appostle-installer 0.0.14 → 0.0.16

package/dist/appostle.js

@@ -1832,7 +1832,13 @@ function extractTimestamps(record) {
     // Fork lineage — preserved across resume so the in-memory ManagedAgent
     // can flow `parentAgentId` into snapshots that drive the tab Split icon.
     ...record.parentAgentId ? { parentAgentId: record.parentAgentId } : {},
-    ...record.forkedFromMessageUuid ? { forkedFromMessageUuid: record.forkedFromMessageUuid } : {}
+    ...record.forkedFromMessageUuid ? { forkedFromMessageUuid: record.forkedFromMessageUuid } : {},
+    // Multi-tenant ownership — closes the daemon-restart gap. Old records
+    // lack these fields → ownerUserId stays undefined (→ null in
+    // registerSession), agent rehydrates as unscoped.
+    ownerUserId: record.ownerUserId ?? null,
+    sharedWithUserIds: record.sharedWithUserIds ?? [],
+    ownerUsername: record.ownerUsername ?? null
   };
 }
 function hasRegisteredProvider(registeredProviders, value) {
@@ -1916,6 +1922,11 @@ function toAgentPayload(agent, options) {
     title: options?.title ?? null,
     labels: agent.labels,
     internal: agent.internal,
+    // Surface ownership so the client can render an owner badge / detect
+    // "shared with me" agents. `sharedWithUserIds` deliberately stays off
+    // the snapshot — only owners read the full ACL, via the dedicated
+    // `list_agent_shared_users_request` RPC.
+    ownerUserId: agent.ownerUserId,
     // Fork lineage — the client's tab descriptor uses `parentAgentId` to
     // mark the agent as a fork (Split glyph). Carry it from the live
     // ManagedAgent so the marker doesn't disappear once the agent is
@@ -3331,18 +3342,60 @@ var BrandGenerateTokensResponseSchema = z10.object({
     error: z10.string().nullable()
   })
 });
-var BrandGenerateArtDirectionRequestSchema = z10.object({
-  type: z10.literal("brands/generate-art-direction"),
+var BrandGenerateLayoutRequestSchema = z10.object({
+  type: z10.literal("brands/generate-layout"),
   requestId: z10.string(),
   workspaceRoot: z10.string(),
   brandPath: z10.string(),
   prompt: z10.string()
 });
-var BrandGenerateArtDirectionResponseSchema = z10.object({
-  type: z10.literal("brands/generate-art-direction/response"),
+var BrandGenerateLayoutResponseSchema = z10.object({
+  type: z10.literal("brands/generate-layout/response"),
   payload: z10.object({
     requestId: z10.string(),
-    generatedCount: z10.number(),
+    roleContent: z10.string().optional(),
+    error: z10.string().nullable()
+  })
+});
+var LayoutQaMessageSchema = z10.object({
+  role: z10.enum(["assistant", "user"]),
+  content: z10.string()
+});
+var BrandLayoutQaNextRequestSchema = z10.object({
+  type: z10.literal("brands/layout-qa/next"),
+  requestId: z10.string(),
+  workspaceRoot: z10.string(),
+  brandPath: z10.string(),
+  /** Full conversation so far (assistant questions + user answers). Empty to start. */
+  conversation: z10.array(LayoutQaMessageSchema)
+});
+var BrandLayoutQaNextResponseSchema = z10.object({
+  type: z10.literal("brands/layout-qa/next/response"),
+  payload: z10.object({
+    requestId: z10.string(),
+    /** false = here's the next question; true = Q&A complete, role document written */
+    done: z10.boolean(),
+    /** The next question to show the user (when done=false). */
+    question: z10.string().optional(),
+    /** Answer options for the current question (when done=false). */
+    options: z10.array(z10.string()).optional(),
+    /** The generated role document content (when done=true). */
+    roleContent: z10.string().optional(),
+    error: z10.string().nullable()
+  })
+});
+var BrandGenerateWireframeRequestSchema = z10.object({
+  type: z10.literal("brands/generate-wireframe"),
+  requestId: z10.string(),
+  workspaceRoot: z10.string(),
+  brandPath: z10.string()
+});
+var BrandGenerateWireframeResponseSchema = z10.object({
+  type: z10.literal("brands/generate-wireframe/response"),
+  payload: z10.object({
+    requestId: z10.string(),
+    /** JSON string of WireframeData. */
+    wireframe: z10.string().optional(),
     error: z10.string().nullable()
   })
 });
@@ -3982,7 +4035,19 @@ var AgentSnapshotPayloadSchema = z11.object({
    * lists at display time. The agent itself is a real, full-featured session
    * in every other respect; `internal` is a UI visibility hint, nothing more.
    */
-  internal: z11.boolean().optional()
+  internal: z11.boolean().optional(),
+  /**
+   * Multi-tenant ownership (Phase 2c/4). Surfaces the auth-server user-id
+   * of the agent's creator so the app can render an owner badge and
+   * detect "shared with me" state (owner !== current user). Optional/
+   * nullable for legacy agents created before per-agent ownership
+   * existed — those render without a badge.
+   *
+   * NOTE: `sharedWithUserIds` is intentionally NOT exposed here. Only the
+   * owner can enumerate the full ACL, via `list_agent_shared_users_request`.
+   * The snapshot stays cheap and recipient-safe.
+   */
+  ownerUserId: z11.string().nullable().optional()
 });
 var VoiceAudioChunkMessageSchema = z11.object({
   type: z11.literal("voice_audio_chunk"),
@@ -5191,6 +5256,74 @@ var DeleteSessionUploadResponseSchema = z11.object({
     })
   ])
 });
+var ShareAgentWithUserRequestSchema = z11.object({
+  type: z11.literal("share_agent_with_user_request"),
+  requestId: z11.string(),
+  /** Accepts full ID, unique prefix, or exact full title (server resolves). */
+  agentId: z11.string(),
+  /** Auth-server user-id of the recipient. */
+  userId: z11.string()
+});
+var ShareAgentWithUserResponseSchema = z11.object({
+  type: z11.literal("share_agent_with_user_response"),
+  payload: z11.discriminatedUnion("ok", [
+    z11.object({
+      requestId: z11.string(),
+      ok: z11.literal(true),
+      /** Updated ACL after the share applied (owner is not included). */
+      sharedWithUserIds: z11.array(z11.string())
+    }),
+    z11.object({
+      requestId: z11.string(),
+      ok: z11.literal(false),
+      error: z11.string()
+    })
+  ])
+});
+var UnshareAgentWithUserRequestSchema = z11.object({
+  type: z11.literal("unshare_agent_with_user_request"),
+  requestId: z11.string(),
+  agentId: z11.string(),
+  userId: z11.string()
+});
+var UnshareAgentWithUserResponseSchema = z11.object({
+  type: z11.literal("unshare_agent_with_user_response"),
+  payload: z11.discriminatedUnion("ok", [
+    z11.object({
+      requestId: z11.string(),
+      ok: z11.literal(true),
+      sharedWithUserIds: z11.array(z11.string())
+    }),
+    z11.object({
+      requestId: z11.string(),
+      ok: z11.literal(false),
+      error: z11.string()
+    })
+  ])
+});
+var ListAgentSharedUsersRequestSchema = z11.object({
+  type: z11.literal("list_agent_shared_users_request"),
+  requestId: z11.string(),
+  agentId: z11.string()
+});
+var ListAgentSharedUsersResponseSchema = z11.object({
+  type: z11.literal("list_agent_shared_users_response"),
+  payload: z11.discriminatedUnion("ok", [
+    z11.object({
+      requestId: z11.string(),
+      ok: z11.literal(true),
+      /** Auth-server user-id of the owner (always present when ok). */
+      ownerUserId: z11.string().nullable(),
+      /** Auth-server user-ids that the owner has granted access to. */
+      sharedWithUserIds: z11.array(z11.string())
+    }),
+    z11.object({
+      requestId: z11.string(),
+      ok: z11.literal(false),
+      error: z11.string()
+    })
+  ])
+});
 var SessionImageSchema = z11.object({
   id: z11.string(),
   fileName: z11.string(),
@@ -5383,7 +5516,9 @@ var SessionInboundMessageSchema = z11.discriminatedUnion("type", [
   BrandAssetCopyRequestSchema,
   BrandAssetUploadRequestSchema,
   BrandGenerateTokensRequestSchema,
-  BrandGenerateArtDirectionRequestSchema,
+  BrandGenerateLayoutRequestSchema,
+  BrandLayoutQaNextRequestSchema,
+  BrandGenerateWireframeRequestSchema,
   RightFontLibraryRequestSchema,
   GoogleFontsCatalogRequestSchema,
   GoogleFontsDownloadRequestSchema,
@@ -5433,6 +5568,9 @@ var SessionInboundMessageSchema = z11.discriminatedUnion("type", [
   DeleteSessionUploadRequestSchema,
   ListSessionImagesRequestSchema,
   DeleteSessionImageRequestSchema,
+  ShareAgentWithUserRequestSchema,
+  UnshareAgentWithUserRequestSchema,
+  ListAgentSharedUsersRequestSchema,
   FetchAttachmentBytesRequestSchema
 ]);
 var ActivityLogPayloadSchema = z11.object({
@@ -7002,7 +7140,9 @@ var SessionOutboundMessageSchema = z11.discriminatedUnion("type", [
   BrandAssetCopyResponseSchema,
   BrandAssetUploadResponseSchema,
   BrandGenerateTokensResponseSchema,
-  BrandGenerateArtDirectionResponseSchema,
+  BrandGenerateLayoutResponseSchema,
+  BrandLayoutQaNextResponseSchema,
+  BrandGenerateWireframeResponseSchema,
   RightFontLibraryResponseSchema,
   GoogleFontsCatalogResponseSchema,
   GoogleFontsDownloadResponseSchema,
@@ -7016,6 +7156,9 @@ var SessionOutboundMessageSchema = z11.discriminatedUnion("type", [
   DeleteSessionUploadResponseSchema,
   ListSessionImagesResponseSchema,
   DeleteSessionImageResponseSchema,
+  ShareAgentWithUserResponseSchema,
+  UnshareAgentWithUserResponseSchema,
+  ListAgentSharedUsersResponseSchema,
   FetchAttachmentBytesResponseSchema
 ]);
 var WSPingMessageSchema = z11.object({
@@ -7209,7 +7352,7 @@ import { exec } from "node:child_process";
 import { promisify as promisify3 } from "util";
 import { join as join14, resolve as resolve9, sep as sep2 } from "path";
 import { homedir as homedir5, hostname as osHostname } from "node:os";
-import { z as z36 } from "zod";
+import { z as z39 } from "zod";
 
 // ../server/src/server/persisted-config.ts
 import { existsSync as existsSync4, mkdirSync as mkdirSync4, readFileSync as readFileSync3, writeFileSync as writeFileSync2 } from "node:fs";
@@ -7723,7 +7866,9 @@ function ensurePrng() {
   const cryptoObj = globalThis.crypto;
   if (cryptoObj?.getRandomValues) {
     nacl.setPRNG((x, n) => {
-      cryptoObj.getRandomValues(x.subarray(0, n));
+      const buf = new Uint8Array(n);
+      cryptoObj.getRandomValues(buf);
+      x.set(buf, 0);
     });
     prngReady = true;
     return;
@@ -7834,8 +7979,8 @@ function base64ToArrayBuffer(base64) {
 // ../relay/dist/encrypted-channel.js
 var HANDSHAKE_RETRY_MS = 1e3;
 var MAX_PENDING_SENDS = 200;
-async function createClientChannel(transport, daemonPublicKeyB64, events = {}) {
-  const keyPair = generateKeyPair();
+async function createClientChannel(transport, daemonPublicKeyB64, events = {}, staticKeyPair) {
+  const keyPair = staticKeyPair ?? generateKeyPair();
   const daemonPublicKey = importPublicKey(daemonPublicKeyB64);
   const sharedKey = deriveSharedKey(keyPair.secretKey, daemonPublicKey);
   const channel = new EncryptedChannel(transport, sharedKey, events);
@@ -8007,6 +8152,16 @@ var EncryptedChannel = class {
   isOpen() {
     return this.state === "open";
   }
+  /**
+   * Peer's X25519 public key (base64) captured during the daemon-side
+   * handshake. Returns `null` on the client side or when the channel was
+   * built without this metadata (legacy code paths). Used by the daemon's
+   * WS-server to resolve the connecting device → owning user.
+   */
+  getPeerPublicKeyB64() {
+    const v = this.options.peerPublicKeyB64;
+    return v && v.length > 0 ? v : null;
+  }
   onTransitionToOpen(cb) {
     this.onOpenCallbacks.push(cb);
   }
@@ -9949,7 +10104,14 @@ async function ensureAgentLoaded(agentId, deps) {
       if (!config) {
         throw new Error(`Agent ${agentId} references unavailable provider '${record.provider}'`);
       }
-      snapshot = await deps.agentManager.createAgent(config, agentId, { labels: record.labels });
+      snapshot = await deps.agentManager.createAgent(config, agentId, {
+        labels: record.labels,
+        // Preserve multi-tenant ownership across the no-handle rehydrate
+        // path (records that never landed a persistence handle, e.g. very
+        // early agents). Without this, agents would silently drop their
+        // owner whenever they took this branch through `ensureAgentLoaded`.
+        ownerUserId: record.ownerUserId ?? null
+      });
       deps.logger.info({ agentId, provider: record.provider }, "Agent created from stored config");
     }
     await deps.agentManager.hydrateTimelineFromProvider(agentId);
@@ -17534,66 +17696,6 @@ function resolvePlanFilename(options) {
 }
 
 // ../server/src/server/agent/orchestrator-instructions.ts
-function getPlanModeInstructions() {
-  return `
-<rendering-context>
-Your plan is rendered in a rich-text editor (Tiptap + markdown-it), not a raw markdown file:
-- Headings render as real headings; lists become interactive checkable lists.
-- Fenced code blocks render in a code-styled container with syntax highlighting \u2014 use them for actual code, commands, config snippets, and file contents, not for "visual grouping" of prose.
-- \`\`\`mermaid fenced blocks auto-render as live diagrams (graph, sequence, flowchart, etc.). You don't need to announce a mermaid block; just emit one and the renderer handles it.
-- YAML frontmatter at the top is parsed out and becomes an interactive todo checklist (see <plan-mode-output-format> below).
-- The user can edit the rendered output directly as rich text. Overusing code blocks makes editing awkward \u2014 prefer prose for explanation.
-
-One CommonMark pitfall to avoid: nested fenced code blocks of the same length break rendering. If you wrap a multi-section template in \`\`\` and it contains another \`\`\`json block, the inner fence closes the outer prematurely, and the rest of the document gets captured as a rogue code block. When you need to show a template that itself contains code:
-- Prefer describing the template as prose with subheadings \u2014 that renders cleaner in a rich editor anyway, and
-- If you truly need a visual wrapper, use ~~~ for the outer fence and \`\`\` for the inner; the two fence styles don't interact.
-</rendering-context>
-
-<plan-mode-output-format>
-When you write a plan file in plan mode, the file MUST begin with a YAML
-frontmatter block that captures the plan's structured metadata. The host UI
-parses this frontmatter to render an interactive to-do checklist. Plans that
-omit it lose that UI affordance.
-
-Required shape (copy this structure exactly, replace the placeholder values):
-
----
-name: "Short plan title, sentence case"
-overview: "One or two sentence summary of what the plan achieves"
-todos:
-  - id: stable-kebab-slug-1
-    content: "First concrete, actionable task \u2014 what actually gets done"
-    status: pending
-  - id: stable-kebab-slug-2
-    content: "Next task"
-    status: pending
-isProject: false
----
-
-# Plan body \u2014 regular markdown follows here\u2026
-
-Rules:
-- Every plan MUST start with a complete frontmatter block delimited by '---'.
-- Each todo has exactly three fields: 'id', 'content', 'status'.
-- 'id' is a short kebab-case slug, stable and unique within the plan.
-- 'status' starts as "pending" for every new item. Valid values: "pending",
-  "in_progress", "needs_help", "completed". Do not invent other statuses.
-  "needs_help" is the "I'm blocked" signal \u2014 set it ONLY when a future
-  implementing agent cannot make progress on that todo without user input
-  (missing credentials, ambiguous product decisions with no reasonable
-  default, preconditions the todo assumes are false). When writing a plan,
-  all todos stay "pending".
-- 'content' is one concrete, user-facing action \u2014 one todo per real step.
-- Use 2\u201310 todos that cover the real work; don't omit implementation steps
-  and don't pad with filler.
-- 'isProject' is false for single-task plans, true for long-running multi-phase
-  projects.
-- Put the narrative plan (context, approach, diagrams, file list, etc.) below
-  the closing '---' as normal markdown. That section is for humans and agents
-  to read; the frontmatter is the machine-readable contract.
-</plan-mode-output-format>
-`;
-}
 function getSystemReminderGuidance() {
   return `
 <harness-system-reminders>
@@ -17622,61 +17724,6 @@ Real injection attempts are still your job to catch.
 </harness-system-reminders>
 `;
 }
-function getHandoffInstructions() {
-  return `
-<handoff>
-When the user sends a message starting with \`>handoff\` (the text after it is their intent):
-1. Briefly acknowledge what you're handing off (one short sentence).
-2. Call \`mcp__appostle__handoff\` with a self-contained \`task\` string. The new session has NO access to this conversation \u2014 include all relevant file paths, decisions, constraints, and context it needs to start cleanly.
-3. Do not do the work yourself.
-</handoff>
-`;
-}
-function getOrchestratorModeInstructions() {
-  return `
-<orchestrator-mode>
-Activation:
-- Only activate if the user explicitly says "go into orchestrator mode" (or similar).
-- Otherwise, do work directly yourself; do not spawn agents.
-
-Core rules:
-- In orchestrator mode, you accomplish tasks only by managing agents; do not perform the work yourself.
-- Always prefix agent titles (e.g., "\u{1F3AD} Feature Implementation", "\u{1F3AD} Design Discussion").
-- Set cwd to the repository root and choose the most permissive mode available.
-- If an agent control tool call fails, list agents before launching another; it may just be a wait timeout.
-
-Context management:
-- Reuse an existing agent when the next step needs the same context (same files/module/folder or immediate follow-up like investigate \u2192 fix in the same area).
-- Start a new agent when switching to a different area/module, or when an agent has run long and its context feels stale.
-- Prefer sending follow-up prompts to an existing agent to avoid reloading context.
-- Use multiple agents when roles diverge (e.g., one for refactor, one for external validation), but default to reuse when context overlaps.
-
-Conversation with agents:
-- Engage actively: ask pointed questions, probe risks, and request clarifications before accepting proposals.
-- Encourage agents to validate assumptions, consider edge cases, and describe how they will test/verify.
-
-Agent selection guidance:
-- Codex: methodical and slower; great for deep debugging, tracing code paths, refactoring, complex features, and design discussions.
-- Claude: fast; strong at tool use, agentic control, and managing other agents; may jump to conclusions\u2014ask it to verify.
-
-Clarifying ambiguous requests:
-- Research first to understand the current state.
-- Ask clarifying questions about what the user wants.
-- Present options with trade-offs.
-- Get explicit confirmation; never assume.
-
-Investigation vs Implementation:
-- Investigate only unless explicitly asked to implement.
-- Report findings clearly.
-- After investigation, ask for direction before implementing.
-
-Tool usage discipline:
-- Do not ask users to run commands\u2014run them yourself.
-- Do not repeat the user\u2019s instructions verbatim\u2014summarize them in your own words.
-- Be explicit about results\u2014tell the user what happened after every command.
-</orchestrator-mode>
-`;
-}
 
 // ../server/src/server/agent/providers/claude-agent.ts
 var fsPromises = promises;
@@ -18673,6 +18720,17 @@ var ClaudeAgentSession = class {
     this.fastModeEnabled = false;
     this.handlePermissionRequest = async (toolName, input, options) => {
       this.maybeRewritePlanFilename(toolName, input);
+      if (this.currentMode === "plan" && toolName === "Write") {
+        const filePath = typeof input.file_path === "string" ? input.file_path : "";
+        const dirName = path9.basename(path9.dirname(filePath));
+        if (dirName === ".plans" && filePath.endsWith(".md")) {
+          return {
+            behavior: "deny",
+            message: "In plan mode, plans must be created via `mcp__appostle__write_plan` (typed schema, validated frontmatter). Call that tool instead of raw Write.",
+            interrupt: false
+          };
+        }
+      }
       const requestId = `permission-${randomUUID2()}`;
       const kind = resolvePermissionKind(toolName, input);
       if (kind === "tool") {
@@ -19398,13 +19456,9 @@ var ClaudeAgentSession = class {
       // sub-agents stop announcing them as suspected prompt injections. See
       // getSystemReminderGuidance for the full rationale.
       getSystemReminderGuidance(),
-      "Get to the point. No preamble, no summaries, unless the user asks for it.",
-      getHandoffInstructions(),
-      getOrchestratorModeInstructions(),
-      // Plan-mode authoring convention: when the agent is in plan mode, it
-      // writes a plan file. Teach it to prepend a YAML frontmatter block with
-      // structured todos so the host UI can render an interactive checklist.
-      this.currentMode === "plan" ? getPlanModeInstructions() : null,
+      "Default response shape: open with a short, scannable plain-English read. 2\u20134 short sentences, one idea each, no comma-chained clauses or em-dash pile-ups. When the read covers 3+ discrete points, use bullets instead of prose. Then the technical detail in dense form (paths, line refs, code) without narration. Don't explain what well-named code already explains. Skip the shape for trivial questions.",
+      "For multi-step work with independent chunks, spawn Task subagents instead of doing every tool call yourself. Run them in parallel when chunks don't depend on each other. Keeps your main context lean.",
+      "When the user sends `>learn`, re-explain your previous message in plain English only \u2014 1 short paragraph that helps them build the mental model. No code, no file references, no technical repeat.",
       this.config.systemPrompt?.trim()
     ].filter((entry) => typeof entry === "string" && entry.length > 0).join("\n\n");
     const claudeBinary = await findExecutable("claude");
@@ -20583,10 +20637,10 @@ ${error.stack ?? ""}` : JSON.stringify(error);
       return void 0;
     }
     const server = entry?.server ?? block.server ?? "tool";
-    const tool3 = entry?.name ?? block.tool_name ?? "tool";
+    const tool4 = entry?.name ?? block.tool_name ?? "tool";
     const content = coerceToolResultContentToString(block.content);
     const input = entry?.input;
-    const structured = this.buildStructuredToolResult(server, tool3, content, input);
+    const structured = this.buildStructuredToolResult(server, tool4, content, input);
     if (structured) {
       return structured;
     }
@@ -20603,9 +20657,9 @@ ${error.stack ?? ""}` : JSON.stringify(error);
     }
     return Object.keys(result).length > 0 ? result : void 0;
   }
-  buildStructuredToolResult(server, tool3, output, input) {
+  buildStructuredToolResult(server, tool4, output, input) {
     const normalizedServer = server.toLowerCase();
-    const normalizedTool = tool3.toLowerCase();
+    const normalizedTool = tool4.toLowerCase();
     if (normalizedServer.includes("bash") || normalizedServer.includes("shell") || normalizedServer.includes("command") || normalizedTool.includes("bash") || normalizedTool.includes("shell") || normalizedTool.includes("command") || input && (typeof input.command === "string" || Array.isArray(input.command))) {
       const command = this.extractCommandText(input ?? {}) ?? "command";
       return {
@@ -21919,8 +21973,8 @@ function resolveStatus(rawStatus, error, output) {
   }
   return output !== null && output !== void 0 ? "completed" : "running";
 }
-function buildMcpToolName(server, tool3) {
-  const trimmedTool = tool3.trim();
+function buildMcpToolName(server, tool4) {
+  const trimmedTool = tool4.trim();
   if (!trimmedTool) {
     return "tool";
   }
@@ -22090,11 +22144,11 @@ function mapFileChangeItem(item, options) {
   };
 }
 function mapMcpToolCallItem(item, options) {
-  const tool3 = item.tool.trim();
-  if (!tool3) {
+  const tool4 = item.tool.trim();
+  if (!tool4) {
     return null;
   }
-  const name = buildMcpToolName(item.server, tool3);
+  const name = buildMcpToolName(item.server, tool4);
   const input = item.arguments ?? null;
   const output = item.result ?? null;
   const error = item.error ?? null;
@@ -29067,7 +29121,7 @@ function translateOpenCodeEvent(event, state) {
         break;
       }
       const metadata = readOpenCodeRecord(event.properties.metadata);
-      const tool3 = readOpenCodeRecord(event.properties.tool);
+      const tool4 = readOpenCodeRecord(event.properties.tool);
       const patterns = Array.isArray(event.properties.patterns) ? event.properties.patterns.filter((value) => typeof value === "string") : [];
       const command = readPermissionField(metadata, PERMISSION_COMMAND_KEYS);
       const cwd = readPermissionField(metadata, PERMISSION_CWD_KEYS);
@@ -29075,7 +29129,7 @@ function translateOpenCodeEvent(event, state) {
       const input = buildOpenCodePermissionInput({
         patterns,
         metadata,
-        tool: tool3,
+        tool: tool4,
         command
       });
       const detail = buildOpenCodePermissionDetail({
@@ -31261,6 +31315,53 @@ function buildProviderRegistry(logger, options) {
   );
 }
 
+// ../server/src/server/claude-profile.ts
+import { existsSync as existsSync10, mkdirSync as mkdirSync5, symlinkSync, rmSync as rmSync2 } from "node:fs";
+import path13 from "node:path";
+import os5 from "node:os";
+var SHARED_ITEMS = ["settings.json", "hooks", "agents", "skills", "plugins", "keybindings.json"];
+function getClaudeProfileDir(username) {
+  return path13.join(os5.homedir(), `.claude-${username}`);
+}
+function ensureClaudeProfile(username, logger) {
+  const profileDir = getClaudeProfileDir(username);
+  const ownerDir = path13.join(os5.homedir(), ".claude");
+  if (!existsSync10(ownerDir)) {
+    throw new Error(`Owner claude config dir not found: ${ownerDir}`);
+  }
+  if (!existsSync10(profileDir)) {
+    mkdirSync5(profileDir, { recursive: true });
+    logger?.info({ profileDir, username }, "created claude profile directory");
+  }
+  for (const item of SHARED_ITEMS) {
+    const target = path13.join(ownerDir, item);
+    const link = path13.join(profileDir, item);
+    if (!existsSync10(target)) continue;
+    if (existsSync10(link)) continue;
+    symlinkSync(target, link);
+    logger?.info({ item, profileDir }, "symlinked shared config item");
+  }
+  return profileDir;
+}
+function hasClaudeAuth(username) {
+  const profileDir = getClaudeProfileDir(username);
+  return existsSync10(profileDir);
+}
+function removeClaudeProfile(username, logger) {
+  const profileDir = getClaudeProfileDir(username);
+  if (!existsSync10(profileDir)) return;
+  rmSync2(profileDir, { recursive: true, force: true });
+  logger?.info({ profileDir, username }, "removed claude profile directory");
+}
+
+// ../server/src/server/agent/agent-manager.ts
+import { z as z34 } from "zod";
+import { getSessionMessages } from "@anthropic-ai/claude-agent-sdk";
+
+// ../server/src/server/agent/handoff-mcp.ts
+import { createSdkMcpServer, tool as tool2 } from "@anthropic-ai/claude-agent-sdk";
+import { z as z33 } from "zod";
+
 // ../server/src/server/agent/agent-metadata-generator.ts
 import { basename as basename5 } from "path";
 import { z as z31 } from "zod";
@@ -31738,6 +31839,18 @@ function scheduleAgentMetadataGeneration(options) {
   });
 }
 
+// ../server/src/server/agent/write-plan-tool.ts
+import { tool } from "@anthropic-ai/claude-agent-sdk";
+import { z as z32 } from "zod";
+
+// ../server/src/server/agent/agent-manager.ts
+var AgentIdSchema = z34.string().uuid();
+function canUserAccessAgent(agent, requesterUserId) {
+  if (agent.ownerUserId === null) return true;
+  if (agent.ownerUserId === requesterUserId) return true;
+  return agent.sharedWithUserIds.includes(requesterUserId);
+}
+
 // ../server/src/server/agent/timeline-append.ts
 async function appendTimelineItemIfAgentKnown(options) {
   try {
@@ -32121,25 +32234,25 @@ async function buildProjectPlacementForCwd(input) {
 }
 
 // ../server/src/server/workspace-registry.ts
-import { z as z32 } from "zod";
-var PersistedProjectRecordSchema = z32.object({
-  projectId: z32.string(),
-  rootPath: z32.string(),
-  kind: z32.enum(["git", "non_git"]),
-  displayName: z32.string(),
-  createdAt: z32.string(),
-  updatedAt: z32.string(),
-  archivedAt: z32.string().nullable()
-});
-var PersistedWorkspaceRecordSchema = z32.object({
-  workspaceId: z32.string(),
-  projectId: z32.string(),
-  cwd: z32.string(),
-  kind: z32.enum(["local_checkout", "worktree", "directory"]),
-  displayName: z32.string(),
-  createdAt: z32.string(),
-  updatedAt: z32.string(),
-  archivedAt: z32.string().nullable()
+import { z as z35 } from "zod";
+var PersistedProjectRecordSchema = z35.object({
+  projectId: z35.string(),
+  rootPath: z35.string(),
+  kind: z35.enum(["git", "non_git"]),
+  displayName: z35.string(),
+  createdAt: z35.string(),
+  updatedAt: z35.string(),
+  archivedAt: z35.string().nullable()
+});
+var PersistedWorkspaceRecordSchema = z35.object({
+  workspaceId: z35.string(),
+  projectId: z35.string(),
+  cwd: z35.string(),
+  kind: z35.enum(["local_checkout", "worktree", "directory"]),
+  displayName: z35.string(),
+  createdAt: z35.string(),
+  updatedAt: z35.string(),
+  archivedAt: z35.string().nullable()
 });
 function createPersistedProjectRecord(input) {
   return PersistedProjectRecordSchema.parse({
@@ -32218,7 +32331,7 @@ function isVoicePermissionAllowed(request) {
 
 // ../server/src/server/file-explorer/service.ts
 import { promises as fs8 } from "fs";
-import path13 from "path";
+import path14 from "path";
 
 // ../server/src/server/path-utils.ts
 import { homedir as homedir2 } from "node:os";
@@ -32272,7 +32385,7 @@ async function listDirectoryEntries({
   const dirents = await fs8.readdir(directoryPath, { withFileTypes: true });
   const entriesWithNulls = await Promise.all(
     dirents.map(async (dirent) => {
-      const targetPath = path13.join(directoryPath, dirent.name);
+      const targetPath = path14.join(directoryPath, dirent.name);
       const kind = dirent.isDirectory() ? "directory" : "file";
       try {
         return await buildEntryPayload({
@@ -32311,7 +32424,7 @@ async function readExplorerFile({
   if (!stats.isFile()) {
     throw new Error("Requested path is not a file");
   }
-  const ext = path13.extname(filePath).toLowerCase();
+  const ext = path14.extname(filePath).toLowerCase();
   const basePayload = {
     path: normalizeRelativePath({ root, targetPath: filePath }),
     size: stats.size,
@@ -32349,7 +32462,7 @@ async function writeTextFile({
   relativePath,
   content
 }) {
-  const ext = path13.extname(relativePath).toLowerCase();
+  const ext = path14.extname(relativePath).toLowerCase();
   if (ext in IMAGE_MIME_TYPES) {
     throw new Error(`Refusing to write '${relativePath}': binary/image file`);
   }
@@ -32359,7 +32472,7 @@ async function writeTextFile({
   await fs8.rename(tempPath, filePath);
 }
 async function deleteFile({ root, relativePath }) {
-  const ext = path13.extname(relativePath).toLowerCase();
+  const ext = path14.extname(relativePath).toLowerCase();
   if (ext !== ".md") {
     throw new Error(`Refusing to delete '${relativePath}': only .md files allowed`);
   }
@@ -32393,7 +32506,7 @@ async function getDownloadableFileInfo({ root, relativePath }) {
   if (!stats.isFile()) {
     throw new Error("Requested path is not a file");
   }
-  const ext = path13.extname(filePath).toLowerCase();
+  const ext = path14.extname(filePath).toLowerCase();
   let mimeType = "application/octet-stream";
   if (ext in IMAGE_MIME_TYPES) {
     mimeType = IMAGE_MIME_TYPES[ext] ?? mimeType;
@@ -32415,23 +32528,23 @@ async function getDownloadableFileInfo({ root, relativePath }) {
   return {
     path: normalizeRelativePath({ root, targetPath: filePath }),
     absolutePath: filePath,
-    fileName: path13.basename(filePath),
+    fileName: path14.basename(filePath),
     mimeType,
     size: stats.size
   };
 }
 async function resolveScopedPath({ root, relativePath = "." }) {
-  const normalizedRoot = path13.resolve(root);
+  const normalizedRoot = path14.resolve(root);
   const requestedPath = resolvePathFromBase(normalizedRoot, relativePath);
-  const relative = path13.relative(normalizedRoot, requestedPath);
-  if (relative !== "" && (relative.startsWith("..") || path13.isAbsolute(relative))) {
+  const relative = path14.relative(normalizedRoot, requestedPath);
+  if (relative !== "" && (relative.startsWith("..") || path14.isAbsolute(relative))) {
     throw new Error("Access outside of workspace is not allowed");
   }
   const realRoot = await fs8.realpath(normalizedRoot);
   try {
     const realPath = await fs8.realpath(requestedPath);
-    const realRelative = path13.relative(realRoot, realPath);
-    if (realRelative !== "" && (realRelative.startsWith("..") || path13.isAbsolute(realRelative))) {
+    const realRelative = path14.relative(realRoot, realPath);
+    if (realRelative !== "" && (realRelative.startsWith("..") || path14.isAbsolute(realRelative))) {
       throw new Error("Access outside of workspace is not allowed");
     }
     return requestedPath;
@@ -32462,10 +32575,10 @@ function isMissingEntryError(error) {
   return code === "ENOENT" || code === "ENOTDIR" || code === "ELOOP";
 }
 function normalizeRelativePath({ root, targetPath }) {
-  const normalizedRoot = path13.resolve(root);
-  const normalizedTarget = path13.resolve(targetPath);
-  const relative = path13.relative(normalizedRoot, normalizedTarget);
-  return relative === "" ? "." : relative.split(path13.sep).join("/");
+  const normalizedRoot = path14.resolve(root);
+  const normalizedTarget = path14.resolve(targetPath);
+  const relative = path14.relative(normalizedRoot, normalizedTarget);
+  return relative === "" ? "." : relative.split(path14.sep).join("/");
 }
 function textMimeTypeForExtension(ext) {
   return TEXT_MIME_TYPES[ext] ?? DEFAULT_TEXT_MIME_TYPE;
@@ -32818,65 +32931,65 @@ async function getProjectIcon(projectDir) {
 }
 
 // ../server/src/utils/path.ts
-import os5 from "os";
+import os6 from "os";
 function expandTilde(path29) {
   if (path29.startsWith("~/")) {
-    const homeDir3 = process.env.HOME || os5.homedir();
+    const homeDir3 = process.env.HOME || os6.homedir();
     return path29.replace("~", homeDir3);
   }
   if (path29 === "~") {
-    return process.env.HOME || os5.homedir();
+    return process.env.HOME || os6.homedir();
   }
   return path29;
 }
 
 // ../server/src/server/skills/scanner.ts
 import fs9 from "node:fs/promises";
-import os6 from "node:os";
-import path14 from "node:path";
+import os7 from "node:os";
+import path15 from "node:path";
 var NAME_REGEX = /^[a-z0-9][a-z0-9._-]*$/i;
 function homeDir() {
-  return process.env.HOME || os6.homedir();
+  return process.env.HOME || os7.homedir();
 }
 function codexHomeDir() {
-  return process.env.CODEX_HOME || path14.join(homeDir(), ".codex");
+  return process.env.CODEX_HOME || path15.join(homeDir(), ".codex");
 }
 function resolveScopeDir(provider, scope, workspaceRoot) {
   if (scope === "codex-prompts") {
     if (provider !== "codex") {
       throw new Error(`Scope "codex-prompts" is only valid for provider "codex"`);
     }
-    return path14.join(codexHomeDir(), "prompts");
+    return path15.join(codexHomeDir(), "prompts");
   }
   if (scope === "project") {
     if (!workspaceRoot) {
       throw new Error(`workspaceRoot is required for scope "project"`);
     }
     const dotDir = provider === "claude" ? ".claude" : ".codex";
-    return path14.join(workspaceRoot, dotDir, "skills");
+    return path15.join(workspaceRoot, dotDir, "skills");
   }
   if (provider === "claude") {
-    return path14.join(homeDir(), ".claude", "skills");
+    return path15.join(homeDir(), ".claude", "skills");
   }
-  return path14.join(codexHomeDir(), "skills");
+  return path15.join(codexHomeDir(), "skills");
 }
 function allowedRoots(workspaceRoot) {
   const roots = [
-    path14.join(homeDir(), ".claude", "skills"),
-    path14.join(codexHomeDir(), "skills"),
-    path14.join(codexHomeDir(), "prompts")
+    path15.join(homeDir(), ".claude", "skills"),
+    path15.join(codexHomeDir(), "skills"),
+    path15.join(codexHomeDir(), "prompts")
   ];
   if (workspaceRoot) {
-    roots.push(path14.join(workspaceRoot, ".claude", "skills"));
-    roots.push(path14.join(workspaceRoot, ".codex", "skills"));
+    roots.push(path15.join(workspaceRoot, ".claude", "skills"));
+    roots.push(path15.join(workspaceRoot, ".codex", "skills"));
   }
-  return roots.map((r) => path14.resolve(r));
+  return roots.map((r) => path15.resolve(r));
 }
 function isInsideAllowedRoot(absPath, workspaceRoot) {
-  const resolved = path14.resolve(absPath);
+  const resolved = path15.resolve(absPath);
   for (const root of allowedRoots(workspaceRoot)) {
-    const rel = path14.relative(root, resolved);
-    if (rel === "" || !rel.startsWith("..") && !path14.isAbsolute(rel)) {
+    const rel = path15.relative(root, resolved);
+    if (rel === "" || !rel.startsWith("..") && !path15.isAbsolute(rel)) {
       return true;
     }
   }
@@ -33007,7 +33120,7 @@ async function listSkills(args) {
       if (!entry.name.endsWith(".md")) continue;
       const name = entry.name.slice(0, -".md".length);
       if (!name) continue;
-      const fullPath = path14.join(dir, entry.name);
+      const fullPath = path15.join(dir, entry.name);
       const stat5 = await safeStat(fullPath);
       if (!stat5) continue;
       const description = await readDescriptionSafely(fullPath);
@@ -33025,8 +33138,8 @@ async function listSkills(args) {
   } else {
     for (const entry of entries) {
       if (!entry.isDirectory() && !entry.isSymbolicLink()) continue;
-      const skillDir = path14.join(dir, entry.name);
-      const skillPath = path14.join(skillDir, "SKILL.md");
+      const skillDir = path15.join(dir, entry.name);
+      const skillPath = path15.join(skillDir, "SKILL.md");
       const stat5 = await safeStat(skillPath);
       if (!stat5) continue;
       const description = await readDescriptionSafely(skillPath);
@@ -33073,7 +33186,7 @@ async function createSkill(args) {
   const dir = resolveScopeDir(args.provider, args.scope, args.workspaceRoot);
   await fs9.mkdir(dir, { recursive: true });
   if (args.scope === "codex-prompts") {
-    const filePath2 = path14.join(dir, `${args.name}.md`);
+    const filePath2 = path15.join(dir, `${args.name}.md`);
     try {
       await fs9.access(filePath2);
       throw new Error(`A prompt named "${args.name}" already exists at ${filePath2}`);
@@ -33089,7 +33202,7 @@ async function createSkill(args) {
     await fs9.writeFile(filePath2, initial2, "utf8");
     return { path: filePath2 };
   }
-  const skillDir = path14.join(dir, args.name);
+  const skillDir = path15.join(dir, args.name);
   let dirExists = false;
   try {
     const stat5 = await fs9.stat(skillDir);
@@ -33101,7 +33214,7 @@ async function createSkill(args) {
     throw new Error(`A skill named "${args.name}" already exists at ${skillDir}`);
   }
   await fs9.mkdir(skillDir, { recursive: true });
-  const filePath = path14.join(skillDir, "SKILL.md");
+  const filePath = path15.join(skillDir, "SKILL.md");
   const initial = buildStarterSkill(args.name);
   await fs9.writeFile(filePath, initial, "utf8");
   return { path: filePath };
@@ -33130,7 +33243,7 @@ Body of the prompt. Use \`$1\`, \`$2\`, ... or \`$ARGUMENTS\` for parameter expa
 `;
 }
 async function writeSkillFrontmatter(args, workspaceRoot) {
-  if (!path14.isAbsolute(args.path)) {
+  if (!path15.isAbsolute(args.path)) {
     throw new Error(`writeSkillFrontmatter expects an absolute path; got "${args.path}"`);
   }
   if (!isInsideAllowedRoot(args.path, workspaceRoot)) {
@@ -33156,7 +33269,7 @@ ${original}`;
 
 // ../server/src/utils/directory-suggestions.ts
 import { readdir as readdir2, realpath, stat as stat3 } from "node:fs/promises";
-import path15 from "node:path";
+import path16 from "node:path";
 var DEFAULT_LIMIT = 30;
 var MAX_LIMIT = 100;
 var DEFAULT_MAX_DEPTH = 6;
@@ -33242,7 +33355,7 @@ function normalizeLimit(limit) {
   return Math.max(1, Math.min(MAX_LIMIT, bounded));
 }
 async function searchWithinParentDirectory(input) {
-  const parentPath = path15.resolve(input.homeRoot, input.parentPart || ".");
+  const parentPath = path16.resolve(input.homeRoot, input.parentPart || ".");
   const parentRoot = await resolveDirectory(parentPath);
   if (!parentRoot || !isPathInsideRoot(input.homeRoot, parentRoot)) {
     return [];
@@ -33307,7 +33420,7 @@ async function searchAcrossHomeTree(input) {
   return dedupeAndSort(ranked).slice(0, input.limit);
 }
 async function searchWorkspaceWithinParentDirectory(input) {
-  const parentPath = path15.resolve(input.workspaceRoot, input.parentPart || ".");
+  const parentPath = path16.resolve(input.workspaceRoot, input.parentPart || ".");
   const parentRoot = await resolveDirectory(parentPath);
   if (!parentRoot || !isPathInsideRoot(input.workspaceRoot, parentRoot)) {
     return [];
@@ -33553,15 +33666,15 @@ function findSegmentMatchIndex(segments, predicate) {
   return -1;
 }
 function normalizeRelativePath2(homeRoot, absolutePath) {
-  const relative = path15.relative(homeRoot, absolutePath);
+  const relative = path16.relative(homeRoot, absolutePath);
   if (!relative) {
     return ".";
   }
-  return relative.split(path15.sep).join("/");
+  return relative.split(path16.sep).join("/");
 }
 function isPathInsideRoot(root, target) {
-  const relative = path15.relative(root, target);
-  return relative === "" || !relative.startsWith("..") && !path15.isAbsolute(relative);
+  const relative = path16.relative(root, target);
+  return relative === "" || !relative.startsWith("..") && !path16.isAbsolute(relative);
 }
 function normalizeQueryParts(query2, homeRoot) {
   const typedQuery = query2.trim().replace(/\\/g, "/");
@@ -33577,9 +33690,9 @@ function normalizeQueryParts(query2, homeRoot) {
       normalized = normalized.slice(1);
     }
   }
-  if (path15.isAbsolute(normalized)) {
+  if (path16.isAbsolute(normalized)) {
     isRooted = true;
-    const absolute = path15.resolve(normalized);
+    const absolute = path16.resolve(normalized);
     if (!isPathInsideRoot(homeRoot, absolute)) {
       return null;
     }
@@ -33618,8 +33731,8 @@ function normalizeQueryParts(query2, homeRoot) {
 }
 function normalizeWorkspaceQueryParts(query2, workspaceRoot) {
   let normalized = query2.trim().replace(/\\/g, "/");
-  if (path15.isAbsolute(normalized)) {
-    const absolute = path15.resolve(normalized);
+  if (path16.isAbsolute(normalized)) {
+    const absolute = path16.resolve(normalized);
     if (!isPathInsideRoot(workspaceRoot, absolute)) {
       return null;
     }
@@ -33645,7 +33758,7 @@ function normalizeWorkspaceQueryParts(query2, workspaceRoot) {
 }
 async function resolveDirectory(inputPath) {
   try {
-    const resolved = await realpath(path15.resolve(inputPath));
+    const resolved = await realpath(path16.resolve(inputPath));
     const stats = await stat3(resolved);
     if (!stats.isDirectory()) {
       return null;
@@ -33672,7 +33785,7 @@ async function listChildDirectories(input) {
     if (!dirent.isDirectory() && !dirent.isSymbolicLink()) {
       continue;
     }
-    const candidatePath = path15.join(input.directory, dirent.name);
+    const candidatePath = path16.join(input.directory, dirent.name);
     const absolutePath = await resolveDirectoryCandidate({
       candidatePath,
       dirent,
@@ -33709,7 +33822,7 @@ async function listWorkspaceChildEntries(input) {
     if (isIgnoredWorkspaceDirectoryName(dirent.name)) {
       continue;
     }
-    const candidatePath = path15.join(input.directory, dirent.name);
+    const candidatePath = path16.join(input.directory, dirent.name);
     const entry = await resolveWorkspaceCandidate({
       candidatePath,
       dirent,
@@ -33732,7 +33845,7 @@ async function listWorkspaceChildEntries(input) {
 }
 async function resolveDirectoryCandidate(input) {
   if (input.dirent.isDirectory()) {
-    const resolved2 = path15.resolve(input.candidatePath);
+    const resolved2 = path16.resolve(input.candidatePath);
     return isPathInsideRoot(input.homeRoot, resolved2) ? resolved2 : null;
   }
   const resolved = await resolveDirectory(input.candidatePath);
@@ -33743,14 +33856,14 @@ async function resolveDirectoryCandidate(input) {
 }
 async function resolveWorkspaceCandidate(input) {
   if (input.dirent.isDirectory()) {
-    const resolved = path15.resolve(input.candidatePath);
+    const resolved = path16.resolve(input.candidatePath);
     if (!isPathInsideRoot(input.workspaceRoot, resolved)) {
       return null;
     }
     return { absolutePath: resolved, kind: "directory" };
   }
   if (input.dirent.isFile()) {
-    const resolved = path15.resolve(input.candidatePath);
+    const resolved = path16.resolve(input.candidatePath);
     if (!isPathInsideRoot(input.workspaceRoot, resolved)) {
       return null;
     }
@@ -33830,7 +33943,7 @@ function pruneWorkspaceEntryListCache() {
 // ../server/src/utils/directory-listing.ts
 import { readdir as readdir3, stat as stat4, realpath as realpath2 } from "node:fs/promises";
 import { homedir as homedir3 } from "node:os";
-import path16 from "node:path";
+import path17 from "node:path";
 var DEFAULT_LIMIT2 = 500;
 async function listDirectoryContents(options) {
   const includeFiles = options.includeFiles ?? false;
@@ -33841,7 +33954,7 @@ async function listDirectoryContents(options) {
   const collected = [];
   for (const dirent of dirents) {
     if (!includeHidden && dirent.name.startsWith(".")) continue;
-    const childPath = path16.join(resolvedPath, dirent.name);
+    const childPath = path17.join(resolvedPath, dirent.name);
     const kind = await classifyEntry(dirent, childPath);
     if (!kind) continue;
     if (kind === "file" && !includeFiles) continue;
@@ -33849,7 +33962,7 @@ async function listDirectoryContents(options) {
     if (collected.length >= limit) break;
   }
   collected.sort(compareEntries);
-  const parent = path16.dirname(resolvedPath);
+  const parent = path17.dirname(resolvedPath);
   return {
     path: resolvedPath,
     parent: parent === resolvedPath ? null : parent,
@@ -33860,12 +33973,12 @@ async function resolveAbsolutePath(rawPath) {
   const home = process.env.HOME ?? homedir3();
   const trimmed = rawPath.trim();
   if (trimmed === "" || trimmed === "~") {
-    return path16.resolve(home);
+    return path17.resolve(home);
   }
   if (trimmed.startsWith("~/")) {
-    return path16.resolve(home, trimmed.slice(2));
+    return path17.resolve(home, trimmed.slice(2));
   }
-  if (!path16.isAbsolute(trimmed)) {
+  if (!path17.isAbsolute(trimmed)) {
     throw new Error(
       `list_directory requires an absolute path, an empty string, or a "~"-prefixed path; got ${JSON.stringify(rawPath)}`
     );
@@ -33873,7 +33986,7 @@ async function resolveAbsolutePath(rawPath) {
   try {
     return await realpath2(trimmed);
   } catch {
-    return path16.resolve(trimmed);
+    return path17.resolve(trimmed);
   }
 }
 async function classifyEntry(dirent, fullPath) {
@@ -33913,10 +34026,10 @@ function resolveClientMessageId(clientMessageId, generateId = uuidv45) {
 }
 
 // ../server/src/server/chat/chat-service.ts
-import { z as z33 } from "zod";
-var ChatStorePayloadSchema = z33.object({
-  rooms: z33.array(ChatRoomSchema),
-  messages: z33.array(ChatMessageSchema)
+import { z as z36 } from "zod";
+var ChatStorePayloadSchema = z36.object({
+  rooms: z36.array(ChatRoomSchema),
+  messages: z36.array(ChatMessageSchema)
 });
 var ChatServiceError = class extends Error {
   constructor(code, message) {
@@ -34007,33 +34120,33 @@ function buildChatMentionNotification(input) {
 
 // ../server/src/server/roles/scanner.ts
 import fs10 from "node:fs/promises";
-import os7 from "node:os";
-import path17 from "node:path";
+import os8 from "node:os";
+import path18 from "node:path";
 var NAME_REGEX2 = /^[a-z0-9][a-z0-9._-]*$/i;
 function homeDir2() {
-  return process.env.HOME || os7.homedir();
+  return process.env.HOME || os8.homedir();
 }
 function resolveScopeDir2(scope, workspaceRoot) {
   if (scope === "project") {
     if (!workspaceRoot) {
       throw new Error('workspaceRoot is required for scope "project"');
     }
-    return path17.join(workspaceRoot, ".roles");
+    return path18.join(workspaceRoot, ".roles");
   }
-  return path17.join(homeDir2(), ".appostle", ".roles");
+  return path18.join(homeDir2(), ".appostle", ".roles");
 }
 function allowedRoots2(workspaceRoot) {
-  const roots = [path17.join(homeDir2(), ".appostle", ".roles")];
+  const roots = [path18.join(homeDir2(), ".appostle", ".roles")];
   if (workspaceRoot) {
-    roots.push(path17.join(workspaceRoot, ".roles"));
+    roots.push(path18.join(workspaceRoot, ".roles"));
   }
-  return roots.map((r) => path17.resolve(r));
+  return roots.map((r) => path18.resolve(r));
 }
 function isInsideAllowedRoot2(absPath, workspaceRoot) {
-  const resolved = path17.resolve(absPath);
+  const resolved = path18.resolve(absPath);
   for (const root of allowedRoots2(workspaceRoot)) {
-    const rel = path17.relative(root, resolved);
-    if (rel === "" || !rel.startsWith("..") && !path17.isAbsolute(rel)) {
+    const rel = path18.relative(root, resolved);
+    if (rel === "" || !rel.startsWith("..") && !path18.isAbsolute(rel)) {
       return true;
     }
   }
@@ -34231,7 +34344,7 @@ async function readRolesFromDir(scope, dir, category) {
     if (!entry.name.endsWith(".md")) continue;
     const name = entry.name.slice(0, -".md".length);
     if (!name || !NAME_REGEX2.test(name)) continue;
-    const fullPath = path17.join(dir, entry.name);
+    const fullPath = path18.join(dir, entry.name);
     let stat5;
     try {
       const s = await fs10.stat(fullPath);
@@ -34281,7 +34394,7 @@ async function readRolesFromScopeDir(scope, scopeDir) {
   }
   const flat = await readRolesFromDir(scope, scopeDir, null);
   const categoryResults = await Promise.all(
-    topEntries.filter((e) => e.isDirectory() && NAME_REGEX2.test(e.name)).map((e) => readRolesFromDir(scope, path17.join(scopeDir, e.name), e.name))
+    topEntries.filter((e) => e.isDirectory() && NAME_REGEX2.test(e.name)).map((e) => readRolesFromDir(scope, path18.join(scopeDir, e.name), e.name))
   );
   const all = [...flat, ...categoryResults.flat()];
   all.sort((a, b) => {
@@ -34321,9 +34434,9 @@ async function createRole(args) {
     throw new Error(`Role name must not contain path separators or "..".`);
   }
   const scopeDir = resolveScopeDir2(args.scope, args.workspaceRoot);
-  const dir = args.category ? path17.join(scopeDir, args.category) : scopeDir;
+  const dir = args.category ? path18.join(scopeDir, args.category) : scopeDir;
   await fs10.mkdir(dir, { recursive: true });
-  const filePath = path17.join(dir, `${args.name}.md`);
+  const filePath = path18.join(dir, `${args.name}.md`);
   try {
     await fs10.access(filePath);
     throw new Error(`A role named "${args.name}" already exists at ${filePath}`);
@@ -34357,7 +34470,7 @@ the role is invoked.
 `;
 }
 async function writeRoleFrontmatter(args, workspaceRoot) {
-  if (!path17.isAbsolute(args.path)) {
+  if (!path18.isAbsolute(args.path)) {
     throw new Error(`writeRoleFrontmatter expects an absolute path; got "${args.path}"`);
   }
   if (!isInsideAllowedRoot2(args.path, workspaceRoot)) {
@@ -34381,20 +34494,20 @@ ${original}`;
   await fs10.writeFile(args.path, nextContent, "utf8");
 }
 async function moveRole(args, workspaceRoot) {
-  if (!path17.isAbsolute(args.path)) {
+  if (!path18.isAbsolute(args.path)) {
     throw new Error(`moveRole expects an absolute path; got "${args.path}"`);
   }
   if (!isInsideAllowedRoot2(args.path, workspaceRoot)) {
     throw new Error(`Path "${args.path}" is not inside an allowlisted role root`);
   }
-  const oldDir = path17.dirname(args.path);
-  const oldFilename = path17.basename(args.path, ".md");
+  const oldDir = path18.dirname(args.path);
+  const oldFilename = path18.basename(args.path, ".md");
   const roots = allowedRoots2(workspaceRoot);
-  const rolesRoot = roots.find((r) => path17.resolve(args.path).startsWith(r));
+  const rolesRoot = roots.find((r) => path18.resolve(args.path).startsWith(r));
   if (!rolesRoot) {
     throw new Error(`Cannot determine roles root for "${args.path}"`);
   }
-  const relFromRoot = path17.relative(rolesRoot, path17.dirname(args.path));
+  const relFromRoot = path18.relative(rolesRoot, path18.dirname(args.path));
   const currentCategory = relFromRoot && relFromRoot !== "." ? relFromRoot : "";
   const newName = args.newName ?? oldFilename;
   const newCategory = args.newCategory !== void 0 ? args.newCategory : currentCategory;
@@ -34404,9 +34517,9 @@ async function moveRole(args, workspaceRoot) {
   if (newCategory && !NAME_REGEX2.test(newCategory)) {
     throw new Error(`Invalid category name: "${newCategory}"`);
   }
-  const newDir = newCategory ? path17.join(rolesRoot, newCategory) : rolesRoot;
-  const newPath = path17.join(newDir, `${newName}.md`);
-  if (path17.resolve(newPath) === path17.resolve(args.path)) {
+  const newDir = newCategory ? path18.join(rolesRoot, newCategory) : rolesRoot;
+  const newPath = path18.join(newDir, `${newName}.md`);
+  if (path18.resolve(newPath) === path18.resolve(args.path)) {
     return { path: args.path };
   }
   await fs10.mkdir(newDir, { recursive: true });
@@ -34444,17 +34557,17 @@ async function moveRole(args, workspaceRoot) {
 
 // ../server/src/server/brands/scanner.ts
 import fs11 from "node:fs/promises";
-import path18 from "node:path";
+import path19 from "node:path";
 var CATEGORY_REGEX = /^[a-z0-9][a-z0-9_-]*$/i;
 function resolveAssetsDir(workspaceRoot, category) {
-  const base = path18.join(workspaceRoot, ".appostle", "brand", "assets");
+  const base = path19.join(workspaceRoot, ".appostle", "brand", "assets");
   if (!category) return base;
   if (!CATEGORY_REGEX.test(category) || category.includes("..")) {
     throw new Error(
       `Invalid asset category "${category}". Use letters, digits, dot, underscore, dash.`
     );
   }
-  return path18.join(base, category);
+  return path19.join(base, category);
 }
 function relativePathFor(category, fileName) {
   return category ? `assets/${category}/${fileName}` : `assets/${fileName}`;
@@ -34470,9 +34583,9 @@ async function removeSiblingExtensions(dir, targetName, keepFileName) {
     if (entry === keepFileName) continue;
     if (!entry.startsWith(`${targetName}.`)) continue;
     try {
-      const stat5 = await fs11.stat(path18.join(dir, entry));
+      const stat5 = await fs11.stat(path19.join(dir, entry));
       if (!stat5.isFile()) continue;
-      await fs11.unlink(path18.join(dir, entry));
+      await fs11.unlink(path19.join(dir, entry));
     } catch {
     }
   }
@@ -34483,7 +34596,7 @@ function convertSvgToMono(svg, color) {
 async function runDerivations(options) {
   const { primaryAbsolutePath, assetsDir, category, derive } = options;
   if (derive.length === 0) return [];
-  const ext = path18.extname(primaryAbsolutePath).toLowerCase();
+  const ext = path19.extname(primaryAbsolutePath).toLowerCase();
   const isSvg = ext === ".svg";
   const results = [];
   for (const spec of derive) {
@@ -34518,9 +34631,9 @@ async function runDerivations(options) {
       const sourceText = await fs11.readFile(primaryAbsolutePath, "utf8");
       const monoText = convertSvgToMono(sourceText, spec.color);
       const fileName = `${spec.targetName}${ext}`;
-      const destAbs = path18.resolve(assetsDir, fileName);
-      const rel = path18.relative(path18.resolve(assetsDir), destAbs);
-      if (rel.startsWith("..") || path18.isAbsolute(rel)) {
+      const destAbs = path19.resolve(assetsDir, fileName);
+      const rel = path19.relative(path19.resolve(assetsDir), destAbs);
+      if (rel.startsWith("..") || path19.isAbsolute(rel)) {
         results.push({
           targetName: spec.targetName,
           relativePath: "",
@@ -34554,22 +34667,22 @@ function resolveScopeDir3(scope, workspaceRoot) {
     if (!workspaceRoot) {
       throw new Error('workspaceRoot is required for scope "project"');
     }
-    return path18.join(workspaceRoot, ".appostle", "brand");
+    return path19.join(workspaceRoot, ".appostle", "brand");
   }
   throw new Error(`Unknown scope: ${scope}`);
 }
 function allowedRoots3(workspaceRoot) {
   const roots = [];
   if (workspaceRoot) {
-    roots.push(path18.join(workspaceRoot, ".appostle", "brand"));
+    roots.push(path19.join(workspaceRoot, ".appostle", "brand"));
   }
-  return roots.map((r) => path18.resolve(r));
+  return roots.map((r) => path19.resolve(r));
 }
 function isInsideAllowedRoot3(absPath, workspaceRoot) {
-  const resolved = path18.resolve(absPath);
+  const resolved = path19.resolve(absPath);
   for (const root of allowedRoots3(workspaceRoot)) {
-    const rel = path18.relative(root, resolved);
-    if (rel === "" || !rel.startsWith("..") && !path18.isAbsolute(rel)) {
+    const rel = path19.relative(root, resolved);
+    if (rel === "" || !rel.startsWith("..") && !path19.isAbsolute(rel)) {
       return true;
     }
   }
@@ -34783,7 +34896,7 @@ async function readBrandsFromDir(scope, dir) {
     if (!entry.name.endsWith(".md")) continue;
     const name = entry.name.slice(0, -".md".length);
     if (!name || !NAME_REGEX3.test(name)) continue;
-    const fullPath = path18.join(dir, entry.name);
+    const fullPath = path19.join(dir, entry.name);
     let stat5;
     try {
       const s = await fs11.stat(fullPath);
@@ -34827,7 +34940,7 @@ async function createBrand(args) {
   }
   const dir = resolveScopeDir3("project", args.workspaceRoot);
   await fs11.mkdir(dir, { recursive: true });
-  const filePath = path18.join(dir, `${args.name}.md`);
+  const filePath = path19.join(dir, `${args.name}.md`);
   try {
     await fs11.access(filePath);
     throw new Error(`A brand named "${args.name}" already exists at ${filePath}`);
@@ -34883,7 +34996,7 @@ async function copyBrandAsset(args) {
   if (!args.workspaceRoot) {
     throw new Error("workspaceRoot is required to copy a brand asset");
   }
-  if (!args.sourcePath || !path18.isAbsolute(args.sourcePath)) {
+  if (!args.sourcePath || !path19.isAbsolute(args.sourcePath)) {
     throw new Error(`copyBrandAsset expects an absolute sourcePath; got "${args.sourcePath}"`);
   }
   if (!TARGET_NAME_REGEX.test(args.targetName) || args.targetName.includes("..")) {
@@ -34895,12 +35008,12 @@ async function copyBrandAsset(args) {
   if (!stats.isFile()) {
     throw new Error(`Source path is not a regular file: ${args.sourcePath}`);
   }
-  const ext = path18.extname(args.sourcePath).toLowerCase();
+  const ext = path19.extname(args.sourcePath).toLowerCase();
   const fileName = `${args.targetName}${ext}`;
   const assetsDir = resolveAssetsDir(args.workspaceRoot, args.category);
-  const destAbs = path18.resolve(assetsDir, fileName);
-  const rel = path18.relative(path18.resolve(assetsDir), destAbs);
-  if (rel.startsWith("..") || path18.isAbsolute(rel)) {
+  const destAbs = path19.resolve(assetsDir, fileName);
+  const rel = path19.relative(path19.resolve(assetsDir), destAbs);
+  if (rel.startsWith("..") || path19.isAbsolute(rel)) {
     throw new Error(`Refusing to write outside of .appostle/brand/assets: ${destAbs}`);
   }
   await fs11.mkdir(assetsDir, { recursive: true });
@@ -34930,13 +35043,13 @@ async function uploadBrandAsset(args) {
   if (!args.dataBase64 || args.dataBase64.trim().length === 0) {
     throw new Error("No file data provided for brand asset upload");
   }
-  const extFromSource = args.sourceName ? path18.extname(args.sourceName).toLowerCase() : "";
+  const extFromSource = args.sourceName ? path19.extname(args.sourceName).toLowerCase() : "";
   const ext = extFromSource || ".png";
   const fileName = `${args.targetName}${ext}`;
   const assetsDir = resolveAssetsDir(args.workspaceRoot, args.category);
-  const destAbs = path18.resolve(assetsDir, fileName);
-  const rel = path18.relative(path18.resolve(assetsDir), destAbs);
-  if (rel.startsWith("..") || path18.isAbsolute(rel)) {
+  const destAbs = path19.resolve(assetsDir, fileName);
+  const rel = path19.relative(path19.resolve(assetsDir), destAbs);
+  if (rel.startsWith("..") || path19.isAbsolute(rel)) {
     throw new Error(`Refusing to write outside of .appostle/brand/assets: ${destAbs}`);
   }
   let data;
@@ -34964,7 +35077,7 @@ async function uploadBrandAsset(args) {
   };
 }
 async function writeBrandFrontmatter(args, workspaceRoot) {
-  if (!path18.isAbsolute(args.path)) {
+  if (!path19.isAbsolute(args.path)) {
     throw new Error(`writeBrandFrontmatter expects an absolute path; got "${args.path}"`);
   }
   if (!isInsideAllowedRoot3(args.path, workspaceRoot)) {
@@ -34989,10 +35102,10 @@ ${original}`;
 }
 
 // ../server/src/server/brand/token-generator.ts
-import { z as z34 } from "zod";
+import { z as z37 } from "zod";
 var HEX6 = /^#[0-9a-f]{6}$/i;
-var TokensResponseSchema = z34.object({
-  tokens: z34.record(z34.string(), z34.string())
+var TokensResponseSchema = z37.object({
+  tokens: z37.record(z37.string(), z37.string())
 });
 function buildPrompt2(args) {
   const baseColours = args.paletteVars.filter((v) => v.type === "color");
@@ -35208,96 +35321,95 @@ async function generateAndApplyBrandTokens(options) {
   return { generatedCount: acceptedUpdates.size };
 }
 
-// ../server/src/server/brand/art-direction-generator.ts
+// ../server/src/server/brand/layout-generator.ts
 import { promises as fs12 } from "node:fs";
-import path19 from "node:path";
+import path20 from "node:path";
 import { fileURLToPath as fileURLToPath2 } from "node:url";
-import { z as z35 } from "zod";
-var PROMPT_FILENAME = "art-direction-prompt.md";
+import { z as z38 } from "zod";
+var QA_FILENAME = "layout-qa.md";
 var MAX_LOOKUP_LEVELS = 10;
-async function findPromptFile() {
-  let dir = path19.dirname(fileURLToPath2(import.meta.url));
+var ROLE_FILE_RELATIVE = ".appostle/brand/assets/role/brand-layout-role.md";
+async function findFileUpward(filename) {
+  let dir = path20.dirname(fileURLToPath2(import.meta.url));
   for (let i = 0; i < MAX_LOOKUP_LEVELS; i++) {
-    const candidate = path19.join(dir, PROMPT_FILENAME);
+    const candidate = path20.join(dir, filename);
     try {
       await fs12.access(candidate);
       return candidate;
     } catch {
     }
-    const parent = path19.dirname(dir);
+    const parent = path20.dirname(dir);
     if (parent === dir) break;
     dir = parent;
   }
   return null;
 }
-async function loadPromptTemplate(logger) {
-  const filePath = await findPromptFile();
-  if (filePath) {
-    try {
-      const content = await fs12.readFile(filePath, "utf8");
-      logger.debug({ filePath }, "art-direction-generator: loaded prompt from disk");
-      return content;
-    } catch (err) {
-      logger.warn(
-        { err, filePath },
-        "art-direction-generator: failed to read prompt file; using embedded fallback"
-      );
+function getRoleFilePath(workspaceRoot) {
+  return path20.join(workspaceRoot, ROLE_FILE_RELATIVE);
+}
+async function readRoleFile(workspaceRoot) {
+  try {
+    return await fs12.readFile(getRoleFilePath(workspaceRoot), "utf8");
+  } catch {
+    return null;
+  }
+}
+async function writeRoleFile(workspaceRoot, content) {
+  const filePath = getRoleFilePath(workspaceRoot);
+  await fs12.mkdir(path20.dirname(filePath), { recursive: true });
+  await fs12.writeFile(filePath, content, "utf8");
+}
+var QaNextResponseSchema = z38.object({
+  done: z38.boolean(),
+  question: z38.string().optional(),
+  options: z38.array(z38.string()).optional(),
+  roleDocument: z38.string().optional()
+});
+var RefinementResponseSchema = z38.object({
+  roleDocument: z38.string()
+});
+var WireframeBlockSchema = z38.object({
+  type: z38.enum(["headline", "subheadline", "text", "image", "cta", "spacer"]),
+  widthFraction: z38.number(),
+  heightVh: z38.number()
+});
+var WireframeSectionSchema = z38.object({
+  type: z38.enum(["hero", "features", "content", "cta", "footer", "divider"]),
+  widthMode: z38.enum(["full-bleed", "contained"]),
+  heightVh: z38.number(),
+  arrangement: z38.enum(["single-column", "split", "asymmetric-grid", "bento", "stacked"]),
+  blocks: z38.array(WireframeBlockSchema),
+  bg: z38.enum(["neutral", "alt", "accent", "image"]),
+  gapAfterVh: z38.number()
+});
+var WireframeDataSchema = z38.object({
+  viewport: z38.object({ width: z38.number(), height: z38.number() }),
+  maxWidth: z38.number(),
+  pageBg: z38.string(),
+  sections: z38.array(WireframeSectionSchema)
+});
+function buildFullBrandContext(allBrands) {
+  const lines = [];
+  for (const brand of allBrands) {
+    const filled = brand.variables.filter((v) => v.value && v.value.length > 0);
+    if (filled.length === 0) continue;
+    lines.push(`## ${brand.name}`);
+    if (brand.description) lines.push(brand.description);
+    for (const v of filled) {
+      lines.push(`  ${v.label || v.key}: ${v.value}`);
     }
+    lines.push("");
   }
-  return EMBEDDED_PROMPT_FALLBACK;
+  return lines.length > 0 ? lines.join("\n") : "(No brand context established yet.)";
 }
-var EMBEDDED_PROMPT_FALLBACK = [
-  "You are an art director setting the structural rules for a brand.",
-  "",
-  "The user will describe a design direction. Fill 15 structured fields that",
-  "capture page-level structural decisions. For SELECT fields pick one preset;",
-  "only use 'custom' when no preset fits. For TEXT fields write opinionated prose.",
-  "",
-  "{{userPrompt}}",
-  "",
-  'Return ONLY JSON: { "fields": { "art-direction.intent": "...", ... } }'
-].join("\n");
-var ArtDirectionResponseSchema = z35.object({
-  fields: z35.record(z35.string(), z35.string())
-});
-var KNOWN_KEYS = /* @__PURE__ */ new Set([
-  "art-direction.intent",
-  "art-direction.hero",
-  "art-direction.hero.custom",
-  "art-direction.feature-layout",
-  "art-direction.feature-layout.custom",
-  "art-direction.section-rhythm",
-  "art-direction.section-rhythm.custom",
-  "art-direction.density",
-  "art-direction.density.custom",
-  "art-direction.section-color",
-  "art-direction.section-color.custom",
-  "art-direction.grid",
-  "art-direction.grid.custom",
-  "art-direction.image-height",
-  "art-direction.image-height.custom",
-  "art-direction.image-aspect",
-  "art-direction.image-aspect.custom",
-  "art-direction.image-treatment",
-  "art-direction.image-treatment.custom",
-  "art-direction.cta-density",
-  "art-direction.cta-density.custom",
-  "art-direction.dividers",
-  "art-direction.dividers.custom",
-  "art-direction.bg-texture",
-  "art-direction.bg-texture.custom",
-  "art-direction.bans"
-]);
-function buildStructuralContext(allBrands, artDirectionVars) {
+function buildStructuralContext(allBrands) {
   const lines = [];
   const spacing = allBrands.find((b) => b.name === "spacing");
   if (spacing) {
     const filled = spacing.variables.filter((v) => v.value && v.value.length > 0);
     if (filled.length > 0) {
       lines.push("Spacing (already established):");
-      for (const v of filled) {
-        lines.push(`  ${v.label || v.key}: ${v.value}px`);
-      }
+      for (const v of filled) lines.push(`  ${v.label || v.key}: ${v.value}px`);
     }
   }
   const typography = allBrands.find((b) => b.name === "typography");
@@ -35306,10 +35418,8 @@ function buildStructuralContext(allBrands, artDirectionVars) {
       (v) => v.value && v.value.length > 0 && (v.key.includes(".size") || v.key.includes(".fontSize"))
     );
     if (sizeVars.length > 0) {
-      lines.push("Typography scale (sizes only \u2014 already established):");
-      for (const v of sizeVars) {
-        lines.push(`  ${v.label || v.key}: ${v.value}`);
-      }
+      lines.push("Typography scale (sizes only):");
+      for (const v of sizeVars) lines.push(`  ${v.label || v.key}: ${v.value}`);
     }
   }
   const shapes = allBrands.find((b) => b.name === "shapes");
@@ -35318,138 +35428,325 @@ function buildStructuralContext(allBrands, artDirectionVars) {
       (v) => v.value && v.value.length > 0 && (v.key.includes("rotation") || v.key.includes("utilisation") || v.key.includes("color-rule") || v.key.includes("size-range"))
     );
     if (ruleVars.length > 0) {
-      lines.push("Shapes usage rules (already established):");
-      for (const v of ruleVars) {
-        lines.push(`  ${v.label || v.key}: ${v.value}`);
-      }
+      lines.push("Shapes usage rules:");
+      for (const v of ruleVars) lines.push(`  ${v.label || v.key}: ${v.value}`);
     }
   }
-  const lockedAd = artDirectionVars.filter((v) => v.locked && v.value && v.value.length > 0);
-  if (lockedAd.length > 0) {
-    lines.push("Locked art direction fields (DO NOT override \u2014 user has confirmed these):");
-    for (const v of lockedAd) {
-      lines.push(`  ${v.key}: ${v.value}`);
+  return lines.length > 0 ? lines.join("\n") : "(No structural context established yet.)";
+}
+var TARGET_QUESTIONS = 7;
+var EMBEDDED_QA_FALLBACK = `## Compositional Philosophy
+- What's the single-sentence design philosophy that should govern every layout decision?
+- What's the ratio of whitespace to content density you're after?
+
+## Hero Behavior
+- How should the hero section behave? Full viewport takeover, contained module, asymmetric split?
+- Should the hero have scroll-triggered behavior or stay static?
+
+## Section Variation & Flow
+- How many distinct section types should the page cycle through?
+- Should any sections break out of the main container (full-bleed moments)?
+
+## Density & Spacing
+- How tight should content be packed within sections?
+- How much vertical breathing room between major sections?
+
+## Grid System
+- What grid philosophy \u2014 strict 12-column, asymmetric, modular, or freeform?
+
+## Containers & Cards
+- What's your card philosophy \u2014 flat, elevated, outlined, or glassmorphic?
+
+## Image Treatment
+- What role do images play \u2014 hero-level, supporting, or minimal?
+
+## CTA Strategy
+- How many CTAs per page and what's the hierarchy?
+
+## Mobile Behavior
+- How should the desktop layout transform on mobile?
+
+## Prohibitions & Bans
+- What design patterns are absolutely forbidden?
+- Any CSS properties or techniques that are banned?`;
+async function loadQaQuestions(logger) {
+  const filePath = await findFileUpward(QA_FILENAME);
+  if (filePath) {
+    try {
+      const content = await fs12.readFile(filePath, "utf8");
+      logger.debug({ filePath }, "layout-generator: loaded Q&A questions from disk");
+      return content;
+    } catch (err) {
+      logger.warn(
+        { err, filePath },
+        "layout-generator: failed to read Q&A file; using embedded fallback"
+      );
     }
   }
-  if (lines.length === 0) {
-    return "(No structural context established yet \u2014 this is a fresh brand.)";
-  }
-  return lines.join("\n");
+  return EMBEDDED_QA_FALLBACK;
 }
-async function generateAndApplyArtDirection(options) {
-  const { agentManager, workspaceRoot, brandPath, prompt: userPrompt, logger } = options;
+var ROLE_GENERATION_INSTRUCTIONS = `You are an elite art director generating a complete design role document. This document will be injected wholesale into an AI agent's context to give it a dense, opinionated compositional voice \u2014 the way lordesign-brutalist or lordesign-soft gives a builder an entire design philosophy.
+
+The output must be a SINGLE cohesive markdown document (NOT JSON, NOT key-value pairs). It reads like a design manifesto \u2014 dense, opinionated, specific enough that two different builders reading it would produce nearly identical structural decisions.
+
+## Required sections (use these exact headings)
+
+# Brand Layout Role
+
+## Compositional Philosophy
+The north star. 3-5 sentences describing the fundamental spatial personality.
+
+## Hero Behavior
+Exact rules for hero sections \u2014 dimensions, content placement, image treatment, scroll behavior, what's forbidden.
+
+## Section Variation & Flow
+How consecutive sections differ. Allowed arrangements. How many types cycle. Full-bleed rules.
+
+## Density Philosophy
+Where dense, where airy, specific spacing ratios, padding rules.
+
+## Vertical Rhythm
+Section height strategy, padding patterns, oscillation rules, breathing room logic.
+
+## Grid System
+Column philosophy, alignment rules, breakpoint behavior, visible vs invisible structure.
+
+## Container & Card Rules
+Borders, shadows, corners, nesting rules, elevation hierarchy.
+
+## Image Treatment
+Aspect ratios, size constraints, cropping rules, filter/overlay rules, frequency.
+
+## CTA Strategy
+Frequency per page, hierarchy, styling constraints, placement rules.
+
+## Mobile Behavior
+Breakpoint strategy, what collapses vs stacks, density changes, navigation transformation.
+
+## Bans
+The most powerful section. At least 20 specific prohibitions at EVERY level:
+- CSS-level (specific properties, values, patterns)
+- Component-level (specific UI patterns forbidden)
+- Layout-level (spatial patterns forbidden)
+- Content-level (content patterns forbidden)
+- Interaction-level (motion/animation patterns forbidden)
+
+Each ban on its own line starting with "\u2022". Be ruthlessly specific \u2014 "no gradients" is vague, "no linear-gradient except single-stop overlays on hero images" is useful.
+
+## Critical quality bar
+- Every rule must be specific enough to resolve an ambiguous decision
+- No generic advice ("keep it clean") \u2014 only actionable constraints
+- The bans section alone should have 20+ items
+- Rules should reference specific CSS properties, pixel values, viewport units where applicable
+- The document should be 50-100 rules total across all sections`;
+function buildQaSystemPrompt(questions) {
+  return `You are a chill creative director doing a quick vibe check on someone's layout taste.
+
+CONTEXT:
+- You're defining a BRAND \u2014 not a product, not a page, not a medium.
+- IGNORE the project, repo, product, or workspace. The brand is abstract.
+- The layout rules must work across any medium \u2014 web, print, PDF, presentation.
+
+Your goal: ask ~${TARGET_QUESTIONS} quick-fire questions to nail down the compositional intent. Then generate the dense role document.
+
+## Question Bank (internal reference \u2014 NEVER quote or paraphrase these to the user)
+${questions}
+
+## How to ask (THIS IS THE MOST IMPORTANT PART)
+The question bank above is technical and heavy. Your job is to translate those topics into SHORT, CASUAL, EFFORTLESS questions. The user should feel like they're picking vibes, not doing homework.
+
+- ONE question at a time. MAX 8 words. Conversational, not formal.
+- 4 options, each MAX 6 words. The options carry all the nuance \u2014 the user just picks one.
+- The options must be concrete and opinionated. Each option should map to a real design decision internally, but READ like a casual preference pick.
+- NEVER use technical terms in the question (no "grid", "density", "viewport", "CTA", "breakpoint", "whitespace ratio"). Save that for the role document.
+- NEVER use CSS values, property names, or code in questions or options.
+- NEVER ask the user to "describe", "name", "list", or "write" anything. They just pick.
+- Think Buzzfeed quiz energy, not design school exam.
+- Plain language only. No markdown, no parentheticals, no examples.
+
+Good questions: "How packed should things feel?", "What's the vibe up top?", "Cards or open space?"
+Bad questions: "What grid-template-columns value reflects your density preference?", "How should the hero section command attention above the fold?"
+
+- After ~${TARGET_QUESTIONS} answers, set done=true and generate the role document.
+
+When done=false, return:
+{ "done": false, "question": "Short question?", "options": ["Option A", "Option B", "Option C", "Option D"] }
+
+When done=true, return:
+{ "done": true, "roleDocument": "# Brand Layout Role\\n\\n## Compositional Philosophy\\n..." }
+
+The roleDocument must be a complete markdown document following this structure:
+${ROLE_GENERATION_INSTRUCTIONS}`;
+}
+async function layoutQaNext(options) {
+  const { agentManager, workspaceRoot, brandPath, conversation, logger } = options;
   const brands = await listBrands({ workspaceRoot });
   const brand = brands.find((b) => b.path === brandPath) ?? null;
-  if (!brand) {
-    throw new Error(`Brand file not found at ${brandPath}`);
+  if (!brand) throw new Error(`Brand file not found at ${brandPath}`);
+  const structuralContext = buildStructuralContext(brands);
+  const questions = await loadQaQuestions(logger);
+  const qaSystemPrompt = buildQaSystemPrompt(questions);
+  const convLines = conversation.map((m) => `${m.role === "assistant" ? "AI" : "User"}: ${m.content}`).join("\n\n");
+  const userAnswerCount = conversation.filter((m) => m.role === "user").length;
+  const prompt = [
+    qaSystemPrompt,
+    "",
+    "## Structural context",
+    structuralContext,
+    "",
+    userAnswerCount >= TARGET_QUESTIONS ? `The user has answered ${userAnswerCount} questions. You MUST now set done=true and generate the complete role document.` : `Questions asked so far: ${userAnswerCount}/${TARGET_QUESTIONS}. Ask the next question.`,
+    "",
+    conversation.length > 0 ? `## Conversation so far
+
+${convLines}` : "## Start\nAsk the first question.",
+    "",
+    "Return ONLY JSON. No markdown fences. No explanation."
+  ].join("\n");
+  const response = await generateStructuredAgentResponseWithFallback({
+    manager: agentManager,
+    cwd: workspaceRoot,
+    prompt,
+    schema: QaNextResponseSchema,
+    schemaName: "LayoutQaNext",
+    maxRetries: 2,
+    providers: DEFAULT_STRUCTURED_GENERATION_PROVIDERS,
+    agentConfigOverrides: {
+      title: "Layout Q&A",
+      internal: true
+    }
+  });
+  if (!response.done) {
+    return {
+      done: false,
+      question: response.question ?? "What compositional direction are you aiming for?",
+      options: response.options
+    };
   }
-  const allVars = brand.variables;
-  const lockedKeys = new Set(allVars.filter((v) => v.locked).map((v) => v.key));
-  const unlockedKeys = new Set(
-    allVars.filter((v) => !v.locked && KNOWN_KEYS.has(v.key)).map((v) => v.key)
-  );
-  if (unlockedKeys.size === 0) {
-    logger.info({ brandPath }, "art-direction: nothing to generate (all fields locked)");
-    return { generatedCount: 0 };
+  if (!response.roleDocument) {
+    throw new Error("Q&A marked done but no roleDocument returned");
   }
-  const structuralContext = buildStructuralContext(brands, allVars);
-  const template = await loadPromptTemplate(logger);
-  const agentPrompt = template.replace(/\{\{userPrompt\}\}/g, userPrompt.trim()).replace(/\{\{structuralContext\}\}/g, structuralContext);
+  await writeRoleFile(workspaceRoot, response.roleDocument);
+  logger.info({ brandPath }, "layout Q&A: wrote role document");
+  return { done: true, roleContent: response.roleDocument };
+}
+async function generateAndApplyLayout(options) {
+  const { agentManager, workspaceRoot, brandPath, prompt: userPrompt, logger } = options;
+  const brands = await listBrands({ workspaceRoot });
+  const brand = brands.find((b) => b.path === brandPath) ?? null;
+  if (!brand) throw new Error(`Brand file not found at ${brandPath}`);
+  const structuralContext = buildStructuralContext(brands);
+  const existingRole = await readRoleFile(workspaceRoot);
+  const prompt = [
+    ROLE_GENERATION_INSTRUCTIONS,
+    "",
+    "## Structural context (sibling brand files)",
+    structuralContext,
+    "",
+    existingRole ? `## Current role document
+
+${existingRole}` : "(No existing role document \u2014 generate from scratch.)",
+    "",
+    "## User's refinement prompt",
+    userPrompt,
+    "",
+    "This is a REFINEMENT. The user already has a role document (shown above). Their prompt refines, evolves, or redirects \u2014 it does NOT start from scratch unless they explicitly say so.",
+    "",
+    'Return ONLY a JSON object: { "roleDocument": "the complete updated markdown document" }',
+    "No markdown fences. No explanation."
+  ].join("\n");
   let response;
   try {
     response = await generateStructuredAgentResponseWithFallback({
       manager: agentManager,
       cwd: workspaceRoot,
-      prompt: agentPrompt,
-      schema: ArtDirectionResponseSchema,
-      schemaName: "ArtDirection",
+      prompt,
+      schema: RefinementResponseSchema,
+      schemaName: "LayoutRefinement",
       maxRetries: 2,
       providers: DEFAULT_STRUCTURED_GENERATION_PROVIDERS,
       agentConfigOverrides: {
-        title: "Art direction generator",
+        title: "Layout refinement",
         internal: true
       }
     });
   } catch (error) {
     if (error instanceof StructuredAgentResponseError || error instanceof StructuredAgentFallbackError) {
-      logger.warn({ err: error, brandPath }, "Structured art direction generation failed");
-      throw new Error("Art direction generation failed \u2014 the agent did not return valid JSON");
+      logger.warn({ err: error, brandPath }, "Structured layout refinement failed");
+      throw new Error("Layout refinement failed \u2014 the agent did not return valid JSON");
     }
     throw error;
   }
-  const acceptedUpdates = /* @__PURE__ */ new Map();
-  for (const [key, value] of Object.entries(response.fields)) {
-    if (!unlockedKeys.has(key)) continue;
-    if (lockedKeys.has(key)) continue;
-    if (typeof value !== "string") continue;
-    acceptedUpdates.set(key, value);
-  }
-  if (acceptedUpdates.size === 0) {
-    logger.warn(
-      { brandPath, returnedKeys: Object.keys(response.fields).length },
-      "art-direction: agent returned no usable fields"
-    );
-    return { generatedCount: 0 };
-  }
-  const nextVariables = allVars.map((v) => {
-    const update = acceptedUpdates.get(v.key);
-    if (update === void 0) return v;
-    return { ...v, value: update };
-  });
-  await writeBrandFrontmatter(
-    {
-      path: brandPath,
-      frontmatter: {
-        description: brand.description,
-        variables: nextVariables
-      }
-    },
-    workspaceRoot
-  );
-  logger.info(
-    { brandPath, generatedCount: acceptedUpdates.size },
-    "art-direction: applied generated values"
-  );
-  return { generatedCount: acceptedUpdates.size };
+  await writeRoleFile(workspaceRoot, response.roleDocument);
+  logger.info({ brandPath }, "layout: wrote refined role document");
+  return { roleContent: response.roleDocument };
 }
+var WIREFRAME_SYSTEM_PROMPT = `You are a structural wireframe generator. Given a brand's complete design rules (layout, typography, spacing, colors, shapes, motion) AND a design role document, output a WireframeData JSON object that describes a page skeleton.
 
-// ../server/src/server/claude-profile.ts
-import { existsSync as existsSync10, mkdirSync as mkdirSync5, symlinkSync, rmSync as rmSync2 } from "node:fs";
-import path20 from "node:path";
-import os8 from "node:os";
-var SHARED_ITEMS = ["settings.json", "hooks", "agents", "skills", "plugins", "keybindings.json"];
-function getClaudeProfileDir(username) {
-  return path20.join(os8.homedir(), `.claude-${username}`);
+The wireframe is a lo-fi structural diagram \u2014 it shows ordered sections, their size, arrangement, and content blocks. It must faithfully reflect the layout role document (hero behavior, density, rhythm, grid, bans).
+
+Output ONLY a valid JSON object matching this TypeScript interface:
+
+interface WireframeBlock {
+  type: "headline" | "subheadline" | "text" | "image" | "cta" | "spacer";
+  widthFraction: number;  // 0-1, fraction of section content area
+  heightVh: number;       // fraction of viewport height
 }
-function ensureClaudeProfile(username, logger) {
-  const profileDir = getClaudeProfileDir(username);
-  const ownerDir = path20.join(os8.homedir(), ".claude");
-  if (!existsSync10(ownerDir)) {
-    throw new Error(`Owner claude config dir not found: ${ownerDir}`);
-  }
-  if (!existsSync10(profileDir)) {
-    mkdirSync5(profileDir, { recursive: true });
-    logger?.info({ profileDir, username }, "created claude profile directory");
-  }
-  for (const item of SHARED_ITEMS) {
-    const target = path20.join(ownerDir, item);
-    const link = path20.join(profileDir, item);
-    if (!existsSync10(target)) continue;
-    if (existsSync10(link)) continue;
-    symlinkSync(target, link);
-    logger?.info({ item, profileDir }, "symlinked shared config item");
-  }
-  return profileDir;
+
+interface WireframeSection {
+  type: "hero" | "features" | "content" | "cta" | "footer" | "divider";
+  widthMode: "full-bleed" | "contained";
+  heightVh: number;       // fraction of viewport height (1.0 = 100vh)
+  arrangement: "single-column" | "split" | "asymmetric-grid" | "bento" | "stacked";
+  blocks: WireframeBlock[];
+  bg: "neutral" | "alt" | "accent" | "image";
+  gapAfterVh: number;    // gap after section in vh fraction
 }
-function hasClaudeAuth(username) {
-  const profileDir = getClaudeProfileDir(username);
-  return existsSync10(profileDir);
+
+interface WireframeData {
+  viewport: { width: number; height: number };
+  maxWidth: number;       // max content width in px
+  pageBg: string;         // CSS color
+  sections: WireframeSection[];
 }
-function removeClaudeProfile(username, logger) {
-  const profileDir = getClaudeProfileDir(username);
-  if (!existsSync10(profileDir)) return;
-  rmSync2(profileDir, { recursive: true, force: true });
-  logger?.info({ profileDir, username }, "removed claude profile directory");
+
+Rules:
+- Include 5-8 sections typical for a landing page
+- Respect the role document's hero, density, rhythm, bans
+- Section heights should be realistic (hero: 0.8-1.0, features: 0.5-0.8, etc.)
+- Block widthFraction values within a section should reflect the arrangement
+- Use the brand's spacing/density philosophy to set gapAfterVh values
+- Output ONLY the JSON object. No markdown fences.`;
+async function generateWireframe(options) {
+  const { agentManager, workspaceRoot, brandPath } = options;
+  const brands = await listBrands({ workspaceRoot });
+  const brand = brands.find((b) => b.path === brandPath) ?? null;
+  if (!brand) throw new Error(`Brand file not found at ${brandPath}`);
+  const brandContext = buildFullBrandContext(brands);
+  const roleContent = await readRoleFile(workspaceRoot);
+  const prompt = [
+    WIREFRAME_SYSTEM_PROMPT,
+    "",
+    "## Complete brand state",
+    brandContext,
+    "",
+    roleContent ? `## Design Role Document
+
+${roleContent}` : "(No role document found \u2014 use brand variables only.)"
+  ].join("\n");
+  const response = await generateStructuredAgentResponseWithFallback({
+    manager: agentManager,
+    cwd: workspaceRoot,
+    prompt,
+    schema: WireframeDataSchema,
+    schemaName: "WireframeData",
+    maxRetries: 2,
+    providers: DEFAULT_STRUCTURED_GENERATION_PROVIDERS,
+    agentConfigOverrides: {
+      title: "Wireframe generator",
+      internal: true
+    }
+  });
+  return JSON.stringify(response);
 }
 
 // ../server/src/services/oauth-service.ts
@@ -36843,7 +37140,7 @@ var MIN_STREAMING_SEGMENT_DURATION_MS = 1e3;
 var MIN_STREAMING_SEGMENT_BYTES = Math.round(
   PCM_BYTES_PER_MS * MIN_STREAMING_SEGMENT_DURATION_MS
 );
-var AgentIdSchema = z36.string().uuid();
+var AgentIdSchema2 = z39.string().uuid();
 var VOICE_INTERRUPT_CONFIRMATION_MS = 500;
 var VoiceFeatureUnavailableError = class extends Error {
   constructor(context) {
@@ -36949,6 +37246,8 @@ var Session = class _Session {
     const {
       clientId,
       appVersion,
+      peerPublicKeyB64,
+      ownerUserId,
       onMessage,
       onBinaryMessage,
       onLifecycleIntent,
@@ -37011,6 +37310,8 @@ var Session = class _Session {
     });
     this.agentManager = agentManager;
     this.agentStorage = agentStorage;
+    this.peerPublicKeyB64 = peerPublicKeyB64 ?? null;
+    this.ownerUserId = ownerUserId ?? null;
     this.uploadStore = new SessionUploadStore({ logger: this.sessionLogger });
     this.imageStore = new SessionImageStore({ logger: this.sessionLogger });
     this.projectRegistry = projectRegistry;
@@ -37085,7 +37386,43 @@ var Session = class _Session {
     });
     void this.initializeAgentMcp();
     this.subscribeToAgentEvents();
-    this.sessionLogger.trace("Session created");
+    this.sessionLogger.trace(
+      {
+        hasPeerPubkey: this.peerPublicKeyB64 !== null,
+        // Log a fingerprint, not the full key, so the audit log stays useful
+        // without bloating every entry with 44-char base64. First 8 chars is
+        // unique enough for human cross-reference.
+        peerPubkeyPrefix: this.peerPublicKeyB64 ? this.peerPublicKeyB64.slice(0, 8) : null,
+        ownerUserId: this.ownerUserId
+      },
+      "Session created"
+    );
+  }
+  /**
+   * Peer device's e2ee pubkey (base64). Surfaced so the upcoming user-scope
+   * lookup can resolve it via the auth-server allow-list. Null when unknown
+   * (local TCP, legacy paths).
+   */
+  getPeerPublicKeyB64() {
+    return this.peerPublicKeyB64;
+  }
+  /**
+   * Auth-server user-id that owns the connecting device. Null when the
+   * daemon has no auth-server linkage, when the peer pubkey is unknown
+   * (local TCP), or when the resolver returned no match (allow-list entry
+   * for this pubkey hasn't been seen yet). Callers use this for per-user
+   * agent filtering; null means "show everything" (single-tenant fallback).
+   */
+  getOwnerUserId() {
+    return this.ownerUserId;
+  }
+  /**
+   * Whether this session is bound to a specific account. Equivalent to
+   * `getOwnerUserId() !== null` but reads cleaner at call sites that gate
+   * on "should we apply per-user filtering at all?".
+   */
+  hasOwnerUserId() {
+    return this.ownerUserId !== null;
   }
   updateAppVersion(appVersion) {
     if (appVersion && appVersion !== this.appVersion) {
@@ -37330,6 +37667,9 @@ var Session = class _Session {
             );
           });
         }
+        if (this.ownerUserId !== null && !this.agentManager.canUserAccessAgentById(event.agentId, this.ownerUserId)) {
+          return;
+        }
         const activity = this.clientActivity;
         if (activity?.deviceType === "mobile") {
           if (!activity.focusedAgentId) {
@@ -37557,6 +37897,9 @@ var Session = class _Session {
   }
   async forwardAgentUpdate(agent) {
     try {
+      if (this.ownerUserId !== null && !this.agentManager.canUserAccessAgentById(agent.id, this.ownerUserId)) {
+        return;
+      }
       const subscription = this.agentUpdatesSubscription;
       const payload = await this.buildAgentPayload(agent);
       if (subscription) {
@@ -37671,6 +38014,15 @@ var Session = class _Session {
           case "delete_session_upload_request":
             await this.handleDeleteSessionUploadRequest(msg);
             break;
+          case "share_agent_with_user_request":
+            await this.handleShareAgentWithUserRequest(msg);
+            break;
+          case "unshare_agent_with_user_request":
+            await this.handleUnshareAgentWithUserRequest(msg);
+            break;
+          case "list_agent_shared_users_request":
+            await this.handleListAgentSharedUsersRequest(msg);
+            break;
           case "list_session_images_request":
             await this.handleListSessionImagesRequest(msg);
             break;
@@ -38133,8 +38485,14 @@ var Session = class _Session {
           case "brands/generate-tokens":
             await this.handleBrandGenerateTokensRequest(msg);
             break;
-          case "brands/generate-art-direction":
-            await this.handleBrandGenerateArtDirectionRequest(msg);
+          case "brands/generate-layout":
+            await this.handleBrandGenerateLayoutRequest(msg);
+            break;
+          case "brands/layout-qa/next":
+            await this.handleBrandLayoutQaNextRequest(msg);
+            break;
+          case "brands/generate-wireframe":
+            await this.handleBrandGenerateWireframeRequest(msg);
             break;
           case "rightfont/library":
             await this.handleRightFontLibraryRequest(msg);
@@ -38969,7 +39327,7 @@ var Session = class _Session {
     }
   }
   parseVoiceTargetAgentId(rawId, source) {
-    const parsed = AgentIdSchema.safeParse(rawId.trim());
+    const parsed = AgentIdSchema2.safeParse(rawId.trim());
     if (!parsed.success) {
       throw new Error(`${source}: agentId must be a UUID`);
     }
@@ -39298,6 +39656,12 @@ var Session = class _Session {
           labels,
           workspaceId: resolvedWorkspace.workspaceId,
           initialPrompt: trimmedPrompt,
+          // Stamp the agent with the user that created it. Null on single-
+          // tenant daemons (no auth-server linkage) — agent stays globally
+          // visible, preserving legacy behavior. This is the authoritative
+          // owner (pubkey-derived), used for `canAccessAgent`.
+          ownerUserId: this.ownerUserId,
+          // Self-declared identity, used for Claude profile dir naming etc.
           userId: this.userId ?? void 0,
           username: this.username ?? void 0
         }
@@ -39778,8 +40142,8 @@ var Session = class _Session {
   }
   async generateCommitMessage(cwd) {
     const files = await listUncommittedFiles(cwd);
-    const schema = z36.object({
-      message: z36.string().min(1).max(100).describe(
+    const schema = z39.object({
+      message: z39.string().min(1).max(100).describe(
         "Short feature-level summary, lowercase, imperative mood, no trailing period, no filename references."
       )
     });
@@ -39824,9 +40188,9 @@ var Session = class _Session {
       },
       { appostleHome: this.appostleHome }
     );
-    const schema = z36.object({
-      title: z36.string().min(1).max(72),
-      body: z36.string().min(1)
+    const schema = z39.object({
+      title: z39.string().min(1).max(72),
+      body: z39.string().min(1)
     });
     const fileList = diff.structured && diff.structured.length > 0 ? [
       "Files changed:",
@@ -41866,13 +42230,22 @@ ${details}`.trim());
    * Build the current agent list payload (live + persisted), optionally filtered by labels.
    */
   async listAgentPayloads(filter) {
-    const agentSnapshots = this.agentManager.listAgents();
+    const agentSnapshots = this.agentManager.listAgentsForUser(this.ownerUserId);
     const liveAgents = await Promise.all(
       agentSnapshots.map((agent) => this.buildAgentPayload(agent))
     );
     const registryRecords = await this.agentStorage.list();
+    const requesterId = this.ownerUserId;
     const liveIds = new Set(agentSnapshots.map((a) => a.id));
-    const persistedAgents = registryRecords.filter((record) => !liveIds.has(record.id)).map((record) => this.buildStoredAgentPayload(record));
+    const persistedAgents = registryRecords.filter((record) => !liveIds.has(record.id)).filter(
+      (record) => requesterId === null || canUserAccessAgent(
+        {
+          ownerUserId: record.ownerUserId ?? null,
+          sharedWithUserIds: record.sharedWithUserIds
+        },
+        requesterId
+      )
+    ).map((record) => this.buildStoredAgentPayload(record));
     let agents = [...liveAgents, ...persistedAgents];
     agents = agents.filter((agent) => this.isProviderVisibleToClient(agent.provider));
     if (filter?.labels) {
@@ -41889,6 +42262,9 @@ ${details}`.trim());
       return { ok: false, error: "Agent identifier cannot be empty" };
     }
     if (this.agentManager.getAgent(trimmed)) {
+      if (!this.agentManager.canUserAccessAgentById(trimmed, this.ownerUserId)) {
+        return { ok: false, error: "Agent not found" };
+      }
       return { ok: true, agentId: trimmed };
     }
     const exactStored = await this.agentStorage.get(trimmed);
@@ -43492,6 +43868,139 @@ ${details}`.trim());
     }
   }
   // ──────────────────────────────────────────────────────────────────────
+  // Phase 4: agent sharing — owner-only mutations of the access ACL.
+  // The visibility predicate (Phase 2c) already honors `sharedWithUserIds`;
+  // these handlers surface a typed user-facing path so an owner can grant /
+  // revoke / inspect access from the app instead of editing JSON on disk.
+  //
+  // Authorization:
+  //   - All three handlers require the session's `ownerUserId` to equal the
+  //     agent's `ownerUserId`. Anyone else gets `unauthorized` (including
+  //     existing share-recipients — only the owner can re-share).
+  //   - `resolveAgentIdentifier` already applies `canUserAccessAgent`, so a
+  //     non-recipient even sees the agent as "not found". The owner check
+  //     here is the strictly-tighter follow-up gate for mutations.
+  //   - On a single-tenant daemon (session.ownerUserId == null) the gate
+  //     opens — no isolation to enforce, sharing is a no-op for unscoped
+  //     agents (their ownerUserId is also null).
+  // ──────────────────────────────────────────────────────────────────────
+  async handleShareAgentWithUserRequest(msg) {
+    const resolved = await this.resolveAgentIdentifier(msg.agentId);
+    if (!resolved.ok) {
+      this.emit({
+        type: "share_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: false, error: resolved.error }
+      });
+      return;
+    }
+    const agent = this.agentManager.getAgent(resolved.agentId);
+    if (!agent) {
+      this.emit({
+        type: "share_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: false, error: "Agent not found" }
+      });
+      return;
+    }
+    if (this.ownerUserId !== null && agent.ownerUserId !== null && agent.ownerUserId !== this.ownerUserId) {
+      this.emit({
+        type: "share_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: false, error: "unauthorized" }
+      });
+      return;
+    }
+    try {
+      const sharedWithUserIds = await this.agentManager.shareAgentWithUser(
+        resolved.agentId,
+        msg.userId
+      );
+      this.emit({
+        type: "share_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: true, sharedWithUserIds }
+      });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      this.emit({
+        type: "share_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: false, error: message }
+      });
+    }
+  }
+  async handleUnshareAgentWithUserRequest(msg) {
+    const resolved = await this.resolveAgentIdentifier(msg.agentId);
+    if (!resolved.ok) {
+      this.emit({
+        type: "unshare_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: false, error: resolved.error }
+      });
+      return;
+    }
+    const agent = this.agentManager.getAgent(resolved.agentId);
+    if (!agent) {
+      this.emit({
+        type: "unshare_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: false, error: "Agent not found" }
+      });
+      return;
+    }
+    if (this.ownerUserId !== null && agent.ownerUserId !== null && agent.ownerUserId !== this.ownerUserId) {
+      this.emit({
+        type: "unshare_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: false, error: "unauthorized" }
+      });
+      return;
+    }
+    try {
+      const sharedWithUserIds = await this.agentManager.unshareAgentWithUser(
+        resolved.agentId,
+        msg.userId
+      );
+      this.emit({
+        type: "unshare_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: true, sharedWithUserIds }
+      });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      this.emit({
+        type: "unshare_agent_with_user_response",
+        payload: { requestId: msg.requestId, ok: false, error: message }
+      });
+    }
+  }
+  async handleListAgentSharedUsersRequest(msg) {
+    const resolved = await this.resolveAgentIdentifier(msg.agentId);
+    if (!resolved.ok) {
+      this.emit({
+        type: "list_agent_shared_users_response",
+        payload: { requestId: msg.requestId, ok: false, error: resolved.error }
+      });
+      return;
+    }
+    const agent = this.agentManager.getAgent(resolved.agentId);
+    if (!agent) {
+      this.emit({
+        type: "list_agent_shared_users_response",
+        payload: { requestId: msg.requestId, ok: false, error: "Agent not found" }
+      });
+      return;
+    }
+    if (this.ownerUserId !== null && agent.ownerUserId !== null && agent.ownerUserId !== this.ownerUserId) {
+      this.emit({
+        type: "list_agent_shared_users_response",
+        payload: { requestId: msg.requestId, ok: false, error: "unauthorized" }
+      });
+      return;
+    }
+    this.emit({
+      type: "list_agent_shared_users_response",
+      payload: {
+        requestId: msg.requestId,
+        ok: true,
+        ownerUserId: agent.ownerUserId,
+        sharedWithUserIds: [...agent.sharedWithUserIds]
+      }
+    });
+  }
+  // ──────────────────────────────────────────────────────────────────────
   // Session images — backs the "Images" tab inside the uploads modal. Same
   // shape as the file handlers above; the store has no manifest, so listing
   // is a directory scan and delete is `unlink` (traversal-guarded).
@@ -45074,10 +45583,10 @@ ${details}`.trim());
       });
     }
   }
-  async handleBrandGenerateArtDirectionRequest(request) {
+  async handleBrandGenerateLayoutRequest(request) {
     const { requestId, workspaceRoot, brandPath, prompt } = request;
     try {
-      const result = await generateAndApplyArtDirection({
+      const result = await generateAndApplyLayout({
         agentManager: this.agentManager,
         workspaceRoot: expandTilde(workspaceRoot),
         brandPath: expandTilde(brandPath),
@@ -45085,21 +45594,83 @@ ${details}`.trim());
         logger: this.sessionLogger
       });
       this.emit({
-        type: "brands/generate-art-direction/response",
+        type: "brands/generate-layout/response",
         payload: {
           requestId,
-          generatedCount: result.generatedCount,
+          roleContent: result.roleContent,
           error: null
         }
       });
     } catch (error) {
       const message = error instanceof Error ? error.message : String(error);
-      this.sessionLogger.error({ err: error, brandPath }, "Failed to generate art direction");
+      this.sessionLogger.error({ err: error, brandPath }, "Failed to generate layout");
       this.emit({
-        type: "brands/generate-art-direction/response",
+        type: "brands/generate-layout/response",
+        payload: {
+          requestId,
+          error: message
+        }
+      });
+    }
+  }
+  async handleBrandLayoutQaNextRequest(request) {
+    const { requestId, workspaceRoot, brandPath, conversation } = request;
+    try {
+      const result = await layoutQaNext({
+        agentManager: this.agentManager,
+        workspaceRoot: expandTilde(workspaceRoot),
+        brandPath: expandTilde(brandPath),
+        conversation,
+        logger: this.sessionLogger
+      });
+      this.emit({
+        type: "brands/layout-qa/next/response",
+        payload: {
+          requestId,
+          done: result.done,
+          question: result.question,
+          options: result.options,
+          roleContent: result.roleContent,
+          error: null
+        }
+      });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      this.sessionLogger.error({ err: error, brandPath }, "Failed layout Q&A next");
+      this.emit({
+        type: "brands/layout-qa/next/response",
+        payload: {
+          requestId,
+          done: false,
+          error: message
+        }
+      });
+    }
+  }
+  async handleBrandGenerateWireframeRequest(request) {
+    const { requestId, workspaceRoot, brandPath } = request;
+    try {
+      const wireframe = await generateWireframe({
+        agentManager: this.agentManager,
+        workspaceRoot: expandTilde(workspaceRoot),
+        brandPath: expandTilde(brandPath),
+        logger: this.sessionLogger
+      });
+      this.emit({
+        type: "brands/generate-wireframe/response",
+        payload: {
+          requestId,
+          wireframe,
+          error: null
+        }
+      });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      this.sessionLogger.error({ err: error, brandPath }, "Failed wireframe generation");
+      this.emit({
+        type: "brands/generate-wireframe/response",
         payload: {
           requestId,
-          generatedCount: 0,
           error: message
         }
       });
@@ -45666,7 +46237,7 @@ import webpush from "web-push";
 import webpush2 from "web-push";
 
 // ../server/src/server/speech/providers/local/sherpa/model-catalog.ts
-import { z as z37 } from "zod";
+import { z as z40 } from "zod";
 var SHERPA_ONNX_MODEL_CATALOG = {
   "zipformer-bilingual-zh-en-2023-02-20": {
     kind: "stt-online",
@@ -45759,7 +46330,7 @@ function buildAliasMap(modelIds) {
 }
 function createAliasedModelIdSchema(params) {
   const validIds = new Set(params.modelIds);
-  return z37.string().trim().toLowerCase().refine(
+  return z40.string().trim().toLowerCase().refine(
     (value) => validIds.has(value) || Object.prototype.hasOwnProperty.call(params.aliases, value),
     {
       message: "Invalid model id"
@@ -45790,20 +46361,20 @@ import { v4 as uuidv410 } from "uuid";
 import { v4 as uuidv411 } from "uuid";
 
 // ../server/src/server/speech/providers/openai/config.ts
-import { z as z38 } from "zod";
+import { z as z41 } from "zod";
 var DEFAULT_OPENAI_REALTIME_TRANSCRIPTION_MODEL = "gpt-4o-transcribe";
 var DEFAULT_OPENAI_TTS_MODEL = "tts-1";
-var OpenAiTtsVoiceSchema = z38.enum(["alloy", "echo", "fable", "onyx", "nova", "shimmer"]);
-var OpenAiTtsModelSchema = z38.enum(["tts-1", "tts-1-hd"]);
-var NumberLikeSchema = z38.union([z38.number(), z38.string().trim().min(1)]);
-var OptionalFiniteNumberSchema = NumberLikeSchema.pipe(z38.coerce.number().finite()).optional();
-var OptionalTrimmedStringSchema = z38.string().trim().optional().transform((value) => value && value.length > 0 ? value : void 0);
-var OpenAiSpeechResolutionSchema = z38.object({
+var OpenAiTtsVoiceSchema = z41.enum(["alloy", "echo", "fable", "onyx", "nova", "shimmer"]);
+var OpenAiTtsModelSchema = z41.enum(["tts-1", "tts-1-hd"]);
+var NumberLikeSchema = z41.union([z41.number(), z41.string().trim().min(1)]);
+var OptionalFiniteNumberSchema = NumberLikeSchema.pipe(z41.coerce.number().finite()).optional();
+var OptionalTrimmedStringSchema = z41.string().trim().optional().transform((value) => value && value.length > 0 ? value : void 0);
+var OpenAiSpeechResolutionSchema = z41.object({
   apiKey: OptionalTrimmedStringSchema,
   sttConfidenceThreshold: OptionalFiniteNumberSchema,
   sttModel: OptionalTrimmedStringSchema,
-  ttsVoice: z38.string().trim().toLowerCase().pipe(OpenAiTtsVoiceSchema).default("alloy"),
-  ttsModel: z38.string().trim().toLowerCase().pipe(OpenAiTtsModelSchema).default(DEFAULT_OPENAI_TTS_MODEL),
+  ttsVoice: z41.string().trim().toLowerCase().pipe(OpenAiTtsVoiceSchema).default("alloy"),
+  ttsModel: z41.string().trim().toLowerCase().pipe(OpenAiTtsModelSchema).default(DEFAULT_OPENAI_TTS_MODEL),
   realtimeTranscriptionModel: OptionalTrimmedStringSchema.default(
     DEFAULT_OPENAI_REALTIME_TRANSCRIPTION_MODEL
   )
@@ -45847,174 +46418,178 @@ import { v4 } from "uuid";
 // ../server/src/server/speech/providers/openai/tts.ts
 import OpenAI2 from "openai";
 
-// ../server/src/server/agent/agent-manager.ts
-import { z as z40 } from "zod";
-import { getSessionMessages } from "@anthropic-ai/claude-agent-sdk";
-
-// ../server/src/server/agent/handoff-mcp.ts
-import { createSdkMcpServer, tool } from "@anthropic-ai/claude-agent-sdk";
-import { z as z39 } from "zod";
-
-// ../server/src/server/agent/agent-manager.ts
-var AgentIdSchema2 = z40.string().uuid();
-
 // ../server/src/server/agent/agent-storage.ts
-import { z as z41 } from "zod";
-var SERIALIZABLE_CONFIG_SCHEMA = z41.object({
-  title: z41.string().nullable().optional(),
-  modeId: z41.string().nullable().optional(),
-  model: z41.string().nullable().optional(),
-  thinkingOptionId: z41.string().nullable().optional(),
-  featureValues: z41.record(z41.unknown()).nullable().optional(),
-  extra: z41.record(z41.any()).nullable().optional(),
-  systemPrompt: z41.string().nullable().optional(),
-  mcpServers: z41.record(z41.any()).nullable().optional()
+import { z as z42 } from "zod";
+var SERIALIZABLE_CONFIG_SCHEMA = z42.object({
+  title: z42.string().nullable().optional(),
+  modeId: z42.string().nullable().optional(),
+  model: z42.string().nullable().optional(),
+  thinkingOptionId: z42.string().nullable().optional(),
+  featureValues: z42.record(z42.unknown()).nullable().optional(),
+  extra: z42.record(z42.any()).nullable().optional(),
+  systemPrompt: z42.string().nullable().optional(),
+  mcpServers: z42.record(z42.any()).nullable().optional()
 }).nullable().optional();
-var PERSISTENCE_HANDLE_SCHEMA = z41.object({
-  provider: z41.string(),
-  sessionId: z41.string(),
-  nativeHandle: z41.any().optional(),
-  metadata: z41.record(z41.any()).optional()
+var PERSISTENCE_HANDLE_SCHEMA = z42.object({
+  provider: z42.string(),
+  sessionId: z42.string(),
+  nativeHandle: z42.any().optional(),
+  metadata: z42.record(z42.any()).optional()
 }).nullable().optional();
-var STORED_AGENT_SCHEMA = z41.object({
-  id: z41.string(),
-  provider: z41.string(),
-  cwd: z41.string(),
-  createdAt: z41.string(),
-  updatedAt: z41.string(),
-  lastActivityAt: z41.string().optional(),
-  lastUserMessageAt: z41.string().nullable().optional(),
-  title: z41.string().nullable().optional(),
-  labels: z41.record(z41.string()).default({}),
+var STORED_AGENT_SCHEMA = z42.object({
+  id: z42.string(),
+  provider: z42.string(),
+  cwd: z42.string(),
+  createdAt: z42.string(),
+  updatedAt: z42.string(),
+  lastActivityAt: z42.string().optional(),
+  lastUserMessageAt: z42.string().nullable().optional(),
+  title: z42.string().nullable().optional(),
+  labels: z42.record(z42.string()).default({}),
   lastStatus: AgentStatusSchema.default("closed"),
-  lastModeId: z41.string().nullable().optional(),
+  lastModeId: z42.string().nullable().optional(),
   config: SERIALIZABLE_CONFIG_SCHEMA,
-  runtimeInfo: z41.object({
-    provider: z41.string(),
-    sessionId: z41.string().nullable(),
-    model: z41.string().nullable().optional(),
-    thinkingOptionId: z41.string().nullable().optional(),
-    modeId: z41.string().nullable().optional(),
-    extra: z41.record(z41.unknown()).optional()
+  runtimeInfo: z42.object({
+    provider: z42.string(),
+    sessionId: z42.string().nullable(),
+    model: z42.string().nullable().optional(),
+    thinkingOptionId: z42.string().nullable().optional(),
+    modeId: z42.string().nullable().optional(),
+    extra: z42.record(z42.unknown()).optional()
   }).optional(),
-  features: z41.array(AgentFeatureSchema).optional(),
+  features: z42.array(AgentFeatureSchema).optional(),
   persistence: PERSISTENCE_HANDLE_SCHEMA,
-  lastError: z41.string().nullable().optional(),
-  requiresAttention: z41.boolean().optional(),
-  attentionReason: z41.enum(["finished", "error", "permission"]).nullable().optional(),
-  attentionTimestamp: z41.string().nullable().optional(),
-  internal: z41.boolean().optional(),
-  archivedAt: z41.string().nullable().optional(),
+  lastError: z42.string().nullable().optional(),
+  requiresAttention: z42.boolean().optional(),
+  attentionReason: z42.enum(["finished", "error", "permission"]).nullable().optional(),
+  attentionTimestamp: z42.string().nullable().optional(),
+  internal: z42.boolean().optional(),
+  archivedAt: z42.string().nullable().optional(),
   // Fork lineage (optional for backward compat with pre-fork records).
-  parentAgentId: z41.string().optional(),
-  forkedFromMessageUuid: z41.string().optional()
+  parentAgentId: z42.string().optional(),
+  forkedFromMessageUuid: z42.string().optional(),
+  // Multi-tenant session isolation: the auth-server user-id that created
+  // (and therefore owns) this agent + the additive ACL of other users
+  // granted access. Both optional/null-default for backward compatibility
+  // with pre-Phase-2c records — those load with `null` owner and stay
+  // visible to every connecting user (matches today's single-tenant
+  // behavior). Set on new agents at create time via Session.ownerUserId.
+  ownerUserId: z42.string().nullable().optional(),
+  sharedWithUserIds: z42.array(z42.string()).default([]),
+  // Owner's display username — needed on resume to route to the correct
+  // `CLAUDE_CONFIG_DIR` via `ensureClaudeProfile(username)` for agents
+  // created by a shared (non-owner) user. Without this, a resumed shared-
+  // user agent would silently fall back to the daemon owner's Claude
+  // profile/subscription. Optional — pre-Phase-3 records rehydrate without
+  // per-user profile routing.
+  ownerUsername: z42.string().optional()
 });
 
 // ../server/src/server/agent/mcp-server.ts
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
-import { z as z42 } from "zod";
-var TerminalSummarySchema = z42.object({
-  id: z42.string(),
-  name: z42.string(),
-  cwd: z42.string()
+import { z as z43 } from "zod";
+var TerminalSummarySchema = z43.object({
+  id: z43.string(),
+  name: z43.string(),
+  cwd: z43.string()
 });
-var WorktreeSummarySchema = z42.object({
-  path: z42.string(),
-  createdAt: z42.string(),
-  branchName: z42.string().optional(),
-  head: z42.string().optional()
+var WorktreeSummarySchema = z43.object({
+  path: z43.string(),
+  createdAt: z43.string(),
+  branchName: z43.string().optional(),
+  head: z43.string().optional()
 });
 
 // ../server/src/server/loop-service.ts
-import { z as z43 } from "zod";
+import { z as z44 } from "zod";
 var MAX_VERIFY_OUTPUT_BYTES = 64 * 1024;
-var LoopVerifyPromptSchema = z43.object({
-  passed: z43.boolean(),
-  reason: z43.string().min(1)
-});
-var LoopLogEntrySchema2 = z43.object({
-  seq: z43.number().int().positive(),
-  timestamp: z43.string(),
-  iteration: z43.number().int().positive().nullable(),
-  source: z43.enum(["loop", "worker", "verifier", "verify-check"]),
-  level: z43.enum(["info", "error"]),
-  text: z43.string()
-});
-var LoopVerifyCheckResultSchema2 = z43.object({
-  command: z43.string(),
-  exitCode: z43.number().int(),
-  passed: z43.boolean(),
-  stdout: z43.string(),
-  stderr: z43.string(),
-  startedAt: z43.string(),
-  completedAt: z43.string()
-});
-var LoopVerifyPromptResultSchema2 = z43.object({
-  passed: z43.boolean(),
-  reason: z43.string(),
-  verifierAgentId: z43.string().nullable(),
-  startedAt: z43.string(),
-  completedAt: z43.string()
-});
-var LoopIterationRecordSchema2 = z43.object({
-  index: z43.number().int().positive(),
-  workerAgentId: z43.string().nullable(),
-  workerStartedAt: z43.string(),
-  workerCompletedAt: z43.string().nullable(),
-  verifierAgentId: z43.string().nullable(),
-  status: z43.enum(["running", "succeeded", "failed", "stopped"]),
-  workerOutcome: z43.enum(["completed", "failed", "canceled"]).nullable(),
-  failureReason: z43.string().nullable(),
-  verifyChecks: z43.array(LoopVerifyCheckResultSchema2),
+var LoopVerifyPromptSchema = z44.object({
+  passed: z44.boolean(),
+  reason: z44.string().min(1)
+});
+var LoopLogEntrySchema2 = z44.object({
+  seq: z44.number().int().positive(),
+  timestamp: z44.string(),
+  iteration: z44.number().int().positive().nullable(),
+  source: z44.enum(["loop", "worker", "verifier", "verify-check"]),
+  level: z44.enum(["info", "error"]),
+  text: z44.string()
+});
+var LoopVerifyCheckResultSchema2 = z44.object({
+  command: z44.string(),
+  exitCode: z44.number().int(),
+  passed: z44.boolean(),
+  stdout: z44.string(),
+  stderr: z44.string(),
+  startedAt: z44.string(),
+  completedAt: z44.string()
+});
+var LoopVerifyPromptResultSchema2 = z44.object({
+  passed: z44.boolean(),
+  reason: z44.string(),
+  verifierAgentId: z44.string().nullable(),
+  startedAt: z44.string(),
+  completedAt: z44.string()
+});
+var LoopIterationRecordSchema2 = z44.object({
+  index: z44.number().int().positive(),
+  workerAgentId: z44.string().nullable(),
+  workerStartedAt: z44.string(),
+  workerCompletedAt: z44.string().nullable(),
+  verifierAgentId: z44.string().nullable(),
+  status: z44.enum(["running", "succeeded", "failed", "stopped"]),
+  workerOutcome: z44.enum(["completed", "failed", "canceled"]).nullable(),
+  failureReason: z44.string().nullable(),
+  verifyChecks: z44.array(LoopVerifyCheckResultSchema2),
   verifyPrompt: LoopVerifyPromptResultSchema2.nullable()
 });
-var LoopRecordSchema2 = z43.object({
-  id: z43.string(),
-  name: z43.string().nullable(),
-  prompt: z43.string(),
-  cwd: z43.string(),
-  provider: z43.string(),
-  model: z43.string().nullable(),
-  workerProvider: z43.string().nullable(),
-  workerModel: z43.string().nullable(),
-  verifierProvider: z43.string().nullable(),
-  verifierModel: z43.string().nullable(),
-  verifyPrompt: z43.string().nullable(),
-  verifyChecks: z43.array(z43.string()),
-  archive: z43.boolean(),
-  sleepMs: z43.number().int().nonnegative(),
-  maxIterations: z43.number().int().positive().nullable(),
-  maxTimeMs: z43.number().int().positive().nullable(),
-  status: z43.enum(["running", "succeeded", "failed", "stopped"]),
-  createdAt: z43.string(),
-  updatedAt: z43.string(),
-  startedAt: z43.string(),
-  completedAt: z43.string().nullable(),
-  stopRequestedAt: z43.string().nullable(),
-  iterations: z43.array(LoopIterationRecordSchema2),
-  logs: z43.array(LoopLogEntrySchema2),
-  nextLogSeq: z43.number().int().positive(),
-  activeIteration: z43.number().int().positive().nullable(),
-  activeWorkerAgentId: z43.string().nullable(),
-  activeVerifierAgentId: z43.string().nullable()
-});
-var StoredLoopsSchema = z43.array(LoopRecordSchema2);
+var LoopRecordSchema2 = z44.object({
+  id: z44.string(),
+  name: z44.string().nullable(),
+  prompt: z44.string(),
+  cwd: z44.string(),
+  provider: z44.string(),
+  model: z44.string().nullable(),
+  workerProvider: z44.string().nullable(),
+  workerModel: z44.string().nullable(),
+  verifierProvider: z44.string().nullable(),
+  verifierModel: z44.string().nullable(),
+  verifyPrompt: z44.string().nullable(),
+  verifyChecks: z44.array(z44.string()),
+  archive: z44.boolean(),
+  sleepMs: z44.number().int().nonnegative(),
+  maxIterations: z44.number().int().positive().nullable(),
+  maxTimeMs: z44.number().int().positive().nullable(),
+  status: z44.enum(["running", "succeeded", "failed", "stopped"]),
+  createdAt: z44.string(),
+  updatedAt: z44.string(),
+  startedAt: z44.string(),
+  completedAt: z44.string().nullable(),
+  stopRequestedAt: z44.string().nullable(),
+  iterations: z44.array(LoopIterationRecordSchema2),
+  logs: z44.array(LoopLogEntrySchema2),
+  nextLogSeq: z44.number().int().positive(),
+  activeIteration: z44.number().int().positive().nullable(),
+  activeWorkerAgentId: z44.string().nullable(),
+  activeVerifierAgentId: z44.string().nullable()
+});
+var StoredLoopsSchema = z44.array(LoopRecordSchema2);
 
 // ../server/src/server/quest/store.ts
-import { z as z44 } from "zod";
-var StoredQuestsSchema = z44.array(QuestRecordSchema);
+import { z as z45 } from "zod";
+var StoredQuestsSchema = z45.array(QuestRecordSchema);
 
 // ../server/src/server/quest/quest-metadata-generator.ts
-import { z as z45 } from "zod";
+import { z as z46 } from "zod";
 
 // ../server/src/server/quest/orchestrator-mcp.ts
-import { createSdkMcpServer as createSdkMcpServer2, tool as tool2 } from "@anthropic-ai/claude-agent-sdk";
-import { z as z46 } from "zod";
+import { createSdkMcpServer as createSdkMcpServer2, tool as tool3 } from "@anthropic-ai/claude-agent-sdk";
+import { z as z47 } from "zod";
 var HANDOFF_INPUT_SHAPE = {
-  rolePath: z46.string().min(1).describe(
+  rolePath: z47.string().min(1).describe(
     "Absolute filesystem path to the role .md file the worker should adopt as its system prompt. Must be one of the role file paths listed in your team roster \u2014 do not invent paths."
   ),
-  task: z46.string().min(1).describe(
+  task: z47.string().min(1).describe(
     "Concrete, self-contained instruction for the worker. The worker has its own toolbelt and reads the role at rolePath as its system prompt \u2014 write the task as a normal user message describing what to do, what inputs to read, and where to write outputs. Reference the hivemind doc by absolute path if relevant."
   )
 };
@@ -46069,13 +46644,13 @@ var execFileAsync3 = promisify4(execFile3);
 var MAX_VERIFY_OUTPUT_BYTES2 = 64 * 1024;
 
 // ../server/src/shared/connection-offer.ts
-import { z as z47 } from "zod";
-var ConnectionOfferV2Schema = z47.object({
-  v: z47.literal(2),
-  serverId: z47.string().min(1),
-  daemonPublicKeyB64: z47.string().min(1),
-  relay: z47.object({
-    endpoint: z47.string().min(1)
+import { z as z48 } from "zod";
+var ConnectionOfferV2Schema = z48.object({
+  v: z48.literal(2),
+  serverId: z48.string().min(1),
+  daemonPublicKeyB64: z48.string().min(1),
+  relay: z48.object({
+    endpoint: z48.string().min(1)
   })
 });
 
@@ -46109,21 +46684,21 @@ function isRelayClientWebSocketUrl(url) {
 
 // ../server/src/server/config.ts
 import path22 from "node:path";
-import { z as z51 } from "zod";
+import { z as z52 } from "zod";
 
 // ../server/src/server/speech/speech-config-resolver.ts
-import { z as z50 } from "zod";
+import { z as z51 } from "zod";
 
 // ../server/src/server/speech/providers/local/config.ts
 import path21 from "node:path";
-import { z as z48 } from "zod";
+import { z as z49 } from "zod";
 var DEFAULT_LOCAL_MODELS_SUBDIR = path21.join("models", "local-speech");
-var NumberLikeSchema2 = z48.union([z48.number(), z48.string().trim().min(1)]);
-var OptionalFiniteNumberSchema2 = NumberLikeSchema2.pipe(z48.coerce.number().finite()).optional();
-var OptionalIntegerSchema = NumberLikeSchema2.pipe(z48.coerce.number().int()).optional();
-var LocalSpeechResolutionSchema = z48.object({
-  includeProviderConfig: z48.boolean(),
-  modelsDir: z48.string().trim().min(1),
+var NumberLikeSchema2 = z49.union([z49.number(), z49.string().trim().min(1)]);
+var OptionalFiniteNumberSchema2 = NumberLikeSchema2.pipe(z49.coerce.number().finite()).optional();
+var OptionalIntegerSchema = NumberLikeSchema2.pipe(z49.coerce.number().int()).optional();
+var LocalSpeechResolutionSchema = z49.object({
+  includeProviderConfig: z49.boolean(),
+  modelsDir: z49.string().trim().min(1),
   dictationLocalSttModel: LocalSttModelIdSchema.default(DEFAULT_LOCAL_STT_MODEL),
   voiceLocalSttModel: LocalSttModelIdSchema.default(DEFAULT_LOCAL_STT_MODEL),
   voiceLocalTtsModel: LocalTtsModelIdSchema.default(DEFAULT_LOCAL_TTS_MODEL),
@@ -46179,17 +46754,17 @@ function resolveLocalSpeechConfig(params) {
 }
 
 // ../server/src/server/speech/speech-types.ts
-import { z as z49 } from "zod";
-var SpeechProviderIdSchema2 = z49.enum(["openai", "local"]);
-var RequestedSpeechProviderSchema = z49.object({
+import { z as z50 } from "zod";
+var SpeechProviderIdSchema2 = z50.enum(["openai", "local"]);
+var RequestedSpeechProviderSchema = z50.object({
   provider: SpeechProviderIdSchema2,
-  explicit: z49.boolean(),
-  enabled: z49.boolean().optional()
+  explicit: z50.boolean(),
+  enabled: z50.boolean().optional()
 });
 
 // ../server/src/server/speech/speech-config-resolver.ts
-var OptionalSpeechProviderSchema = z50.string().trim().toLowerCase().pipe(SpeechProviderIdSchema2).optional();
-var OptionalBooleanFlagSchema = z50.union([z50.boolean(), z50.string().trim().toLowerCase()]).optional().transform((value) => {
+var OptionalSpeechProviderSchema = z51.string().trim().toLowerCase().pipe(SpeechProviderIdSchema2).optional();
+var OptionalBooleanFlagSchema = z51.union([z51.boolean(), z51.string().trim().toLowerCase()]).optional().transform((value) => {
   if (typeof value === "boolean") {
     return value;
   }
@@ -46204,7 +46779,7 @@ var OptionalBooleanFlagSchema = z50.union([z50.boolean(), z50.string().trim().to
   }
   return void 0;
 });
-var RequestedSpeechProvidersSchema = z50.object({
+var RequestedSpeechProvidersSchema = z51.object({
   dictationStt: OptionalSpeechProviderSchema.default("local"),
   voiceTurnDetection: OptionalSpeechProviderSchema.default("local"),
   voiceStt: OptionalSpeechProviderSchema.default("local"),
@@ -46313,9 +46888,9 @@ function parseBooleanEnv(value) {
   }
   return void 0;
 }
-var OptionalVoiceLlmProviderSchema = z51.union([z51.string(), z51.null(), z51.undefined()]).transform(
+var OptionalVoiceLlmProviderSchema = z52.union([z52.string(), z52.null(), z52.undefined()]).transform(
   (value) => typeof value === "string" ? value.trim().toLowerCase() : null
-).pipe(z51.union([AgentProviderSchema, z51.null()]));
+).pipe(z52.union([AgentProviderSchema, z52.null()]));
 function parseOptionalVoiceLlmProvider(value) {
   const parsed = OptionalVoiceLlmProviderSchema.safeParse(value);
   return parsed.success ? parsed.data : null;
@@ -46591,10 +47166,10 @@ function encodeUtf8String(value) {
 function createRelayE2eeTransportFactory(args) {
   return ({ url, headers }) => {
     const base = args.baseFactory({ url, headers });
-    return createEncryptedTransport(base, args.daemonPublicKeyB64, args.logger);
+    return createEncryptedTransport(base, args.daemonPublicKeyB64, args.logger, args.staticKeyPair);
   };
 }
-function createEncryptedTransport(base, daemonPublicKeyB64, logger) {
+function createEncryptedTransport(base, daemonPublicKeyB64, logger, staticKeyPair) {
   let channel = null;
   let opened = false;
   let closed = false;
@@ -46651,12 +47226,17 @@ function createEncryptedTransport(base, daemonPublicKeyB64, logger) {
   };
   const startHandshake = async () => {
     try {
-      channel = await createClientChannel(relayTransport, daemonPublicKeyB64, {
-        onopen: emitOpen,
-        onmessage: (data) => emitMessage(data),
-        onclose: (code, reason) => emitClose({ code, reason }),
-        onerror: (error) => emitError(error)
-      });
+      channel = await createClientChannel(
+        relayTransport,
+        daemonPublicKeyB64,
+        {
+          onopen: emitOpen,
+          onmessage: (data) => emitMessage(data),
+          onclose: (code, reason) => emitClose({ code, reason }),
+          onerror: (error) => emitError(error)
+        },
+        staticKeyPair
+      );
     } catch (error) {
       logger.warn({ err: normalizeTransportError(error) }, "relay_e2ee_handshake_failed");
       emitError(error);
@@ -47019,7 +47599,8 @@ var DaemonClient = class {
         transportFactory = createRelayE2eeTransportFactory({
           baseFactory: baseTransportFactory,
           daemonPublicKeyB64,
-          logger: this.logger
+          logger: this.logger,
+          staticKeyPair: this.config.e2ee?.staticKeyPair
         });
       }
       const transportUrl = this.resolveTransportUrlForAttempt();
@@ -48093,6 +48674,99 @@ var DaemonClient = class {
       throw new Error(payload.error || "Failed to delete session upload");
     }
   }
+  // ──────────────────────────────────────────────────────────────────────
+  // Phase 4 agent sharing — owner-only mutations of the per-agent ACL.
+  // ──────────────────────────────────────────────────────────────────────
+  /**
+   * Grant a user access to this agent. Owner-only. Idempotent — sharing
+   * with a user already on the ACL is a no-op. The recipient does not
+   * need to be currently paired; access takes effect at their next
+   * connection.
+   */
+  async shareAgentWithUser(agentId, userId) {
+    const requestId = this.createRequestId();
+    const message = SessionInboundMessageSchema.parse({
+      type: "share_agent_with_user_request",
+      requestId,
+      agentId,
+      userId
+    });
+    const payload = await this.sendRequest({
+      requestId,
+      message,
+      timeout: 15e3,
+      options: { skipQueue: true },
+      select: (msg) => {
+        if (msg.type !== "share_agent_with_user_response") return null;
+        if (msg.payload.requestId !== requestId) return null;
+        return msg.payload;
+      }
+    });
+    if (!payload.ok) {
+      throw new Error(payload.error || "Failed to share agent");
+    }
+    return payload.sharedWithUserIds;
+  }
+  /**
+   * Revoke a user's access to this agent. Owner-only. Effects are
+   * immediate — once the auth-server allow-list propagates (and the
+   * daemon's in-memory state updates here), the removed user's resolver
+   * answers "Agent not found" for any further per-agent RPC.
+   */
+  async unshareAgentWithUser(agentId, userId) {
+    const requestId = this.createRequestId();
+    const message = SessionInboundMessageSchema.parse({
+      type: "unshare_agent_with_user_request",
+      requestId,
+      agentId,
+      userId
+    });
+    const payload = await this.sendRequest({
+      requestId,
+      message,
+      timeout: 15e3,
+      options: { skipQueue: true },
+      select: (msg) => {
+        if (msg.type !== "unshare_agent_with_user_response") return null;
+        if (msg.payload.requestId !== requestId) return null;
+        return msg.payload;
+      }
+    });
+    if (!payload.ok) {
+      throw new Error(payload.error || "Failed to unshare agent");
+    }
+    return payload.sharedWithUserIds;
+  }
+  /**
+   * Return the ACL — owner + the user-ids the owner has granted access
+   * to. Owner-only: recipients can't enumerate who else has access.
+   */
+  async listAgentSharedUsers(agentId) {
+    const requestId = this.createRequestId();
+    const message = SessionInboundMessageSchema.parse({
+      type: "list_agent_shared_users_request",
+      requestId,
+      agentId
+    });
+    const payload = await this.sendRequest({
+      requestId,
+      message,
+      timeout: 15e3,
+      options: { skipQueue: true },
+      select: (msg) => {
+        if (msg.type !== "list_agent_shared_users_response") return null;
+        if (msg.payload.requestId !== requestId) return null;
+        return msg.payload;
+      }
+    });
+    if (!payload.ok) {
+      throw new Error(payload.error || "Failed to list agent shared users");
+    }
+    return {
+      ownerUserId: payload.ownerUserId,
+      sharedWithUserIds: payload.sharedWithUserIds
+    };
+  }
   /**
    * List the images the user has attached to this agent's chat (the "Images"
    * tab in the uploads modal). Returns newest first; the daemon scans
@@ -50154,16 +50828,41 @@ var DaemonClient = class {
       timeout: 12e4
     });
   }
-  async brandsGenerateArtDirection(options) {
+  async brandsGenerateLayout(options) {
     return this.sendCorrelatedSessionRequest({
       requestId: options.requestId,
       message: {
-        type: "brands/generate-art-direction",
+        type: "brands/generate-layout",
         workspaceRoot: options.workspaceRoot,
         brandPath: options.brandPath,
         prompt: options.prompt
       },
-      responseType: "brands/generate-art-direction/response",
+      responseType: "brands/generate-layout/response",
+      timeout: 12e4
+    });
+  }
+  async brandsLayoutQaNext(options) {
+    return this.sendCorrelatedSessionRequest({
+      requestId: options.requestId,
+      message: {
+        type: "brands/layout-qa/next",
+        workspaceRoot: options.workspaceRoot,
+        brandPath: options.brandPath,
+        conversation: options.conversation
+      },
+      responseType: "brands/layout-qa/next/response",
+      timeout: 12e4
+    });
+  }
+  async brandsGenerateWireframe(options) {
+    return this.sendCorrelatedSessionRequest({
+      requestId: options.requestId,
+      message: {
+        type: "brands/generate-wireframe",
+        workspaceRoot: options.workspaceRoot,
+        brandPath: options.brandPath
+      },
+      responseType: "brands/generate-wireframe/response",
       timeout: 12e4
     });
   }