npm - dual-brain - Versions diffs - 0.2.2 → 0.2.4 - Mend

dual-brain 0.2.2 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "dual-brain",
-  "version": "0.2.2",
+  "version": "0.2.4",
   "description": "AI orchestration across Claude + OpenAI subscriptions — smart routing, budget awareness, and dual-brain collaboration",
   "type": "module",
   "bin": {

package/src/dispatch.mjs CHANGED Viewed

@@ -672,6 +672,20 @@ async function dispatch(input = {}) {
   // Safety gate: redact secrets before anything reaches a subprocess or log
   prompt = redact(prompt);
+  // ── Resume brief injection ───────────────────────────────────────────────────
+  // Inject the last session's receipt as context when no situationBrief is already set.
+  // This closes the receipt → brief → next session loop automatically.
+  if (!input.situationBrief) {
+    try {
+      const { buildResumeBrief } = await import('./receipt.mjs');
+      const brief = buildResumeBrief(cwd);
+      if (brief) {
+        input = { ...input, situationBrief: brief };
+      }
+    } catch { /* non-blocking */ }
+  }
+  // ── End resume brief injection ───────────────────────────────────────────────
   // ── Related session context injection ────────────────────────────────────────
   // Find past sessions related to this task and prepend a context block.
   // Only injected when confidence is high (score > 5). Fast: index-only, no JSONL parsing.

package/src/pipeline.mjs CHANGED Viewed

@@ -1134,6 +1134,12 @@ export async function runPipeline(trigger, prompt, options = {}) {
       return { success: false, gateFailure: 'outcome', reason: run.gates.outcome.reason, run };
     }
+    // Post-session receipt — capture what happened and seed next session's context
+    try {
+      const { generateReceipt } = await import('./receipt.mjs');
+      generateReceipt(run, cwd);
+    } catch { /* non-blocking */ }
     // Persist decision for future recall
     if (run.result && !run.result?.error) {
       try {

package/src/profile.mjs CHANGED Viewed

@@ -151,9 +151,9 @@ async function detectCapabilities(cwd) {
   if (process.env.CLAUDE_CODE) {
     claudeAvailable = true;
     claudeSource = 'claude-code';
-  } else if (process.env.ANTHROPIC_API_KEY) {
+  } else if (process.env.ANTHROPIC_API_KEY?.length > 0) {
     claudeAvailable = true;
-    claudeSource = 'env-key';
+    claudeSource = 'api-key';
   } else {
     // Check for ~/.claude directory (Claude Code installation)
     const claudeDir = join(homedir(), '.claude');
@@ -164,9 +164,8 @@ async function detectCapabilities(cwd) {
     }
   }
-  // --- OpenAI: check for OPENAI_API_KEY (metered billing) ---
-  const openaiKey = process.env.OPENAI_API_KEY;
-  const openaiAvailable = !!(openaiKey && openaiKey.length > 0);
+  // --- OpenAI: check for OPENAI_API_KEY presence (metered billing) ---
+  const openaiAvailable = !!process.env.OPENAI_API_KEY?.length;
   // --- Codex: check if 'codex' is in PATH ---
   let codexAvailable = false;
@@ -201,9 +200,9 @@ async function detectCapabilities(cwd) {
       source: claudeSource,
     },
     openai: {
-      available: openaiAvailable,
-      source: openaiAvailable ? 'env-key' : null,
-      metered: openaiAvailable, // API key = metered billing
+      available: openaiAvailable || codexAvailable,
+      source: openaiAvailable ? 'api-key' : codexAvailable ? 'codex-cli' : null,
+      metered: openaiAvailable && !codexAvailable,
     },
     codex: {
       available: codexAvailable,
@@ -252,7 +251,7 @@ function getOnboardingMessage(capabilities, workStyle = 'balanced') {
   const lines = [];
   if (found.length === 0) {
     lines.push('No providers detected');
-    lines.push('  Set ANTHROPIC_API_KEY or install Claude Code to get started');
+    lines.push('  Run: claude login   or install Claude Code to get started');
     return lines.join('\n');
   }
@@ -261,7 +260,7 @@ function getOnboardingMessage(capabilities, workStyle = 'balanced') {
   // Tip: suggest OpenAI if only Claude is available
   if (capabilities?.claude?.available && !capabilities?.openai?.available && !capabilities?.codex?.available) {
-    lines.push('  Tip: Add OPENAI_API_KEY for dual-brain collaboration');
+    lines.push('  Tip: Run codex login for dual-brain collaboration');
   }
   // Warn about metered billing
@@ -814,10 +813,535 @@ function listSubscriptions(cwd) {
   return profile.providers || {};
 }
+// ---------------------------------------------------------------------------
+// Credential Registry
+// ---------------------------------------------------------------------------
+const credentialsPath = (cwd) => join(cwd || process.cwd(), '.dualbrain', 'credentials.json');
+function defaultCredentials() {
+  return { version: 1, credentials: [] };
+}
+export function loadCredentials(cwd = process.cwd()) {
+  try {
+    const p = credentialsPath(cwd);
+    if (!existsSync(p)) return defaultCredentials();
+    return JSON.parse(readFileSync(p, 'utf8'));
+  } catch {
+    return defaultCredentials();
+  }
+}
+export function saveCredentials(data, cwd = process.cwd()) {
+  try {
+    const p = credentialsPath(cwd);
+    const dir = p.slice(0, p.lastIndexOf('/'));
+    if (!existsSync(dir)) mkdirSync(dir, { recursive: true });
+    // Ensure no raw secret values are stored
+    const safe = {
+      ...data,
+      credentials: (data.credentials || []).map(c => {
+        const clean = { ...c };
+        delete clean.secret;
+        delete clean.token;
+        delete clean.api_key;
+        delete clean.password;
+        return clean;
+      }),
+    };
+    const tmp = p + '.tmp.' + process.pid;
+    writeFileSync(tmp, JSON.stringify(safe, null, 2) + '\n');
+    renameSync(tmp, p);
+    return p;
+  } catch { /* non-fatal */ }
+}
+export function addCredential(cred, cwd = process.cwd()) {
+  const required = ['id', 'provider', 'auth_type', 'source'];
+  for (const f of required) {
+    if (!cred[f]) throw new Error(`addCredential: missing required field '${f}'`);
+  }
+  const data = loadCredentials(cwd);
+  const idx = data.credentials.findIndex(c => c.id === cred.id);
+  const entry = {
+    id: cred.id,
+    provider: cred.provider,
+    auth_type: cred.auth_type,
+    source: cred.source,
+    owner: cred.owner || 'user',
+    scope: cred.scope || 'local',
+    plan_hint: cred.plan_hint || null,
+    enabled: cred.enabled !== false,
+    health: cred.health || 'unknown',
+    last_checked_at: cred.last_checked_at || null,
+  };
+  if (idx >= 0) data.credentials[idx] = entry;
+  else data.credentials.push(entry);
+  saveCredentials(data, cwd);
+  return entry;
+}
+export function removeCredential(id, cwd = process.cwd()) {
+  const data = loadCredentials(cwd);
+  data.credentials = data.credentials.filter(c => c.id !== id);
+  saveCredentials(data, cwd);
+}
+export function getHealthyCredentials(provider = null, cwd = process.cwd()) {
+  const data = loadCredentials(cwd);
+  return data.credentials.filter(c =>
+    c.enabled !== false &&
+    c.health !== 'unhealthy' &&
+    (provider === null || c.provider === provider)
+  );
+}
+export async function checkCredentialHealth(cred, cwd = process.cwd()) {
+  let health = 'unknown';
+  try {
+    if (cred.auth_type === 'cli_oauth') {
+      try { execSync('claude --version', { stdio: 'pipe', timeout: 3000 }); } catch { return { ...cred, health: 'unhealthy', last_checked_at: new Date().toISOString() }; }
+      try {
+        const { getAuthStatus } = await import('./replit.mjs');
+        const status = getAuthStatus(cwd);
+        health = (status.available && status.tokenStatus !== 'expired') ? 'healthy' : 'degraded';
+      } catch {
+        health = 'healthy'; // cli works, auth check unavailable
+      }
+    } else if (cred.auth_type === 'api_key') {
+      if (cred.source === 'replit_secret') {
+        try {
+          const { hasSecret } = await import('./replit.mjs');
+          health = hasSecret(cred.env_var || cred.id.toUpperCase().replace(/-/g, '_')) ? 'healthy' : 'unhealthy';
+        } catch { health = 'unknown'; }
+      } else {
+        // env source
+        const varName = cred.env_var || cred.id.toUpperCase().replace(/-/g, '_');
+        health = (process.env[varName] && process.env[varName].length > 0) ? 'healthy' : 'unhealthy';
+      }
+    }
+  } catch { health = 'unknown'; }
+  return { ...cred, health, last_checked_at: new Date().toISOString() };
+}
+export async function detectCredentials(cwd = process.cwd()) {
+  const found = [];
+  // Claude CLI / oauth
+  const claudeDir       = join(homedir(), '.claude');
+  const replitClaudeDir = join(cwd, '.replit-tools', '.claude-persistent');
+  const claudeAvail = process.env.CLAUDE_CODE || existsSync(claudeDir) || existsSync(replitClaudeDir);
+  if (claudeAvail) {
+    let health = 'unknown';
+    try { execSync('claude --version', { stdio: 'pipe', timeout: 3000 }); health = 'healthy'; } catch { health = 'degraded'; }
+    found.push({
+      id: 'claude-local-user',
+      provider: 'claude',
+      auth_type: 'cli_oauth',
+      source: 'local_cli',
+      owner: 'user',
+      scope: 'local',
+      plan_hint: null,
+      enabled: true,
+      health,
+      last_checked_at: new Date().toISOString(),
+    });
+  }
+  // ANTHROPIC_API_KEY
+  if (process.env.ANTHROPIC_API_KEY) {
+    found.push({
+      id: 'anthropic-api-key',
+      provider: 'claude',
+      auth_type: 'api_key',
+      source: 'env',
+      env_var: 'ANTHROPIC_API_KEY',
+      owner: 'user',
+      scope: 'local',
+      plan_hint: null,
+      enabled: true,
+      health: 'healthy',
+      last_checked_at: new Date().toISOString(),
+    });
+  }
+  // OPENAI_API_KEY (env)
+  if (process.env.OPENAI_API_KEY) {
+    found.push({
+      id: 'openai-api-key',
+      provider: 'openai',
+      auth_type: 'api_key',
+      source: 'env',
+      env_var: 'OPENAI_API_KEY',
+      owner: 'user',
+      scope: 'local',
+      plan_hint: null,
+      enabled: true,
+      health: 'healthy',
+      last_checked_at: new Date().toISOString(),
+    });
+  }
+  // Replit secrets
+  try {
+    const { hasSecret } = await import('./replit.mjs');
+    const secretsToCheck = ['OPENAI_API_KEY', 'ANTHROPIC_API_KEY'];
+    for (const name of secretsToCheck) {
+      if (!process.env[name] && hasSecret(name)) {
+        const provider = name.startsWith('OPENAI') ? 'openai' : 'claude';
+        const id = name.toLowerCase().replace(/_/g, '-') + '-replit';
+        found.push({
+          id,
+          provider,
+          auth_type: 'api_key',
+          source: 'replit_secret',
+          env_var: name,
+          owner: 'user',
+          scope: 'workspace',
+          plan_hint: null,
+          enabled: true,
+          health: 'healthy',
+          last_checked_at: new Date().toISOString(),
+        });
+      }
+    }
+  } catch { /* replit.mjs unavailable */ }
+  return found;
+}
+export function getCredentialSummary(cwd = process.cwd()) {
+  const data = loadCredentials(cwd);
+  const creds = data.credentials || [];
+  const byProvider = { claude: 0, openai: 0 };
+  let healthy = 0, degraded = 0;
+  for (const c of creds) {
+    if (c.enabled === false) continue;
+    if (byProvider[c.provider] !== undefined) byProvider[c.provider]++;
+    if (c.health === 'healthy') healthy++;
+    else if (c.health === 'degraded' || c.health === 'unknown') degraded++;
+  }
+  const total = creds.filter(c => c.enabled !== false).length;
+  let teamCapacity = 'none';
+  if (healthy >= 4) teamCapacity = 'high';
+  else if (healthy >= 2) teamCapacity = 'medium';
+  else if (healthy >= 1) teamCapacity = 'low';
+  return { total, byProvider, healthy, degraded, teamCapacity };
+}
 // ---------------------------------------------------------------------------
 // CLI
 // ---------------------------------------------------------------------------
+// ---------------------------------------------------------------------------
+// Capability Manifest — single runtime view of all provider/subscription state
+// ---------------------------------------------------------------------------
+/** 60-second in-process cache for the manifest. */
+let _manifestCache = null;
+let _manifestCachedAt = 0;
+const MANIFEST_TTL_MS = 60_000;
+/**
+ * Build a normalized capability manifest that consolidates provider health,
+ * subscription config, user preferences, policy, and learning data.
+ *
+ * @param {string} [cwd]
+ * @returns {Promise<object>}
+ */
+export async function getCapabilityManifest(cwd = process.cwd()) {
+  const now = Date.now();
+  if (_manifestCache && now - _manifestCachedAt < MANIFEST_TTL_MS) {
+    return _manifestCache;
+  }
+  // ── Read orchestrator.json for subscription config ─────────────────────
+  let orchConfig = {};
+  try {
+    const orchPath = join(cwd, 'orchestrator.json');
+    orchConfig = JSON.parse(readFileSync(orchPath, 'utf8'));
+  } catch { /* missing or malformed — fall through */ }
+  const orchSubs   = orchConfig.subscriptions ?? {};
+  const orchProv   = orchConfig.providers     ?? {};
+  // ── Plan normalizer (orchestrator.json uses "$100", "max-5x", "pro" etc) ─
+  function normalizePlan(raw) {
+    if (!raw) return 'unknown';
+    const s = String(raw).toLowerCase();
+    if (s.includes('max') && s.includes('20')) return 'max20';
+    if (s.includes('max') && (s.includes('5') || s.includes('5x'))) return 'max5';
+    if (s.includes('pro')) return 'pro';
+    if (s.includes('plus')) return 'plus';
+    if (s === '$20' || s === '20') return 'pro';
+    if (s === '$100' || s === '100') return 'max5';
+    if (s === '$200' || s === '200') return 'max20';
+    return 'unknown';
+  }
+  // ── Health states ──────────────────────────────────────────────────────
+  let healthStates = {};
+  try {
+    const { getHealth } = await import('./health.mjs');
+    healthStates = getHealth(cwd).states ?? {};
+  } catch { /* health.mjs unavailable */ }
+  function deriveHealth(providerKey) {
+    // Aggregate across all model classes for the provider
+    const entries = Object.entries(healthStates)
+      .filter(([k]) => k.startsWith(providerKey + ':'))
+      .map(([, v]) => v?.status ?? 'healthy');
+    if (entries.length === 0) return 'healthy';
+    if (entries.some(s => s === 'hot'))      return 'rate-limited';
+    if (entries.some(s => s === 'degraded')) return 'degraded';
+    if (entries.some(s => s === 'probing'))  return 'degraded';
+    return 'healthy';
+  }
+  // ── Budget pressure from health file (simple proxy) ────────────────────
+  function deriveBudget(providerKey) {
+    const hotEntries = Object.entries(healthStates)
+      .filter(([k]) => k.startsWith(providerKey + ':'))
+      .filter(([, v]) => v?.status === 'hot');
+    if (hotEntries.length === 0) return { pressure5h: 0, pressure7d: 0 };
+    // Clamp to 0.9 when hot — we don't have real token data here
+    const pressure = Math.min(0.9, 0.5 + hotEntries.length * 0.15);
+    return { pressure5h: pressure, pressure7d: pressure * 0.6 };
+  }
+  // ── Credential registry (when available, overrides detection) ─────────
+  const _credData = loadCredentials(cwd);
+  const _hasCreds = _credData.credentials && _credData.credentials.length > 0;
+  // ── Claude provider ────────────────────────────────────────────────────
+  const claudeProvider = { available: false, authenticated: false, plan: 'unknown',
+    models: ['opus', 'sonnet', 'haiku'], health: 'healthy',
+    budget: { pressure5h: 0, pressure7d: 0 }, source: 'none' };
+  try {
+    // available: claude CLI or CLAUDE_CODE env or replit-tools claude dir
+    const claudeDir       = join(homedir(), '.claude');
+    const replitClaudeDir = join(cwd, '.replit-tools', '.claude-persistent');
+    if (process.env.CLAUDE_CODE || process.env.ANTHROPIC_API_KEY) {
+      claudeProvider.available = true;
+      claudeProvider.source    = process.env.ANTHROPIC_API_KEY ? 'env' : 'credentials';
+    } else if (existsSync(claudeDir) || existsSync(replitClaudeDir)) {
+      claudeProvider.available = true;
+      claudeProvider.source    = existsSync(replitClaudeDir) ? 'replit-tools' : 'credentials';
+    } else {
+      try { execSync('which claude', { stdio: 'pipe', timeout: 2000 }); claudeProvider.available = true; claudeProvider.source = 'credentials'; } catch { /* not found */ }
+    }
+    // authenticated: use getAuthHealthStatus
+    const { getAuthHealthStatus } = await import('./health.mjs');
+    const authStatus = await getAuthHealthStatus(cwd);
+    claudeProvider.authenticated = authStatus.ok;
+    if (authStatus.source === 'replit-tools') claudeProvider.source = 'replit-tools';
+  } catch { /* getAuthHealthStatus unavailable */ }
+  claudeProvider.plan   = normalizePlan(orchProv.claude?.subscription ?? orchSubs.claude?.plan);
+  claudeProvider.health = claudeProvider.authenticated ? deriveHealth('claude') : 'down';
+  claudeProvider.budget = deriveBudget('claude');
+  // Override with registry data when credentials.json exists
+  if (_hasCreds) {
+    const claudeCreds = _credData.credentials.filter(c => c.provider === 'claude' && c.enabled !== false);
+    if (claudeCreds.length > 0) {
+      claudeProvider.available    = true;
+      claudeProvider.authenticated = claudeCreds.some(c => c.health === 'healthy');
+      claudeProvider.health = claudeCreds.some(c => c.health === 'healthy') ? deriveHealth('claude')
+        : claudeCreds.some(c => c.health === 'degraded') ? 'degraded' : 'down';
+      const planHint = claudeCreds.find(c => c.plan_hint)?.plan_hint;
+      if (planHint) claudeProvider.plan = normalizePlan(planHint);
+      claudeProvider.source = claudeCreds[0].source;
+    }
+  }
+  // ── OpenAI provider ────────────────────────────────────────────────────
+  const openaiProvider = { available: false, authenticated: false, plan: 'unknown',
+    models: ['gpt-5.5', 'o3', 'gpt-4o', 'gpt-4o-mini'], health: 'healthy',
+    budget: { pressure5h: 0, pressure7d: 0 }, source: 'none' };
+  try {
+    let hasSecret = false;
+    try { const { hasSecret: hs } = await import('./replit.mjs'); hasSecret = hs('OPENAI_API_KEY'); } catch { hasSecret = !!(process.env.OPENAI_API_KEY); }
+    let codexAvailable = false;
+    try { execSync('which codex', { stdio: 'pipe', timeout: 2000 }); codexAvailable = true; } catch { /* not in PATH */ }
+    openaiProvider.available      = hasSecret || codexAvailable;
+    openaiProvider.authenticated  = hasSecret;
+    openaiProvider.source         = hasSecret ? 'env' : codexAvailable ? 'codex-config' : 'none';
+  } catch { /* detection failed */ }
+  openaiProvider.plan   = normalizePlan(orchProv.openai?.subscription ?? orchSubs.openai?.plan);
+  openaiProvider.health = openaiProvider.authenticated ? deriveHealth('openai') : 'down';
+  openaiProvider.budget = deriveBudget('openai');
+  // Override with registry data when credentials.json exists
+  if (_hasCreds) {
+    const openaiCreds = _credData.credentials.filter(c => c.provider === 'openai' && c.enabled !== false);
+    if (openaiCreds.length > 0) {
+      openaiProvider.available    = true;
+      openaiProvider.authenticated = openaiCreds.some(c => c.health === 'healthy');
+      openaiProvider.health = openaiCreds.some(c => c.health === 'healthy') ? deriveHealth('openai')
+        : openaiCreds.some(c => c.health === 'degraded') ? 'degraded' : 'down';
+      const planHint = openaiCreds.find(c => c.plan_hint)?.plan_hint;
+      if (planHint) openaiProvider.plan = normalizePlan(planHint);
+      openaiProvider.source = openaiCreds[0].source;
+    }
+  }
+  // ── Preferences ────────────────────────────────────────────────────────
+  let preferences = { bias: 'auto', forbiddenModels: [], preferredModels: [],
+    costBias: 0.5, confirmBeforeExpensive: false };
+  try {
+    const profile = loadProfile(cwd);
+    const bias = profile.bias ?? profile.workStyle ?? 'auto';
+    preferences.bias = ['auto','balanced','cost-saver','quality-first'].includes(bias) ? bias : 'auto';
+    preferences.forbiddenModels    = profile.forbiddenModels  ?? [];
+    preferences.preferredModels    = profile.preferredModels  ?? [];
+    preferences.costBias           = profile.costBias         ?? (bias === 'cost-saver' ? 0.8 : bias === 'quality-first' ? 0.1 : 0.5);
+    preferences.confirmBeforeExpensive = profile.apiGuardrail ?? false;
+  } catch { /* profile unavailable */ }
+  // ── Policy ─────────────────────────────────────────────────────────────
+  const policy = {
+    highRiskRequiresBestAvailable: true,
+    failoverMode: 'tell',
+    dualBrainThreshold: 'high',
+  };
+  // ── Learning ───────────────────────────────────────────────────────────
+  let learning = {};
+  try {
+    const { getModelSuccessRates } = await import('./doctor.mjs');
+    learning = getModelSuccessRates(cwd);
+  } catch { /* doctor.mjs unavailable */ }
+  // ── Setup summary ──────────────────────────────────────────────────────
+  const hasAnyProvider = (claudeProvider.available && claudeProvider.authenticated) ||
+                         (openaiProvider.available && openaiProvider.authenticated);
+  let recommendedAction = null;
+  if (!claudeProvider.available && !openaiProvider.available) {
+    recommendedAction = 'connect-claude';
+  } else if (!claudeProvider.authenticated && !openaiProvider.authenticated) {
+    recommendedAction = 'refresh-auth';
+  } else if (!openaiProvider.available) {
+    recommendedAction = 'connect-openai';
+  }
+  const manifest = {
+    providers: { claude: claudeProvider, openai: openaiProvider },
+    preferences,
+    policy,
+    learning,
+    setup: {
+      hasAnyProvider,
+      recommendedAction,
+      zeroProviderMode: !hasAnyProvider,
+    },
+    timestamp: new Date().toISOString(),
+  };
+  _manifestCache    = manifest;
+  _manifestCachedAt = now;
+  return manifest;
+}
+/**
+ * Compute the effective routing policy for a specific task, applying rules in order:
+ * 1. Safety constraints (high-risk → best available model)
+ * 2. Provider availability
+ * 3. Task tier fit (search→haiku, execute→sonnet, think→opus)
+ * 4. User preferences (cost bias, forbidden models)
+ * 5. Learning (prefer models with ≥90% success rate for this task type)
+ *
+ * @param {object} manifest — from getCapabilityManifest()
+ * @param {{ tier?: string, risk?: string, taskType?: string }} taskContext
+ * @returns {{ provider: string, model: string, tier: string, reason: string, overrides: string[] }}
+ */
+export function getEffectivePolicy(manifest, taskContext = {}) {
+  const { providers, preferences, policy, learning } = manifest;
+  const tier     = taskContext.tier     ?? 'execute';
+  const risk     = taskContext.risk     ?? 'medium';
+  const taskType = taskContext.taskType ?? 'general';
+  const overrides = [];
+  // Tier → default model mapping
+  const tierModelMap = { search: 'haiku', execute: 'sonnet', think: 'opus' };
+  let preferredModel    = tierModelMap[tier] ?? 'sonnet';
+  let preferredProvider = 'claude';
+  // 1. Safety: high/critical risk → best available model
+  if (policy.highRiskRequiresBestAvailable && (risk === 'high' || risk === 'critical')) {
+    preferredModel = 'opus';
+    overrides.push(`risk=${risk} → upgraded to opus`);
+  }
+  // 2. Provider availability — fall back to openai if claude is down
+  const claudeOk = providers.claude.available && providers.claude.authenticated &&
+                   providers.claude.health !== 'down';
+  const openaiOk = providers.openai.available && providers.openai.authenticated &&
+                   providers.openai.health !== 'down';
+  if (!claudeOk && openaiOk) {
+    preferredProvider = 'openai';
+    // Remap model names for openai
+    const openaiTierMap = { search: 'gpt-4o-mini', execute: 'gpt-4o', think: 'gpt-5.5' };
+    preferredModel = risk === 'high' || risk === 'critical' ? 'gpt-5.5' : (openaiTierMap[tier] ?? 'gpt-4o');
+    overrides.push('claude unavailable → routed to openai');
+  } else if (!claudeOk && !openaiOk) {
+    return { provider: 'none', model: 'none', tier, reason: 'no providers available', overrides };
+  }
+  // 3. Task fit already applied via tierModelMap above
+  // 4. User preferences: forbidden models, cost bias
+  const forbidden = preferences.forbiddenModels ?? [];
+  if (forbidden.includes(preferredModel)) {
+    // Downgrade one step
+    const fallback = preferredProvider === 'claude'
+      ? (preferredModel === 'opus' ? 'sonnet' : 'haiku')
+      : (preferredModel === 'gpt-5.5' ? 'gpt-4o' : 'gpt-4o-mini');
+    overrides.push(`${preferredModel} forbidden → downgraded to ${fallback}`);
+    preferredModel = fallback;
+  }
+  if (preferences.costBias > 0.7 && preferredModel === 'opus' && risk !== 'high' && risk !== 'critical') {
+    preferredModel = 'sonnet';
+    overrides.push('cost-bias > 0.7 → downgraded from opus to sonnet');
+  }
+  // 5. Learning: if another model has ≥90% success for this task type, prefer it
+  const successRates = learning ?? {};
+  let bestLearnedModel = null;
+  let bestRate = 0.9; // threshold
+  for (const [model, stats] of Object.entries(successRates)) {
+    if (stats.rate >= bestRate && stats.total >= 5 && !forbidden.includes(model)) {
+      // Only prefer if it's on the right provider
+      const isClaudeModel = ['opus', 'sonnet', 'haiku'].includes(model);
+      if ((preferredProvider === 'claude' && isClaudeModel) ||
+          (preferredProvider === 'openai' && !isClaudeModel)) {
+        bestLearnedModel = model;
+        bestRate = stats.rate;
+      }
+    }
+  }
+  if (bestLearnedModel && bestLearnedModel !== preferredModel) {
+    overrides.push(`learning: ${bestLearnedModel} has ${Math.round(bestRate * 100)}% success → preferred`);
+    preferredModel = bestLearnedModel;
+  }
+  const reason = overrides.length > 0
+    ? overrides[0]
+    : `tier=${tier} → ${preferredProvider}/${preferredModel}`;
+  return { provider: preferredProvider, model: preferredModel, tier, reason, overrides };
+}
 async function main() {
   const args = process.argv.slice(2);
   const cwd  = process.cwd();
@@ -887,4 +1411,5 @@ export {
   // backward-compat stubs (deprecated)
   detectExistingAuth, detectPlans, saveSubscription, listSubscriptions,
   defaultProfile,
+  // credential registry (functions already exported inline above)
 };