log-llm-config 1.4.4 → 1.4.9

package/dist/apply_deferred_vscdb.js

@@ -1,9 +1,38 @@
 #!/usr/bin/env node
-/**
- * Runs after Cursor SIGKILL: applies queued state.vscdb patches from
- * ~/opt-ai-sec/management/optimus_deferred_vscdb_apply.json (see remediation_sync).
- */
+// Runs after Cursor SIGKILL: applies queued state.vscdb patches, then immediately runs
+// post-restart verification so the server gets `verified` without waiting for the next prompt.
 import { applyDeferredVscdbFromDisk } from './log_config_files/runtime/remediation_sync.js';
+import { runPostApplyVerification } from './log_config_files/runtime/compliance_check.js';
+import { hookRunLog } from './log_config_files/runtime/hook_logger.js';
+import { finalizeAndUploadComplianceSessionLog, setActiveComplianceLogPath, } from './log_config_files/runtime/compliance_session_log.js';
+const complianceLogPath = process.env.OPTIMUS_COMPLIANCE_LOG?.trim() || null;
+if (complianceLogPath) {
+    setActiveComplianceLogPath(complianceLogPath);
+}
 applyDeferredVscdbFromDisk()
-    .then((ok) => process.exit(ok ? 0 : 1))
+    .then(async (ok) => {
+    if (ok) {
+        try {
+            const outcomes = await runPostApplyVerification();
+            if (outcomes.length > 0) {
+                hookRunLog(`apply_deferred_vscdb: post_apply_verification count=${outcomes.length} ` +
+                    `verified=${outcomes.filter((o) => o.status === 'verified').length}`);
+            }
+            if (complianceLogPath) {
+                await finalizeAndUploadComplianceSessionLog(complianceLogPath);
+            }
+        }
+        catch (e) {
+            hookRunLog(`apply_deferred_vscdb: post_apply_verification error: ${e instanceof Error ? e.message : String(e)}`);
+            if (complianceLogPath) {
+                await finalizeAndUploadComplianceSessionLog(complianceLogPath, 'error');
+            }
+        }
+    }
+    else if (complianceLogPath) {
+        hookRunLog('apply_deferred_vscdb: apply failed');
+        await finalizeAndUploadComplianceSessionLog(complianceLogPath, 'error');
+    }
+    process.exit(ok ? 0 : 1);
+})
     .catch(() => process.exit(1));

package/dist/compliance_check_runner.js

@@ -1,11 +1,39 @@
 #!/usr/bin/env node
 import { complianceRunnerRunnerLine, hookLogAppendSection } from './log_config_files/runtime/hook_logger.js';
-import { runComplianceCheck } from './log_config_files/runtime/compliance_check.js';
+import { normalizeAgentToken, runComplianceCheck, } from './log_config_files/runtime/compliance_check.js';
+import { finalizeAndUploadComplianceSessionLog, initComplianceSessionForRunner, isFinalizeComplianceSessionArgv, isInflightComplianceLogPath, parseComplianceLogArg, resolveComplianceSessionLogPath, } from './log_config_files/runtime/compliance_session_log.js';
+import { existsSync } from 'node:fs';
+function parseAgentArg() {
+    const eq = process.argv.find((a) => a.startsWith('--agent='));
+    if (!eq)
+        return undefined;
+    const normalized = normalizeAgentToken(eq.slice('--agent='.length));
+    return normalized ? normalized : undefined;
+}
 (async () => {
-    hookLogAppendSection('compliance_check_runner (background sync + check)');
+    let complianceLogPath = parseComplianceLogArg(process.argv);
+    if (isFinalizeComplianceSessionArgv(process.argv)) {
+        if (complianceLogPath) {
+            await finalizeAndUploadComplianceSessionLog(complianceLogPath);
+        }
+        process.exit(0);
+    }
+    if (complianceLogPath) {
+        const resolved = resolveComplianceSessionLogPath(complianceLogPath);
+        if (existsSync(resolved) && isInflightComplianceLogPath(resolved)) {
+            complianceLogPath = initComplianceSessionForRunner(resolved);
+        }
+        else {
+            // Gate may have finalized+moved the session before this background runner started.
+            complianceLogPath = null;
+        }
+    }
+    else {
+        hookLogAppendSection('compliance_check_runner (background sync + check)');
+    }
     complianceRunnerRunnerLine('compliance_check_runner: start');
     try {
-        await runComplianceCheck();
+        await runComplianceCheck(parseAgentArg());
         complianceRunnerRunnerLine('compliance_check_runner: finished ok');
     }
     catch (err) {
@@ -13,6 +41,12 @@ import { runComplianceCheck } from './log_config_files/runtime/compliance_check.
         complianceRunnerRunnerLine(`compliance_check_runner: uncaught error — ${err instanceof Error ? err.message : String(err)}`);
         complianceRunnerRunnerLine(`compliance_check_runner: stack_or_detail ${detail.slice(0, 4000)}`);
         process.stderr.write(`compliance_check_runner error: ${err instanceof Error ? err.message : String(err)}\n`);
+        if (complianceLogPath) {
+            await finalizeAndUploadComplianceSessionLog(complianceLogPath, 'error');
+        }
         process.exit(1);
     }
+    if (complianceLogPath) {
+        await finalizeAndUploadComplianceSessionLog(complianceLogPath);
+    }
 })();

package/dist/compliance_prompt_gate.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 /**
  * Synchronous pre-prompt gate: local compliance only (stdout = single JSON line for IDE hooks).
- * stderr must stay clean; logs go via hookRunLog (file).
+ * stderr must stay clean; logs go via hookRunLog (compliance session file when --compliance-log is set).
  *
  * When autofix returns restart_commands, this process does not spawn them — the shell hook pipes
  * the same JSON line to execute_trusted_restarts (TS allowlist + spawn).
@@ -11,6 +11,7 @@ import { isRemediationQuarantined } from './log_config_files/runtime/remediation
 import { existsSync, readFileSync, statSync } from 'node:fs';
 import { getRemediationInstructionsPath } from './log_config_files/runtime/management_storage.js';
 import { hookLogSessionBanner, hookRunLog, logRemediationApplyFailure } from './log_config_files/runtime/hook_logger.js';
+import { finalizeAndUploadComplianceSessionLog, initComplianceSessionForGate, parseComplianceLogArg, } from './log_config_files/runtime/compliance_session_log.js';
 import { isThisCliModule } from './cli_invocation_match.js';
 import { ensureAuthentication } from './log_config_files/auth/auth_flow.js';
 import { sendConfigFile } from './log_config_files/sender/batch_sender.js';
@@ -19,17 +20,34 @@ import { syncRemediations } from './log_config_files/runtime/remediation_sync.js
 import { loadEndpointBase } from './log_config_files/sender/endpoint_config.js';
 import { formatRemediationChangePreviewForApplied } from './remediation_change_preview.js';
 const MANIFEST_STALE_MS = 7 * 24 * 60 * 60 * 1000;
+/** After verified (or failed verify), push enforcement + session log immediately — do not wait for background runner. */
+async function flushRemediationOutcomeToServer(complianceLogPath) {
+    if (!complianceLogPath)
+        return;
+    try {
+        await finalizeAndUploadComplianceSessionLog(complianceLogPath);
+    }
+    catch (err) {
+        hookRunLog(`compliance_prompt_gate: session finalize/upload failed: ${err instanceof Error ? err.message : String(err)}`);
+    }
+}
 function parseIde() {
     const eq = process.argv.find((a) => a.startsWith('--ide='));
     if (eq) {
         const v = eq.slice('--ide='.length).toLowerCase();
-        return v === 'claude' ? 'claude' : 'cursor';
+        if (v === 'claude')
+            return 'claude';
+        if (v === 'copilot')
+            return 'copilot';
+        return 'cursor';
     }
     if (process.argv.includes('--claude'))
         return 'claude';
     return 'cursor';
 }
 function defaultAgentFromIde(ide) {
+    if (ide === 'copilot')
+        return 'copilot';
     return ide === 'claude' ? 'claude' : 'cursor';
 }
 function parseAgent(ide) {
@@ -42,13 +60,13 @@ function parseAgent(ide) {
     return defaultAgentFromIde(ide);
 }
 function printAllow(ide) {
-    if (ide === 'claude')
+    if (ide === 'claude' || ide === 'copilot')
         console.log('{}');
     else
         console.log(JSON.stringify({ continue: true }));
 }
 function printAllowWithAdvisory(ide, advisoryMessage) {
-    if (ide === 'claude') {
+    if (ide === 'claude' || ide === 'copilot') {
         console.log(JSON.stringify({ __optimus_advisory: true, advisory_message: advisoryMessage }));
     }
     else {
@@ -62,7 +80,7 @@ function printAllowWithAdvisory(ide, advisoryMessage) {
 function blockPayload(ide, violationMessage) {
     const prefix = 'Prompt blocked by Optimus: ';
     const text = prefix + violationMessage;
-    if (ide === 'claude') {
+    if (ide === 'claude' || ide === 'copilot') {
         return JSON.stringify({ decision: 'block', reason: text, systemMessage: text });
     }
     return JSON.stringify({ continue: false, user_message: text });
@@ -116,6 +134,10 @@ function formatPreventiveAutofixDialog(appliedViolations, applyLine) {
 export function formatClaudeAutofixDialog(appliedViolations) {
     return formatPreventiveAutofixDialog(appliedViolations, 'Claude will now apply this policy to your environment.');
 }
+/** Copilot dialog after enforced/preventive remediation is applied locally (no restart). */
+export function formatCopilotAutofixDialog(appliedViolations) {
+    return formatPreventiveAutofixDialog(appliedViolations, 'Copilot will now apply this policy to your environment.');
+}
 /** Cursor restart dialog after enforced/preventive remediation is applied locally. */
 export function formatCursorRestartAutofixDialog(appliedViolations) {
     return formatPreventiveAutofixDialog(appliedViolations, 'Cursor will now restart to apply this policy, and your context will be retained.');
@@ -164,10 +186,23 @@ export async function runCompliancePromptGateCli() {
 export async function runCompliancePromptGate() {
     const ide = parseIde();
     const agent = parseAgent(ide);
-    hookLogSessionBanner('compliance_prompt_gate (before submit)');
-    // Sync before checking so server-side changes (enforce/unenforce) propagate on every prompt
-    // without waiting for the background runner. Race against a 3 s timeout so a slow or
-    // unavailable server never delays the gate significantly.
+    let complianceLogPath = parseComplianceLogArg(process.argv);
+    if (complianceLogPath) {
+        complianceLogPath = initComplianceSessionForGate(complianceLogPath);
+    }
+    else {
+        hookLogSessionBanner('compliance_prompt_gate (before submit)');
+    }
+    let status = runLocalRemediationComplianceCheck(agent);
+    // Post-restart verify + server reports BEFORE sync so a manifest UUID swap cannot delay
+    // verified / activity-log until the following prompt.
+    const postRestartVerify = reportPostRestartVerificationOutcomes(status.violations);
+    if (postRestartVerify.outcomes.length > 0) {
+        await Promise.allSettled(postRestartVerify.reportPromises);
+        await flushRemediationOutcomeToServer(complianceLogPath);
+        hookRunLog(`compliance_prompt_gate: post_restart_verification count=${postRestartVerify.outcomes.length} quarantined=${postRestartVerify.outcomes.filter((o) => o.status === 'quarantined').length}`);
+        status = runLocalRemediationComplianceCheck(agent);
+    }
     const hw = tryResolveHardwareUuid();
     if (hw) {
         try {
@@ -180,13 +215,7 @@ export async function runCompliancePromptGate() {
             // Network or auth failure — fall back to local file state.
         }
     }
-    const status = runLocalRemediationComplianceCheck(agent);
-    // Always process pending post-restart rows (even when compliance is ok — apply may have stuck).
-    const postRestartVerify = reportPostRestartVerificationOutcomes(status.violations);
-    if (postRestartVerify.outcomes.length > 0) {
-        await Promise.allSettled(postRestartVerify.reportPromises);
-        hookRunLog(`compliance_prompt_gate: post_restart_verification count=${postRestartVerify.outcomes.length} quarantined=${postRestartVerify.outcomes.filter((o) => o.status === 'quarantined').length}`);
-    }
+    status = runLocalRemediationComplianceCheck(agent);
     // Secondary-satisfied: primary checks failed but settings.json (or equiv) has the fix.
     // Upload those files fire-and-forget so the backend can resolve the finding immediately.
     for (const e of status.secondarySatisfied ?? []) {
@@ -238,15 +267,15 @@ export async function runCompliancePromptGate() {
             const recheck = runLocalRemediationComplianceCheck(agent);
             const recheckOk = recheck.status === 'ok' || recheck.violations.length === 0;
             // Cursor: tolerate a failing recheck only when SQLite updates are deferred (apply after restart).
-            // Claude Code: JSON remediations are written immediately; merge/verify timing can still leave the
-            // in-process recheck red for the same UUID — allow in that case only for --ide=claude.
+            // Claude / Copilot: JSON remediations are written immediately; merge/verify timing can still leave
+            // the in-process recheck red for the same UUID — allow in that case for immediate JSON agents.
             const appliedUuids = new Set(appliedViolations.map((v) => v.uuid));
-            const claudeRecheckStaleAfterImmediateApply = ide === 'claude' &&
+            const claudeRecheckStaleAfterImmediateApply = (ide === 'claude' || ide === 'copilot') &&
                 !recheckOk &&
                 recheck.violations.length > 0 &&
                 recheck.violations.every((v) => appliedUuids.has(v.uuid));
             if (claudeRecheckStaleAfterImmediateApply) {
-                hookRunLog('compliance_prompt_gate: Claude — autofix wrote JSON; recheck still flags same UUID(s) — proceeding (immediate apply)');
+                hookRunLog(`compliance_prompt_gate: ${ide} — autofix wrote JSON; recheck still flags same UUID(s) — proceeding (immediate apply)`);
             }
             if (deferredSqlitePending || recheckOk || claudeRecheckStaleAfterImmediateApply) {
                 const immediateVerified = restartCommands.length === 0 &&
@@ -255,6 +284,7 @@ export async function runCompliancePromptGate() {
                 if (immediateVerified) {
                     confirmAppliedAutofixVerified(appliedViolations, reportPromises);
                     await Promise.allSettled(reportPromises);
+                    await flushRemediationOutcomeToServer(complianceLogPath);
                 }
                 const changePreview = formatRemediationChangePreviewForApplied(appliedViolations);
                 const changePreviewSuffix = changePreview ? `\n\n${changePreview}` : '';
@@ -262,9 +292,11 @@ export async function runCompliancePromptGate() {
                     ? formatCursorRestartAutofixDialog(appliedViolations)
                     : ide === 'claude'
                         ? formatClaudeAutofixDialog(appliedViolations)
-                        : `Optimus Labs auto-fixed ${fixed} ${fixed === 1 ? 'policy violation' : 'policy violations'}:\n\n${appliedViolations
-                            .map((v) => autofixDialogLine(v))
-                            .join('\n')}${changePreviewSuffix}`;
+                        : ide === 'copilot'
+                            ? formatCopilotAutofixDialog(appliedViolations)
+                            : `Optimus Labs auto-fixed ${fixed} ${fixed === 1 ? 'policy violation' : 'policy violations'}:\n\n${appliedViolations
+                                .map((v) => autofixDialogLine(v))
+                                .join('\n')}${changePreviewSuffix}`;
                 const payload = { __optimus_autofix: true, autofix_message: autofixMessage };
                 if (restartCommands.length > 0)
                     payload.restart_commands = restartCommands;

package/dist/execute_trusted_restarts.js

@@ -7,9 +7,14 @@
 import { readFileSync } from 'node:fs';
 import { isThisCliModule } from './cli_invocation_match.js';
 import { appendComplianceRunnerLine, hookRunLog } from './log_config_files/runtime/hook_logger.js';
+import { setActiveComplianceLogPath } from './log_config_files/runtime/compliance_session_log.js';
 import { executeTrustedRestartCommands } from './log_config_files/runtime/trusted_restarts.js';
 /** Invoked by dist entrypoint or by `npx log-llm-config@latest execute-trusted-restarts` (cli.js dispatches here). */
 export function runExecuteTrustedRestartsFromStdin() {
+    const complianceLogPath = process.env.OPTIMUS_COMPLIANCE_LOG?.trim();
+    if (complianceLogPath) {
+        setActiveComplianceLogPath(complianceLogPath);
+    }
     let raw;
     try {
         raw = readFileSync(0, 'utf8');

package/dist/log_config_files/collection/skills_cli_collector.js

@@ -1,11 +1,14 @@
-import { execFileSync } from 'node:child_process';
-import { homedir } from 'node:os';
+import { spawnSync } from 'node:child_process';
+import { closeSync, mkdtempSync, openSync, readFileSync, rmSync } from 'node:fs';
+import { homedir, tmpdir } from 'node:os';
 import { join } from 'node:path';
 export const SKILLS_CLI_FILE_TYPE = 'skills_cli_installed';
 export const SKILLS_CLI_INSTALLED_PATH = join(homedir(), '.agents', '.skills-cli-installed.json');
 /** Override the skills package spec, e.g. `skills@1.5.10`. Default uses whatever is on the machine. */
 export const SKILLS_CLI_NPX_PACKAGE_ENV = 'SKILLS_CLI_NPX_PACKAGE';
 const LIST_TIMEOUT_MS = 120_000;
+/** stderr from npx/npm only; stdout is streamed to a temp file (avoids pipe/maxBuffer truncation). */
+const LIST_STDERR_MAX_BUFFER = 16 * 1024 * 1024;
 function listExecEnv() {
     return {
         ...process.env,
@@ -16,20 +19,61 @@ function npxPackageSpec() {
     const fromEnv = (process.env[SKILLS_CLI_NPX_PACKAGE_ENV] || '').trim();
     return fromEnv || 'skills';
 }
-export function runSkillsListJson(args, cwd) {
-    const out = execFileSync('npx', [npxPackageSpec(), 'list', ...args, '--json'], {
-        encoding: 'utf8',
-        cwd,
-        timeout: LIST_TIMEOUT_MS,
-        env: listExecEnv(),
-    });
-    const trimmed = out.trim();
+/** Strip leading npx/npm noise and parse the skills `list --json` array payload. */
+export function parseSkillsListJsonStdout(stdout) {
+    const trimmed = stdout.trim();
     if (!trimmed)
         return [];
-    const parsed = JSON.parse(trimmed);
-    if (!Array.isArray(parsed))
-        return [];
-    return parsed;
+    const start = trimmed.indexOf('[');
+    if (start < 0) {
+        throw new SyntaxError('skills list --json: no JSON array in stdout');
+    }
+    let end = trimmed.lastIndexOf(']');
+    let lastErr;
+    while (end > start) {
+        const slice = trimmed.slice(start, end + 1);
+        try {
+            const parsed = JSON.parse(slice);
+            if (!Array.isArray(parsed))
+                return [];
+            return parsed;
+        }
+        catch (err) {
+            lastErr = err instanceof SyntaxError ? err : new SyntaxError(String(err));
+            end = trimmed.lastIndexOf(']', end - 1);
+        }
+    }
+    throw lastErr ?? new SyntaxError('skills list --json: could not parse stdout');
+}
+export function runSkillsListJson(args, cwd) {
+    const tmpDir = mkdtempSync(join(tmpdir(), 'optimus-skills-list-'));
+    const outPath = join(tmpDir, 'stdout.json');
+    const outFd = openSync(outPath, 'w');
+    try {
+        const child = spawnSync('npx', [npxPackageSpec(), 'list', ...args, '--json'], {
+            cwd,
+            timeout: LIST_TIMEOUT_MS,
+            env: listExecEnv(),
+            stdio: ['ignore', outFd, 'pipe'],
+            maxBuffer: LIST_STDERR_MAX_BUFFER,
+        });
+        if (child.error)
+            throw child.error;
+        if (child.status !== 0) {
+            const stderr = (child.stderr ?? '').toString().trim();
+            throw new Error(stderr || `npx skills list exited ${child.status ?? 'unknown'}`);
+        }
+    }
+    finally {
+        closeSync(outFd);
+    }
+    try {
+        const out = readFileSync(outPath, 'utf8');
+        return parseSkillsListJsonStdout(out);
+    }
+    finally {
+        rmSync(tmpDir, { recursive: true, force: true });
+    }
 }
 function normalizeListRows(rows, scope) {
     const out = [];
@@ -60,39 +104,43 @@ export function formatSkillsListScopeForHookLog(scopeLabel, entries) {
         .join(' | ');
     return `skills_cli list ${scopeLabel}: ${entries.length} skill(s) — ${detail}`;
 }
+function runSkillsListForScope(scopeLabel, args, projectRoot, logLine) {
+    try {
+        return runSkillsListJson(args, projectRoot);
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        logLine(`skills_cli: list ${scopeLabel} --json failed: ${msg}`);
+        return [];
+    }
+}
 export function collectSkillsCliInstalled(projectRoot, log) {
     const logLine = (message) => {
         log?.(message);
     };
-    try {
-        const packageSpec = npxPackageSpec();
-        logLine(`skills_cli: npx ${packageSpec} — list -g --json && list --json (projectRoot=${projectRoot})`);
-        const globalRows = runSkillsListJson(['-g'], projectRoot);
-        const projectRows = runSkillsListJson([], projectRoot);
-        const global = normalizeListRows(globalRows, 'global');
-        const project = normalizeListRows(projectRows, 'project');
-        logLine(formatSkillsListScopeForHookLog('-g', global));
-        logLine(formatSkillsListScopeForHookLog('project', project));
-        const payload = {
-            version: 1,
-            skills_cli_version: packageSpec,
-            generated_at: new Date().toISOString(),
-            global,
-            project,
-        };
-        if (payload.global.length === 0 && payload.project.length === 0) {
-            logLine('skills_cli_installed: not uploaded (no global or project skills)');
-            return null;
-        }
-        logLine(`skills_cli_installed: upload ${SKILLS_CLI_INSTALLED_PATH} global=${global.length} project=${project.length}`);
-        return {
-            file_type: SKILLS_CLI_FILE_TYPE,
-            file_path: SKILLS_CLI_INSTALLED_PATH,
-            raw_content: payload,
-        };
-    }
-    catch (err) {
-        logLine(`skills_cli: list --json failed: ${err instanceof Error ? err.message : String(err)}`);
+    const packageSpec = npxPackageSpec();
+    logLine(`skills_cli: npx ${packageSpec} — list -g --json && list --json (projectRoot=${projectRoot})`);
+    const globalRows = runSkillsListForScope('-g', ['-g'], projectRoot, logLine);
+    const projectRows = runSkillsListForScope('project', [], projectRoot, logLine);
+    const global = normalizeListRows(globalRows, 'global');
+    const project = normalizeListRows(projectRows, 'project');
+    logLine(formatSkillsListScopeForHookLog('-g', global));
+    logLine(formatSkillsListScopeForHookLog('project', project));
+    const payload = {
+        version: 1,
+        skills_cli_version: packageSpec,
+        generated_at: new Date().toISOString(),
+        global,
+        project,
+    };
+    if (payload.global.length === 0 && payload.project.length === 0) {
+        logLine('skills_cli_installed: not uploaded (no global or project skills)');
         return null;
     }
+    logLine(`skills_cli_installed: upload ${SKILLS_CLI_INSTALLED_PATH} global=${global.length} project=${project.length}`);
+    return {
+        file_type: SKILLS_CLI_FILE_TYPE,
+        file_path: SKILLS_CLI_INSTALLED_PATH,
+        raw_content: payload,
+    };
 }

package/dist/log_config_files/paths/pattern_resolver.js

@@ -293,6 +293,14 @@ function resolvePatternToTargets(pathPattern, pathType, fileType, projectRoot, h
         targets.push({ path: basePath + suffix, file_type: fileType, content_format: contentFormat ?? 'extensions_cache' });
         return targets;
     }
+    if (spec?.type === 'env_dir_file') {
+        const configuredDir = process.env[spec.env_var]?.trim();
+        const baseDir = configuredDir
+            ? configuredDir.replace(/^~\//, `${home}/`)
+            : join(home, spec.fallback_under_home.replace(/^~\//, ''));
+        pushTargetPaths(targets, join(baseDir, spec.filename), fileType, false, collectStyle, contentFormat, dirGlob);
+        return targets;
+    }
     if (norm.includes('**'))
         return expandRecursiveGlobPathPattern(pathPattern, fileType, home, contentFormat, dirGlob, homeRecurseSkipDirs);
     if (norm.includes('*'))

package/dist/log_config_files/runtime/compliance_check.js

@@ -19,6 +19,7 @@ import { resolveRemediationConfigPath } from './remediation_config_path.js';
 import { resolveOpsTargetPath } from './ops_target_path.js';
 import { isRemediationQuarantined, markRemediationApplyPendingVerification, markRemediationApplyVerified, processPendingPostRestartVerifications, readRemediationApplyTrackingFile, writeRemediationApplyTrackingFile, } from './remediation_apply_tracking.js';
 import { complianceRunnerDiag, hookRunLog, logRemediationApplyFailure } from './hook_logger.js';
+import { isEnvBackedSecretValue, scanJsonForHardcodedSecrets, } from './secret_regex_scan.js';
 import { loadEndpointBase } from '../sender/endpoint_config.js';
 import { resolveHardwareUuid, tryResolveHardwareUuid } from './hardware_uuid.js';
 import { buildDeferredCursorRestartCommand, discoverAllWorkspaceVscdbs, enforceRemediation, fetchSync, isTrustedRestartCommandForAutofix, remediationFixSpec, reportAutofixApplied, syncRemediations, } from './remediation_sync.js';
@@ -188,6 +189,36 @@ function allowlistEntryMatchesRemoveToken(entry, token) {
     const pattern = new RegExp(`(^|[^a-z0-9_|])${escapeRegExp(t)}([^a-z0-9_|]|$)`);
     return pattern.test(valStr);
 }
+/**
+ * MCP secret remediations deploy ops.set to ${env:KEY}. Local compliance passes when the
+ * user picks any env reference, not only the exact string from the manifest.
+ */
+function remediationSetOpSatisfied(current, expected) {
+    if (deepEqual(current, expected))
+        return true;
+    if (typeof expected === 'string' &&
+        isEnvBackedSecretValue(expected) &&
+        isEnvBackedSecretValue(current)) {
+        return true;
+    }
+    return false;
+}
+function violationFromSecretScanFinding(entry, compliance, finding) {
+    return {
+        uuid: entry.uuid,
+        finding_formatted_id: compliance.finding_formatted_id,
+        setting_path: finding.path,
+        description: compliance.description,
+        finding_title: entry.finding_title,
+        finding_description: entry.finding_description,
+        policy_name: entry.policy_name,
+        severity: compliance.severity,
+        autofix_allowed: compliance.autofix_allowed,
+        config_file_path: entry.config_file_path,
+        expected_value: { op: 'secret_scan', path: finding.path, secret_type: finding.secretType },
+        message: `[${compliance.finding_formatted_id}] ${entry.finding_title ?? compliance.description}\nDescription: ${entry.finding_description ?? compliance.description}\nHow to fix: Remove the hardcoded ${finding.secretType} from ${finding.path} in ${entry.config_file_path}`,
+    };
+}
 function verifyOpsApplied(configJson, settingPath, ops) {
     const parts = settingPath.split('.');
     const leafKey = parts[parts.length - 1] ?? '';
@@ -201,8 +232,9 @@ function verifyOpsApplied(configJson, settingPath, ops) {
         if (Object.prototype.hasOwnProperty.call(set, k)) {
             const cur = getByPath(configJson, targetPath);
             const expected = set[k];
-            if (!deepEqual(cur, expected))
+            if (!remediationSetOpSatisfied(cur, expected)) {
                 return { ok: false, expected: { op: 'set', path: targetPath, value: expected } };
+            }
             continue;
         }
         const cur = getByPath(configJson, targetPath);
@@ -319,6 +351,14 @@ export function evaluateManifestEntryCompliance(entry) {
     if (!loaded.ok)
         return { violations: [] };
     const configJson = loaded.json;
+    if (compliance.requires_secret_scan === true) {
+        const secretFindings = scanJsonForHardcodedSecrets(configJson);
+        return secretFindings.length === 0
+            ? { violations: [] }
+            : {
+                violations: secretFindings.map((f) => violationFromSecretScanFinding(entry, compliance, f)),
+            };
+    }
     const entryViolations = [];
     for (const check of checks) {
         const effectivePath = canonicalComplianceSettingPath(entry.config_file_path, check);
@@ -523,6 +563,19 @@ export function reportPostRestartVerificationOutcomes(violations) {
     });
     return { outcomes, reportPromises };
 }
+/**
+ * Run immediately after a deferred state.vscdb write lands on disk (post-restart, before the
+ * user's next prompt) so `pending_post_restart_verify` remediations are confirmed and reported
+ * to the server right away — the UI does not need to wait for another gate invocation.
+ */
+export async function runPostApplyVerification(agent = 'cursor') {
+    const status = runLocalRemediationComplianceCheck(agent);
+    const { outcomes, reportPromises } = reportPostRestartVerificationOutcomes(status.violations);
+    if (outcomes.length > 0) {
+        await Promise.allSettled(reportPromises);
+    }
+    return outcomes;
+}
 /**
  * Immediate autofix succeeded (inline recheck OK or Claude stale-recheck tolerance).
  * Clear pending verification locally and report verified so the next prompt does not POST
@@ -746,6 +799,16 @@ export function pruneSatisfiedOneTimeRemediations(agent = 'cursor') {
             continue;
         }
         const configJson = prLoaded.json;
+        if (spec?.requires_secret_scan === true) {
+            if (scanJsonForHardcodedSecrets(configJson).length === 0) {
+                removed++;
+                hookRunLog(`remediation_prune: satisfied secret-scan uuid=${inst.uuid} path=${inst.config_file_path}`);
+            }
+            else {
+                remaining.push(raw);
+            }
+            continue;
+        }
         // Only prune when every check is ops-based and currently satisfied.
         let okAll = true;
         for (const check of checks) {
@@ -880,8 +943,8 @@ export function uploadSatisfiedManifestConfigs(agent = 'cursor') {
  * Apply (autofix) is intentionally deferred to the gate on the next prompt — this pass only downloads
  * a fresh manifest so the gate has up-to-date data when it runs.
  */
-export async function runComplianceCheck() {
-    const agent = currentAgentFromEnv();
+export async function runComplianceCheck(agentOverride) {
+    const agent = agentOverride ?? currentAgentFromEnv();
     try {
         await syncRemediations(loadEndpointBase(), resolveHardwareUuid());
     }