);
     out(`imap host:     ${spec.imap.host}:${spec.imap.port}${spec.imap.tls ? ' (TLS)' : ''}\n`);

package/dist/cli/v4/confirmPrompt.js

@@ -0,0 +1,67 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * cli/v4/confirmPrompt.ts — v4.9.2 SLICE 3.
+ *
+ * The slash-command `ctx.confirm()` primitive, extracted from the
+ * chatSession closure so it has one source of truth + is unit-testable
+ * without spinning up a full REPL.
+ *
+ * Behaviour:
+ *   - Canonicalises the y/n hint: strips any caller-appended ` (y/N) `
+ *     / ` [y/N] ` / ` (Y/n) ` so the primitive can append exactly one
+ *     ` (y/N) ` in canonical lowercase-y / capital-N form.
+ *   - Prefixes with a warn-tinted `?` glyph so the confirmation chrome
+ *     is visually distinct from the main ▲ chat prompt (Slice 3 root
+ *     cause: users couldn't tell a prompt was open).
+ *   - Routes through `promptApi.readLine` with `suggestionsDisabled:true`
+ *     so the inquirer-input path runs (no ghost-text from outer chat
+ *     history, no slash dropdown — irrelevant for y/n).
+ *   - Emits a per-input cancellation reason:
+ *       empty / Enter alone   → "Cancelled (press 'y' to confirm; …)"
+ *       'n' / 'no'            → "Cancelled."  (deliberate decline)
+ *       other non-y           → `Cancelled ("<x>" not recognized — …)`
+ *       null / non-string     → "Cancelled (no input)."
+ *     Callers no longer print their own "Cancelled." line — the
+ *     primitive owns the rejection message.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runConfirm = runConfirm;
+/** Strip any caller-appended `(y/N)` / `[y/N]` / `(Y/n)` so we can
+ *  re-append the canonical hint without duplication. */
+const TRAILING_YN_HINT_RE = /\s*[\[(](y\/[nN]|Y\/n)[\])]\s*$/i;
+/**
+ * Run a single confirmation prompt. Resolves to `true` on `y` / `yes`
+ * (case insensitive, trimmed); `false` on anything else, with a
+ * specific cancellation line written to `display.dim()`.
+ *
+ * Never throws — readLine errors and non-string returns degrade to
+ * `false` with an honest "no input" reason.
+ */
+async function runConfirm(msg, promptApi, display) {
+    const stripped = msg.replace(TRAILING_YN_HINT_RE, '').trimEnd();
+    const decorated = `${display.paint('?', 'warn')} ${stripped} (y/N) `;
+    const r = await promptApi.readLine(decorated, { suggestionsDisabled: true });
+    if (typeof r !== 'string') {
+        display.dim('Cancelled (no input).');
+        return false;
+    }
+    const trimmed = r.trim();
+    if (/^(y|yes)$/i.test(trimmed))
+        return true;
+    if (trimmed === '') {
+        display.dim(`Cancelled (press 'y' to confirm; Enter alone = no).`);
+    }
+    else if (/^(n|no)$/i.test(trimmed)) {
+        display.dim('Cancelled.');
+    }
+    else {
+        display.dim(`Cancelled ("${trimmed}" not recognized — expected y/yes/n/no).`);
+    }
+    return false;
+}