claude-memory-layer 1.0.36 → 1.0.38

package/dist/cli/index.js

@@ -17,8 +17,8 @@ import * as os11 from "os";
 import * as os5 from "os";
 
 // src/core/engine/memory-service-composition.ts
-import * as os from "os";
-import * as path6 from "path";
+import * as os2 from "os";
+import * as path7 from "path";
 
 // src/core/metadata-extractor.ts
 function createToolObservationEmbedding(toolName, metadata, success) {
@@ -1529,8 +1529,8 @@ function createEndlessMemoryServices(options) {
 }
 
 // src/core/engine/memory-engine-services.ts
-import * as fs5 from "fs";
-import * as path4 from "path";
+import * as fs6 from "fs";
+import * as path5 from "path";
 
 // src/extensions/vector/embedder.ts
 var DEFAULT_EMBEDDING_MODEL = "Xenova/multilingual-e5-small";
@@ -2208,14 +2208,43 @@ function makeDedupeKey(content, sessionId) {
   return `${sessionId}:${contentHash}`;
 }
 
+// src/core/sqlite-event-store.ts
+import * as nodePath2 from "path";
+
+// src/core/registry/project-path.ts
+import * as crypto2 from "crypto";
+import * as fs3 from "fs";
+import * as os from "os";
+import * as path3 from "path";
+function normalizeProjectPath(projectPath) {
+  const expanded = projectPath.startsWith("~") ? path3.join(os.homedir(), projectPath.slice(1)) : projectPath;
+  try {
+    return fs3.realpathSync(expanded);
+  } catch {
+    return path3.resolve(expanded);
+  }
+}
+function hashProjectPath(projectPath) {
+  const normalizedPath = normalizeProjectPath(projectPath);
+  return crypto2.createHash("sha256").update(normalizedPath).digest("hex").slice(0, 8);
+}
+function getProjectStoragePath(projectPath) {
+  const hash = hashProjectPath(projectPath);
+  return path3.join(os.homedir(), ".claude-code", "memory", "projects", hash);
+}
+function resolveProjectStoragePath(projectOrHash) {
+  const isHash = /^[a-f0-9]{8}$/.test(projectOrHash);
+  return isHash ? path3.join(os.homedir(), ".claude-code", "memory", "projects", projectOrHash) : getProjectStoragePath(projectOrHash);
+}
+
 // src/core/sqlite-wrapper.ts
 import Database from "better-sqlite3";
-import * as fs3 from "fs";
+import * as fs4 from "fs";
 import * as nodePath from "path";
 function createSQLiteDatabase(path22, options) {
   const dir = nodePath.dirname(path22);
-  if (!fs3.existsSync(dir)) {
-    fs3.mkdirSync(dir, { recursive: true });
+  if (!fs4.existsSync(dir)) {
+    fs4.mkdirSync(dir, { recursive: true });
   }
   const db = new Database(path22, {
     readonly: options?.readonly ?? false
@@ -2264,8 +2293,8 @@ function toSQLiteTimestamp(date) {
 }
 
 // src/core/markdown-mirror.ts
-import * as fs4 from "fs/promises";
-import * as path3 from "path";
+import * as fs5 from "fs/promises";
+import * as path4 from "path";
 var DEFAULT_NAMESPACE = "default";
 var DEFAULT_CATEGORY = "uncategorized";
 function sanitizeSegment2(input, fallback) {
@@ -2294,7 +2323,7 @@ function buildMirrorPath2(rootDir, event) {
   const yyyy = d.getFullYear();
   const mm = String(d.getMonth() + 1).padStart(2, "0");
   const dd = String(d.getDate()).padStart(2, "0");
-  return path3.join(rootDir, "memory", namespace, ...categories, `${yyyy}-${mm}-${dd}.md`);
+  return path4.join(rootDir, "memory", namespace, ...categories, `${yyyy}-${mm}-${dd}.md`);
 }
 function formatMirrorEntry(event) {
   const category = Array.isArray(event.metadata?.categoryPath) ? event.metadata.categoryPath.join("/") : String(event.metadata?.category ?? event.eventType);
@@ -2315,8 +2344,8 @@ var MarkdownMirror2 = class {
   }
   async append(event) {
     const outPath = buildMirrorPath2(this.rootDir, event);
-    await fs4.mkdir(path3.dirname(outPath), { recursive: true });
-    await fs4.appendFile(outPath, formatMirrorEntry(event), "utf8");
+    await fs5.mkdir(path4.dirname(outPath), { recursive: true });
+    await fs5.appendFile(outPath, formatMirrorEntry(event), "utf8");
     return outPath;
   }
 };
@@ -2329,6 +2358,143 @@ function normalizeQueryRewriteKind(value) {
   return "none";
 }
 var REWRITTEN_QUERY_REWRITE_KIND_SQL = `LOWER(TRIM(COALESCE(query_rewrite_kind, 'none'))) IN ('follow-up-context', 'intent-rewrite')`;
+var DEFAULT_OUTBOX_STUCK_THRESHOLD_MS = 5 * 60 * 1e3;
+var DEFAULT_OUTBOX_MAX_RETRIES = 3;
+function emptyOutboxRecoveryResult() {
+  return {
+    embedding: { recoveredProcessing: 0, retriedFailed: 0 },
+    vector: { recoveredProcessing: 0, retriedFailed: 0 }
+  };
+}
+function isRecord(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function getNestedRecord(root, path22) {
+  let cursor = root;
+  for (const key of path22) {
+    if (!isRecord(cursor))
+      return void 0;
+    cursor = cursor[key];
+  }
+  return isRecord(cursor) ? cursor : void 0;
+}
+function getNestedString(root, path22) {
+  let cursor = root;
+  for (const key of path22) {
+    if (!isRecord(cursor))
+      return void 0;
+    cursor = cursor[key];
+  }
+  return typeof cursor === "string" && cursor.length > 0 ? cursor : void 0;
+}
+function metadataProjectHash(metadata) {
+  return getNestedString(metadata, ["scope", "project", "hash"]);
+}
+function metadataProjectPaths(metadata) {
+  const candidates = [
+    getNestedString(metadata, ["projectPath"]),
+    getNestedString(metadata, ["sourceProjectPath"]),
+    getNestedString(metadata, ["scope", "project", "path"])
+  ];
+  const paths = [];
+  for (const value of candidates) {
+    if (value && !paths.includes(value))
+      paths.push(value);
+  }
+  return paths;
+}
+function metadataProjectPath(metadata) {
+  return metadataProjectPaths(metadata)[0];
+}
+function isActiveQuarantinedMetadata(metadata) {
+  const quarantine = getNestedRecord(metadata, ["quarantine"]);
+  return quarantine?.status === "active";
+}
+function activeQuarantineStatusExpression(column = "metadata") {
+  return `COALESCE(json_extract(CASE WHEN json_valid(${column}) THEN ${column} ELSE '{}' END, '$.quarantine.status'), '')`;
+}
+function notActiveQuarantinedSql(column = "metadata") {
+  return `${activeQuarantineStatusExpression(column)} != 'active'`;
+}
+function maybeQuarantinePredicate(options, column = "metadata") {
+  return options?.includeQuarantined ? "1=1" : notActiveQuarantinedSql(column);
+}
+function safeParseMetadataValue(value) {
+  if (!value)
+    return void 0;
+  if (typeof value === "object")
+    return isRecord(value) ? value : void 0;
+  if (typeof value !== "string")
+    return void 0;
+  try {
+    const parsed = JSON.parse(value);
+    return isRecord(parsed) ? parsed : void 0;
+  } catch {
+    return void 0;
+  }
+}
+function isImportedOrLegacyScopedMetadata(metadata) {
+  if (!metadata)
+    return false;
+  return Boolean(
+    metadata.importedFrom || metadata.sourceSessionId || metadata.sourceSessionHash || metadata.hermesSource || metadata.projectPath || metadata.sourceProjectPath || metadata.source === "hermes" || metadata.source === "claude" || metadata.source === "codex"
+  );
+}
+function addMetadataTag(metadata, tag) {
+  const current = Array.isArray(metadata.tags) ? metadata.tags.filter((value) => typeof value === "string") : [];
+  if (!current.includes(tag))
+    metadata.tags = [...current, tag];
+}
+function buildRepairResult(projectHash, dryRun) {
+  return {
+    dryRun,
+    projectHash,
+    scanned: 0,
+    repaired: 0,
+    quarantined: 0,
+    alreadyScoped: 0,
+    skipped: 0,
+    samples: []
+  };
+}
+function normalizeRepoName(value) {
+  return value.replace(/\.git$/i, "").trim().toLowerCase();
+}
+function projectBasename(projectPath) {
+  if (!projectPath)
+    return void 0;
+  const trimmed = projectPath.replace(/[\\/]+$/, "");
+  const basename7 = nodePath2.basename(trimmed);
+  return basename7 ? normalizeRepoName(basename7) : void 0;
+}
+function isProjectScopeRepairExplanation(content) {
+  const normalized = content.toLowerCase();
+  const hasRepairContext = /project[- ]scope|mis[- ]scoped|quarantine|contamination|legacy|오염|격리|repair/.test(normalized);
+  const hasExplanationContext = /example|detector|trap|not a .*project task|기억|메모리|설명|수정|검증/.test(normalized);
+  return hasRepairContext && hasExplanationContext;
+}
+function hasConflictingContentProjectHint(content, projectPath) {
+  const currentName = projectBasename(projectPath);
+  if (!currentName)
+    return false;
+  if (isProjectScopeRepairExplanation(content))
+    return false;
+  const githubRepoPattern = /github\.com[:/]([^/\s`'"#)]+)\/([^/\s`'"#)]+)(?:\.git)?/gi;
+  let githubMatch;
+  while ((githubMatch = githubRepoPattern.exec(content)) !== null) {
+    const repo = normalizeRepoName(githubMatch[2] || "");
+    if (repo && repo !== currentName)
+      return true;
+  }
+  const workspacePathPattern = /\/workspace\/([^/\s`'"#)]+)/gi;
+  let workspaceMatch;
+  while ((workspaceMatch = workspacePathPattern.exec(content)) !== null) {
+    const repo = normalizeRepoName(workspaceMatch[1] || "");
+    if (repo && repo !== currentName)
+      return true;
+  }
+  return false;
+}
 var SQLiteEventStore = class {
   db;
   initialized = false;
@@ -2827,11 +2993,11 @@ var SQLiteEventStore = class {
   /**
    * Get events by session ID
    */
-  async getSessionEvents(sessionId) {
+  async getSessionEvents(sessionId, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events WHERE session_id = ? ORDER BY timestamp ASC`,
+      `SELECT * FROM events WHERE session_id = ? AND ${maybeQuarantinePredicate(options)} ORDER BY timestamp ASC`,
       [sessionId]
     );
     return rows.map(this.rowToEvent);
@@ -2839,11 +3005,11 @@ var SQLiteEventStore = class {
   /**
    * Get recent events
    */
-  async getRecentEvents(limit = 100) {
+  async getRecentEvents(limit = 100, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events ORDER BY timestamp DESC LIMIT ?`,
+      `SELECT * FROM events WHERE ${maybeQuarantinePredicate(options)} ORDER BY timestamp DESC LIMIT ?`,
       [limit]
     );
     return rows.map(this.rowToEvent);
@@ -2851,11 +3017,11 @@ var SQLiteEventStore = class {
   /**
    * Get event by ID
    */
-  async getEvent(id) {
+  async getEvent(id, options) {
     await this.initialize();
     const row = sqliteGet(
       this.db,
-      `SELECT * FROM events WHERE id = ?`,
+      `SELECT * FROM events WHERE id = ? AND ${maybeQuarantinePredicate(options)}`,
       [id]
     );
     if (!row)
@@ -2865,11 +3031,11 @@ var SQLiteEventStore = class {
   /**
    * Get events since a timestamp (for sync)
    */
-  async getEventsSince(timestamp, limit = 1e3) {
+  async getEventsSince(timestamp, limit = 1e3, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events WHERE timestamp > ? ORDER BY timestamp ASC LIMIT ?`,
+      `SELECT * FROM events WHERE timestamp > ? AND ${maybeQuarantinePredicate(options)} ORDER BY timestamp ASC LIMIT ?`,
       [timestamp, limit]
     );
     return rows.map(this.rowToEvent);
@@ -2878,11 +3044,11 @@ var SQLiteEventStore = class {
    * Get events since a SQLite rowid (for robust incremental replication).
    * Rowid is monotonic for append-only tables, independent of client timestamps.
    */
-  async getEventsSinceRowid(lastRowid, limit = 1e3) {
+  async getEventsSinceRowid(lastRowid, limit = 1e3, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT rowid as _rowid, * FROM events WHERE rowid > ? ORDER BY rowid ASC LIMIT ?`,
+      `SELECT rowid as _rowid, * FROM events WHERE rowid > ? AND ${maybeQuarantinePredicate(options)} ORDER BY rowid ASC LIMIT ?`,
       [lastRowid, limit]
     );
     return rows.map((row) => ({
@@ -3079,7 +3245,9 @@ var SQLiteEventStore = class {
     const placeholders = ids.map(() => "?").join(",");
     sqliteRun(
       this.db,
-      `UPDATE embedding_outbox SET status = 'processing' WHERE id IN (${placeholders})`,
+      `UPDATE embedding_outbox
+       SET status = 'processing', processed_at = datetime('now'), error_message = NULL
+       WHERE id IN (${placeholders})`,
       ids
     );
     return pending.map((row) => ({
@@ -3115,19 +3283,19 @@ var SQLiteEventStore = class {
   /**
    * Count total events
    */
-  async countEvents() {
+  async countEvents(options) {
     await this.initialize();
-    const row = sqliteGet(this.db, `SELECT COUNT(*) as count FROM events`);
+    const row = sqliteGet(this.db, `SELECT COUNT(*) as count FROM events WHERE ${maybeQuarantinePredicate(options)}`);
     return row?.count || 0;
   }
   /**
    * Get events page in timestamp ascending order (stable migration/reindex scans)
    */
-  async getEventsPage(limit = 1e3, offset = 0) {
+  async getEventsPage(limit = 1e3, offset = 0, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events ORDER BY timestamp ASC LIMIT ? OFFSET ?`,
+      `SELECT * FROM events WHERE ${maybeQuarantinePredicate(options)} ORDER BY timestamp ASC LIMIT ? OFFSET ?`,
       [limit, offset]
     );
     return rows.map(this.rowToEvent);
@@ -3149,6 +3317,197 @@ var SQLiteEventStore = class {
       [error, ...ids]
     );
   }
+  /**
+   * Recover abandoned outbox work after a worker/process crash.
+   *
+   * Rows in `processing` are claimed work. If the process exits before marking
+   * them done/failed, they otherwise remain invisible to future processing.
+   * Recovery is deliberately age-gated so an active worker is not disturbed.
+   */
+  async recoverStuckOutboxItems(options = {}) {
+    await this.initialize();
+    const thresholdMs = Number.isFinite(options.stuckThresholdMs) && (options.stuckThresholdMs ?? 0) >= 0 ? options.stuckThresholdMs : DEFAULT_OUTBOX_STUCK_THRESHOLD_MS;
+    const maxRetries = Number.isFinite(options.maxRetries) && (options.maxRetries ?? 0) > 0 ? options.maxRetries : DEFAULT_OUTBOX_MAX_RETRIES;
+    const now = options.now ?? /* @__PURE__ */ new Date();
+    const threshold = new Date(now.getTime() - thresholdMs).toISOString();
+    const result = emptyOutboxRecoveryResult();
+    const embeddingRecovered = sqliteRun(
+      this.db,
+      `UPDATE embedding_outbox
+       SET status = 'pending', processed_at = NULL, error_message = NULL
+       WHERE status = 'processing'
+         AND datetime(COALESCE(processed_at, created_at)) < datetime(?)`,
+      [threshold]
+    );
+    result.embedding.recoveredProcessing = Number(embeddingRecovered.changes ?? 0);
+    const embeddingRetried = sqliteRun(
+      this.db,
+      `UPDATE embedding_outbox
+       SET status = 'pending', error_message = NULL
+       WHERE status = 'failed'
+         AND retry_count < ?`,
+      [maxRetries]
+    );
+    result.embedding.retriedFailed = Number(embeddingRetried.changes ?? 0);
+    const vectorRecovered = sqliteRun(
+      this.db,
+      `UPDATE vector_outbox
+       SET status = 'pending', updated_at = ?, error = NULL
+       WHERE status = 'processing'
+         AND datetime(updated_at) < datetime(?)`,
+      [now.toISOString(), threshold]
+    );
+    result.vector.recoveredProcessing = Number(vectorRecovered.changes ?? 0);
+    const vectorRetried = sqliteRun(
+      this.db,
+      `UPDATE vector_outbox
+       SET status = 'pending', updated_at = ?, error = NULL
+       WHERE status = 'failed'
+         AND retry_count < ?`,
+      [now.toISOString(), maxRetries]
+    );
+    result.vector.retriedFailed = Number(vectorRetried.changes ?? 0);
+    return result;
+  }
+  /**
+   * Repair legacy imported events that predate canonical project scope metadata.
+   *
+   * Same-project legacy rows are tagged with scope.project.hash. Rows that look
+   * imported but cannot be proven to belong to this project are quarantined so
+   * dashboard default reads/search do not surface cross-project contamination.
+   */
+  async repairLegacyProjectScope(options = {}) {
+    await this.initialize();
+    const projectHash = options.projectHash || (options.projectPath ? hashProjectPath(options.projectPath) : void 0);
+    if (!projectHash) {
+      throw new Error("repairLegacyProjectScope requires projectPath or projectHash");
+    }
+    if (options.projectPath && options.projectHash && hashProjectPath(options.projectPath) !== options.projectHash) {
+      throw new Error("repairLegacyProjectScope projectPath and projectHash refer to different project stores");
+    }
+    const dryRun = options.dryRun === true;
+    const nowIso = (options.now || /* @__PURE__ */ new Date()).toISOString();
+    const result = buildRepairResult(projectHash, dryRun);
+    const rows = sqliteAll(
+      this.db,
+      `SELECT e.id, e.content, e.metadata, s.project_path as session_project_path
+       FROM events e
+       LEFT JOIN sessions s ON s.id = e.session_id
+       ORDER BY e.timestamp ASC`,
+      []
+    );
+    const sample = (entry) => {
+      if (result.samples.length < 20)
+        result.samples.push(entry);
+    };
+    for (const row of rows) {
+      result.scanned++;
+      let metadata = {};
+      let metadataParseInvalid = false;
+      if (row.metadata) {
+        const parsed = safeParseMetadataValue(row.metadata);
+        if (parsed) {
+          metadata = parsed;
+        } else {
+          metadataParseInvalid = true;
+        }
+      }
+      if (isActiveQuarantinedMetadata(metadata)) {
+        result.skipped++;
+        continue;
+      }
+      const currentHash = metadataProjectHash(metadata);
+      const explicitPath = metadataProjectPath(metadata);
+      const sessionProjectPath = typeof row.session_project_path === "string" && row.session_project_path.length > 0 ? row.session_project_path : void 0;
+      const candidatePaths = metadataProjectPaths(metadata);
+      if (sessionProjectPath && !candidatePaths.includes(sessionProjectPath)) {
+        candidatePaths.push(sessionProjectPath);
+      }
+      const importedOrLegacy = metadataParseInvalid || isImportedOrLegacyScopedMetadata(metadata) || Boolean(sessionProjectPath);
+      const pathHashes = candidatePaths.map((candidate) => {
+        try {
+          return { path: candidate, hash: hashProjectPath(candidate) };
+        } catch {
+          return { path: candidate, hash: void 0 };
+        }
+      });
+      const matchingPath = pathHashes.find((candidate) => candidate.hash === projectHash);
+      const foreignPath = pathHashes.find((candidate) => candidate.hash && candidate.hash !== projectHash);
+      let action = "skipped";
+      let reason;
+      let observedProjectHash;
+      if (foreignPath) {
+        action = "quarantined";
+        reason = "project-path-mismatch";
+        observedProjectHash = foreignPath.hash;
+      } else if (currentHash === projectHash && importedOrLegacy && hasConflictingContentProjectHint(row.content, options.projectPath)) {
+        action = "quarantined";
+        reason = "content-project-mismatch";
+      } else if (currentHash === projectHash) {
+        result.alreadyScoped++;
+        continue;
+      } else if (currentHash && currentHash !== projectHash) {
+        action = "quarantined";
+        reason = "scope-hash-mismatch";
+        observedProjectHash = currentHash;
+      } else if (matchingPath) {
+        action = "repaired";
+        reason = matchingPath.path === sessionProjectPath && matchingPath.path !== explicitPath ? "session-project-path" : "same-project-path";
+      } else if (candidatePaths.length > 0) {
+        action = "quarantined";
+        reason = "project-path-mismatch";
+      } else if (importedOrLegacy) {
+        action = "quarantined";
+        reason = "missing-project-scope";
+      }
+      if (action === "skipped" || !reason) {
+        result.skipped++;
+        continue;
+      }
+      if (action === "repaired") {
+        const scope = isRecord(metadata.scope) ? { ...metadata.scope } : {};
+        const project = isRecord(scope.project) ? { ...scope.project } : {};
+        project.hash = projectHash;
+        scope.project = project;
+        metadata.scope = scope;
+        metadata.repair = {
+          ...isRecord(metadata.repair) ? metadata.repair : {},
+          legacyProjectScope: {
+            action,
+            reason,
+            repairedAt: nowIso
+          }
+        };
+        addMetadataTag(metadata, `proj:${projectHash}`);
+        result.repaired++;
+      } else {
+        metadata.quarantine = {
+          ...isRecord(metadata.quarantine) ? metadata.quarantine : {},
+          status: "active",
+          category: "project-scope",
+          reason,
+          detectedAt: nowIso,
+          expectedProjectHash: projectHash,
+          ...observedProjectHash ? { observedProjectHash } : {}
+        };
+        metadata.repair = {
+          ...isRecord(metadata.repair) ? metadata.repair : {},
+          legacyProjectScope: {
+            action,
+            reason,
+            repairedAt: nowIso
+          }
+        };
+        addMetadataTag(metadata, "quarantine:project-scope");
+        result.quarantined++;
+      }
+      sample({ eventId: row.id, action, reason });
+      if (!dryRun) {
+        sqliteRun(this.db, `UPDATE events SET metadata = ? WHERE id = ?`, [JSON.stringify(metadata), row.id]);
+      }
+    }
+    return result;
+  }
   /**
    * Get embedding/vector outbox health statistics
    */
@@ -3196,7 +3555,11 @@ var SQLiteEventStore = class {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT level, COUNT(*) as count FROM memory_levels GROUP BY level`
+      `SELECT ml.level, COUNT(*) as count
+       FROM memory_levels ml
+       INNER JOIN events e ON e.id = ml.event_id
+       WHERE ${notActiveQuarantinedSql("e.metadata")}
+       GROUP BY ml.level`
     );
     return rows;
   }
@@ -3212,6 +3575,7 @@ var SQLiteEventStore = class {
       `SELECT e.* FROM events e
        INNER JOIN memory_levels ml ON e.id = ml.event_id
        WHERE ml.level = ?
+         AND ${notActiveQuarantinedSql("e.metadata")}
        ORDER BY e.timestamp DESC
        LIMIT ? OFFSET ?`,
       [level, limit, offset]
@@ -3304,12 +3668,13 @@ var SQLiteEventStore = class {
   /**
    * Get most accessed memories (falls back to recent events if none accessed)
    */
-  async getMostAccessed(limit = 10) {
+  async getMostAccessed(limit = 10, options) {
     await this.initialize();
     let rows = sqliteAll(
       this.db,
       `SELECT * FROM events
        WHERE access_count > 0
+         AND ${maybeQuarantinePredicate(options)}
        ORDER BY access_count DESC, last_accessed_at DESC
        LIMIT ?`,
       [limit]
@@ -3318,6 +3683,7 @@ var SQLiteEventStore = class {
       rows = sqliteAll(
         this.db,
         `SELECT * FROM events
+         WHERE ${maybeQuarantinePredicate(options)}
          ORDER BY timestamp DESC
          LIMIT ?`,
         [limit]
@@ -3448,6 +3814,7 @@ var SQLiteEventStore = class {
        FROM memory_helpfulness mh
        JOIN events e ON e.id = mh.event_id
        WHERE mh.measured_at IS NOT NULL
+         AND ${notActiveQuarantinedSql("e.metadata")}
        GROUP BY mh.event_id
        ORDER BY avg_score DESC
        LIMIT ?`,
@@ -3512,6 +3879,7 @@ var SQLiteEventStore = class {
          FROM events_fts fts
          JOIN events e ON e.id = fts.event_id
          WHERE events_fts MATCH ?
+           AND ${notActiveQuarantinedSql("e.metadata")}
          ORDER BY fts.rank
          LIMIT ?`,
         [searchTerms, limit]
@@ -3526,6 +3894,7 @@ var SQLiteEventStore = class {
         this.db,
         `SELECT *, 0 as rank FROM events
          WHERE content LIKE ?
+           AND ${notActiveQuarantinedSql()}
          ORDER BY timestamp DESC
          LIMIT ?`,
         [likePattern, limit]
@@ -3732,6 +4101,7 @@ var SQLiteEventStore = class {
       `SELECT turn_id, MIN(timestamp) as min_ts
        FROM events
        WHERE session_id = ? AND turn_id IS NOT NULL
+         AND ${maybeQuarantinePredicate(options)}
        GROUP BY turn_id
        ORDER BY min_ts DESC
        LIMIT ? OFFSET ?`,
@@ -3739,7 +4109,7 @@ var SQLiteEventStore = class {
     );
     const turns = [];
     for (const turnRow of turnRows) {
-      const events = await this.getEventsByTurn(turnRow.turn_id);
+      const events = await this.getEventsByTurn(turnRow.turn_id, options);
       const promptEvent = events.find((e) => e.eventType === "user_prompt");
       const toolEvents = events.filter((e) => e.eventType === "tool_observation");
       const hasResponse = events.some((e) => e.eventType === "agent_response");
@@ -3758,11 +4128,11 @@ var SQLiteEventStore = class {
   /**
    * Get all events for a specific turn_id
    */
-  async getEventsByTurn(turnId) {
+  async getEventsByTurn(turnId, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events WHERE turn_id = ? ORDER BY timestamp ASC`,
+      `SELECT * FROM events WHERE turn_id = ? AND ${maybeQuarantinePredicate(options)} ORDER BY timestamp ASC`,
       [turnId]
     );
     return rows.map(this.rowToEvent);
@@ -3770,13 +4140,14 @@ var SQLiteEventStore = class {
   /**
    * Count total turns for a session
    */
-  async countSessionTurns(sessionId) {
+  async countSessionTurns(sessionId, options) {
     await this.initialize();
     const row = sqliteGet(
       this.db,
       `SELECT COUNT(DISTINCT turn_id) as count
        FROM events
-       WHERE session_id = ? AND turn_id IS NOT NULL`,
+       WHERE session_id = ? AND turn_id IS NOT NULL
+         AND ${maybeQuarantinePredicate(options)}`,
       [sessionId]
     );
     return row?.count || 0;
@@ -3868,7 +4239,7 @@ var SQLiteEventStore = class {
       content: row.content,
       canonicalKey: row.canonical_key,
       dedupeKey: row.dedupe_key,
-      metadata: row.metadata ? JSON.parse(row.metadata) : void 0
+      metadata: safeParseMetadataValue(row.metadata)
     };
     if (row.access_count !== void 0) {
       event.access_count = row.access_count;
@@ -4020,6 +4391,7 @@ var VectorStore = class {
    * Get total count of vectors
    */
   async count() {
+    await this.initialize();
     if (!this.table)
       return 0;
     const result = await this.table.countRows();
@@ -4458,6 +4830,14 @@ var MemoryQueryService = class {
     await this.initialize();
     return this.getMaintenanceStore("getOutboxStats").getOutboxStats();
   }
+  async recoverStuckOutboxItems(options) {
+    await this.initialize();
+    return this.getMaintenanceStore("recoverStuckOutboxItems").recoverStuckOutboxItems(options);
+  }
+  async repairLegacyProjectScope(options) {
+    await this.initialize();
+    return this.getMaintenanceStore("repairLegacyProjectScope").repairLegacyProjectScope(options);
+  }
   async getStats() {
     await this.initialize();
     const deps = this.getStatsDeps();
@@ -6080,18 +6460,18 @@ function assertDefaultRetrieverStore(eventStore) {
 function createMemoryEngineServices(options) {
   const factories = options.factories ?? {};
   const storagePath = options.storagePath;
-  if (!options.readOnly && !fs5.existsSync(storagePath)) {
-    fs5.mkdirSync(storagePath, { recursive: true });
+  if (!options.readOnly && !fs6.existsSync(storagePath)) {
+    fs6.mkdirSync(storagePath, { recursive: true });
   }
   const sqliteStore = (factories.createSQLiteEventStore ?? defaultCreateSQLiteEventStore)(
-    path4.join(storagePath, "events.sqlite"),
+    path5.join(storagePath, "events.sqlite"),
     {
       readonly: options.readOnly,
       markdownMirrorRoot: storagePath
     }
   );
   const vectorStore = (factories.createVectorStore ?? defaultCreateVectorStore)(
-    path4.join(storagePath, "vectors")
+    path5.join(storagePath, "vectors")
   );
   const embeddingModel = options.embeddingModel || process.env.CLAUDE_MEMORY_EMBEDDING_MODEL;
   const embedder = embeddingModel ? (factories.createEmbedder ?? defaultCreateEmbedder)(embeddingModel) : (factories.getDefaultEmbedder ?? getDefaultEmbedder)();
@@ -6502,8 +6882,8 @@ function createMemoryRuntimeService(deps) {
 }
 
 // src/extensions/shared-memory/shared-memory-services.ts
-import * as fs6 from "fs";
-import * as path5 from "path";
+import * as fs7 from "fs";
+import * as path6 from "path";
 
 // src/core/shared-event-store.ts
 var SharedEventStore = class {
@@ -7191,7 +7571,7 @@ var SharedMemoryServices = class {
     this.ensureDirectory(sharedPath, { allowCreate: true });
     const store = await this.openStore(sharedPath);
     this.sharedVectorStore = this.factories.createSharedVectorStore(
-      path5.join(sharedPath, "vectors")
+      path6.join(sharedPath, "vectors")
     );
     await this.sharedVectorStore.initialize();
     this.sharedPromoter = this.factories.createSharedPromoter(
@@ -7264,7 +7644,7 @@ var SharedMemoryServices = class {
   async createOpenStorePromise(sharedPath) {
     if (!this.sharedEventStore) {
       const sharedEventStore = this.factories.createSharedEventStore(
-        path5.join(sharedPath, "shared.duckdb")
+        path6.join(sharedPath, "shared.duckdb")
       );
       await sharedEventStore.initialize();
       this.sharedEventStore = sharedEventStore;
@@ -7284,9 +7664,9 @@ var SharedMemoryServices = class {
   }
   get factories() {
     return {
-      existsSync: this.options.factories?.existsSync ?? fs6.existsSync,
+      existsSync: this.options.factories?.existsSync ?? fs7.existsSync,
       mkdirSync: this.options.factories?.mkdirSync ?? ((targetPath) => {
-        fs6.mkdirSync(targetPath, { recursive: true });
+        fs7.mkdirSync(targetPath, { recursive: true });
       }),
       createSharedEventStore: this.options.factories?.createSharedEventStore ?? createSharedEventStore,
       createSharedStore: this.options.factories?.createSharedStore ?? createSharedStore,
@@ -7401,37 +7781,11 @@ function createMemoryServiceComposition(options) {
 }
 function defaultExpandPath(targetPath) {
   if (targetPath.startsWith("~")) {
-    return path6.join(os.homedir(), targetPath.slice(1));
+    return path7.join(os2.homedir(), targetPath.slice(1));
   }
   return targetPath;
 }
 
-// src/core/registry/project-path.ts
-import * as crypto2 from "crypto";
-import * as fs7 from "fs";
-import * as os2 from "os";
-import * as path7 from "path";
-function normalizeProjectPath(projectPath) {
-  const expanded = projectPath.startsWith("~") ? path7.join(os2.homedir(), projectPath.slice(1)) : projectPath;
-  try {
-    return fs7.realpathSync(expanded);
-  } catch {
-    return path7.resolve(expanded);
-  }
-}
-function hashProjectPath(projectPath) {
-  const normalizedPath = normalizeProjectPath(projectPath);
-  return crypto2.createHash("sha256").update(normalizedPath).digest("hex").slice(0, 8);
-}
-function getProjectStoragePath(projectPath) {
-  const hash = hashProjectPath(projectPath);
-  return path7.join(os2.homedir(), ".claude-code", "memory", "projects", hash);
-}
-function resolveProjectStoragePath(projectOrHash) {
-  const isHash = /^[a-f0-9]{8}$/.test(projectOrHash);
-  return isHash ? path7.join(os2.homedir(), ".claude-code", "memory", "projects", projectOrHash) : getProjectStoragePath(projectOrHash);
-}
-
 // src/core/registry/session-registry.ts
 import * as fs8 from "fs";
 import * as os3 from "os";
@@ -7755,6 +8109,12 @@ var MemoryService = class {
   async getOutboxStats() {
     return this.queryService.getOutboxStats();
   }
+  async recoverStuckOutboxItems(options) {
+    return this.queryService.recoverStuckOutboxItems(options);
+  }
+  async repairLegacyProjectScope(options) {
+    return this.queryService.repairLegacyProjectScope(options);
+  }
   async getRetrievalTraceStats() {
     return this.retrievalAnalyticsService.getRetrievalTraceStats();
   }
@@ -8484,7 +8844,7 @@ import * as os7 from "os";
 import * as readline2 from "readline";
 import { createHash as createHash3, randomUUID as randomUUID9 } from "crypto";
 var CODEX_VALIDATION_DEFAULT_MAX_CONTENT_CHARS = 1e4;
-function isRecord(value) {
+function isRecord2(value) {
   return typeof value === "object" && value !== null;
 }
 function normalizeMaybeRealpath(p) {
@@ -8501,7 +8861,7 @@ function extractCodexContentText(content, maxContentChars = CODEX_VALIDATION_DEF
       texts.push(content);
   } else if (Array.isArray(content)) {
     for (const block of content) {
-      if (!isRecord(block))
+      if (!isRecord2(block))
         continue;
       const b = block;
       const t = typeof b.type === "string" ? b.type : "";
@@ -8589,7 +8949,7 @@ async function readCodexSessionMeta(filePath) {
         const obj = JSON.parse(line);
         if (obj.type !== "session_meta")
           continue;
-        if (!isRecord(obj.payload))
+        if (!isRecord2(obj.payload))
           break;
         const payload = obj.payload;
         const sessionId = typeof payload.id === "string" ? payload.id : null;
@@ -8727,7 +9087,7 @@ async function normalizeCodexSessionFile(filePath, options = {}) {
       }
       if (entry.type === "session_meta")
         continue;
-      if (entry.type !== "response_item" || !isRecord(entry.payload)) {
+      if (entry.type !== "response_item" || !isRecord2(entry.payload)) {
         summary.skippedUnsupportedRecords += 1;
         continue;
       }
@@ -8882,7 +9242,7 @@ var CodexSessionHistoryImporter = class {
           const obj = JSON.parse(line);
           if (obj.type !== "session_meta")
             continue;
-          if (!isRecord(obj.payload))
+          if (!isRecord2(obj.payload))
             break;
           const payload = obj.payload;
           const sessionId = typeof payload.id === "string" ? payload.id : null;
@@ -9098,7 +9458,7 @@ var CodexSessionHistoryImporter = class {
         try {
           const entry = JSON.parse(line);
           result.totalMessages++;
-          if (entry.type === "response_item" && isRecord(entry.payload)) {
+          if (entry.type === "response_item" && isRecord2(entry.payload)) {
             const payload = entry.payload;
             if (payload.type !== "message")
               continue;
@@ -9290,10 +9650,10 @@ var SENSITIVE_PATTERNS = [
   // Redact the whole URI so usernames, credentials, hosts, paths, and query
   // params do not leak either.
   /\b[a-z][a-z0-9+.-]*:\/\/[^\s'"`<>/@]+@[^\s'"`<>]+/gi,
-  /password\s*[:=]\s*['"]?[^\s'"]+/gi,
-  /api[_-]?key\s*[:=]\s*['"]?[^\s'"]+/gi,
-  /secret\s*[:=]\s*['"]?[^\s'"]+/gi,
-  /token\s*[:=]\s*['"]?[^\s'"]+/gi,
+  /(?:[\w.-]+[-_])?password\s*[:=]\s*(?!\[REDACTED\])['"]?[^\s'"]+/gi,
+  /(?:[\w.-]+[-_])?api[-_]?key\s*[:=]\s*(?!\[REDACTED\])['"]?[^\s'"]+/gi,
+  /(?:[\w.-]+[-_])?secret\s*[:=]\s*(?!\[REDACTED\])['"]?[^\s'"]+/gi,
+  /(?:[\w.-]+[-_])?token\s*[:=]\s*(?!\[REDACTED\])['"]?[^\s'"]+/gi,
   /bearer\s+[a-zA-Z0-9\-_.]+/gi,
   /AWS[_-]?ACCESS[_-]?KEY[_-]?ID\s*[:=]\s*['"]?[A-Z0-9]+/gi,
   /AWS[_-]?SECRET[_-]?ACCESS[_-]?KEY\s*[:=]\s*['"]?[^\s'"]+/gi,
@@ -9303,6 +9663,35 @@ var SENSITIVE_PATTERNS = [
   /sk-[a-zA-Z0-9]{48}/g
   // OpenAI API Key
 ];
+var CLI_SECRET_OPTION_PATTERNS = [
+  /(--(?:[a-z0-9]+[-_])*(?:password|secret|api[-_]?key|token|bearer)(?:[-_][a-z0-9]+)*(?:\s+|=))(?:"[^"]*"|'[^']*'|[^\s'"`<>]+)/gi
+];
+var URL_FOLLOWING_SECRET_PATTERN = /((?:https?:\/\/[^\s'"`<>]+)\s*\r?\n\s*)([A-Za-z0-9!@#$%^&*._+\-~:=/]{6,})(?=\s*(?:\r?\n|$))/gi;
+function looksLikePastedSecret(value) {
+  return value.length >= 8 && /(?:\d|[^A-Za-z0-9])/.test(value);
+}
+function maskUrlFollowingSecret(value) {
+  let count = 0;
+  const content = value.replace(URL_FOLLOWING_SECRET_PATTERN, (_match, prefix, secret) => {
+    if (!looksLikePastedSecret(secret))
+      return `${prefix}${secret}`;
+    count++;
+    return `${prefix}[REDACTED]`;
+  });
+  return { content, count };
+}
+function maskCliSecretOptions(value) {
+  let count = 0;
+  let filtered = value;
+  for (const pattern of CLI_SECRET_OPTION_PATTERNS) {
+    pattern.lastIndex = 0;
+    filtered = filtered.replace(pattern, (_match, prefix) => {
+      count++;
+      return `${prefix}[REDACTED]`;
+    });
+  }
+  return { content: filtered, count };
+}
 function applyPrivacyFilter(content, config) {
   let filtered = content;
   let privateTagCount = 0;
@@ -9316,6 +9705,12 @@ function applyPrivacyFilter(content, config) {
     filtered = tagResult.filtered;
     privateTagCount = tagResult.stats.count;
   }
+  const cliResult = maskCliSecretOptions(filtered);
+  filtered = cliResult.content;
+  patternMatchCount += cliResult.count;
+  const urlSecretResult = maskUrlFollowingSecret(filtered);
+  filtered = urlSecretResult.content;
+  patternMatchCount += urlSecretResult.count;
   for (const pattern of SENSITIVE_PATTERNS) {
     pattern.lastIndex = 0;
     const matches = filtered.match(pattern);
@@ -9327,13 +9722,13 @@ function applyPrivacyFilter(content, config) {
   for (const patternStr of config.excludePatterns || []) {
     try {
       const regex = new RegExp(
-        `(${patternStr})\\s*[:=]\\s*['"]?[^\\s'"]+`,
+        `(^|[^\\w-])(${patternStr})\\s*[:=]\\s*['"]?[^\\s'"]+`,
         "gi"
       );
       const matches = filtered.match(regex);
       if (matches) {
         patternMatchCount += matches.length;
-        filtered = filtered.replace(regex, "[REDACTED]");
+        filtered = filtered.replace(regex, "$1[REDACTED]");
       }
     } catch {
     }
@@ -10345,6 +10740,26 @@ function getServiceFromQuery(c) {
   }
   return getReadOnlyMemoryService();
 }
+function getWritableServiceFromQuery(c) {
+  const project = c.req.query("project") || c.req.query("projectId");
+  if (project) {
+    const storagePath = resolveProjectStoragePath(project);
+    return new MemoryService({
+      storagePath,
+      readOnly: false,
+      lightweightMode: true,
+      analyticsEnabled: false,
+      sharedStoreConfig: DISABLED_SHARED_STORE_CONFIG
+    });
+  }
+  return new MemoryService({
+    storagePath: "~/.claude-code/memory",
+    readOnly: false,
+    lightweightMode: true,
+    analyticsEnabled: false,
+    sharedStoreConfig: DISABLED_SHARED_STORE_CONFIG
+  });
+}
 function getLightweightServiceFromQuery(c) {
   const project = c.req.query("project") || c.req.query("projectId");
   if (project) {
@@ -12000,6 +12415,13 @@ import { Hono as Hono8 } from "hono";
 import { streamSSE } from "hono/streaming";
 import { spawn } from "child_process";
 var chatRouter = new Hono8();
+var ProviderFailure = class extends Error {
+  constructor(code, message) {
+    super(message);
+    this.code = code;
+    this.name = "ProviderFailure";
+  }
+};
 var CLAUDE_TIMEOUT_MS = 12e4;
 chatRouter.post("/", async (c) => {
   let body;
@@ -12011,43 +12433,12 @@ chatRouter.post("/", async (c) => {
   if (!body.message?.trim()) {
     return c.json({ error: "Message is required" }, 400);
   }
-  const memoryService = getServiceFromQuery(c);
+  const memoryOnly = body.mode === "memory-only" || body.memoryOnly === true;
+  const memoryService = memoryOnly ? getLightweightServiceFromQuery(c) : getServiceFromQuery(c);
   try {
     await memoryService.initialize();
-    let memoryContext = "";
-    let statsContext = "";
-    try {
-      const result = await memoryService.retrieveMemories(body.message, {
-        topK: 8,
-        minScore: 0.5
-      });
-      if (result.memories.length > 0) {
-        const parts = ["## Relevant Memories\n"];
-        for (const m of result.memories) {
-          const date = new Date(m.event.timestamp).toISOString().split("T")[0];
-          const content = m.event.content.slice(0, 500);
-          parts.push(`### [${m.event.eventType}] ${date} (score: ${m.score.toFixed(2)})`);
-          parts.push(content);
-          if (m.sessionContext) {
-            parts.push(`_Context: ${m.sessionContext}_`);
-          }
-          parts.push("");
-        }
-        memoryContext = parts.join("\n");
-      }
-    } catch {
-    }
-    try {
-      const stats = await memoryService.getStats();
-      const levels = stats.levelStats.map((l) => `${l.level}: ${l.count}`).join(", ");
-      statsContext = [
-        "## Memory Stats",
-        `- Total events: ${stats.totalEvents}`,
-        `- Vector nodes: ${stats.vectorCount}`,
-        `- By level: ${levels}`
-      ].join("\n");
-    } catch {
-    }
+    const { memoryContext, memoryHits } = await collectMemoryContext(memoryService, body.message);
+    const statsContext = await collectStatsContext(memoryService);
     const fullPrompt = buildPrompt(
       statsContext,
       memoryContext,
@@ -12055,13 +12446,23 @@ chatRouter.post("/", async (c) => {
       body.message
     );
     return streamSSE(c, async (stream) => {
+      if (memoryOnly) {
+        await streamMemoryOnlyResponse(stream, {
+          memoryContext,
+          memoryHits,
+          reason: "memory-only-mode"
+        });
+        return;
+      }
       try {
         await streamClaudeResponse(fullPrompt, stream);
       } catch (err) {
+        const diagnostic = providerDiagnostic(err);
         await stream.writeSSE({
-          event: "error",
-          data: JSON.stringify({ error: err.message })
+          event: "provider_error",
+          data: JSON.stringify(diagnostic)
         });
+        await streamMemoryOnlyFallback(stream, memoryContext, memoryHits);
       }
     });
   } catch (error) {
@@ -12070,6 +12471,115 @@ chatRouter.post("/", async (c) => {
     await memoryService.shutdown();
   }
 });
+async function collectMemoryContext(memoryService, query) {
+  let memoryHits = [];
+  try {
+    const result = await memoryService.retrieveMemories?.(query, {
+      topK: 8,
+      minScore: 0.5
+    });
+    memoryHits = result?.memories ?? [];
+  } catch {
+    memoryHits = [];
+  }
+  if (memoryHits.length === 0) {
+    try {
+      memoryHits = await memoryService.keywordSearch?.(query, { topK: 8, minScore: 0.05 }) ?? [];
+    } catch {
+      memoryHits = [];
+    }
+  }
+  return {
+    memoryContext: formatMemoryContext(memoryHits),
+    memoryHits
+  };
+}
+async function collectStatsContext(memoryService) {
+  try {
+    const stats = await memoryService.getStats?.();
+    if (!stats)
+      return "";
+    const levels = stats.levelStats.map((l) => `${l.level}: ${l.count}`).join(", ");
+    return [
+      "## Memory Stats",
+      `- Total events: ${stats.totalEvents}`,
+      `- Vector nodes: ${stats.vectorCount}`,
+      `- By level: ${levels}`
+    ].join("\n");
+  } catch {
+    return "";
+  }
+}
+function formatMemoryContext(memoryHits) {
+  if (memoryHits.length === 0)
+    return "";
+  const parts = ["## Relevant Memories\n"];
+  for (const m of memoryHits) {
+    const date = m.event.timestamp ? new Date(m.event.timestamp).toISOString().split("T")[0] : "unknown-date";
+    const content = (m.event.content ?? "").slice(0, 500);
+    parts.push(`### [${m.event.eventType ?? "memory"}] ${date} (score: ${m.score.toFixed(2)})`);
+    parts.push(content);
+    if (m.sessionContext) {
+      parts.push(`_Context: ${m.sessionContext}_`);
+    }
+    parts.push("");
+  }
+  return parts.join("\n");
+}
+async function streamMemoryOnlyResponse(stream, options) {
+  await stream.writeSSE({
+    event: "diagnostic",
+    data: JSON.stringify({
+      provider: "claude-cli",
+      status: "skipped",
+      mode: "memory-only",
+      reason: options.reason,
+      retrievedMemories: options.memoryHits.length
+    })
+  });
+  await streamMemoryOnlyFallback(stream, options.memoryContext, options.memoryHits);
+}
+async function streamMemoryOnlyFallback(stream, memoryContext, memoryHits) {
+  const content = memoryHits.length > 0 ? [
+    "Provider unavailable or skipped; showing retrieved memory context directly.",
+    "",
+    memoryContext
+  ].join("\n") : "Provider unavailable or skipped, and no directly relevant memories were found for this query.";
+  await stream.writeSSE({
+    event: "message",
+    data: JSON.stringify({ content, mode: "memory-only" })
+  });
+  await stream.writeSSE({ event: "done", data: "{}" });
+}
+function providerDiagnostic(err) {
+  if (err instanceof ProviderFailure) {
+    return {
+      provider: "claude-cli",
+      code: err.code,
+      message: err.message,
+      fallback: "memory-only"
+    };
+  }
+  return {
+    provider: "claude-cli",
+    code: "claude-cli-error",
+    message: err instanceof Error ? err.message : "Unknown Claude CLI failure",
+    fallback: "memory-only"
+  };
+}
+function classifyProviderFailure(message) {
+  const normalized = message.toLowerCase();
+  if (normalized.includes("401") || normalized.includes("unauthorized") || normalized.includes("auth")) {
+    return new ProviderFailure("claude-cli-auth", "Claude CLI authentication failed; showing memory-only context.");
+  }
+  if (normalized.includes("not found") || normalized.includes("enoent")) {
+    return new ProviderFailure("claude-cli-not-found", "Claude CLI was not found; showing memory-only context.");
+  }
+  if (normalized.includes("timed out")) {
+    return new ProviderFailure("claude-cli-timeout", "Claude CLI timed out; showing memory-only context.");
+  }
+  return new ProviderFailure("claude-cli-error", "Claude CLI failed; showing memory-only context.");
+}
 function buildPrompt(statsContext, memoryContext, history, currentMessage) {
   const parts = [];
   parts.push("You are a helpful assistant that answers questions about the user's code memory data.");
@@ -12112,12 +12622,13 @@ function streamClaudeResponse(prompt, stream) {
     });
     const timeout = setTimeout(() => {
       proc.kill("SIGTERM");
-      reject(new Error("Chat response timed out after 2 minutes"));
+      reject(classifyProviderFailure("timed out"));
     }, CLAUDE_TIMEOUT_MS);
     proc.stdin.write(prompt);
     proc.stdin.end();
     let buffer = "";
     let lastSentText = "";
+    let stderrText = "";
     proc.stdout.on("data", async (chunk) => {
       buffer += chunk.toString();
       const lines = buffer.split("\n");
@@ -12146,6 +12657,7 @@ function streamClaudeResponse(prompt, stream) {
       }
     });
     proc.stderr.on("data", (chunk) => {
+      stderrText += chunk.toString();
       if (process.env.CLAUDE_MEMORY_DEBUG) {
         console.error("[chat] claude stderr:", chunk.toString());
       }
@@ -12153,7 +12665,7 @@ function streamClaudeResponse(prompt, stream) {
     proc.on("error", (err) => {
       clearTimeout(timeout);
       if (err.code === "ENOENT") {
-        reject(new Error("Claude CLI not found. Install with: npm install -g @anthropic-ai/claude-code"));
+        reject(classifyProviderFailure("ENOENT not found"));
       } else {
         reject(err);
       }
@@ -12170,7 +12682,7 @@ function streamClaudeResponse(prompt, stream) {
         }
       }
       if (code !== 0 && code !== null) {
-        reject(new Error(`Claude CLI exited with code ${code}`));
+        reject(classifyProviderFailure(stderrText || `Claude CLI exited with code ${code}`));
       } else {
         resolve8();
       }
@@ -12219,6 +12731,49 @@ healthRouter.get("/", async (c) => {
     await memoryService.shutdown();
   }
 });
+healthRouter.post("/recover", async (c) => {
+  const memoryService = getWritableServiceFromQuery(c);
+  try {
+    await memoryService.initialize();
+    const body = await c.req.json().catch(() => ({}));
+    const options = {};
+    if (typeof body.stuckThresholdMs === "number" && Number.isFinite(body.stuckThresholdMs)) {
+      options.stuckThresholdMs = body.stuckThresholdMs;
+    }
+    if (typeof body.maxRetries === "number" && Number.isFinite(body.maxRetries)) {
+      options.maxRetries = body.maxRetries;
+    }
+    const before = await memoryService.getOutboxStats();
+    const recovered = await memoryService.recoverStuckOutboxItems(options);
+    const [stats, outbox] = await Promise.all([
+      memoryService.getStats(),
+      memoryService.getOutboxStats()
+    ]);
+    return c.json({
+      status: "ok",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      recovered,
+      before: {
+        outbox: before
+      },
+      after: {
+        storage: {
+          totalEvents: stats.totalEvents,
+          vectorCount: stats.vectorCount
+        },
+        outbox
+      }
+    });
+  } catch (error) {
+    return c.json({
+      status: "error",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      error: error.message
+    }, 500);
+  } finally {
+    await memoryService.shutdown();
+  }
+});
 
 // src/apps/server/api/index.ts
 var apiRouter = new Hono10().route("/sessions", sessionsRouter).route("/events", eventsRouter).route("/search", searchRouter).route("/stats", statsRouter).route("/citations", citationsRouter).route("/turns", turnsRouter).route("/projects", projectsRouter).route("/chat", chatRouter).route("/health", healthRouter);
@@ -13402,6 +13957,54 @@ function resolveDashboardCommandOptions(options) {
   };
 }
 
+// src/apps/cli/repair-command.ts
+function resolveLegacyProjectScopeRepairOptions(options) {
+  if (options.project !== void 0 && options.project.trim().length === 0) {
+    throw new Error("legacy project-scope repair --project must not be empty");
+  }
+  if (options.projectHash !== void 0 && options.projectHash.trim().length === 0) {
+    throw new Error("legacy project-scope repair --project-hash must not be empty");
+  }
+  const projectPath = typeof options.project === "string" && options.project.length > 0 ? options.project : void 0;
+  const projectHash = typeof options.projectHash === "string" && options.projectHash.length > 0 ? options.projectHash : void 0;
+  if (!projectPath && !projectHash) {
+    throw new Error("legacy project-scope repair requires --project or --project-hash");
+  }
+  if (projectHash && !/^[a-f0-9]{8}$/.test(projectHash)) {
+    throw new Error("legacy project-scope repair --project-hash must be an 8-character lowercase hex hash");
+  }
+  if (projectPath && projectHash && hashProjectPath(projectPath) !== projectHash) {
+    throw new Error("legacy project-scope repair --project and --project-hash refer to different project stores");
+  }
+  return {
+    projectPath,
+    projectHash,
+    dryRun: options.apply !== true
+  };
+}
+function formatLegacyProjectScopeRepairResult(result) {
+  const lines = [
+    "Legacy project-scope repair",
+    `Mode: ${result.dryRun ? "dry-run" : "apply"}`,
+    `Project: ${result.projectHash}`,
+    `Scanned: ${result.scanned}`,
+    `Already scoped: ${result.alreadyScoped}`,
+    `Repaired: ${result.repaired}`,
+    `Quarantined: ${result.quarantined}`,
+    `Skipped: ${result.skipped}`
+  ];
+  if (result.samples.length > 0) {
+    lines.push("Samples:");
+    for (const sample of result.samples) {
+      lines.push(`- ${sample.eventId} ${sample.action} ${sample.reason}`);
+    }
+  }
+  if (result.dryRun) {
+    lines.push("Dry-run only. Re-run with --apply to mutate event metadata.");
+  }
+  return lines.join("\n");
+}
+
 // src/core/external-market-context.ts
 var MAX_RENDERED_ITEMS = 8;
 var MAX_FRED_SERIES = 10;
@@ -14012,7 +14615,7 @@ async function runMarketContextCommand(options) {
   }
 }
 var program = new Command();
-program.name("claude-memory-layer").description("Claude Code Memory Plugin CLI").version("1.0.36");
+program.name("claude-memory-layer").description("Claude Code Memory Plugin CLI").version("1.0.38");
 program.command("market-context").description("Fetch read-only DART/FRED/Finnhub context with structured MarketContextSnapshot bull/bear/risk/catalyst analysis").option("--company <name>", "Company name for DART fallback search and report subject").option("--dart-corp-code <code>", "Exact DART corp_code for issuer-specific filings").option("--symbol <ticker>", "Listed ticker for Finnhub company profile").option("--providers <list>", "Comma-separated providers: dart,fred,finnhub").option("--fred-series <list>", "Comma-separated FRED series IDs").option("--json", "Print structured JSON including analysis.marketSnapshot").option("--no-snapshot", "Disable MarketContextSnapshot and DART company snapshot analysis").action(async (options) => {
   try {
     await runMarketContextCommand(options);
@@ -14247,11 +14850,18 @@ program.command("forget [eventId]").description("Remove memories from storage").
     process.exit(1);
   }
 });
-program.command("process").description("Process pending embeddings").option("-p, --project <path>", "Project path (defaults to cwd)").action(async (options) => {
+program.command("process").description("Process pending embeddings").option("-p, --project <path>", "Project path (defaults to cwd)").option("--no-recover-stuck", "Skip stale processing outbox recovery before processing").action(async (options) => {
   const projectPath = options.project || process.cwd();
   const service = getMemoryServiceForProject(projectPath);
   try {
     await service.initialize();
+    if (options.recoverStuck !== false) {
+      const recovered = await service.recoverStuckOutboxItems();
+      const recoveredCount = recovered.embedding.recoveredProcessing + recovered.embedding.retriedFailed + recovered.vector.recoveredProcessing + recovered.vector.retriedFailed;
+      if (recoveredCount > 0) {
+        console.log(`\u267B\uFE0F  Recovered stuck outbox work: embedding=${recovered.embedding.recoveredProcessing}/${recovered.embedding.retriedFailed}, vector=${recovered.vector.recoveredProcessing}/${recovered.vector.retriedFailed}`);
+      }
+    }
     console.log("\u23F3 Processing pending embeddings...");
     const count = await service.processPendingEmbeddings();
     console.log(`\u2705 Processed ${count} embeddings`);
@@ -14261,6 +14871,46 @@ program.command("process").description("Process pending embeddings").option("-p,
     process.exit(1);
   }
 });
+var repairCommand = program.command("repair").description("Repair or quarantine legacy memory metadata");
+repairCommand.command("legacy-project-scope").description("Dry-run or apply project-scope repair/quarantine for legacy imported events").option("-p, --project <path>", "Project path (defaults to cwd unless --project-hash is used)").option("--project-hash <hash>", "Project storage hash for hash-only repair flows").option("--apply", "Apply metadata changes (default is dry-run)").action(async (options) => {
+  try {
+    const projectPath = options.project !== void 0 ? options.project : !options.projectHash ? process.cwd() : void 0;
+    const repairOptions = resolveLegacyProjectScopeRepairOptions({
+      project: projectPath,
+      projectHash: options.projectHash,
+      apply: options.apply
+    });
+    const storagePath = projectPath ? getProjectStoragePath(projectPath) : resolveProjectStoragePath(repairOptions.projectHash);
+    const dbPath = path21.join(storagePath, "events.sqlite");
+    if (repairOptions.dryRun && !fs18.existsSync(dbPath)) {
+      const projectHash = repairOptions.projectHash || hashProjectPath(repairOptions.projectPath);
+      console.log(formatLegacyProjectScopeRepairResult({
+        dryRun: true,
+        projectHash,
+        scanned: 0,
+        repaired: 0,
+        quarantined: 0,
+        alreadyScoped: 0,
+        skipped: 0,
+        samples: []
+      }));
+      return;
+    }
+    const store = new SQLiteEventStore(dbPath, {
+      readonly: repairOptions.dryRun
+    });
+    try {
+      const result = await store.repairLegacyProjectScope(repairOptions);
+      console.log(formatLegacyProjectScopeRepairResult(result));
+    } finally {
+      await store.close().catch(() => void 0);
+    }
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    console.error(`Repair failed: ${message}`);
+    process.exit(1);
+  }
+});
 program.command("mongo-sync").description("Sync events with MongoDB for multi-server collaboration (optional)").option("-p, --project <path>", "Project path (defaults to cwd)").option("--mongo-uri <uri>", "MongoDB connection URI (env: CLAUDE_MEMORY_MONGO_URI)").option("--mongo-db <name>", "MongoDB database name (env: CLAUDE_MEMORY_MONGO_DB)").option("--mongo-project <key>", "Remote project key (env: CLAUDE_MEMORY_MONGO_PROJECT, default: basename(projectPath))").option("--direction <dir>", "push|pull|both", "both").option("--batch-size <n>", "Batch size", "500").option("--interval <ms>", "Watch interval ms", "30000").option("--watch", "Run continuously").action(async (options) => {
   const projectPath = options.project || process.cwd();
   const mongoUri = options.mongoUri || process.env.CLAUDE_MEMORY_MONGO_URI;