gitmem-mcp 1.0.3 → 1.0.5

package/dist/services/startup.d.ts

@@ -10,7 +10,7 @@
  * - 500-employees-at-8AM (no Supabase contention during session_start)
  * - Cross-container consistency (same data = same results)
  *
- * Issue: OD-473
+ *
  */
 import type { Project } from "../types/index.js";
 /**

package/dist/services/startup.js

@@ -10,11 +10,12 @@
  * - 500-employees-at-8AM (no Supabase contention during session_start)
  * - Cross-container consistency (same data = same results)
  *
- * Issue: OD-473
+ *
  */
 import * as fs from "fs";
 import * as path from "path";
 import { isConfigured, loadScarsWithEmbeddings } from "./supabase-client.js";
+import { getGitmemDir } from "./gitmem-dir.js";
 import { initializeLocalSearch, reinitializeLocalSearch, isLocalSearchReady, getLocalVectorSearch, getCacheMetadata, setCacheTtl, } from "./local-vector-search.js";
 import { getConfig, shouldUseLocalSearch } from "./config.js";
 // Track startup state — unified cache, no per-project partitioning
@@ -32,7 +33,7 @@ let backgroundRefreshInterval = null;
  */
 function persistScarsForHooks(scars) {
     try {
-        const gitmemDir = path.join(process.cwd(), ".gitmem", "cache");
+        const gitmemDir = path.join(getGitmemDir(), "cache");
         if (!fs.existsSync(gitmemDir)) {
             fs.mkdirSync(gitmemDir, { recursive: true });
         }

package/dist/services/supabase-client.d.ts

@@ -5,9 +5,20 @@
  * agents/coda/src/services/supabase-mcp.js
  *
  * Uses JSON-RPC 2.0 protocol over HTTPS.
- * Integrates with CacheService for performance (OD-473).
+ * Integrates with CacheService for performance.
  */
 import type { Project, SupabaseListOptions, SupabaseSearchOptions } from "../types/index.js";
+/**
+ * Build a safe PostgREST `in.(...)` filter from an array of UUIDs.
+ * Rejects any non-UUID values to prevent filter injection via comma-splitting.
+ */
+export declare function safeInFilter(ids: string[]): string;
+/**
+ * Escape PostgREST special characters in a value used within filter expressions.
+ * Prevents injection via characters that have structural meaning in PostgREST syntax:
+ * parentheses (group operators), commas (value separators), dots (operator delimiters).
+ */
+export declare function escapePostgRESTValue(value: string): string;
 /**
  * Check if Supabase is configured
  */
@@ -54,7 +65,7 @@ export declare function directQueryAll<T = unknown>(table: string, options?: {
     order?: string;
 }, pageSize?: number, maxRows?: number): Promise<T[]>;
 /**
- * Knowledge triple from knowledge_triples table (OD-466)
+ * Knowledge triple from knowledge_triples table
  */
 export interface KnowledgeTriple {
     subject: string;
@@ -67,7 +78,7 @@ export interface KnowledgeTriple {
     source_id: string;
 }
 /**
- * Fetch related knowledge triples for a set of scar IDs (OD-466)
+ * Fetch related knowledge triples for a set of scar IDs
  *
  * Queries knowledge_triples table where source_id matches any of the provided scar IDs.
  * Returns triples grouped by source_id for easy attachment to scars.
@@ -99,7 +110,7 @@ export declare function directPatch<T = unknown>(table: string, filters: Record<
  * This bypasses ww-mcp because we need the embedding vectors for local search.
  * Returns learnings (scars, patterns, wins, anti-patterns) with full embedding data.
  *
- * NOTE: Changed from "scars only" to "all learning types" (OD-542 related fix)
+ * NOTE: Changed from "scars only" to "all learning types"
  */
 export declare function loadScarsWithEmbeddings<T = unknown>(project?: string, limit?: number): Promise<T[]>;
 /**
@@ -107,7 +118,7 @@ export declare function loadScarsWithEmbeddings<T = unknown>(project?: string, l
  */
 export declare function scarSearch<T = unknown>(query: string, matchCount?: number, project?: Project): Promise<T[]>;
 /**
- * Scar search with caching (OD-473)
+ * Scar search with caching
  *
  * Returns cached results if available, otherwise fetches and caches.
  */
@@ -117,7 +128,7 @@ export declare function cachedScarSearch<T = unknown>(query: string, matchCount?
     cache_age_ms?: number;
 }>;
 /**
- * List records with caching for decisions (OD-473)
+ * List records with caching for decisions
  */
 export declare function cachedListDecisions<T = unknown>(project?: Project, limit?: number): Promise<{
     data: T[];

package/dist/services/supabase-client.js

@@ -5,9 +5,45 @@
  * agents/coda/src/services/supabase-mcp.js
  *
  * Uses JSON-RPC 2.0 protocol over HTTPS.
- * Integrates with CacheService for performance (OD-473).
+ * Integrates with CacheService for performance.
  */
 import { getCache } from "./cache.js";
+// --- PostgREST Input Sanitization ---
+const UUID_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+/**
+ * Validate that a value is a UUID. Used to prevent injection in `in.(...)` filters
+ * where array elements are joined with commas.
+ */
+function isValidUUID(value) {
+    return UUID_PATTERN.test(value);
+}
+/**
+ * Build a safe PostgREST `in.(...)` filter from an array of UUIDs.
+ * Rejects any non-UUID values to prevent filter injection via comma-splitting.
+ */
+export function safeInFilter(ids) {
+    const valid = ids.filter(id => isValidUUID(id));
+    if (valid.length !== ids.length) {
+        console.warn(`[supabase-client] safeInFilter rejected ${ids.length - valid.length} non-UUID values`);
+    }
+    if (valid.length === 0)
+        return "in.()";
+    return `in.(${valid.join(",")})`;
+}
+/**
+ * Escape PostgREST special characters in a value used within filter expressions.
+ * Prevents injection via characters that have structural meaning in PostgREST syntax:
+ * parentheses (group operators), commas (value separators), dots (operator delimiters).
+ */
+export function escapePostgRESTValue(value) {
+    // Reject null bytes
+    if (value.includes("\0")) {
+        throw new Error("PostgREST value must not contain null bytes");
+    }
+    // For ilike patterns, escape structural PostgREST chars that could break OR groups
+    // PostgREST uses ( ) , as structural delimiters in or=() expressions
+    return value.replace(/[(),]/g, "");
+}
 // Configuration from environment
 const SUPABASE_URL = process.env.SUPABASE_URL || "";
 const SUPABASE_KEY = process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.SUPABASE_KEY || "";
@@ -228,7 +264,7 @@ export async function directQueryAll(table, options = {}, pageSize = 1000, maxRo
     return allRows;
 }
 /**
- * Fetch related knowledge triples for a set of scar IDs (OD-466)
+ * Fetch related knowledge triples for a set of scar IDs
  *
  * Queries knowledge_triples table where source_id matches any of the provided scar IDs.
  * Returns triples grouped by source_id for easy attachment to scars.
@@ -242,7 +278,7 @@ export async function fetchRelatedTriples(scarIds) {
         const triples = await directQuery("knowledge_triples", {
             select: "subject,predicate,object,event_time,decay_weight,half_life_days,decay_floor,source_id",
             filters: {
-                source_id: `in.(${scarIds.join(",")})`,
+                source_id: safeInFilter(scarIds),
             },
         });
         for (const triple of triples) {
@@ -283,7 +319,7 @@ export async function directUpsert(table, data) {
         throw new Error(`Supabase upsert error: ${response.status} - ${text.slice(0, 200)}`);
     }
     const result = await response.json();
-    // OD-539: Validate that write actually happened
+    // Validate that write actually happened
     // Supabase can return 200 OK with empty array [] when:
     // - RLS policy blocks the write
     // - Constraint violation handled gracefully
@@ -341,7 +377,7 @@ export async function directPatch(table, filters, data) {
  * This bypasses ww-mcp because we need the embedding vectors for local search.
  * Returns learnings (scars, patterns, wins, anti-patterns) with full embedding data.
  *
- * NOTE: Changed from "scars only" to "all learning types" (OD-542 related fix)
+ * NOTE: Changed from "scars only" to "all learning types"
  */
 export async function loadScarsWithEmbeddings(project, limit = 500) {
     console.error(`[supabase-direct] Loading learnings with embeddings${project ? ` for project: ${project}` : " (all projects)"}`);
@@ -384,7 +420,7 @@ export async function scarSearch(query, matchCount = 5, project) {
     return result.results || [];
 }
 /**
- * Scar search with caching (OD-473)
+ * Scar search with caching
  *
  * Returns cached results if available, otherwise fetches and caches.
  */
@@ -394,7 +430,7 @@ export async function cachedScarSearch(query, matchCount = 5, project = "default
     return { results: data, cache_hit, cache_age_ms };
 }
 /**
- * List records with caching for decisions (OD-473)
+ * List records with caching for decisions
  */
 export async function cachedListDecisions(project = "default", limit = 5) {
     const cache = getCache();
@@ -424,7 +460,7 @@ export async function cachedListWins(project = "default", limit = 8, columns) {
     return { data, cache_hit, cache_age_ms };
 }
 // ============================================================================
-// STORAGE API (for transcript persistence - OD-467)
+// STORAGE API
 // ============================================================================
 const TRANSCRIPT_BUCKET = "session-transcripts";
 /**

package/dist/services/thread-manager.d.ts

@@ -1,5 +1,5 @@
 /**
- * Thread Lifecycle Manager (OD-thread-lifecycle)
+ * Thread Lifecycle Manager ()
  *
  * Core logic for thread lifecycle management:
  * - ID generation, migration from plain strings to ThreadObject

package/dist/services/thread-manager.js

@@ -1,5 +1,5 @@
 /**
- * Thread Lifecycle Manager (OD-thread-lifecycle)
+ * Thread Lifecycle Manager ()
  *
  * Core logic for thread lifecycle management:
  * - ID generation, migration from plain strings to ThreadObject
@@ -11,6 +11,7 @@ import * as fs from "fs";
 import * as path from "path";
 import * as crypto from "crypto";
 import { normalizeText } from "./thread-dedup.js";
+import { getGitmemDir } from "./gitmem-dir.js";
 // ---------- ID Generation ----------
 /**
  * Generate a thread ID: "t-" + 8 hex chars
@@ -123,7 +124,7 @@ export function aggregateThreads(sessions, maxSessions = 5, maxAgeDays = 14) {
         const rawThreads = session.open_threads || [];
         const normalized = normalizeThreads(rawThreads, session.id);
         for (const thread of normalized) {
-            // Skip PROJECT STATE threads (handled separately via OD-534)
+            // Skip PROJECT STATE threads
             if (thread.text.startsWith("PROJECT STATE:"))
                 continue;
             // Deduplicate by both thread ID and normalized text content
@@ -184,8 +185,7 @@ export function resolveThread(threads, options) {
 // ---------- Local File Persistence ----------
 const THREADS_FILENAME = "threads.json";
 function getThreadsFilePath() {
-    const gitmemDir = path.join(process.cwd(), ".gitmem");
-    return path.join(gitmemDir, THREADS_FILENAME);
+    return path.join(getGitmemDir(), THREADS_FILENAME);
 }
 /**
  * Load threads from .gitmem/threads.json.
@@ -210,7 +210,7 @@ export function loadThreadsFile() {
  * Save threads to .gitmem/threads.json.
  */
 export function saveThreadsFile(threads) {
-    const gitmemDir = path.join(process.cwd(), ".gitmem");
+    const gitmemDir = getGitmemDir();
     if (!fs.existsSync(gitmemDir)) {
         fs.mkdirSync(gitmemDir, { recursive: true });
     }

package/dist/services/thread-supabase.d.ts

@@ -1,5 +1,5 @@
 /**
- * Thread Supabase Service (OD-620, OD-621, OD-622, OD-623, OD-624)
+ * Thread Supabase Service
  *
  * Provides Supabase CRUD operations for the orchestra_threads table.
  * Supabase is the source of truth; local .gitmem/threads.json is a cache.

package/dist/services/thread-supabase.js

@@ -1,5 +1,5 @@
 /**
- * Thread Supabase Service (OD-620, OD-621, OD-622, OD-623, OD-624)
+ * Thread Supabase Service
  *
  * Provides Supabase CRUD operations for the orchestra_threads table.
  * Supabase is the source of truth; local .gitmem/threads.json is a cache.
@@ -318,7 +318,7 @@ export async function syncThreadsToSupabase(threads, project = "default", sessio
     if (!hasSupabase() || !supabase.isConfigured() || threads.length === 0) {
         return;
     }
-    // OD-thread-dedup: Load existing open threads once upfront for text-based dedup.
+    //  Load existing open threads once upfront for text-based dedup.
     // Prevents duplicate creation when closing ceremony generates new thread IDs
     // for threads that already exist with the same (or similar) text.
     let existingOpenThreads = [];

package/dist/services/transcript-chunker.d.ts

@@ -4,7 +4,7 @@
  * Parses JSONL session transcripts, chunks them intelligently,
  * generates embeddings, and stores in orchestra_transcript_chunks.
  *
- * Issue: OD-540
+ *
  */
 import type { Project } from "../types/index.js";
 /**

package/dist/services/transcript-chunker.js

@@ -4,7 +4,7 @@
  * Parses JSONL session transcripts, chunks them intelligently,
  * generates embeddings, and stores in orchestra_transcript_chunks.
  *
- * Issue: OD-540
+ *
  */
 // OpenRouter API configuration (same as local-vector-search)
 const OPENROUTER_API_URL = "https://openrouter.ai/api/v1/embeddings";

package/dist/services/variant-assignment.d.ts

@@ -1,7 +1,7 @@
 /**
  * Scar Variant Assignment Service
- * OD-525: Integrates variant assignment into enforcement engine
- * OD-547: Switched from issue-keyed to agent-keyed assignment
+ * Integrates variant assignment into enforcement engine
+ * Switched from issue-keyed to agent-keyed assignment
  *
  * Handles:
  * - Random variant assignment for scars with variants
@@ -29,7 +29,7 @@ export interface ScarVariant {
 }
 /**
  * Assignment record
- * OD-547: Primary key is (agent_id, scar_id), issue_id/session_id are metadata
+ * Primary key is (agent_id, scar_id), issue_id/session_id are metadata
  */
 export interface VariantAssignment {
     id: string;
@@ -55,12 +55,12 @@ export interface ScarWithVariant {
 export declare function getActiveVariants(scarId: string): Promise<ScarVariant[]>;
 /**
  * Get existing assignment for an agent + scar pair
- * OD-547: Changed from issue-keyed to agent-keyed lookup
+ * Changed from issue-keyed to agent-keyed lookup
  */
 export declare function getExistingAssignment(agentId: string, scarId: string): Promise<VariantAssignment | null>;
 /**
  * Create random variant assignment
- * OD-547: Agent-keyed with optional issue/session metadata
+ * Agent-keyed with optional issue/session metadata
  */
 export declare function createVariantAssignment(agentId: string, scarId: string, variants: ScarVariant[], metadata?: {
     issueId?: string;
@@ -70,7 +70,7 @@ export declare function createVariantAssignment(agentId: string, scarId: string,
  * Get or create variant assignment for a scar
  * This is the main entry point for enforcement integration
  *
- * OD-547: Changed from issue-keyed to agent-keyed assignment.
+ * Changed from issue-keyed to agent-keyed assignment.
  * Agent identity is always available, so variants are always assigned.
  *
  * @param agentId - Agent identity (e.g., 'CLI', 'DAC', 'CODA-1')

package/dist/services/variant-assignment.js

@@ -1,7 +1,7 @@
 /**
  * Scar Variant Assignment Service
- * OD-525: Integrates variant assignment into enforcement engine
- * OD-547: Switched from issue-keyed to agent-keyed assignment
+ * Integrates variant assignment into enforcement engine
+ * Switched from issue-keyed to agent-keyed assignment
  *
  * Handles:
  * - Random variant assignment for scars with variants
@@ -9,6 +9,7 @@
  * - Legacy scar fallback (scars without variants use original description)
  * - Blind testing (agent doesn't know which variant they received)
  */
+import { randomInt } from "crypto";
 import * as supabase from "./supabase-client.js";
 /**
  * Get active variants for a scar
@@ -35,7 +36,7 @@ export async function getActiveVariants(scarId) {
 }
 /**
  * Get existing assignment for an agent + scar pair
- * OD-547: Changed from issue-keyed to agent-keyed lookup
+ * Changed from issue-keyed to agent-keyed lookup
  */
 export async function getExistingAssignment(agentId, scarId) {
     if (!supabase.isConfigured()) {
@@ -60,15 +61,15 @@ export async function getExistingAssignment(agentId, scarId) {
 }
 /**
  * Create random variant assignment
- * OD-547: Agent-keyed with optional issue/session metadata
+ * Agent-keyed with optional issue/session metadata
  */
 export async function createVariantAssignment(agentId, scarId, variants, metadata) {
     if (!supabase.isConfigured() || variants.length === 0) {
         return null;
     }
     try {
-        // Random selection from active variants
-        const randomIndex = Math.floor(Math.random() * variants.length);
+        // Cryptographically secure random selection for blind A/B testing integrity
+        const randomIndex = randomInt(0, variants.length);
         const selectedVariant = variants[randomIndex];
         const result = await supabase.directUpsert("variant_assignments", {
             agent_id: agentId,
@@ -86,7 +87,7 @@ export async function createVariantAssignment(agentId, scarId, variants, metadat
             console.error(`[variant-assignment] Assignment already exists (race condition), fetching...`);
             return await getExistingAssignment(agentId, scarId);
         }
-        console.error(`[variant-assignment] Exception creating assignment:`, error);
+        console.error(`[variant-assignment] Failed to create assignment for scar ${scarId}`);
         return null;
     }
 }
@@ -94,7 +95,7 @@ export async function createVariantAssignment(agentId, scarId, variants, metadat
  * Get or create variant assignment for a scar
  * This is the main entry point for enforcement integration
  *
- * OD-547: Changed from issue-keyed to agent-keyed assignment.
+ * Changed from issue-keyed to agent-keyed assignment.
  * Agent identity is always available, so variants are always assigned.
  *
  * @param agentId - Agent identity (e.g., 'CLI', 'DAC', 'CODA-1')

package/dist/tools/analyze.d.ts

@@ -1,11 +1,11 @@
 /**
- * analyze Tool (OD-567)
+ * analyze Tool
  *
  * Session analytics and insights engine. Provides structured analysis
  * of session history, closing reflections, agent patterns, and more.
  *
  * Starts with "summary" lens; expanded with additional lenses in
- * OD-568 (Tier 1), OD-569 (Tier 2), OD-570 (Tier 3), OD-572 (Tier 4).
+ * (Tier 1).
  *
  * Performance target: 3000ms
  */

package/dist/tools/analyze.js

@@ -1,11 +1,11 @@
 /**
- * analyze Tool (OD-567)
+ * analyze Tool
  *
  * Session analytics and insights engine. Provides structured analysis
  * of session history, closing reflections, agent patterns, and more.
  *
  * Starts with "summary" lens; expanded with additional lenses in
- * OD-568 (Tier 1), OD-569 (Tier 2), OD-570 (Tier 3), OD-572 (Tier 4).
+ * (Tier 1).
  *
  * Performance target: 3000ms
  */

package/dist/tools/archive-learning.js

@@ -10,6 +10,7 @@
  */
 import { directPatch, isConfigured } from "../services/supabase-client.js";
 import { hasSupabase } from "../services/tier.js";
+import { getStorage } from "../services/storage.js";
 import { flushCache } from "../services/startup.js";
 import { Timer } from "../services/metrics.js";
 import { wrapDisplay } from "../services/display-protocol.js";
@@ -26,35 +27,48 @@ export async function archiveLearning(params) {
             performance_ms: timer.stop(),
         };
     }
-    if (!hasSupabase() || !isConfigured()) {
-        const msg = "archive_learning requires Supabase (pro/dev tier)";
-        return {
-            success: false,
-            id: params.id,
-            cache_flushed: false,
-            display: wrapDisplay(msg),
-            error: msg,
-            performance_ms: timer.stop(),
-        };
-    }
     try {
         const archivedAt = new Date().toISOString();
-        await directPatch("orchestra_learnings", { id: `eq.${params.id}` }, {
-            is_active: false,
-            archived_at: archivedAt,
-        });
-        // Flush local cache so archived scar is immediately excluded
         let cacheFlushed = false;
-        try {
-            await flushCache();
-            cacheFlushed = true;
+        if (hasSupabase() && isConfigured()) {
+            // Pro/dev: patch in Supabase
+            await directPatch("orchestra_learnings", { id: `eq.${params.id}` }, {
+                is_active: false,
+                archived_at: archivedAt,
+            });
+            try {
+                await flushCache();
+                cacheFlushed = true;
+            }
+            catch {
+                console.error("[archive-learning] Cache flush failed (non-fatal)");
+            }
         }
-        catch {
-            console.error("[archive-learning] Cache flush failed (non-fatal)");
+        else {
+            // Free tier: update in local JSON
+            const storage = getStorage();
+            const existing = await storage.get("learnings", params.id);
+            if (!existing) {
+                const msg = `Learning ${params.id} not found in local storage`;
+                return {
+                    success: false,
+                    id: params.id,
+                    cache_flushed: false,
+                    display: wrapDisplay(msg),
+                    error: msg,
+                    performance_ms: timer.stop(),
+                };
+            }
+            await storage.upsert("learnings", {
+                ...existing,
+                id: params.id,
+                is_active: false,
+                archived_at: archivedAt,
+            });
         }
         const latencyMs = timer.stop();
         const reasonText = params.reason ? ` Reason: ${params.reason}` : "";
-        const display = `Archived learning ${params.id}.${reasonText}\nCache ${cacheFlushed ? "flushed" : "flush failed"} (${latencyMs}ms)`;
+        const display = `Archived learning ${params.id}.${reasonText}\n(${latencyMs}ms)`;
         return {
             success: true,
             id: params.id,

package/dist/tools/confirm-scars.js

@@ -176,7 +176,7 @@ export async function confirmScars(params) {
                 errors.push(error);
             }
             else {
-                // OD-690: Derive default relevance from decision if not provided
+                // Derive default relevance from decision if not provided
                 const relevance = conf.relevance ??
                     (conf.decision === "APPLYING" ? "high" : conf.decision === "N_A" ? "low" : "low");
                 validConfirmations.push({

package/dist/tools/create-decision.d.ts

@@ -5,7 +5,7 @@
  * Generates embeddings client-side and writes directly to Supabase REST API,
  * eliminating the ww-mcp Edge Function dependency.
  *
- * Performance target: <3000ms (OD-429)
+ * Performance target: <3000ms
  */
 import type { CreateDecisionParams, CreateDecisionResult } from "../types/index.js";
 /**

package/dist/tools/create-decision.js

@@ -5,7 +5,7 @@
  * Generates embeddings client-side and writes directly to Supabase REST API,
  * eliminating the ww-mcp Edge Function dependency.
  *
- * Performance target: <3000ms (OD-429)
+ * Performance target: <3000ms
  */
 import { v4 as uuidv4 } from "uuid";
 import * as supabase from "../services/supabase-client.js";
@@ -74,7 +74,7 @@ export async function createDecision(params) {
                 cache_status: "not_applicable",
                 network_call: true,
             };
-            // OD-466: Auto-create knowledge triples (tracked fire-and-forget)
+            // Auto-create knowledge triples (tracked fire-and-forget)
             getEffectTracker().track("triple_write", "decision", () => writeTriplesForDecision({
                 id: decisionId,
                 title: params.title,

package/dist/tools/create-learning.d.ts

@@ -5,7 +5,7 @@
  * Generates embeddings client-side and writes directly to Supabase REST API,
  * eliminating the ww-mcp Edge Function dependency.
  *
- * Performance target: <3000ms (OD-429)
+ * Performance target: <3000ms
  */
 import type { CreateLearningParams, CreateLearningResult } from "../types/index.js";
 /**

package/dist/tools/create-learning.js

@@ -5,7 +5,7 @@
  * Generates embeddings client-side and writes directly to Supabase REST API,
  * eliminating the ww-mcp Edge Function dependency.
  *
- * Performance target: <3000ms (OD-429)
+ * Performance target: <3000ms
  */
 import { v4 as uuidv4 } from "uuid";
 import * as supabase from "../services/supabase-client.js";
@@ -87,7 +87,7 @@ export async function createLearning(params) {
         created_at: new Date().toISOString(),
         persona_name: agentIdentity,
         source_date: new Date().toISOString().split("T")[0],
-        // OD-508: LLM-cooperative enforcement fields (optional)
+        // LLM-cooperative enforcement fields (optional)
         ...(params.why_this_matters && { why_this_matters: params.why_this_matters }),
         ...(params.action_protocol && { action_protocol: params.action_protocol }),
         ...(params.self_check_criteria && { self_check_criteria: params.self_check_criteria }),
@@ -151,14 +151,14 @@ export async function createLearning(params) {
                 cache_status: "not_applicable",
                 network_call: true,
             };
-            // OD-539: Defense in depth - verify write succeeded
+            // Defense in depth - verify write succeeded
             // directUpsert now throws on empty result, but explicit check documents expectation
             if (!writeResult || !writeResult.id) {
                 throw new Error(`Write verification failed: directUpsert returned ${writeResult ? 'record without id' : 'null/undefined'}. ` +
                     `Expected record with id field.`);
             }
             console.error(`[create_learning] directUpsert succeeded, verified ID: ${writeResult.id}`);
-            // OD-466: Auto-create knowledge triples (tracked fire-and-forget)
+            // Auto-create knowledge triples (tracked fire-and-forget)
             getEffectTracker().track("triple_write", "learning", () => writeTriplesForLearning({
                 id: learningId,
                 learning_type: params.learning_type,

package/dist/tools/create-linear-issue.d.ts

@@ -0,0 +1,18 @@
+/**
+ * create_linear_issue Tool (OD-611)
+ *
+ * Proxy Linear issue creation via GraphQL API.
+ * Returns slim response (~50 tokens) instead of Linear MCP's ~1400 tokens.
+ *
+ * Pattern: File-based payload handoff (same as session_close).
+ * Agent writes description to .gitmem/issue-payload.json, then calls this
+ * tool with title + teamId inline. Tool reads, merges, calls Linear, deletes file.
+ *
+ * Performance target: <2000ms (one network call)
+ */
+import type { CreateLinearIssueParams, CreateLinearIssueResult } from "../types/index.js";
+/**
+ * Create a Linear issue via GraphQL API with slim response.
+ */
+export declare function createLinearIssue(params: CreateLinearIssueParams): Promise<CreateLinearIssueResult>;
+//# sourceMappingURL=create-linear-issue.d.ts.map