npm - mcp-scraper - Versions diffs - 0.1.9 → 0.2.1 - Mend

mcp-scraper 0.1.9 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/README.md +74 -8
package/dist/bin/api-server.cjs +5615 -3733
package/dist/bin/api-server.cjs.map +1 -1
package/dist/bin/api-server.js +2 -2
package/dist/bin/browser-agent-stdio-server.cjs +391 -0
package/dist/bin/browser-agent-stdio-server.cjs.map +1 -0
package/dist/bin/browser-agent-stdio-server.d.cts +1 -0
package/dist/bin/browser-agent-stdio-server.d.ts +1 -0
package/dist/bin/browser-agent-stdio-server.js +390 -0
package/dist/bin/browser-agent-stdio-server.js.map +1 -0
package/dist/bin/mcp-stdio-server.cjs +170 -12
package/dist/bin/mcp-stdio-server.cjs.map +1 -1
package/dist/bin/mcp-stdio-server.js +3 -2
package/dist/bin/mcp-stdio-server.js.map +1 -1
package/dist/bin/paa-harvest.cjs +223 -74
package/dist/bin/paa-harvest.cjs.map +1 -1
package/dist/bin/paa-harvest.js +2 -2
package/dist/{chunk-ZK456YXN.js → chunk-IQOCZGJJ.js} +58 -4
package/dist/chunk-IQOCZGJJ.js.map +1 -0
package/dist/{chunk-ZMOWIBMK.js → chunk-M2S27J6Z.js} +9 -2
package/dist/{chunk-ZMOWIBMK.js.map → chunk-M2S27J6Z.js.map} +1 -1
package/dist/{chunk-TM22BLWP.js → chunk-MY3S7EX7.js} +221 -76
package/dist/chunk-MY3S7EX7.js.map +1 -0
package/dist/{chunk-JNC32DMS.js → chunk-OR7DLLH2.js} +175 -16
package/dist/chunk-OR7DLLH2.js.map +1 -0
package/dist/chunk-XR65SANX.js +7 -0
package/dist/chunk-XR65SANX.js.map +1 -0
package/dist/index.cjs +223 -74
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +1 -0
package/dist/index.d.ts +1 -0
package/dist/index.js +2 -2
package/dist/{server-MTXAJG5J.js → server-CJMX2QUM.js} +1655 -194
package/dist/server-CJMX2QUM.js.map +1 -0
package/dist/{worker-AUCXFHEL.js → worker-NAKGTIF5.js} +4 -4
package/docs/specs/api-forge-spec.md +234 -0
package/docs/specs/deferred-work-spec.md +74 -0
package/docs/specs/oauth-mcp-spec.md +213 -0
package/package.json +3 -2
package/dist/chunk-JNC32DMS.js.map +0 -1
package/dist/chunk-TM22BLWP.js.map +0 -1
package/dist/chunk-ZK456YXN.js.map +0 -1
package/dist/server-MTXAJG5J.js.map +0 -1
/package/dist/{worker-AUCXFHEL.js.map → worker-NAKGTIF5.js.map} +0 -0

package/dist/{server-MTXAJG5J.js → server-CJMX2QUM.js} RENAMED Viewed

@@ -5,11 +5,14 @@ import {
   buildPaaExtractorMcpServer,
   configureReportSaving,
   harvestTimeoutBudget,
-  liveWebToolAnnotations
-} from "./chunk-JNC32DMS.js";
+  liveWebToolAnnotations,
+  outputBaseDir
+} from "./chunk-OR7DLLH2.js";
+import "./chunk-XR65SANX.js";
 import {
   BALANCE_PACK_LABELS,
   BALANCE_PRICE_IDS,
+  BROWSER_OPEN_MIN_BALANCE_MC,
   CONCURRENCY_PRICE_ID,
   CREDIT_COST_CATALOG,
   FREE_MONTHLY_REFRESH_MC,
@@ -17,12 +20,13 @@ import {
   LedgerOperation,
   MC_COSTS,
   MC_PER_CREDIT,
+  browserActiveCostMc,
   classifyHarvestProblem,
   createHarvestAttemptRecorder,
   harvestProblemResponse,
   insufficientBalanceResponse,
   serializeHarvestProblem
-} from "./chunk-ZK456YXN.js";
+} from "./chunk-IQOCZGJJ.js";
 import {
   BrowserDriver,
   MapsPlaceOptionsSchema,
@@ -35,14 +39,15 @@ import {
   browserServiceApiKey,
   browserServiceProxyId,
   buildYouTubeChannelVideosUrl,
+  deleteKernelProxyId,
   harvest,
   resolveKernelProxyId
-} from "./chunk-TM22BLWP.js";
+} from "./chunk-MY3S7EX7.js";
 import {
   CaptchaError,
   RECAPTCHA_INSTRUCTIONS,
   sanitizeVendorName
-} from "./chunk-ZMOWIBMK.js";
+} from "./chunk-M2S27J6Z.js";
 import {
   SiteAuditJobRowSchema,
   cancelJob,
@@ -3497,8 +3502,8 @@ import { chromium } from "playwright";
 async function fetchWithKernel(url) {
   const apiKey = browserServiceApiKey();
   if (!apiKey) throw new Error("Browser backend API key not set");
-  const client = new Kernel({ apiKey });
-  const kb = await client.browsers.create({ stealth: true, timeout_seconds: 60 });
+  const client2 = new Kernel({ apiKey });
+  const kb = await client2.browsers.create({ stealth: true, timeout_seconds: 60 });
   const browser = await chromium.connectOverCDP(kb.cdp_ws_url);
   try {
     const context = browser.contexts()[0] ?? await browser.newContext({
@@ -3511,7 +3516,7 @@ async function fetchWithKernel(url) {
   } finally {
     await browser.close().catch(() => {
     });
-    await client.browsers.deleteByID(kb.session_id).catch(() => {
+    await client2.browsers.deleteByID(kb.session_id).catch(() => {
     });
   }
 }
@@ -4843,7 +4848,7 @@ async function extractSite(opts) {
 }
 // src/api/server.ts
-import { Hono as Hono9 } from "hono";
+import { Hono as Hono11 } from "hono";
 import { serve as serveInngest } from "inngest/hono";
 // src/inngest/client.ts
@@ -8532,13 +8537,13 @@ var FacebookAdExtractor = class {
     }
     await page.waitForTimeout(1500);
     let prevCount = 0;
-    for (let scroll = 0; scroll < 20; scroll++) {
+    for (let scroll2 = 0; scroll2 < 20; scroll2++) {
       const count = await page.evaluate(() => {
         const bt = document.body ? document.body.innerText ?? "" : "";
         return [...bt.matchAll(/Library ID/g)].length;
       });
       if (count >= maxAds) break;
-      if (count === prevCount && scroll > 0) break;
+      if (count === prevCount && scroll2 > 0) break;
       prevCount = count;
       await page.evaluate(() => {
         if (document.body) window.scrollTo(0, document.body.scrollHeight);
@@ -9184,7 +9189,7 @@ facebookAdApp.post("/search", createApiKeyAuth(), async (c) => {
       return c.json(searchResult2);
     }
     await page.waitForTimeout(1500);
-    for (let scroll = 0; scroll < 3; scroll++) {
+    for (let scroll2 = 0; scroll2 < 3; scroll2++) {
       await page.evaluate(() => {
         if (document.body) window.scrollTo(0, document.body.scrollHeight);
       });
@@ -9741,8 +9746,11 @@ var MapsSearchExtractor = class {
       headless: options.headless,
       kernelApiKey: options.kernelApiKey,
       kernelProxyId: options.kernelProxyId,
+      kernelProxyResolution: options.kernelProxyResolution,
+      proxyMode: options.proxyMode,
       viewport: { width: 1280, height: 900 },
-      locale: `${options.hl}-${options.gl.toUpperCase()}`
+      locale: `${options.hl}-${options.gl.toUpperCase()}`,
+      debug: options.debug
     };
     try {
       await this.driver.launch(config);
@@ -9833,6 +9841,9 @@ var MapsSearchExtractor = class {
         const value = parts.find((part) => pattern.test(part));
         return value ?? null;
       }
+      function normalizedSet(values) {
+        return new Set(values.filter(Boolean).map((value) => value.toLowerCase()));
+      }
       const out = [];
       const seen = /* @__PURE__ */ new Set();
       const anchors = Array.from(document.querySelectorAll('a[href*="/maps/place/"]'));
@@ -9848,11 +9859,17 @@ var MapsSearchExtractor = class {
         const name = aria ?? heading ?? parts[0] ?? stableUrl;
         const links = Array.from(card?.querySelectorAll("a[href]") ?? []);
         const websiteUrl = links.find((link) => link.href.startsWith("http") && !link.href.includes("google."))?.href ?? null;
-        const directionsUrl = links.find((link) => /google\.[^/]+\/maps\/dir|\/dir\//i.test(link.href))?.href ?? null;
         const rating = firstMatching(parts, /^\d(?:\.\d)?$/);
-        const reviewCountRaw = firstMatching(parts, /^\(?[\d,]+\)?$/);
-        const category = parts.find((part) => !/^\d(?:\.\d)?$|^\(?[\d,]+\)?$|open|closed|directions|website/i.test(part)) ?? null;
+        const reviewCountRaw = firstMatching(parts, /^\(?[\d,]+\)?(?:\s+reviews?)?$/i);
+        const phone = firstMatching(parts, /(?:\+?1[\s.-]?)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4}/);
+        const hoursStatus = parts.find((part) => /^(open|closed|closes|opens)\b|^·\s*(opens|closes)\b/i.test(part)) ?? null;
         const address = parts.find((part) => /\b[A-Z]{2}\s+\d{5}\b|\b(?:St|Street|Ave|Avenue|Rd|Road|Blvd|Drive|Dr)\b/i.test(part)) ?? null;
+        const directionsUrl = links.find((link) => /google\.[^/]+\/maps\/dir|\/dir\//i.test(link.href))?.href ?? `https://www.google.com/maps/dir/?api=1&destination=${encodeURIComponent([name, address].filter(Boolean).join(", ") || name)}`;
+        const excluded = normalizedSet([name, rating, reviewCountRaw, phone, hoursStatus, address, "Website", "Directions"]);
+        const category = parts.find((part) => {
+          const normalized = part.toLowerCase();
+          return !excluded.has(normalized) && !/^\d(?:\.\d)?$|^\(?[\d,]+\)?(?:\s+reviews?)?$/i.test(part) && !/(?:\+?1[\s.-]?)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4}/.test(part) && !/\b[A-Z]{2}\s+\d{5}\b|\b(?:St|Street|Ave|Avenue|Rd|Road|Blvd|Drive|Dr)\b/i.test(part) && !/^(open|closed|closes|opens)\b|^·\s*(opens|closes)\b|directions|website|book online|sponsored|visit site|financing/i.test(part);
+        }) ?? null;
         const { cid, cidDecimal } = cidFromUrl(placeUrl);
         out.push({
           position: out.length + 1,
@@ -9864,6 +9881,8 @@ var MapsSearchExtractor = class {
           reviewCount: reviewCountRaw ? reviewCountRaw.replace(/[()]/g, "") : null,
           category,
           address,
+          phone,
+          hoursStatus,
           websiteUrl,
           directionsUrl,
           metadata: parts.slice(0, 20)
@@ -9883,12 +9902,22 @@ function mapsErrorResponse(c, msg, errorCode) {
     retryable: blocked
   }, blocked ? 503 : 500);
 }
+async function cleanupDisposableProxy(kernelApiKey, proxyId) {
+  if (!kernelApiKey || !proxyId) return;
+  await deleteKernelProxyId(kernelApiKey, proxyId).catch((err) => {
+    console.warn(JSON.stringify({
+      event: "maps_search_proxy_delete_failed",
+      proxy_id_suffix: proxyId.slice(-6),
+      message: err instanceof Error ? err.message : String(err)
+    }));
+  });
+}
 var mapsApp = new Hono5();
 mapsApp.post("/search", createApiKeyAuth(), async (c) => {
   const user = c.get("user");
   const body = await c.req.json().catch(() => ({}));
   const parsed = MapsSearchOptionsSchema.safeParse({
-    kernelApiKey: process.env.KERNEL_API_KEY,
+    kernelApiKey: browserServiceApiKey(),
     ...body
   });
   if (!parsed.success) {
@@ -9903,8 +9932,23 @@ mapsApp.post("/search", createApiKeyAuth(), async (c) => {
   if (!ok) return c.json(insufficientBalanceResponse(balance_mc, MC_COSTS.maps_search), 402);
   const driver = new BrowserDriver();
   const extractor = new MapsSearchExtractor(driver);
+  let disposableProxyId;
   try {
-    const result = await extractor.extract(parsed.data);
+    const resolution = await resolveKernelProxyId({
+      kernelApiKey: parsed.data.kernelApiKey,
+      proxyMode: parsed.data.proxyMode,
+      configuredKernelProxyId: browserServiceProxyId(),
+      location: parsed.data.location,
+      proxyZip: parsed.data.proxyZip,
+      gl: parsed.data.gl,
+      fresh: parsed.data.proxyMode === "location"
+    });
+    disposableProxyId = resolution.disposableProxyId;
+    const result = await extractor.extract({
+      ...parsed.data,
+      kernelProxyId: parsed.data.proxyMode === "none" ? void 0 : resolution.kernelProxyId,
+      kernelProxyResolution: resolution.resolution
+    });
     await logRequestEvent({
       userId: user.id,
       source: "maps_search",
@@ -9928,6 +9972,7 @@ mapsApp.post("/search", createApiKeyAuth(), async (c) => {
     });
     return mapsErrorResponse(c, msg, "maps_search_failed");
   } finally {
+    await cleanupDisposableProxy(parsed.data.kernelApiKey, disposableProxyId);
     await driver.close();
   }
 });
@@ -9935,7 +9980,7 @@ mapsApp.post("/place", createApiKeyAuth(), async (c) => {
   const user = c.get("user");
   const body = await c.req.json().catch(() => ({}));
   const parsed = MapsPlaceOptionsSchema.safeParse({
-    kernelApiKey: process.env.KERNEL_API_KEY,
+    kernelApiKey: browserServiceApiKey(),
     ...body
   });
   if (!parsed.success) {
@@ -10003,9 +10048,593 @@ mapsApp.post("/place", createApiKeyAuth(), async (c) => {
   }
 });
-// src/api/serp-intelligence-routes.ts
+// src/api/directory-routes.ts
 import { Hono as Hono6 } from "hono";
+// src/directory/directory-workflow.ts
+import { mkdir as mkdir2, writeFile } from "fs/promises";
+import { join as join4 } from "path";
+import { z as z15 } from "zod";
+// src/directory/csv.ts
+function parseCsv(text) {
+  const rows = [];
+  let row = [];
+  let field = "";
+  let quoted = false;
+  for (let i = 0; i < text.length; i += 1) {
+    const ch = text[i];
+    const next = text[i + 1];
+    if (quoted) {
+      if (ch === '"' && next === '"') {
+        field += '"';
+        i += 1;
+      } else if (ch === '"') {
+        quoted = false;
+      } else {
+        field += ch;
+      }
+      continue;
+    }
+    if (ch === '"') {
+      quoted = true;
+    } else if (ch === ",") {
+      row.push(field);
+      field = "";
+    } else if (ch === "\n") {
+      row.push(field);
+      rows.push(row);
+      row = [];
+      field = "";
+    } else if (ch !== "\r") {
+      field += ch;
+    }
+  }
+  if (field.length > 0 || row.length > 0) {
+    row.push(field);
+    rows.push(row);
+  }
+  return rows;
+}
+function csvRecords(text) {
+  const rows = parseCsv(text).filter((row) => row.some((cell) => cell.trim() !== ""));
+  const header = rows[0]?.map((cell) => cell.trim()) ?? [];
+  return rows.slice(1).map((row) => {
+    const record = {};
+    for (let i = 0; i < header.length; i += 1) {
+      record[header[i]] = row[i] ?? "";
+    }
+    return record;
+  });
+}
+function csvCell(value) {
+  if (value === null || value === void 0) return "";
+  const text = String(value);
+  return /[",\n\r]/.test(text) ? `"${text.replace(/"/g, '""')}"` : text;
+}
+function rowsToCsv(headers, rows) {
+  return [
+    headers.join(","),
+    ...rows.map((row) => headers.map((header) => csvCell(row[header])).join(","))
+  ].join("\n") + "\n";
+}
+// src/directory/location-db.ts
+import { access, readFile } from "fs/promises";
+var POPULATION_YEARS = [2020, 2021, 2022, 2023, 2024, 2025];
+var STATE_META = {
+  AL: { abbr: "AL", fips: "01", name: "Alabama" },
+  AK: { abbr: "AK", fips: "02", name: "Alaska" },
+  AZ: { abbr: "AZ", fips: "04", name: "Arizona" },
+  AR: { abbr: "AR", fips: "05", name: "Arkansas" },
+  CA: { abbr: "CA", fips: "06", name: "California" },
+  CO: { abbr: "CO", fips: "08", name: "Colorado" },
+  CT: { abbr: "CT", fips: "09", name: "Connecticut" },
+  DE: { abbr: "DE", fips: "10", name: "Delaware" },
+  DC: { abbr: "DC", fips: "11", name: "District of Columbia" },
+  FL: { abbr: "FL", fips: "12", name: "Florida" },
+  GA: { abbr: "GA", fips: "13", name: "Georgia" },
+  HI: { abbr: "HI", fips: "15", name: "Hawaii" },
+  ID: { abbr: "ID", fips: "16", name: "Idaho" },
+  IL: { abbr: "IL", fips: "17", name: "Illinois" },
+  IN: { abbr: "IN", fips: "18", name: "Indiana" },
+  IA: { abbr: "IA", fips: "19", name: "Iowa" },
+  KS: { abbr: "KS", fips: "20", name: "Kansas" },
+  KY: { abbr: "KY", fips: "21", name: "Kentucky" },
+  LA: { abbr: "LA", fips: "22", name: "Louisiana" },
+  ME: { abbr: "ME", fips: "23", name: "Maine" },
+  MD: { abbr: "MD", fips: "24", name: "Maryland" },
+  MA: { abbr: "MA", fips: "25", name: "Massachusetts" },
+  MI: { abbr: "MI", fips: "26", name: "Michigan" },
+  MN: { abbr: "MN", fips: "27", name: "Minnesota" },
+  MS: { abbr: "MS", fips: "28", name: "Mississippi" },
+  MO: { abbr: "MO", fips: "29", name: "Missouri" },
+  MT: { abbr: "MT", fips: "30", name: "Montana" },
+  NE: { abbr: "NE", fips: "31", name: "Nebraska" },
+  NV: { abbr: "NV", fips: "32", name: "Nevada" },
+  NH: { abbr: "NH", fips: "33", name: "New Hampshire" },
+  NJ: { abbr: "NJ", fips: "34", name: "New Jersey" },
+  NM: { abbr: "NM", fips: "35", name: "New Mexico" },
+  NY: { abbr: "NY", fips: "36", name: "New York" },
+  NC: { abbr: "NC", fips: "37", name: "North Carolina" },
+  ND: { abbr: "ND", fips: "38", name: "North Dakota" },
+  OH: { abbr: "OH", fips: "39", name: "Ohio" },
+  OK: { abbr: "OK", fips: "40", name: "Oklahoma" },
+  OR: { abbr: "OR", fips: "41", name: "Oregon" },
+  PA: { abbr: "PA", fips: "42", name: "Pennsylvania" },
+  RI: { abbr: "RI", fips: "44", name: "Rhode Island" },
+  SC: { abbr: "SC", fips: "45", name: "South Carolina" },
+  SD: { abbr: "SD", fips: "46", name: "South Dakota" },
+  TN: { abbr: "TN", fips: "47", name: "Tennessee" },
+  TX: { abbr: "TX", fips: "48", name: "Texas" },
+  UT: { abbr: "UT", fips: "49", name: "Utah" },
+  VT: { abbr: "VT", fips: "50", name: "Vermont" },
+  VA: { abbr: "VA", fips: "51", name: "Virginia" },
+  WA: { abbr: "WA", fips: "53", name: "Washington" },
+  WV: { abbr: "WV", fips: "54", name: "West Virginia" },
+  WI: { abbr: "WI", fips: "55", name: "Wisconsin" },
+  WY: { abbr: "WY", fips: "56", name: "Wyoming" }
+};
+var STATE_BY_NAME = new Map(Object.values(STATE_META).map((s) => [s.name.toLowerCase(), s]));
+function normalizeState(input) {
+  const raw = input.trim();
+  const byAbbr = STATE_META[raw.toUpperCase()];
+  if (byAbbr) return byAbbr;
+  const byName = STATE_BY_NAME.get(raw.toLowerCase());
+  if (byName) return byName;
+  throw new Error(`Unsupported state "${input}". Use a US state abbreviation such as TN.`);
+}
+function censusStateUrl(fips) {
+  return `https://www2.census.gov/programs-surveys/popest/datasets/2020-2025/cities/totals/sub-est2025_${fips}.csv`;
+}
+function normalizeCityKey(value) {
+  return value.toLowerCase().replace(/[^a-z0-9]+/g, " ").trim();
+}
+function displayCityFromCensus(name) {
+  if (/^Nashville-Davidson metropolitan government/i.test(name)) return "Nashville";
+  return name.replace(/\s+(city|town|village|municipality|borough)$/i, "").trim();
+}
+function numberOrNull(value) {
+  if (value === void 0 || value.trim() === "") return null;
+  const n = Number(value);
+  return Number.isFinite(n) ? n : null;
+}
+function localLocationFileAllowed() {
+  if (process.env.MCP_SCRAPER_ALLOW_LOCAL_LOCATION_FILES === "true") return true;
+  if (process.env.VERCEL === "1" || process.env.NODE_ENV === "production") return false;
+  return true;
+}
+async function existingPath(value) {
+  const trimmed = value?.trim();
+  if (!trimmed) return null;
+  await access(trimmed);
+  return trimmed;
+}
+async function resolveUsZipsPath(requestedPath) {
+  const envPath = process.env.MCP_SCRAPER_USZIPS_CSV_PATH;
+  if (requestedPath && !localLocationFileAllowed()) {
+    throw new Error("usZipsCsvPath is only accepted in local/test mode. Set MCP_SCRAPER_USZIPS_CSV_PATH on the server for deployed use.");
+  }
+  const source = requestedPath ?? envPath;
+  if (!source) return null;
+  return existingPath(source);
+}
+async function loadZipGroups(stateAbbr, requestedPath, warnings) {
+  if (!requestedPath && !process.env.MCP_SCRAPER_USZIPS_CSV_PATH) {
+    return { path: null, groups: /* @__PURE__ */ new Map() };
+  }
+  const path5 = await resolveUsZipsPath(requestedPath);
+  if (!path5) return { path: null, groups: /* @__PURE__ */ new Map() };
+  const records = csvRecords(await readFile(path5, "utf8"));
+  const groups = /* @__PURE__ */ new Map();
+  for (const record of records) {
+    const state = (record.state_abbr ?? record.state ?? "").trim().toUpperCase();
+    const zip = (record.zipcode ?? record.zip ?? record.zip_code ?? "").trim();
+    const city = (record.city ?? "").trim();
+    const county = (record.county ?? "").trim();
+    if (state !== stateAbbr || !zip || !city) continue;
+    const key = normalizeCityKey(city);
+    if (!groups.has(key)) groups.set(key, { zips: /* @__PURE__ */ new Set(), counties: /* @__PURE__ */ new Set() });
+    const group = groups.get(key);
+    group?.zips.add(zip);
+    if (county) group?.counties.add(county);
+  }
+  if (!groups.size) warnings.push(`No ${stateAbbr} ZIP groups found in ${path5}`);
+  return { path: path5, groups };
+}
+async function resolveDirectoryMarkets(options) {
+  const state = normalizeState(options.state);
+  const sourceUrl = censusStateUrl(state.fips);
+  const warnings = [];
+  const response = await fetch(sourceUrl);
+  if (!response.ok) throw new Error(`Census location dataset request failed: ${response.status} ${response.statusText}`);
+  const records = csvRecords(await response.text());
+  const populationField = `POPESTIMATE${options.populationYear}`;
+  const zipData = options.includeZipGroups ? await loadZipGroups(state.abbr, options.usZipsCsvPath, warnings) : { path: null, groups: /* @__PURE__ */ new Map() };
+  const markets = records.filter((record) => record.SUMLEV === "162").map((record) => {
+    const population = numberOrNull(record[populationField]);
+    if (population === null || population < options.minPopulation) return null;
+    const censusName = record.NAME?.trim() ?? "";
+    if (!censusName) return null;
+    const city = displayCityFromCensus(censusName);
+    const zipGroup = zipData.groups.get(normalizeCityKey(city));
+    return {
+      city,
+      state: state.abbr,
+      location: `${city}, ${state.abbr}`,
+      cityKey: `${city}|${state.abbr}`,
+      censusName,
+      population,
+      populationYear: options.populationYear,
+      estimatesBase2020: numberOrNull(record.ESTIMATESBASE2020),
+      zips: zipGroup ? [...zipGroup.zips].sort() : [],
+      counties: zipGroup ? [...zipGroup.counties].sort() : []
+    };
+  }).filter((market) => market !== null).sort((a, b) => b.population - a.population || a.city.localeCompare(b.city)).slice(0, options.maxCities);
+  if (options.includeZipGroups && zipData.path && markets.some((m) => m.zips.length === 0)) {
+    warnings.push("Some Census places did not match the configured US ZIPS city names.");
+  }
+  return { markets, censusSourceUrl: sourceUrl, usZipsSourcePath: zipData.path, warnings };
+}
+// src/directory/directory-workflow.ts
+var DIRECTORY_MAX_ATTEMPTS = 3;
+var DIRECTORY_LOCATION_PROXY_MAX_ATTEMPTS = 5;
+var DirectoryWorkflowOptionsSchema = z15.object({
+  query: z15.string().min(1),
+  state: z15.string().min(2).default("TN"),
+  minPopulation: z15.number().int().min(0).default(1e5),
+  populationYear: z15.union(POPULATION_YEARS.map((year) => z15.literal(year))).default(2025),
+  maxCities: z15.number().int().min(1).max(100).default(25),
+  maxResultsPerCity: z15.number().int().min(1).max(50).default(50),
+  concurrency: z15.number().int().min(1).max(5).default(5),
+  includeZipGroups: z15.boolean().default(true),
+  usZipsCsvPath: z15.string().optional(),
+  saveCsv: z15.boolean().default(true),
+  gl: z15.string().length(2).default("us"),
+  hl: z15.string().length(2).default("en"),
+  proxyMode: z15.enum(["location", "configured", "none"]).default("location"),
+  proxyZip: z15.string().regex(/^\d{5}$/).optional(),
+  debug: z15.boolean().default(false),
+  headless: z15.boolean().default(true),
+  kernelApiKey: z15.string().optional()
+});
+async function cleanupDisposableProxy2(kernelApiKey, proxyId) {
+  if (!kernelApiKey || !proxyId) return;
+  try {
+    await deleteKernelProxyId(kernelApiKey, proxyId);
+  } catch (err) {
+    console.warn(JSON.stringify({
+      event: "directory_workflow_proxy_delete_failed",
+      proxy_id_suffix: proxyId.slice(-6),
+      message: err instanceof Error ? err.message : String(err)
+    }));
+  }
+}
+function maxAttemptsForProxyMode(proxyMode) {
+  return proxyMode === "location" ? DIRECTORY_LOCATION_PROXY_MAX_ATTEMPTS : DIRECTORY_MAX_ATTEMPTS;
+}
+function errorMessage(err) {
+  return err instanceof Error ? err.message : String(err);
+}
+function looksLikeProxyTunnelFailure(message) {
+  return /ERR_TUNNEL_CONNECTION_FAILED|ERR_PROXY_CONNECTION_FAILED|ERR_SOCKS_CONNECTION_FAILED|tunnel connection failed|proxy connection failed|transport error: proxy/i.test(message);
+}
+function looksLikeProxyUnavailable(message) {
+  return /proxy unavailable|proxy_unavailable|connection_test_failed|did not return a proxy id|configured fallback/i.test(message);
+}
+function retryableCitySearchError(err, proxyMode) {
+  if (err instanceof CaptchaError) return true;
+  const message = errorMessage(err);
+  if (/timeout|timed out|Timeout \d+ms exceeded|deadline/i.test(message)) return true;
+  return proxyMode === "location" && (looksLikeProxyTunnelFailure(message) || looksLikeProxyUnavailable(message));
+}
+function proxyZipForAttempt(options, market, attemptIndex) {
+  if (options.proxyZip) return options.proxyZip;
+  if (!market.zips.length) return void 0;
+  return market.zips[attemptIndex % market.zips.length];
+}
+async function mapLimit(items, limit, fn) {
+  const out = new Array(items.length);
+  let next = 0;
+  async function worker() {
+    while (next < items.length) {
+      const index = next;
+      next += 1;
+      out[index] = await fn(items[index]);
+    }
+  }
+  await Promise.all(Array.from({ length: Math.min(limit, items.length) }, () => worker()));
+  return out;
+}
+async function searchCityAttempt(options, market, attemptIndex) {
+  const driver = new BrowserDriver();
+  const extractor = new MapsSearchExtractor(driver);
+  const start = Date.now();
+  let disposableProxyId;
+  try {
+    const proxyZip = proxyZipForAttempt(options, market, attemptIndex);
+    const resolution = await resolveKernelProxyId({
+      kernelApiKey: options.kernelApiKey,
+      proxyMode: options.proxyMode,
+      configuredKernelProxyId: browserServiceProxyId(),
+      location: market.location,
+      proxyZip,
+      gl: options.gl,
+      attemptIndex,
+      fresh: options.proxyMode === "location"
+    });
+    disposableProxyId = resolution.disposableProxyId;
+    const result = await extractor.extract({
+      query: options.query,
+      location: market.location,
+      gl: options.gl,
+      hl: options.hl,
+      maxResults: options.maxResultsPerCity,
+      headless: options.headless,
+      kernelApiKey: options.kernelApiKey,
+      kernelProxyId: options.proxyMode === "none" ? void 0 : resolution.kernelProxyId,
+      kernelProxyResolution: resolution.resolution,
+      proxyMode: options.proxyMode,
+      proxyZip,
+      debug: options.debug
+    });
+    return {
+      city: market.city,
+      state: market.state,
+      location: market.location,
+      cityKey: market.cityKey,
+      censusName: market.censusName,
+      population: market.population,
+      populationYear: market.populationYear,
+      zips: market.zips,
+      counties: market.counties,
+      status: result.results.length ? "ok" : "empty",
+      error: null,
+      resultCount: result.resultCount,
+      durationMs: result.durationMs,
+      results: result.results
+    };
+  } finally {
+    await cleanupDisposableProxy2(options.kernelApiKey, disposableProxyId);
+  }
+}
+async function searchCity(options, market) {
+  const started = Date.now();
+  const maxAttempts = maxAttemptsForProxyMode(options.proxyMode);
+  let lastError = null;
+  for (let attemptIndex = 0; attemptIndex < maxAttempts; attemptIndex += 1) {
+    try {
+      return await searchCityAttempt(options, market, attemptIndex);
+    } catch (err) {
+      lastError = err;
+      const willRetry = attemptIndex < maxAttempts - 1 && retryableCitySearchError(err, options.proxyMode);
+      console.warn(JSON.stringify({
+        event: "directory_workflow_city_attempt_failed",
+        city: market.city,
+        state: market.state,
+        attempt_number: attemptIndex + 1,
+        max_attempts: maxAttempts,
+        will_retry: willRetry,
+        message: errorMessage(err)
+      }));
+      if (!willRetry) break;
+    }
+  }
+  return {
+    city: market.city,
+    state: market.state,
+    location: market.location,
+    cityKey: market.cityKey,
+    censusName: market.censusName,
+    population: market.population,
+    populationYear: market.populationYear,
+    zips: market.zips,
+    counties: market.counties,
+    status: "failed",
+    error: lastError ? errorMessage(lastError) : "City Maps search failed",
+    resultCount: 0,
+    durationMs: Date.now() - started,
+    results: []
+  };
+}
+function csvRowsFor(result) {
+  const rows = [];
+  for (const city of result.cities) {
+    if (!city.results.length) {
+      rows.push({
+        source_query: result.query,
+        source_location: city.location,
+        city: city.city,
+        state: city.state,
+        city_key: city.cityKey,
+        census_name: city.censusName,
+        population: city.population,
+        population_year: city.populationYear,
+        zip_count: city.zips.length,
+        zips: city.zips.join(" "),
+        counties: city.counties.join(" | "),
+        result_position: null,
+        business_name: null,
+        review_stars: null,
+        category: null,
+        address: null,
+        phone: null,
+        hours_status: null,
+        website_url: null,
+        directions_url: null,
+        place_url: null,
+        cid: null,
+        cid_decimal: null,
+        metadata: null,
+        result_status: city.status,
+        error: city.error,
+        extracted_at: result.extractedAt,
+        duration_ms: city.durationMs
+      });
+      continue;
+    }
+    for (const business of city.results) {
+      rows.push({
+        source_query: result.query,
+        source_location: city.location,
+        city: city.city,
+        state: city.state,
+        city_key: city.cityKey,
+        census_name: city.censusName,
+        population: city.population,
+        population_year: city.populationYear,
+        zip_count: city.zips.length,
+        zips: city.zips.join(" "),
+        counties: city.counties.join(" | "),
+        result_position: business.position,
+        business_name: business.name,
+        review_stars: business.rating,
+        category: business.category,
+        address: business.address,
+        phone: business.phone,
+        hours_status: business.hoursStatus,
+        website_url: business.websiteUrl,
+        directions_url: business.directionsUrl,
+        place_url: business.placeUrl,
+        cid: business.cid,
+        cid_decimal: business.cidDecimal,
+        metadata: business.metadata.join(" | "),
+        result_status: city.status,
+        error: city.error,
+        extracted_at: result.extractedAt,
+        duration_ms: city.durationMs
+      });
+    }
+  }
+  return rows;
+}
+async function saveDirectoryCsv(result) {
+  const outDir = join4(outputBaseDir(), "directory-workflows");
+  await mkdir2(outDir, { recursive: true });
+  const stamp = result.extractedAt.replace(/[:.]/g, "-");
+  const slug = `${result.state}-${result.query}`.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 80);
+  const path5 = join4(outDir, `${stamp}-${slug}-directory-workflow.csv`);
+  const headers = [
+    "source_query",
+    "source_location",
+    "city",
+    "state",
+    "city_key",
+    "census_name",
+    "population",
+    "population_year",
+    "zip_count",
+    "zips",
+    "counties",
+    "result_position",
+    "business_name",
+    "review_stars",
+    "category",
+    "address",
+    "phone",
+    "hours_status",
+    "website_url",
+    "directions_url",
+    "place_url",
+    "cid",
+    "cid_decimal",
+    "metadata",
+    "result_status",
+    "error",
+    "extracted_at",
+    "duration_ms"
+  ];
+  await writeFile(path5, rowsToCsv(headers, csvRowsFor(result)), "utf8");
+  return path5;
+}
+async function runDirectoryWorkflowFromPlan(options, plan) {
+  const started = Date.now();
+  const extractedAt = (/* @__PURE__ */ new Date()).toISOString();
+  const cities = await mapLimit(plan.markets, options.concurrency, (market) => searchCity(options, market));
+  const base = {
+    query: options.query,
+    state: plan.markets[0]?.state ?? options.state.toUpperCase(),
+    minPopulation: options.minPopulation,
+    populationYear: options.populationYear,
+    maxResultsPerCity: options.maxResultsPerCity,
+    concurrency: options.concurrency,
+    censusSourceUrl: plan.censusSourceUrl,
+    usZipsSourcePath: plan.usZipsSourcePath,
+    warnings: plan.warnings,
+    extractedAt,
+    selectedCityCount: plan.markets.length,
+    totalResultCount: cities.reduce((sum, city) => sum + city.resultCount, 0),
+    cities,
+    durationMs: Date.now() - started
+  };
+  const csvPath = options.saveCsv ? await saveDirectoryCsv(base) : null;
+  return { ...base, csvPath };
+}
+// src/api/directory-routes.ts
+var directoryApp = new Hono6();
+directoryApp.post("/run", createApiKeyAuth(), async (c) => {
+  const user = c.get("user");
+  const body = await c.req.json().catch(() => ({}));
+  const kernelApiKey = browserServiceApiKey();
+  const parsed = DirectoryWorkflowOptionsSchema.safeParse({
+    ...body,
+    kernelApiKey
+  });
+  if (!parsed.success) {
+    return c.json({ error: parsed.error.issues[0]?.message ?? "Invalid request" }, 400);
+  }
+  if (!kernelApiKey && parsed.data.proxyMode !== "none") {
+    return c.json({ error: "Browser service API key is required for directory workflow Maps searches unless proxyMode is none" }, 503);
+  }
+  const plan = await resolveDirectoryMarkets(parsed.data);
+  const requiredMc = plan.markets.length * MC_COSTS.maps_search;
+  if (requiredMc > 0) {
+    const debit = await debitMc(
+      user.id,
+      requiredMc,
+      LedgerOperation.MAPS_SEARCH,
+      `directory_workflow ${parsed.data.query} ${parsed.data.state} ${plan.markets.length} cities`
+    );
+    if (!debit.ok) return c.json(insufficientBalanceResponse(debit.balance_mc, requiredMc), 402);
+  }
+  try {
+    const result = await runDirectoryWorkflowFromPlan(parsed.data, plan);
+    const failedCities = result.cities.filter((city) => city.status === "failed").length;
+    if (failedCities > 0) {
+      await creditMc(user.id, failedCities * MC_COSTS.maps_search, LedgerOperation.REFUND, "failed directory_workflow city maps searches");
+    }
+    await logRequestEvent({
+      userId: user.id,
+      source: "directory_workflow",
+      status: failedCities === result.cities.length && result.cities.length > 0 ? "failed" : "done",
+      query: result.query,
+      location: result.state,
+      resultCount: result.totalResultCount,
+      result
+    });
+    return c.json(result);
+  } catch (err) {
+    if (requiredMc > 0) {
+      await creditMc(user.id, requiredMc, LedgerOperation.REFUND, "failed directory_workflow call");
+    }
+    const message = err instanceof Error ? err.message : String(err);
+    await logRequestEvent({
+      userId: user.id,
+      source: "directory_workflow",
+      status: "failed",
+      query: parsed.data.query,
+      location: parsed.data.state,
+      error: message
+    });
+    return c.json({ error: message, error_code: "directory_workflow_failed", retryable: true }, 500);
+  }
+});
+// src/api/serp-intelligence-routes.ts
+import { Hono as Hono7 } from "hono";
 // src/serp-intelligence/page-snapshot-extractor.ts
 import { createHash } from "crypto";
 import pLimit3 from "p-limit";
@@ -10316,7 +10945,7 @@ async function capturePageSnapshots(targets, options = {}) {
 }
 // src/serp-intelligence/schemas.ts
-import { z as z15 } from "zod";
+import { z as z16 } from "zod";
 var SerpIntelligenceDeviceValues = ["desktop", "mobile"];
 var SerpIntelligenceProxyModeValues = ["location", "configured", "none"];
 var SerpIntelligenceAttemptOutcomeValues = [
@@ -10328,6 +10957,8 @@ var SerpIntelligenceAttemptOutcomeValues = [
   "request_aborted",
   "timeout",
   "location_mismatch",
+  "proxy_tunnel_failed",
+  "proxy_unavailable",
   "mcp_unavailable",
   "error"
 ];
@@ -10376,171 +11007,171 @@ function isPublicHttpUrl(value) {
     return false;
   }
 }
-var SerpIntelligencePublicHttpUrlSchema = z15.string().url().refine(isPublicHttpUrl, "url must be a public HTTP or HTTPS URL");
-var SerpIntelligenceCaptureBodySchema = z15.object({
-  query: z15.string().trim().min(1, "query is required"),
-  location: z15.string().trim().min(1).optional(),
-  gl: z15.string().trim().length(2).default("us"),
-  hl: z15.string().trim().length(2).default("en"),
-  device: z15.enum(SerpIntelligenceDeviceValues).default("desktop"),
-  proxyMode: z15.enum(SerpIntelligenceProxyModeValues).default("location"),
-  proxyZip: z15.string().regex(/^\d{5}$/).optional(),
-  pages: z15.number().int().min(1).max(2).default(1),
-  debug: z15.boolean().default(false),
-  includePageSnapshots: z15.boolean().default(false),
-  pageSnapshotLimit: z15.number().int().min(0).max(10).default(0)
+var SerpIntelligencePublicHttpUrlSchema = z16.string().url().refine(isPublicHttpUrl, "url must be a public HTTP or HTTPS URL");
+var SerpIntelligenceCaptureBodySchema = z16.object({
+  query: z16.string().trim().min(1, "query is required"),
+  location: z16.string().trim().min(1).optional(),
+  gl: z16.string().trim().length(2).default("us"),
+  hl: z16.string().trim().length(2).default("en"),
+  device: z16.enum(SerpIntelligenceDeviceValues).default("desktop"),
+  proxyMode: z16.enum(SerpIntelligenceProxyModeValues).default("location"),
+  proxyZip: z16.string().regex(/^\d{5}$/).optional(),
+  pages: z16.number().int().min(1).max(2).default(1),
+  debug: z16.boolean().default(false),
+  includePageSnapshots: z16.boolean().default(false),
+  pageSnapshotLimit: z16.number().int().min(0).max(10).default(0)
 }).strict();
-var SerpIntelligencePageSnapshotRequestSchema = z15.object({
+var SerpIntelligencePageSnapshotRequestSchema = z16.object({
   url: SerpIntelligencePublicHttpUrlSchema,
-  sourceKind: z15.enum(SerpPageSnapshotSourceKindValues).default("configured_target"),
-  sourcePosition: z15.number().int().min(1).optional()
+  sourceKind: z16.enum(SerpPageSnapshotSourceKindValues).default("configured_target"),
+  sourcePosition: z16.number().int().min(1).optional()
 }).strict();
-var SerpIntelligencePageSnapshotsBodySchema = z15.object({
-  urls: z15.array(SerpIntelligencePublicHttpUrlSchema).min(1).max(25),
-  targets: z15.array(SerpIntelligencePageSnapshotRequestSchema).min(1).max(25).optional(),
-  maxConcurrency: z15.number().int().min(1).max(5).default(2),
-  timeoutMs: z15.number().int().min(1e3).max(6e4).default(15e3),
-  debug: z15.boolean().default(false)
+var SerpIntelligencePageSnapshotsBodySchema = z16.object({
+  urls: z16.array(SerpIntelligencePublicHttpUrlSchema).min(1).max(25),
+  targets: z16.array(SerpIntelligencePageSnapshotRequestSchema).min(1).max(25).optional(),
+  maxConcurrency: z16.number().int().min(1).max(5).default(2),
+  timeoutMs: z16.number().int().min(1e3).max(6e4).default(15e3),
+  debug: z16.boolean().default(false)
 }).strict();
-var SerpIntelligenceAICitationSchema = z15.object({
-  text: z15.string(),
-  href: z15.string()
+var SerpIntelligenceAICitationSchema = z16.object({
+  text: z16.string(),
+  href: z16.string()
 }).strict();
-var SerpIntelligenceOrganicResultSchema = z15.object({
-  position: z15.number().int().min(1),
-  title: z15.string(),
-  url: z15.string(),
-  domain: z15.string(),
-  cite: z15.string().nullable(),
-  snippet: z15.string().nullable(),
-  isRedditStyle: z15.boolean(),
-  inlineRating: z15.object({
-    value: z15.string(),
-    count: z15.string()
+var SerpIntelligenceOrganicResultSchema = z16.object({
+  position: z16.number().int().min(1),
+  title: z16.string(),
+  url: z16.string(),
+  domain: z16.string(),
+  cite: z16.string().nullable(),
+  snippet: z16.string().nullable(),
+  isRedditStyle: z16.boolean(),
+  inlineRating: z16.object({
+    value: z16.string(),
+    count: z16.string()
   }).strict().nullable()
 }).strict();
-var SerpIntelligenceLocationEvidenceSchema = z15.object({
-  status: z15.enum(SerpIntelligenceLocalizationStatusValues),
-  expected: z15.object({
-    city: z15.string(),
-    regionCode: z15.string().nullable(),
-    canonicalLocation: z15.string()
+var SerpIntelligenceLocationEvidenceSchema = z16.object({
+  status: z16.enum(SerpIntelligenceLocalizationStatusValues),
+  expected: z16.object({
+    city: z16.string(),
+    regionCode: z16.string().nullable(),
+    canonicalLocation: z16.string()
   }).strict().nullable(),
-  candidates: z15.array(z15.object({
-    city: z15.string(),
-    regionCode: z15.string(),
-    count: z15.number().int().min(0),
-    examples: z15.array(z15.string())
+  candidates: z16.array(z16.object({
+    city: z16.string(),
+    regionCode: z16.string(),
+    count: z16.number().int().min(0),
+    examples: z16.array(z16.string())
   }).strict())
 }).strict();
-var SerpIntelligenceHarvestResultSchema = z15.object({
-  seed: z15.string(),
-  location: z15.string().nullable(),
-  extractedAt: z15.string(),
-  totalQuestions: z15.number().int().min(0),
-  surface: z15.enum(["web", "aim", "unknown"]),
-  aiOverview: z15.object({
-    detected: z15.boolean(),
-    text: z15.string().nullable(),
-    citations: z15.array(SerpIntelligenceAICitationSchema),
-    expanded: z15.boolean().optional(),
-    fullyExpanded: z15.boolean().optional(),
-    sections: z15.array(z15.string()).optional()
+var SerpIntelligenceHarvestResultSchema = z16.object({
+  seed: z16.string(),
+  location: z16.string().nullable(),
+  extractedAt: z16.string(),
+  totalQuestions: z16.number().int().min(0),
+  surface: z16.enum(["web", "aim", "unknown"]),
+  aiOverview: z16.object({
+    detected: z16.boolean(),
+    text: z16.string().nullable(),
+    citations: z16.array(SerpIntelligenceAICitationSchema),
+    expanded: z16.boolean().optional(),
+    fullyExpanded: z16.boolean().optional(),
+    sections: z16.array(z16.string()).optional()
   }).strict(),
-  aiMode: z15.object({
-    detected: z15.boolean(),
-    text: z15.string().nullable(),
-    citations: z15.array(SerpIntelligenceAICitationSchema)
+  aiMode: z16.object({
+    detected: z16.boolean(),
+    text: z16.string().nullable(),
+    citations: z16.array(SerpIntelligenceAICitationSchema)
   }).strict(),
-  tree: z15.array(z15.unknown()),
-  flat: z15.array(z15.unknown()),
-  videos: z15.array(z15.unknown()),
-  forums: z15.array(z15.unknown()),
-  organicResults: z15.array(SerpIntelligenceOrganicResultSchema),
-  localPack: z15.array(z15.unknown()),
-  entityIds: z15.object({
-    entities: z15.array(z15.object({
-      name: z15.string(),
-      kgId: z15.string().nullable(),
-      cid: z15.string().nullable(),
-      gcid: z15.string().nullable()
+  tree: z16.array(z16.unknown()),
+  flat: z16.array(z16.unknown()),
+  videos: z16.array(z16.unknown()),
+  forums: z16.array(z16.unknown()),
+  organicResults: z16.array(SerpIntelligenceOrganicResultSchema),
+  localPack: z16.array(z16.unknown()),
+  entityIds: z16.object({
+    entities: z16.array(z16.object({
+      name: z16.string(),
+      kgId: z16.string().nullable(),
+      cid: z16.string().nullable(),
+      gcid: z16.string().nullable()
     }).strict()),
-    kgIds: z15.array(z15.string()),
-    cids: z15.array(z15.string()),
-    gcids: z15.array(z15.string())
+    kgIds: z16.array(z16.string()),
+    cids: z16.array(z16.string()),
+    gcids: z16.array(z16.string())
   }).strict(),
-  stats: z15.object({
-    seed: z15.string(),
-    totalQuestions: z15.number().int().min(0),
-    maxDepthReached: z15.number().int().min(0),
-    durationMs: z15.number().min(0),
-    errorCount: z15.number().int().min(0)
+  stats: z16.object({
+    seed: z16.string(),
+    totalQuestions: z16.number().int().min(0),
+    maxDepthReached: z16.number().int().min(0),
+    durationMs: z16.number().min(0),
+    errorCount: z16.number().int().min(0)
   }).strict(),
-  diagnostics: z15.object({
-    completionStatus: z15.enum(["paa_found", "no_paa", "serp_only"]),
-    problem: z15.null(),
-    warnings: z15.array(z15.unknown()).optional(),
-    debug: z15.object({
+  diagnostics: z16.object({
+    completionStatus: z16.enum(["paa_found", "no_paa", "serp_only"]),
+    problem: z16.null(),
+    warnings: z16.array(z16.unknown()).optional(),
+    debug: z16.object({
       locationEvidence: SerpIntelligenceLocationEvidenceSchema.optional()
     }).passthrough().optional()
   }).passthrough(),
-  whatPeopleSaying: z15.array(z15.unknown())
+  whatPeopleSaying: z16.array(z16.unknown())
 }).strict();
-var SerpIntelligenceCaptureAttemptSchema = z15.object({
-  attemptNumber: z15.number().int().min(1),
-  outcome: z15.enum(SerpIntelligenceAttemptOutcomeValues),
-  startedAt: z15.string().optional(),
-  completedAt: z15.string().optional(),
-  durationMs: z15.number().min(0).optional(),
-  problemCode: z15.string().optional(),
-  message: z15.string().optional(),
-  kernelSessionId: z15.string().nullable().optional(),
-  cleanupSucceeded: z15.boolean().nullable().optional()
+var SerpIntelligenceCaptureAttemptSchema = z16.object({
+  attemptNumber: z16.number().int().min(1),
+  outcome: z16.enum(SerpIntelligenceAttemptOutcomeValues),
+  startedAt: z16.string().optional(),
+  completedAt: z16.string().optional(),
+  durationMs: z16.number().min(0).optional(),
+  problemCode: z16.string().optional(),
+  message: z16.string().optional(),
+  kernelSessionId: z16.string().nullable().optional(),
+  cleanupSucceeded: z16.boolean().nullable().optional()
 }).strict();
-var SerpPageSnapshotCaptureSchema = z15.object({
+var SerpPageSnapshotCaptureSchema = z16.object({
   url: SerpIntelligencePublicHttpUrlSchema,
   requestedUrl: SerpIntelligencePublicHttpUrlSchema,
   finalUrl: SerpIntelligencePublicHttpUrlSchema.nullable(),
-  sourceKind: z15.enum(SerpPageSnapshotSourceKindValues),
-  sourcePosition: z15.number().int().min(1).nullable(),
-  status: z15.enum(SerpPageFetchStatusValues),
-  fetchedVia: z15.enum(SerpPageFetchedViaValues).nullable(),
-  httpStatus: z15.number().int().min(100).max(599).nullable(),
-  contentType: z15.string().nullable(),
-  title: z15.string().nullable(),
+  sourceKind: z16.enum(SerpPageSnapshotSourceKindValues),
+  sourcePosition: z16.number().int().min(1).nullable(),
+  status: z16.enum(SerpPageFetchStatusValues),
+  fetchedVia: z16.enum(SerpPageFetchedViaValues).nullable(),
+  httpStatus: z16.number().int().min(100).max(599).nullable(),
+  contentType: z16.string().nullable(),
+  title: z16.string().nullable(),
   canonicalUrl: SerpIntelligencePublicHttpUrlSchema.nullable(),
-  metaDescription: z15.string().nullable(),
-  headings: z15.array(z15.object({
-    level: z15.number().int().min(1).max(6),
-    text: z15.string()
+  metaDescription: z16.string().nullable(),
+  headings: z16.array(z16.object({
+    level: z16.number().int().min(1).max(6),
+    text: z16.string()
   }).strict()).default([]),
-  artifact: z15.object({
-    htmlBlobUrl: z15.string().url().nullable(),
-    textBlobUrl: z15.string().url().nullable(),
-    markdownBlobUrl: z15.string().url().nullable(),
-    screenshotBlobUrl: z15.string().url().nullable(),
-    contentSha256: z15.string().nullable(),
-    capturedAt: z15.string().nullable()
+  artifact: z16.object({
+    htmlBlobUrl: z16.string().url().nullable(),
+    textBlobUrl: z16.string().url().nullable(),
+    markdownBlobUrl: z16.string().url().nullable(),
+    screenshotBlobUrl: z16.string().url().nullable(),
+    contentSha256: z16.string().nullable(),
+    capturedAt: z16.string().nullable()
   }).strict(),
-  error: z15.object({
-    code: z15.string(),
-    message: z15.string()
+  error: z16.object({
+    code: z16.string(),
+    message: z16.string()
   }).strict().nullable()
 }).strict();
-var SerpIntelligenceCaptureResponseSchema = z15.object({
+var SerpIntelligenceCaptureResponseSchema = z16.object({
   harvestResult: SerpIntelligenceHarvestResultSchema,
-  attempts: z15.array(SerpIntelligenceCaptureAttemptSchema),
+  attempts: z16.array(SerpIntelligenceCaptureAttemptSchema),
   locationEvidence: SerpIntelligenceLocationEvidenceSchema.nullable(),
-  pageSnapshotArtifacts: z15.array(SerpPageSnapshotCaptureSchema),
-  billing: z15.object({
-    creditsUsed: z15.number().min(0).optional(),
-    requestId: z15.string().optional(),
-    jobId: z15.string().optional()
+  pageSnapshotArtifacts: z16.array(SerpPageSnapshotCaptureSchema),
+  billing: z16.object({
+    creditsUsed: z16.number().min(0).optional(),
+    requestId: z16.string().optional(),
+    jobId: z16.string().optional()
   }).strict().optional()
 }).strict();
-var SerpIntelligencePageSnapshotsResponseSchema = z15.object({
-  pageSnapshotArtifacts: z15.array(SerpPageSnapshotCaptureSchema),
-  attempts: z15.array(SerpIntelligenceCaptureAttemptSchema).default([])
+var SerpIntelligencePageSnapshotsResponseSchema = z16.object({
+  pageSnapshotArtifacts: z16.array(SerpPageSnapshotCaptureSchema),
+  attempts: z16.array(SerpIntelligenceCaptureAttemptSchema).default([])
 }).strict();
 // src/serp-intelligence/serp-capture-service.ts
@@ -10712,7 +11343,7 @@ var SERP_INTELLIGENCE_RATE_LIMIT = 60;
 var SERP_INTELLIGENCE_RATE_WINDOW_SECONDS = 60;
 var POST_CAPTURE_ROUTE_LABEL = "POST /capture";
 var POST_PAGE_SNAPSHOTS_ROUTE_LABEL = "POST /page-snapshots";
-var serpIntelligenceApp = new Hono6();
+var serpIntelligenceApp = new Hono7();
 serpIntelligenceApp.use("*", createApiKeyAuth());
 function structuredError(input) {
   return {
@@ -10887,7 +11518,7 @@ serpIntelligenceApp.post("/page-snapshots", async (c) => {
 });
 // src/mcp/mcp-routes.ts
-import { Hono as Hono7 } from "hono";
+import { Hono as Hono8 } from "hono";
 import { WebStandardStreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js";
 configureReportSaving(false);
 function mcpAuthError() {
@@ -10917,11 +11548,11 @@ async function requireMcpCallerKey(c) {
   if (!user) return mcpAuthError();
   return callerKey;
 }
-var mcpApp = new Hono7();
+var mcpApp = new Hono8();
 function registerSerpIntelligenceCaptureTools(server, executor) {
   server.registerTool("capture_serp_snapshot", {
     title: "SERP Intelligence Snapshot",
-    description: "Capture a structured SERP Intelligence Google snapshot through POST /serp-intelligence/capture, the same product capture path used by Phoenix. Split query from location, infer gl/hl, use proxyMode location for localized residential proxy evidence, configured for the static residential proxy, and none only for direct-network debugging. Set debug true when investigating location evidence, proxy behavior, CAPTCHA, or capture reliability.",
+    description: "Capture a structured SERP Intelligence Google snapshot through POST /serp-intelligence/capture, the same product capture path used by Phoenix. Split query from location, infer gl/hl, use proxyMode location for localized US residential evidence; location mode creates fresh proxy IDs across retries and rejects wrong-location evidence before returning. Use configured only for the static residential proxy, and none only for direct-network debugging. Set debug true when investigating location evidence, proxy behavior, CAPTCHA, or capture reliability.",
     inputSchema: CaptureSerpSnapshotInputSchema,
     annotations: liveWebToolAnnotations("SERP Intelligence Snapshot")
   }, async (input) => executor.captureSerpSnapshot(input));
@@ -10952,11 +11583,837 @@ mcpApp.all("/", async (c) => {
   }
 });
+// src/api/browser-agent-routes.ts
+import { Hono as Hono9 } from "hono";
+// src/api/browser-agent-db.ts
+import { randomUUID } from "crypto";
+var _ready = false;
+async function migrateBrowserAgent() {
+  if (_ready) return;
+  const db = getDb();
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_sessions (
+      id                  TEXT PRIMARY KEY,
+      runtime_session_id  TEXT NOT NULL,
+      live_view_url       TEXT,
+      cdp_ws_url          TEXT NOT NULL,
+      status              TEXT NOT NULL DEFAULT 'open',
+      label               TEXT,
+      user_id             INTEGER,
+      created_at          TEXT NOT NULL DEFAULT (datetime('now')),
+      closed_at           TEXT,
+      last_action_at      TEXT,
+      active_ms           INTEGER NOT NULL DEFAULT 0,
+      billed_mc           INTEGER NOT NULL DEFAULT 0
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_sessions_status ON browser_agent_sessions(status)`);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_sessions_user ON browser_agent_sessions(user_id)`);
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_actions (
+      id          TEXT PRIMARY KEY,
+      session_id  TEXT NOT NULL,
+      type        TEXT NOT NULL,
+      params_json TEXT,
+      ok          INTEGER NOT NULL DEFAULT 1,
+      error       TEXT,
+      created_at  TEXT NOT NULL DEFAULT (datetime('now'))
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_actions_session ON browser_agent_actions(session_id)`);
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_replays (
+      replay_id  TEXT PRIMARY KEY,
+      session_id TEXT NOT NULL,
+      view_url   TEXT,
+      label      TEXT,
+      started_at TEXT NOT NULL DEFAULT (datetime('now')),
+      stopped_at TEXT
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_replays_session ON browser_agent_replays(session_id)`);
+  _ready = true;
+}
+async function createSessionRow(input) {
+  const db = getDb();
+  const id = `bas_${randomUUID().replace(/-/g, "").slice(0, 20)}`;
+  await db.execute({
+    sql: `INSERT INTO browser_agent_sessions (id, runtime_session_id, live_view_url, cdp_ws_url, status, label, user_id, last_action_at)
+          VALUES (?, ?, ?, ?, 'open', ?, ?, datetime('now'))`,
+    args: [id, input.runtimeSessionId, input.liveViewUrl, input.cdpWsUrl, input.label, input.userId]
+  });
+  const row = await getSessionRow(id);
+  if (!row) throw new Error("session insert failed");
+  return row;
+}
+async function getSessionRow(id) {
+  const db = getDb();
+  const res = await db.execute({ sql: `SELECT * FROM browser_agent_sessions WHERE id = ?`, args: [id] });
+  return res.rows[0] ?? null;
+}
+async function listSessionRows(userId, includeClosed = false) {
+  const db = getDb();
+  const clauses = [];
+  const args = [];
+  if (userId != null) {
+    clauses.push("(user_id = ? OR user_id IS NULL)");
+    args.push(userId);
+  }
+  if (!includeClosed) clauses.push(`status = 'open'`);
+  const where = clauses.length ? `WHERE ${clauses.join(" AND ")}` : "";
+  const res = await db.execute({
+    sql: `SELECT * FROM browser_agent_sessions ${where} ORDER BY created_at DESC LIMIT 100`,
+    args
+  });
+  return res.rows;
+}
+async function addActiveMs(id, deltaMs) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET active_ms = active_ms + ?, last_action_at = datetime('now') WHERE id = ?`,
+    args: [Math.max(0, Math.round(deltaMs)), id]
+  });
+  const res = await db.execute({ sql: `SELECT active_ms, billed_mc FROM browser_agent_sessions WHERE id = ?`, args: [id] });
+  const row = res.rows[0];
+  return { active_ms: Number(row?.active_ms ?? 0), billed_mc: Number(row?.billed_mc ?? 0) };
+}
+async function setBilledMc(id, billedMc) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET billed_mc = ? WHERE id = ?`,
+    args: [Math.round(billedMc), id]
+  });
+}
+async function markSessionClosed(id) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET status = 'closed', closed_at = datetime('now') WHERE id = ?`,
+    args: [id]
+  });
+}
+async function recordAction(input) {
+  const db = getDb();
+  await db.execute({
+    sql: `INSERT INTO browser_agent_actions (id, session_id, type, params_json, ok, error)
+          VALUES (?, ?, ?, ?, ?, ?)`,
+    args: [
+      `baa_${randomUUID().replace(/-/g, "").slice(0, 20)}`,
+      input.sessionId,
+      input.type,
+      input.params == null ? null : JSON.stringify(input.params),
+      input.ok ? 1 : 0,
+      input.error ?? null
+    ]
+  });
+}
+async function recordReplayStart(input) {
+  const db = getDb();
+  await db.execute({
+    sql: `INSERT INTO browser_agent_replays (replay_id, session_id, view_url, label)
+          VALUES (?, ?, ?, ?)`,
+    args: [input.replayId, input.sessionId, input.viewUrl, input.label]
+  });
+}
+async function recordReplayStop(replayId, viewUrl) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_replays SET stopped_at = datetime('now'), view_url = COALESCE(?, view_url) WHERE replay_id = ?`,
+    args: [viewUrl, replayId]
+  });
+}
+async function listReplayRows(sessionId) {
+  const db = getDb();
+  const res = await db.execute({
+    sql: `SELECT * FROM browser_agent_replays WHERE session_id = ? ORDER BY started_at DESC`,
+    args: [sessionId]
+  });
+  return res.rows;
+}
+// src/services/browser-agent/browser-agent-service.ts
+import Kernel3 from "@onkernel/sdk";
+import { chromium as playwrightChromium } from "playwright";
+var DEFAULT_TIMEOUT_SECONDS = 600;
+function client() {
+  const apiKey = browserServiceApiKey();
+  if (!apiKey) throw new Error("Browser backend API key is required");
+  return new Kernel3({ apiKey });
+}
+async function createSession(opts = {}) {
+  const k = client();
+  const resolvedProxyId = opts.proxyId ?? browserServiceProxyId();
+  const browser = await k.browsers.create({
+    stealth: opts.stealth ?? true,
+    timeout_seconds: opts.timeoutSeconds ?? DEFAULT_TIMEOUT_SECONDS,
+    ...resolvedProxyId ? { proxy_id: resolvedProxyId } : {},
+    ...opts.profileName ? { profile: { name: opts.profileName } } : {}
+  });
+  const runtimeSessionId = browser.session_id;
+  if (opts.disableDefaultProxy) {
+    try {
+      await k.browsers.update(runtimeSessionId, { disable_default_proxy: true });
+    } catch {
+    }
+  }
+  if (opts.viewport) {
+    try {
+      await k.browsers.update(runtimeSessionId, { viewport: opts.viewport });
+    } catch {
+    }
+  }
+  return {
+    runtimeSessionId,
+    liveViewUrl: browser.browser_live_view_url ?? null,
+    cdpWsUrl: browser.cdp_ws_url
+  };
+}
+async function closeSession(runtimeSessionId) {
+  const k = client();
+  await k.browsers.deleteByID(runtimeSessionId);
+}
+async function screenshot(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.computer.captureScreenshot(runtimeSessionId);
+  const buf = Buffer.from(await res.arrayBuffer());
+  return { base64: buf.toString("base64"), mimeType: "image/png" };
+}
+async function click(runtimeSessionId, x, y, opts = {}) {
+  const k = client();
+  await k.browsers.computer.clickMouse(runtimeSessionId, {
+    x,
+    y,
+    button: opts.button ?? "left",
+    ...opts.numClicks ? { num_clicks: opts.numClicks } : {}
+  });
+}
+async function typeText(runtimeSessionId, text, delayMs) {
+  const k = client();
+  await k.browsers.computer.typeText(runtimeSessionId, {
+    text,
+    ...typeof delayMs === "number" ? { delay: delayMs } : {}
+  });
+}
+async function scroll(runtimeSessionId, x, y, deltaX, deltaY) {
+  const k = client();
+  await k.browsers.computer.scroll(runtimeSessionId, { x, y, delta_x: deltaX, delta_y: deltaY });
+}
+async function pressKeys(runtimeSessionId, keys) {
+  const k = client();
+  await k.browsers.computer.pressKey(runtimeSessionId, { keys });
+}
+async function goto(cdpWsUrl, url) {
+  const browser = await playwrightChromium.connectOverCDP(cdpWsUrl);
+  try {
+    const context = browser.contexts()[0] ?? await browser.newContext();
+    const page = context.pages()[0] ?? await context.newPage();
+    await page.goto(url, { waitUntil: "domcontentloaded", timeout: 45e3 });
+    return { url: page.url(), title: await page.title() };
+  } finally {
+    await browser.close().catch(() => {
+    });
+  }
+}
+async function readPage(cdpWsUrl) {
+  const browser = await playwrightChromium.connectOverCDP(cdpWsUrl);
+  try {
+    const context = browser.contexts()[0] ?? await browser.newContext();
+    const page = context.pages()[0] ?? await context.newPage();
+    const url = page.url();
+    const title = await page.title().catch(() => "");
+    const data = await page.evaluate(() => {
+      const SEL = 'a[href], button, input, textarea, select, [role="button"], [role="link"], [role="tab"], [onclick]';
+      const out = [];
+      const nodes = Array.from(document.querySelectorAll(SEL)).slice(0, 120);
+      for (const el2 of nodes) {
+        const r = el2.getBoundingClientRect();
+        if (r.width < 1 || r.height < 1) continue;
+        if (r.bottom < 0 || r.top > window.innerHeight) continue;
+        const e = el2;
+        const name = (e.getAttribute("aria-label") || e.placeholder || e.innerText || e.getAttribute("value") || e.getAttribute("title") || "").trim().replace(/\s+/g, " ").slice(0, 80);
+        out.push({
+          role: el2.getAttribute("role") || el2.tagName.toLowerCase(),
+          name,
+          x: Math.round(r.left + r.width / 2),
+          y: Math.round(r.top + r.height / 2)
+        });
+      }
+      const text = (document.body?.innerText || "").replace(/\n{3,}/g, "\n\n").trim().slice(0, 6e3);
+      return { text, els: out };
+    });
+    return {
+      url,
+      title,
+      text: data.text,
+      elements: data.els.map((e, i) => ({ ref: i + 1, role: e.role, name: e.name, x: e.x, y: e.y }))
+    };
+  } finally {
+    await browser.close().catch(() => {
+    });
+  }
+}
+async function replayStart(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.replays.start(runtimeSessionId);
+  return { replayId: res.replay_id, viewUrl: res.replay_view_url ?? null };
+}
+async function replayStop(runtimeSessionId, replayId) {
+  const k = client();
+  await k.browsers.replays.stop(replayId, { id: runtimeSessionId });
+}
+async function replayDownload(runtimeSessionId, replayId) {
+  const k = client();
+  return k.browsers.replays.download(replayId, { id: runtimeSessionId });
+}
+async function replayList(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.replays.list(runtimeSessionId);
+  return res.map((r) => ({
+    replayId: r.replay_id,
+    viewUrl: r.replay_view_url ?? null,
+    startedAt: r.started_at ?? null,
+    finishedAt: r.finished_at ?? null
+  }));
+}
+// src/api/browser-agent-routes.ts
+var auth = createApiKeyAuth();
+async function charge(sessionId, userId, startedAtMs) {
+  const elapsedMs = Date.now() - startedAtMs;
+  const { active_ms, billed_mc } = await addActiveMs(sessionId, elapsedMs);
+  const owed = browserActiveCostMc(active_ms);
+  const delta = owed - billed_mc;
+  if (delta > 0) {
+    const res = await debitMc(userId, delta, LedgerOperation.BROWSER_SESSION, sessionId);
+    if (res.ok) await setBilledMc(sessionId, owed);
+  }
+}
+function publicSession(row) {
+  return {
+    session_id: row.id,
+    status: row.status,
+    label: row.label,
+    live_view_url: row.live_view_url,
+    created_at: row.created_at,
+    last_action_at: row.last_action_at,
+    closed_at: row.closed_at,
+    active_seconds: Math.round((row.active_ms ?? 0) / 1e3),
+    credits_used: Math.round((row.billed_mc ?? 0) / 10) / 100
+  };
+}
+function failure(err) {
+  const msg = err instanceof Error ? err.message : String(err);
+  return { error: sanitizeVendorName(msg) };
+}
+function replayDownloadUrl(sessionId, replayId) {
+  return `/agent/sessions/${encodeURIComponent(sessionId)}/replays/${encodeURIComponent(replayId)}/download`;
+}
+function replayFilename(sessionId, replayId) {
+  const safeSession = sessionId.replace(/[^a-zA-Z0-9_-]/g, "-").slice(0, 80);
+  const safeReplay = replayId.replace(/[^a-zA-Z0-9_-]/g, "-").slice(0, 120);
+  return `${safeSession}-${safeReplay}.mp4`;
+}
+async function loadOpenSession(id, userId) {
+  const row = await getSessionRow(id);
+  if (!row) return null;
+  if (row.user_id != null && row.user_id !== userId) return null;
+  return row;
+}
+function buildBrowserAgentRoutes() {
+  const app2 = new Hono9();
+  app2.use("*", async (c, next) => {
+    await migrateBrowserAgent();
+    return next();
+  });
+  app2.use("*", auth);
+  app2.post("/sessions", async (c) => {
+    const user = c.get("user");
+    if (Number(user.balance_mc ?? 0) < BROWSER_OPEN_MIN_BALANCE_MC) {
+      return c.json(insufficientBalanceResponse(Number(user.balance_mc ?? 0), BROWSER_OPEN_MIN_BALANCE_MC), 402);
+    }
+    const body = await c.req.json().catch(() => ({}));
+    try {
+      const created = await createSession({
+        timeoutSeconds: typeof body.timeout_seconds === "number" ? body.timeout_seconds : void 0,
+        proxyId: typeof body.proxy_id === "string" ? body.proxy_id : void 0,
+        profileName: typeof body.profile === "string" ? body.profile : void 0,
+        disableDefaultProxy: body.disable_default_proxy === true,
+        viewport: body.viewport && typeof body.viewport === "object" ? body.viewport : void 0
+      });
+      const row = await createSessionRow({
+        runtimeSessionId: created.runtimeSessionId,
+        liveViewUrl: created.liveViewUrl,
+        cdpWsUrl: created.cdpWsUrl,
+        label: typeof body.label === "string" ? body.label : null,
+        userId: user.id
+      });
+      return c.json({ ...publicSession(row), watch_url: `/console/${row.id}` });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.get("/sessions", async (c) => {
+    const user = c.get("user");
+    const includeClosed = c.req.query("all") === "1";
+    const rows = await listSessionRows(user.id, includeClosed);
+    return c.json({ sessions: rows.map(publicSession) });
+  });
+  app2.get("/sessions/:id", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    return c.json({ ...publicSession(row), watch_url: `/console/${row.id}` });
+  });
+  app2.get("/sessions/:id/live-view", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    return c.json({ live_view_url: row.live_view_url });
+  });
+  app2.delete("/sessions/:id", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    try {
+      await closeSession(row.runtime_session_id);
+    } catch {
+    }
+    await markSessionClosed(row.id);
+    return c.json({ ok: true });
+  });
+  app2.post("/sessions/:id/goto", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const url = typeof body.url === "string" ? body.url : "";
+    if (!url) return c.json({ error: "url is required" }, 400);
+    const t0 = Date.now();
+    try {
+      const result = await goto(row.cdp_ws_url, url);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "goto", params: { url }, ok: true });
+      return c.json(result);
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "goto", params: { url }, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/screenshot", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const t0 = Date.now();
+    try {
+      const shot = await screenshot(row.runtime_session_id);
+      let page = null;
+      try {
+        page = await readPage(row.cdp_ws_url);
+      } catch {
+        page = null;
+      }
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "screenshot", params: null, ok: true });
+      return c.json({
+        image_base64: shot.base64,
+        mime_type: shot.mimeType,
+        url: page?.url ?? null,
+        title: page?.title ?? null,
+        elements: page?.elements ?? [],
+        text: page?.text ?? null
+      });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "screenshot", params: null, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/read", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const t0 = Date.now();
+    try {
+      const page = await readPage(row.cdp_ws_url);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "read", params: null, ok: true });
+      return c.json(page);
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/click", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const x = Number(body.x);
+    const y = Number(body.y);
+    if (!Number.isFinite(x) || !Number.isFinite(y)) return c.json({ error: "x and y are required" }, 400);
+    const t0 = Date.now();
+    try {
+      await click(row.runtime_session_id, x, y, {
+        button: body.button === "right" || body.button === "middle" ? body.button : "left",
+        numClicks: typeof body.num_clicks === "number" ? body.num_clicks : void 0
+      });
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "click", params: { x, y }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "click", params: { x, y }, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/type", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const text = typeof body.text === "string" ? body.text : "";
+    if (!text) return c.json({ error: "text is required" }, 400);
+    const t0 = Date.now();
+    try {
+      await typeText(row.runtime_session_id, text, typeof body.delay === "number" ? body.delay : void 0);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "type", params: { length: text.length }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/scroll", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const x = typeof body.x === "number" ? body.x : 640;
+    const y = typeof body.y === "number" ? body.y : 400;
+    const deltaX = typeof body.delta_x === "number" ? body.delta_x : 0;
+    const deltaY = typeof body.delta_y === "number" ? body.delta_y : 5;
+    const t0 = Date.now();
+    try {
+      await scroll(row.runtime_session_id, x, y, deltaX, deltaY);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "scroll", params: { deltaX, deltaY }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/press", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const keys = Array.isArray(body.keys) ? body.keys.map(String) : [];
+    if (!keys.length) return c.json({ error: "keys is required" }, 400);
+    const t0 = Date.now();
+    try {
+      await pressKeys(row.runtime_session_id, keys);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "press", params: { keys }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/replay/start", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    try {
+      const started = await replayStart(row.runtime_session_id);
+      await recordReplayStart({
+        sessionId: row.id,
+        replayId: started.replayId,
+        viewUrl: started.viewUrl,
+        label: typeof body.label === "string" ? body.label : null
+      });
+      return c.json({
+        replay_id: started.replayId,
+        view_url: started.viewUrl,
+        download_url: replayDownloadUrl(row.id, started.replayId)
+      });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/replay/stop", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const replayId = typeof body.replay_id === "string" ? body.replay_id : "";
+    if (!replayId) return c.json({ error: "replay_id is required" }, 400);
+    try {
+      await replayStop(row.runtime_session_id, replayId);
+      let viewUrl = null;
+      try {
+        const all = await replayList(row.runtime_session_id);
+        viewUrl = all.find((r) => r.replayId === replayId)?.viewUrl ?? null;
+      } catch {
+        viewUrl = null;
+      }
+      await recordReplayStop(replayId, viewUrl);
+      return c.json({
+        ok: true,
+        replay_id: replayId,
+        view_url: viewUrl,
+        download_url: replayDownloadUrl(row.id, replayId)
+      });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.get("/sessions/:id/replays", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const rows = await listReplayRows(row.id);
+    return c.json({
+      replays: rows.map((r) => ({
+        replay_id: r.replay_id,
+        view_url: r.view_url,
+        download_url: replayDownloadUrl(row.id, r.replay_id),
+        label: r.label,
+        started_at: r.started_at,
+        stopped_at: r.stopped_at
+      }))
+    });
+  });
+  app2.get("/sessions/:id/replays/:replayId/download", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const replayId = c.req.param("replayId");
+    const rows = await listReplayRows(row.id);
+    if (!rows.some((r) => r.replay_id === replayId)) return c.json({ error: "replay not found" }, 404);
+    try {
+      const res = await replayDownload(row.runtime_session_id, replayId);
+      if (!res.ok) return c.json({ error: `replay download failed (${res.status})` }, res.status);
+      return new Response(res.body, {
+        status: 200,
+        headers: {
+          "Content-Type": res.headers.get("content-type") ?? "video/mp4",
+          "Content-Disposition": `attachment; filename="${replayFilename(row.id, replayId)}"`,
+          "Cache-Control": "private, max-age=300"
+        }
+      });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  return app2;
+}
+// src/api/browser-agent-console.ts
+function renderConsoleHtml(initialSessionId) {
+  const initial = JSON.stringify(initialSessionId ?? "");
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8" />
+<meta name="viewport" content="width=device-width, initial-scale=1.0" />
+<title>Browser Agent Console</title>
+<style>
+  :root { color-scheme: dark; }
+  :where(*) { box-sizing: border-box; }
+  body { margin: 0; font: 14px/1.5 ui-sans-serif, system-ui, -apple-system, sans-serif; background: #0b0e14; color: #d7dce5; }
+  header { display: flex; align-items: center; gap: 12px; padding: 10px 16px; border-bottom: 1px solid #1c2230; background: #0f131c; }
+  header h1 { font-size: 15px; margin: 0; font-weight: 600; color: #fff; letter-spacing: .2px; }
+  header .spacer { flex: 1; }
+  input, button, select { font: inherit; }
+  input[type=text], input[type=password], input[type=url] { background: #141925; border: 1px solid #232b3a; color: #e6eaf2; border-radius: 7px; padding: 7px 10px; }
+  button { background: #2b6cff; border: 0; color: #fff; border-radius: 7px; padding: 7px 12px; cursor: pointer; font-weight: 500; }
+  button.ghost { background: #1a2030; color: #cdd5e4; border: 1px solid #28303f; }
+  button.linkish { background: transparent; color: #7aa2ff; border: 0; padding: 0; font-size: 13px; font-weight: 500; }
+  button:disabled { opacity: .5; cursor: default; }
+  .layout { display: grid; grid-template-columns: 280px 1fr; height: calc(100vh - 53px); }
+  aside { border-right: 1px solid #1c2230; overflow-y: auto; padding: 12px; }
+  aside h2 { font-size: 11px; text-transform: uppercase; letter-spacing: .08em; color: #6b7689; margin: 4px 4px 10px; }
+  .sess { padding: 9px 10px; border-radius: 8px; border: 1px solid #1c2230; margin-bottom: 8px; cursor: pointer; }
+  .sess:hover { border-color: #2b6cff; }
+  .sess.active { border-color: #2b6cff; background: #131b2e; }
+  .sess .id { font-family: ui-monospace, monospace; font-size: 12px; color: #aeb8cc; }
+  .sess .meta { font-size: 11px; color: #6b7689; margin-top: 3px; }
+  .dot { display: inline-block; width: 7px; height: 7px; border-radius: 50%; margin-right: 5px; }
+  .dot.open { background: #36d399; } .dot.closed { background: #5a6677; }
+  main { display: flex; flex-direction: column; overflow: hidden; }
+  .toolbar { display: flex; align-items: center; gap: 10px; padding: 10px 16px; border-bottom: 1px solid #1c2230; }
+  .toolbar label { font-size: 13px; color: #aeb8cc; display: flex; align-items: center; gap: 6px; }
+  .stage { flex: 1; position: relative; background: #05070b; overflow: auto; }
+  .stage iframe { width: 100%; height: 100%; border: 0; display: block; }
+  .empty { display: flex; align-items: center; justify-content: center; height: 100%; color: #5a6677; flex-direction: column; gap: 10px; }
+  .replays { border-top: 1px solid #1c2230; padding: 10px 16px; max-height: 200px; overflow-y: auto; }
+  .replays h3 { font-size: 11px; text-transform: uppercase; letter-spacing: .08em; color: #6b7689; margin: 0 0 8px; }
+  .replay { display: flex; align-items: center; gap: 10px; padding: 6px 0; font-size: 13px; }
+  .replay a { color: #7aa2ff; }
+  .gate { max-width: 380px; margin: 80px auto; padding: 24px; border: 1px solid #1c2230; border-radius: 12px; background: #0f131c; }
+  .gate h2 { margin: 0 0 6px; font-size: 16px; color: #fff; }
+  .gate p { color: #8893a7; margin: 0 0 16px; }
+  .gate input { width: 100%; margin-bottom: 12px; }
+  .gate button { width: 100%; }
+  .muted { color: #6b7689; font-size: 12px; }
+</style>
+</head>
+<body>
+<div id="app"></div>
+<script>
+const INITIAL_SESSION = ${initial};
+const KEY_STORE = 'browser_agent_api_key';
+let state = { key: localStorage.getItem(KEY_STORE) || '', sessions: [], current: INITIAL_SESSION || null, readOnly: true, liveUrl: null, replays: [] };
+function api(method, path, body) {
+  return fetch('/agent' + path, {
+    method,
+    headers: { 'Content-Type': 'application/json', 'x-api-key': state.key },
+    body: body ? JSON.stringify(body) : undefined,
+  }).then(async r => ({ ok: r.ok, data: await r.json().catch(() => ({})) }));
+}
+async function refreshSessions() {
+  const r = await api('GET', '/sessions?all=1');
+  if (r.ok) { state.sessions = r.data.sessions || []; render(); }
+}
+async function selectSession(id) {
+  state.current = id; state.liveUrl = null; state.replays = [];
+  history.replaceState(null, '', '/console/' + id);
+  render();
+  const live = await api('GET', '/sessions/' + id + '/live-view');
+  state.liveUrl = live.ok ? live.data.live_view_url : null;
+  const reps = await api('GET', '/sessions/' + id + '/replays');
+  state.replays = reps.ok ? (reps.data.replays || []) : [];
+  render();
+}
+async function openSession() {
+  const r = await api('POST', '/sessions', { label: 'console' });
+  if (r.ok) { await refreshSessions(); selectSession(r.data.session_id); }
+  else alert('Open failed: ' + JSON.stringify(r.data));
+}
+async function closeCurrent() {
+  if (!state.current) return;
+  await api('DELETE', '/sessions/' + state.current);
+  await refreshSessions();
+}
+async function downloadReplay(replayId) {
+  if (!state.current || !replayId) return;
+  const res = await fetch('/agent/sessions/' + encodeURIComponent(state.current) + '/replays/' + encodeURIComponent(replayId) + '/download', {
+    headers: { 'x-api-key': state.key },
+  });
+  if (!res.ok) {
+    alert('Replay download failed: ' + await res.text());
+    return;
+  }
+  const blob = await res.blob();
+  const url = URL.createObjectURL(blob);
+  const a = document.createElement('a');
+  a.href = url;
+  a.download = state.current + '-' + replayId + '.mp4';
+  document.body.appendChild(a);
+  a.click();
+  a.remove();
+  URL.revokeObjectURL(url);
+}
+function frameSrc() {
+  if (!state.liveUrl) return null;
+  const sep = state.liveUrl.includes('?') ? '&' : '?';
+  return state.readOnly ? state.liveUrl + sep + 'readOnly=true' : state.liveUrl;
+}
+function saveKey(v) { state.key = v.trim(); localStorage.setItem(KEY_STORE, state.key); render(); if (state.key) { refreshSessions(); if (state.current) selectSession(state.current); } }
+function h(html) { const t = document.createElement('template'); t.innerHTML = html.trim(); return t.content.firstChild; }
+function esc(s) { return String(s == null ? '' : s).replace(/[&<>"]/g, c => ({ '&': '&amp;', '<': '&lt;', '>': '&gt;', '"': '&quot;' }[c])); }
+function render() {
+  const app = document.getElementById('app');
+  app.innerHTML = '';
+  if (!state.key) {
+    app.appendChild(h('<div class="gate"><h2>Browser Agent Console</h2><p>Paste your API key to watch and control browser sessions.</p><input id="k" type="password" placeholder="API key" /><button id="kb">Continue</button></div>'));
+    document.getElementById('kb').onclick = () => saveKey(document.getElementById('k').value);
+    document.getElementById('k').onkeydown = e => { if (e.key === 'Enter') saveKey(e.target.value); };
+    return;
+  }
+  const header = h('<header><h1>Browser Agent</h1><span class="muted">live control + replays</span><span class="spacer"></span><button id="open">+ New Session</button><button class="ghost" id="logout">Forget key</button></header>');
+  app.appendChild(header);
+  document.getElementById('open').onclick = openSession;
+  document.getElementById('logout').onclick = () => saveKey('');
+  const layout = h('<div class="layout"></div>');
+  const aside = h('<aside><h2>Sessions</h2></aside>');
+  if (!state.sessions.length) aside.appendChild(h('<div class="muted" style="padding:4px">No sessions yet.</div>'));
+  for (const s of state.sessions) {
+    const el = h('<div class="sess ' + (s.session_id === state.current ? 'active' : '') + '"><div class="id">' + esc(s.session_id) + '</div><div class="meta"><span class="dot ' + esc(s.status) + '"></span>' + esc(s.status) + (s.label ? ' \xB7 ' + esc(s.label) : '') + '</div></div>');
+    el.onclick = () => selectSession(s.session_id);
+    aside.appendChild(el);
+  }
+  layout.appendChild(aside);
+  const main = h('<main></main>');
+  if (!state.current) {
+    main.appendChild(h('<div class="empty"><div>Select or open a session to watch.</div></div>'));
+  } else {
+    const tb = h('<div class="toolbar"><label><input type="checkbox" id="ro" ' + (state.readOnly ? 'checked' : '') + ' /> Read-only (uncheck to take control)</label><span class="spacer"></span><button class="ghost" id="reload">Reload view</button><button class="ghost" id="close">Close session</button></div>');
+    main.appendChild(tb);
+    const stage = h('<div class="stage"></div>');
+    const src = frameSrc();
+    if (src) {
+      const f = h('<iframe allow="autoplay; clipboard-read; clipboard-write" src="' + esc(src) + '"></iframe>');
+      stage.appendChild(f);
+    } else {
+      stage.appendChild(h('<div class="empty"><div>Live view unavailable for this session.</div><div class="muted">It may be closed or still starting.</div></div>'));
+    }
+    main.appendChild(stage);
+    const rep = h('<div class="replays"><h3>Replays</h3></div>');
+    if (!state.replays.length) rep.appendChild(h('<div class="muted">No replays recorded.</div>'));
+    for (const r of state.replays) {
+      const status = r.stopped_at ? 'ready' : 'recording...';
+      const link = r.view_url ? '<a href="' + esc(r.view_url) + '" target="_blank" rel="noopener">view mp4</a>' : '<span class="muted">' + status + '</span>';
+      const download = r.stopped_at ? '<button class="linkish replay-download" data-rid="' + esc(r.replay_id) + '">download mp4</button>' : '';
+      rep.appendChild(h('<div class="replay"><span class="muted">' + esc(r.started_at || '') + '</span><span class="spacer"></span>' + link + download + '</div>'));
+    }
+    main.appendChild(rep);
+    layout.appendChild(main);
+  }
+  app.appendChild(layout);
+  const ro = document.getElementById('ro');
+  if (ro) ro.onchange = e => { state.readOnly = e.target.checked; render(); };
+  const reload = document.getElementById('reload');
+  if (reload) reload.onclick = () => selectSession(state.current);
+  const close = document.getElementById('close');
+  if (close) close.onclick = closeCurrent;
+  document.querySelectorAll('.replay-download').forEach(btn => {
+    btn.onclick = () => downloadReplay(btn.getAttribute('data-rid'));
+  });
+}
+render();
+if (state.key) { refreshSessions(); if (state.current) selectSession(state.current); }
+</script>
+</body>
+</html>`;
+}
 // src/api/stripe-routes.ts
 import Stripe from "stripe";
-import { Hono as Hono8 } from "hono";
+import { Hono as Hono10 } from "hono";
 var stripe = new Stripe(process.env.STRIPE_SECRET_KEY, { apiVersion: "2026-02-25.clover" });
-var stripeApp = new Hono8();
+var stripeApp = new Hono10();
 stripeApp.post("/webhooks", async (c) => {
   const sig = c.req.header("stripe-signature");
   const body = await c.req.text();
@@ -11051,27 +12508,27 @@ import { getCookie, setCookie, deleteCookie } from "hono/cookie";
 import Stripe2 from "stripe";
 // src/api/billing-schemas.ts
-import { z as z16 } from "zod";
-var BillingCheckoutBodySchema = z16.object({
-  priceId: z16.string().min(1)
+import { z as z17 } from "zod";
+var BillingCheckoutBodySchema = z17.object({
+  priceId: z17.string().min(1)
 });
-var FreeCreditBreakdownSchema = z16.object({
-  signup_grant_mc: z16.number().int().nonnegative(),
-  monthly_refresh_mc: z16.number().int().nonnegative(),
-  total_free_mc: z16.number().int().nonnegative(),
-  signup_grant_credits: z16.number().nonnegative(),
-  monthly_refresh_credits: z16.number().nonnegative(),
-  total_free_credits: z16.number().nonnegative()
+var FreeCreditBreakdownSchema = z17.object({
+  signup_grant_mc: z17.number().int().nonnegative(),
+  monthly_refresh_mc: z17.number().int().nonnegative(),
+  total_free_mc: z17.number().int().nonnegative(),
+  signup_grant_credits: z17.number().nonnegative(),
+  monthly_refresh_credits: z17.number().nonnegative(),
+  total_free_credits: z17.number().nonnegative()
 });
-var BillingBalanceResponseSchema = z16.object({
-  balance_mc: z16.number().int().nonnegative(),
-  balance_credits: z16.number().nonnegative(),
+var BillingBalanceResponseSchema = z17.object({
+  balance_mc: z17.number().int().nonnegative(),
+  balance_credits: z17.number().nonnegative(),
   free_credits: FreeCreditBreakdownSchema,
-  ledger: z16.array(z16.any())
+  ledger: z17.array(z17.any())
 });
-var MonthlyRefreshSweepResultSchema = z16.object({
-  usersRefreshed: z16.number().int().nonnegative(),
-  totalMcGranted: z16.number().int().nonnegative()
+var MonthlyRefreshSweepResultSchema = z17.object({
+  usersRefreshed: z17.number().int().nonnegative(),
+  totalMcGranted: z17.number().int().nonnegative()
 });
 // src/api/credit-operations.ts
@@ -11253,7 +12710,7 @@ var requireAllowedOrigin = createMiddleware3(async (c, next) => {
   if (!configuredOrigins().has(origin)) return c.json({ error: "Origin not allowed" }, 403);
   return next();
 });
-var auth = createMiddleware3(async (c, next) => {
+var auth2 = createMiddleware3(async (c, next) => {
   const key = c.req.header("x-api-key");
   if (!key) return c.json({ error: "Missing API key" }, 401);
   const user = await getUserByApiKey(key);
@@ -11282,7 +12739,7 @@ var sessionAuth = createMiddleware3(async (c, next) => {
   c.set("sessionUser", { ...refreshed, balance_mc: balanceMc });
   return next();
 });
-var app = new Hono9();
+var app = new Hono11();
 var STRIPE_API_VERSION = "2026-02-25.clover";
 function requireStripeSecret() {
   const secret2 = process.env.STRIPE_SECRET_KEY?.trim();
@@ -11492,7 +12949,7 @@ async function checkHarvestLimits(userId, email, extraSlots = 0) {
   if (active >= limit) return { error: `You have ${active} job${active !== 1 ? "s" : ""} running. Your account allows ${limit} concurrent job${limit !== 1 ? "s" : ""}. Wait for one to finish or add a concurrency slot at mcpscraper.dev/billing.` };
   return null;
 }
-app.post("/harvest", auth, async (c) => {
+app.post("/harvest", auth2, async (c) => {
   const user = c.get("user");
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = HarvestBodySchema.safeParse(raw);
@@ -11534,7 +12991,7 @@ app.post("/harvest", auth, async (c) => {
   }
   return c.json({ job_id: jobId, status: "pending" }, 202);
 });
-app.post("/harvest/sync", auth, async (c) => {
+app.post("/harvest/sync", auth2, async (c) => {
   const user = c.get("user");
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = HarvestBodySchema.safeParse(raw);
@@ -11599,17 +13056,17 @@ app.post("/harvest/sync", auth, async (c) => {
     return c.json({ job_id: jobId, status: "failed", ...response, attempts: sanitizeAttempts(attempts) }, problem.httpStatus);
   }
 });
-app.get("/jobs/:id", auth, async (c) => {
+app.get("/jobs/:id", auth2, async (c) => {
   const job = await getJob(c.req.param("id"), c.get("user").id);
   if (!job) return c.json({ error: "Job not found" }, 404);
   const attempts = await listHarvestAttempts(job.id, c.get("user").id);
   const safeResult = job.result && typeof job.result === "object" ? sanitizeHarvestResult(job.result) : job.result;
   return c.json({ ...job, result: safeResult, attempts: sanitizeAttempts(attempts) });
 });
-app.get("/jobs", auth, async (c) => {
+app.get("/jobs", auth2, async (c) => {
   return c.json(await listJobs(c.get("user").id));
 });
-app.get("/history", auth, async (c) => {
+app.get("/history", auth2, async (c) => {
   const userId = c.get("user").id;
   const [jobs, events] = await Promise.all([
     listJobs(userId),
@@ -11639,7 +13096,7 @@ app.get("/history", auth, async (c) => {
   const rows = [...jobRows, ...eventRows].sort((a, b) => String(b.ts).localeCompare(String(a.ts)));
   return c.json(rows.slice(0, 100));
 });
-app.get("/ledger", auth, async (c) => {
+app.get("/ledger", auth2, async (c) => {
   return c.json(await getLedger(c.get("user").id, 100));
 });
 app.post("/admin/users", adminAuth, async (c) => {
@@ -11677,11 +13134,11 @@ app.post("/admin/backfill-signup-credits", adminAuth, async (c) => {
   }
   return c.json({ processed, credited, skipped, users_credited });
 });
-app.post("/extract-url", auth, async (c) => {
+app.post("/extract-url", auth2, async (c) => {
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = ExtractUrlBodySchema.safeParse(raw);
   if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
-  const { url, screenshot, screenshotDevice, extractBranding, downloadMedia, mediaTypes, allowLocal } = bodyResult.data;
+  const { url, screenshot: screenshot2, screenshotDevice, extractBranding, downloadMedia, mediaTypes, allowLocal } = bodyResult.data;
   if (!allowLocal) {
     const checked = await validatePublicHttpUrl(url, { field: "URL" });
     if (checked.error || !checked.parsed) return c.json({ error: checked.error ?? "Invalid URL" }, 400);
@@ -11707,7 +13164,7 @@ app.post("/extract-url", auth, async (c) => {
     const device = screenshotDevice === "mobile" ? "mobile" : "desktop";
     const [result, pageData] = await Promise.all([
       extractKpo({ url: canonicalUrl, kernelApiKey }),
-      screenshot || extractBranding ? capturePageData(canonicalUrl, { kernelApiKey, device, screenshot: !!screenshot, branding: !!extractBranding }).catch(() => null) : null
+      screenshot2 || extractBranding ? capturePageData(canonicalUrl, { kernelApiKey, device, screenshot: !!screenshot2, branding: !!extractBranding }).catch(() => null) : null
     ]);
     const screenshotBuf = pageData?.screenshot ?? null;
     const brandingData = pageData?.branding ?? null;
@@ -11725,7 +13182,7 @@ app.post("/extract-url", auth, async (c) => {
     return c.json({ error: msg }, 500);
   }
 });
-app.post("/map-urls", auth, async (c) => {
+app.post("/map-urls", auth2, async (c) => {
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = MapUrlsBodySchema.safeParse(raw);
   if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
@@ -11765,7 +13222,7 @@ app.post("/map-urls", auth, async (c) => {
     return c.json({ error: msg }, 500);
   }
 });
-app.post("/extract-site", auth, async (c) => {
+app.post("/extract-site", auth2, async (c) => {
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = ExtractSiteBodySchema.safeParse(raw);
   if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
@@ -11887,7 +13344,7 @@ app.post("/billing/concurrency/cancel", requireAllowedOrigin, sessionAuth, async
   await setConcurrencySubId(user.id, null);
   return c.json({ ok: true, concurrency_limit: user.extra_concurrency_slots });
 });
-app.get("/billing/balance", auth, async (c) => {
+app.get("/billing/balance", auth2, async (c) => {
   const user = c.get("user");
   const balanceMc = await reconcileBalanceMc(user.id);
   const ledger = await getLedger(user.id, 20);
@@ -11899,7 +13356,7 @@ app.get("/billing/balance", auth, async (c) => {
     ledger
   });
 });
-app.post("/billing/credits", auth, async (c) => {
+app.post("/billing/credits", auth2, async (c) => {
   const user = c.get("user");
   const balanceMc = await reconcileBalanceMc(user.id);
   const body = await c.req.json().catch(() => ({}));
@@ -11928,7 +13385,7 @@ app.get("/cron/tick", async (c) => {
   if (!process.env.CRON_SECRET || secret2 !== `Bearer ${process.env.CRON_SECRET}`) {
     return c.json({ error: "Unauthorized" }, 401);
   }
-  const { drainQueue } = await import("./worker-AUCXFHEL.js");
+  const { drainQueue } = await import("./worker-NAKGTIF5.js");
   const budget = { maxJobs: 10, deadlineMs: Date.now() + 28e4 };
   const [results, sweepResult] = await Promise.all([
     drainQueue(budget),
@@ -11942,8 +13399,12 @@ app.route("/youtube", youtubeApp);
 app.route("/screenshot", screenshotApp);
 app.route("/facebook", facebookAdApp);
 app.route("/maps", mapsApp);
+app.route("/directory", directoryApp);
 app.route("/serp-intelligence", serpIntelligenceApp);
 app.route("/mcp", mcpApp);
+app.route("/agent", buildBrowserAgentRoutes());
+app.get("/console", (c) => c.html(renderConsoleHtml()));
+app.get("/console/:id", (c) => c.html(renderConsoleHtml(c.req.param("id"))));
 app.route("/stripe", stripeApp);
 if (!process.env.INNGEST_EVENT_KEY) {
   startSiteAuditWorker();
@@ -12050,4 +13511,4 @@ app.get("/blog/:slug/", (c) => {
 export {
   app
 };
-//# sourceMappingURL=server-MTXAJG5J.js.map
+//# sourceMappingURL=server-CJMX2QUM.js.map