eagle-mem 4.12.1 → 4.13.1

package/lib/common.sh

@@ -456,7 +456,9 @@ eagle_get_session_project_light() {
 
     local sid_sql project
     sid_sql=$(eagle_sql_escape "$session_id")
-    project=$("$sqlite_bin" "$EAGLE_MEM_DB" "SELECT project FROM sessions WHERE id = '$sid_sql' AND project != '' LIMIT 1;" 2>/dev/null | awk 'NF { print; exit }')
+    # busy_timeout so a momentary SQLITE_BUSY waits for the lock instead of
+    # exiting non-zero and being misread as "session has no project" (fail-open).
+    project=$("$sqlite_bin" "$EAGLE_MEM_DB" "PRAGMA busy_timeout=10000; SELECT project FROM sessions WHERE id = '$sid_sql' AND project != '' LIMIT 1;" 2>/dev/null | awk 'NF { print; exit }')
     [ -n "$project" ] || return 1
     printf '%s\n' "$project"
 }
@@ -465,6 +467,13 @@ eagle_project_has_table_row() {
     local table="${1:-}"
     local project="${2:-}"
     [ -n "$table" ] && [ -n "$project" ] || return 1
+    # The table name is interpolated raw (SQLite cannot bind identifiers), so
+    # allowlist the only callers' tables. Reject anything else rather than risk
+    # identifier injection if a future caller passes a non-constant.
+    case "$table" in
+        agent_memories|summaries|observations|agent_tasks|agent_plans|sessions) ;;
+        *) return 1 ;;
+    esac
     local sqlite_bin
     sqlite_bin=$(eagle_sqlite_path)
     [ -n "$sqlite_bin" ] || return 1
@@ -472,7 +481,9 @@ eagle_project_has_table_row() {
 
     local project_sql found
     project_sql=$(eagle_sql_escape "$project")
-    found=$("$sqlite_bin" "$EAGLE_MEM_DB" "SELECT 1 FROM $table WHERE project = '$project_sql' LIMIT 1;" 2>/dev/null | awk 'NF { print; exit }')
+    # busy_timeout so a momentary SQLITE_BUSY waits for the lock instead of
+    # exiting non-zero and being misread as "row doesn't exist" (fail-open).
+    found=$("$sqlite_bin" "$EAGLE_MEM_DB" "PRAGMA busy_timeout=10000; SELECT 1 FROM $table WHERE project = '$project_sql' LIMIT 1;" 2>/dev/null | awk 'NF { print; exit }')
     [ "$found" = "1" ]
 }
 
@@ -1103,6 +1114,62 @@ eagle_read_guard_block_threshold() {
     printf '%s\n' "$threshold"
 }
 
+# Generous ceiling (chars) on the recall body SessionStart injects. Typical
+# recall is a few KB; this only clips pathological projects (huge/many
+# summaries, lanes, etc.). It is NOT meant to shrink normal output. Default
+# 24000 chars (~6K tokens).
+eagle_sessionstart_inject_budget() {
+    local budget
+    if declare -F eagle_config_get >/dev/null 2>&1; then
+        budget=$(eagle_config_get "context_budget" "sessionstart_chars" "24000")
+    else
+        budget=$(eagle_config_get_light "context_budget" "sessionstart_chars" "24000")
+    fi
+    case "$budget" in *[!0-9]*|"") budget=24000 ;; esac
+    # Refuse a self-defeating tiny budget; floor keeps the top sections intact.
+    [ "$budget" -lt 4000 ] 2>/dev/null && budget=4000
+    printf '%s\n' "$budget"
+}
+
+# Trim a SessionStart recall body to a char budget by dropping whole
+# "=== Eagle Mem: ..." sections from the END (lowest priority appended last)
+# until the body fits. The body is passed on stdin; trimmed body is printed on
+# stdout; the count of dropped sections is printed on fd 3 if open, else to
+# the EAGLE_INJECT_TRIM_COUNT file when set. Sections are never split — a
+# section is kept whole or dropped whole, so no surface is half-emitted.
+eagle_trim_inject_body() {
+    local budget="$1"
+    local body; body=$(cat)
+    local dropped=0
+
+    if [ "${#body}" -le "$budget" ] 2>/dev/null; then
+        printf '%s' "$body"
+        [ -n "${EAGLE_INJECT_TRIM_COUNT:-}" ] && printf '0' > "$EAGLE_INJECT_TRIM_COUNT" 2>/dev/null
+        return 0
+    fi
+
+    # Iteratively remove the last "=== Eagle Mem:" section (and everything
+    # after it) until we fit or only the first section remains.
+    while [ "${#body}" -gt "$budget" ] 2>/dev/null; do
+        # Byte offset of the last section header.
+        local last_idx="${body##*=== Eagle Mem:}"
+        # No (more) section headers, or only one section left → stop trimming.
+        if [ "$last_idx" = "$body" ]; then
+            break
+        fi
+        local head="${body%=== Eagle Mem:*}"
+        # If trimming would leave nothing, keep at least the first section.
+        case "$head" in
+            *"=== Eagle Mem:"*) body="$head"; dropped=$((dropped + 1)) ;;
+            *) break ;;
+        esac
+    done
+
+    printf '%s' "$body"
+    [ -n "${EAGLE_INJECT_TRIM_COUNT:-}" ] && printf '%s' "$dropped" > "$EAGLE_INJECT_TRIM_COUNT" 2>/dev/null
+    return 0
+}
+
 eagle_raw_output_command_needs_guard() {
     local cmd="$1"
     local first
@@ -1378,8 +1445,32 @@ eagle_read_stdin() {
 # Redact secrets from text before storage.
 # Covers: Bearer tokens, API keys, passwords, secrets, tokens,
 # Stripe/AWS/GitHub/Anthropic/OpenAI key patterns, named env vars.
+# Read configured [redaction] extra_patterns (TOML array) into a list of regexes,
+# one per line. Parses `extra_patterns = ["A.*", "B-[0-9]+"]` from config.toml.
+# Lines beginning with '#' (the commented default) are ignored by the config reader.
+eagle_redaction_extra_patterns() {
+    local raw
+    if declare -F eagle_config_get >/dev/null 2>&1; then
+        raw=$(eagle_config_get "redaction" "extra_patterns" "" 2>/dev/null)
+    else
+        raw=$(eagle_config_get_light "redaction" "extra_patterns" "" 2>/dev/null)
+    fi
+    [ -n "$raw" ] || return 0
+    # Strip surrounding [ ] brackets, then extract each double/single-quoted
+    # pattern. Using awk avoids splitting on commas that appear inside a regex
+    # character class (e.g. [A-Z,0-9]).
+    printf '%s' "$raw" \
+        | sed -E 's/^[[:space:]]*\[//; s/\][[:space:]]*$//' \
+        | grep -oE '"[^"]*"|'"'"'[^'"'"']*'"'"'' \
+        | sed -E 's/^["'"'"']//; s/["'"'"']$//' \
+        | while IFS= read -r pat; do
+            [ -n "$pat" ] && printf '%s\n' "$pat"
+        done
+}
+
 eagle_redact() {
-    sed -E \
+    local _redacted
+    _redacted=$(sed -E \
         -e 's/(Bearer )[^[:space:],;"'"'"']*/\1[REDACTED]/gi' \
         -e 's/(api[_-]?key[= :])[^[:space:],;"'"'"']*/\1[REDACTED]/gi' \
         -e 's/(password[= :])[^[:space:],;"'"'"']*/\1[REDACTED]/gi' \
@@ -1407,7 +1498,16 @@ eagle_redact() {
         -e 's/(OPENAI_API_KEY[= :])[^[:space:],;"'"'"']*/\1[REDACTED]/g' \
         -e 's/(GOOGLE_API_KEY[= :])[^[:space:],;"'"'"']*/\1[REDACTED]/g' \
         -e 's/(SLACK_TOKEN[= :])[^[:space:],;"'"'"']*/\1[REDACTED]/g' \
-        -e 's/(DATABASE_URL[= :])[^[:space:],;"'"'"']*/\1[REDACTED]/g'
+        -e 's/(DATABASE_URL[= :])[^[:space:],;"'"'"']*/\1[REDACTED]/g')
+
+    # Apply user-configured extra patterns (if any) on top of the built-in set.
+    local pat
+    while IFS= read -r pat; do
+        [ -n "$pat" ] || continue
+        _redacted=$(printf '%s' "$_redacted" | sed -E "s/${pat}/[REDACTED]/g" 2>/dev/null) || true
+    done < <(eagle_redaction_extra_patterns)
+
+    printf '%s\n' "$_redacted"
 }
 
 # Collect project files into a destination file.

package/lib/db-core.sh

@@ -14,6 +14,13 @@ PRAGMA foreign_keys=ON;
 PRAGMA trusted_schema=ON;
 .output stdout"
 
+# eagle_db — CONTRACT: continue-on-error (NO `.bail on`). When passed
+# multi-statement SQL, sqlite3 runs every statement even if an earlier one
+# errors. Many callers depend on this best-effort behavior (e.g. probing for a
+# table then querying it, or fire-and-forget multi-table writes). The return
+# code reflects sqlite3's exit status (non-zero if the LAST statement failed),
+# and any stderr is mirrored to the log. If you need fail-fast atomicity across
+# statements, use eagle_db_strict (or eagle_db_pipe, which also sets `.bail on`).
 eagle_db() {
     local _eagle_sqlite_bin
     _eagle_sqlite_bin=$(eagle_sqlite_path)
@@ -31,6 +38,27 @@ eagle_db() {
     return $_eagle_db_rc
 }
 
+# eagle_db_strict — same as eagle_db but with `.bail on`, so a multi-statement
+# script aborts on the FIRST error instead of continuing. Use for fail-fast
+# transactions (BEGIN/.../COMMIT) where a mid-script error must not commit a
+# partially-applied result. Single-statement callers can use either function.
+eagle_db_strict() {
+    local _eagle_sqlite_bin
+    _eagle_sqlite_bin=$(eagle_sqlite_path)
+    [ -n "$_eagle_sqlite_bin" ] || return 1
+    local _eagle_db_err
+    _eagle_db_err=$(mktemp 2>/dev/null || echo "/tmp/_eagle_db_strict_err.$$")
+    local _eagle_db_out
+    _eagle_db_out=$({ echo "$EAGLE_DB_SETUP"; echo ".bail on"; echo "$*"; } | "$_eagle_sqlite_bin" "$EAGLE_MEM_DB" 2>"$_eagle_db_err")
+    local _eagle_db_rc=$?
+    if [ -s "$_eagle_db_err" ]; then
+        cat "$_eagle_db_err" >> "$EAGLE_MEM_LOG" 2>/dev/null
+    fi
+    rm -f "$_eagle_db_err" 2>/dev/null
+    [ -n "$_eagle_db_out" ] && printf '%s\n' "$_eagle_db_out"
+    return $_eagle_db_rc
+}
+
 eagle_db_pipe() {
     local _eagle_sqlite_bin
     _eagle_sqlite_bin=$(eagle_sqlite_path)

package/lib/db-events.sh

@@ -41,6 +41,19 @@ eagle_insert_event() {
               );" >/dev/null 2>&1 || true
 }
 
+# eagle_events is hook-observability telemetry written on every hook fire, so it
+# grows much faster than any user-data table and was previously never pruned.
+# Bound it by age at SessionEnd (mirrors eagle_prune_observations).
+eagle_prune_events() {
+    local days; days=$(eagle_sql_int "${1:-30}")
+    local project_filter=""
+    if [ -n "${2:-}" ]; then
+        local proj; proj=$(eagle_sql_escape "$2")
+        project_filter="AND project = '$proj'"
+    fi
+    eagle_db "DELETE FROM eagle_events WHERE created_at < strftime('%Y-%m-%dT%H:%M:%fZ', 'now', '-$days days') $project_filter;" >/dev/null 2>&1 || true
+}
+
 eagle_hook_observability_begin() {
     local input="$1"
     local default_hook="$2"

package/lib/db-observations.sh

@@ -24,7 +24,13 @@ eagle_insert_observation() {
         extra_vals=", $(eagle_sql_int "$output_bytes"), $(eagle_sql_int "$output_lines"), '$command_category'"
     fi
 
-    eagle_db "INSERT INTO observations (session_id, project, agent, tool_name, tool_input_summary, files_read, files_modified${extra_cols})
+    # BEGIN IMMEDIATE serializes the check-then-insert under the write lock so
+    # two concurrent hooks can't both pass NOT EXISTS and double-insert (the
+    # second blocks via busy_timeout, then sees the first row). Without it the
+    # 5-second dedup window is racy. eagle_db_strict (.bail on) ensures a failed
+    # INSERT aborts before COMMIT so the transaction rolls back cleanly.
+    eagle_db_strict "BEGIN IMMEDIATE;
+              INSERT INTO observations (session_id, project, agent, tool_name, tool_input_summary, files_read, files_modified${extra_cols})
               SELECT '$session_id', '$project', '$agent', '$tool_name', '$tool_input_summary', '$files_read', '$files_modified'${extra_vals}
               WHERE NOT EXISTS (
                   SELECT 1 FROM observations
@@ -32,7 +38,8 @@ eagle_insert_observation() {
                   AND tool_name = '$tool_name'
                   AND tool_input_summary = '$tool_input_summary'
                   AND created_at > strftime('%Y-%m-%dT%H:%M:%fZ', 'now', '-5 seconds')
-              );"
+              );
+              COMMIT;"
 }
 
 eagle_insert_recall_event() {
@@ -40,7 +47,7 @@ eagle_insert_recall_event() {
     local project; project=$(eagle_sql_escape "${2:-}")
     local cwd; cwd=$(eagle_sql_escape "${3:-}")
     local agent; agent=$(eagle_sql_escape "${4:-$(eagle_agent_source)}")
-    local prompt_snippet; prompt_snippet=$(eagle_sql_escape "$(eagle_trim_text "${5:-}" 240)")
+    local prompt_snippet; prompt_snippet=$(eagle_sql_escape "$(eagle_trim_text "${5:-}" 240 | eagle_redact)")
     local fts_query; fts_query=$(eagle_sql_escape "${6:-}")
     local summary_matches; summary_matches=$(eagle_sql_int "${7:-0}")
     local memory_matches; memory_matches=$(eagle_sql_int "${8:-0}")

package/lib/db-sessions.sh

@@ -53,7 +53,12 @@ eagle_upsert_session() {
     fi
 
     if [ "$needs_project_repair" = "1" ]; then
-        eagle_db_pipe <<SQL >/dev/null 2>&1
+        # Capture rc instead of >/dev/null 2>&1 swallowing it: a failed repair
+        # must be distinguishable from success. eagle_db_pipe (.bail on) already
+        # mirrors sqlite stderr to EAGLE_MEM_LOG; we additionally log a clear
+        # marker so a half-applied repair is greppable. Happy path is unchanged.
+        local _repair_rc
+        eagle_db_pipe >/dev/null <<SQL
 BEGIN;
 UPDATE summaries SET project = '$project' WHERE session_id = '$session_id' AND project != '$project';
 UPDATE observations SET project = '$project' WHERE session_id = '$session_id' AND project != '$project';
@@ -146,6 +151,10 @@ UPDATE pending_feature_verifications SET project = '$project' WHERE source_sessi
 UPDATE sessions SET project = '$project' WHERE id = '$session_id' AND project != '$project';
 COMMIT;
 SQL
+        _repair_rc=$?
+        if [ "$_repair_rc" -ne 0 ]; then
+            eagle_log "ERROR" "session project repair failed (rc=$_repair_rc) session=$session_id_raw project=$project_raw — child rows may remain under a stale project key; see prior sqlite errors in this log"
+        fi
     fi
 }
 

package/lib/db-summaries.sh

@@ -42,7 +42,10 @@ VALUES (
     '$capture_source'
 )
 ON CONFLICT(session_id) DO UPDATE SET
-    project        = excluded.project,
+    project        = CASE
+                        WHEN summaries.capture_source = 'agent' THEN summaries.project
+                        ELSE excluded.project
+                     END,
     agent          = COALESCE(NULLIF(excluded.agent, ''), summaries.agent),
     request        = COALESCE(NULLIF(excluded.request, ''), summaries.request),
     investigated   = COALESCE(NULLIF(excluded.investigated, ''), summaries.investigated),

package/lib/hooks-sessionstart.sh

@@ -31,6 +31,17 @@ _eagle_state_touch() {
     touch "$state_file"
 }
 
+# In-flight markers debounce concurrent SessionStart spawns WITHOUT doubling as
+# the freshness marker. The freshness marker ("$key") is touched ONLY by the
+# background job on genuine success, so a job that crashes, is killed, or exits 0
+# without producing output never blocks retry for a full day — it leaves at most
+# a short-lived in-flight marker that ages out in minutes. Checked in minutes.
+_eagle_state_inflight_fresh() {
+    local key="$1" project="$2" max_age_min="${3:-15}"
+    local state_file; state_file=$(_eagle_state_file "${key}-inflight" "$project")
+    [ -f "$state_file" ] && [ -z "$(find "$state_file" -mmin +"${max_age_min}" 2>/dev/null)" ]
+}
+
 eagle_sessionstart_auto_provision() {
     local project="$1" cwd="$2" scripts_dir="$3"
     local needs_scan=false needs_index=false
@@ -38,7 +49,7 @@ eagle_sessionstart_auto_provision() {
     # Auto-scan: no overview exists
     local overview
     overview=$(eagle_get_overview "$project")
-    if [ -z "$overview" ] && ! _eagle_state_fresh "scan" "$project" 1; then
+    if [ -z "$overview" ] && ! _eagle_state_fresh "scan" "$project" 1 && ! _eagle_state_inflight_fresh "scan" "$project" 15; then
         needs_scan=true
     fi
 
@@ -46,22 +57,25 @@ eagle_sessionstart_auto_provision() {
     local chunk_count
     chunk_count=$(eagle_db "SELECT COUNT(*) FROM code_chunks WHERE project = '$(eagle_sql_escape "$project")';" 2>/dev/null)
     chunk_count=${chunk_count:-0}
-    if [ "$chunk_count" -eq 0 ] && ! _eagle_state_fresh "index" "$project" 1; then
+    if [ "$chunk_count" -eq 0 ] && ! _eagle_state_fresh "index" "$project" 1 && ! _eagle_state_inflight_fresh "index" "$project" 15; then
         needs_index=true
-    elif [ "$chunk_count" -gt 0 ] && ! _eagle_state_fresh "index" "$project" 7; then
+    elif [ "$chunk_count" -gt 0 ] && ! _eagle_state_fresh "index" "$project" 7 && ! _eagle_state_inflight_fresh "index" "$project" 15; then
         needs_index=true
     fi
 
     if [ "$needs_scan" = true ] && [ "$needs_index" = true ]; then
         eagle_log "INFO" "SessionStart: first-session provision — scan then index"
-        _eagle_state_touch "scan" "$project"
-        _eagle_state_touch "index" "$project"
+        _eagle_state_touch "scan-inflight" "$project"
+        _eagle_state_touch "index-inflight" "$project"
         scan_state=$(_eagle_state_file "scan" "$project")
+        scan_inflight=$(_eagle_state_file "scan-inflight" "$project")
         index_state=$(_eagle_state_file "index" "$project")
+        index_inflight=$(_eagle_state_file "index-inflight" "$project")
         nohup bash -c '
-            scripts_dir="$1"; cwd="$2"; log="$3"; scan_state="$4"; index_state="$5"
+            scripts_dir="$1"; cwd="$2"; log="$3"; scan_state="$4"; scan_inflight="$5"; index_state="$6"; index_inflight="$7"
             bash "$scripts_dir/scan.sh" "$cwd" >> "$log" 2>&1
             scan_rc=$?
+            rm -f "$scan_inflight" 2>/dev/null || true
             if [ "$scan_rc" -eq 0 ]; then
                 touch "$scan_state" 2>/dev/null || true
             else
@@ -71,6 +85,7 @@ eagle_sessionstart_auto_provision() {
 
             bash "$scripts_dir/index.sh" "$cwd" >> "$log" 2>&1
             index_rc=$?
+            rm -f "$index_inflight" 2>/dev/null || true
             if [ "$index_rc" -eq 0 ]; then
                 touch "$index_state" 2>/dev/null || true
             else
@@ -80,15 +95,17 @@ eagle_sessionstart_auto_provision() {
 
             [ "$scan_rc" -eq 0 ] && exit "$index_rc"
             exit "$scan_rc"
-        ' eagle-auto "$scripts_dir" "$cwd" "$EAGLE_MEM_LOG" "$scan_state" "$index_state" &
+        ' eagle-auto "$scripts_dir" "$cwd" "$EAGLE_MEM_LOG" "$scan_state" "$scan_inflight" "$index_state" "$index_inflight" &
     elif [ "$needs_scan" = true ]; then
         eagle_log "INFO" "SessionStart: auto-scan triggered"
-        _eagle_state_touch "scan" "$project"
+        _eagle_state_touch "scan-inflight" "$project"
         scan_state=$(_eagle_state_file "scan" "$project")
+        scan_inflight=$(_eagle_state_file "scan-inflight" "$project")
         nohup bash -c '
-            scripts_dir="$1"; cwd="$2"; log="$3"; scan_state="$4"
+            scripts_dir="$1"; cwd="$2"; log="$3"; scan_state="$4"; scan_inflight="$5"
             bash "$scripts_dir/scan.sh" "$cwd" >> "$log" 2>&1
             rc=$?
+            rm -f "$scan_inflight" 2>/dev/null || true
             if [ "$rc" -eq 0 ]; then
                 touch "$scan_state" 2>/dev/null || true
             else
@@ -96,15 +113,17 @@ eagle_sessionstart_auto_provision() {
                 printf "[%s] [ERROR] SessionStart: auto-scan failed rc=%s\n" "$(date -u +%Y-%m-%dT%H:%M:%SZ)" "$rc" >> "$log" 2>/dev/null || true
             fi
             exit "$rc"
-        ' eagle-auto "$scripts_dir" "$cwd" "$EAGLE_MEM_LOG" "$scan_state" &
+        ' eagle-auto "$scripts_dir" "$cwd" "$EAGLE_MEM_LOG" "$scan_state" "$scan_inflight" &
     elif [ "$needs_index" = true ]; then
         eagle_log "INFO" "SessionStart: auto-index triggered"
-        _eagle_state_touch "index" "$project"
+        _eagle_state_touch "index-inflight" "$project"
         index_state=$(_eagle_state_file "index" "$project")
+        index_inflight=$(_eagle_state_file "index-inflight" "$project")
         nohup bash -c '
-            scripts_dir="$1"; cwd="$2"; log="$3"; index_state="$4"
+            scripts_dir="$1"; cwd="$2"; log="$3"; index_state="$4"; index_inflight="$5"
             bash "$scripts_dir/index.sh" "$cwd" >> "$log" 2>&1
             rc=$?
+            rm -f "$index_inflight" 2>/dev/null || true
             if [ "$rc" -eq 0 ]; then
                 touch "$index_state" 2>/dev/null || true
             else
@@ -112,7 +131,7 @@ eagle_sessionstart_auto_provision() {
                 printf "[%s] [ERROR] SessionStart: auto-index failed rc=%s\n" "$(date -u +%Y-%m-%dT%H:%M:%SZ)" "$rc" >> "$log" 2>/dev/null || true
             fi
             exit "$rc"
-        ' eagle-auto "$scripts_dir" "$cwd" "$EAGLE_MEM_LOG" "$index_state" &
+        ' eagle-auto "$scripts_dir" "$cwd" "$EAGLE_MEM_LOG" "$index_state" "$index_inflight" &
     fi
 }
 

package/lib/hooks.sh

@@ -100,3 +100,40 @@ eagle_patch_hook() {
     [ -n "$description" ] && eagle_ok "$description"
     return 0
 }
+
+# Register (idempotently) the full Claude Code hook set into a settings.json.
+# Single source of truth for the event→matcher→script mapping so install.sh and
+# update.sh can never drift (the historical bug class). Requires $EAGLE_MEM_DIR.
+#   $1 = settings.json path
+#   $2 = "verbose" to print a "✓ <Event> hook" line per registration (installer);
+#        omitted/anything else = quiet (updater prints its own summary line).
+eagle_register_claude_hooks() {
+    local settings="$1"
+    local V=""
+    [ "${2:-}" = "verbose" ] && V=1
+
+    # Clean old registrations before re-registering (handles matcher changes across versions).
+    eagle_clean_hook_entries "$settings" "Stop" "$EAGLE_MEM_DIR/hooks/stop.sh"
+    eagle_clean_hook_entries "$settings" "PostToolUse" "$EAGLE_MEM_DIR/hooks/post-tool-use.sh"
+    eagle_clean_hook_entries "$settings" "PreToolUse" "$EAGLE_MEM_DIR/hooks/pre-tool-use.sh"
+
+    # ${V:+label} expands to the label only in verbose mode; otherwise to "",
+    # which makes eagle_patch_hook silent (it only prints when given a description).
+    eagle_patch_hook "$settings" "SessionStart" "" "$EAGLE_MEM_DIR/hooks/session-start.sh" "${V:+SessionStart hook}"
+    eagle_patch_hook "$settings" "Stop" "" "bash \"$EAGLE_MEM_DIR/hooks/stop.sh\"" "${V:+Stop hook}"
+    eagle_patch_hook "$settings" "PostToolUse" "Read|Write|Edit|Bash|TaskUpdate" "$EAGLE_MEM_DIR/hooks/post-tool-use.sh" "${V:+PostToolUse hook}"
+    eagle_patch_hook "$settings" "TaskCreated" "" "$EAGLE_MEM_DIR/hooks/post-tool-use.sh" "${V:+TaskCreated hook}"
+    eagle_patch_hook "$settings" "TaskCompleted" "" "$EAGLE_MEM_DIR/hooks/post-tool-use.sh" "${V:+TaskCompleted hook}"
+    eagle_patch_hook "$settings" "SessionEnd" "" "$EAGLE_MEM_DIR/hooks/session-end.sh" "${V:+SessionEnd hook}"
+    eagle_patch_hook "$settings" "UserPromptSubmit" "" "$EAGLE_MEM_DIR/hooks/user-prompt-submit.sh" "${V:+UserPromptSubmit hook}"
+    eagle_patch_hook "$settings" "PreToolUse" "Bash|Read|Edit|Write" "$EAGLE_MEM_DIR/hooks/pre-tool-use.sh" "${V:+PreToolUse hook}"
+
+    # Allow agent-issued session capture to run without a permission prompt.
+    if eagle_patch_permission_allow "$settings" "Bash(eagle-mem session save:*)"; then
+        [ -n "$V" ] && eagle_ok "Capture permission ${DIM}(eagle-mem session save)${RESET}"
+    fi
+    # Explicit success: the trailing conditional above evaluates false in quiet
+    # mode (V empty), which would otherwise make this function return 1 and abort
+    # a `set -e` caller (update.sh) right after a fully successful registration.
+    return 0
+}

package/lib/provider.sh

@@ -173,6 +173,12 @@ claude_model = ""
 route = "opposite"
 auto_worktree = "true"
 worktree_root = ""
+# worker_autonomy: "safe" (default) runs spawned workers with a sandbox and an
+# approval/permission gate. "danger" runs them with full filesystem access and
+# no approvals (codex --sandbox danger-full-access, claude --permission-mode
+# dontAsk). Only enable "danger" when you trust the lane descriptions, since
+# worker prompts are assembled from DB-stored lane text.
+worker_autonomy = "safe"
 codex_worker_model = "gpt-5.5"
 codex_worker_effort = "xhigh"
 claude_worker_model = "claude-opus-4-7"
@@ -561,6 +567,8 @@ _eagle_call_claude_cli() {
 
     local _had_errexit=0
     case "$-" in *e*) _had_errexit=1; set +e ;; esac
+    # Pass the prompt via stdin (not argv) so secrets in the prompt are not
+    # visible in `ps`, matching the Codex provider path above.
     if [ -n "$model" ]; then
         EAGLE_MEM_DISABLE_HOOKS=1 CLAUDE_CODE_DISABLE_BACKGROUND_TASKS=1 claude -p \
             --no-session-persistence \
@@ -569,7 +577,7 @@ _eagle_call_claude_cli() {
             --tools "" \
             --output-format text \
             --model "$model" \
-            "$(cat "$prompt_file")" > "$out_file" 2>> "$EAGLE_MEM_LOG"
+            < "$prompt_file" > "$out_file" 2>> "$EAGLE_MEM_LOG"
         rc=$?
     else
         EAGLE_MEM_DISABLE_HOOKS=1 CLAUDE_CODE_DISABLE_BACKGROUND_TASKS=1 claude -p \
@@ -578,7 +586,7 @@ _eagle_call_claude_cli() {
             --permission-mode dontAsk \
             --tools "" \
             --output-format text \
-            "$(cat "$prompt_file")" > "$out_file" 2>> "$EAGLE_MEM_LOG"
+            < "$prompt_file" > "$out_file" 2>> "$EAGLE_MEM_LOG"
         rc=$?
     fi
     [ "$_had_errexit" -eq 1 ] && set -e

package/lib/updater.sh

@@ -195,9 +195,16 @@ eagle_update_backup_runtime() {
         local sqlite_bin
         sqlite_bin=$(eagle_sqlite_path)
         if [ -n "$sqlite_bin" ]; then
-            "$sqlite_bin" "$EAGLE_MEM_DB" ".backup '$backup_dir/memory.db'" >/dev/null 2>&1 || cp "$EAGLE_MEM_DB" "$backup_dir/memory.db" 2>/dev/null || true
+            # busy_timeout so a concurrent hook holding the lock doesn't make
+            # .backup fail immediately and fall through to a raw cp. The raw cp
+            # last-resort copies the -wal/-shm too so the snapshot stays
+            # internally consistent (a bare cp of a WAL DB drops uncommitted WAL).
+            "$sqlite_bin" "$EAGLE_MEM_DB" "PRAGMA busy_timeout=10000; .backup '$backup_dir/memory.db'" >/dev/null 2>&1 \
+                || { cp "$EAGLE_MEM_DB" "$backup_dir/memory.db" 2>/dev/null \
+                     && cp "$EAGLE_MEM_DB-wal" "$backup_dir/memory.db-wal" 2>/dev/null; cp "$EAGLE_MEM_DB-shm" "$backup_dir/memory.db-shm" 2>/dev/null; true; }
         else
-            cp "$EAGLE_MEM_DB" "$backup_dir/memory.db" 2>/dev/null || true
+            cp "$EAGLE_MEM_DB" "$backup_dir/memory.db" 2>/dev/null \
+                && { cp "$EAGLE_MEM_DB-wal" "$backup_dir/memory.db-wal" 2>/dev/null; cp "$EAGLE_MEM_DB-shm" "$backup_dir/memory.db-shm" 2>/dev/null; true; }
         fi
     fi
 }
@@ -218,7 +225,14 @@ eagle_update_restore_runtime() {
     done
 
     if [ -f "$backup_dir/memory.db" ]; then
+        # Drop any live sidecars first so a restored main DB is never paired with
+        # a stale -wal/-shm. Then restore the main DB and (if the raw-cp fallback
+        # captured them) its sidecars, keeping the snapshot internally consistent.
+        rm -f "$EAGLE_MEM_DB-wal" "$EAGLE_MEM_DB-shm" 2>/dev/null || true
         cp "$backup_dir/memory.db" "$EAGLE_MEM_DB" 2>/dev/null || true
+        [ -f "$backup_dir/memory.db-wal" ] && cp "$backup_dir/memory.db-wal" "$EAGLE_MEM_DB-wal" 2>/dev/null
+        [ -f "$backup_dir/memory.db-shm" ] && cp "$backup_dir/memory.db-shm" "$EAGLE_MEM_DB-shm" 2>/dev/null
+        true
     fi
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "eagle-mem",
-  "version": "4.12.1",
+  "version": "4.13.1",
   "description": "Shared memory, release guardrails, RTK token protection, and worker lanes for Claude Code, Codex, OpenCode, Grok, and Google Antigravity",
   "bin": {
     "eagle-mem": "bin/eagle-mem"

package/scripts/enrich-summary.sh

@@ -33,7 +33,10 @@ if [ "$provider" = "none" ]; then
     exit 0
 fi
 
-excerpt=$(printf '%s' "$text_content" | tail -c 3000)
+# Redact secrets BEFORE the transcript tail is sent to an LLM provider. The job
+# file is already redacted by Stop, but redact here too in case this script is
+# invoked directly or against a legacy job file.
+excerpt=$(printf '%s' "$text_content" | tail -c 3000 | eagle_redact)
 
 enrich_prompt="Extract facts from this AI coding session. Only include items with clear evidence in the session text. Do NOT invent or repeat example content.
 

package/scripts/install.sh

@@ -283,47 +283,9 @@ if [ "$claude_found" = true ]; then
             echo '{}' > "$SETTINGS"
         fi
 
-        eagle_patch_hook "$SETTINGS" "SessionStart" "" \
-            "$EAGLE_MEM_DIR/hooks/session-start.sh" \
-            "SessionStart hook"
-
-        # Clean old registrations before re-registering (handles matcher changes across versions)
-        eagle_clean_hook_entries "$SETTINGS" "Stop" "$EAGLE_MEM_DIR/hooks/stop.sh"
-        eagle_clean_hook_entries "$SETTINGS" "PostToolUse" "$EAGLE_MEM_DIR/hooks/post-tool-use.sh"
-        eagle_clean_hook_entries "$SETTINGS" "PreToolUse" "$EAGLE_MEM_DIR/hooks/pre-tool-use.sh"
-
-        eagle_patch_hook "$SETTINGS" "Stop" "" \
-            "bash \"$EAGLE_MEM_DIR/hooks/stop.sh\"" \
-            "Stop hook"
-
-        eagle_patch_hook "$SETTINGS" "PostToolUse" "Read|Write|Edit|Bash|TaskUpdate" \
-            "$EAGLE_MEM_DIR/hooks/post-tool-use.sh" \
-            "PostToolUse hook"
-
-        eagle_patch_hook "$SETTINGS" "TaskCreated" "" \
-            "$EAGLE_MEM_DIR/hooks/post-tool-use.sh" \
-            "TaskCreated hook"
-
-        eagle_patch_hook "$SETTINGS" "TaskCompleted" "" \
-            "$EAGLE_MEM_DIR/hooks/post-tool-use.sh" \
-            "TaskCompleted hook"
-
-        eagle_patch_hook "$SETTINGS" "SessionEnd" "" \
-            "$EAGLE_MEM_DIR/hooks/session-end.sh" \
-            "SessionEnd hook"
-
-        eagle_patch_hook "$SETTINGS" "UserPromptSubmit" "" \
-            "$EAGLE_MEM_DIR/hooks/user-prompt-submit.sh" \
-            "UserPromptSubmit hook"
-
-        eagle_patch_hook "$SETTINGS" "PreToolUse" "Bash|Read|Edit|Write" \
-            "$EAGLE_MEM_DIR/hooks/pre-tool-use.sh" \
-            "PreToolUse hook"
-
-        # Allow agent-issued session capture to run without a permission prompt
-        if eagle_patch_permission_allow "$SETTINGS" "Bash(eagle-mem session save:*)"; then
-            eagle_ok "Capture permission ${DIM}(eagle-mem session save)${RESET}"
-        fi
+        # Single source of truth for the Claude hook set (see lib/hooks.sh);
+        # verbose mode prints a line per registration.
+        eagle_register_claude_hooks "$SETTINGS" verbose
     fi
 else
     eagle_info "Claude hooks skipped ${DIM}(Claude Code not detected)${RESET}"