kojee-mcp 0.5.4 → 0.5.7

package/dist/{control-token-TYDAL477.js → chunk-GI2CKKBL.js}

@@ -16,7 +16,12 @@ function issueControlToken(filePath = controlTokenPath()) {
   const dir = path.dirname(filePath);
   fs.mkdirSync(dir, { recursive: true, mode: 448 });
   secureDir(dir);
-  fs.writeFileSync(filePath, token + "\n", { mode: 384 });
+  try {
+    fs.unlinkSync(filePath);
+  } catch (err) {
+    if (err.code !== "ENOENT") throw err;
+  }
+  fs.writeFileSync(filePath, token + "\n", { mode: 384, flag: "wx" });
   secureFile(filePath);
   return token;
 }
@@ -28,8 +33,14 @@ function loadControlToken(filePath = controlTokenPath()) {
     return null;
   }
 }
+function controlTokenAuthHeaders(filePath) {
+  const token = loadControlToken(filePath);
+  return token ? { Authorization: `Bearer ${token}` } : {};
+}
+
 export {
   controlTokenPath,
   issueControlToken,
-  loadControlToken
+  loadControlToken,
+  controlTokenAuthHeaders
 };

package/dist/{resubscribe-SLZNA76S.js → chunk-OT2GILXC.js}

@@ -54,6 +54,7 @@ async function resubscribeMemberships(opts) {
   });
   return touched;
 }
+
 export {
   resubscribeMemberships
 };

package/dist/{chunk-YVUXQ4Z2.js → chunk-UEGQGXPY.js}

@@ -125,6 +125,13 @@ async function startEventStream(opts) {
     state.connected = false;
     currentController.abort();
   });
+  handle.reconnect = () => {
+    if (stopped) return;
+    console.error(
+      "[event-stream] reconnect requested (membership change) \u2014 closing current connection"
+    );
+    currentController.abort();
+  };
   handle.getState = () => ({
     connected: state.connected,
     connectedSince: state.connectedSince,
@@ -298,26 +305,62 @@ function sleep(ms) {
   return new Promise((r) => setTimeout(r, ms));
 }
 var MAX_DISPLAYNAME_CHARS = 64;
+var MAX_COMBINING_RUN = 4;
+var STRIP_CATEGORIES_RE = /[\p{Cc}\p{Cf}\p{Cs}\p{Co}\p{Cn}]/u;
+var INVISIBLE_MARKS_RE = /[\u034f\ufe00-\ufe0f\u{e0100}-\u{e01ef}]/u;
+var COMBINING_MARK_RE = /\p{Mn}/u;
 function sanitizeDisplayname(name) {
-  return name.replace(/[\x00-\x1f\x7f]+/g, " ").replace(/\s+/g, " ").trim().slice(0, MAX_DISPLAYNAME_CHARS);
+  const normalized = name.normalize("NFC");
+  let kept = "";
+  let combiningRun = 0;
+  for (const ch of normalized) {
+    if (STRIP_CATEGORIES_RE.test(ch) || INVISIBLE_MARKS_RE.test(ch)) continue;
+    if (COMBINING_MARK_RE.test(ch)) {
+      combiningRun += 1;
+      if (combiningRun > MAX_COMBINING_RUN) continue;
+    } else {
+      combiningRun = 0;
+    }
+    kept += ch;
+  }
+  const collapsed = kept.split(/\s+/).filter(Boolean).join(" ");
+  let capped = "";
+  for (const ch of collapsed) {
+    if (capped.length + ch.length > MAX_DISPLAYNAME_CHARS) break;
+    capped += ch;
+  }
+  return capped.trimEnd();
+}
+function resolveDisplayname(rawDisplay, principal) {
+  const trimmedDisplay = typeof rawDisplay === "string" ? rawDisplay.trim() : "";
+  const safeDisplay = trimmedDisplay ? sanitizeDisplayname(trimmedDisplay) : "";
+  if (safeDisplay) return safeDisplay;
+  if (!principal) return "unknown";
+  return `principal:${Array.from(principal).slice(0, 8).join("")}`;
 }
 function normalizeBackendEvent(raw, sseEventType) {
   const obj = raw ?? {};
   const maybeFrom = obj["from"];
   if (maybeFrom && typeof maybeFrom["principal"] === "string") {
-    return raw;
+    const canonical = raw;
+    const canonicalPrincipal = sanitizeDisplayname(maybeFrom["principal"]);
+    return {
+      ...canonical,
+      from: {
+        ...canonical.from,
+        principal: canonicalPrincipal,
+        displayname: resolveDisplayname(maybeFrom["displayname"], canonicalPrincipal)
+      }
+    };
   }
   const sender = obj["sender"] ?? {};
-  const principal = sender["principal_id"] ?? "";
+  const principal = sanitizeDisplayname(sender["principal_id"] ?? "");
   const agentId = sender["agent_id"];
   const rawSessionId = sender["session_id"];
   const sessionId = typeof rawSessionId === "string" && rawSessionId.trim() ? rawSessionId : void 0;
   const rawSeverity = obj["severity"];
   const severity = typeof rawSeverity === "string" && rawSeverity.trim() ? rawSeverity : void 0;
-  const rawDisplay = sender["display"];
-  const trimmedDisplay = typeof rawDisplay === "string" ? rawDisplay.trim() : "";
-  const safeDisplay = trimmedDisplay ? sanitizeDisplayname(trimmedDisplay) : "";
-  const displayname = safeDisplay ? safeDisplay : principal ? `principal:${principal.slice(0, 8)}` : "unknown";
+  const displayname = resolveDisplayname(sender["display"], principal);
   const type = sseEventType === "state_change" ? "state_change" : "message";
   const kind = obj["kind"] ?? "message";
   return {
@@ -346,5 +389,7 @@ function normalizeBackendEvent(raw, sseEventType) {
 
 export {
   createAdaptiveWatchdog,
-  startEventStream
+  startEventStream,
+  sanitizeDisplayname,
+  normalizeBackendEvent
 };

package/dist/{chunk-OSKHA5DS.js → chunk-V5VZPYMZ.js}

@@ -1,6 +1,6 @@
 // src/tandem/webhook-config.ts
-var WEBHOOK_DEFAULT_TIMEOUT_MS = 5e3;
-var WEBHOOK_DEFAULT_MAX_RETRIES = 4;
+var WEBHOOK_DEFAULT_TIMEOUT_MS = 3e4;
+var WEBHOOK_DEFAULT_MAX_RETRIES = 2;
 var WEBHOOK_DEFAULT_SIGNATURE_HEADER = "X-Kojee-Signature";
 var WEBHOOK_DEFAULT_SIGNATURE_PREFIX = "";
 var WEBHOOK_SIGNATURE_FORMATS = {

package/dist/cli.js

@@ -1,26 +1,29 @@
 #!/usr/bin/env node
+import {
+  VERSION,
+  startProxy
+} from "./chunk-GATXJ6UT.js";
+import "./chunk-X672ZN7V.js";
+import "./chunk-BJMASMKX.js";
 import {
   loadPairedConfig,
   pairedConfigPath,
   savePairedConfig
 } from "./chunk-YH27B6SW.js";
 import {
-  AuthModule,
-  VERSION,
-  startProxy
-} from "./chunk-62KH6VNQ.js";
-import "./chunk-YVUXQ4Z2.js";
-import "./chunk-BJMASMKX.js";
-import "./chunk-X672ZN7V.js";
-import "./chunk-36L3GCU3.js";
+  AuthModule
+} from "./chunk-6SK6ITFE.js";
+import {
+  defaultPairedKeystorePath,
+  deriveKeystorePath
+} from "./chunk-3XDJOHMZ.js";
+import "./chunk-UEGQGXPY.js";
 import "./chunk-2MIISF2W.js";
 import "./chunk-LDZXU3DW.js";
 import "./chunk-BLEGIR35.js";
 
 // src/cli.ts
 import { Command } from "commander";
-import crypto from "crypto";
-import os from "os";
 import path from "path";
 
 // src/tandem/pair.ts
@@ -63,14 +66,6 @@ async function runPair(opts) {
 }
 
 // src/cli.ts
-var KOJEE_DIR = path.join(os.homedir(), ".kojee");
-function deriveKeystorePath(token) {
-  const hash = crypto.createHash("sha256").update(token).digest("hex").slice(0, 12);
-  return path.join(KOJEE_DIR, `keypair-${hash}.json`);
-}
-function defaultPairedKeystorePath() {
-  return path.join(KOJEE_DIR, "keypair.json");
-}
 var program = new Command().name("kojee-mcp").description(
   "Local MCP proxy for Kojee \u2014 handles DPoP auth, tool discovery, and governance transparently"
 ).version(VERSION).enablePositionalOptions();
@@ -88,11 +83,11 @@ program.command("pair <code>").description("Pair this machine against Kojee usin
 });
 program.command("hook").description("Run a kojee MCP hook script (called by Claude Code via ~/.claude/settings.json)").requiredOption("--type <type>", "Hook type: stop, user-prompt-submit, or codex-stop").action(async (opts) => {
   if (opts.type === "stop") {
-    const { runStopHook } = await import("./stop-hook-GO363SMD.js");
+    const { runStopHook } = await import("./stop-hook-46BJD55B.js");
     await runStopHook();
     process.exit(0);
   } else if (opts.type === "user-prompt-submit") {
-    const { runUserPromptSubmitHook } = await import("./user-prompt-submit-hook-ARPEO6FF.js");
+    const { runUserPromptSubmitHook } = await import("./user-prompt-submit-hook-ZD2XKN7U.js");
     await runUserPromptSubmitHook();
     process.exit(0);
   } else if (opts.type === "codex-stop") {
@@ -122,7 +117,7 @@ Restart Claude Code for hooks to take effect.`
 program.command("send <tandem_id>").description(
   "Send a Tandem message using this machine's paired credentials (~/.kojee). Prints one JSON envelope to stdout: {ok, message_id, cursor, text} on success, {ok:false, error:<typed code>, message} on failure (exit 1)."
 ).requiredOption("--body <text>", "Message body (required)").option("--reply-to <message_id>", "Message id this send replies to").option("--kind <kind>", "Message kind: message | status (default: backend default)").action(async (tandemId, opts) => {
-  const { runSendCli } = await import("./send-cli-7QJ36YY7.js");
+  const { runSendCli } = await import("./send-cli-C2F4WTBN.js");
   const { exitCode, envelope } = await runSendCli({
     tandemId,
     body: opts.body,
@@ -133,7 +128,7 @@ program.command("send <tandem_id>").description(
   process.exit(exitCode);
 });
 program.command("tail <path>").description("Stream a file's contents and follow appends (portable replacement for `tail -F`)").action(async (filePath) => {
-  const { runTail } = await import("./tail-stream-U436QL2X.js");
+  const { runTail } = await import("./tail-stream-VUZBYKXS.js");
   try {
     await runTail(filePath);
   } catch (err) {
@@ -142,7 +137,7 @@ program.command("tail <path>").description("Stream a file's contents and follow
   }
 });
 program.command("doctor").description("Diagnose the kojee wake path (proxy, hook-server, SSE stream, event log, Monitor) and print the exact wake recipe").action(async () => {
-  const { runDoctor } = await import("./doctor-TXWMMSRC.js");
+  const { runDoctor } = await import("./doctor-QCQDFLEH.js");
   const code = await runDoctor();
   process.exit(code);
 });
@@ -163,7 +158,7 @@ program.command("init").description(
     console.error("Not paired. Run `kojee-mcp pair <code> --url <broker>` first, then re-run `init`.");
     process.exit(1);
   }
-  const { runWizard } = await import("./wizard-Z5JA3YPV.js");
+  const { runWizard } = await import("./wizard-UOXQYJLP.js");
   const interactive = process.stdin.isTTY === true && opts.runtime === void 0;
   const result = await runWizard({
     ...opts.runtime !== void 0 ? { runtime: opts.runtime } : {},

package/dist/control-token-4BUCTYQB.js

@@ -0,0 +1,13 @@
+import {
+  controlTokenAuthHeaders,
+  controlTokenPath,
+  issueControlToken,
+  loadControlToken
+} from "./chunk-GI2CKKBL.js";
+import "./chunk-BLEGIR35.js";
+export {
+  controlTokenAuthHeaders,
+  controlTokenPath,
+  issueControlToken,
+  loadControlToken
+};

package/dist/{doctor-TXWMMSRC.js → doctor-QCQDFLEH.js}

@@ -1,18 +1,21 @@
 import {
-  loadPairedConfig
-} from "./chunk-YH27B6SW.js";
+  monitorHeartbeatPath,
+  statusLogPath
+} from "./chunk-2TUAFAIW.js";
 import {
-  deriveDiscoveryKey,
-  findClaudeAncestorPid
-} from "./chunk-BJMASMKX.js";
+  loadControlToken
+} from "./chunk-GI2CKKBL.js";
 import {
   buildMonitorSpawn,
   buildReplyRecipe
 } from "./chunk-X672ZN7V.js";
 import {
-  monitorHeartbeatPath,
-  statusLogPath
-} from "./chunk-2TUAFAIW.js";
+  deriveDiscoveryKey,
+  findClaudeAncestorPid
+} from "./chunk-BJMASMKX.js";
+import {
+  loadPairedConfig
+} from "./chunk-YH27B6SW.js";
 import {
   discoveryPathForKey,
   readSessionDiscoveryByKey
@@ -111,8 +114,17 @@ async function collectDoctorReport(deps = {}) {
       ok: health !== null,
       detail: health !== null ? "ok" : "unreachable"
     });
-    const statusProbe = await probeJsonWithStatus(fetchFn, `${base}/status`);
-    if (statusProbe.json === null && statusProbe.routeAbsent) {
+    const readControlToken = deps.readControlToken ?? loadControlToken;
+    const controlToken = readControlToken(discovery.controlTokenPath);
+    const statusHeaders = controlToken ? { Authorization: `Bearer ${controlToken}` } : {};
+    const statusProbe = await probeJsonWithStatus(fetchFn, `${base}/status`, statusHeaders);
+    if (statusProbe.json === null && statusProbe.unauthorized) {
+      checks.push({
+        name: "hook-server /status",
+        ok: "warn",
+        detail: `401 unauthorized \u2014 /status is gated by the control token (0.5.4); could not present a valid bearer from ${discovery.controlTokenPath ?? "~/.kojee/control-token"} (daemon restarted? re-run doctor; file unreadable? check perms)`
+      });
+    } else if (statusProbe.json === null && statusProbe.routeAbsent) {
       checks.push({
         name: "hook-server /status",
         ok: "unknown",
@@ -187,14 +199,15 @@ async function probeJson(fetchFn, url) {
     return null;
   }
 }
-async function probeJsonWithStatus(fetchFn, url) {
+async function probeJsonWithStatus(fetchFn, url, headers = {}) {
   try {
-    const res = await fetchFn(url);
-    if (res.ok) return { json: await res.json(), routeAbsent: false };
+    const res = await fetchFn(url, { headers });
+    if (res.ok) return { json: await res.json(), routeAbsent: false, unauthorized: false };
     const routeAbsent = res.status === 404 || res.status === 405;
-    return { json: null, routeAbsent };
+    const unauthorized = res.status === 401;
+    return { json: null, routeAbsent, unauthorized };
   } catch {
-    return { json: null, routeAbsent: false };
+    return { json: null, routeAbsent: false, unauthorized: false };
   }
 }
 function formatDoctorReport(report) {
@@ -220,7 +233,7 @@ function formatDoctorReport(report) {
 async function runDoctor() {
   const { readRecordedRuntime } = await import("./runtime-record-WO4IECM6.js");
   if (readRecordedRuntime() === "codex") {
-    const { collectCodexDoctorReport, formatCodexDoctorReport } = await import("./doctor-codex-3A7KYOVX.js");
+    const { collectCodexDoctorReport, formatCodexDoctorReport } = await import("./doctor-codex-NZ53ROQA.js");
     const report2 = collectCodexDoctorReport();
     console.error(formatCodexDoctorReport(report2));
     return report2.verdict === "broken" ? 1 : 0;

package/dist/{doctor-codex-3A7KYOVX.js → doctor-codex-NZ53ROQA.js}

@@ -3,13 +3,13 @@ import {
   defaultCodexHooksPath
 } from "./chunk-64EOLZNI.js";
 import "./chunk-SQL56SEB.js";
+import {
+  resolveWebhookConfig
+} from "./chunk-V5VZPYMZ.js";
 import {
   CODEX_LISTEN_CAP_MS
 } from "./chunk-X672ZN7V.js";
 import "./chunk-BLEGIR35.js";
-import {
-  resolveWebhookConfig
-} from "./chunk-OSKHA5DS.js";
 
 // src/doctor-codex.ts
 import fs from "fs";

package/dist/ensure-join-7AEDJMPE.js

@@ -0,0 +1,96 @@
+// src/tandem/ensure-join.ts
+var OBJECT_ID_RE = /^[0-9a-f]{24}$/i;
+var DEFAULT_PER_CALL_TIMEOUT_MS = 1e4;
+function parseTandemsConfig(raw) {
+  const trimmed = (raw ?? "").trim();
+  if (trimmed.length === 0) return { mode: "auto", ids: [], invalid: [] };
+  if (trimmed.toLowerCase() === "none") return { mode: "disabled", ids: [], invalid: [] };
+  const ids = [];
+  const invalid = [];
+  for (const entry of trimmed.split(/[\s,]+/)) {
+    if (entry.length === 0) continue;
+    (OBJECT_ID_RE.test(entry) ? ids : invalid).push(entry);
+  }
+  return { mode: "explicit", ids, invalid };
+}
+async function ensureJoinTandems(opts) {
+  const log = opts.log ?? ((line) => console.error(line));
+  const perCallTimeoutMs = opts.perCallTimeoutMs ?? DEFAULT_PER_CALL_TIMEOUT_MS;
+  const config = parseTandemsConfig(opts.env);
+  const result = { mode: config.mode, joined: [], already: [], failed: [] };
+  if (config.mode === "disabled") {
+    log("[ensure-join] disabled (KOJEE_TANDEMS=none)");
+    return result;
+  }
+  for (const bad of config.invalid) {
+    log(`[ensure-join] skipping invalid tandem id "${bad}" (not a 24-hex ObjectId)`);
+  }
+  let ids;
+  if (config.mode === "explicit") {
+    ids = config.ids;
+    log(`[ensure-join] mode=explicit n=${ids.length} (KOJEE_TANDEMS)`);
+  } else {
+    let listed = null;
+    try {
+      listed = opts.listTandems ? await opts.listTandems() : null;
+    } catch (err) {
+      log(`[ensure-join] tandem_list threw: ${err.message}`);
+      listed = null;
+    }
+    if (listed === null) {
+      log(
+        "[ensure-join] tandem_list failed \u2014 cannot auto re-seat this session (set KOJEE_TANDEMS=<ids> to pin, or KOJEE_TANDEMS=none to silence)"
+      );
+      return result;
+    }
+    ids = listed;
+    log(`[ensure-join] mode=auto n=${ids.length} (KOJEE_TANDEMS unset \u2014 re-seating where this agent already holds a seat)`);
+  }
+  for (const id of ids) {
+    const outcome = await joinOne(opts.gateway, id, perCallTimeoutMs);
+    if (outcome.kind === "failed") {
+      result.failed.push(id);
+      log(`[ensure-join] ${id}: FAILED \u2014 ${outcome.detail} (continuing)`);
+      continue;
+    }
+    if (outcome.kind === "already") {
+      result.already.push(id);
+      log(`[ensure-join] ${id}: already seated`);
+    } else {
+      result.joined.push(id);
+      log(`[ensure-join] ${id}: joined fresh`);
+    }
+    try {
+      opts.onJoined?.(id);
+    } catch {
+    }
+  }
+  return result;
+}
+async function joinOne(gateway, tandemId, perCallTimeoutMs) {
+  const ac = new AbortController();
+  const timer = setTimeout(() => ac.abort(), perCallTimeoutMs);
+  try {
+    const result = await gateway.sendRpc(
+      "tools/call",
+      { name: "tandem_join", arguments: { tandem_id: tandemId } },
+      ac.signal
+    );
+    const text = (result.content ?? []).map((c) => typeof c?.text === "string" ? c.text : "").filter(Boolean).join("\n");
+    if (result.isError) {
+      return { kind: "failed", detail: text || "tandem_join returned an error with no text" };
+    }
+    if (/already[\s_-]?(a[\s_-]?)?(member|seated|joined)/i.test(text)) {
+      return { kind: "already" };
+    }
+    return { kind: "joined" };
+  } catch (err) {
+    return { kind: "failed", detail: err?.message ?? String(err) };
+  } finally {
+    clearTimeout(timer);
+  }
+}
+export {
+  ensureJoinTandems,
+  parseTandemsConfig
+};

package/dist/gateway-client-93P1E0CZ.d.ts

@@ -0,0 +1,92 @@
+import { KeyLike, JWK } from 'jose';
+
+interface ProxyConfig {
+    token: string;
+    url: string;
+    keystorePath: string;
+    /**
+     * How credentials were resolved at launch: "token" when `--token` was passed
+     * on the CLI, "paired" when read from ~/.kojee/config.json. The proxy records
+     * this in its session-discovery file so `kojee-mcp doctor` can render the
+     * pairing check honestly on a token-mode box (no config.json by design).
+     * Defaults to "paired" when unset (back-compat with callers predating the
+     * field).
+     */
+    authMode?: "token" | "paired";
+}
+interface KeystoreData {
+    private_key_jwk: JWK;
+    kid: string;
+    broker_url: string;
+    public_jwk: JWK;
+    enrolled_at: string;
+}
+interface LoadedKeyPair {
+    privateKey: KeyLike;
+    publicJwk: JWK;
+    kid: string;
+}
+interface GovernanceMeta {
+    decision: "require_approval" | "deny" | "allow";
+    approval_id?: string;
+    expires_at?: string;
+    triggered_guardrails?: string[];
+}
+interface ToolCallContent {
+    type: string;
+    text: string;
+}
+interface ToolCallResult {
+    content: ToolCallContent[];
+    isError?: boolean;
+    _meta?: {
+        governance?: GovernanceMeta;
+    };
+}
+
+declare class GatewayClient {
+    private readonly brokerUrl;
+    private readonly token;
+    private readonly privateKey;
+    private readonly kid;
+    private currentNonce;
+    private requestCounter;
+    private readonly endpoint;
+    constructor(brokerUrl: string, token: string, privateKey: KeyLike, kid: string, sessionId: string);
+    /**
+     * Expose the DPoP signing key so peer modules sharing auth state
+     * (e.g. tandem/event-stream.ts) can sign their own requests.
+     */
+    getPrivateKey(): KeyLike;
+    /**
+     * Expose the bot_key_id (kid) for DPoP proof headers. Paired with
+     * getPrivateKey() so peer modules can construct proofs without
+     * threading the key material through their own constructors.
+     */
+    getKid(): string;
+    /**
+     * Derive a deterministic session ID from the gateway token.
+     * session_id = sha256(token + "proxy").slice(0, 16)
+     */
+    static deriveSessionId(token: string): string;
+    /**
+     * Send a JSON-RPC 2.0 request to the gateway, handling DPoP auth and
+     * nonce retry transparently. A 403 `step_up_required` (deprecated feature,
+     * owner ruling 2026-06-10) is no longer polled — it surfaces immediately as
+     * a structured tool error via translateHttpError.
+     *
+     * `signal` (ROUND-3 MAJOR A) is a REAL AbortSignal threaded into the
+     * underlying `fetch` option — NOT placed inside `params`/`arguments`. A
+     * caller with a per-call timeout budget (e.g. resubscribeMemberships) passes
+     * its controller's signal here so a hung backend aborts at the budget instead
+     * of hanging forever. Putting the signal in `arguments` (the round-2 bug) both
+     * left fetch un-aborted AND serialized a junk `{}` onto the wire body.
+     */
+    sendRpc(method: string, params?: Record<string, unknown>, signal?: AbortSignal): Promise<ToolCallResult>;
+    private executeWithRetries;
+    private sendHttpRequest;
+    private trackNonce;
+    private tryParseErrorBody;
+}
+
+export { GatewayClient as G, type KeystoreData as K, type LoadedKeyPair as L, type ProxyConfig as P, type ToolCallResult as T };

package/dist/{hook-server-NDJSV22J.js → hook-server-37E2LUKJ.js}

@@ -33,6 +33,12 @@ async function handleRequest(req, res, opts) {
   if (req.method === "GET" && url.pathname === "/health") {
     return json(res, 200, { ok: true });
   }
+  if (req.method === "GET" && (url.pathname === "/status" || url.pathname === "/poll") && opts.controlToken !== void 0 && !bearerMatches(req.headers.authorization, opts.controlToken)) {
+    return json(res, 401, {
+      error: "unauthorized",
+      detail: "GET /poll and /status are gated by the control token (0.5.4) \u2014 read the file named by the discovery file's controlTokenPath and send it as `Authorization: Bearer <token>`"
+    });
+  }
   if (req.method === "GET" && url.pathname === "/status") {
     return respondWithStatus(res, opts);
   }

package/dist/index.d.ts

@@ -1,18 +1,21 @@
-interface ProxyConfig {
-    token: string;
-    url: string;
-    keystorePath: string;
-    /**
-     * How credentials were resolved at launch: "token" when `--token` was passed
-     * on the CLI, "paired" when read from ~/.kojee/config.json. The proxy records
-     * this in its session-discovery file so `kojee-mcp doctor` can render the
-     * pairing check honestly on a token-mode box (no config.json by design).
-     * Defaults to "paired" when unset (back-compat with callers predating the
-     * field).
-     */
-    authMode?: "token" | "paired";
-}
+import { G as GatewayClient, P as ProxyConfig } from './gateway-client-93P1E0CZ.js';
+import 'jose';
 
+/**
+ * List the tandem_ids where THIS AGENT holds an active seat, via a
+ * `tandem_list` tool call. The backend's tandem_list is PRINCIPAL-scoped:
+ * rows include rooms where only SIBLING agents of the principal sit
+ * (`my_membership: {is_member:false, principal_is_member:true}`). This is
+ * the auto ensure-join feed, so object rows are filtered to
+ * `my_membership.is_member === true` — FAIL CLOSED: a row missing the flag
+ * is excluded, because joining a room the agent was never in is the harm
+ * (live-reproduced 2026-06-10: 5 rows listed, only 2 agent seats).
+ * Returns the id array, or null when the list could not be determined (tool
+ * error or unparseable result) — null is the "unknown" signal callers map to a
+ * -1 membership count. MINOR 6: called fresh on every reconnect so the touch
+ * set tracks mid-session joins (not boot-frozen).
+ */
+declare function listTandemIds(gateway: GatewayClient): Promise<string[] | null>;
 declare function startProxy(config: ProxyConfig): Promise<void>;
 
-export { type ProxyConfig, startProxy };
+export { ProxyConfig, listTandemIds, startProxy };

package/dist/index.js

@@ -1,13 +1,16 @@
 import {
+  listTandemIds,
   startProxy
-} from "./chunk-62KH6VNQ.js";
-import "./chunk-YVUXQ4Z2.js";
-import "./chunk-BJMASMKX.js";
+} from "./chunk-GATXJ6UT.js";
 import "./chunk-X672ZN7V.js";
-import "./chunk-36L3GCU3.js";
+import "./chunk-BJMASMKX.js";
+import "./chunk-6SK6ITFE.js";
+import "./chunk-3XDJOHMZ.js";
+import "./chunk-UEGQGXPY.js";
 import "./chunk-2MIISF2W.js";
 import "./chunk-LDZXU3DW.js";
 import "./chunk-BLEGIR35.js";
 export {
+  listTandemIds,
   startProxy
 };