engrm 0.1.0 → 0.2.0

package/dist/hooks/session-start.js

@@ -0,0 +1,1473 @@
+#!/usr/bin/env node
+// @bun
+import { createRequire } from "node:module";
+var __require = /* @__PURE__ */ createRequire(import.meta.url);
+
+// src/config.ts
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { homedir, hostname } from "node:os";
+import { join } from "node:path";
+import { randomBytes } from "node:crypto";
+var CONFIG_DIR = join(homedir(), ".engrm");
+var SETTINGS_PATH = join(CONFIG_DIR, "settings.json");
+var DB_PATH = join(CONFIG_DIR, "engrm.db");
+function getDbPath() {
+  return DB_PATH;
+}
+function generateDeviceId() {
+  const host = hostname().toLowerCase().replace(/[^a-z0-9-]/g, "");
+  const suffix = randomBytes(4).toString("hex");
+  return `${host}-${suffix}`;
+}
+function createDefaultConfig() {
+  return {
+    candengo_url: "",
+    candengo_api_key: "",
+    site_id: "",
+    namespace: "",
+    user_id: "",
+    user_email: "",
+    device_id: generateDeviceId(),
+    teams: [],
+    sync: {
+      enabled: true,
+      interval_seconds: 30,
+      batch_size: 50
+    },
+    search: {
+      default_limit: 10,
+      local_boost: 1.2,
+      scope: "all"
+    },
+    scrubbing: {
+      enabled: true,
+      custom_patterns: [],
+      default_sensitivity: "shared"
+    },
+    sentinel: {
+      enabled: false,
+      mode: "advisory",
+      provider: "openai",
+      model: "gpt-4o-mini",
+      api_key: "",
+      base_url: "",
+      skip_patterns: [],
+      daily_limit: 100,
+      tier: "free"
+    },
+    observer: {
+      enabled: true,
+      mode: "per_event",
+      model: "haiku"
+    }
+  };
+}
+function loadConfig() {
+  if (!existsSync(SETTINGS_PATH)) {
+    throw new Error(`Config not found at ${SETTINGS_PATH}. Run 'engrm init --manual' to configure.`);
+  }
+  const raw = readFileSync(SETTINGS_PATH, "utf-8");
+  let parsed;
+  try {
+    parsed = JSON.parse(raw);
+  } catch {
+    throw new Error(`Invalid JSON in ${SETTINGS_PATH}`);
+  }
+  if (typeof parsed !== "object" || parsed === null) {
+    throw new Error(`Config at ${SETTINGS_PATH} is not a JSON object`);
+  }
+  const config = parsed;
+  const defaults = createDefaultConfig();
+  return {
+    candengo_url: asString(config["candengo_url"], defaults.candengo_url),
+    candengo_api_key: asString(config["candengo_api_key"], defaults.candengo_api_key),
+    site_id: asString(config["site_id"], defaults.site_id),
+    namespace: asString(config["namespace"], defaults.namespace),
+    user_id: asString(config["user_id"], defaults.user_id),
+    user_email: asString(config["user_email"], defaults.user_email),
+    device_id: asString(config["device_id"], defaults.device_id),
+    teams: asTeams(config["teams"], defaults.teams),
+    sync: {
+      enabled: asBool(config["sync"]?.["enabled"], defaults.sync.enabled),
+      interval_seconds: asNumber(config["sync"]?.["interval_seconds"], defaults.sync.interval_seconds),
+      batch_size: asNumber(config["sync"]?.["batch_size"], defaults.sync.batch_size)
+    },
+    search: {
+      default_limit: asNumber(config["search"]?.["default_limit"], defaults.search.default_limit),
+      local_boost: asNumber(config["search"]?.["local_boost"], defaults.search.local_boost),
+      scope: asScope(config["search"]?.["scope"], defaults.search.scope)
+    },
+    scrubbing: {
+      enabled: asBool(config["scrubbing"]?.["enabled"], defaults.scrubbing.enabled),
+      custom_patterns: asStringArray(config["scrubbing"]?.["custom_patterns"], defaults.scrubbing.custom_patterns),
+      default_sensitivity: asSensitivity(config["scrubbing"]?.["default_sensitivity"], defaults.scrubbing.default_sensitivity)
+    },
+    sentinel: {
+      enabled: asBool(config["sentinel"]?.["enabled"], defaults.sentinel.enabled),
+      mode: asSentinelMode(config["sentinel"]?.["mode"], defaults.sentinel.mode),
+      provider: asLlmProvider(config["sentinel"]?.["provider"], defaults.sentinel.provider),
+      model: asString(config["sentinel"]?.["model"], defaults.sentinel.model),
+      api_key: asString(config["sentinel"]?.["api_key"], defaults.sentinel.api_key),
+      base_url: asString(config["sentinel"]?.["base_url"], defaults.sentinel.base_url),
+      skip_patterns: asStringArray(config["sentinel"]?.["skip_patterns"], defaults.sentinel.skip_patterns),
+      daily_limit: asNumber(config["sentinel"]?.["daily_limit"], defaults.sentinel.daily_limit),
+      tier: asTier(config["sentinel"]?.["tier"], defaults.sentinel.tier)
+    },
+    observer: {
+      enabled: asBool(config["observer"]?.["enabled"], defaults.observer.enabled),
+      mode: asObserverMode(config["observer"]?.["mode"], defaults.observer.mode),
+      model: asString(config["observer"]?.["model"], defaults.observer.model)
+    }
+  };
+}
+function configExists() {
+  return existsSync(SETTINGS_PATH);
+}
+function asString(value, fallback) {
+  return typeof value === "string" ? value : fallback;
+}
+function asNumber(value, fallback) {
+  return typeof value === "number" && !Number.isNaN(value) ? value : fallback;
+}
+function asBool(value, fallback) {
+  return typeof value === "boolean" ? value : fallback;
+}
+function asStringArray(value, fallback) {
+  return Array.isArray(value) && value.every((v) => typeof v === "string") ? value : fallback;
+}
+function asScope(value, fallback) {
+  if (value === "personal" || value === "team" || value === "all")
+    return value;
+  return fallback;
+}
+function asSensitivity(value, fallback) {
+  if (value === "shared" || value === "personal" || value === "secret")
+    return value;
+  return fallback;
+}
+function asSentinelMode(value, fallback) {
+  if (value === "advisory" || value === "blocking")
+    return value;
+  return fallback;
+}
+function asLlmProvider(value, fallback) {
+  if (value === "openai" || value === "anthropic" || value === "ollama" || value === "custom")
+    return value;
+  return fallback;
+}
+function asTier(value, fallback) {
+  if (value === "free" || value === "vibe" || value === "solo" || value === "pro" || value === "team" || value === "enterprise")
+    return value;
+  return fallback;
+}
+function asObserverMode(value, fallback) {
+  if (value === "per_event" || value === "per_session")
+    return value;
+  return fallback;
+}
+function asTeams(value, fallback) {
+  if (!Array.isArray(value))
+    return fallback;
+  return value.filter((t) => typeof t === "object" && t !== null && typeof t.id === "string" && typeof t.name === "string" && typeof t.namespace === "string");
+}
+
+// src/storage/migrations.ts
+var MIGRATIONS = [
+  {
+    version: 1,
+    description: "Initial schema: projects, observations, sessions, sync, FTS5",
+    sql: `
+      -- Projects (canonical identity across machines)
+      CREATE TABLE projects (
+          id              INTEGER PRIMARY KEY AUTOINCREMENT,
+          canonical_id    TEXT UNIQUE NOT NULL,
+          name            TEXT NOT NULL,
+          local_path      TEXT,
+          remote_url      TEXT,
+          first_seen_epoch INTEGER NOT NULL,
+          last_active_epoch INTEGER NOT NULL
+      );
+
+      -- Core observations table
+      CREATE TABLE observations (
+          id              INTEGER PRIMARY KEY AUTOINCREMENT,
+          session_id      TEXT,
+          project_id      INTEGER NOT NULL REFERENCES projects(id),
+          type            TEXT NOT NULL CHECK (type IN (
+              'bugfix', 'discovery', 'decision', 'pattern',
+              'change', 'feature', 'refactor', 'digest'
+          )),
+          title           TEXT NOT NULL,
+          narrative       TEXT,
+          facts           TEXT,
+          concepts        TEXT,
+          files_read      TEXT,
+          files_modified  TEXT,
+          quality         REAL DEFAULT 0.5 CHECK (quality BETWEEN 0.0 AND 1.0),
+          lifecycle       TEXT DEFAULT 'active' CHECK (lifecycle IN (
+              'active', 'aging', 'archived', 'purged', 'pinned'
+          )),
+          sensitivity     TEXT DEFAULT 'shared' CHECK (sensitivity IN (
+              'shared', 'personal', 'secret'
+          )),
+          user_id         TEXT NOT NULL,
+          device_id       TEXT NOT NULL,
+          agent           TEXT DEFAULT 'claude-code',
+          created_at      TEXT NOT NULL,
+          created_at_epoch INTEGER NOT NULL,
+          archived_at_epoch INTEGER,
+          compacted_into  INTEGER REFERENCES observations(id) ON DELETE SET NULL
+      );
+
+      -- Session tracking
+      CREATE TABLE sessions (
+          id              INTEGER PRIMARY KEY AUTOINCREMENT,
+          session_id      TEXT UNIQUE NOT NULL,
+          project_id      INTEGER REFERENCES projects(id),
+          user_id         TEXT NOT NULL,
+          device_id       TEXT NOT NULL,
+          agent           TEXT DEFAULT 'claude-code',
+          status          TEXT DEFAULT 'active' CHECK (status IN ('active', 'completed')),
+          observation_count INTEGER DEFAULT 0,
+          started_at_epoch INTEGER,
+          completed_at_epoch INTEGER
+      );
+
+      -- Session summaries (generated on Stop hook)
+      CREATE TABLE session_summaries (
+          id              INTEGER PRIMARY KEY AUTOINCREMENT,
+          session_id      TEXT UNIQUE NOT NULL,
+          project_id      INTEGER REFERENCES projects(id),
+          user_id         TEXT NOT NULL,
+          request         TEXT,
+          investigated    TEXT,
+          learned         TEXT,
+          completed       TEXT,
+          next_steps      TEXT,
+          created_at_epoch INTEGER
+      );
+
+      -- Sync outbox (offline-first queue)
+      CREATE TABLE sync_outbox (
+          id              INTEGER PRIMARY KEY AUTOINCREMENT,
+          record_type     TEXT NOT NULL CHECK (record_type IN ('observation', 'summary')),
+          record_id       INTEGER NOT NULL,
+          status          TEXT DEFAULT 'pending' CHECK (status IN (
+              'pending', 'syncing', 'synced', 'failed'
+          )),
+          retry_count     INTEGER DEFAULT 0,
+          max_retries     INTEGER DEFAULT 10,
+          last_error      TEXT,
+          created_at_epoch INTEGER NOT NULL,
+          synced_at_epoch  INTEGER,
+          next_retry_epoch INTEGER
+      );
+
+      -- Sync high-water mark and lifecycle job tracking
+      CREATE TABLE sync_state (
+          key   TEXT PRIMARY KEY,
+          value TEXT NOT NULL
+      );
+
+      -- FTS5 for local offline search (external content mode)
+      CREATE VIRTUAL TABLE observations_fts USING fts5(
+          title, narrative, facts, concepts,
+          content=observations,
+          content_rowid=id
+      );
+
+      -- Indexes: observations
+      CREATE INDEX idx_observations_project ON observations(project_id);
+      CREATE INDEX idx_observations_project_lifecycle ON observations(project_id, lifecycle);
+      CREATE INDEX idx_observations_type ON observations(type);
+      CREATE INDEX idx_observations_created ON observations(created_at_epoch);
+      CREATE INDEX idx_observations_session ON observations(session_id);
+      CREATE INDEX idx_observations_lifecycle ON observations(lifecycle);
+      CREATE INDEX idx_observations_quality ON observations(quality);
+      CREATE INDEX idx_observations_user ON observations(user_id);
+
+      -- Indexes: sessions
+      CREATE INDEX idx_sessions_project ON sessions(project_id);
+
+      -- Indexes: sync outbox
+      CREATE INDEX idx_outbox_status ON sync_outbox(status, next_retry_epoch);
+      CREATE INDEX idx_outbox_record ON sync_outbox(record_type, record_id);
+    `
+  },
+  {
+    version: 2,
+    description: "Add superseded_by for knowledge supersession",
+    sql: `
+      ALTER TABLE observations ADD COLUMN superseded_by INTEGER REFERENCES observations(id) ON DELETE SET NULL;
+      CREATE INDEX idx_observations_superseded ON observations(superseded_by);
+    `
+  },
+  {
+    version: 3,
+    description: "Add remote_source_id for pull deduplication",
+    sql: `
+      ALTER TABLE observations ADD COLUMN remote_source_id TEXT;
+      CREATE UNIQUE INDEX idx_observations_remote_source ON observations(remote_source_id) WHERE remote_source_id IS NOT NULL;
+    `
+  },
+  {
+    version: 4,
+    description: "Add sqlite-vec for local semantic search",
+    sql: `
+      CREATE VIRTUAL TABLE vec_observations USING vec0(
+        observation_id INTEGER PRIMARY KEY,
+        embedding float[384]
+      );
+    `,
+    condition: (db) => isVecExtensionLoaded(db)
+  },
+  {
+    version: 5,
+    description: "Session metrics and security findings",
+    sql: `
+      ALTER TABLE sessions ADD COLUMN files_touched_count INTEGER DEFAULT 0;
+      ALTER TABLE sessions ADD COLUMN searches_performed INTEGER DEFAULT 0;
+      ALTER TABLE sessions ADD COLUMN tool_calls_count INTEGER DEFAULT 0;
+
+      CREATE TABLE security_findings (
+          id              INTEGER PRIMARY KEY AUTOINCREMENT,
+          session_id      TEXT,
+          project_id      INTEGER NOT NULL REFERENCES projects(id),
+          finding_type    TEXT NOT NULL,
+          severity        TEXT NOT NULL DEFAULT 'medium' CHECK (severity IN ('critical', 'high', 'medium', 'low')),
+          pattern_name    TEXT NOT NULL,
+          file_path       TEXT,
+          snippet         TEXT,
+          tool_name       TEXT,
+          user_id         TEXT NOT NULL,
+          device_id       TEXT NOT NULL,
+          created_at_epoch INTEGER NOT NULL
+      );
+
+      CREATE INDEX idx_security_findings_session ON security_findings(session_id);
+      CREATE INDEX idx_security_findings_project ON security_findings(project_id, created_at_epoch);
+      CREATE INDEX idx_security_findings_severity ON security_findings(severity);
+    `
+  },
+  {
+    version: 6,
+    description: "Add risk_score, expand observation types to include standard",
+    sql: `
+      ALTER TABLE sessions ADD COLUMN risk_score INTEGER;
+
+      -- Recreate observations table with expanded type CHECK to include 'standard'
+      -- SQLite doesn't support ALTER CHECK, so we recreate the table
+      CREATE TABLE observations_new (
+          id              INTEGER PRIMARY KEY AUTOINCREMENT,
+          session_id      TEXT,
+          project_id      INTEGER NOT NULL REFERENCES projects(id),
+          type            TEXT NOT NULL CHECK (type IN (
+              'bugfix', 'discovery', 'decision', 'pattern',
+              'change', 'feature', 'refactor', 'digest', 'standard'
+          )),
+          title           TEXT NOT NULL,
+          narrative       TEXT,
+          facts           TEXT,
+          concepts        TEXT,
+          files_read      TEXT,
+          files_modified  TEXT,
+          quality         REAL DEFAULT 0.5 CHECK (quality BETWEEN 0.0 AND 1.0),
+          lifecycle       TEXT DEFAULT 'active' CHECK (lifecycle IN (
+              'active', 'aging', 'archived', 'purged', 'pinned'
+          )),
+          sensitivity     TEXT DEFAULT 'shared' CHECK (sensitivity IN (
+              'shared', 'personal', 'secret'
+          )),
+          user_id         TEXT NOT NULL,
+          device_id       TEXT NOT NULL,
+          agent           TEXT DEFAULT 'claude-code',
+          created_at      TEXT NOT NULL,
+          created_at_epoch INTEGER NOT NULL,
+          archived_at_epoch INTEGER,
+          compacted_into  INTEGER REFERENCES observations(id) ON DELETE SET NULL,
+          superseded_by   INTEGER REFERENCES observations(id) ON DELETE SET NULL,
+          remote_source_id TEXT
+      );
+
+      INSERT INTO observations_new SELECT * FROM observations;
+
+      DROP TABLE observations;
+      ALTER TABLE observations_new RENAME TO observations;
+
+      -- Recreate indexes
+      CREATE INDEX idx_observations_project ON observations(project_id);
+      CREATE INDEX idx_observations_project_lifecycle ON observations(project_id, lifecycle);
+      CREATE INDEX idx_observations_type ON observations(type);
+      CREATE INDEX idx_observations_created ON observations(created_at_epoch);
+      CREATE INDEX idx_observations_session ON observations(session_id);
+      CREATE INDEX idx_observations_lifecycle ON observations(lifecycle);
+      CREATE INDEX idx_observations_quality ON observations(quality);
+      CREATE INDEX idx_observations_user ON observations(user_id);
+      CREATE INDEX idx_observations_superseded ON observations(superseded_by);
+      CREATE UNIQUE INDEX idx_observations_remote_source ON observations(remote_source_id) WHERE remote_source_id IS NOT NULL;
+
+      -- Recreate FTS5 (external content mode — must rebuild after table recreation)
+      DROP TABLE IF EXISTS observations_fts;
+      CREATE VIRTUAL TABLE observations_fts USING fts5(
+          title, narrative, facts, concepts,
+          content=observations,
+          content_rowid=id
+      );
+      -- Rebuild FTS index
+      INSERT INTO observations_fts(observations_fts) VALUES('rebuild');
+    `
+  },
+  {
+    version: 7,
+    description: "Add packs_installed table for help pack tracking",
+    sql: `
+      CREATE TABLE IF NOT EXISTS packs_installed (
+          name            TEXT PRIMARY KEY,
+          installed_at    INTEGER NOT NULL,
+          observation_count INTEGER DEFAULT 0
+      );
+    `
+  }
+];
+function isVecExtensionLoaded(db) {
+  try {
+    db.exec("SELECT vec_version()");
+    return true;
+  } catch {
+    return false;
+  }
+}
+function runMigrations(db) {
+  const currentVersion = db.query("PRAGMA user_version").get();
+  let version = currentVersion.user_version;
+  for (const migration of MIGRATIONS) {
+    if (migration.version <= version)
+      continue;
+    if (migration.condition && !migration.condition(db)) {
+      continue;
+    }
+    db.exec("BEGIN TRANSACTION");
+    try {
+      db.exec(migration.sql);
+      db.exec(`PRAGMA user_version = ${migration.version}`);
+      db.exec("COMMIT");
+      version = migration.version;
+    } catch (error) {
+      db.exec("ROLLBACK");
+      throw new Error(`Migration ${migration.version} (${migration.description}) failed: ${error instanceof Error ? error.message : String(error)}`);
+    }
+  }
+}
+var LATEST_SCHEMA_VERSION = MIGRATIONS.filter((m) => !m.condition).reduce((max, m) => Math.max(max, m.version), 0);
+
+// src/storage/sqlite.ts
+var IS_BUN = typeof globalThis.Bun !== "undefined";
+function openDatabase(dbPath) {
+  if (IS_BUN) {
+    return openBunDatabase(dbPath);
+  }
+  return openNodeDatabase(dbPath);
+}
+function openBunDatabase(dbPath) {
+  const { Database } = __require("bun:sqlite");
+  if (process.platform === "darwin") {
+    const { existsSync: existsSync2 } = __require("node:fs");
+    const paths = [
+      "/opt/homebrew/opt/sqlite/lib/libsqlite3.dylib",
+      "/usr/local/opt/sqlite3/lib/libsqlite3.dylib"
+    ];
+    for (const p of paths) {
+      if (existsSync2(p)) {
+        try {
+          Database.setCustomSQLite(p);
+        } catch {}
+        break;
+      }
+    }
+  }
+  const db = new Database(dbPath);
+  return db;
+}
+function openNodeDatabase(dbPath) {
+  const BetterSqlite3 = __require("better-sqlite3");
+  const raw = new BetterSqlite3(dbPath);
+  return {
+    query(sql) {
+      const stmt = raw.prepare(sql);
+      return {
+        get(...params) {
+          return stmt.get(...params);
+        },
+        all(...params) {
+          return stmt.all(...params);
+        },
+        run(...params) {
+          return stmt.run(...params);
+        }
+      };
+    },
+    exec(sql) {
+      raw.exec(sql);
+    },
+    close() {
+      raw.close();
+    }
+  };
+}
+
+class MemDatabase {
+  db;
+  vecAvailable;
+  constructor(dbPath) {
+    this.db = openDatabase(dbPath);
+    this.db.exec("PRAGMA journal_mode = WAL");
+    this.db.exec("PRAGMA foreign_keys = ON");
+    this.vecAvailable = this.loadVecExtension();
+    runMigrations(this.db);
+  }
+  loadVecExtension() {
+    try {
+      const sqliteVec = __require("sqlite-vec");
+      sqliteVec.load(this.db);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  close() {
+    this.db.close();
+  }
+  upsertProject(project) {
+    const now = Math.floor(Date.now() / 1000);
+    const existing = this.db.query("SELECT * FROM projects WHERE canonical_id = ?").get(project.canonical_id);
+    if (existing) {
+      this.db.query(`UPDATE projects SET
+            local_path = COALESCE(?, local_path),
+            remote_url = COALESCE(?, remote_url),
+            last_active_epoch = ?
+          WHERE id = ?`).run(project.local_path ?? null, project.remote_url ?? null, now, existing.id);
+      return {
+        ...existing,
+        local_path: project.local_path ?? existing.local_path,
+        remote_url: project.remote_url ?? existing.remote_url,
+        last_active_epoch: now
+      };
+    }
+    const result = this.db.query(`INSERT INTO projects (canonical_id, name, local_path, remote_url, first_seen_epoch, last_active_epoch)
+        VALUES (?, ?, ?, ?, ?, ?)`).run(project.canonical_id, project.name, project.local_path ?? null, project.remote_url ?? null, now, now);
+    return this.db.query("SELECT * FROM projects WHERE id = ?").get(Number(result.lastInsertRowid));
+  }
+  getProjectByCanonicalId(canonicalId) {
+    return this.db.query("SELECT * FROM projects WHERE canonical_id = ?").get(canonicalId) ?? null;
+  }
+  getProjectById(id) {
+    return this.db.query("SELECT * FROM projects WHERE id = ?").get(id) ?? null;
+  }
+  insertObservation(obs) {
+    const now = Math.floor(Date.now() / 1000);
+    const createdAt = new Date().toISOString();
+    const result = this.db.query(`INSERT INTO observations (
+          session_id, project_id, type, title, narrative, facts, concepts,
+          files_read, files_modified, quality, lifecycle, sensitivity,
+          user_id, device_id, agent, created_at, created_at_epoch
+        ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`).run(obs.session_id ?? null, obs.project_id, obs.type, obs.title, obs.narrative ?? null, obs.facts ?? null, obs.concepts ?? null, obs.files_read ?? null, obs.files_modified ?? null, obs.quality, obs.lifecycle ?? "active", obs.sensitivity ?? "shared", obs.user_id, obs.device_id, obs.agent ?? "claude-code", createdAt, now);
+    const id = Number(result.lastInsertRowid);
+    const row = this.getObservationById(id);
+    this.ftsInsert(row);
+    if (obs.session_id) {
+      this.db.query("UPDATE sessions SET observation_count = observation_count + 1 WHERE session_id = ?").run(obs.session_id);
+    }
+    return row;
+  }
+  getObservationById(id) {
+    return this.db.query("SELECT * FROM observations WHERE id = ?").get(id) ?? null;
+  }
+  getObservationsByIds(ids) {
+    if (ids.length === 0)
+      return [];
+    const placeholders = ids.map(() => "?").join(",");
+    return this.db.query(`SELECT * FROM observations WHERE id IN (${placeholders}) ORDER BY created_at_epoch DESC`).all(...ids);
+  }
+  getRecentObservations(projectId, sincEpoch, limit = 50) {
+    return this.db.query(`SELECT * FROM observations
+        WHERE project_id = ? AND created_at_epoch > ?
+        ORDER BY created_at_epoch DESC
+        LIMIT ?`).all(projectId, sincEpoch, limit);
+  }
+  searchFts(query, projectId, lifecycles = ["active", "aging", "pinned"], limit = 20) {
+    const lifecyclePlaceholders = lifecycles.map(() => "?").join(",");
+    if (projectId !== null) {
+      return this.db.query(`SELECT o.id, observations_fts.rank
+          FROM observations_fts
+          JOIN observations o ON o.id = observations_fts.rowid
+          WHERE observations_fts MATCH ?
+            AND o.project_id = ?
+            AND o.lifecycle IN (${lifecyclePlaceholders})
+          ORDER BY observations_fts.rank
+          LIMIT ?`).all(query, projectId, ...lifecycles, limit);
+    }
+    return this.db.query(`SELECT o.id, observations_fts.rank
+        FROM observations_fts
+        JOIN observations o ON o.id = observations_fts.rowid
+        WHERE observations_fts MATCH ?
+          AND o.lifecycle IN (${lifecyclePlaceholders})
+        ORDER BY observations_fts.rank
+        LIMIT ?`).all(query, ...lifecycles, limit);
+  }
+  getTimeline(anchorId, projectId, depthBefore = 3, depthAfter = 3) {
+    const anchor = this.getObservationById(anchorId);
+    if (!anchor)
+      return [];
+    const projectFilter = projectId !== null ? "AND project_id = ?" : "";
+    const projectParams = projectId !== null ? [projectId] : [];
+    const before = this.db.query(`SELECT * FROM observations
+        WHERE created_at_epoch < ? ${projectFilter}
+          AND lifecycle IN ('active', 'aging', 'pinned')
+        ORDER BY created_at_epoch DESC
+        LIMIT ?`).all(anchor.created_at_epoch, ...projectParams, depthBefore);
+    const after = this.db.query(`SELECT * FROM observations
+        WHERE created_at_epoch > ? ${projectFilter}
+          AND lifecycle IN ('active', 'aging', 'pinned')
+        ORDER BY created_at_epoch ASC
+        LIMIT ?`).all(anchor.created_at_epoch, ...projectParams, depthAfter);
+    return [...before.reverse(), anchor, ...after];
+  }
+  pinObservation(id, pinned) {
+    const obs = this.getObservationById(id);
+    if (!obs)
+      return false;
+    if (pinned) {
+      if (obs.lifecycle !== "active" && obs.lifecycle !== "aging")
+        return false;
+      this.db.query("UPDATE observations SET lifecycle = 'pinned' WHERE id = ?").run(id);
+    } else {
+      if (obs.lifecycle !== "pinned")
+        return false;
+      this.db.query("UPDATE observations SET lifecycle = 'active' WHERE id = ?").run(id);
+    }
+    return true;
+  }
+  getActiveObservationCount(userId) {
+    if (userId) {
+      const result2 = this.db.query(`SELECT COUNT(*) as count FROM observations
+          WHERE lifecycle IN ('active', 'aging')
+            AND sensitivity != 'secret'
+            AND user_id = ?`).get(userId);
+      return result2?.count ?? 0;
+    }
+    const result = this.db.query(`SELECT COUNT(*) as count FROM observations
+        WHERE lifecycle IN ('active', 'aging')
+          AND sensitivity != 'secret'`).get();
+    return result?.count ?? 0;
+  }
+  supersedeObservation(oldId, newId) {
+    if (oldId === newId)
+      return false;
+    const replacement = this.getObservationById(newId);
+    if (!replacement)
+      return false;
+    let targetId = oldId;
+    const visited = new Set;
+    for (let depth = 0;depth < 10; depth++) {
+      const target2 = this.getObservationById(targetId);
+      if (!target2)
+        return false;
+      if (target2.superseded_by === null)
+        break;
+      if (target2.superseded_by === newId)
+        return true;
+      visited.add(targetId);
+      targetId = target2.superseded_by;
+      if (visited.has(targetId))
+        return false;
+    }
+    const target = this.getObservationById(targetId);
+    if (!target)
+      return false;
+    if (target.superseded_by !== null)
+      return false;
+    if (targetId === newId)
+      return false;
+    const now = Math.floor(Date.now() / 1000);
+    this.db.query(`UPDATE observations
+         SET superseded_by = ?, lifecycle = 'archived', archived_at_epoch = ?
+         WHERE id = ?`).run(newId, now, targetId);
+    this.ftsDelete(target);
+    this.vecDelete(targetId);
+    return true;
+  }
+  isSuperseded(id) {
+    const obs = this.getObservationById(id);
+    return obs !== null && obs.superseded_by !== null;
+  }
+  upsertSession(sessionId, projectId, userId, deviceId, agent = "claude-code") {
+    const existing = this.db.query("SELECT * FROM sessions WHERE session_id = ?").get(sessionId);
+    if (existing)
+      return existing;
+    const now = Math.floor(Date.now() / 1000);
+    this.db.query(`INSERT INTO sessions (session_id, project_id, user_id, device_id, agent, started_at_epoch)
+        VALUES (?, ?, ?, ?, ?, ?)`).run(sessionId, projectId, userId, deviceId, agent, now);
+    return this.db.query("SELECT * FROM sessions WHERE session_id = ?").get(sessionId);
+  }
+  completeSession(sessionId) {
+    const now = Math.floor(Date.now() / 1000);
+    this.db.query("UPDATE sessions SET status = 'completed', completed_at_epoch = ? WHERE session_id = ?").run(now, sessionId);
+  }
+  addToOutbox(recordType, recordId) {
+    const now = Math.floor(Date.now() / 1000);
+    this.db.query(`INSERT INTO sync_outbox (record_type, record_id, created_at_epoch)
+        VALUES (?, ?, ?)`).run(recordType, recordId, now);
+  }
+  getSyncState(key) {
+    const row = this.db.query("SELECT value FROM sync_state WHERE key = ?").get(key);
+    return row?.value ?? null;
+  }
+  setSyncState(key, value) {
+    this.db.query("INSERT INTO sync_state (key, value) VALUES (?, ?) ON CONFLICT(key) DO UPDATE SET value = ?").run(key, value, value);
+  }
+  ftsInsert(obs) {
+    this.db.query(`INSERT INTO observations_fts (rowid, title, narrative, facts, concepts)
+        VALUES (?, ?, ?, ?, ?)`).run(obs.id, obs.title, obs.narrative, obs.facts, obs.concepts);
+  }
+  ftsDelete(obs) {
+    this.db.query(`INSERT INTO observations_fts (observations_fts, rowid, title, narrative, facts, concepts)
+        VALUES ('delete', ?, ?, ?, ?, ?)`).run(obs.id, obs.title, obs.narrative, obs.facts, obs.concepts);
+  }
+  vecInsert(observationId, embedding) {
+    if (!this.vecAvailable)
+      return;
+    this.db.query("INSERT OR REPLACE INTO vec_observations (observation_id, embedding) VALUES (?, ?)").run(observationId, new Uint8Array(embedding.buffer));
+  }
+  vecDelete(observationId) {
+    if (!this.vecAvailable)
+      return;
+    this.db.query("DELETE FROM vec_observations WHERE observation_id = ?").run(observationId);
+  }
+  searchVec(queryEmbedding, projectId, lifecycles = ["active", "aging", "pinned"], limit = 20) {
+    if (!this.vecAvailable)
+      return [];
+    const lifecyclePlaceholders = lifecycles.map(() => "?").join(",");
+    const embeddingBlob = new Uint8Array(queryEmbedding.buffer);
+    if (projectId !== null) {
+      return this.db.query(`SELECT v.observation_id, v.distance
+           FROM vec_observations v
+           JOIN observations o ON o.id = v.observation_id
+           WHERE v.embedding MATCH ?
+             AND k = ?
+             AND o.project_id = ?
+             AND o.lifecycle IN (${lifecyclePlaceholders})
+             AND o.superseded_by IS NULL`).all(embeddingBlob, limit, projectId, ...lifecycles);
+    }
+    return this.db.query(`SELECT v.observation_id, v.distance
+         FROM vec_observations v
+         JOIN observations o ON o.id = v.observation_id
+         WHERE v.embedding MATCH ?
+           AND k = ?
+           AND o.lifecycle IN (${lifecyclePlaceholders})
+           AND o.superseded_by IS NULL`).all(embeddingBlob, limit, ...lifecycles);
+  }
+  getUnembeddedCount() {
+    if (!this.vecAvailable)
+      return 0;
+    const result = this.db.query(`SELECT COUNT(*) as count FROM observations o
+         WHERE o.lifecycle IN ('active', 'aging', 'pinned')
+         AND o.superseded_by IS NULL
+         AND NOT EXISTS (
+           SELECT 1 FROM vec_observations v WHERE v.observation_id = o.id
+         )`).get();
+    return result?.count ?? 0;
+  }
+  getUnembeddedObservations(limit = 100) {
+    if (!this.vecAvailable)
+      return [];
+    return this.db.query(`SELECT o.* FROM observations o
+         WHERE o.lifecycle IN ('active', 'aging', 'pinned')
+         AND o.superseded_by IS NULL
+         AND NOT EXISTS (
+           SELECT 1 FROM vec_observations v WHERE v.observation_id = o.id
+         )
+         ORDER BY o.created_at_epoch DESC
+         LIMIT ?`).all(limit);
+  }
+  insertSessionSummary(summary) {
+    const now = Math.floor(Date.now() / 1000);
+    const result = this.db.query(`INSERT INTO session_summaries (session_id, project_id, user_id, request, investigated, learned, completed, next_steps, created_at_epoch)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`).run(summary.session_id, summary.project_id, summary.user_id, summary.request, summary.investigated, summary.learned, summary.completed, summary.next_steps, now);
+    const id = Number(result.lastInsertRowid);
+    return this.db.query("SELECT * FROM session_summaries WHERE id = ?").get(id);
+  }
+  getSessionSummary(sessionId) {
+    return this.db.query("SELECT * FROM session_summaries WHERE session_id = ?").get(sessionId) ?? null;
+  }
+  getRecentSummaries(projectId, limit = 5) {
+    return this.db.query(`SELECT * FROM session_summaries
+         WHERE project_id = ?
+         ORDER BY created_at_epoch DESC, id DESC
+         LIMIT ?`).all(projectId, limit);
+  }
+  incrementSessionMetrics(sessionId, increments) {
+    const sets = [];
+    const params = [];
+    if (increments.files) {
+      sets.push("files_touched_count = files_touched_count + ?");
+      params.push(increments.files);
+    }
+    if (increments.searches) {
+      sets.push("searches_performed = searches_performed + ?");
+      params.push(increments.searches);
+    }
+    if (increments.toolCalls) {
+      sets.push("tool_calls_count = tool_calls_count + ?");
+      params.push(increments.toolCalls);
+    }
+    if (sets.length === 0)
+      return;
+    params.push(sessionId);
+    this.db.query(`UPDATE sessions SET ${sets.join(", ")} WHERE session_id = ?`).run(...params);
+  }
+  getSessionMetrics(sessionId) {
+    return this.db.query("SELECT * FROM sessions WHERE session_id = ?").get(sessionId) ?? null;
+  }
+  insertSecurityFinding(finding) {
+    const now = Math.floor(Date.now() / 1000);
+    const result = this.db.query(`INSERT INTO security_findings (session_id, project_id, finding_type, severity, pattern_name, file_path, snippet, tool_name, user_id, device_id, created_at_epoch)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`).run(finding.session_id ?? null, finding.project_id, finding.finding_type, finding.severity, finding.pattern_name, finding.file_path ?? null, finding.snippet ?? null, finding.tool_name ?? null, finding.user_id, finding.device_id, now);
+    const id = Number(result.lastInsertRowid);
+    return this.db.query("SELECT * FROM security_findings WHERE id = ?").get(id);
+  }
+  getSecurityFindings(projectId, options = {}) {
+    const limit = options.limit ?? 50;
+    if (options.severity) {
+      return this.db.query(`SELECT * FROM security_findings
+           WHERE project_id = ? AND severity = ?
+           ORDER BY created_at_epoch DESC
+           LIMIT ?`).all(projectId, options.severity, limit);
+    }
+    return this.db.query(`SELECT * FROM security_findings
+         WHERE project_id = ?
+         ORDER BY created_at_epoch DESC
+         LIMIT ?`).all(projectId, limit);
+  }
+  getSecurityFindingsCount(projectId) {
+    const rows = this.db.query(`SELECT severity, COUNT(*) as count FROM security_findings
+         WHERE project_id = ?
+         GROUP BY severity`).all(projectId);
+    const counts = {
+      critical: 0,
+      high: 0,
+      medium: 0,
+      low: 0
+    };
+    for (const row of rows) {
+      counts[row.severity] = row.count;
+    }
+    return counts;
+  }
+  setSessionRiskScore(sessionId, score) {
+    this.db.query("UPDATE sessions SET risk_score = ? WHERE session_id = ?").run(score, sessionId);
+  }
+  getObservationsBySession(sessionId) {
+    return this.db.query(`SELECT * FROM observations WHERE session_id = ? ORDER BY created_at_epoch ASC`).all(sessionId);
+  }
+  getInstalledPacks() {
+    try {
+      const rows = this.db.query("SELECT name FROM packs_installed").all();
+      return rows.map((r) => r.name);
+    } catch {
+      return [];
+    }
+  }
+  markPackInstalled(name, observationCount) {
+    const now = Math.floor(Date.now() / 1000);
+    this.db.query("INSERT OR REPLACE INTO packs_installed (name, installed_at, observation_count) VALUES (?, ?, ?)").run(name, now, observationCount);
+  }
+}
+
+// src/storage/projects.ts
+import { execSync } from "node:child_process";
+import { existsSync as existsSync2, readFileSync as readFileSync2 } from "node:fs";
+import { basename, join as join2 } from "node:path";
+function normaliseGitRemoteUrl(remoteUrl) {
+  let url = remoteUrl.trim();
+  url = url.replace(/^(?:https?|ssh|git):\/\//, "");
+  url = url.replace(/^[^@]+@/, "");
+  url = url.replace(/^([^/:]+):(?!\d)/, "$1/");
+  url = url.replace(/\.git$/, "");
+  url = url.replace(/\/+$/, "");
+  const slashIndex = url.indexOf("/");
+  if (slashIndex !== -1) {
+    const host = url.substring(0, slashIndex).toLowerCase();
+    const path = url.substring(slashIndex);
+    url = host + path;
+  } else {
+    url = url.toLowerCase();
+  }
+  return url;
+}
+function projectNameFromCanonicalId(canonicalId) {
+  const parts = canonicalId.split("/");
+  return parts[parts.length - 1] ?? canonicalId;
+}
+function getGitRemoteUrl(directory) {
+  try {
+    const url = execSync("git remote get-url origin", {
+      cwd: directory,
+      encoding: "utf-8",
+      timeout: 5000,
+      stdio: ["pipe", "pipe", "pipe"]
+    }).trim();
+    return url || null;
+  } catch {
+    try {
+      const remotes = execSync("git remote", {
+        cwd: directory,
+        encoding: "utf-8",
+        timeout: 5000,
+        stdio: ["pipe", "pipe", "pipe"]
+      }).trim().split(`
+`).filter(Boolean);
+      if (remotes.length === 0)
+        return null;
+      const url = execSync(`git remote get-url ${remotes[0]}`, {
+        cwd: directory,
+        encoding: "utf-8",
+        timeout: 5000,
+        stdio: ["pipe", "pipe", "pipe"]
+      }).trim();
+      return url || null;
+    } catch {
+      return null;
+    }
+  }
+}
+function readProjectConfigFile(directory) {
+  const configPath = join2(directory, ".engrm.json");
+  if (!existsSync2(configPath))
+    return null;
+  try {
+    const raw = readFileSync2(configPath, "utf-8");
+    const parsed = JSON.parse(raw);
+    if (typeof parsed["project_id"] !== "string" || !parsed["project_id"]) {
+      return null;
+    }
+    return {
+      project_id: parsed["project_id"],
+      name: typeof parsed["name"] === "string" ? parsed["name"] : undefined
+    };
+  } catch {
+    return null;
+  }
+}
+function detectProject(directory) {
+  const remoteUrl = getGitRemoteUrl(directory);
+  if (remoteUrl) {
+    const canonicalId = normaliseGitRemoteUrl(remoteUrl);
+    return {
+      canonical_id: canonicalId,
+      name: projectNameFromCanonicalId(canonicalId),
+      remote_url: remoteUrl,
+      local_path: directory
+    };
+  }
+  const configFile = readProjectConfigFile(directory);
+  if (configFile) {
+    return {
+      canonical_id: configFile.project_id,
+      name: configFile.name ?? projectNameFromCanonicalId(configFile.project_id),
+      remote_url: null,
+      local_path: directory
+    };
+  }
+  const dirName = basename(directory);
+  return {
+    canonical_id: `local/${dirName}`,
+    name: dirName,
+    remote_url: null,
+    local_path: directory
+  };
+}
+
+// src/context/inject.ts
+var RECENCY_WINDOW_SECONDS = 30 * 86400;
+function computeBlendedScore(quality, createdAtEpoch, nowEpoch) {
+  const age = nowEpoch - createdAtEpoch;
+  const recencyNorm = Math.max(0, Math.min(1, 1 - age / RECENCY_WINDOW_SECONDS));
+  return quality * 0.6 + recencyNorm * 0.4;
+}
+function estimateTokens(text) {
+  if (!text)
+    return 0;
+  return Math.ceil(text.length / 4);
+}
+function buildSessionContext(db, cwd, options = {}) {
+  const opts = typeof options === "number" ? { maxCount: options } : options;
+  const tokenBudget = opts.tokenBudget ?? 800;
+  const maxCount = opts.maxCount;
+  const detected = detectProject(cwd);
+  const project = db.getProjectByCanonicalId(detected.canonical_id);
+  if (!project) {
+    return {
+      project_name: detected.name,
+      canonical_id: detected.canonical_id,
+      observations: [],
+      session_count: 0,
+      total_active: 0
+    };
+  }
+  const totalActive = (db.db.query(`SELECT COUNT(*) as c FROM observations
+         WHERE project_id = ? AND lifecycle IN ('active', 'aging', 'pinned')
+         AND superseded_by IS NULL`).get(project.id) ?? { c: 0 }).c;
+  const MAX_PINNED = 5;
+  const pinned = db.db.query(`SELECT * FROM observations
+       WHERE project_id = ? AND lifecycle = 'pinned'
+       AND superseded_by IS NULL
+       ORDER BY quality DESC, created_at_epoch DESC
+       LIMIT ?`).all(project.id, MAX_PINNED);
+  const candidateLimit = maxCount ?? 50;
+  const candidates = db.db.query(`SELECT * FROM observations
+       WHERE project_id = ? AND lifecycle IN ('active', 'aging')
+       AND quality >= 0.3
+       AND superseded_by IS NULL
+       ORDER BY quality DESC, created_at_epoch DESC
+       LIMIT ?`).all(project.id, candidateLimit);
+  let crossProjectCandidates = [];
+  if (opts.scope === "all") {
+    const crossLimit = Math.max(10, Math.floor(candidateLimit / 3));
+    const rawCross = db.db.query(`SELECT * FROM observations
+         WHERE project_id != ? AND lifecycle IN ('active', 'aging')
+         AND quality >= 0.5
+         AND superseded_by IS NULL
+         ORDER BY quality DESC, created_at_epoch DESC
+         LIMIT ?`).all(project.id, crossLimit);
+    const projectNameCache = new Map;
+    crossProjectCandidates = rawCross.map((obs) => {
+      if (!projectNameCache.has(obs.project_id)) {
+        const proj = db.getProjectById(obs.project_id);
+        if (proj)
+          projectNameCache.set(obs.project_id, proj.name);
+      }
+      return { ...obs, _source_project: projectNameCache.get(obs.project_id) };
+    });
+  }
+  const seenIds = new Set(pinned.map((o) => o.id));
+  const deduped = candidates.filter((o) => !seenIds.has(o.id));
+  for (const obs of crossProjectCandidates) {
+    if (!seenIds.has(obs.id)) {
+      seenIds.add(obs.id);
+      deduped.push(obs);
+    }
+  }
+  const nowEpoch = Math.floor(Date.now() / 1000);
+  const sorted = [...deduped].sort((a, b) => {
+    const boostA = a.type === "digest" ? 0.15 : 0;
+    const boostB = b.type === "digest" ? 0.15 : 0;
+    const scoreA = computeBlendedScore(a.quality, a.created_at_epoch, nowEpoch) + boostA;
+    const scoreB = computeBlendedScore(b.quality, b.created_at_epoch, nowEpoch) + boostB;
+    return scoreB - scoreA;
+  });
+  if (maxCount !== undefined) {
+    const remaining = Math.max(0, maxCount - pinned.length);
+    const all = [...pinned, ...sorted.slice(0, remaining)];
+    return {
+      project_name: project.name,
+      canonical_id: project.canonical_id,
+      observations: all.map(toContextObservation),
+      session_count: all.length,
+      total_active: totalActive
+    };
+  }
+  let remainingBudget = tokenBudget - 30;
+  const selected = [];
+  for (const obs of pinned) {
+    const cost = estimateObservationTokens(obs, selected.length);
+    remainingBudget -= cost;
+    selected.push(obs);
+  }
+  for (const obs of sorted) {
+    const cost = estimateObservationTokens(obs, selected.length);
+    if (remainingBudget - cost < 0 && selected.length > 0)
+      break;
+    remainingBudget -= cost;
+    selected.push(obs);
+  }
+  const summaries = db.getRecentSummaries(project.id, 2);
+  let securityFindings = [];
+  try {
+    const weekAgo = Math.floor(Date.now() / 1000) - 7 * 86400;
+    securityFindings = db.db.query(`SELECT * FROM security_findings
+         WHERE project_id = ? AND created_at_epoch > ?
+         ORDER BY severity DESC, created_at_epoch DESC
+         LIMIT ?`).all(project.id, weekAgo, 10);
+  } catch {}
+  return {
+    project_name: project.name,
+    canonical_id: project.canonical_id,
+    observations: selected.map(toContextObservation),
+    session_count: selected.length,
+    total_active: totalActive,
+    summaries: summaries.length > 0 ? summaries : undefined,
+    securityFindings: securityFindings.length > 0 ? securityFindings : undefined
+  };
+}
+function estimateObservationTokens(obs, index) {
+  const DETAILED_THRESHOLD = 3;
+  const titleCost = estimateTokens(`- **[${obs.type}]** ${obs.title} (2026-01-01, q=0.5)`);
+  if (index >= DETAILED_THRESHOLD) {
+    return titleCost;
+  }
+  const detailText = formatObservationDetail(obs);
+  return titleCost + estimateTokens(detailText);
+}
+function formatContextForInjection(context) {
+  if (context.observations.length === 0) {
+    return `Project: ${context.project_name} (no prior observations)`;
+  }
+  const DETAILED_COUNT = 3;
+  const lines = [
+    `## Project Memory: ${context.project_name}`,
+    `${context.session_count} relevant observation(s) from prior sessions:`,
+    ""
+  ];
+  for (let i = 0;i < context.observations.length; i++) {
+    const obs = context.observations[i];
+    const date = obs.created_at.split("T")[0];
+    const fromLabel = obs.source_project ? ` [from: ${obs.source_project}]` : "";
+    lines.push(`- **[${obs.type}]** ${obs.title} (${date}, q=${obs.quality.toFixed(1)})${fromLabel}`);
+    if (i < DETAILED_COUNT) {
+      const detail = formatObservationDetailFromContext(obs);
+      if (detail) {
+        lines.push(detail);
+      }
+    }
+  }
+  if (context.summaries && context.summaries.length > 0) {
+    lines.push("");
+    lines.push("Lessons from recent sessions:");
+    for (const summary of context.summaries) {
+      if (summary.request) {
+        lines.push(`- Request: ${summary.request}`);
+      }
+      if (summary.learned) {
+        lines.push(`  Learned: ${truncateText(summary.learned, 100)}`);
+      }
+      if (summary.next_steps) {
+        lines.push(`  Next: ${truncateText(summary.next_steps, 80)}`);
+      }
+    }
+  }
+  if (context.securityFindings && context.securityFindings.length > 0) {
+    lines.push("");
+    lines.push("Security findings (recent):");
+    for (const finding of context.securityFindings) {
+      const date = new Date(finding.created_at_epoch * 1000).toISOString().split("T")[0];
+      const file = finding.file_path ? ` in ${finding.file_path}` : finding.tool_name ? ` via ${finding.tool_name}` : "";
+      lines.push(`- [${finding.severity.toUpperCase()}] ${finding.pattern_name}${file} (${date})`);
+    }
+  }
+  const remaining = context.total_active - context.session_count;
+  if (remaining > 0) {
+    lines.push("");
+    lines.push(`${remaining} more observation(s) available via search tool.`);
+  }
+  return lines.join(`
+`);
+}
+function truncateText(text, maxLen) {
+  if (text.length <= maxLen)
+    return text;
+  return text.slice(0, maxLen - 3) + "...";
+}
+function formatObservationDetailFromContext(obs) {
+  if (obs.facts) {
+    const bullets = parseFacts(obs.facts);
+    if (bullets.length > 0) {
+      return bullets.slice(0, 4).map((f) => `  - ${f}`).join(`
+`);
+    }
+  }
+  if (obs.narrative) {
+    const snippet = obs.narrative.length > 120 ? obs.narrative.slice(0, 117) + "..." : obs.narrative;
+    return `  ${snippet}`;
+  }
+  return null;
+}
+function formatObservationDetail(obs) {
+  if (obs.facts) {
+    const bullets = parseFacts(obs.facts);
+    if (bullets.length > 0) {
+      return bullets.slice(0, 4).map((f) => `  - ${f}`).join(`
+`);
+    }
+  }
+  if (obs.narrative) {
+    const snippet = obs.narrative.length > 120 ? obs.narrative.slice(0, 117) + "..." : obs.narrative;
+    return `  ${snippet}`;
+  }
+  return "";
+}
+function parseFacts(facts) {
+  if (!facts)
+    return [];
+  try {
+    const parsed = JSON.parse(facts);
+    if (Array.isArray(parsed)) {
+      return parsed.filter((f) => typeof f === "string" && f.length > 0);
+    }
+  } catch {
+    if (facts.trim().length > 0) {
+      return [facts.trim()];
+    }
+  }
+  return [];
+}
+function toContextObservation(obs) {
+  return {
+    id: obs.id,
+    type: obs.type,
+    title: obs.title,
+    narrative: obs.narrative,
+    facts: obs.facts,
+    quality: obs.quality,
+    created_at: obs.created_at,
+    ...obs._source_project ? { source_project: obs._source_project } : {}
+  };
+}
+
+// src/telemetry/stack-detect.ts
+import { existsSync as existsSync3 } from "node:fs";
+import { join as join3, extname } from "node:path";
+var EXTENSION_MAP = {
+  ".tsx": "react",
+  ".jsx": "react",
+  ".ts": "typescript",
+  ".js": "javascript",
+  ".py": "python",
+  ".rs": "rust",
+  ".go": "go",
+  ".java": "java",
+  ".kt": "kotlin",
+  ".swift": "swift",
+  ".rb": "ruby",
+  ".php": "php",
+  ".cs": "csharp",
+  ".cpp": "cpp",
+  ".c": "c",
+  ".zig": "zig",
+  ".ex": "elixir",
+  ".exs": "elixir",
+  ".erl": "erlang",
+  ".hs": "haskell",
+  ".lua": "lua",
+  ".dart": "dart",
+  ".scala": "scala",
+  ".clj": "clojure",
+  ".vue": "vue",
+  ".svelte": "svelte",
+  ".astro": "astro"
+};
+var CONFIG_FILE_STACKS = [
+  ["next.config.js", "nextjs"],
+  ["next.config.mjs", "nextjs"],
+  ["next.config.ts", "nextjs"],
+  ["nuxt.config.ts", "nuxt"],
+  ["nuxt.config.js", "nuxt"],
+  ["vite.config.ts", "vite"],
+  ["vite.config.js", "vite"],
+  ["vite.config.mjs", "vite"],
+  ["svelte.config.js", "svelte"],
+  ["astro.config.mjs", "astro"],
+  ["remix.config.js", "remix"],
+  ["angular.json", "angular"],
+  ["tailwind.config.js", "tailwind"],
+  ["tailwind.config.ts", "tailwind"],
+  ["postcss.config.js", "postcss"],
+  ["webpack.config.js", "webpack"],
+  ["tsconfig.json", "typescript"],
+  ["Cargo.toml", "rust"],
+  ["go.mod", "go"],
+  ["pyproject.toml", "python"],
+  ["setup.py", "python"],
+  ["requirements.txt", "python"],
+  ["Pipfile", "python"],
+  ["manage.py", "django"],
+  ["Gemfile", "ruby"],
+  ["composer.json", "php"],
+  ["pom.xml", "java"],
+  ["build.gradle", "gradle"],
+  ["build.gradle.kts", "gradle"],
+  ["Package.swift", "swift"],
+  ["pubspec.yaml", "flutter"],
+  ["mix.exs", "elixir"],
+  ["deno.json", "deno"],
+  ["bun.lock", "bun"],
+  ["bun.lockb", "bun"],
+  ["docker-compose.yml", "docker"],
+  ["docker-compose.yaml", "docker"],
+  ["Dockerfile", "docker"],
+  [".prisma/schema.prisma", "prisma"],
+  ["prisma/schema.prisma", "prisma"],
+  ["drizzle.config.ts", "drizzle"]
+];
+var PATH_PATTERN_STACKS = [
+  ["/__tests__/", "jest"],
+  ["/.storybook/", "storybook"],
+  ["/cypress/", "cypress"],
+  ["/playwright/", "playwright"],
+  ["/terraform/", "terraform"],
+  ["/k8s/", "kubernetes"],
+  ["/helm/", "helm"]
+];
+function detectStacks(filePaths) {
+  const stacks = new Set;
+  for (const fp of filePaths) {
+    const ext = extname(fp).toLowerCase();
+    if (ext && EXTENSION_MAP[ext]) {
+      stacks.add(EXTENSION_MAP[ext]);
+    }
+    for (const [pattern, stack] of PATH_PATTERN_STACKS) {
+      if (fp.includes(pattern)) {
+        stacks.add(stack);
+      }
+    }
+  }
+  return Array.from(stacks).sort();
+}
+function detectStacksFromProject(projectRoot, filePaths = []) {
+  const stacks = new Set(detectStacks(filePaths));
+  for (const [configFile, stack] of CONFIG_FILE_STACKS) {
+    try {
+      if (existsSync3(join3(projectRoot, configFile))) {
+        stacks.add(stack);
+      }
+    } catch {}
+  }
+  const sorted = Array.from(stacks).sort();
+  const frameworks = ["nextjs", "nuxt", "remix", "angular", "django", "flutter", "svelte", "astro"];
+  const primary = sorted.find((s) => frameworks.includes(s)) ?? sorted[0] ?? "unknown";
+  return { stacks: sorted, primary };
+}
+
+// src/packs/recommender.ts
+import { existsSync as existsSync4, readdirSync, readFileSync as readFileSync3 } from "node:fs";
+import { join as join4, basename as basename3, dirname } from "node:path";
+import { fileURLToPath } from "node:url";
+var STACK_PACK_MAP = {
+  typescript: ["typescript-patterns"],
+  react: ["react-gotchas"],
+  nextjs: ["nextjs-patterns"],
+  python: ["python-django"],
+  django: ["python-django"],
+  javascript: ["node-security"],
+  bun: ["node-security"]
+};
+function getPacksDir() {
+  const thisDir = dirname(fileURLToPath(import.meta.url));
+  return join4(thisDir, "../../packs");
+}
+function listAvailablePacks() {
+  const dir = getPacksDir();
+  if (!existsSync4(dir))
+    return [];
+  return readdirSync(dir).filter((f) => f.endsWith(".json")).map((f) => basename3(f, ".json"));
+}
+function loadPack(name) {
+  const packPath = join4(getPacksDir(), `${name}.json`);
+  if (!existsSync4(packPath))
+    return null;
+  try {
+    const raw = readFileSync3(packPath, "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return null;
+  }
+}
+function recommendPacks(stacks, installedPacks) {
+  const installed = new Set(installedPacks);
+  const available = listAvailablePacks();
+  const availableSet = new Set(available);
+  const seen = new Set;
+  const recommendations = [];
+  for (const stack of stacks) {
+    const packNames = STACK_PACK_MAP[stack] ?? [];
+    for (const packName of packNames) {
+      if (seen.has(packName) || installed.has(packName) || !availableSet.has(packName)) {
+        continue;
+      }
+      seen.add(packName);
+      const pack = loadPack(packName);
+      if (!pack)
+        continue;
+      const matchedStacks = stacks.filter((s) => STACK_PACK_MAP[s]?.includes(packName));
+      recommendations.push({
+        name: packName,
+        description: pack.description,
+        observationCount: pack.observations.length,
+        matchedStacks
+      });
+    }
+  }
+  return recommendations;
+}
+
+// hooks/session-start.ts
+async function main() {
+  const chunks = [];
+  for await (const chunk of process.stdin) {
+    chunks.push(typeof chunk === "string" ? chunk : Buffer.from(chunk).toString());
+  }
+  const raw = chunks.join("");
+  if (!raw.trim())
+    process.exit(0);
+  let event;
+  try {
+    event = JSON.parse(raw);
+  } catch {
+    process.exit(0);
+  }
+  if (!configExists())
+    process.exit(0);
+  let config;
+  let db;
+  try {
+    config = loadConfig();
+    db = new MemDatabase(getDbPath());
+  } catch {
+    process.exit(0);
+  }
+  try {
+    const context = buildSessionContext(db, event.cwd, {
+      tokenBudget: 800,
+      scope: config.search.scope
+    });
+    if (context && context.observations.length > 0) {
+      console.log(formatContextForInjection(context));
+      const parts = [];
+      parts.push(`${context.session_count} observation(s)`);
+      if (context.securityFindings && context.securityFindings.length > 0) {
+        parts.push(`${context.securityFindings.length} security finding(s)`);
+      }
+      const remaining = context.total_active - context.session_count;
+      if (remaining > 0) {
+        parts.push(`${remaining} more searchable`);
+      }
+      console.error(`Engrm: ${parts.join(" \xB7 ")} \u2014 memory loaded`);
+    }
+    try {
+      const { stacks } = detectStacksFromProject(event.cwd);
+      if (stacks.length > 0) {
+        const installed = db.getInstalledPacks();
+        const recs = recommendPacks(stacks, installed);
+        if (recs.length > 0) {
+          const names = recs.map((r) => `\`${r.name}\``).join(", ");
+          console.log(`
+Help packs available for your stack: ${names}. ` + `Use the install_pack tool to load curated observations.`);
+        }
+      }
+    } catch {}
+  } finally {
+    db.close();
+  }
+}
+main().catch(() => {
+  process.exit(0);
+});