clementine-agent 1.2.0 → 1.2.1

package/dist/cli/dashboard.js

@@ -4470,6 +4470,52 @@ If the tool returns nothing or errors, return an empty array \`[]\`.`,
             res.status(500).json({ error: String(err) });
         }
     });
+    // Seed the user model from existing memory — one-shot Haiku pass over
+    // MEMORY.md, top-salience chunks, and recent session summaries. Returns
+    // proposed values for each slot; the dashboard UI shows them in an
+    // editable review panel before applying. Nothing is written to
+    // user_model_blocks until the user clicks "Apply" on a slot.
+    app.post('/api/user-model/seed', async (_req, res) => {
+        try {
+            const gateway = await getGateway();
+            const store = gateway.assistant?.memoryStore;
+            if (!store) {
+                res.status(503).json({ error: 'Memory store not available' });
+                return;
+            }
+            // Build the LLM caller using the same Claude Agent SDK pattern as
+            // periodic memory consolidation (see src/index.ts:684).
+            const { query } = await import('@anthropic-ai/claude-agent-sdk');
+            const llmCall = async (prompt) => {
+                try {
+                    let result = '';
+                    const stream = query({
+                        prompt,
+                        options: {
+                            model: 'claude-haiku-4-5-20251001',
+                            maxTurns: 1,
+                            systemPrompt: 'You are a memory consolidation assistant. Extract only facts directly evidenced by the corpus. Be terse. Output exactly the requested format.',
+                        },
+                    });
+                    for await (const msg of stream) {
+                        if (msg.type === 'result') {
+                            result = msg.result ?? '';
+                        }
+                    }
+                    return result;
+                }
+                catch {
+                    return '';
+                }
+            };
+            const { seedUserModelFromMemory } = await import('../memory/seed-user-model.js');
+            const proposals = await seedUserModelFromMemory(store, llmCall);
+            res.json({ ok: true, proposals });
+        }
+        catch (err) {
+            res.status(500).json({ error: String(err) });
+        }
+    });
     // ── Memory chunk CRUD (dashboard curation) ───────────────────────
     // Lets the user fix wrong/stale memory directly from the search panel
     // instead of having to wait for auto-extraction to drift in the right
@@ -10801,13 +10847,15 @@ if('serviceWorker' in navigator){navigator.serviceWorker.getRegistrations().then
           <div style="color:var(--muted,#888);margin-bottom:12px;font-size:13px">
             What the agent always knows about you. These slots load into every conversation's context (above retrieved memory). Edit directly to correct or steer.
           </div>
-          <div style="display:flex;gap:8px;margin-bottom:12px;align-items:center">
+          <div style="display:flex;gap:8px;margin-bottom:12px;align-items:center;flex-wrap:wrap">
             <label style="font-size:13px;color:var(--text-secondary)">Scope:</label>
             <select id="user-model-scope" style="padding:6px 10px;border:1px solid var(--border);border-radius:6px;background:var(--bg-input);color:var(--text);font-size:13px" onchange="loadUserModel()">
               <option value="">Global</option>
             </select>
             <button class="btn" onclick="loadUserModel()" style="font-size:13px">Refresh</button>
+            <button class="btn-primary" onclick="seedUserModel()" style="font-size:13px;margin-left:auto" title="One-shot Haiku pass over MEMORY.md + top-salience chunks + recent sessions to propose initial slot values. Review and apply per-slot.">✨ Seed from existing memory</button>
           </div>
+          <div id="user-model-seed-panel" style="display:none;margin-bottom:14px"></div>
           <div id="user-model-panel"><div class="empty-state">Loading user model…</div></div>
         </div>
 

package/dist/cli/index.js

@@ -1333,7 +1333,7 @@ async function cmdConfigHardenPermissions(opts) {
 // ── Config keychain-fix-acl ─────────────────────────────────────────
 async function cmdConfigKeychainFixAcl(opts) {
     const { listClementineKeychainEntries, fixAllClementineEntries } = await import('../config/keychain-fix-acl.js');
-    const { markKeychainWizardDone } = await import('../config/keychain-first-run-wizard.js');
+    const { markKeychainWizardDone, readPasswordFromTty } = await import('../config/keychain-first-run-wizard.js');
     const DIM = '\x1b[0;90m';
     const BOLD = '\x1b[1m';
     const GREEN = '\x1b[0;32m';
@@ -1358,35 +1358,54 @@ async function cmdConfigKeychainFixAcl(opts) {
         console.log();
         return;
     }
+    console.log(`  ${DIM}Enter your macOS login password ONCE — it authorizes${RESET}`);
+    console.log(`  ${DIM}all ${entries.length} ACL update${entries.length === 1 ? '' : 's'} in a single pass. Not stored.${RESET}`);
+    console.log();
+    const password = await readPasswordFromTty(`  ${BOLD}macOS login password:${RESET} `);
+    if (!password) {
+        console.log();
+        console.log(`  ${YELLOW}Empty password — aborted.${RESET}`);
+        console.log();
+        return;
+    }
+    console.log();
     console.log(`  ${BOLD}Fixing ACLs...${RESET}`);
-    console.log(`  ${DIM}macOS may ask for your login keychain password (the system prompt — it DOES appear).${RESET}`);
-    console.log(`  ${DIM}You may also be asked to "Always Allow" — pick that.${RESET}`);
     console.log();
-    const results = fixAllClementineEntries();
+    const results = fixAllClementineEntries({ keychainPassword: password });
     let okCount = 0;
     let failCount = 0;
+    let wrongPasswordHit = false;
     for (const r of results) {
         if (r.status === 'fixed') {
             console.log(`    ${GREEN}✓${RESET} ${r.account}`);
             okCount++;
         }
-        else {
+        else if (r.status === 'failed') {
             console.log(`    ${RED}✗${RESET} ${r.account} ${DIM}— ${r.error}${RESET}`);
             failCount++;
+            if (r.error && /MAC verification|AuthFailure|UserCanceled|-25293/i.test(r.error)) {
+                wrongPasswordHit = true;
+            }
         }
     }
     console.log();
     if (failCount === 0) {
         console.log(`  ${GREEN}All ${okCount} entries fixed.${RESET} ${DIM}Future reads via the security CLI succeed silently.${RESET}`);
     }
+    else if (wrongPasswordHit && okCount === 0) {
+        console.log(`  ${RED}Wrong password — no entries repaired.${RESET}`);
+        console.log(`  ${DIM}Re-run: clementine config keychain-fix-acl${RESET}`);
+    }
     else {
         console.log(`  ${YELLOW}${okCount} fixed, ${failCount} failed.${RESET}`);
         console.log(`  ${DIM}Failed entries can be fixed manually in Keychain Access.app:${RESET}`);
         console.log(`  ${DIM}  search "clementine-agent" → double-click → Access Control → Allow all applications.${RESET}`);
     }
-    // Always mark the launch wizard satisfied — user has explicitly decided
-    // to deal with this via the manual command.
-    markKeychainWizardDone(BASE_DIR);
+    // Mark the launch wizard satisfied unless the password was clearly wrong —
+    // user has explicitly decided to deal with this via the manual command.
+    if (!(wrongPasswordHit && okCount === 0)) {
+        markKeychainWizardDone(BASE_DIR);
+    }
     console.log();
 }
 // ── Analytics ────────────────────────────────────────────────────────

package/dist/config/keychain-first-run-wizard.d.ts

@@ -1,6 +1,6 @@
 /**
  * One-time interactive wizard that repairs ACLs on legacy clementine-agent
- * keychain entries during `clementine launch`.
+ * keychain entries during `clementine launch` / `clementine update`.
  *
  * Why this exists: entries written before commit 88cfd99 used
  * `add-generic-password -T ''` (no apps pre-approved), so every Clementine
@@ -9,10 +9,11 @@
  * entries that need a one-time partition-list repair to stop the prompt
  * cascade.
  *
- * The manual fix is `clementine config keychain-fix-acl`. This wizard runs
- * the same fix automatically on the next `clementine launch` (where we
- * know we have a TTY for the macOS login-keychain password prompt), then
- * writes a sentinel so we never prompt again on this machine.
+ * macOS's `set-generic-password-partition-list` requires the login keychain
+ * password to authorize the ACL change — once per entry. To avoid prompting
+ * the user N times for N entries, we ask once via masked stdin, then pass
+ * the password to each call via -k. End result: one password entry, all
+ * entries fixed in one pass.
  *
  * Skipped when:
  *   - non-darwin platform (no keychain),
@@ -22,5 +23,15 @@
  */
 /** Write the sentinel so the wizard skips on subsequent launches. */
 export declare function markKeychainWizardDone(baseDir: string): void;
+/**
+ * Read a line from the TTY without echoing characters. Each keypress shows
+ * an asterisk so the user has visual feedback for length. Returns the
+ * collected string. Ctrl-C aborts the process.
+ *
+ * Uses raw mode directly because Node's readline always echoes input.
+ * Exported so the manual `clementine config keychain-fix-acl` command can
+ * use the same one-prompt UX.
+ */
+export declare function readPasswordFromTty(prompt: string): Promise<string>;
 export declare function runFirstRunKeychainWizardIfNeeded(baseDir: string): Promise<void>;
 //# sourceMappingURL=keychain-first-run-wizard.d.ts.map

package/dist/config/keychain-first-run-wizard.js

@@ -1,6 +1,6 @@
 /**
  * One-time interactive wizard that repairs ACLs on legacy clementine-agent
- * keychain entries during `clementine launch`.
+ * keychain entries during `clementine launch` / `clementine update`.
  *
  * Why this exists: entries written before commit 88cfd99 used
  * `add-generic-password -T ''` (no apps pre-approved), so every Clementine
@@ -9,10 +9,11 @@
  * entries that need a one-time partition-list repair to stop the prompt
  * cascade.
  *
- * The manual fix is `clementine config keychain-fix-acl`. This wizard runs
- * the same fix automatically on the next `clementine launch` (where we
- * know we have a TTY for the macOS login-keychain password prompt), then
- * writes a sentinel so we never prompt again on this machine.
+ * macOS's `set-generic-password-partition-list` requires the login keychain
+ * password to authorize the ACL change — once per entry. To avoid prompting
+ * the user N times for N entries, we ask once via masked stdin, then pass
+ * the password to each call via -k. End result: one password entry, all
+ * entries fixed in one pass.
  *
  * Skipped when:
  *   - non-darwin platform (no keychain),
@@ -38,6 +39,64 @@ export function markKeychainWizardDone(baseDir) {
         // next launch — annoying but not broken.
     }
 }
+/**
+ * Read a line from the TTY without echoing characters. Each keypress shows
+ * an asterisk so the user has visual feedback for length. Returns the
+ * collected string. Ctrl-C aborts the process.
+ *
+ * Uses raw mode directly because Node's readline always echoes input.
+ * Exported so the manual `clementine config keychain-fix-acl` command can
+ * use the same one-prompt UX.
+ */
+export function readPasswordFromTty(prompt) {
+    return new Promise((resolve) => {
+        output.write(prompt);
+        let value = '';
+        const wasRaw = input.isRaw === true;
+        if (typeof input.setRawMode === 'function')
+            input.setRawMode(true);
+        input.resume();
+        input.setEncoding('utf8');
+        const finish = () => {
+            input.removeListener('data', onData);
+            if (typeof input.setRawMode === 'function')
+                input.setRawMode(wasRaw);
+            input.pause();
+            output.write('\n');
+            resolve(value);
+        };
+        const onData = (chunk) => {
+            // Raw stdin can deliver multiple chars per chunk (paste, escape seqs).
+            for (const char of chunk) {
+                const code = char.charCodeAt(0);
+                // Ctrl-C → abort the process entirely (user wants out).
+                if (code === 0x03) {
+                    output.write('\n');
+                    process.exit(130);
+                }
+                // Enter (LF/CR) or Ctrl-D → submit whatever we have.
+                if (code === 0x0a || code === 0x0d || code === 0x04) {
+                    finish();
+                    return;
+                }
+                // Backspace (DEL or BS).
+                if (code === 0x7f || code === 0x08) {
+                    if (value.length > 0) {
+                        value = value.slice(0, -1);
+                        output.write('\b \b');
+                    }
+                    continue;
+                }
+                // Printable ASCII + UTF-8 — skip anything else (arrow keys, escape seqs).
+                if (code >= 0x20 && code !== 0x7f) {
+                    value += char;
+                    output.write('*');
+                }
+            }
+        };
+        input.on('data', onData);
+    });
+}
 export async function runFirstRunKeychainWizardIfNeeded(baseDir) {
     if (process.platform !== 'darwin')
         return;
@@ -48,7 +107,6 @@ export async function runFirstRunKeychainWizardIfNeeded(baseDir) {
     const { listClementineKeychainEntries, fixAllClementineEntries } = await import('./keychain-fix-acl.js');
     const entries = listClementineKeychainEntries().filter((e) => e.isClementine);
     if (entries.length === 0) {
-        // Nothing to fix — write sentinel so we don't re-scan every launch.
         markKeychainWizardDone(baseDir);
         return;
     }
@@ -62,10 +120,11 @@ export async function runFirstRunKeychainWizardIfNeeded(baseDir) {
     console.log(`  ${BOLD}One-time keychain setup${RESET}`);
     console.log(`  ${DIM}${entries.length} keychain entr${entries.length === 1 ? 'y' : 'ies'} from a previous version need an${RESET}`);
     console.log(`  ${DIM}access-control update so Clementine can read them${RESET}`);
-    console.log(`  ${DIM}silently — otherwise macOS will prompt on every read.${RESET}`);
+    console.log(`  ${DIM}silently — otherwise macOS prompts on every read.${RESET}`);
     console.log();
-    console.log(`  ${DIM}macOS will ask once for your login-keychain password.${RESET}`);
-    console.log(`  ${DIM}After that, no more prompts. We won't ask again.${RESET}`);
+    console.log(`  ${DIM}You'll enter your macOS login password ONCE below —${RESET}`);
+    console.log(`  ${DIM}it authorizes all ACL updates in a single pass.${RESET}`);
+    console.log(`  ${DIM}Not stored. Won't ask again.${RESET}`);
     console.log();
     const rl = readline.createInterface({ input, output });
     let answer;
@@ -77,7 +136,15 @@ export async function runFirstRunKeychainWizardIfNeeded(baseDir) {
     }
     if (answer === 'n' || answer === 'no') {
         console.log();
-        console.log(`  ${YELLOW}Skipped.${RESET} ${DIM}Run later with: clementine config keychain-fix-acl${RESET}`);
+        console.log(`  ${YELLOW}Skipped.${RESET} ${DIM}Run later: clementine config keychain-fix-acl${RESET}`);
+        console.log();
+        markKeychainWizardDone(baseDir);
+        return;
+    }
+    const password = await readPasswordFromTty(`  ${BOLD}macOS login password:${RESET} `);
+    if (!password) {
+        console.log();
+        console.log(`  ${YELLOW}Empty password — skipped.${RESET} ${DIM}Run later: clementine config keychain-fix-acl${RESET}`);
         console.log();
         markKeychainWizardDone(baseDir);
         return;
@@ -85,9 +152,10 @@ export async function runFirstRunKeychainWizardIfNeeded(baseDir) {
     console.log();
     console.log(`  ${BOLD}Repairing ACLs...${RESET}`);
     console.log();
-    const results = fixAllClementineEntries();
+    const results = fixAllClementineEntries({ keychainPassword: password });
     let okCount = 0;
     let failCount = 0;
+    let wrongPasswordHit = false;
     for (const r of results) {
         if (r.status === 'fixed') {
             console.log(`    ${GREEN}✓${RESET} ${r.account}`);
@@ -96,20 +164,31 @@ export async function runFirstRunKeychainWizardIfNeeded(baseDir) {
         else if (r.status === 'failed') {
             console.log(`    ${RED}✗${RESET} ${r.account} ${DIM}— ${r.error ?? 'unknown'}${RESET}`);
             failCount++;
+            // security's stderr for a bad password contains "MAC verification failed"
+            // or similar. Catch the common shapes so we can re-prompt next launch.
+            if (r.error && /MAC verification|AuthFailure|UserCanceled|-25293/i.test(r.error)) {
+                wrongPasswordHit = true;
+            }
         }
     }
     console.log();
     if (failCount === 0) {
         console.log(`  ${GREEN}Done — ${okCount} entr${okCount === 1 ? 'y' : 'ies'} repaired.${RESET} ${DIM}Future reads silent.${RESET}`);
     }
+    else if (wrongPasswordHit && okCount === 0) {
+        console.log(`  ${RED}Wrong password — no entries repaired.${RESET}`);
+        console.log(`  ${DIM}We'll ask again on next launch.${RESET}`);
+    }
     else {
         console.log(`  ${YELLOW}${okCount} fixed, ${failCount} failed.${RESET}`);
         console.log(`  ${DIM}Failed entries can be fixed manually in Keychain Access.app:${RESET}`);
         console.log(`  ${DIM}  search "clementine-agent" → right-click → Get Info → Access Control.${RESET}`);
     }
     console.log();
-    // Always mark done — even on partial failure we don't want to re-prompt
-    // every launch. The user can re-run the manual command if they want.
-    markKeychainWizardDone(baseDir);
+    // Don't write sentinel if the password was wrong AND nothing succeeded —
+    // let the user retry on the next launch. Any other outcome marks done.
+    if (!(wrongPasswordHit && okCount === 0)) {
+        markKeychainWizardDone(baseDir);
+    }
 }
 //# sourceMappingURL=keychain-first-run-wizard.js.map

package/dist/config/keychain-fix-acl.d.ts

@@ -51,12 +51,20 @@ export interface AclFixResult {
  * never touched (could be other apps that coincidentally chose that name).
  */
 export declare function listClementineKeychainEntries(): KeychainEntry[];
-export declare function fixAcl(service: Service, account: string): AclFixResult;
+export declare function fixAcl(service: Service, account: string, opts?: {
+    keychainPassword?: string;
+}): AclFixResult;
 /**
  * Plan + apply: enumerate entries, fix each Clementine-shaped one in turn.
  * Foreign entries (other apps under the legacy "clementine" service) get
  * reported with status='skipped-foreign' and never touched.
+ *
+ * Pass opts.keychainPassword to authorize all entries with one stored password
+ * instead of one TTY prompt per entry — that's how the wizard avoids the
+ * 7-prompt bombardment.
  */
-export declare function fixAllClementineEntries(): AclFixResult[];
+export declare function fixAllClementineEntries(opts?: {
+    keychainPassword?: string;
+}): AclFixResult[];
 export {};
 //# sourceMappingURL=keychain-fix-acl.d.ts.map

package/dist/config/keychain-fix-acl.js

@@ -148,7 +148,7 @@ function locateKeychain(service, account) {
     const m = first.match(/^keychain:\s+"([^"]+)"/);
     return m ? m[1] : null;
 }
-export function fixAcl(service, account) {
+export function fixAcl(service, account, opts = {}) {
     const keychainPath = locateKeychain(service, account);
     if (!keychainPath) {
         return {
@@ -160,33 +160,47 @@ export function fixAcl(service, account) {
     }
     // Pass the keychain path as the trailing positional arg so partition-list
     // doesn't search the wrong store.
-    const args = [
+    const baseArgs = [
         'set-generic-password-partition-list',
         '-s', service,
         '-a', account,
         '-S', 'apple-tool:,apple:',
-        keychainPath,
     ];
+    // When a password is provided, pass it via -k and capture stdio so security
+    // doesn't prompt — that's the whole point. Without -k, security prompts on
+    // the inherited TTY for each entry, which means N entries = N prompts.
+    const args = opts.keychainPassword
+        ? [...baseArgs, '-k', opts.keychainPassword, keychainPath]
+        : [...baseArgs, keychainPath];
     const result = spawnSync('/usr/bin/security', args, {
-        stdio: 'inherit',
+        stdio: opts.keychainPassword ? ['ignore', 'pipe', 'pipe'] : 'inherit',
         timeout: 120_000,
     });
     if (result.status === 0) {
         return { service, account, status: 'fixed' };
     }
+    // When stdio was captured, surface stderr in the error so callers can
+    // detect "wrong password" vs other failures.
+    const stderr = opts.keychainPassword && result.stderr
+        ? result.stderr.toString().trim().slice(0, 200)
+        : '';
     return {
         service,
         account,
         status: 'failed',
-        error: result.error?.message ?? `exit code ${result.status}`,
+        error: stderr || result.error?.message || `exit code ${result.status}`,
     };
 }
 /**
  * Plan + apply: enumerate entries, fix each Clementine-shaped one in turn.
  * Foreign entries (other apps under the legacy "clementine" service) get
  * reported with status='skipped-foreign' and never touched.
+ *
+ * Pass opts.keychainPassword to authorize all entries with one stored password
+ * instead of one TTY prompt per entry — that's how the wizard avoids the
+ * 7-prompt bombardment.
  */
-export function fixAllClementineEntries() {
+export function fixAllClementineEntries(opts = {}) {
     const entries = listClementineKeychainEntries();
     const results = [];
     for (const entry of entries) {
@@ -194,7 +208,7 @@ export function fixAllClementineEntries() {
             results.push({ service: entry.service, account: entry.account, status: 'skipped-foreign' });
             continue;
         }
-        results.push(fixAcl(entry.service, entry.account));
+        results.push(fixAcl(entry.service, entry.account, opts));
     }
     return results;
 }

package/dist/memory/seed-user-model.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Clementine TypeScript — Seed user-model slots from existing memory.
+ *
+ * One-shot Haiku pass over MEMORY.md + top-salience chunks + recent session
+ * summaries. Proposes initial values for the 4 user_model slots so a freshly-
+ * upgraded agent has a populated mental model immediately rather than needing
+ * to re-learn everything through fresh conversations.
+ *
+ * Returns proposals only — caller decides whether to apply (typically via the
+ * dashboard "Seed from existing memory" review UI).
+ */
+interface SeedSourceStore {
+    searchFts(query: string, limit: number): Array<{
+        chunkId: number;
+        sourceFile: string;
+        section: string;
+        content: string;
+        salience: number;
+    }>;
+    getRecentSummaries(limit?: number): Array<{
+        summary: string;
+        createdAt: string;
+    }>;
+    db: unknown;
+}
+export interface UserModelProposals {
+    user_facts: string;
+    goals: string;
+    relationships: string;
+    agent_persona: string;
+    /** Number of distinct source items the LLM saw (chunks + summaries + MEMORY.md). */
+    sourceCount: number;
+    /** Raw model output, for debugging. */
+    rawResponse?: string;
+}
+export declare function seedUserModelFromMemory(store: SeedSourceStore, llmCall: (prompt: string) => Promise<string>): Promise<UserModelProposals>;
+export {};
+//# sourceMappingURL=seed-user-model.d.ts.map

package/dist/memory/seed-user-model.js

@@ -0,0 +1,174 @@
+/**
+ * Clementine TypeScript — Seed user-model slots from existing memory.
+ *
+ * One-shot Haiku pass over MEMORY.md + top-salience chunks + recent session
+ * summaries. Proposes initial values for the 4 user_model slots so a freshly-
+ * upgraded agent has a populated mental model immediately rather than needing
+ * to re-learn everything through fresh conversations.
+ *
+ * Returns proposals only — caller decides whether to apply (typically via the
+ * dashboard "Seed from existing memory" review UI).
+ */
+import { existsSync, readFileSync } from 'node:fs';
+import pino from 'pino';
+import { MEMORY_FILE } from '../tools/shared.js';
+const logger = pino({ name: 'clementine.seed-user-model' });
+/** Size budget per source category — keeps the corpus under Haiku's
+ *  prompt-cost sweet spot while preserving signal. */
+const MAX_MEMORY_MD_CHARS = 4000;
+const MAX_CHUNK_CHARS = 4000;
+const MAX_SUMMARIES_CHARS = 1500;
+function gatherCorpus(store) {
+    const parts = [];
+    let sourceCount = 0;
+    // 1. MEMORY.md — highest-signal source, the agent's curated profile note
+    if (existsSync(MEMORY_FILE)) {
+        try {
+            const md = readFileSync(MEMORY_FILE, 'utf-8').slice(0, MAX_MEMORY_MD_CHARS);
+            if (md.trim()) {
+                parts.push(`## MEMORY.md\n${md}`);
+                sourceCount++;
+            }
+        }
+        catch { /* non-fatal */ }
+    }
+    // 2. Top-salience chunks — what the agent has been actively retrieving
+    // We don't have a "list by salience" method on the store directly, but
+    // searchFts with a generic query that matches almost everything works as
+    // a coarse top-N proxy. Better: query the underlying db handle.
+    try {
+        const db = store.db;
+        const rows = db.prepare(`SELECT c.source_file, c.section, c.content, c.salience
+       FROM chunks c
+       LEFT JOIN chunk_soft_deletes sd ON sd.chunk_id = c.id
+       WHERE sd.chunk_id IS NULL AND length(c.content) > 50
+       ORDER BY c.salience DESC, c.last_outcome_score DESC, c.updated_at DESC
+       LIMIT 40`).all();
+        if (rows.length > 0) {
+            let chunkBlock = '## High-salience memory chunks\n';
+            let used = 0;
+            for (const r of rows) {
+                const entry = `\n--- [${r.source_file} · ${r.section}]\n${r.content.slice(0, 500)}\n`;
+                if (used + entry.length > MAX_CHUNK_CHARS)
+                    break;
+                chunkBlock += entry;
+                used += entry.length;
+                sourceCount++;
+            }
+            parts.push(chunkBlock);
+        }
+    }
+    catch (err) {
+        logger.debug({ err }, 'Failed to gather salience chunks');
+    }
+    // 3. Recent session summaries — surfaces current goals and active context
+    try {
+        const summaries = store.getRecentSummaries(8);
+        if (summaries.length > 0) {
+            let block = '## Recent session summaries\n';
+            let used = 0;
+            for (const s of summaries) {
+                const entry = `\n[${s.createdAt}]\n${s.summary.slice(0, 400)}\n`;
+                if (used + entry.length > MAX_SUMMARIES_CHARS)
+                    break;
+                block += entry;
+                used += entry.length;
+                sourceCount++;
+            }
+            parts.push(block);
+        }
+    }
+    catch { /* getRecentSummaries may be missing or empty */ }
+    return { corpus: parts.join('\n\n---\n\n'), sourceCount };
+}
+const SEED_PROMPT = (corpus) => `Analyze the memory corpus below and propose initial values for the agent's "user model" — coherent always-in-context facts about the user that load into every conversation.
+
+The user model has 4 slots, each capped at 2000 chars:
+
+1. **user_facts** — Who they are. Name, role, location, lasting preferences (writing style, tools, communication style). Stable identifiers and personality traits.
+2. **goals** — What they're actively working toward right now. Current projects, deadlines, immediate intents. Skip vague long-term aspirations.
+3. **relationships** — People, projects, channels they regularly interact with. One line each, who-is-what.
+4. **agent_persona** — How the agent (Clementine) should think of itself in relation to the user. Skip if no signal.
+
+Rules:
+- Only include facts with direct evidence in the corpus
+- Be terse. Bullet fragments, not full sentences. Skip filler.
+- If a slot has no good signal, output exactly: "(no clear signal)"
+- Never invent details — if uncertain, leave it out
+- Don't repeat the same fact across slots
+
+Output exactly this format (markdown headings, no other text before or after):
+
+## user_facts
+- bullet
+- bullet
+
+## goals
+- bullet
+
+## relationships
+- bullet
+
+## agent_persona
+- bullet
+
+---
+
+Memory corpus to analyze:
+
+${corpus}`;
+function parseProposals(raw) {
+    const slots = ['user_facts', 'goals', 'relationships', 'agent_persona'];
+    const out = {
+        user_facts: '', goals: '', relationships: '', agent_persona: '',
+    };
+    // Tolerant parser: split on any "## slot_name" header (case-insensitive),
+    // anchored at line start. Whatever follows up to the next slot header is
+    // that slot's content.
+    for (let i = 0; i < slots.length; i++) {
+        const slot = slots[i];
+        const next = slots[i + 1];
+        const startRe = new RegExp(`^\\s*##\\s+${slot}\\b.*$`, 'mi');
+        const m = startRe.exec(raw);
+        if (!m)
+            continue;
+        let endIdx = raw.length;
+        if (next) {
+            const endRe = new RegExp(`^\\s*##\\s+${next}\\b.*$`, 'mi');
+            const e = endRe.exec(raw);
+            if (e && e.index > m.index)
+                endIdx = e.index;
+        }
+        let body = raw.slice(m.index + m[0].length, endIdx).trim();
+        // Treat "(no clear signal)" as empty so the slot stays unset
+        if (/^\s*\(?no\s+clear\s+signal\)?\s*$/i.test(body))
+            body = '';
+        out[slot] = body.slice(0, 2000);
+    }
+    return out;
+}
+export async function seedUserModelFromMemory(store, llmCall) {
+    const { corpus, sourceCount } = gatherCorpus(store);
+    if (!corpus.trim() || sourceCount === 0) {
+        return {
+            user_facts: '', goals: '', relationships: '', agent_persona: '',
+            sourceCount: 0,
+            rawResponse: 'No source material found — vault may be empty.',
+        };
+    }
+    const prompt = SEED_PROMPT(corpus);
+    let raw = '';
+    try {
+        raw = await llmCall(prompt);
+    }
+    catch (err) {
+        logger.warn({ err }, 'Seed LLM call failed');
+        return {
+            user_facts: '', goals: '', relationships: '', agent_persona: '',
+            sourceCount, rawResponse: `LLM call failed: ${String(err)}`,
+        };
+    }
+    const parsed = parseProposals(raw);
+    return { ...parsed, sourceCount, rawResponse: raw };
+}
+//# sourceMappingURL=seed-user-model.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.2.0",
+  "version": "1.2.1",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",