clementine-agent 1.0.17 → 1.0.19

package/dist/cli/dashboard.js

@@ -2085,6 +2085,54 @@ export async function cmdDashboard(opts) {
             res.status(500).json({ error: String(err) });
         }
     });
+    /**
+     * Apply the cached diagnosis's autoApply operations to the right CRON.md.
+     * Strict safety: requires a fresh diagnosis, requires autoApply present,
+     * requires riskLevel == 'low'. Otherwise returns 409 with a reason.
+     */
+    app.post('/api/cron/broken-jobs/:jobName/apply-fix', async (req, res) => {
+        const jobName = req.params.jobName;
+        try {
+            const { getDiagnosisIfFresh, clearDiagnosis } = await import('../gateway/failure-diagnostics.js');
+            const { applyFix } = await import('../gateway/fix-applier.js');
+            const d = getDiagnosisIfFresh(jobName);
+            if (!d) {
+                res.status(404).json({ error: 'No fresh diagnosis for this job. Wait for the next sweep.' });
+                return;
+            }
+            if (!d.proposedFix.autoApply) {
+                res.status(409).json({ error: 'Diagnosis has no auto-applicable operations — review manually.' });
+                return;
+            }
+            if (d.riskLevel !== 'low') {
+                res.status(409).json({ error: `riskLevel is '${d.riskLevel}' — only 'low' is auto-apply-able.` });
+                return;
+            }
+            const dryRun = req.body?.dryRun === true;
+            const result = applyFix(jobName, d.proposedFix.autoApply, { dryRun });
+            if (result.ok && !dryRun) {
+                // Clear the cached diagnosis so the next sweep re-evaluates with the
+                // new config. The existing CRON.md watcher will reload cron jobs
+                // within a couple of seconds.
+                clearDiagnosis(jobName);
+            }
+            res.status(result.ok ? 200 : 400).json(result);
+        }
+        catch (err) {
+            res.status(500).json({ error: String(err) });
+        }
+    });
+    /** Dismiss a diagnosis without applying — clears the cached result. */
+    app.post('/api/cron/broken-jobs/:jobName/dismiss-diagnosis', async (req, res) => {
+        try {
+            const { clearDiagnosis } = await import('../gateway/failure-diagnostics.js');
+            clearDiagnosis(req.params.jobName);
+            res.json({ ok: true });
+        }
+        catch (err) {
+            res.status(500).json({ error: String(err) });
+        }
+    });
     // ── Cron trace viewer ──────────────────────────────────────────
     app.get('/api/cron/traces/:job', (req, res) => {
         try {
@@ -16162,6 +16210,49 @@ async function expandSkill(name) {
   } catch(e) { toast('Failed to load skill', 'error'); }
 }
 
+async function applyBrokenJobFix(jobName) {
+  try {
+    // First: dry-run to get the actual diff to show in the confirm dialog
+    var dryRes = await apiJson('POST', '/api/cron/broken-jobs/' + encodeURIComponent(jobName) + '/apply-fix', { dryRun: true });
+    if (!dryRes || !dryRes.ok) {
+      toast('Cannot apply: ' + ((dryRes && (dryRes.message || dryRes.error)) || 'unknown error'), 'error');
+      return;
+    }
+    var diffPreview = (dryRes.diff || '(no diff)').slice(0, 1200);
+    var msg = 'Apply this fix to ' + jobName + '?\n\n'
+      + 'File: ' + (dryRes.file || 'unknown') + '\n'
+      + 'Operations: ' + (dryRes.appliedOps || []).length + '\n\n'
+      + diffPreview
+      + '\n\nA .bak will be written. The daemon auto-reloads; the next run will be fix-verified.';
+    if (!confirm(msg)) return;
+
+    var res = await apiJson('POST', '/api/cron/broken-jobs/' + encodeURIComponent(jobName) + '/apply-fix', {});
+    if (res && res.ok) {
+      toast('Applied ' + (res.appliedOps || []).length + ' op(s) to ' + jobName, 'success');
+      refreshBrokenJobs();
+    } else {
+      toast('Apply failed: ' + ((res && (res.message || res.error)) || 'unknown'), 'error');
+    }
+  } catch (e) {
+    toast('Apply failed: ' + String(e), 'error');
+  }
+}
+
+async function dismissBrokenJobDiagnosis(jobName) {
+  if (!confirm('Clear the cached diagnosis for ' + jobName + '? It will be re-diagnosed on the next sweep if still failing.')) return;
+  try {
+    var res = await apiJson('POST', '/api/cron/broken-jobs/' + encodeURIComponent(jobName) + '/dismiss-diagnosis', {});
+    if (res && res.ok) {
+      toast('Diagnosis dismissed', 'info');
+      refreshBrokenJobs();
+    } else {
+      toast('Failed to dismiss: ' + ((res && res.error) || 'unknown'), 'error');
+    }
+  } catch (e) {
+    toast('Failed to dismiss: ' + String(e), 'error');
+  }
+}
+
 async function refreshBrokenJobs() {
   try {
     var r = await apiFetch('/api/cron/broken-jobs');
@@ -16201,11 +16292,62 @@ async function refreshBrokenJobs() {
       var agentTag = j.agentSlug
         ? '<span class="badge badge-blue" style="font-size:10px">' + esc(j.agentSlug) + '</span>'
         : '';
+
+      // Diagnosis block — root cause + proposed fix + diff preview +
+      // Apply/Dismiss buttons when autoApply is present and risk is low.
+      var diagnosisHtml = '';
+      if (j.diagnosis) {
+        var riskColor = j.diagnosis.riskLevel === 'high' ? '#ef4444'
+          : j.diagnosis.riskLevel === 'medium' ? '#f59e0b' : '#22c55e';
+        var confLabel = j.diagnosis.confidence !== 'high'
+          ? ' <span style="font-size:10px;color:var(--text-muted)">(' + esc(j.diagnosis.confidence) + ' confidence)</span>'
+          : '';
+        var diffHtml = '';
+        if (j.diagnosis.proposedFix.diff) {
+          diffHtml = '<pre style="font-size:11px;background:#0f172a;color:#e2e8f0;padding:8px;border-radius:4px;margin:6px 0 0;white-space:pre-wrap;word-break:break-word;max-height:200px;overflow-y:auto">'
+            + esc(j.diagnosis.proposedFix.diff) + '</pre>';
+        }
+
+        var canAutoApply = !!j.diagnosis.proposedFix.autoApply
+          && j.diagnosis.riskLevel === 'low';
+        var actionsHtml = '';
+        if (canAutoApply) {
+          var opCount = (j.diagnosis.proposedFix.autoApply.operations || []).length;
+          actionsHtml = '<div style="margin-top:10px;display:flex;gap:8px;align-items:center">'
+            + '<button onclick="applyBrokenJobFix(\\x27' + esc(j.jobName) + '\\x27)" '
+            + 'style="background:var(--accent);border:1px solid var(--accent);color:white;padding:4px 12px;border-radius:4px;font-size:11px;cursor:pointer">'
+            + 'Apply fix (' + opCount + ' op' + (opCount === 1 ? '' : 's') + ')</button>'
+            + '<button onclick="dismissBrokenJobDiagnosis(\\x27' + esc(j.jobName) + '\\x27)" '
+            + 'style="background:none;border:1px solid var(--border);color:var(--text-secondary);padding:4px 12px;border-radius:4px;font-size:11px;cursor:pointer">'
+            + 'Dismiss</button>'
+            + '<span style="font-size:10px;color:var(--text-muted);margin-left:auto">auto-verified after next run</span>'
+            + '</div>';
+        } else if (j.diagnosis.proposedFix.autoApply && j.diagnosis.riskLevel !== 'low') {
+          actionsHtml = '<div style="margin-top:10px;font-size:11px;color:var(--text-muted);font-style:italic">'
+            + 'Not auto-applicable (risk: ' + esc(j.diagnosis.riskLevel) + ') — review manually'
+            + '</div>';
+        }
+
+        diagnosisHtml = '<div style="margin-top:10px;padding:10px;border-left:3px solid ' + riskColor
+          + ';background:var(--bg-tertiary);border-radius:4px">'
+          + '<div style="font-size:12px;margin-bottom:4px"><strong>Root cause' + confLabel + ':</strong> '
+          + esc(j.diagnosis.rootCause) + '</div>'
+          + '<div style="font-size:12px"><strong>Proposed fix:</strong> '
+          + esc(j.diagnosis.proposedFix.details) + '</div>'
+          + diffHtml
+          + actionsHtml
+          + '<div style="font-size:10px;color:var(--text-muted);margin-top:6px">'
+          + esc(j.diagnosis.proposedFix.type) + ' \\u00b7 ' + esc(j.diagnosis.riskLevel) + ' risk \\u00b7 diagnosed ' + timeAgo(j.diagnosis.generatedAt)
+          + '</div>'
+          + '</div>';
+      }
+
       html += '<div style="padding:12px;border:1px solid var(--border);border-radius:8px;background:var(--bg-secondary)">'
         + '<div style="display:flex;align-items:center;gap:8px;flex-wrap:wrap">'
         + '<strong>' + esc(j.jobName) + '</strong> ' + agentTag + ' ' + breaker
         + '<span style="margin-left:auto;font-size:11px;color:var(--text-muted)">' + failureRatio + ' failed \\u00b7 last error ' + lastErrorAt + '</span>'
         + '</div>'
+        + diagnosisHtml
         + errorsHtml
         + advisorLine
         + '</div>';

package/dist/gateway/failure-diagnostics.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Clementine TypeScript — Broken-job diagnostic agent.
+ *
+ * When the failure monitor flags a job, this runs a cheap Haiku-level
+ * analysis over the job definition, agent profile, and recent runs to
+ * propose a root cause and a specific fix. Read-only: it never writes
+ * anything except its own cache.
+ *
+ * Output surfaces in the Broken Jobs dashboard panel and the owner DM
+ * so the response to a silent failure is "here's what's wrong and
+ * here's what to change" rather than "go investigate."
+ */
+import type { Gateway } from './router.js';
+import type { BrokenJob } from './failure-monitor.js';
+/**
+ * Fields safe for one-click auto-apply. Limited to simple scalar YAML
+ * fields on cron jobs — nothing multi-line (prompt, pre_check, context,
+ * success_criteria), nothing structural (schedule edits would re-schedule
+ * a running job, handled manually).
+ */
+export declare const EDITABLE_FIELDS: Set<string>;
+export type FixOperation = {
+    op: 'set';
+    field: string;
+    value: string | number | boolean;
+} | {
+    op: 'remove';
+    field: string;
+};
+export interface Diagnosis {
+    rootCause: string;
+    confidence: 'high' | 'medium' | 'low';
+    proposedFix: {
+        type: 'config_change' | 'prompt_change' | 'agent_scope' | 'disable' | 'credential_refresh' | 'escalate_to_owner';
+        details: string;
+        diff?: string;
+        /**
+         * When present, the fix can be applied with one click via the
+         * /api/cron/broken-jobs/:jobName/apply-fix endpoint. Operations are
+         * silently filtered against EDITABLE_FIELDS — a proposal that mixes
+         * safe and unsafe edits gets the unsafe ones dropped.
+         */
+        autoApply?: {
+            agentSlug?: string;
+            operations: FixOperation[];
+        };
+    };
+    riskLevel: 'low' | 'medium' | 'high';
+    generatedAt: string;
+}
+/**
+ * Diagnose one broken job. Returns a cached diagnosis if one exists and is
+ * fresher than 24h; otherwise invokes the LLM. Always best-effort — returns
+ * null instead of throwing so failure detection stays robust.
+ */
+export declare function diagnoseBrokenJob(broken: BrokenJob, gateway: Gateway): Promise<Diagnosis | null>;
+/**
+ * Clear cached diagnosis for a job (e.g., after the owner applies a fix).
+ * Called opportunistically when a broken job disappears from the live set.
+ */
+export declare function clearDiagnosis(jobName: string): void;
+/** Read-only accessor for the dashboard. */
+export declare function getDiagnosisIfFresh(jobName: string): Diagnosis | null;
+//# sourceMappingURL=failure-diagnostics.d.ts.map

package/dist/gateway/failure-diagnostics.js

@@ -0,0 +1,332 @@
+/**
+ * Clementine TypeScript — Broken-job diagnostic agent.
+ *
+ * When the failure monitor flags a job, this runs a cheap Haiku-level
+ * analysis over the job definition, agent profile, and recent runs to
+ * propose a root cause and a specific fix. Read-only: it never writes
+ * anything except its own cache.
+ *
+ * Output surfaces in the Broken Jobs dashboard panel and the owner DM
+ * so the response to a silent failure is "here's what's wrong and
+ * here's what to change" rather than "go investigate."
+ */
+import { existsSync, mkdirSync, readFileSync, writeFileSync, } from 'node:fs';
+import path from 'node:path';
+import pino from 'pino';
+import { AGENTS_DIR, BASE_DIR, CRON_FILE } from '../config.js';
+const logger = pino({ name: 'clementine.failure-diagnostics' });
+const CACHE_FILE = path.join(BASE_DIR, 'cron', 'failure-diagnostics.json');
+const CACHE_TTL_MS = 24 * 60 * 60 * 1000;
+const RUNS_DIR = path.join(BASE_DIR, 'cron', 'runs');
+/**
+ * Fields safe for one-click auto-apply. Limited to simple scalar YAML
+ * fields on cron jobs — nothing multi-line (prompt, pre_check, context,
+ * success_criteria), nothing structural (schedule edits would re-schedule
+ * a running job, handled manually).
+ */
+export const EDITABLE_FIELDS = new Set([
+    'tier',
+    'mode',
+    'max_hours',
+    'max_turns',
+    'max_retries',
+    'enabled',
+    'agentSlug',
+    'work_dir',
+    'model',
+    'always_deliver',
+    'after',
+    'timeout_ms',
+]);
+function loadCache() {
+    try {
+        if (!existsSync(CACHE_FILE))
+            return {};
+        const raw = JSON.parse(readFileSync(CACHE_FILE, 'utf-8'));
+        return raw;
+    }
+    catch {
+        return {};
+    }
+}
+function saveCache(cache) {
+    try {
+        mkdirSync(path.dirname(CACHE_FILE), { recursive: true });
+        writeFileSync(CACHE_FILE, JSON.stringify(cache, null, 2));
+    }
+    catch (err) {
+        logger.warn({ err }, 'Failed to persist diagnostic cache');
+    }
+}
+/**
+ * Pull the raw YAML entry for a cron job from CRON.md (global or agent-scoped).
+ * Returns the text of the entry, not the parsed object, so the diagnostic
+ * agent sees the exact fields the user edits.
+ */
+function readJobDefinition(jobName) {
+    const [maybeSlug, ...rest] = jobName.split(':');
+    const bareName = rest.length > 0 ? rest.join(':') : maybeSlug;
+    const candidateFiles = [];
+    if (rest.length > 0) {
+        // agent-scoped: ross-the-sdr:reply-detection
+        candidateFiles.push(path.join(AGENTS_DIR, maybeSlug, 'CRON.md'));
+    }
+    candidateFiles.push(CRON_FILE);
+    for (const file of candidateFiles) {
+        if (!existsSync(file))
+            continue;
+        try {
+            const raw = readFileSync(file, 'utf-8');
+            // Find the YAML block for "- name: bareName" and return until the next
+            // "- name:" at the same indent or end of file.
+            const pattern = new RegExp(`^(  - name: ${bareName.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}\\s*$[\\s\\S]*?)(?=^  - name: |\\z)`, 'm');
+            const m = raw.match(pattern);
+            if (m)
+                return m[1].slice(0, 6000);
+        }
+        catch { /* skip */ }
+    }
+    return null;
+}
+/**
+ * Read the agent profile markdown if this job is scoped to an agent.
+ * Returns the first 2K chars which covers name/description/tier/allowedTools.
+ */
+function readAgentProfile(agentSlug) {
+    const profile = path.join(AGENTS_DIR, agentSlug, 'agent.md');
+    if (!existsSync(profile))
+        return null;
+    try {
+        return readFileSync(profile, 'utf-8').slice(0, 2500);
+    }
+    catch {
+        return null;
+    }
+}
+/** Last N cron run entries for the job, oldest → newest for the prompt. */
+function readRecentRuns(jobName, limit = 10) {
+    const safe = jobName.replace(/[^a-zA-Z0-9_-]/g, '_');
+    const file = path.join(RUNS_DIR, `${safe}.jsonl`);
+    if (!existsSync(file))
+        return '(no run log)';
+    try {
+        const lines = readFileSync(file, 'utf-8').trim().split('\n').filter(Boolean);
+        const recent = lines.slice(-limit);
+        const summaries = recent.map(line => {
+            try {
+                const d = JSON.parse(line);
+                const detail = d.status === 'ok'
+                    ? `preview="${(d.outputPreview ?? '').slice(0, 120).replace(/\n/g, ' ')}"`
+                    : `error="${(d.error ?? '').split('\n')[0].slice(0, 160)}"`;
+                return `${d.startedAt} ${d.status} (${Math.round(d.durationMs / 1000)}s) ${detail}`;
+            }
+            catch {
+                return line.slice(0, 160);
+            }
+        });
+        return summaries.join('\n');
+    }
+    catch {
+        return '(failed to read run log)';
+    }
+}
+function buildPrompt(broken, jobDef, agentProfile, recentRuns) {
+    const breakerLine = broken.circuitBreakerEngagedAt
+        ? `Circuit breaker engaged at ${broken.circuitBreakerEngagedAt}.`
+        : 'No active circuit breaker.';
+    return [
+        `You are a reliability engineer diagnosing a cron job that's been failing in Clementine (a personal AI assistant framework).`,
+        `Your output must be a single JSON object with the schema shown at the end. No preamble, no postscript.`,
+        '',
+        `## Job name: ${broken.jobName}`,
+        broken.agentSlug ? `## Agent scope: ${broken.agentSlug}` : '## Scope: global (no agent)',
+        `## Failure stats: ${broken.errorCount48h}/${broken.totalRuns48h} runs failed in last 48h. ${breakerLine}`,
+        broken.lastAdvisorOpinion ? `## Advisor notes: ${broken.lastAdvisorOpinion}` : '',
+        '',
+        '## Job definition (CURRENT state of CRON.md):',
+        jobDef ?? '(not found in CRON.md — may be a heartbeat pseudo-job like insight-check)',
+        '',
+        agentProfile ? '## Agent profile (agent.md, truncated):\n' + agentProfile + '\n' : '',
+        '## Recent runs (oldest → newest):',
+        recentRuns,
+        '',
+        broken.lastErrors.length > 0 ? '## Distinct recent errors:\n' + broken.lastErrors.map(e => '- ' + e.slice(0, 400)).join('\n') : '',
+        '',
+        '## Critical reasoning rules',
+        '',
+        '**The CURRENT job definition above may differ from the config at the time of past failures.** If you see old errors (e.g. "timeout kill") but the current config ALREADY contains the fields that would have caused those errors, treat those errors as resolved by a recent fix — do NOT propose re-adding the fields that caused them.',
+        '',
+        '**Look at the MOST RECENT runs specifically.** If the last 2+ runs succeeded, the job has recovered — propose `escalate_to_owner` with "appears recovered, no fix needed" as details, confidence: high, risk: low.',
+        '',
+        '**Don\'t propose reverting a fix.** If the current config does NOT contain `mode: unleashed` but recent runs show "Claude Code process aborted by user", do NOT propose adding `mode: unleashed` back. That error pattern occurs in BOTH unleashed (hit max_hours) and standard (hit timeoutMs) modes. Without strong evidence the current config is wrong, prefer raising `timeoutMs` or adding `max_turns` over toggling `mode`.',
+        '',
+        '## Diagnostic patterns (use these as priors)',
+        '',
+        '- **"API 400 input_schema"** → external MCP server exposes a malformed tool. Propose checking claude_desktop_config.json and ~/.claude.json for recently-updated packages. Type: escalate_to_owner.',
+        '- **401/403 errors** → credential refresh needed. Type: credential_refresh. Name the specific service if possible.',
+        '- **"Claude Code process aborted by user" with long durations (>60s)** → timeout kill. If current config has `mode: unleashed`, propose removing it + adding `max_turns: 25`. If current config is already standard, propose raising `timeoutMs` or investigating the prompt for infinite loops.',
+        '- **"Reached maximum number of turns (N)"** → maxTurns set too low for the job\'s tool fan-out. Propose raising `max_turns` to 3×N.',
+        '- **Output preview contains BLOCKED / "no local bash" / "permission denied"** → agent picked the wrong tool. Propose either scoping the job to an agent whose allowedTools excludes the bad MCP, or adding explicit tool-choice guidance in the prompt.',
+        '- **No clear pattern** → escalate_to_owner with what you would need to know.',
+        '',
+        '## Auto-apply contract',
+        '',
+        'When (and ONLY when) the fix is a simple edit to one of these scalar fields — tier, mode, max_hours, max_turns, max_retries, enabled, agentSlug, work_dir, model, always_deliver, after, timeout_ms — also populate `proposedFix.autoApply`. The owner can one-click approve it from the dashboard.',
+        '',
+        'For multi-line fields (prompt, pre_check, context, success_criteria), or for credential refreshes, or any change you are not very confident about: OMIT autoApply entirely. The owner will handle those manually.',
+        '',
+        `If the job is agent-scoped (job name includes ":"), set autoApply.agentSlug to the part BEFORE the colon. Otherwise omit it (global CRON.md).`,
+        '',
+        'Operations use the shape { "op": "set", "field": "<name>", "value": <scalar> } or { "op": "remove", "field": "<name>" }. Values are strings, numbers, or booleans.',
+        '',
+        'Examples:',
+        '- Remove unleashed mode + its companion: operations: [{"op":"remove","field":"mode"}, {"op":"remove","field":"max_hours"}, {"op":"set","field":"max_turns","value":25}]',
+        '- Scope a broken global job to Ross\'s profile: operations: [{"op":"set","field":"agentSlug","value":"ross-the-sdr"}]',
+        '- Bump maxTurns on an under-resourced job: operations: [{"op":"set","field":"max_turns","value":10}]',
+        '',
+        '## Output schema (JSON only, no markdown fences):',
+        '{',
+        '  "rootCause": "1-2 sentences explaining WHY the job is failing, referencing specific fields or error patterns from the CURRENT config",',
+        '  "confidence": "high|medium|low",',
+        '  "proposedFix": {',
+        '    "type": "config_change|prompt_change|agent_scope|disable|credential_refresh|escalate_to_owner",',
+        '    "details": "prose description of the fix, citing the exact field(s) to change",',
+        '    "diff": "optional: exact before/after diff",',
+        '    "autoApply": "optional: { agentSlug?, operations: [...] } — ONLY for simple scalar-field edits on the allowlist"',
+        '  },',
+        '  "riskLevel": "low|medium|high"',
+        '}',
+    ].filter(Boolean).join('\n');
+}
+function parseResponse(raw) {
+    try {
+        // The model sometimes wraps the JSON in markdown fences; extract the
+        // first top-level {...} object.
+        const match = raw.match(/\{[\s\S]*\}/);
+        if (!match)
+            return null;
+        const parsed = JSON.parse(match[0]);
+        if (!parsed.rootCause || !parsed.proposedFix)
+            return null;
+        const autoApply = sanitizeAutoApply(parsed.proposedFix.autoApply);
+        return {
+            rootCause: String(parsed.rootCause).slice(0, 500),
+            confidence: (parsed.confidence ?? 'medium'),
+            proposedFix: {
+                type: (parsed.proposedFix.type ?? 'escalate_to_owner'),
+                details: String(parsed.proposedFix.details ?? '').slice(0, 800),
+                diff: parsed.proposedFix.diff ? String(parsed.proposedFix.diff).slice(0, 1000) : undefined,
+                ...(autoApply ? { autoApply } : {}),
+            },
+            riskLevel: (parsed.riskLevel ?? 'medium'),
+            generatedAt: new Date().toISOString(),
+        };
+    }
+    catch (err) {
+        logger.warn({ err }, 'Failed to parse diagnostic JSON');
+        return null;
+    }
+}
+/**
+ * Strictly validate and filter autoApply. Drops ops on non-allowlisted fields
+ * silently (rather than rejecting the whole diagnosis). Returns null if
+ * nothing valid remains.
+ */
+function sanitizeAutoApply(raw) {
+    if (!raw || typeof raw !== 'object')
+        return null;
+    const obj = raw;
+    if (!Array.isArray(obj.operations))
+        return null;
+    const operations = [];
+    for (const op of obj.operations) {
+        if (!op || typeof op !== 'object')
+            continue;
+        const raw = op;
+        if (typeof raw.field !== 'string')
+            continue;
+        if (!EDITABLE_FIELDS.has(raw.field))
+            continue;
+        if (raw.op === 'remove') {
+            operations.push({ op: 'remove', field: raw.field });
+        }
+        else if (raw.op === 'set') {
+            const v = raw.value;
+            if (typeof v === 'string' || typeof v === 'number' || typeof v === 'boolean') {
+                operations.push({ op: 'set', field: raw.field, value: v });
+            }
+        }
+    }
+    if (operations.length === 0)
+        return null;
+    const agentSlug = typeof obj.agentSlug === 'string' && /^[a-z0-9-]+$/i.test(obj.agentSlug)
+        ? obj.agentSlug
+        : undefined;
+    return agentSlug ? { agentSlug, operations } : { operations };
+}
+/**
+ * Diagnose one broken job. Returns a cached diagnosis if one exists and is
+ * fresher than 24h; otherwise invokes the LLM. Always best-effort — returns
+ * null instead of throwing so failure detection stays robust.
+ */
+export async function diagnoseBrokenJob(broken, gateway) {
+    const cache = loadCache();
+    const cached = cache[broken.jobName];
+    if (cached) {
+        const age = Date.now() - Date.parse(cached.generatedAt);
+        if (Number.isFinite(age) && age < CACHE_TTL_MS) {
+            logger.debug({ job: broken.jobName, ageMin: Math.round(age / 60000) }, 'Using cached diagnosis');
+            return cached;
+        }
+    }
+    const jobDef = readJobDefinition(broken.jobName);
+    const agentProfile = broken.agentSlug ? readAgentProfile(broken.agentSlug) : null;
+    const recentRuns = readRecentRuns(broken.jobName, 10);
+    const prompt = buildPrompt(broken, jobDef, agentProfile, recentRuns);
+    let rawResponse;
+    try {
+        rawResponse = await gateway.handleCronJob(`diagnose:${broken.jobName}`, prompt, 1, // tier 1 — cheap
+        5, // maxTurns — diagnosis doesn't need tools typically
+        'haiku');
+    }
+    catch (err) {
+        logger.warn({ err, job: broken.jobName }, 'Diagnostic LLM call failed');
+        return null;
+    }
+    const diagnosis = parseResponse(rawResponse);
+    if (!diagnosis) {
+        logger.warn({ job: broken.jobName, rawHead: rawResponse.slice(0, 200) }, 'Diagnosis returned unparseable response');
+        return null;
+    }
+    cache[broken.jobName] = diagnosis;
+    saveCache(cache);
+    logger.info({
+        job: broken.jobName,
+        confidence: diagnosis.confidence,
+        fixType: diagnosis.proposedFix.type,
+    }, 'Broken-job diagnosis generated');
+    return diagnosis;
+}
+/**
+ * Clear cached diagnosis for a job (e.g., after the owner applies a fix).
+ * Called opportunistically when a broken job disappears from the live set.
+ */
+export function clearDiagnosis(jobName) {
+    const cache = loadCache();
+    if (cache[jobName]) {
+        delete cache[jobName];
+        saveCache(cache);
+    }
+}
+/** Read-only accessor for the dashboard. */
+export function getDiagnosisIfFresh(jobName) {
+    const cache = loadCache();
+    const d = cache[jobName];
+    if (!d)
+        return null;
+    const age = Date.now() - Date.parse(d.generatedAt);
+    if (!Number.isFinite(age) || age >= CACHE_TTL_MS)
+        return null;
+    return d;
+}
+//# sourceMappingURL=failure-diagnostics.js.map

package/dist/gateway/failure-monitor.d.ts

@@ -24,6 +24,29 @@ export interface BrokenJob {
     lastErrors: string[];
     circuitBreakerEngagedAt: string | null;
     lastAdvisorOpinion: string | null;
+    /** Populated asynchronously by the diagnostic agent when available. */
+    diagnosis?: {
+        rootCause: string;
+        confidence: 'high' | 'medium' | 'low';
+        proposedFix: {
+            type: string;
+            details: string;
+            diff?: string;
+            autoApply?: {
+                agentSlug?: string;
+                operations: Array<{
+                    op: 'set';
+                    field: string;
+                    value: string | number | boolean;
+                } | {
+                    op: 'remove';
+                    field: string;
+                }>;
+            };
+        };
+        riskLevel: 'low' | 'medium' | 'high';
+        generatedAt: string;
+    };
 }
 /**
  * Compute the current set of broken jobs by scanning all run logs.
@@ -32,9 +55,14 @@ export interface BrokenJob {
 export declare function computeBrokenJobs(now?: number): BrokenJob[];
 /**
  * Run a sweep: identify currently-broken jobs, pick the ones we haven't
- * notified about recently, and dispatch one consolidated DM.
+ * notified about recently, invoke the diagnostic agent for new entries,
+ * and dispatch one consolidated DM.
+ *
+ * `gateway` is optional — omitted for tests that want to skip the LLM call.
+ * When present, we diagnose fresh broken jobs before notifying, so the
+ * report includes a root-cause + proposed fix for each.
  *
  * Returns the jobs that triggered a fresh notification (mostly for tests/logs).
  */
-export declare function runFailureSweep(send: (text: string) => Promise<unknown>, now?: number): Promise<BrokenJob[]>;
+export declare function runFailureSweep(send: (text: string) => Promise<unknown>, gateway?: import('./router.js').Gateway, now?: number): Promise<BrokenJob[]>;
 //# sourceMappingURL=failure-monitor.d.ts.map

package/dist/gateway/failure-monitor.js

@@ -257,8 +257,30 @@ export function computeBrokenJobs(now = Date.now()) {
         const bT = b.lastErrorAt ? Date.parse(b.lastErrorAt) : 0;
         return bT - aT;
     });
+    // Attach any cached diagnosis (fresh within 24h). Reads the cache file
+    // directly — avoids circular imports with failure-diagnostics.
+    attachCachedDiagnoses(broken, now);
     return broken;
 }
+const DIAGNOSTICS_CACHE_FILE = path.join(BASE_DIR, 'cron', 'failure-diagnostics.json');
+const DIAGNOSIS_TTL_MS = 24 * 60 * 60 * 1000;
+function attachCachedDiagnoses(jobs, now) {
+    if (!existsSync(DIAGNOSTICS_CACHE_FILE))
+        return;
+    try {
+        const cache = JSON.parse(readFileSync(DIAGNOSTICS_CACHE_FILE, 'utf-8'));
+        for (const j of jobs) {
+            const d = cache[j.jobName];
+            if (!d)
+                continue;
+            const age = now - Date.parse(d.generatedAt);
+            if (Number.isFinite(age) && age < DIAGNOSIS_TTL_MS) {
+                j.diagnosis = d;
+            }
+        }
+    }
+    catch { /* cache may be malformed — ignore */ }
+}
 /**
  * The self-improve loop writes to its own experiment-log.jsonl, not cron/runs/.
  * Its breakage pattern is: state.lastRunAt keeps getting updated nightly but
@@ -351,12 +373,28 @@ function formatReport(jobs) {
     for (const j of jobs) {
         const breaker = j.circuitBreakerEngagedAt ? ' · circuit breaker engaged' : '';
         lines.push(`• \`${j.jobName}\` — ${j.errorCount48h}/${j.totalRuns48h} runs failed${breaker}`);
-        if (j.lastErrors.length > 0) {
-            const preview = j.lastErrors[0].split('\n')[0].slice(0, 140);
-            lines.push(`  Last error: ${preview}`);
+        // Prefer the diagnostic agent's analysis when available — it's more
+        // actionable than the raw error. Fall back to error + advisor lines.
+        if (j.diagnosis) {
+            const conf = j.diagnosis.confidence === 'high' ? '' : ` (${j.diagnosis.confidence} confidence)`;
+            lines.push(`  **Cause${conf}:** ${j.diagnosis.rootCause.slice(0, 240)}`);
+            lines.push(`  **Proposed fix:** ${j.diagnosis.proposedFix.details.slice(0, 240)}`);
+            if (j.diagnosis.proposedFix.diff) {
+                // Show a short diff preview inline; full diff in the dashboard.
+                const diffShort = j.diagnosis.proposedFix.diff.split('\n').slice(0, 4).join('\n');
+                lines.push('  ```diff');
+                lines.push('  ' + diffShort.replace(/\n/g, '\n  '));
+                lines.push('  ```');
+            }
         }
-        if (j.lastAdvisorOpinion) {
-            lines.push(`  Advisor: ${j.lastAdvisorOpinion.slice(0, 140)}`);
+        else {
+            if (j.lastErrors.length > 0) {
+                const preview = j.lastErrors[0].split('\n')[0].slice(0, 140);
+                lines.push(`  Last error: ${preview}`);
+            }
+            if (j.lastAdvisorOpinion) {
+                lines.push(`  Advisor: ${j.lastAdvisorOpinion.slice(0, 140)}`);
+            }
         }
     }
     lines.push('');
@@ -365,24 +403,40 @@ function formatReport(jobs) {
 }
 /**
  * Run a sweep: identify currently-broken jobs, pick the ones we haven't
- * notified about recently, and dispatch one consolidated DM.
+ * notified about recently, invoke the diagnostic agent for new entries,
+ * and dispatch one consolidated DM.
+ *
+ * `gateway` is optional — omitted for tests that want to skip the LLM call.
+ * When present, we diagnose fresh broken jobs before notifying, so the
+ * report includes a root-cause + proposed fix for each.
  *
  * Returns the jobs that triggered a fresh notification (mostly for tests/logs).
  */
-export async function runFailureSweep(send, now = Date.now()) {
+export async function runFailureSweep(send, gateway, now = Date.now()) {
     const broken = computeBrokenJobs(now);
     if (broken.length === 0) {
-        // Clear cooldowns for jobs that recovered so future failures notify promptly.
+        // Clear cooldowns AND diagnostic cache entries for jobs that recovered.
         const state = loadState();
         let mutated = false;
+        const healedJobs = [];
         for (const name of Object.keys(state.notified)) {
             if (!broken.find(b => b.jobName === name)) {
                 delete state.notified[name];
+                healedJobs.push(name);
                 mutated = true;
             }
         }
         if (mutated)
             saveState(state);
+        // Opportunistically drop diagnosis cache for healed jobs
+        if (healedJobs.length > 0) {
+            try {
+                const { clearDiagnosis } = await import('./failure-diagnostics.js');
+                for (const name of healedJobs)
+                    clearDiagnosis(name);
+            }
+            catch { /* non-fatal */ }
+        }
         return [];
     }
     const state = loadState();
@@ -396,6 +450,29 @@ export async function runFailureSweep(send, now = Date.now()) {
     }
     if (fresh.length === 0)
         return [];
+    // Diagnose fresh broken jobs before DMing. Each call is cached 24h, so a
+    // recurring failure doesn't re-invoke the LLM. Diagnosis is best-effort —
+    // if it fails or the gateway isn't wired, the report still goes out.
+    if (gateway) {
+        try {
+            const { diagnoseBrokenJob } = await import('./failure-diagnostics.js');
+            for (const job of fresh) {
+                if (job.diagnosis)
+                    continue; // already attached from cache
+                try {
+                    const d = await diagnoseBrokenJob(job, gateway);
+                    if (d)
+                        job.diagnosis = d;
+                }
+                catch (err) {
+                    logger.warn({ err, job: job.jobName }, 'Diagnosis attempt failed');
+                }
+            }
+        }
+        catch (err) {
+            logger.warn({ err }, 'Failed to load diagnostics module');
+        }
+    }
     try {
         await send(formatReport(fresh));
         const stamp = new Date(now).toISOString();

package/dist/gateway/fix-applier.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Clementine TypeScript — Deterministic cron job fix applier.
+ *
+ * Applies the `autoApply` operations from a Diagnosis to a CRON.md file
+ * (global or agent-scoped). Strictly scoped to:
+ *   - Allowlisted scalar fields only (enforced by the diagnostics module
+ *     before they arrive here, and re-checked here for safety).
+ *   - A single job's YAML block, identified by `- name: <jobName>`.
+ *   - Line-level edits — never touches multi-line fields like `prompt`.
+ *
+ * Every apply writes a .bak next to the CRON.md and appends to an audit
+ * log before touching the file.
+ */
+import { type FixOperation } from './failure-diagnostics.js';
+export interface ApplyResult {
+    ok: boolean;
+    message: string;
+    file?: string;
+    appliedOps?: FixOperation[];
+    skippedOps?: FixOperation[];
+    diff?: string;
+}
+/**
+ * Apply a proposed fix to the right CRON.md file. Idempotent with respect
+ * to already-applied ops (remove on a missing field is a no-op, set on a
+ * matching value is a no-op).
+ */
+export declare function applyFix(jobName: string, autoApply: {
+    agentSlug?: string;
+    operations: FixOperation[];
+}, opts?: {
+    dryRun?: boolean;
+}): ApplyResult;
+//# sourceMappingURL=fix-applier.d.ts.map

package/dist/gateway/fix-applier.js

@@ -0,0 +1,308 @@
+/**
+ * Clementine TypeScript — Deterministic cron job fix applier.
+ *
+ * Applies the `autoApply` operations from a Diagnosis to a CRON.md file
+ * (global or agent-scoped). Strictly scoped to:
+ *   - Allowlisted scalar fields only (enforced by the diagnostics module
+ *     before they arrive here, and re-checked here for safety).
+ *   - A single job's YAML block, identified by `- name: <jobName>`.
+ *   - Line-level edits — never touches multi-line fields like `prompt`.
+ *
+ * Every apply writes a .bak next to the CRON.md and appends to an audit
+ * log before touching the file.
+ */
+import { appendFileSync, copyFileSync, existsSync, mkdirSync, readFileSync, writeFileSync, } from 'node:fs';
+import path from 'node:path';
+import pino from 'pino';
+import { AGENTS_DIR, BASE_DIR, CRON_FILE } from '../config.js';
+import { EDITABLE_FIELDS } from './failure-diagnostics.js';
+const logger = pino({ name: 'clementine.fix-applier' });
+const AUDIT_FILE = path.join(BASE_DIR, 'cron', 'fix-applier.log');
+/**
+ * Resolve which CRON.md to edit for this job. Agent-scoped jobs live in
+ * vault/00-System/agents/<slug>/CRON.md; everything else is the global
+ * vault/00-System/CRON.md. If autoApply.agentSlug is provided, trust it;
+ * otherwise infer from the job name.
+ */
+function resolveCronFile(jobName, autoApply) {
+    if (autoApply.agentSlug) {
+        const f = path.join(AGENTS_DIR, autoApply.agentSlug, 'CRON.md');
+        if (existsSync(f))
+            return f;
+        logger.warn({ agentSlug: autoApply.agentSlug, expected: f }, 'agent-scoped CRON.md not found');
+        return null;
+    }
+    // Infer from jobName prefix (e.g., "ross-the-sdr:reply-detection")
+    if (jobName.includes(':')) {
+        const slug = jobName.split(':')[0];
+        const f = path.join(AGENTS_DIR, slug, 'CRON.md');
+        if (existsSync(f))
+            return f;
+    }
+    return existsSync(CRON_FILE) ? CRON_FILE : null;
+}
+/**
+ * The bare job name without the agent prefix. Agent-scoped cron jobs are
+ * written in their own file without the prefix — it's added programmatically
+ * when the scheduler merges them into the global job list.
+ */
+function bareJobName(jobName) {
+    const idx = jobName.indexOf(':');
+    return idx === -1 ? jobName : jobName.slice(idx + 1);
+}
+/**
+ * Find the line-range of a job's YAML block in a CRON.md file.
+ * Blocks start with `  - name: <bareName>` and run until the next `  - name:`
+ * at the same indent, or end of the jobs array.
+ */
+function findJobBlock(lines, bareName) {
+    // Match: two-space indent, hyphen, space, "name:", name (allow trailing spaces)
+    const nameEsc = bareName.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    const startRe = new RegExp(`^  - name:\\s+${nameEsc}\\s*$`);
+    const anyStartRe = /^  - name:\s+/;
+    let start = -1;
+    for (let i = 0; i < lines.length; i++) {
+        if (startRe.test(lines[i])) {
+            start = i;
+            break;
+        }
+    }
+    if (start === -1)
+        return null;
+    let end = lines.length;
+    for (let i = start + 1; i < lines.length; i++) {
+        if (anyStartRe.test(lines[i])) {
+            end = i;
+            break;
+        }
+    }
+    return { start, end };
+}
+/**
+ * Search a job block for a top-level scalar field (4-space indent, single
+ * line `key: value`). Returns the line index, or -1 if not present.
+ * Skips lines inside multi-line blocks (|>|, >) by tracking when we enter
+ * and exit them.
+ */
+function findFieldLine(lines, blockStart, blockEnd, field) {
+    const fieldEsc = field.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    const fieldRe = new RegExp(`^    ${fieldEsc}:\\s*(.*)$`);
+    // Multi-line marker pattern: `    key: |` or `    key: >-` or `    key: >`
+    const multiLineStartRe = /^    \w[\w-]*:\s*[|>][-+]?\s*$/;
+    let inMultiLine = false;
+    for (let i = blockStart + 1; i < blockEnd; i++) {
+        const line = lines[i];
+        if (inMultiLine) {
+            // Multi-line content is indented MORE than 4 spaces. When we hit a line
+            // indented exactly 4 (another field) or less, we've exited.
+            if (/^    \S/.test(line) && !/^     /.test(line)) {
+                inMultiLine = false;
+                // Fall through to check this line
+            }
+            else {
+                continue;
+            }
+        }
+        if (multiLineStartRe.test(line)) {
+            inMultiLine = true;
+            continue;
+        }
+        if (fieldRe.test(line))
+            return i;
+    }
+    return -1;
+}
+/**
+ * Serialize a scalar value to YAML. Strings with colons, leading dashes, or
+ * YAML-sensitive characters get quoted. Everything else emits bare.
+ */
+function yamlScalar(value) {
+    if (typeof value === 'boolean')
+        return value ? 'true' : 'false';
+    if (typeof value === 'number')
+        return String(value);
+    const s = String(value);
+    if (/^[\w\-./]+$/.test(s) && !/^(true|false|yes|no|null|~|\d)/i.test(s)) {
+        return s;
+    }
+    // Quote with double quotes, escape any embedded "
+    return `"${s.replace(/\\/g, '\\\\').replace(/"/g, '\\"')}"`;
+}
+/**
+ * Apply operations to a single job block in-place (returns a new array of
+ * lines). Silently drops operations targeting fields not in EDITABLE_FIELDS
+ * (defense in depth — the diagnostics parser filters these too).
+ */
+function applyOperations(lines, block, operations) {
+    // Work on a mutable copy. We track the evolving block.end as we insert/delete.
+    let working = lines.slice();
+    let blockEnd = block.end;
+    const applied = [];
+    const skipped = [];
+    for (const op of operations) {
+        if (!EDITABLE_FIELDS.has(op.field)) {
+            skipped.push(op);
+            continue;
+        }
+        const existing = findFieldLine(working, block.start, blockEnd, op.field);
+        if (op.op === 'remove') {
+            if (existing === -1) {
+                skipped.push(op); // nothing to remove
+                continue;
+            }
+            working.splice(existing, 1);
+            blockEnd -= 1;
+            applied.push(op);
+        }
+        else if (op.op === 'set') {
+            const newLine = `    ${op.field}: ${yamlScalar(op.value)}`;
+            if (existing !== -1) {
+                working[existing] = newLine;
+            }
+            else {
+                // Insert right after the name line so field order stays predictable.
+                working.splice(block.start + 1, 0, newLine);
+                blockEnd += 1;
+            }
+            applied.push(op);
+        }
+    }
+    return { newLines: working, applied, skipped };
+}
+/**
+ * Build a compact diff of only the scalar-field lines that changed.
+ * Ignores multi-line content like embedded prompts — walks each block,
+ * extracts single-line `    key: value` fields, and compares those.
+ * Keeps output readable for confirm dialogs and audit logs.
+ */
+function makeDiff(before, after, blockStart, newBlockEnd) {
+    const beforeEnd = findBlockEnd(before, blockStart);
+    const beforeFields = extractScalarFields(before.slice(blockStart, beforeEnd));
+    const afterFields = extractScalarFields(after.slice(blockStart, newBlockEnd));
+    const allKeys = new Set([...beforeFields.keys(), ...afterFields.keys()]);
+    const lines = [];
+    lines.push(`@@ ${after[blockStart].trim()} @@`);
+    for (const key of allKeys) {
+        const b = beforeFields.get(key);
+        const a = afterFields.get(key);
+        if (b === a)
+            continue;
+        if (b !== undefined)
+            lines.push(`- ${b}`);
+        if (a !== undefined)
+            lines.push(`+ ${a}`);
+    }
+    return lines.join('\n');
+}
+/**
+ * Extract single-line scalar `    key: value` fields from a job block.
+ * Skips the `- name:` line and multi-line `key: |` / `key: >` content.
+ */
+function extractScalarFields(blockLines) {
+    const out = new Map();
+    const scalarRe = /^    ([\w-]+):\s*(.*)$/;
+    const multiStartRe = /^    [\w-]+:\s*[|>][-+]?\s*$/;
+    let inMulti = false;
+    for (const line of blockLines) {
+        if (inMulti) {
+            // Exit when we hit another 4-space field
+            if (/^    \S/.test(line) && !/^     /.test(line)) {
+                inMulti = false;
+            }
+            else {
+                continue;
+            }
+        }
+        if (multiStartRe.test(line)) {
+            inMulti = true;
+            continue;
+        }
+        const m = line.match(scalarRe);
+        if (m)
+            out.set(m[1], line);
+    }
+    return out;
+}
+function findBlockEnd(lines, start) {
+    const anyStartRe = /^  - name:\s+/;
+    for (let i = start + 1; i < lines.length; i++) {
+        if (anyStartRe.test(lines[i]))
+            return i;
+    }
+    return lines.length;
+}
+/**
+ * Apply a proposed fix to the right CRON.md file. Idempotent with respect
+ * to already-applied ops (remove on a missing field is a no-op, set on a
+ * matching value is a no-op).
+ */
+export function applyFix(jobName, autoApply, opts = {}) {
+    const cronFile = resolveCronFile(jobName, autoApply);
+    if (!cronFile) {
+        return { ok: false, message: `No CRON.md found for ${jobName}` };
+    }
+    const bare = bareJobName(jobName);
+    const original = readFileSync(cronFile, 'utf-8');
+    const lines = original.split('\n');
+    const block = findJobBlock(lines, bare);
+    if (!block) {
+        return { ok: false, message: `Job '${bare}' not found in ${cronFile}`, file: cronFile };
+    }
+    const { newLines, applied, skipped } = applyOperations(lines, block, autoApply.operations);
+    if (applied.length === 0) {
+        return {
+            ok: false,
+            message: 'Nothing to apply (all ops were no-ops or on disallowed fields)',
+            file: cronFile,
+            appliedOps: applied,
+            skippedOps: skipped,
+        };
+    }
+    const newBlockEnd = findBlockEnd(newLines, block.start);
+    const diff = makeDiff(lines, newLines, block.start, newBlockEnd);
+    if (opts.dryRun) {
+        return {
+            ok: true,
+            message: `Dry run: ${applied.length} op(s) would apply`,
+            file: cronFile,
+            appliedOps: applied,
+            skippedOps: skipped,
+            diff,
+        };
+    }
+    // Backup before write
+    try {
+        copyFileSync(cronFile, cronFile + '.bak');
+    }
+    catch (err) {
+        logger.warn({ err, file: cronFile }, 'Failed to write .bak before applying fix');
+    }
+    const newContent = newLines.join('\n');
+    writeFileSync(cronFile, newContent);
+    appendAudit({
+        jobName,
+        file: cronFile,
+        applied,
+        skipped,
+        diff,
+    });
+    logger.info({ jobName, file: cronFile, applied: applied.length }, 'Applied cron job fix');
+    return {
+        ok: true,
+        message: `Applied ${applied.length} op(s) to ${path.basename(cronFile)}`,
+        file: cronFile,
+        appliedOps: applied,
+        skippedOps: skipped,
+        diff,
+    };
+}
+function appendAudit(entry) {
+    try {
+        mkdirSync(path.dirname(AUDIT_FILE), { recursive: true });
+        appendFileSync(AUDIT_FILE, JSON.stringify({ ...entry, timestamp: new Date().toISOString() }) + '\n');
+    }
+    catch (err) {
+        logger.warn({ err }, 'Failed to append fix-applier audit');
+    }
+}
+//# sourceMappingURL=fix-applier.js.map

package/dist/gateway/heartbeat-scheduler.js

@@ -105,8 +105,10 @@ export class HeartbeatScheduler {
         }
         // Cron failure sweep — surface jobs that have been silently failing.
         // Runs every tick; per-job 24h cooldown lives inside the monitor.
+        // Passes the gateway so freshly-broken jobs get a diagnostic LLM call
+        // (cached 24h) before the DM goes out.
         import('./failure-monitor.js').then(({ runFailureSweep }) => {
-            runFailureSweep((text) => this.dispatcher.send(text, {})).catch(err => {
+            runFailureSweep((text) => this.dispatcher.send(text, {}), this.gateway).catch(err => {
                 logger.warn({ err }, 'Failure sweep failed');
             });
         }).catch(err => logger.warn({ err }, 'Failure sweep import failed'));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.0.17",
+  "version": "1.0.19",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",